diff --git a/conf/app.ini b/conf/app.ini index 5a08d74..24acd81 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -8,7 +8,7 @@ RUN_MODE = prod [server] PROTOCOL = http DOMAIN = __DOMAIN__ -ROOT_URL = https://__URL__/ +ROOT_URL = https://__DOMAIN____PATH__ HTTP_ADDR = 0.0.0.0 HTTP_PORT = __PORT__ ; Permission for unix socket @@ -69,7 +69,7 @@ LANDING_PAGE = explore [repository] ; Root path for storing repositories's data, default is "~//gogs-repositories" -ROOT = __REPOS_PATH__ +ROOT = __REPO_PATH__ ; The script type server supports, sometimes could be "sh" SCRIPT_TYPE = bash ; Default ANSI charset for an unrecognized charset @@ -164,7 +164,7 @@ DB_TYPE = mysql HOST = 127.0.0.1:3306 NAME = __DB_USER__ USER = __DB_USER__ -PASSWD = __DB_PASSWORD__ +PASSWD = __DB_PPWD__ ; For "postgres" only, either "disable", "require" or "verify-full" SSL_MODE = disable ; For "sqlite3" and "tidb", use absolute path when you start as service @@ -177,7 +177,7 @@ DISABLE_REGULAR_ORG_CREATION = false [security] INSTALL_LOCK = true ; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!! -SECRET_KEY = __KEY__ +SECRET_KEY = __SECRET_KEY__ ; Auto-login remember days LOGIN_REMEMBER_DAYS = 7 COOKIE_USERNAME = gogs_awesome diff --git a/doc/.gitkeep b/doc/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..d97cd8d --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,42 @@ +> :warning: **Note that this package will not be longer be maintened by the actual maintener. +> The idea is to migrate to [gitea](https://github.com/YunoHost-Apps/gitea_ynh) which is more featured.** + +For the old install you can migrate to gitea easly by juste upgrading your actuall gogs instance with the gitea source by this command: +``` +sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/gitea_ynh gogs +``` +**Note that this command contains some risk of data lost. So it's important to make a backup of the app before the install.** +To make a backup you can use this command: +``` +sudo yunohost backup create --debug --apps gogs +``` + +For the new install just install gitea by this command: +``` +sudo yunohost app install -l Gitea https://github.com/YunoHost-Apps/gitea_ynh +``` + +## Notes on SSH usage +If you want to use Gogs with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gogs: + +```bash +PubkeyAuthentication yes +AuthorizedKeysFile %h/.ssh/authorized_keys +ChallengeResponseAuthentication no +PasswordAuthentication no +UsePAM no +``` + +You also need to add your public key to your Gogs profile. + +If you use ssh on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`: + +```bash +Host domain.tld + port 2222 # change this with the port you use +``` + +## Info on upgrading from the old package version (gogs <0.9.xx) +Previous versions of this package used to build Gogs from sources instead of using the pre-compiled binary. It also left data in many places which was not good. The upgrade tries to take care of moving everything to the right place **BUT it's strongly advised to do a backup of your repositories and of the Gogs directory before the update**. Your avatars and issue attachments files may be lost in the process. + +Also, in some cases, Gogs will not restart properly during the update. If so, you can rerun the update safely or try to start Gogs with `sudo systemctl restart gogs.service`. diff --git a/doc/screenshots/.gitkeep b/doc/screenshots/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/screenshots/screenshot.png b/doc/screenshots/screenshot.png new file mode 100644 index 0000000..4f5a87d Binary files /dev/null and b/doc/screenshots/screenshot.png differ diff --git a/manifest.json b/manifest.json index 6d97a88..106a3e2 100644 --- a/manifest.json +++ b/manifest.json @@ -6,9 +6,17 @@ "en": "Lightweight Git forge", "fr": "Forge Git légère" }, - "url": "http://gogs.io", - "license": "MIT", "version": "0.11.66~ynh2", + "url": "http://gogs.io", + "upstream": { + "license": "MIT", + "website": "http://gogs.io", + "demo": "https://try.gogs.io/user/login", + "admindoc": "https://yunohost.org/packaging_apps", + "userdoc": "https://yunohost.org/apps", + "code": "https://github.com/gogs/gogs" + }, + "license": "MIT", "maintainer": { "name": "Josué Tille", "email": "josue@tille.ch" @@ -17,51 +25,35 @@ "name": "tostaki", "email": "maxime@max.privy.place" }, + "requirements": { + "yunohost": ">= 4.1.3" + }, "multi_instance": true, "services": [ "nginx", "mysql" ], - "requirements": { - "yunohost": ">= 3.8.1" - }, "arguments": { "install" : [ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain for Gogs", - "fr": "Choisissez un domaine pour Gogs" - }, - "example": "domain.org" + "example": "example.com" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for Gogs", - "fr": "Choisissez un chemin pour Gogs" - }, "example": "/gogs", "default": "/gogs" }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose the Gogs administrator (must be an existing YunoHost user)", - "fr": "Choisissez l'administrateur de Gogs (doit être un utilisateur YunoHost existant)" - }, "example": "johndoe" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Is it a public site?", - "fr": "Est-ce un site public ?" - }, "default": true } ] diff --git a/scripts/_common.sh b/scripts/_common.sh index 38d9424..91e6067 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,108 +1,18 @@ -#================================================= -# SET ALL CONSTANTS -#================================================= - -app=$YNH_APP_INSTANCE_NAME -dbname=$app -dbuser=$app -final_path="/opt/$app" -DATADIR="/home/$app" -REPO_PATH="$DATADIR/repositories" -DATA_PATH="$DATADIR/data" - -# Detect the system architecture to download the right tarball -# NOTE: `uname -m` is more accurate and universal than `arch` -# See https://en.wikipedia.org/wiki/Uname -if [ -n "$(uname -m | grep 64)" ]; then - architecture="x86-64" -elif [ -n "$(uname -m | grep 86)" ]; then - architecture="i386" -elif [ -n "$(uname -m | grep arm)" ]; then - architecture="arm" -else - ynh_die "Unable to detect your achitecture, please open a bug describing \ - your hardware and the result of the command \"uname -m\"." 1 -fi +#!/bin/bash #================================================= -# DEFINE ALL COMMON FONCTIONS +# COMMON VARIABLES #================================================= -create_dir() { - mkdir -p "$final_path/data" - mkdir -p "$final_path/custom/conf/auth.d" - mkdir -p "$DATA_PATH/avatars" - mkdir -p "$DATA_PATH/attachments" - mkdir -p "/var/log/$app" -} -config_nginx() { - if [ "$path_url" != "/" ] - then - ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf" - fi - ynh_add_nginx_config -} +#================================================= +# PERSONAL HELPERS +#================================================= -config_gogs() { - ynh_backup_if_checksum_is_different "$final_path/custom/conf/app.ini" - ynh_backup_if_checksum_is_different "$final_path/custom/conf/auth.d/ldap.conf" +#================================================= +# EXPERIMENTAL HELPERS +#================================================= - cp ../conf/app.ini "$final_path/custom/conf" - cp ../conf/ldap.conf "$final_path/custom/conf/auth.d/ldap.conf" - - if [ "$path_url" = "/" ] - then - ynh_replace_string "__URL__" "$domain" "$final_path/custom/conf/app.ini" - else - ynh_replace_string "__URL__" "$domain${path_url%/}" "$final_path/custom/conf/app.ini" - fi - - ynh_replace_string "__REPOS_PATH__" "$REPO_PATH" "$final_path/custom/conf/app.ini" - ynh_replace_string "__DB_PASSWORD__" "$dbpass" "$final_path/custom/conf/app.ini" - ynh_replace_string "__DB_USER__" "$dbuser" "$final_path/custom/conf/app.ini" - ynh_replace_string "__DOMAIN__" "$domain" "$final_path/custom/conf/app.ini" - ynh_replace_string "__KEY__" "$key" "$final_path/custom/conf/app.ini" - ynh_replace_string "__DATA_PATH__" "$DATA_PATH" "$final_path/custom/conf/app.ini" - ynh_replace_string "__PORT__" $port "$final_path/custom/conf/app.ini" - ynh_replace_string "__APP__" $app "$final_path/custom/conf/app.ini" - - if [[ "$is_public" = '1' ]] - then - ynh_replace_string "__PRIVATE_MODE__" "false" "$final_path/custom/conf/app.ini" - else - ynh_replace_string "__PRIVATE_MODE__" "true" "$final_path/custom/conf/app.ini" - fi - - ynh_replace_string "__ADMIN__" "$admin" "$final_path/custom/conf/auth.d/ldap.conf" - - ynh_store_file_checksum "$final_path/custom/conf/app.ini" - ynh_store_file_checksum "$final_path/custom/conf/auth.d/ldap.conf" -} - -set_permission() { - chown -R $app:$app "$final_path" - chown -R $app:$app "/home/$app" - chown -R $app:$app "/var/log/$app" - chmod u=rwX,g=rX,o= "$final_path" - chmod u=rwX,g=rX,o= "/home/$app" - chmod u=rwX,g=rX,o= "/var/log/$app" -} - -set_access_settings() { - if [ "$is_public" = '1' ] - then - ynh_app_setting_set $app unprotected_uris "/" - else - # For an access to the git server by https in private mode we need to allow the access to theses URL : - # - "DOMAIN/PATH/USER/REPOSITORY/info/refs" - # - "DOMAIN/PATH/USER/REPOSITORY/git-upload-pack" - # - "DOMAIN/PATH/USER/REPOSITORY/git-receive-pack" - - excaped_domain=${domain//'.'/'%.'} - excaped_domain=${excaped_domain//'-'/'%-'} - excaped_path=${path_url//'.'/'%.'} - excaped_path=${excaped_path//'-'/'%-'} - ynh_app_setting_set $app skipped_regex "$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-receive%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-upload%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/info/refs" - fi -} +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= diff --git a/scripts/backup b/scripts/backup index 490a4b0..72f8d13 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -26,8 +27,10 @@ ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -# Retrieve app settings +final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -35,28 +38,28 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) ynh_print_info --message="Declaring files to be backed up..." #================================================= -# STANDARD BACKUP STEPS +# BACKUP THE APP MAIN DIR #================================================= ynh_backup --src_path="$final_path" #================================================= -# BACKUP DATA FILES +# BACKUP THE DATA DIR #================================================= -ynh_backup --src_path="$DATADIR" +ynh_backup --src_path="$datadir" --is_big #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_backup --src_path="/etc/nginx/conf.d/${domain}.d/${app}.conf" +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP SYSTEMD #================================================= -ynh_backup --src_path="/etc/systemd/system/${app}.service" +ynh_backup --src_path="/etc/systemd/system/$app.service" #================================================= # BACKUP VARIOUS FILES @@ -69,7 +72,7 @@ ynh_backup --src_path="/var/log/$app" #================================================= ynh_print_info --message="Backing up the MySQL database..." -ynh_mysql_dump_db "$dbname" > ./db.sql +ynh_mysql_dump_db --database="$db_name" > db.sql #================================================= # END OF SCRIPT diff --git a/scripts/change_url b/scripts/change_url index 883baf6..dafbcee 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,52 +1,146 @@ #!/bin/bash #================================================= -# GENERIC START +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS #================================================= -# IMPORT GENERIC HELPERS +source _common.sh source /usr/share/yunohost/helpers +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path=$YNH_APP_NEW_PATH + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +# Add settings here as needed by your application +#db_name=$(ynh_app_setting_get --app=$app --key=db_name) +#db_user=$db_name +#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) + +#================================================= +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors -# Import common cmd +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= -source ./_common.sh +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi -# RETRIEVE ARGUMENTS -old_domain=$YNH_APP_OLD_DOMAIN -domain=$YNH_APP_NEW_DOMAIN -path_url=$(ynh_normalize_url_path ${YNH_APP_NEW_PATH:-'/'}) -app=$YNH_APP_INSTANCE_NAME - -dbpass=$(ynh_app_setting_get "$app" mysqlpwd) -admin=$(ynh_app_setting_get "$app" adminusername) -key=$(ynh_app_setting_get "$app" secret_key) -port=$(ynh_app_setting_get "$app" web_port) -is_public=$(ynh_app_setting_get "$app" is_public) +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi #================================================= # STANDARD MODIFICATIONS #================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." -# Change the domain for nginx -if [ "$old_domain" != "$domain" ] +ynh_systemd_action --service_name=$app --action="stop" + +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_script_progression --message="Updating NGINX web server configuration..." + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the NGINX config file +if [ $change_path -eq 1 ] then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum "/etc/nginx/conf.d/$old_domain.d/$app.conf" - - mv "/etc/nginx/conf.d/$old_domain.d/$app.conf" "/etc/nginx/conf.d/$domain.d/$app.conf" - - # Store file checksum for the new config file location - ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" + # Make a backup of the original NGINX config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Set global variables for NGINX helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated NGINX config + ynh_add_nginx_config fi -config_nginx +# Change the domain for NGINX +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi -# Update gogs config -config_gogs +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a configuration file..." -# RELOAD services +if [ $is_public -eq 1 ] +then + private_mode="false" +else + private_mode="true" +fi + +ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini" +ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf" + +#================================================= +# GENERIC FINALISATION +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." + +# Start a systemd service ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" -sleep 1 \ No newline at end of file + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index 6838126..203bfae 100644 --- a/scripts/install +++ b/scripts/install @@ -3,91 +3,220 @@ #================================================= # GENERIC START #================================================= - # IMPORT GENERIC HELPERS +#================================================= + +source _common.sh source /usr/share/yunohost/helpers +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + # Exit if an error occurs during the execution of the script ynh_abort_if_errors -# Load common variables and helpers +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= -source ./_common.sh - -# Retrieve arguments domain=$YNH_APP_ARG_DOMAIN -path_url=$(ynh_normalize_url_path $YNH_APP_ARG_PATH) +path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC +secret_key=$(ynh_string_random) +architecture=$(ynh_detect_arch) -# Check domain/path availability -ynh_webpath_available $domain $path_url || ynh_die "$domain is not available as domain, please use an other domain." -ynh_webpath_register $app $domain $path_url +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= +ynh_script_progression --message="Validating installation parameters..." + +final_path=/opt/$app +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" + +# Register (book) web path +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url # Check user parameter ynh_user_exists "$admin" \ || ynh_die "The chosen admin user does not exist." -# Check Final Path availability -test ! -e "$final_path" || ynh_die "This path already contains a folder" +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= +ynh_script_progression --message="Storing installation settings..." -# Generate random password and key -dbpass=$(ynh_string_random) -key=$(ynh_string_random) - -# Find available ports -port=$(ynh_find_port 6000) - -# Store Settings -ynh_app_setting_set $app mysqlpwd $dbpass -ynh_app_setting_set $app adminusername $admin -ynh_app_setting_set $app is_public $is_public -ynh_app_setting_set $app secret_key $key -ynh_app_setting_set $app web_port $port +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key #================================================= # STANDARD MODIFICATIONS #================================================= +# FIND AND OPEN A PORT +#================================================= +ynh_script_progression --message="Finding an available port..." -# Initialize database and store mysql password for upgrade -ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" +# Find an available port +port=$(ynh_find_port --port=6000) +ynh_app_setting_set --app=$app --key=port --value=$port -# Add users +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user # We can't use the official helper because we need to set the shell for the login test getent passwd "$app" &>/dev/null || \ useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \ ynh_die "Unable to create $app system account" -# create needed directories -create_dir +#================================================= +# CREATE A MYSQL DATABASE +#================================================= +ynh_script_progression --message="Creating a MySQL database..." -# Install Gogs -ynh_setup_source $final_path $architecture +db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name +ynh_app_setting_set --app=$app --key=db_name --value=$db_name +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name -# Configure gogs with app.ini file -config_gogs +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_script_progression --message="Setting up source files..." -# Configure init script +ynh_app_setting_set --app=$app --key=final_path --value=$final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" + +mkdir -p "$final_path/data" +mkdir -p "$final_path/custom/conf/auth.d" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" +chmod u=rwX,g=rX,o= "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." + +# Create a dedicated NGINX config +ynh_add_nginx_config + +#================================================= +# SPECIFIC SETUP +#================================================= +# CREATE DATA DIRECTORY +#================================================= +ynh_script_progression --message="Creating a data directory..." + +datadir=/home/$app +ynh_app_setting_set --app=$app --key=datadir --value=$datadir + +mkdir -p "$datadir/avatars" +mkdir -p "$datadir/attachments" + +chmod 750 "$datadir" +chmod -R o-rwx "$datadir" +chown -R $app:$app "/home/$app" +chmod u=rwX,g=rX,o= "/home/$app" + +repo_path="$datadir/repositories" +data_path="$datadir/data" + +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a configuration file..." + +if [ $is_public -eq 1 ] +then + private_mode="false" +else + private_mode="true" +fi + +ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini" +ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Configuring a systemd service..." + +# Create a dedicated systemd config ynh_add_systemd_config -# Modify Nginx configuration file and copy it to Nginx conf directory -config_nginx - #================================================= # GENERIC FINALIZATION #================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Configuring log rotation..." -# Set permissions -set_permission +mkdir -p "/var/log/$app" +chown -R $app:$app "/var/log/$app" +chmod u=rwX,g=rX,o= "/var/log/$app" -# Unprotect root from SSO if public -set_access_settings +# Use logrotate to manage application logfile(s) +ynh_use_logrotate -# Add Gogs to YunoHost's monitored services -yunohost service add "$app" --log "/var/log/$app/$app.log" +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." -# Configure logrotate -ynh_use_logrotate "/var/log/$app" +yunohost service add $app --log="/var/log/$app/$app.log" -# Reload services +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." + +# Start a systemd service ynh_clean_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" + +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Configuring permissions..." + +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. + ynh_permission_update --permission="main" --add="visitors" +else + # For an access to the git server by https in private mode we need to allow the access to theses URL : + # - "DOMAIN/PATH/USER/REPOSITORY/info/refs" + # - "DOMAIN/PATH/USER/REPOSITORY/git-upload-pack" + # - "DOMAIN/PATH/USER/REPOSITORY/git-receive-pack" + + excaped_domain=${domain//'.'/'%.'} + excaped_domain=${excaped_domain//'-'/'%-'} + excaped_path=${path_url//'.'/'%.'} + excaped_path=${excaped_path//'-'/'%-'} + ynh_app_setting_set $app skipped_regex "$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-receive%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-upload%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/info/refs" +fi + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index e5deb31..eff82be 100644 --- a/scripts/remove +++ b/scripts/remove @@ -3,43 +3,105 @@ #================================================= # GENERIC START #================================================= - # IMPORT GENERIC HELPERS +#================================================= + +source _common.sh source /usr/share/yunohost/helpers -# Load common variables and helpers -source ./_common.sh +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +port=$(ynh_app_setting_get --app=$app --key=port) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= # STANDARD REMOVE #================================================= +# REMOVE SERVICE INTEGRATION IN YUNOHOST +#================================================= -# Stop gogs -systemctl stop "$app".service +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status $app >/dev/null +then + ynh_script_progression --message="Removing $app service integration..." + yunohost service remove $app +fi -# Drop MySQL database and user -ynh_mysql_drop_db "$dbname" 2>/dev/null -ynh_mysql_drop_user "$dbuser" 2>/dev/null +#================================================= +# STOP AND REMOVE SERVICE +#================================================= +ynh_script_progression --message="Stopping and removing the systemd service..." -# Retrieve domain from app settings -domain=$(ynh_app_setting_get "$app" domain) +# Remove the dedicated systemd config +ynh_remove_systemd_config -# Delete app directory and configurations -ynh_secure_remove "$final_path" -ynh_secure_remove "$DATADIR" -ynh_secure_remove "/var/log/$app" +#================================================= +# REMOVE THE MYSQL DATABASE +#================================================= +ynh_script_progression --message="Removing the MySQL database..." + +# Remove a database if it exists, along with the associated user +ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name + + +#================================================= +# REMOVE APP MAIN DIR +#================================================= +ynh_script_progression --message="Removing app main directory..." + +# Remove the app directory securely +ynh_secure_remove --file="$final_path" + +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Removing NGINX web server configuration..." + +# Remove the dedicated NGINX config +ynh_remove_nginx_config + +#================================================= +# REMOVE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Removing logrotate configuration..." # Remove the app-specific logrotate config ynh_remove_logrotate -# Remove nginx config -ynh_remove_nginx_config +#================================================= +# SPECIFIC REMOVE +#================================================= +# REMOVE VARIOUS FILES +#================================================= +ynh_script_progression --message="Removing various files..." -# Remove gogs user and data -ynh_system_user_delete $app +# Remove the datadir +ynh_secure_remove --file="$datadir" -# Remove init script -ynh_remove_systemd_config +# Remove the log files +ynh_secure_remove --file="/var/log/$app" -# Remove monitor -yunohost service remove "$app" \ No newline at end of file +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= +ynh_script_progression --message="Removing the dedicated system user..." + +# Delete a system user +ynh_system_user_delete --username=$app + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index f135ead..79e5af1 100644 --- a/scripts/restore +++ b/scripts/restore @@ -3,66 +3,148 @@ #================================================= # GENERIC START #================================================= - # IMPORT GENERIC HELPERS +#================================================= + +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers # Exit if an error occurs during the execution of the script ynh_abort_if_errors -# Load common variables and helpers -source ../settings/scripts/_common.sh +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." -# Retrieve old app settings -domain=$(ynh_app_setting_get "$app" domain) -path_url=$(ynh_app_setting_get "$app" path) +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +datadir=$(ynh_app_setting_get --app=$app --key=datadir) dbpass=$(ynh_app_setting_get "$app" mysqlpwd) -admin=$(ynh_app_setting_get "$app" adminusername) +admin=$(ynh_app_setting_get "$app" admin) -# Check domain/path availability with app helper -ynh_webpath_available $domain $path_url || ynh_die "$domain is not available as domain, please use an other domain." +#================================================= +# CHECK IF THE APP CAN BE RESTORED +#================================================= +ynh_script_progression --message="Validating restoration parameters..." -# Check user parameter -ynh_user_exists "$admin" \ - || ynh_die "The chosen admin user does not exist." - -# Check Final Path availability -test ! -e "$final_path" || ynh_die "This path already contains a folder" +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}${path_url}" +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS #================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." -# Add users +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) # We can't use the official helper because we need to set the shell for the login test getent passwd "$app" &>/dev/null || \ useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \ ynh_die "Unable to create $app system account" -# Restore all files -ynh_restore +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Restoring the app main directory..." -# Create and restore the database -ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" -ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql +ynh_restore_file --origin_path="$final_path" -# Restore systemd files -systemctl daemon-reload -systemctl enable "$app".service +mkdir -p "$final_path/data" +mkdir -p "$final_path/custom/conf/auth.d" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" +chmod u=rwX,g=rX,o= "$final_path" + +#================================================= +# RESTORE THE DATA DIRECTORY +#================================================= +ynh_script_progression --message="Restoring the data directory..." + +ynh_restore_file --origin_path="$datadir" --not_mandatory + +mkdir -p $datadir + +mkdir -p "$datadir/avatars" +mkdir -p "$datadir/attachments" + +chmod 750 "$datadir" +chmod -R o-rwx "$datadir" +chown -R $app:$app "/home/$app" +chmod u=rwX,g=rX,o= "/home/$app" + +repo_path="$datadir/repositories" +data_path="$datadir/data" + +#================================================= +# SPECIFIC RESTORATION +#================================================= +# RESTORE THE MYSQL DATABASE +#================================================= +ynh_script_progression --message="Restoring the MySQL database..." + +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql + +#================================================= +# RESTORE SYSTEMD +#================================================= +ynh_script_progression --message="Restoring the systemd configuration..." + +ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +systemctl enable $app.service --quiet + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." + +yunohost service add $app --log="/var/log/$app/$app.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." + +ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/$app.log" + +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the logrotate configuration..." + +ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= # GENERIC FINALIZATION #================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." -# Set permissions -set_permission +ynh_systemd_action --service_name=nginx --action=reload -# Configure logrotate -ynh_use_logrotate "/var/log/$app" +#================================================= +# END OF SCRIPT +#================================================= -# Add Gogs to YunoHost's monitored services -yunohost service add "$app" --log /var/log/"$app"/"$app".log - -# Reload services -systemctl reload nginx.service -ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" +ynh_script_progression --message="Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index 483f6b4..bc3c699 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -3,37 +3,62 @@ #================================================= # GENERIC START #================================================= - # IMPORT GENERIC HELPERS +#================================================= + +source _common.sh source /usr/share/yunohost/helpers -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." -# Load common variables and helpers -source ./_common.sh +app=$YNH_APP_INSTANCE_NAME -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -path_url=$(ynh_normalize_url_path $(ynh_app_setting_get "$app" path)) -dbpass=$(ynh_app_setting_get "$app" mysqlpwd) -admin=$(ynh_app_setting_get "$app" adminusername) -key=$(ynh_app_setting_get "$app" secret_key) -is_public=$(ynh_app_setting_get "$app" is_public) -port=$(ynh_app_setting_get "$app" web_port) +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) +is_public=$(ynh_app_setting_get --app=$app --key=is_public) +port=$(ynh_app_setting_get --app=$app --key=port) + +#================================================= +# CHECK VERSION +#================================================= +ynh_script_progression --message="Checking version..." + +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - ynh_restore_upgradebackup + # Restore it if the upgrade fails + ynh_restore_upgradebackup } - -# Stop service -systemctl stop "$app".service +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors #================================================= -# MIGRATION FROM OLD VERSION +# STANDARD UPGRADE STEPS #================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." + +ynh_systemd_action --service_name=$app --action="stop" + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." # Update settings is_public to new standard if [ "$is_public" = "Yes" ]; then @@ -86,34 +111,95 @@ then mkdir -p "$final_path/custom/conf/auth.d" fi -#================================================= -# STANDARD UPGRADE STEPS -#================================================= - # Clean template to fix issue : https://github.com/gogits/gogs/issues/4585 ynh_secure_remove "/opt/gogs/templates" -# Install Gogs -ynh_setup_source $final_path $architecture +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= -# Configure gogs with app.ini file -config_gogs +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." -# Configure init script + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" +fi + +mkdir -p "$final_path/data" +mkdir -p "$final_path/custom/conf/auth.d" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" +chmod u=rwX,g=rX,o= "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." + +# Create a dedicated NGINX config +ynh_add_nginx_config + +#================================================= +# SPECIFIC UPGRADE +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating a configuration file..." +if [ $is_public -eq 1 ] +then + private_mode="false" +else + private_mode="true" +fi + +ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini" +ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Upgrading systemd configuration..." + +# Create a dedicated systemd config ynh_add_systemd_config -# Modify Nginx configuration file and copy it to Nginx conf directory -config_nginx - #================================================= # GENERIC FINALIZATION #================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Upgrading logrotate configuration..." -# Unprotect root from SSO if public -set_access_settings +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append -# Set permissions -set_permission +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." -# Reload services +yunohost service add $app --log="/var/log/$app/$app.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" diff --git a/scripts/ynh_detect_arch__2 b/scripts/ynh_detect_arch__2 new file mode 100644 index 0000000..b1c7375 --- /dev/null +++ b/scripts/ynh_detect_arch__2 @@ -0,0 +1,25 @@ +#!/bin/bash + +# Check the architecture +# +# example: architecture=$(ynh_detect_arch) +# +# usage: ynh_detect_arch +# +# Requires YunoHost version 2.2.4 or higher. + +ynh_detect_arch(){ + local architecture + if [ -n "$(uname -m | grep arm64)" ] || [ -n "$(uname -m | grep aarch64)" ]; then + architecture="arm64" + elif [ -n "$(uname -m | grep 64)" ]; then + architecture="x86-64" + elif [ -n "$(uname -m | grep 86)" ]; then + architecture="i386" + elif [ -n "$(uname -m | grep arm)" ]; then + architecture="arm" + else + architecture="unknown" + fi + echo $architecture +}