cleaning

scripts/_common.sh

@@ -8,26 +8,6 @@
 # PERSONAL HELPERS
 #=================================================
 
-# custom function to detect armv6 and armv7
-# ($YNH_ARCH returns armhf for both...)
-detect_arch(){
-	local architecture
-	if uname -m | grep -q -E "arm64|aarch64" ; then
-		architecture="arm64"
-	elif uname -m | grep -q "64" ; then
-		architecture="amd64"
-	elif uname -m | grep -q "86" ; then
-		architecture="i386"
-	elif uname -m | grep -q "armv6" ; then
-		architecture="armv6"
-	elif uname -m | grep -q "armv7" ; then
-		architecture="armv7"
-	else
-		ynh_die --message="The script can't identify a valid architecture. Please report this error."
-	fi
-	echo $architecture
-}
-
 # custom function to change bash bool 0/1 to false/true
 convert_bool(){
 	(("$1")) && echo "true" || echo "false"

scripts/backup

@@ -28,36 +28,18 @@ ynh_backup --src_path="$install_dir"
 ynh_backup --src_path="$data_dir" --is_big
 
 #=================================================
-# BACKUP THE NGINX CONFIGURATION
+# SYSTEM CONFIGURATION
 #=================================================
 
 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 
-#=================================================
-# SPECIFIC BACKUP
-#=================================================
-# BACKUP LOGROTATE
-#=================================================
-
 ynh_backup --src_path="/etc/logrotate.d/$app"
 
-#=================================================
-# BACKUP FAIL2BAN CONFIGURATION
-#=================================================
-
 ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
 ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
 
-#=================================================
-# BACKUP SYSTEMD
-#=================================================
-
 ynh_backup --src_path="/etc/systemd/system/$app.service"
 
-#=================================================
-# BACKUP VARIOUS FILES
-#=================================================
-
 #=================================================
 # BACKUP THE POSTGRESQL DATABASE
 #=================================================

scripts/install

@@ -153,34 +153,13 @@ ynh_app_setting_set --app="$app" --key=advanced_rate_limit_requests --value="$ad
 #=================================================
 ynh_script_progression --message="Setting up source files..." --weight=1
 
-### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
-### downloaded from an upstream source, like a git repository.
-### `ynh_setup_source` use the file conf/app.src
-
-# detect_arch comes from _common.sh / personnal helpers
-architecture=$(detect_arch)
-
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$install_dir" 
 
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder _
-# this will be treated as a security issue.
 chmod -R 750 "$install_dir"
 chmod -R o-rwx "$install_dir"
 chown -R "$app:www-data" "$install_dir"
 
-#=================================================
-# NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Configuring NGINX web server..." --weight=1
-
-# Create a dedicated NGINX config for the main domain
-ynh_add_nginx_config
-
 #=================================================
 # ADD A CONFIGURATION
 #=================================================
@@ -188,9 +167,6 @@ ynh_script_progression --message="Adding a configuration file..." --weight=1
 
 ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml"
 
-# FIXME: this should be handled by the core in the future
-# You may need to use chmod 600 instead of 400,
-# for example if the app is expected to be able to modify its own config
 chmod 400 "$install_dir/config.yaml"
 chown "$app:$app" "$install_dir/config.yaml"
 
@@ -199,32 +175,18 @@ chown "$app:$app" "$install_dir/config.yaml"
 #=================================================
 ynh_script_progression --message="Configuring a systemd service..." --weight=1
 
+# Create a dedicated NGINX config for the main domain
+ynh_add_nginx_config
+
 # Create a dedicated systemd config
 ynh_add_systemd_config
 
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# SETUP LOGROTATE
-#=================================================
-ynh_script_progression --message="Configuring log rotation..." --weight=1
-
 # Use logrotate to manage application logfile(s)
 ynh_use_logrotate
 
-#=================================================
-# SETUP FAIL2BAN
-#=================================================
-ynh_script_progression --message="Configuring fail2ban..." --weight=1
-
 # Create a dedicated Fail2Ban config
 ynh_add_fail2ban_config --logpath="/var/log/${app}/${app}.log" --failregex="statusCode=401 path=/auth/sign_in clientIP=<HOST> .* msg=\"Unauthorized:" --max_retry=5
 
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
-
 yunohost service add "$app" --description="Gotosocial server" --log="/var/log/$app/$app.log"
 
 #=================================================

scripts/remove

@@ -10,10 +10,9 @@ source _common.sh
 source /usr/share/yunohost/helpers
 
 #=================================================
-# STANDARD REMOVE
-#=================================================
-# REMOVE SERVICE INTEGRATION IN YUNOHOST
+# REMOVE SYSTEM CONFIGURATIONS
 #=================================================
+ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
 
 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
 if ynh_exec_warn_less yunohost service status "$app" >/dev/null
@@ -22,45 +21,17 @@ then
 	yunohost service remove "$app"
 fi
 
-#=================================================
-# STOP AND REMOVE SERVICE
-#=================================================
-ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
-
 # Remove the dedicated systemd config
 ynh_remove_systemd_config
 
-#=================================================
-# REMOVE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
-
 # Remove the dedicated NGINX config of the main domain
 ynh_remove_nginx_config
 
-#=================================================
-# REMOVE LOGROTATE CONFIGURATION
-#=================================================
-ynh_script_progression --message="Removing logrotate configuration..." --weight=1
-
 # Remove the app-specific logrotate config
 ynh_remove_logrotate
 
-#=================================================
-# REMOVE FAIL2BAN CONFIGURATION
-#=================================================
-
-ynh_script_progression --message="Removing fail2ban configuration..." --weight=1
-
 ynh_remove_fail2ban_config
 
-#=================================================
-# SPECIFIC REMOVE
-#=================================================
-# REMOVE VARIOUS FILES
-#=================================================
-ynh_script_progression --message="Removing various files..." --weight=1
-
 # Remove the log files
 ynh_secure_remove --file="/var/log/$app"
 

scripts/restore

@@ -10,15 +10,6 @@
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
-# STANDARD RESTORATION STEPS
-#=================================================
-# RESTORE THE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1
-
-ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
-
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
@@ -26,14 +17,6 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
 
 ynh_restore_file --origin_path="$install_dir"
 
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
-chmod 750 "$install_dir"
-chmod -R o-rwx "$install_dir"
 chown -R "$app:www-data" "$install_dir"
 
 #=================================================
@@ -43,16 +26,6 @@ ynh_script_progression --message="Restoring the data directory..." --weight=5
 
 ynh_restore_file --origin_path="$data_dir" --not_mandatory
 
-mkdir -p "$data_dir"
-
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
-chmod 750 "$data_dir"
-chmod -R o-rwx "$data_dir"
 chown -R "$app:www-data" "$data_dir"
 
 #=================================================
@@ -62,34 +35,6 @@ ynh_script_progression --message="Restoring the PostgreSQL database..."
 
 ynh_psql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql
 
-#=================================================
-# DOWNLOAD, CHECK AND UNPACK SOURCE
-#=================================================
-ynh_script_progression --message="Setting up source files..." --weight=1
-
-# detect_arch comes from _common.sh / personnal helpers
-architecture="$(detect_arch)"
-
-# compare if the system arch is different from the binary arch
-# if so, download the correct binary
-if [ "$architecture" != "$(file "$install_dir"/gotosocial | cut -d ',' -f 2 | tr -d ' ')" ]
-then
-	ynh_script_progression --message="Migrating binary architecture..."
-
-	# Download, check integrity, uncompress and patch the source from app.src
-	ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep="config.yaml"
-fi
-
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder _
-# this will be treated as a security issue.
-chmod 750 "$install_dir"
-chmod -R o-rwx "$install_dir"
-chown -R "$app:www-data" "$install_dir"
-
 #=================================================
 # RESTORE VARIOUS FILES
 #=================================================
@@ -101,34 +46,17 @@ mkdir -p "/var/log/$app"
 #=================================================
 ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
 
+ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+
 ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
 systemctl enable "$app.service" --quiet
 
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
-
 yunohost service add "$app" --description="Gotosocial server" --log="/var/log/$app/$app.log"
 
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
-
 ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
 
-#=================================================
-# RESTORE THE LOGROTATE CONFIGURATION
-#=================================================
-ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
-
 ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 
-#=================================================
-# RESTORE THE FAIL2BAN CONFIGURATION
-#=================================================
-
 ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
 ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
 ynh_systemd_action --action=restart --service_name=fail2ban

scripts/upgrade

@@ -9,12 +9,6 @@
 source _common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
-# CHECK VERSION
-#=================================================
-
-upgrade_type=$(ynh_check_app_version_changed)
-
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
@@ -283,36 +277,15 @@ fi
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-
-if [ "$upgrade_type" == "UPGRADE_APP" ]
-then
-	ynh_script_progression --message="Upgrading source files..."
-
-	# detect_arch comes from _common.sh / personnal helpers
-	architecture=$(detect_arch)
+ynh_script_progression --message="Upgrading source files..."
 	
-	# Download, check integrity, uncompress and patch the source from app.src
-	ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep="config.yaml"
-fi
+# Download, check integrity, uncompress and patch the source from app.src
+ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep="config.yaml"
 
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$install_dir"
 chmod -R o-rwx "$install_dir"
 chown -R "$app:www-data" "$install_dir"
 
-#=================================================
-# NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Upgrading NGINX web server configuration..."
-
-# Create a dedicated NGINX config for the main domain
-ynh_add_nginx_config
-
 #=================================================
 # UPDATE A CONFIG FILE
 #=================================================
@@ -320,9 +293,6 @@ ynh_script_progression --message="Updating a configuration file..."
 
 ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml"
 
-# FIXME: this should be handled by the core in the future
-# You may need to use chmod 600 instead of 400,
-# for example if the app is expected to be able to modify its own config
 chmod 400 "$install_dir/config.yaml"
 chown "$app:$app" "$install_dir/config.yaml"
 
@@ -331,32 +301,18 @@ chown "$app:$app" "$install_dir/config.yaml"
 #=================================================
 ynh_script_progression --message="Upgrading systemd configuration..."
 
+# Create a dedicated NGINX config for the main domain
+ynh_add_nginx_config
+
 # Create a dedicated systemd config
 ynh_add_systemd_config
 
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# SETUP LOGROTATE
-#=================================================
-ynh_script_progression --message="Upgrading logrotate configuration..."
-
 # Use logrotate to manage app-specific logfile(s)
 ynh_use_logrotate --non-append
 
-#=================================================
-# SETUP FAIL2BAN
-#=================================================
-ynh_script_progression --message="Upgrading fail2ban configuration..."
-
 # Create a dedicated Fail2Ban config
 ynh_add_fail2ban_config --logpath="/var/log/${app}/${app}.log" --failregex="statusCode=401 path=/auth/sign_in clientIP=<HOST> .* msg=\"Unauthorized:" --max_retry=5
 
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..."
-
 yunohost service add "$app" --description="Gotosocial server" --log="/var/log/$app/$app.log"
 
 #=================================================