mirror of
https://github.com/YunoHost-Apps/guacamole_ynh.git
synced 2024-09-03 19:16:03 +02:00
commit
03d2fa68ba
26 changed files with 300 additions and 739 deletions
14
README.md
14
README.md
|
@ -1,5 +1,5 @@
|
|||
<!--
|
||||
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
|
||||
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/readme_generator
|
||||
It shall NOT be edited by hand.
|
||||
-->
|
||||
|
||||
|
@ -16,7 +16,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
|
|||
|
||||
## Overview
|
||||
|
||||
Clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH
|
||||
Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH
|
||||
|
||||
**Shipped version:** 1.5.4~ynh1
|
||||
|
||||
|
@ -24,17 +24,11 @@ Clientless remote desktop gateway. It supports standard protocols like VNC, RDP,
|
|||
|
||||
![Screenshot of Guacamole](./doc/screenshots/screenshot1.jpg)
|
||||
|
||||
## Disclaimers / important information
|
||||
|
||||
## Configuration
|
||||
|
||||
The user that is configured as admin during install will have access to admin settings in the settings menu of the app (under the user menu). Configuration files are in `/opt/yunohost/guacamole/etc/guacamole` (for the first install).
|
||||
|
||||
## Documentation and resources
|
||||
|
||||
* Official app website: <https://guacamole.apache.org/>
|
||||
* Official admin documentation: <https://guacamole.apache.org/doc/gug/>
|
||||
* Upstream app code repository: <https://github.com/search?utf8=%E2%9C%93&q=repo%3Aapache%2Fguacamole-server+repo%3Aapache%2Fguacamole-client+repo%3Aapache%2Fguacamole-website&type=Repositories&ref=searchresults>
|
||||
* Upstream app code repository: <https://github.com/apache/guacamole-server>
|
||||
* YunoHost Store: <https://apps.yunohost.org/app/guacamole>
|
||||
* Report a bug: <https://github.com/YunoHost-Apps/guacamole_ynh/issues>
|
||||
|
||||
|
@ -50,4 +44,4 @@ or
|
|||
sudo yunohost app upgrade guacamole -u https://github.com/YunoHost-Apps/guacamole_ynh/tree/testing --debug
|
||||
```
|
||||
|
||||
**More info regarding app packaging:** <https://yunohost.org/packaging_apps>
|
||||
**More info regarding app packaging:** <https://yunohost.org/packaging_apps>
|
12
README_fr.md
12
README_fr.md
|
@ -1,5 +1,5 @@
|
|||
<!--
|
||||
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
|
||||
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/readme_generator
|
||||
It shall NOT be edited by hand.
|
||||
-->
|
||||
|
||||
|
@ -16,7 +16,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po
|
|||
|
||||
## Vue d’ensemble
|
||||
|
||||
Service de bureau à distance sans client. Fonctionne avec des protocoles standard comme VNC, RDP, et SSH
|
||||
Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH
|
||||
|
||||
**Version incluse :** 1.5.4~ynh1
|
||||
|
||||
|
@ -24,17 +24,11 @@ Service de bureau à distance sans client. Fonctionne avec des protocoles standa
|
|||
|
||||
![Capture d’écran de Guacamole](./doc/screenshots/screenshot1.jpg)
|
||||
|
||||
## Avertissements / informations importantes
|
||||
|
||||
## Configuration
|
||||
|
||||
L'utilisateur choisi comme admin durant le processus d'installation aura accès au paramétres d'administration dans le menu de configuration de l'application (sous le menu utilisateur). Le fichiers de configuration sont dans `/opt/yunohost/guacamole/etc/guacamole` (pour la première installation).
|
||||
|
||||
## Documentations et ressources
|
||||
|
||||
* Site officiel de l’app : <https://guacamole.apache.org/>
|
||||
* Documentation officielle de l’admin : <https://guacamole.apache.org/doc/gug/>
|
||||
* Dépôt de code officiel de l’app : <https://github.com/search?utf8=%E2%9C%93&q=repo%3Aapache%2Fguacamole-server+repo%3Aapache%2Fguacamole-client+repo%3Aapache%2Fguacamole-website&type=Repositories&ref=searchresults>
|
||||
* Dépôt de code officiel de l’app : <https://github.com/apache/guacamole-server>
|
||||
* YunoHost Store: <https://apps.yunohost.org/app/guacamole>
|
||||
* Signaler un bug : <https://github.com/YunoHost-Apps/guacamole_ynh/issues>
|
||||
|
||||
|
|
|
@ -1,25 +0,0 @@
|
|||
;; Test complet
|
||||
; Manifest
|
||||
domain="domain.tld"
|
||||
path="/path"
|
||||
admin="john"
|
||||
is_public=0
|
||||
; Checks
|
||||
pkg_linter=1
|
||||
setup_sub_dir=1
|
||||
setup_root=1
|
||||
setup_nourl=0
|
||||
setup_private=1
|
||||
setup_public=1
|
||||
upgrade=1
|
||||
backup_restore=1
|
||||
multi_instance=1
|
||||
port_already_use=0
|
||||
change_url=1
|
||||
;;; Options
|
||||
Email=
|
||||
Notification=none
|
||||
;;; Upgrade options
|
||||
; commit=CommitHash
|
||||
name=Name and date of the commit.
|
||||
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1&
|
|
@ -1,7 +0,0 @@
|
|||
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-header-1.5.4.tar.gz
|
||||
SOURCE_SUM=7a0adc0daa19ec69a0244f491222c62124b02f81f40aa91e9a94d06a2635d038
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=guacamole-auth-header.tar.gz
|
||||
SOURCE_EXTRACT=true
|
|
@ -1,7 +0,0 @@
|
|||
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-jdbc-1.5.4.tar.gz
|
||||
SOURCE_SUM=f45736b28eb6647b7eb0d2b48331e12e5a432661f61115b63d1a05a5bd20244d
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=guacamole-auth-jdbc.tar.gz
|
||||
SOURCE_EXTRACT=true
|
|
@ -1,7 +0,0 @@
|
|||
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-ldap-1.5.4.tar.gz
|
||||
SOURCE_SUM=f912fe921cd0d429a752709e31a37b931e95d88a47bc4007ab49377d1c1a6336
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=guacamole-auth-ldap.tar.gz
|
||||
SOURCE_EXTRACT=true
|
|
@ -1,7 +0,0 @@
|
|||
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-1.5.4.war
|
||||
SOURCE_SUM=5728b563911bd64bce0a0b81c74ea8ccb2190d1785bff34030fc6885a8273d3e
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=zip
|
||||
SOURCE_IN_SUBDIR=false
|
||||
SOURCE_FILENAME=guacamole.war
|
||||
SOURCE_EXTRACT=true
|
|
@ -1,4 +1,4 @@
|
|||
guacd-port: __GUACD_PORT__
|
||||
guacd-port: __PORT_GUACD__
|
||||
|
||||
ldap-user-base-dn: ou=users,dc=yunohost,dc=org
|
||||
ldap-group-base-dn: ou=groups,dc=yunohost,dc=org
|
||||
|
|
|
@ -6,10 +6,10 @@ After=network.target
|
|||
Type=simple
|
||||
User=__APP__-guacd
|
||||
Group=__APP__-guacd
|
||||
ExecStart=__FINALPATH__/sbin/guacd -f -l __GUACD_PORT__ >> /var/log/__APP__/guacd.log 2>&1
|
||||
ExecStart=__INSTALL_DIR__/sbin/guacd -f -l __PORT_GUACD__ >> /var/log/__APP__/guacd.log 2>&1
|
||||
Restart=on-abnormal
|
||||
Environment="LD_LIBRARY_PATH=__FINALPATH__/lib:__FINALPATH__/usr/lib"
|
||||
Environment="GUACAMOLE_HOME=__FINALPATH__/etc/guacamole"
|
||||
Environment="LD_LIBRARY_PATH=__INSTALL_DIR__/lib:__INSTALL_DIR__/usr/lib"
|
||||
Environment="GUACAMOLE_HOME=__INSTALL_DIR__/etc/guacamole"
|
||||
|
||||
# Sandboxing options to harden security
|
||||
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
SOURCE_URL=https://downloads.mariadb.com/Connectors/java/connector-java-2.7.4/mariadb-java-client-2.7.4.jar
|
||||
SOURCE_SUM=f06577b19e89b33028b96cd4f031248e761de7ebc712f4ef535e268df76edb2a
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=mariadb-java-client.jar
|
||||
SOURCE_EXTRACT=false
|
|
@ -1,7 +0,0 @@
|
|||
SOURCE_URL=https://downloads.apache.org/guacamole/1.5.4/source/guacamole-server-1.5.4.tar.gz
|
||||
SOURCE_SUM=4c0add552b1fc387c23a35c430155e01f2dfcf9daa0f96fbf805d0ace756729e
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=guacamole-server.tar.gz
|
||||
SOURCE_EXTRACT=true
|
|
@ -1,16 +1,16 @@
|
|||
[Unit]
|
||||
Description=Apache Tomcat 9 Web Application Server
|
||||
After=network.target
|
||||
RequiresMountsFor=/var/log/__APP__/tomcat __FINALPATH__/var/lib/tomcat9
|
||||
RequiresMountsFor=/var/log/__APP__/tomcat __INSTALL_DIR__/var/lib/tomcat9
|
||||
|
||||
[Service]
|
||||
|
||||
# Configuration
|
||||
Environment="CATALINA_HOME=/usr/share/tomcat9"
|
||||
Environment="CATALINA_BASE=__FINALPATH__/var/lib/tomcat9"
|
||||
Environment="CATALINA_BASE=__INSTALL_DIR__/var/lib/tomcat9"
|
||||
Environment="CATALINA_TMPDIR=/tmp"
|
||||
Environment="JAVA_OPTS=-Djava.awt.headless=true"
|
||||
Environment="GUACAMOLE_HOME=__FINALPATH__/etc/guacamole"
|
||||
Environment="GUACAMOLE_HOME=__INSTALL_DIR__/etc/guacamole"
|
||||
|
||||
|
||||
# Lifecycle
|
||||
|
@ -32,8 +32,8 @@ NoNewPrivileges=true
|
|||
CacheDirectory=__APP__-tomcat9
|
||||
CacheDirectoryMode=750
|
||||
ProtectSystem=strict
|
||||
ReadWritePaths=__FINALPATH__/etc/tomcat9/Catalina/
|
||||
ReadWritePaths=__FINALPATH__/var/lib/tomcat9/webapps/
|
||||
ReadWritePaths=__INSTALL_DIR__/etc/tomcat9/Catalina/
|
||||
ReadWritePaths=__INSTALL_DIR__/var/lib/tomcat9/webapps/
|
||||
ReadWritePaths=/var/log/__APP__/tomcat/
|
||||
|
||||
[Install]
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
SOURCE_URL=https://ftp.debian.org/debian/pool/main/t/tomcat9/tomcat9_9.0.70-1_all.deb
|
||||
SOURCE_SUM=c062cd3ff27a566fdc6fed7dd2602c4e4ffe2216c8a19822bcaf03bd739e39b5
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=ar
|
||||
SOURCE_IN_SUBDIR=false
|
||||
SOURCE_FILENAME=tomcat9.deb
|
||||
SOURCE_EXTRACT=false
|
|
@ -1,3 +1 @@
|
|||
## Configuration
|
||||
|
||||
The user that is configured as admin during install will have access to admin settings in the settings menu of the app (under the user menu). Configuration files are in `/opt/yunohost/guacamole/etc/guacamole` (for the first install).
|
|
@ -1,3 +1 @@
|
|||
## Configuration
|
||||
|
||||
L'utilisateur choisi comme admin durant le processus d'installation aura accès au paramétres d'administration dans le menu de configuration de l'application (sous le menu utilisateur). Le fichiers de configuration sont dans `/opt/yunohost/guacamole/etc/guacamole` (pour la première installation).
|
1
doc/DESCRIPTION.md
Normal file
1
doc/DESCRIPTION.md
Normal file
|
@ -0,0 +1 @@
|
|||
Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH
|
|
@ -1,57 +0,0 @@
|
|||
{
|
||||
"name": "Guacamole",
|
||||
"id": "guacamole",
|
||||
"packaging_format": 1,
|
||||
"description": {
|
||||
"en": "Clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH",
|
||||
"fr": "Service de bureau à distance sans client. Fonctionne avec des protocoles standard comme VNC, RDP, et SSH"
|
||||
},
|
||||
"version": "1.5.4~ynh1",
|
||||
"url": "https://guacamole.apache.org/",
|
||||
"upstream": {
|
||||
"license": "Apache-2.0",
|
||||
"website": "https://guacamole.apache.org/",
|
||||
"admindoc": "https://guacamole.apache.org/doc/gug/",
|
||||
"code": "https://github.com/search?utf8=%E2%9C%93&q=repo%3Aapache%2Fguacamole-server+repo%3Aapache%2Fguacamole-client+repo%3Aapache%2Fguacamole-website&type=Repositories&ref=searchresults"
|
||||
},
|
||||
"license": "Apache-2.0",
|
||||
"maintainer": {
|
||||
"name": "Jules Bertholet",
|
||||
"email": "jules.bertholet@gmail.com"
|
||||
},
|
||||
"requirements": {
|
||||
"yunohost": ">= 11.2"
|
||||
},
|
||||
"multi_instance": true,
|
||||
"services": [
|
||||
"nginx",
|
||||
"mysql"
|
||||
],
|
||||
"arguments": {
|
||||
"install" : [
|
||||
{
|
||||
"name": "domain",
|
||||
"type": "domain"
|
||||
},
|
||||
{
|
||||
"name": "path",
|
||||
"type": "path",
|
||||
"example": "/guacamole",
|
||||
"default": "/guacamole"
|
||||
},
|
||||
{
|
||||
"name": "admin",
|
||||
"type": "user"
|
||||
},
|
||||
{
|
||||
"name": "is_public",
|
||||
"type": "boolean",
|
||||
"default": false,
|
||||
"help": {
|
||||
"en": "Not recommended",
|
||||
"fr": "Pas reccomandé"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
128
manifest.toml
Normal file
128
manifest.toml
Normal file
|
@ -0,0 +1,128 @@
|
|||
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json
|
||||
|
||||
packaging_format = 2
|
||||
|
||||
id = "guacamole"
|
||||
name = "Guacamole"
|
||||
description.en = "Clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH"
|
||||
description.fr = "Service de bureau à distance sans client. Fonctionne avec des protocoles standard comme VNC, RDP, et SSH"
|
||||
|
||||
version = "1.5.4~ynh1"
|
||||
|
||||
maintainers = ["Jules Bertholet"]
|
||||
|
||||
[upstream]
|
||||
license = "Apache-2.0"
|
||||
website = "https://guacamole.apache.org/"
|
||||
admindoc = "https://guacamole.apache.org/doc/gug/"
|
||||
code = "https://github.com/apache/guacamole-server"
|
||||
|
||||
[integration]
|
||||
yunohost = ">= 11.2"
|
||||
architectures = "all"
|
||||
multi_instance = true
|
||||
|
||||
ldap = true
|
||||
|
||||
sso = false
|
||||
|
||||
disk = "50M"
|
||||
ram.build = "50M"
|
||||
ram.runtime = "50M"
|
||||
|
||||
[install]
|
||||
[install.domain]
|
||||
type = "domain"
|
||||
|
||||
[install.path]
|
||||
type = "path"
|
||||
default = "/guacamole"
|
||||
|
||||
[install.admin]
|
||||
type = "user"
|
||||
|
||||
[install.init_main_permission]
|
||||
help.en = "Not recommended"
|
||||
help.fr = "Pas reccomandé"
|
||||
type = "group"
|
||||
default = "all_users"
|
||||
|
||||
[resources]
|
||||
[resources.sources]
|
||||
[resources.sources.server]
|
||||
url = "https://downloads.apache.org/guacamole/1.5.4/source/guacamole-server-1.5.4.tar.gz"
|
||||
sha256 = "4c0add552b1fc387c23a35c430155e01f2dfcf9daa0f96fbf805d0ace756729e"
|
||||
|
||||
[resources.sources.client]
|
||||
url = "https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-1.5.4.war"
|
||||
sha256 = "5728b563911bd64bce0a0b81c74ea8ccb2190d1785bff34030fc6885a8273d3e"
|
||||
format = "zip"
|
||||
extract = false
|
||||
rename = "guacamole.war"
|
||||
|
||||
[resources.sources.auth-header]
|
||||
url = "https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-header-1.5.4.tar.gz"
|
||||
sha256 = "7a0adc0daa19ec69a0244f491222c62124b02f81f40aa91e9a94d06a2635d038"
|
||||
|
||||
[resources.sources.auth-ldap]
|
||||
url = "https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-ldap-1.5.4.tar.gz"
|
||||
sha256 = "f912fe921cd0d429a752709e31a37b931e95d88a47bc4007ab49377d1c1a6336"
|
||||
|
||||
[resources.sources.auth-jdbc]
|
||||
url = "https://downloads.apache.org/guacamole/1.5.4/binary/guacamole-auth-jdbc-1.5.4.tar.gz"
|
||||
sha256 = "f45736b28eb6647b7eb0d2b48331e12e5a432661f61115b63d1a05a5bd20244d"
|
||||
|
||||
[resources.sources.mariadb-java-client]
|
||||
url = "https://downloads.mariadb.com/Connectors/java/connector-java-2.7.4/mariadb-java-client-2.7.4.jar"
|
||||
sha256 = "f06577b19e89b33028b96cd4f031248e761de7ebc712f4ef535e268df76edb2a"
|
||||
format = "whatever"
|
||||
extract = false
|
||||
rename = "mariadb-java-client.jar"
|
||||
|
||||
[resources.sources.tomcat9_deb]
|
||||
url = "https://ftp.debian.org/debian/pool/main/t/tomcat9/tomcat9_9.0.43-2~deb11u9_all.deb"
|
||||
sha256 = "e016d55fd13bb51906106ede43fd970001f9b23db89628ddcbcca11e10a6068f"
|
||||
format = "whatever"
|
||||
extract = false
|
||||
rename = "tomcat9.deb"
|
||||
|
||||
[resources.ports]
|
||||
main.default = 8080
|
||||
guacd.default = 4822
|
||||
|
||||
[resources.system_user]
|
||||
|
||||
[resources.install_dir]
|
||||
|
||||
[resources.permissions]
|
||||
main.url = "/"
|
||||
|
||||
[resources.apt]
|
||||
packages = [
|
||||
"mariadb-server",
|
||||
"acl",
|
||||
"build-essential",
|
||||
"libcairo2",
|
||||
"libjpeg62-turbo-dev",
|
||||
"libpng-dev",
|
||||
"libtool-bin",
|
||||
"libossp-uuid-dev",
|
||||
"libavcodec-dev",
|
||||
"libavformat-dev",
|
||||
"libavutil-dev",
|
||||
"libswscale-dev",
|
||||
"freerdp2-dev",
|
||||
"libpango1.0-dev",
|
||||
"libssh2-1-dev",
|
||||
"libtelnet-dev",
|
||||
"libvncserver-dev",
|
||||
"libwebsockets-dev",
|
||||
"libpulse-dev",
|
||||
"libssl-dev",
|
||||
"libvorbis-dev",
|
||||
"libwebp-dev",
|
||||
"tomcat9",
|
||||
]
|
||||
|
||||
[resources.database]
|
||||
type = "mysql"
|
|
@ -4,53 +4,64 @@
|
|||
# COMMON VARIABLES
|
||||
#=================================================
|
||||
|
||||
# dependencies used by the app
|
||||
pkg_dependencies="acl build-essential libcairo2 libjpeg62-turbo-dev libpng-dev libtool-bin libossp-uuid-dev libavcodec-dev libavformat-dev libavutil-dev libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev tomcat9"
|
||||
guacamole_version="1.5.4"
|
||||
|
||||
#=================================================
|
||||
# PERSONAL HELPERS
|
||||
#=================================================
|
||||
|
||||
function setup_sources {
|
||||
guacamole_version="1.5.4"
|
||||
ynh_setup_source --source_id="server" --dest_dir="$install_dir/.guacd-src"
|
||||
|
||||
ynh_setup_source --source_id="server" --dest_dir="$final_path/.guacd-src"
|
||||
|
||||
tomcat_guac_dir="$path_url"
|
||||
if [ "$path_url" == "/" -o -z "$path_url" ]; then
|
||||
tomcat_guac_dir="$path"
|
||||
if [ "$path" == "/" -o -z "$path" ]; then
|
||||
tomcat_guac_dir="ROOT"
|
||||
fi
|
||||
|
||||
ynh_setup_source --source_id="client" --dest_dir="$final_path/var/lib/tomcat9/webapps/$tomcat_guac_dir"
|
||||
|
||||
ynh_setup_source --source_id="auth-ldap" --dest_dir="$final_path/etc/guacamole/extensions/ldap"
|
||||
mv "$final_path/etc/guacamole/extensions/ldap/guacamole-auth-ldap-$guacamole_version.jar" "$final_path/etc/guacamole/extensions/guacamole-auth-ldap.jar"
|
||||
ynh_secure_remove --file="$final_path/etc/guacamole/extensions/ldap"
|
||||
|
||||
ynh_setup_source --source_id="auth-header" --dest_dir="$final_path/etc/guacamole/extensions/header"
|
||||
mv "$final_path/etc/guacamole/extensions/header/guacamole-auth-header-$guacamole_version.jar" "$final_path/etc/guacamole/extensions/guacamole-auth-header.jar"
|
||||
ynh_secure_remove --file="$final_path/etc/guacamole/extensions/header"
|
||||
|
||||
ynh_setup_source --source_id="auth-jdbc" --dest_dir="$final_path/etc/guacamole/extensions/jdbc"
|
||||
mv "$final_path/etc/guacamole/extensions/jdbc/mysql/guacamole-auth-jdbc-mysql-$guacamole_version.jar" "$final_path/etc/guacamole/extensions/guacamole-auth-jdbc-mysql.jar"
|
||||
mv "$final_path/etc/guacamole/extensions/jdbc/mysql/schema" "$final_path/etc/guacamole/extensions/mysql-schema"
|
||||
ynh_secure_remove --file="$final_path/etc/guacamole/extensions/jdbc"
|
||||
|
||||
ynh_setup_source --source_id="mariadb-java-client" --dest_dir="$final_path/etc/guacamole/lib/"
|
||||
|
||||
ynh_setup_source --source_id="tomcat9_deb" --dest_dir="$final_path/"
|
||||
|
||||
pushd "$final_path" || ynh_die
|
||||
ar x "$final_path/tomcat9.deb" "data.tar.xz"
|
||||
ynh_setup_source --source_id="tomcat9_deb" --dest_dir="$install_dir/downloads/tomcat9"
|
||||
pushd "$install_dir/downloads/tomcat9" || ynh_die
|
||||
ar x "tomcat9.deb" "data.tar.xz"
|
||||
tar xJf data.tar.xz
|
||||
popd || ynh_die
|
||||
mkdir -p "$install_dir/etc"
|
||||
cp -r "$install_dir/downloads/tomcat9/usr/share/tomcat9/etc" -T "$install_dir/etc/tomcat9/"
|
||||
cp -r "$install_dir/downloads/tomcat9/etc/tomcat9/" -T "$install_dir/etc/tomcat9/"
|
||||
|
||||
ynh_secure_remove --file="$final_path/tomcat9.deb"
|
||||
mkdir -p "$final_path/tomcat9-data"
|
||||
tar -C "$final_path/tomcat9-data" -xJf "$final_path/data.tar.xz"
|
||||
cp -r "$final_path/tomcat9-data/usr/share/tomcat9/etc" -T "$final_path/etc/tomcat9/"
|
||||
cp -r "$final_path/tomcat9-data/etc/tomcat9/" -T "$final_path/etc/tomcat9/"
|
||||
ynh_secure_remove --file="$final_path/data.tar.xz"
|
||||
ynh_secure_remove --file="$final_path/tomcat9-data"
|
||||
ynh_setup_source --source_id="client" --dest_dir="$install_dir/downloads"
|
||||
mkdir -p "$install_dir/var/lib/tomcat9/webapps"
|
||||
mv "$install_dir/downloads/guacamole.war" "$install_dir/var/lib/tomcat9/webapps/$tomcat_guac_dir.war"
|
||||
|
||||
mkdir -p "$install_dir/etc/guacamole/extensions"
|
||||
|
||||
ynh_setup_source --source_id="auth-ldap" --dest_dir="$install_dir/downloads/auth-ldap"
|
||||
mv "$install_dir/downloads/auth-ldap/guacamole-auth-ldap-$guacamole_version.jar" "$install_dir/etc/guacamole/extensions/guacamole-auth-ldap.jar"
|
||||
|
||||
ynh_setup_source --source_id="auth-header" --dest_dir="$install_dir/downloads/auth-header"
|
||||
mv "$install_dir/downloads/auth-header/guacamole-auth-header-$guacamole_version.jar" "$install_dir/etc/guacamole/extensions/guacamole-auth-header.jar"
|
||||
|
||||
ynh_setup_source --source_id="auth-jdbc" --dest_dir="$install_dir/downloads/auth-jdbc"
|
||||
mv "$install_dir/downloads/auth-jdbc/mysql/guacamole-auth-jdbc-mysql-$guacamole_version.jar" "$install_dir/etc/guacamole/extensions/guacamole-auth-jdbc-mysql.jar"
|
||||
mv "$install_dir/downloads/auth-jdbc/mysql/schema" "$install_dir/etc/guacamole/extensions/mysql-schema"
|
||||
|
||||
ynh_setup_source --source_id="mariadb-java-client" --dest_dir="$install_dir/etc/guacamole/lib/"
|
||||
|
||||
ynh_secure_remove --file="$install_dir/downloads/"
|
||||
}
|
||||
|
||||
function _set_permissions() {
|
||||
# Set permissions to app files
|
||||
chown -R "$app:$app" "$install_dir"
|
||||
chmod -R g+rwX,o-rwx "$install_dir"
|
||||
setfacl -n -R -m "user:$app-guacd:rx" -m "default:user:$app-guacd:rx" "$install_dir"
|
||||
setfacl -n -R -m "user:$app-tomcat:rx" -m "default:user:$app-tomcat:rx" "$install_dir"
|
||||
|
||||
# chown -R nobody:$app-tomcat "$install_dir/etc/tomcat9/" "$install_dir/etc/guacamole/"
|
||||
chown -R "$app-tomcat":"$app-tomcat" "$install_dir/var/lib/tomcat9/webapps"
|
||||
setfacl -n -R -m "user:$app-guacd:-" -m "default:user:$app-guacd:-" \
|
||||
"$install_dir/var/lib/tomcat9/" "$install_dir/etc/guacamole/" "$install_dir/etc/tomcat9/"
|
||||
|
||||
chown -R "$app-guacd:$app-guacd" "/var/log/$app/guacd/"
|
||||
chown -R "$app-tomcat:$app-tomcat" "/var/log/$app/tomcat/"
|
||||
}
|
||||
|
||||
#=================================================
|
||||
|
|
|
@ -10,27 +10,6 @@
|
|||
source ../settings/scripts/_common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
ynh_clean_setup () {
|
||||
true
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_print_info --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
|
||||
#=================================================
|
||||
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||
#=================================================
|
||||
|
@ -40,33 +19,19 @@ ynh_print_info --message="Declaring files to be backed up..."
|
|||
# BACKUP THE APP MAIN DIR
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="$final_path"
|
||||
ynh_backup --src_path="$install_dir"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE NGINX CONFIGURATION
|
||||
# BACKUP THE SYSTEM CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# BACKUP FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC BACKUP
|
||||
#=================================================
|
||||
# BACKUP LOGROTATE
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="/etc/logrotate.d/$app"
|
||||
|
||||
#=================================================
|
||||
# BACKUP SYSTEMD
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="/etc/systemd/system/$app-guacd.service"
|
||||
ynh_backup --src_path="/etc/systemd/system/$app-tomcat.service"
|
||||
|
||||
|
|
|
@ -9,60 +9,6 @@
|
|||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS
|
||||
#=================================================
|
||||
|
||||
old_domain=$YNH_APP_OLD_DOMAIN
|
||||
old_path=$YNH_APP_OLD_PATH
|
||||
|
||||
new_domain=$YNH_APP_NEW_DOMAIN
|
||||
new_path=$YNH_APP_NEW_PATH
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||
|
||||
# Needed for helper "ynh_add_nginx_config"
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
ynh_clean_setup () {
|
||||
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
|
||||
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||
|
||||
# Restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# CHECK WHICH PARTS SHOULD BE CHANGED
|
||||
#=================================================
|
||||
|
||||
change_domain=0
|
||||
if [ "$old_domain" != "$new_domain" ]
|
||||
then
|
||||
change_domain=1
|
||||
fi
|
||||
|
||||
change_path=0
|
||||
if [ "$old_path" != "$new_path" ]
|
||||
then
|
||||
change_path=1
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# STANDARD MODIFICATIONS
|
||||
#=================================================
|
||||
|
@ -78,29 +24,7 @@ ynh_systemd_action --service_name="$app-tomcat" --action="stop" --log_path="/var
|
|||
#=================================================
|
||||
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
|
||||
|
||||
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||
|
||||
# Change the path in the NGINX config file
|
||||
if [ $change_path -eq 1 ]
|
||||
then
|
||||
# Make a backup of the original NGINX config file if modified
|
||||
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
|
||||
# Set global variables for NGINX helper
|
||||
domain="$old_domain"
|
||||
path_url="$new_path"
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
fi
|
||||
|
||||
# Change the domain for NGINX
|
||||
if [ $change_domain -eq 1 ]
|
||||
then
|
||||
# Delete file checksum for the old conf file location
|
||||
ynh_delete_file_checksum --file="$nginx_conf_path"
|
||||
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
|
||||
# Store file checksum for the new config file location
|
||||
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||
fi
|
||||
ynh_change_url_nginx_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC MODIFICATIONS
|
||||
|
@ -120,7 +44,7 @@ if [ $change_path -eq 1 ]; then
|
|||
new_path_tomcat="ROOT"
|
||||
fi
|
||||
|
||||
mv "$final_path/var/lib/tomcat9/webapps/$old_path_tomcat" "$final_path/var/lib/tomcat9/webapps/$new_path_tomcat"
|
||||
mv "$install_dir/var/lib/tomcat9/webapps/$old_path_tomcat" "$install_dir/var/lib/tomcat9/webapps/$new_path_tomcat"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
|
@ -133,13 +57,6 @@ ynh_script_progression --message="Starting systemd services..." --weight=1
|
|||
ynh_systemd_action --service_name="$app-guacd" --action="start" --log_path="/var/log/$app/guacd.log"
|
||||
ynh_systemd_action --service_name="$app-tomcat" --action="start" --log_path="/var/log/$app/tomcat.log"
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
|
225
scripts/install
225
scripts/install
|
@ -9,64 +9,10 @@
|
|||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
ynh_clean_setup () {
|
||||
true
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||
#=================================================
|
||||
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path_url=$YNH_APP_ARG_PATH
|
||||
admin=$YNH_APP_ARG_ADMIN
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Validating installation parameters..." --weight=1
|
||||
|
||||
final_path=/opt/yunohost/$app
|
||||
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
||||
|
||||
# Register (book) web path
|
||||
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
||||
|
||||
#=================================================
|
||||
# STORE SETTINGS FROM MANIFEST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Storing installation settings..." --weight=1
|
||||
|
||||
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
||||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
||||
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||
|
||||
#=================================================
|
||||
# STANDARD MODIFICATIONS
|
||||
#=================================================
|
||||
# FIND AND OPEN A PORT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Finding available ports..." --weight=1
|
||||
|
||||
# Find available ports
|
||||
guacd_port=$(ynh_find_port --port=4822)
|
||||
ynh_app_setting_set --app=$app --key=guacd_port --value=$guacd_port
|
||||
port=$(ynh_find_port --port=8080)
|
||||
ynh_app_setting_set --app=$app --key=port --value=$port
|
||||
|
||||
#=================================================
|
||||
# INSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Installing dependencies..." --weight=1
|
||||
ynh_script_progression --message="Stopping system tomcat..." --weight=1
|
||||
|
||||
# Guacamole depends on Apache Tomcat.
|
||||
# But installing Tomcat from the Debian repos automatically enables and starts it.
|
||||
|
@ -83,12 +29,10 @@ if [ "$(systemctl cat tomcat9 --quiet)" ]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
if [ ! $tomcat_enabled ]; then
|
||||
if [ $tomcat_enabled ]; then
|
||||
systemctl disable tomcat9 --quiet
|
||||
fi
|
||||
if [ ! $tomcat_active ]; then
|
||||
if [ $tomcat_active ]; then
|
||||
systemctl stop tomcat9 --quiet
|
||||
fi
|
||||
|
||||
|
@ -98,162 +42,87 @@ fi
|
|||
ynh_script_progression --message="Configuring system users..." --weight=1
|
||||
|
||||
# Create system users
|
||||
ynh_system_user_create --username="$app-guacd"
|
||||
ynh_system_user_create --username="$app-tomcat"
|
||||
|
||||
#=================================================
|
||||
# CREATE A MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Creating a MySQL database..." --weight=1
|
||||
|
||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
||||
db_user=$db_name
|
||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
|
||||
ynh_system_user_create --username="$app-guacd" --groups="$app"
|
||||
ynh_system_user_create --username="$app-tomcat" --groups="$app"
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Setting up source files..." --weight=3
|
||||
|
||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
setup_sources
|
||||
|
||||
mkdir -p "/var/log/$app/tomcat/" "/var/log/$app/guacd/" "/var/log/$app/tomcat/"
|
||||
mkdir -p "$install_dir/etc/"
|
||||
ln -s -f "$install_dir/etc/tomcat9" "$install_dir/var/lib/tomcat9/conf"
|
||||
ln -s -f "/var/log/$app/tomcat/" "$install_dir/var/lib/tomcat9/logs"
|
||||
ln -s -f "/var/cache/$app-tomcat9" "$install_dir/var/lib/tomcat9/work"
|
||||
|
||||
#=================================================
|
||||
# ADD CONFIGURATIONS
|
||||
#=================================================
|
||||
|
||||
ynh_add_config --template="guacamole.properties" --destination="$install_dir/etc/guacamole/guacamole.properties"
|
||||
|
||||
ynh_replace_string --match_string="8080" --replace_string="$port" --target_file="$install_dir/etc/tomcat9/server.xml"
|
||||
|
||||
_set_permissions
|
||||
|
||||
#=================================================
|
||||
# COMPILE GUACD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Compiling guacd..." --weight=30
|
||||
|
||||
pushd "$install_dir/.guacd-src"
|
||||
LDFLAGS="-lrt" ./configure --enable-allow-freerdp-snapshots --prefix="$install_dir" --datadir="$install_dir" --with-freerdp-plugin-dir="$install_dir/lib/x86_64-linux-gnu/freerdp2"
|
||||
ynh_exec_warn_less make -j $(nproc)
|
||||
ynh_exec_warn_less make install
|
||||
popd
|
||||
|
||||
#=================================================
|
||||
# FINISH SETTING UP DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Setting up database files..." --weight=2
|
||||
|
||||
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database="$db_name" < "$final_path/etc/guacamole/extensions/mysql-schema/001-create-schema.sql"
|
||||
ynh_replace_string --match_string="guacadmin" --replace_string="$admin" -f "$final_path/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
|
||||
ynh_replace_string --match_string="CA458A7D494E3BE824F5E1E175A1556C0F8EEF2C2D7DF3633BEC4A29C4411960" --replace_string="$(hexdump -n 32 -e '4/4 "%08X"' /dev/urandom)" -f "$final_path/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
|
||||
ynh_replace_string --match_string="FE24ADC5E11E2B25288D1704ABE67A79E342ECC26064CE69C5B3177795A82264" --replace_string="$(hexdump -n 32 -e '4/4 "%08X"' /dev/urandom)" -f "$final_path/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
|
||||
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database="$db_name" < "$final_path/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
|
||||
ynh_secure_remove --file="$final_path/etc/guacamole/extensions/mysql-schema"
|
||||
ynh_replace_string --match_string="guacadmin" --replace_string="$admin" -f "$install_dir/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
|
||||
ynh_replace_string --match_string="CA458A7D494E3BE824F5E1E175A1556C0F8EEF2C2D7DF3633BEC4A29C4411960" --replace_string="$(hexdump -n 32 -e '4/4 "%08X"' /dev/urandom)" -f "$install_dir/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
|
||||
ynh_replace_string --match_string="FE24ADC5E11E2B25288D1704ABE67A79E342ECC26064CE69C5B3177795A82264" --replace_string="$(hexdump -n 32 -e '4/4 "%08X"' /dev/urandom)" -f "$install_dir/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
|
||||
|
||||
ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < "$install_dir/etc/guacamole/extensions/mysql-schema/001-create-schema.sql"
|
||||
ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < "$install_dir/etc/guacamole/extensions/mysql-schema/002-create-admin-user.sql"
|
||||
ynh_secure_remove --file="$install_dir/etc/guacamole/extensions/mysql-schema"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
# SYSTEM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
|
||||
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
|
||||
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC SETUP
|
||||
#=================================================
|
||||
# COMPILE GUACD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Compiling guacd..." --weight=30
|
||||
|
||||
pushd "$final_path/.guacd-src" || ynh_die
|
||||
./configure --enable-allow-freerdp-snapshots --prefix="$final_path" --datadir="$final_path" --with-freerdp-plugin-dir="$final_path/lib/x86_64-linux-gnu/freerdp2"
|
||||
ynh_exec_warn_less make
|
||||
ynh_exec_warn_less make install
|
||||
popd || ynh_die
|
||||
|
||||
#=================================================
|
||||
# SETUP TOMCAT
|
||||
#=================================================
|
||||
|
||||
mkdir -p "$final_path/etc/"
|
||||
ln -s -f "$final_path/etc/tomcat9" "$final_path/var/lib/tomcat9/conf"
|
||||
ln -s -f "/var/log/$app/tomcat/" "$final_path/var/lib/tomcat9/logs"
|
||||
ln -s -f "/var/cache/$app-tomcat9" "$final_path/var/lib/tomcat9/work"
|
||||
|
||||
#=================================================
|
||||
# CREATE LOG DIRS
|
||||
#=================================================
|
||||
mkdir -p "/var/log/$app/tomcat/" "/var/log/$app/guacd/" "/var/log/$app/tomcat/"
|
||||
|
||||
#=================================================
|
||||
# ADD CONFIGURATIONS
|
||||
#=================================================
|
||||
|
||||
ynh_add_config --template="guacamole.properties" --destination="$final_path/etc/guacamole/guacamole.properties"
|
||||
|
||||
ynh_replace_string --match_string="8080" --replace_string="$port" --target_file="$final_path/etc/tomcat9/server.xml"
|
||||
|
||||
#=================================================
|
||||
# SETUP SYSTEMD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring systemd services..." --weight=1
|
||||
|
||||
# Create dedicated systemd configs
|
||||
ynh_add_systemd_config --service="$app-guacd" --template="guacd.service"
|
||||
yunohost service add "$app-guacd" --description="Guacamole server" --log="/var/log/$app/guacd.log"
|
||||
|
||||
ynh_add_systemd_config --service="$app-tomcat" --template="tomcat.service"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Set permissions to app files
|
||||
chown -R nobody $final_path
|
||||
chmod -R o-rwx $final_path
|
||||
setfacl -n -R -m user:$app-guacd:rx -m default:user:$app-guacd:rx $final_path
|
||||
setfacl -n -R -m user:$app-tomcat:rx -m default:user:$app-tomcat:rx $final_path
|
||||
chown -R $app-guacd:$app-guacd "/var/log/$app/guacd/"
|
||||
chown -R $app-tomcat:$app-tomcat "/var/log/$app/tomcat/"
|
||||
chown -R nobody:$app-tomcat "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
|
||||
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
|
||||
setfacl -n -R -m user:$app-guacd:- -m default:user:$app-guacd:- "$final_path/var/lib/tomcat9/" "$final_path/etc/guacamole/" "$final_path/etc/tomcat9/"
|
||||
|
||||
#=================================================
|
||||
# SETUP LOGROTATE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring log rotation..." --weight=1
|
||||
yunohost service add "$app-tomcat" --description="Guacamole client" --log="/var/log/$app/tomcat.log"
|
||||
|
||||
# Use logrotate to manage application logfile(s)
|
||||
ynh_use_logrotate --logfile="/var/log/$app/tomcat/catalina.out" --specific_user="$app-tomcat/$app-tomcat"
|
||||
|
||||
#=================================================
|
||||
# INTEGRATE SERVICES IN YUNOHOST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Integrating services in YunoHost..." --weight=1
|
||||
|
||||
yunohost service add "$app-guacd" --description="Guacamole server" --log="/var/log/$app/guacd.log"
|
||||
yunohost service add "$app-tomcat" --description="Guacamole client" --log="/var/log/$app/tomcat.log"
|
||||
# Create a dedicated Fail2Ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/syslog" --failregex='o.a.g.r.auth.AuthenticationService - Authentication attempt from <HOST> for user "[^"]*" failed\.$'
|
||||
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting systemd services..." --weight=1
|
||||
ynh_script_progression --message="Starting $app's systemd services..." --weight=1
|
||||
|
||||
# Start systemd services
|
||||
ynh_systemd_action --service_name="$app-guacd" --action="start" --log_path="/var/log/$app/guacd.log"
|
||||
ynh_systemd_action --service_name="$app-tomcat" --action="start" --log_path="/var/log/$app/tomcat.log"
|
||||
|
||||
#=================================================
|
||||
# SETUP FAIL2BAN
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
|
||||
|
||||
# Create a dedicated Fail2Ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/syslog" --failregex='o.a.g.r.auth.AuthenticationService - Authentication attempt from <HOST> for user "[^"]*" failed\.$'
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring permissions..." --weight=1
|
||||
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
then
|
||||
# Everyone can access the app.
|
||||
# The "main" permission is automatically created before the install script.
|
||||
ynh_permission_update --permission="main" --add="visitors"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
|
|
@ -10,26 +10,9 @@ source _common.sh
|
|||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
# REMOVE SYSTEM CONFIGURATIONS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
|
||||
#=================================================
|
||||
# STANDARD REMOVE
|
||||
#=================================================
|
||||
# REMOVE SERVICE INTEGRATION IN YUNOHOST
|
||||
#=================================================
|
||||
|
||||
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
|
||||
ynh_script_progression --message="Removing $app service integration..." --weight=1
|
||||
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
|
||||
|
||||
if ynh_exec_warn_less yunohost service status $app-guacd >/dev/null; then
|
||||
yunohost service remove "$app-guacd"
|
||||
|
@ -38,65 +21,19 @@ if ynh_exec_warn_less yunohost service status $app-tomcat >/dev/null; then
|
|||
yunohost service remove "$app-tomcat"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# STOP AND REMOVE SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
|
||||
|
||||
# Remove the dedicated systemd config
|
||||
ynh_remove_systemd_config --service="$app-guacd"
|
||||
ynh_remove_systemd_config --service="$app-tomcat"
|
||||
|
||||
#=================================================
|
||||
# REMOVE THE MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing the MySQL database..." --weight=1
|
||||
|
||||
# Remove a database if it exists, along with the associated user
|
||||
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
|
||||
|
||||
#=================================================
|
||||
# REMOVE DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing dependencies..." --weight=1
|
||||
|
||||
# Remove metapackage and its dependencies
|
||||
ynh_remove_app_dependencies
|
||||
|
||||
#=================================================
|
||||
# REMOVE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing app main directory..." --weight=1
|
||||
|
||||
# Remove the app directory securely
|
||||
ynh_secure_remove --file="$final_path"
|
||||
|
||||
#=================================================
|
||||
# REMOVE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
|
||||
|
||||
# Remove the dedicated NGINX config
|
||||
ynh_remove_nginx_config
|
||||
|
||||
#=================================================
|
||||
# REMOVE LOGROTATE CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
|
||||
|
||||
# Remove the app-specific logrotate config
|
||||
ynh_remove_logrotate
|
||||
|
||||
#=================================================
|
||||
# REMOVE FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1
|
||||
|
||||
# Remove the dedicated Fail2Ban config
|
||||
ynh_remove_fail2ban_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC REMOVE
|
||||
#=================================================
|
||||
# REMOVE VARIOUS FILES
|
||||
#=================================================
|
||||
|
@ -115,7 +52,6 @@ ynh_script_progression --message="Removing the dedicated system users..." --weig
|
|||
ynh_system_user_delete --username="$app-guacd"
|
||||
ynh_system_user_delete --username="$app-tomcat"
|
||||
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
|
145
scripts/restore
145
scripts/restore
|
@ -11,76 +11,9 @@ source ../settings/scripts/_common.sh
|
|||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
# STOP TOMCAT
|
||||
#=================================================
|
||||
|
||||
ynh_clean_setup () {
|
||||
true
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE RESTORED
|
||||
#=================================================
|
||||
ynh_script_progression --message="Validating restoration parameters..." --weight=1
|
||||
|
||||
test ! -d $final_path \
|
||||
|| ynh_die --message="There is already a directory: $final_path "
|
||||
|
||||
#=================================================
|
||||
# STANDARD RESTORATION STEPS
|
||||
#=================================================
|
||||
# RESTORE THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the NGINX web server configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
|
||||
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create --username="$app-guacd"
|
||||
ynh_system_user_create --username="$app-tomcat"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the app main directory..." --weight=1
|
||||
|
||||
ynh_restore_file --origin_path="$final_path"
|
||||
|
||||
#=================================================
|
||||
# RESTORE FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
|
||||
|
||||
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
|
||||
ynh_systemd_action --action=restart --service_name=fail2ban
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC RESTORATION
|
||||
#=================================================
|
||||
# REINSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
|
||||
ynh_script_progression --message="Stopping system tomcat..." --weight=1
|
||||
|
||||
tomcat_enabled=""
|
||||
tomcat_active=""
|
||||
|
@ -93,9 +26,6 @@ if [ "$(systemctl cat tomcat9 --quiet)" ]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
# Define and install dependencies
|
||||
ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
if [ ! $tomcat_enabled ]; then
|
||||
systemctl disable tomcat9 --quiet
|
||||
fi
|
||||
|
@ -104,25 +34,27 @@ if [ ! $tomcat_active ]; then
|
|||
fi
|
||||
|
||||
#=================================================
|
||||
# RESTORE USER RIGHTS
|
||||
# RESTORE THE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the app main directory..." --weight=1
|
||||
|
||||
# Restore permissions on app files
|
||||
chown -R nobody $final_path
|
||||
chmod -R o-rwx $final_path
|
||||
setfacl -n -R -m user:$app-guacd:rx -m default:user:$app-guacd:rx $final_path
|
||||
setfacl -n -R -m user:$app-tomcat:rx -m default:user:$app-tomcat:rx $final_path
|
||||
chown -R nobody:$app-tomcat "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
|
||||
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
|
||||
setfacl -n -R -m user:$app-guacd:- -m default:user:$app-guacd:- "$final_path/var/lib/tomcat9/" "$final_path/etc/guacamole/" "$final_path/etc/tomcat9/"
|
||||
ynh_restore_file --origin_path="$install_dir"
|
||||
chown -R "$app:www-data" "$install_dir"
|
||||
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
|
||||
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create --username="$app-guacd"
|
||||
ynh_system_user_create --username="$app-tomcat"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the MySQL database..." --weight=1
|
||||
|
||||
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
||||
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
|
||||
ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
|
||||
|
||||
#=================================================
|
||||
|
@ -131,48 +63,37 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./
|
|||
ynh_script_progression --message="Restoring various files..."
|
||||
|
||||
ynh_restore_file --origin_path="/var/log/$app"
|
||||
chown -R $app-guacd:$app-guacd "/var/log/$app/guacd/"
|
||||
chown -R $app-tomcat:$app-tomcat "/var/log/$app/tomcat/"
|
||||
|
||||
_set_permissions
|
||||
|
||||
#=================================================
|
||||
# RESTORE SYSTEMD
|
||||
# RESTORE SYSTEM CONFIGURATIONS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
|
||||
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
|
||||
|
||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
|
||||
ynh_systemd_action --action=restart --service_name=fail2ban
|
||||
|
||||
ynh_restore_file --origin_path="/etc/systemd/system/$app-guacd.service"
|
||||
ynh_restore_file --origin_path="/etc/systemd/system/$app-tomcat.service"
|
||||
systemctl enable "$app-guacd.service" --quiet
|
||||
systemctl enable "$app-tomcat.service" --quiet
|
||||
|
||||
#=================================================
|
||||
# INTEGRATE SERVICES IN YUNOHOST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Integrating services in YunoHost..." --weight=1
|
||||
|
||||
yunohost service add "$app-guacd" --description="Guacamole server" --log="/var/log/$app/guacd.log"
|
||||
|
||||
ynh_restore_file --origin_path="/etc/systemd/system/$app-tomcat.service"
|
||||
systemctl enable "$app-tomcat.service" --quiet
|
||||
yunohost service add "$app-tomcat" --description="Guacamole client" --log="/var/log/$app/tomcat.log"
|
||||
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting systemd services..." --weight=1
|
||||
|
||||
ynh_systemd_action --service_name="$app-guacd" --action="start" --log_path="/var/log/$app/guacd.log"
|
||||
ynh_systemd_action --service_name="$app-tomcat" --action="start" --log_path="/var/log/$app/tomcat.log"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE LOGROTATE CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the logrotate configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
# START SYSTEMD SERVICES
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||
ynh_script_progression --message="Starting NGINX and $app's systemd services..." --weight=1
|
||||
|
||||
ynh_systemd_action --service_name="$app-guacd" --action="start" --log_path="/var/log/$app/guacd.log"
|
||||
ynh_systemd_action --service_name="$app-tomcat" --action="start" --log_path="/var/log/$app/tomcat.log"
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
|
|
|
@ -9,44 +9,12 @@
|
|||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||
guacd_port=$(ynh_app_setting_get --app=$app --key=guacd_port)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
||||
|
||||
#=================================================
|
||||
# CHECK VERSION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Checking version..."
|
||||
|
||||
upgrade_type=$(ynh_check_app_version_changed)
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
ynh_clean_setup () {
|
||||
# Restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# STANDARD UPGRADE STEPS
|
||||
#=================================================
|
||||
|
@ -60,7 +28,7 @@ ynh_systemd_action --service_name="$app-tomcat" --action="stop" --log_path="/var
|
|||
#=================================================
|
||||
# CREATE DEDICATED USERS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
|
||||
#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
|
||||
|
||||
# Create dedicated users (if not existing)
|
||||
ynh_system_user_create --username="$app-guacd"
|
||||
|
@ -106,8 +74,6 @@ if [ "$(systemctl cat tomcat9 --quiet)" ]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
if [ ! $tomcat_enabled ]; then
|
||||
systemctl disable tomcat9 --quiet
|
||||
fi
|
||||
|
@ -122,33 +88,34 @@ fi
|
|||
#=================================================
|
||||
ynh_script_progression --message="Compiling guacd..." --weight=30
|
||||
|
||||
pushd "$final_path/.guacd-src" || ynh_die
|
||||
./configure --enable-allow-freerdp-snapshots --prefix="$final_path" --datadir="$final_path" --with-freerdp-plugin-dir="$final_path/lib/x86_64-linux-gnu/freerdp2"
|
||||
ynh_exec_warn_less make
|
||||
ynh_exec_warn_less make install
|
||||
popd || ynh_die
|
||||
pushd "$install_dir/.guacd-src"
|
||||
LDFLAGS="-lrt" ./configure --enable-allow-freerdp-snapshots --prefix="$install_dir" --datadir="$install_dir" --with-freerdp-plugin-dir="$install_dir/lib/x86_64-linux-gnu/freerdp2"
|
||||
ynh_exec_warn_less env LDFLAGS="-lrt" make
|
||||
ynh_exec_warn_less env LDFLAGS="-lrt" make install
|
||||
popd
|
||||
|
||||
#=================================================
|
||||
# SETUP TOMCAT
|
||||
#=================================================
|
||||
|
||||
mkdir -p "$final_path/etc/"
|
||||
ln -s -f "$final_path/etc/tomcat9" "$final_path/var/lib/tomcat9/conf"
|
||||
ln -s -f "/var/log/$app/tomcat/" "$final_path/var/lib/tomcat9/logs"
|
||||
ln -s -f "/var/cache/$app-tomcat9" "$final_path/var/lib/tomcat9/work"
|
||||
mkdir -p "$install_dir/etc/"
|
||||
ln -s -f "$install_dir/etc/tomcat9" "$install_dir/var/lib/tomcat9/conf"
|
||||
ln -s -f "/var/log/$app/tomcat/" "$install_dir/var/lib/tomcat9/logs"
|
||||
ln -s -f "/var/cache/$app-tomcat9" "$install_dir/var/lib/tomcat9/work"
|
||||
|
||||
#=================================================
|
||||
# CREATE LOG DIRS
|
||||
#=================================================
|
||||
|
||||
mkdir -p "/var/log/$app/tomcat/" "/var/log/$app/guacd/" "/var/log/$app/tomcat/"
|
||||
|
||||
#=================================================
|
||||
# UPDATE CONFIG FILES
|
||||
#=================================================
|
||||
|
||||
ynh_add_config --template="guacamole.properties" --destination="$final_path/etc/guacamole/guacamole.properties"
|
||||
ynh_add_config --template="guacamole.properties" --destination="$install_dir/etc/guacamole/guacamole.properties"
|
||||
|
||||
ynh_replace_string --match_string="8080" --replace_string="$port" --target_file="$final_path/etc/tomcat9/server.xml"
|
||||
ynh_replace_string --match_string="8080" --replace_string="$port" --target_file="$install_dir/etc/tomcat9/server.xml"
|
||||
|
||||
#=================================================
|
||||
# SETUP SYSTEMD
|
||||
|
@ -165,16 +132,7 @@ ynh_add_systemd_config --service="$app-tomcat" --template="tomcat.service"
|
|||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Set permissions on app files
|
||||
chown -R nobody $final_path
|
||||
chmod -R o-rwx $final_path
|
||||
setfacl -n -R -m user:$app-guacd:rx -m default:user:$app-guacd:rx $final_path
|
||||
setfacl -n -R -m user:$app-tomcat:rx -m default:user:$app-tomcat:rx $final_path
|
||||
chown -R $app-guacd:$app-guacd "/var/log/$app/guacd/"
|
||||
chown -R $app-tomcat:$app-tomcat "/var/log/$app/tomcat/"
|
||||
chown -R nobody:$app-tomcat "$final_path/etc/tomcat9/" "$final_path/etc/guacamole/"
|
||||
chown -R "$app-tomcat":"$app-tomcat" "$final_path/var/lib/tomcat9/webapps"
|
||||
setfacl -n -R -m user:$app-guacd:- -m default:user:$app-guacd:- "$final_path/var/lib/tomcat9/" "$final_path/etc/guacamole/" "$final_path/etc/tomcat9/"
|
||||
_set_permissions
|
||||
|
||||
#=================================================
|
||||
# SETUP LOGROTATE
|
||||
|
@ -208,13 +166,6 @@ ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
|
|||
# Create a dedicated Fail2Ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/syslog" --failregex='o.a.g.r.auth.AuthenticationService - Authentication attempt from <HOST> for user "[^"]*" failed\.$'
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
|
9
tests.toml
Normal file
9
tests.toml
Normal file
|
@ -0,0 +1,9 @@
|
|||
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json
|
||||
|
||||
test_format = 1.0
|
||||
|
||||
[default]
|
||||
|
||||
# ------------
|
||||
# Tests to run
|
||||
# ------------
|
Loading…
Reference in a new issue