1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/guacamole_ynh.git synced 2024-09-03 19:16:03 +02:00

Merge pull request #42 from YunoHost-Apps/version-2

Version 2
This commit is contained in:
Salamandar 2024-02-25 21:59:22 +01:00 committed by GitHub
commit 03d2fa68ba
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
26 changed files with 300 additions and 739 deletions

View file

@ -1,5 +1,5 @@
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/readme_generator
It shall NOT be edited by hand.
-->
@ -16,7 +16,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
## Overview
Clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH
Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH
**Shipped version:** 1.5.4~ynh1
@ -24,17 +24,11 @@ Clientless remote desktop gateway. It supports standard protocols like VNC, RDP,
![Screenshot of Guacamole](./doc/screenshots/screenshot1.jpg)
## Disclaimers / important information
## Configuration
The user that is configured as admin during install will have access to admin settings in the settings menu of the app (under the user menu). Configuration files are in `/opt/yunohost/guacamole/etc/guacamole` (for the first install).
## Documentation and resources
* Official app website: <https://guacamole.apache.org/>
* Official admin documentation: <https://guacamole.apache.org/doc/gug/>
* Upstream app code repository: <https://github.com/search?utf8=%E2%9C%93&q=repo%3Aapache%2Fguacamole-server+repo%3Aapache%2Fguacamole-client+repo%3Aapache%2Fguacamole-website&type=Repositories&ref=searchresults>
* Upstream app code repository: <https://github.com/apache/guacamole-server>
* YunoHost Store: <https://apps.yunohost.org/app/guacamole>
* Report a bug: <https://github.com/YunoHost-Apps/guacamole_ynh/issues>
@ -50,4 +44,4 @@ or
sudo yunohost app upgrade guacamole -u https://github.com/YunoHost-Apps/guacamole_ynh/tree/testing --debug
```
**More info regarding app packaging:** <https://yunohost.org/packaging_apps>
**More info regarding app packaging:** <https://yunohost.org/packaging_apps>

View file

@ -1,5 +1,5 @@
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/readme_generator
It shall NOT be edited by hand.
-->
@ -16,7 +16,7 @@ Si vous navez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po
## Vue densemble
Service de bureau à distance sans client. Fonctionne avec des protocoles standard comme VNC, RDP, et SSH
Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH
**Version incluse :** 1.5.4~ynh1
@ -24,17 +24,11 @@ Service de bureau à distance sans client. Fonctionne avec des protocoles standa
![Capture décran de Guacamole](./doc/screenshots/screenshot1.jpg)
## Avertissements / informations importantes
## Configuration
L'utilisateur choisi comme admin durant le processus d'installation aura accès au paramétres d'administration dans le menu de configuration de l'application (sous le menu utilisateur). Le fichiers de configuration sont dans `/opt/yunohost/guacamole/etc/guacamole` (pour la première installation).
## Documentations et ressources
* Site officiel de lapp : <https://guacamole.apache.org/>
* Documentation officielle de ladmin : <https://guacamole.apache.org/doc/gug/>
* Dépôt de code officiel de lapp : <https://github.com/search?utf8=%E2%9C%93&q=repo%3Aapache%2Fguacamole-server+repo%3Aapache%2Fguacamole-client+repo%3Aapache%2Fguacamole-website&type=Repositories&ref=searchresults>
* Dépôt de code officiel de lapp : <https://github.com/apache/guacamole-server>
* YunoHost Store: <https://apps.yunohost.org/app/guacamole>
* Signaler un bug : <https://github.com/YunoHost-Apps/guacamole_ynh/issues>

View file

@ -1,25 +0,0 @@
;; Test complet
; Manifest
domain="domain.tld"
path="/path"
admin="john"
is_public=0
; Checks
pkg_linter=1
setup_sub_dir=1
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
backup_restore=1
multi_instance=1
port_already_use=0
change_url=1
;;; Options
Email=
Notification=none
;;; Upgrade options
; commit=CommitHash
name=Name and date of the commit.
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1&

View file

@ -1,7 +0,0 @@
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-header-1.5.4.tar.gz
SOURCE_SUM=7a0adc0daa19ec69a0244f491222c62124b02f81f40aa91e9a94d06a2635d038
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=guacamole-auth-header.tar.gz
SOURCE_EXTRACT=true

View file

@ -1,7 +0,0 @@
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-jdbc-1.5.4.tar.gz
SOURCE_SUM=f45736b28eb6647b7eb0d2b48331e12e5a432661f61115b63d1a05a5bd20244d
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=guacamole-auth-jdbc.tar.gz
SOURCE_EXTRACT=true

View file

@ -1,7 +0,0 @@
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-ldap-1.5.4.tar.gz
SOURCE_SUM=f912fe921cd0d429a752709e31a37b931e95d88a47bc4007ab49377d1c1a6336
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=guacamole-auth-ldap.tar.gz
SOURCE_EXTRACT=true

View file

@ -1,7 +0,0 @@
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-1.5.4.war
SOURCE_SUM=5728b563911bd64bce0a0b81c74ea8ccb2190d1785bff34030fc6885a8273d3e
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=false
SOURCE_FILENAME=guacamole.war
SOURCE_EXTRACT=true

View file

@ -1,4 +1,4 @@
guacd-port: __GUACD_PORT__
guacd-port: __PORT_GUACD__
ldap-user-base-dn: ou=users,dc=yunohost,dc=org
ldap-group-base-dn: ou=groups,dc=yunohost,dc=org

View file

@ -6,10 +6,10 @@ After=network.target
Type=simple
User=__APP__-guacd
Group=__APP__-guacd
ExecStart=__FINALPATH__/sbin/guacd -f -l __GUACD_PORT__ >> /var/log/__APP__/guacd.log 2>&1
ExecStart=__INSTALL_DIR__/sbin/guacd -f -l __PORT_GUACD__ >> /var/log/__APP__/guacd.log 2>&1
Restart=on-abnormal
Environment="LD_LIBRARY_PATH=__FINALPATH__/lib:__FINALPATH__/usr/lib"
Environment="GUACAMOLE_HOME=__FINALPATH__/etc/guacamole"
Environment="LD_LIBRARY_PATH=__INSTALL_DIR__/lib:__INSTALL_DIR__/usr/lib"
Environment="GUACAMOLE_HOME=__INSTALL_DIR__/etc/guacamole"
# Sandboxing options to harden security
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html

View file

@ -1,7 +0,0 @@
SOURCE_URL=https://downloads.mariadb.com/Connectors/java/connector-java-2.7.4/mariadb-java-client-2.7.4.jar
SOURCE_SUM=f06577b19e89b33028b96cd4f031248e761de7ebc712f4ef535e268df76edb2a
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=mariadb-java-client.jar
SOURCE_EXTRACT=false

View file

@ -1,7 +0,0 @@
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/source/guacamole-server-1.5.4.tar.gz
SOURCE_SUM=4c0add552b1fc387c23a35c430155e01f2dfcf9daa0f96fbf805d0ace756729e
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=guacamole-server.tar.gz
SOURCE_EXTRACT=true

View file

@ -1,16 +1,16 @@
[Unit]
Description=Apache Tomcat 9 Web Application Server
After=network.target
RequiresMountsFor=/var/log/__APP__/tomcat __FINALPATH__/var/lib/tomcat9
RequiresMountsFor=/var/log/__APP__/tomcat __INSTALL_DIR__/var/lib/tomcat9
[Service]
# Configuration
Environment="CATALINA_HOME=/usr/share/tomcat9"
Environment="CATALINA_BASE=__FINALPATH__/var/lib/tomcat9"
Environment="CATALINA_BASE=__INSTALL_DIR__/var/lib/tomcat9"
Environment="CATALINA_TMPDIR=/tmp"
Environment="JAVA_OPTS=-Djava.awt.headless=true"
Environment="GUACAMOLE_HOME=__FINALPATH__/etc/guacamole"
Environment="GUACAMOLE_HOME=__INSTALL_DIR__/etc/guacamole"
# Lifecycle
@ -32,8 +32,8 @@ NoNewPrivileges=true
CacheDirectory=__APP__-tomcat9
CacheDirectoryMode=750
ProtectSystem=strict
ReadWritePaths=__FINALPATH__/etc/tomcat9/Catalina/
ReadWritePaths=__FINALPATH__/var/lib/tomcat9/webapps/
ReadWritePaths=__INSTALL_DIR__/etc/tomcat9/Catalina/
ReadWritePaths=__INSTALL_DIR__/var/lib/tomcat9/webapps/
ReadWritePaths=/var/log/__APP__/tomcat/
[Install]

View file

@ -1,7 +0,0 @@
SOURCE_URL=https://ftp.debian.org/debian/pool/main/t/tomcat9/tomcat9_9.0.70-1_all.deb
SOURCE_SUM=c062cd3ff27a566fdc6fed7dd2602c4e4ffe2216c8a19822bcaf03bd739e39b5
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=ar
SOURCE_IN_SUBDIR=false
SOURCE_FILENAME=tomcat9.deb
SOURCE_EXTRACT=false

View file

@ -1,3 +1 @@
## Configuration
The user that is configured as admin during install will have access to admin settings in the settings menu of the app (under the user menu). Configuration files are in `/opt/yunohost/guacamole/etc/guacamole` (for the first install).

View file

@ -1,3 +1 @@
## Configuration
L'utilisateur choisi comme admin durant le processus d'installation aura accès au paramétres d'administration dans le menu de configuration de l'application (sous le menu utilisateur). Le fichiers de configuration sont dans `/opt/yunohost/guacamole/etc/guacamole` (pour la première installation).

1
doc/DESCRIPTION.md Normal file
View file

@ -0,0 +1 @@
Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH

View file

@ -1,57 +0,0 @@
{
"name": "Guacamole",
"id": "guacamole",
"packaging_format": 1,
"description": {
"en": "Clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH",
"fr": "Service de bureau à distance sans client. Fonctionne avec des protocoles standard comme VNC, RDP, et SSH"
},
"version": "1.5.4~ynh1",
"url": "https://guacamole.apache.org/",
"upstream": {
"license": "Apache-2.0",
"website": "https://guacamole.apache.org/",
"admindoc": "https://guacamole.apache.org/doc/gug/",
"code": "https://github.com/search?utf8=%E2%9C%93&q=repo%3Aapache%2Fguacamole-server+repo%3Aapache%2Fguacamole-client+repo%3Aapache%2Fguacamole-website&type=Repositories&ref=searchresults"
},
"license": "Apache-2.0",
"maintainer": {
"name": "Jules Bertholet",
"email": "jules.bertholet@gmail.com"
},
"requirements": {
"yunohost": ">= 11.2"
},
"multi_instance": true,
"services": [
"nginx",
"mysql"
],
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain"
},
{
"name": "path",
"type": "path",
"example": "/guacamole",
"default": "/guacamole"
},
{
"name": "admin",
"type": "user"
},
{
"name": "is_public",
"type": "boolean",
"default": false,
"help": {
"en": "Not recommended",
"fr": "Pas reccomandé"
}
}
]
}
}

128
manifest.toml Normal file
View file

@ -0,0 +1,128 @@
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json
packaging_format = 2
id = "guacamole"
name = "Guacamole"
description.en = "Clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH"
description.fr = "Service de bureau à distance sans client. Fonctionne avec des protocoles standard comme VNC, RDP, et SSH"
version = "1.5.4~ynh1"
maintainers = ["Jules Bertholet"]
[upstream]
license = "Apache-2.0"
website = "https://guacamole.apache.org/"
admindoc = "https://guacamole.apache.org/doc/gug/"
code = "https://github.com/apache/guacamole-server"
[integration]
yunohost = ">= 11.2"
architectures = "all"
multi_instance = true
ldap = true
sso = false
disk = "50M"
ram.build = "50M"
ram.runtime = "50M"
[install]
[install.domain]
type = "domain"
[install.path]
type = "path"
default = "/guacamole"
[install.admin]
type = "user"
[install.init_main_permission]
help.en = "Not recommended"
help.fr = "Pas reccomandé"
type = "group"
default = "all_users"
[resources]
[resources.sources]
[resources.sources.server]
url = "https://downloads.apache.org/guacamole/1.5.4/source/guacamole-server-1.5.4.tar.gz"
sha256 = "4c0add552b1fc387c23a35c430155e01f2dfcf9daa0f96fbf805d0ace756729e"
[resources.sources.client]
url = "https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-1.5.4.war"
sha256 = "5728b563911bd64bce0a0b81c74ea8ccb2190d1785bff34030fc6885a8273d3e"
format = "zip"
extract = false
rename = "guacamole.war"
[resources.sources.auth-header]
url = "https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-header-1.5.4.tar.gz"
sha256 = "7a0adc0daa19ec69a0244f491222c62124b02f81f40aa91e9a94d06a2635d038"
[resources.sources.auth-ldap]
url = "https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-ldap-1.5.4.tar.gz"
sha256 = "f912fe921cd0d429a752709e31a37b931e95d88a47bc4007ab49377d1c1a6336"
[resources.sources.auth-jdbc]
url = "https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-jdbc-1.5.4.tar.gz"
sha256 = "f45736b28eb6647b7eb0d2b48331e12e5a432661f61115b63d1a05a5bd20244d"
[resources.sources.mariadb-java-client]
url = "https://downloads.mariadb.com/Connectors/java/connector-java-2.7.4/mariadb-java-client-2.7.4.jar"
sha256 = "f06577b19e89b33028b96cd4f031248e761de7ebc712f4ef535e268df76edb2a"
format = "whatever"
extract = false
rename = "mariadb-java-client.jar"
[resources.sources.tomcat9_deb]
url = "https://ftp.debian.org/debian/pool/main/t/tomcat9/tomcat9_9.0.43-2~deb11u9_all.deb"
sha256 = "e016d55fd13bb51906106ede43fd970001f9b23db89628ddcbcca11e10a6068f"
format = "whatever"
extract = false
rename = "tomcat9.deb"
[resources.ports]
main.default = 8080
guacd.default = 4822
[resources.system_user]
[resources.install_dir]
[resources.permissions]
main.url = "/"
[resources.apt]
packages = [
"mariadb-server",
"acl",
"build-essential",
"libcairo2",
"libjpeg62-turbo-dev",
"libpng-dev",
"libtool-bin",
"libossp-uuid-dev",
"libavcodec-dev",
"libavformat-dev",
"libavutil-dev",
"libswscale-dev",
"freerdp2-dev",
"libpango1.0-dev",
"libssh2-1-dev",
"libtelnet-dev",
"libvncserver-dev",
"libwebsockets-dev",
"libpulse-dev",
"libssl-dev",
"libvorbis-dev",
"libwebp-dev",
"tomcat9",
]
[resources.database]
type = "mysql"

View file

@ -4,53 +4,64 @@
# COMMON VARIABLES
#=================================================
# dependencies used by the app
pkg_dependencies="acl build-essential libcairo2 libjpeg62-turbo-dev libpng-dev libtool-bin libossp-uuid-dev libavcodec-dev libavformat-dev libavutil-dev libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev tomcat9"
guacamole_version="1.5.4"
#=================================================
# PERSONAL HELPERS
#=================================================
function setup_sources {
guacamole_version="1.5.4"
ynh_setup_source --source_id="server" --dest_dir="$install_dir/.guacd-src"
ynh_setup_source --source_id="server" --dest_dir="$final_path/.guacd-src"
tomcat_guac_dir="$path_url"
if [ "$path_url" == "/" -o -z "$path_url" ]; then
tomcat_guac_dir="$path"
if [ "$path" == "/" -o -z "$path" ]; then
tomcat_guac_dir="ROOT"
fi
ynh_setup_source --source_id="client" --dest_dir="$final_path/var/lib/tomcat9/webapps/$tomcat_guac_dir"
ynh_setup_source --source_id="auth-ldap" --dest_dir="$final_path/etc/guacamole/extensions/ldap"
mv "$final_path/etc/guacamole/extensions/ldap/guacamole-auth-ldap-$guacamole_version.jar" "$final_path/etc/guacamole/extensions/guacamole-auth-ldap.jar"
ynh_secure_remove --file="$final_path/etc/guacamole/extensions/ldap"
ynh_setup_source --source_id="auth-header" --dest_dir="$final_path/etc/guacamole/extensions/header"
mv "$final_path/etc/guacamole/extensions/header/guacamole-auth-header-$guacamole_version.jar" "$final_path/etc/guacamole/extensions/guacamole-auth-header.jar"
ynh_secure_remove --file="$final_path/etc/guacamole/extensions/header"
ynh_setup_source --source_id="auth-jdbc" --dest_dir="$final_path/etc/guacamole/extensions/jdbc"
mv "$final_path/etc/guacamole/extensions/jdbc/mysql/guacamole-auth-jdbc-mysql-$guacamole_version.jar" "$final_path/etc/guacamole/extensions/guacamole-auth-jdbc-mysql.jar"
mv "$final_path/etc/guacamole/extensions/jdbc/mysql/schema" "$final_path/etc/guacamole/extensions/mysql-schema"
ynh_secure_remove --file="$final_path/etc/guacamole/extensions/jdbc"
ynh_setup_source --source_id="mariadb-java-client" --dest_dir="$final_path/etc/guacamole/lib/"
ynh_setup_source --source_id="tomcat9_deb" --dest_dir="$final_path/"
pushd "$final_path" || ynh_die
ar x "$final_path/tomcat9.deb" "data.tar.xz"
ynh_setup_source --source_id="tomcat9_deb" --dest_dir="$install_dir/downloads/tomcat9"
pushd "$install_dir/downloads/tomcat9" || ynh_die
ar x "tomcat9.deb" "data.tar.xz"
tar xJf data.tar.xz
popd || ynh_die
mkdir -p "$install_dir/etc"
cp -r "$install_dir/downloads/tomcat9/usr/share/tomcat9/etc" -T "$install_dir/etc/tomcat9/"
cp -r "$install_dir/downloads/tomcat9/etc/tomcat9/" -T "$install_dir/etc/tomcat9/"
ynh_secure_remove --file="$final_path/tomcat9.deb"
mkdir -p "$final_path/tomcat9-data"
tar -C "$final_path/tomcat9-data" -xJf "$final_path/data.tar.xz"
cp -r "$final_path/tomcat9-data/usr/share/tomcat9/etc" -T "$final_path/etc/tomcat9/"
cp -r "$final_path/tomcat9-data/etc/tomcat9/" -T "$final_path/etc/tomcat9/"
ynh_secure_remove --file="$final_path/data.tar.xz"
ynh_secure_remove --file="$final_path/tomcat9-data"
ynh_setup_source --source_id="client" --dest_dir="$install_dir/downloads"
mkdir -p "$install_dir/var/lib/tomcat9/webapps"
mv "$install_dir/downloads/guacamole.war" "$install_dir/var/lib/tomcat9/webapps/$tomcat_guac_dir.war"
mkdir -p "$install_dir/etc/guacamole/extensions"
ynh_setup_source --source_id="auth-ldap" --dest_dir="$install_dir/downloads/auth-ldap"
mv "$install_dir/downloads/auth-ldap/guacamole-auth-ldap-$guacamole_version.jar" "$install_dir/etc/guacamole/extensions/guacamole-auth-ldap.jar"
ynh_setup_source --source_id="auth-header" --dest_dir="$install_dir/downloads/auth-header"
mv "$install_dir/downloads/auth-header/guacamole-auth-header-$guacamole_version.jar" "$install_dir/etc/guacamole/extensions/guacamole-auth-header.jar"
ynh_setup_source --source_id="auth-jdbc" --dest_dir="$install_dir/downloads/auth-jdbc"
mv "$install_dir/downloads/auth-jdbc/mysql/guacamole-auth-jdbc-mysql-$guacamole_version.jar" "$install_dir/etc/guacamole/extensions/guacamole-auth-jdbc-mysql.jar"
mv "$install_dir/downloads/auth-jdbc/mysql/schema" "$install_dir/etc/guacamole/extensions/mysql-schema"
ynh_setup_source --source_id="mariadb-java-client" --dest_dir="$install_dir/etc/guacamole/lib/"
ynh_secure_remove --file="$install_dir/downloads/"
}
function _set_permissions() {
# Set permissions to app files
chown -R "$app:$app" "$install_dir"
chmod -R g+rwX,o-rwx "$install_dir"
setfacl -n -R -m "user:$app-guacd:rx" -m "default:user:$app-guacd:rx" "$install_dir"
setfacl -n -R -m "user:$app-tomcat:rx" -m "default:user:$app-tomcat:rx" "$install_dir"
# chown -R nobody:$app-tomcat "$install_dir/etc/tomcat9/" "$install_dir/etc/guacamole/"
chown -R "$app-tomcat":"$app-tomcat" "$install_dir/var/lib/tomcat9/webapps"
setfacl -n -R -m "user:$app-guacd:-" -m "default:user:$app-guacd:-" \
"$install_dir/var/lib/tomcat9/" "$install_dir/etc/guacamole/" "$install_dir/etc/tomcat9/"
chown -R "$app-guacd:$app-guacd" "/var/log/$app/guacd/"
chown -R "$app-tomcat:$app-tomcat" "/var/log/$app/tomcat/"
}
#=================================================

View file

@ -10,27 +10,6 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@ -40,33 +19,19 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$final_path"
ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE NGINX CONFIGURATION
# BACKUP THE SYSTEM CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_backup --src_path="/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_backup --src_path="/etc/systemd/system/$app-guacd.service"
ynh_backup --src_path="/etc/systemd/system/$app-tomcat.service"

View file

@ -9,60 +9,6 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
#=================================================
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
@ -78,29 +24,7 @@ ynh_systemd_action --service_name="$app-tomcat" --action="stop" --log_path="/var
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the NGINX config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original NGINX config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for NGINX helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated NGINX config
ynh_add_nginx_config
fi
# Change the domain for NGINX
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
ynh_change_url_nginx_config
#=================================================
# SPECIFIC MODIFICATIONS
@ -120,7 +44,7 @@ if [ $change_path -eq 1 ]; then
new_path_tomcat="ROOT"
fi
mv "$final_path/var/lib/tomcat9/webapps/$old_path_tomcat" "$final_path/var/lib/tomcat9/webapps/$new_path_tomcat"
mv "$install_dir/var/lib/tomcat9/webapps/$old_path_tomcat" "$install_dir/var/lib/tomcat9/webapps/$new_path_tomcat"
fi
#=================================================
@ -133,13 +57,6 @@ ynh_script_progression --message="Starting systemd services..." --weight=1
ynh_systemd_action --service_name="$app-guacd" --action="start" --log_path="/var/log/$app/guacd.log"
ynh_systemd_action --service_name="$app-tomcat" --action="start" --log_path="/var/log/$app/tomcat.log"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================

View file

@ -9,64 +9,10 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding available ports..." --weight=1
# Find available ports
guacd_port=$(ynh_find_port --port=4822)
ynh_app_setting_set --app=$app --key=guacd_port --value=$guacd_port
port=$(ynh_find_port --port=8080)
ynh_app_setting_set --app=$app --key=port --value=$port
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=1
ynh_script_progression --message="Stopping system tomcat..." --weight=1
# Guacamole depends on Apache Tomcat.
# But installing Tomcat from the Debian repos automatically enables and starts it.
@ -83,12 +29,10 @@ if [ "$(systemctl cat tomcat9 --quiet)" ]; then
fi
fi
ynh_install_app_dependencies $pkg_dependencies
if [ ! $tomcat_enabled ]; then
if [ $tomcat_enabled ]; then
systemctl disable tomcat9 --quiet
fi
if [ ! $tomcat_active ]; then
if [ $tomcat_active ]; then
systemctl stop tomcat9 --quiet
fi
@ -98,162 +42,87 @@ fi
ynh_script_progression --message="Configuring system users..." --weight=1
# Create system users
ynh_system_user_create --username="$app-guacd"
ynh_system_user_create --username="$app-tomcat"
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_script_progression --message="Creating a MySQL database..." --weight=1
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
ynh_system_user_create --username="$app-guacd" --groups="$app"
ynh_system_user_create --username="$app-tomcat" --groups="$app"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCES
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
setup_sources
mkdir -p "/var/log/$app/tomcat/" "/var/log/$app/guacd/" "/var/log/$app/tomcat/"
mkdir -p "$install_dir/etc/"
ln -s -f "$install_dir/etc/tomcat9" "$install_dir/var/lib/tomcat9/conf"
ln -s -f "/var/log/$app/tomcat/" "$install_dir/var/lib/tomcat9/logs"
ln -s -f "/var/cache/$app-tomcat9" "$install_dir/var/lib/tomcat9/work"
#=================================================
# ADD CONFIGURATIONS
#=================================================
ynh_add_config --template="guacamole.properties" --destination="$install_dir/etc/guacamole/guacamole.properties"
ynh_replace_string --match_string="8080" --replace_string="$port" --target_file="$install_dir/etc/tomcat9/server.xml"
_set_permissions
#=================================================
# COMPILE GUACD
#=================================================
ynh_script_progression --message="Compiling guacd..." --weight=30
pushd "$install_dir/.guacd-src"
LDFLAGS="-lrt" ./configure --enable-allow-freerdp-snapshots --prefix="$install_dir" --datadir="$install_dir" --with-freerdp-plugin-dir="$install_dir/lib/x86_64-linux-gnu/freerdp2"
ynh_exec_warn_less make -j $(nproc)
ynh_exec_warn_less make install
popd
#=================================================
# FINISH SETTING UP DATABASE
#=================================================
ynh_script_progression --message="Setting up database files..." --weight=2
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database="$db_name" < "$final_path/etc/guacamole/extensions/mysql-schema/001-create-schema.sql"
ynh_replace_string --match_string="guacadmin" --replace_string="$admin" -f "$final_path/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
ynh_replace_string --match_string="CA458A7D494E3BE824F5E1E175A1556C0F8EEF2C2D7DF3633BEC4A29C4411960" --replace_string="$(hexdump -n 32 -e '4/4 "%08X"' /dev/urandom)" -f "$final_path/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
ynh_replace_string --match_string="FE24ADC5E11E2B25288D1704ABE67A79E342ECC26064CE69C5B3177795A82264" --replace_string="$(hexdump -n 32 -e '4/4 "%08X"' /dev/urandom)" -f "$final_path/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database="$db_name" < "$final_path/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
ynh_secure_remove --file="$final_path/etc/guacamole/extensions/mysql-schema"
ynh_replace_string --match_string="guacadmin" --replace_string="$admin" -f "$install_dir/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
ynh_replace_string --match_string="CA458A7D494E3BE824F5E1E175A1556C0F8EEF2C2D7DF3633BEC4A29C4411960" --replace_string="$(hexdump -n 32 -e '4/4 "%08X"' /dev/urandom)" -f "$install_dir/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
ynh_replace_string --match_string="FE24ADC5E11E2B25288D1704ABE67A79E342ECC26064CE69C5B3177795A82264" --replace_string="$(hexdump -n 32 -e '4/4 "%08X"' /dev/urandom)" -f "$install_dir/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < "$install_dir/etc/guacamole/extensions/mysql-schema/001-create-schema.sql"
ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < "$install_dir/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
ynh_secure_remove --file="$install_dir/etc/guacamole/extensions/mysql-schema"
#=================================================
# NGINX CONFIGURATION
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# COMPILE GUACD
#=================================================
ynh_script_progression --message="Compiling guacd..." --weight=30
pushd "$final_path/.guacd-src" || ynh_die
./configure --enable-allow-freerdp-snapshots --prefix="$final_path" --datadir="$final_path" --with-freerdp-plugin-dir="$final_path/lib/x86_64-linux-gnu/freerdp2"
ynh_exec_warn_less make
ynh_exec_warn_less make install
popd || ynh_die
#=================================================
# SETUP TOMCAT
#=================================================
mkdir -p "$final_path/etc/"
ln -s -f "$final_path/etc/tomcat9" "$final_path/var/lib/tomcat9/conf"
ln -s -f "/var/log/$app/tomcat/" "$final_path/var/lib/tomcat9/logs"
ln -s -f "/var/cache/$app-tomcat9" "$final_path/var/lib/tomcat9/work"
#=================================================
# CREATE LOG DIRS
#=================================================
mkdir -p "/var/log/$app/tomcat/" "/var/log/$app/guacd/" "/var/log/$app/tomcat/"
#=================================================
# ADD CONFIGURATIONS
#=================================================
ynh_add_config --template="guacamole.properties" --destination="$final_path/etc/guacamole/guacamole.properties"
ynh_replace_string --match_string="8080" --replace_string="$port" --target_file="$final_path/etc/tomcat9/server.xml"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring systemd services..." --weight=1
# Create dedicated systemd configs
ynh_add_systemd_config --service="$app-guacd" --template="guacd.service"
yunohost service add "$app-guacd" --description="Guacamole server" --log="/var/log/$app/guacd.log"
ynh_add_systemd_config --service="$app-tomcat" --template="tomcat.service"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files
chown -R nobody $final_path
chmod -R o-rwx $final_path
setfacl -n -R -m user:$app-guacd:rx -m default:user:$app-guacd:rx $final_path
setfacl -n -R -m user:$app-tomcat:rx -m default:user:$app-tomcat:rx $final_path
chown -R $app-guacd:$app-guacd "/var/log/$app/guacd/"
chown -R $app-tomcat:$app-tomcat "/var/log/$app/tomcat/"
chown -R nobody:$app-tomcat "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
setfacl -n -R -m user:$app-guacd:- -m default:user:$app-guacd:- "$final_path/var/lib/tomcat9/" "$final_path/etc/guacamole/" "$final_path/etc/tomcat9/"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
yunohost service add "$app-tomcat" --description="Guacamole client" --log="/var/log/$app/tomcat.log"
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile="/var/log/$app/tomcat/catalina.out" --specific_user="$app-tomcat/$app-tomcat"
#=================================================
# INTEGRATE SERVICES IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating services in YunoHost..." --weight=1
yunohost service add "$app-guacd" --description="Guacamole server" --log="/var/log/$app/guacd.log"
yunohost service add "$app-tomcat" --description="Guacamole client" --log="/var/log/$app/tomcat.log"
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/syslog" --failregex='o.a.g.r.auth.AuthenticationService - Authentication attempt from <HOST> for user "[^"]*" failed\.$'
#=================================================
# START SYSTEMD SERVICES
#=================================================
ynh_script_progression --message="Starting systemd services..." --weight=1
ynh_script_progression --message="Starting $app's systemd services..." --weight=1
# Start systemd services
ynh_systemd_action --service_name="$app-guacd" --action="start" --log_path="/var/log/$app/guacd.log"
ynh_systemd_action --service_name="$app-tomcat" --action="start" --log_path="/var/log/$app/tomcat.log"
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/syslog" --failregex='o.a.g.r.auth.AuthenticationService - Authentication attempt from <HOST> for user "[^"]*" failed\.$'
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================

View file

@ -10,26 +10,9 @@ source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#=================================================
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
ynh_script_progression --message="Removing $app service integration..." --weight=1
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
if ynh_exec_warn_less yunohost service status $app-guacd >/dev/null; then
yunohost service remove "$app-guacd"
@ -38,65 +21,19 @@ if ynh_exec_warn_less yunohost service status $app-tomcat >/dev/null; then
yunohost service remove "$app-tomcat"
fi
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
# Remove the dedicated systemd config
ynh_remove_systemd_config --service="$app-guacd"
ynh_remove_systemd_config --service="$app-tomcat"
#=================================================
# REMOVE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Removing the MySQL database..." --weight=1
# Remove a database if it exists, along with the associated user
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..." --weight=1
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..." --weight=1
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE VARIOUS FILES
#=================================================
@ -115,7 +52,6 @@ ynh_script_progression --message="Removing the dedicated system users..." --weig
ynh_system_user_delete --username="$app-guacd"
ynh_system_user_delete --username="$app-tomcat"
#=================================================
# END OF SCRIPT
#=================================================

View file

@ -11,76 +11,9 @@ source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
# STOP TOMCAT
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=1
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create the dedicated user (if not existing)
ynh_system_user_create --username="$app-guacd"
ynh_system_user_create --username="$app-tomcat"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_restore_file --origin_path="$final_path"
#=================================================
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
ynh_script_progression --message="Stopping system tomcat..." --weight=1
tomcat_enabled=""
tomcat_active=""
@ -93,9 +26,6 @@ if [ "$(systemctl cat tomcat9 --quiet)" ]; then
fi
fi
# Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies
if [ ! $tomcat_enabled ]; then
systemctl disable tomcat9 --quiet
fi
@ -104,25 +34,27 @@ if [ ! $tomcat_active ]; then
fi
#=================================================
# RESTORE USER RIGHTS
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
# Restore permissions on app files
chown -R nobody $final_path
chmod -R o-rwx $final_path
setfacl -n -R -m user:$app-guacd:rx -m default:user:$app-guacd:rx $final_path
setfacl -n -R -m user:$app-tomcat:rx -m default:user:$app-tomcat:rx $final_path
chown -R nobody:$app-tomcat "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
setfacl -n -R -m user:$app-guacd:- -m default:user:$app-guacd:- "$final_path/var/lib/tomcat9/" "$final_path/etc/guacamole/" "$final_path/etc/tomcat9/"
ynh_restore_file --origin_path="$install_dir"
chown -R "$app:www-data" "$install_dir"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create the dedicated user (if not existing)
ynh_system_user_create --username="$app-guacd"
ynh_system_user_create --username="$app-tomcat"
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=1
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
#=================================================
@ -131,48 +63,37 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./
ynh_script_progression --message="Restoring various files..."
ynh_restore_file --origin_path="/var/log/$app"
chown -R $app-guacd:$app-guacd "/var/log/$app/guacd/"
chown -R $app-tomcat:$app-tomcat "/var/log/$app/tomcat/"
_set_permissions
#=================================================
# RESTORE SYSTEMD
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
ynh_restore_file --origin_path="/etc/systemd/system/$app-guacd.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-tomcat.service"
systemctl enable "$app-guacd.service" --quiet
systemctl enable "$app-tomcat.service" --quiet
#=================================================
# INTEGRATE SERVICES IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating services in YunoHost..." --weight=1
yunohost service add "$app-guacd" --description="Guacamole server" --log="/var/log/$app/guacd.log"
ynh_restore_file --origin_path="/etc/systemd/system/$app-tomcat.service"
systemctl enable "$app-tomcat.service" --quiet
yunohost service add "$app-tomcat" --description="Guacamole client" --log="/var/log/$app/tomcat.log"
#=================================================
# START SYSTEMD SERVICES
#=================================================
ynh_script_progression --message="Starting systemd services..." --weight=1
ynh_systemd_action --service_name="$app-guacd" --action="start" --log_path="/var/log/$app/guacd.log"
ynh_systemd_action --service_name="$app-tomcat" --action="start" --log_path="/var/log/$app/tomcat.log"
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..."
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# GENERIC FINALIZATION
# START SYSTEMD SERVICES
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_script_progression --message="Starting NGINX and $app's systemd services..." --weight=1
ynh_systemd_action --service_name="$app-guacd" --action="start" --log_path="/var/log/$app/guacd.log"
ynh_systemd_action --service_name="$app-tomcat" --action="start" --log_path="/var/log/$app/tomcat.log"
ynh_systemd_action --service_name=nginx --action=reload

View file

@ -9,44 +9,12 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
guacd_port=$(ynh_app_setting_get --app=$app --key=guacd_port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
@ -60,7 +28,7 @@ ynh_systemd_action --service_name="$app-tomcat" --action="stop" --log_path="/var
#=================================================
# CREATE DEDICATED USERS
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
# Create dedicated users (if not existing)
ynh_system_user_create --username="$app-guacd"
@ -106,8 +74,6 @@ if [ "$(systemctl cat tomcat9 --quiet)" ]; then
fi
fi
ynh_install_app_dependencies $pkg_dependencies
if [ ! $tomcat_enabled ]; then
systemctl disable tomcat9 --quiet
fi
@ -122,33 +88,34 @@ fi
#=================================================
ynh_script_progression --message="Compiling guacd..." --weight=30
pushd "$final_path/.guacd-src" || ynh_die
./configure --enable-allow-freerdp-snapshots --prefix="$final_path" --datadir="$final_path" --with-freerdp-plugin-dir="$final_path/lib/x86_64-linux-gnu/freerdp2"
ynh_exec_warn_less make
ynh_exec_warn_less make install
popd || ynh_die
pushd "$install_dir/.guacd-src"
LDFLAGS="-lrt" ./configure --enable-allow-freerdp-snapshots --prefix="$install_dir" --datadir="$install_dir" --with-freerdp-plugin-dir="$install_dir/lib/x86_64-linux-gnu/freerdp2"
ynh_exec_warn_less env LDFLAGS="-lrt" make
ynh_exec_warn_less env LDFLAGS="-lrt" make install
popd
#=================================================
# SETUP TOMCAT
#=================================================
mkdir -p "$final_path/etc/"
ln -s -f "$final_path/etc/tomcat9" "$final_path/var/lib/tomcat9/conf"
ln -s -f "/var/log/$app/tomcat/" "$final_path/var/lib/tomcat9/logs"
ln -s -f "/var/cache/$app-tomcat9" "$final_path/var/lib/tomcat9/work"
mkdir -p "$install_dir/etc/"
ln -s -f "$install_dir/etc/tomcat9" "$install_dir/var/lib/tomcat9/conf"
ln -s -f "/var/log/$app/tomcat/" "$install_dir/var/lib/tomcat9/logs"
ln -s -f "/var/cache/$app-tomcat9" "$install_dir/var/lib/tomcat9/work"
#=================================================
# CREATE LOG DIRS
#=================================================
mkdir -p "/var/log/$app/tomcat/" "/var/log/$app/guacd/" "/var/log/$app/tomcat/"
#=================================================
# UPDATE CONFIG FILES
#=================================================
ynh_add_config --template="guacamole.properties" --destination="$final_path/etc/guacamole/guacamole.properties"
ynh_add_config --template="guacamole.properties" --destination="$install_dir/etc/guacamole/guacamole.properties"
ynh_replace_string --match_string="8080" --replace_string="$port" --target_file="$final_path/etc/tomcat9/server.xml"
ynh_replace_string --match_string="8080" --replace_string="$port" --target_file="$install_dir/etc/tomcat9/server.xml"
#=================================================
# SETUP SYSTEMD
@ -165,16 +132,7 @@ ynh_add_systemd_config --service="$app-tomcat" --template="tomcat.service"
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions on app files
chown -R nobody $final_path
chmod -R o-rwx $final_path
setfacl -n -R -m user:$app-guacd:rx -m default:user:$app-guacd:rx $final_path
setfacl -n -R -m user:$app-tomcat:rx -m default:user:$app-tomcat:rx $final_path
chown -R $app-guacd:$app-guacd "/var/log/$app/guacd/"
chown -R $app-tomcat:$app-tomcat "/var/log/$app/tomcat/"
chown -R nobody:$app-tomcat "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
setfacl -n -R -m user:$app-guacd:- -m default:user:$app-guacd:- "$final_path/var/lib/tomcat9/" "$final_path/etc/guacamole/" "$final_path/etc/tomcat9/"
_set_permissions
#=================================================
# SETUP LOGROTATE
@ -208,13 +166,6 @@ ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/syslog" --failregex='o.a.g.r.auth.AuthenticationService - Authentication attempt from <HOST> for user "[^"]*" failed\.$'
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================

9
tests.toml Normal file
View file

@ -0,0 +1,9 @@
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json
test_format = 1.0
[default]
# ------------
# Tests to run
# ------------