diff --git a/README.md b/README.md index 1e23ae2..c9f89d2 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,8 @@ + + # Home Assistant for YunoHost [![Integration level](https://dash.yunohost.org/integration/homeassistant.svg)](https://dash.yunohost.org/appci/app/homeassistant) ![](https://ci-apps.yunohost.org/ci/badges/homeassistant.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/homeassistant.maintain.svg) @@ -5,59 +10,37 @@ *[Lire ce readme en français.](./README_fr.md)* -> *This package allows you to install Home Assistant quickly and simply on a YunoHost server. +> *This package allows you to install Home Assistant quickly and simply on a YunoHost server. If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview -Home Assistant is free, open-source home automation software designed to be the central control system of a smart home or smart home. Written in Python, its main focus is local control and privacy. -**Shipped version:** 0.117.6 +Home automation platform + +**Shipped version:** 2021.11.5~ynh1 + +**Demo:** https://demo.home-assistant.io ## Screenshots -![](https://camo.githubusercontent.com/24b8190f22f6e4277778a4f30a61fce1dd5e95169e6ce149408bbc4a0b9eb0dc/68747470733a2f2f7261772e6769746875622e636f6d2f686f6d652d617373697374616e742f686f6d652d617373697374616e742f6d61737465722f646f63732f73637265656e73686f74732e706e67) +![](./doc/screenshots/screenshot1) -## Demo +## Disclaimers / important information -* [Official demo](https://demo.home-assistant.io/) +* Known limitations: + * Are LDAP and HTTP auth supported? LDAP=Yes | HTTP auth=No + * Can the app be used by multiple users? Yes -## Configuration -How to configure this app: From an admin panel +* Additional informations: + * As the pyhton version shipped in Debian stable is not always supported, a recent version could be built during the installation process. It may take a while to achive that (15 to 60 minutes) -## Documentation +## Documentation and resources - * Official documentation: https://www.home-assistant.io/docs/ - * YunoHost documentation: If specific documentation is needed, feel free to contribute. - -## YunoHost specific features - -#### Multi-user support - -* Are LDAP and HTTP auth supported? LDAP=Yes | HTTP auth=No -* Can the app be used by multiple users? Yes - -#### Supported architectures - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/homeassistant%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/homeassistant/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/homeassistant%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/homeassistant/) - -## Limitations - -* Any known limitations. - -## Additional information - -* As the pyhton version shipped in Debian stable is not supported, a recent version will be built during the installation process. it may take a while to achive that (15 to 60 minutes) - -## Links - - * Report a bug: https://github.com/YunoHost-Apps/homeassistant_ynh/issues - * App website: https://www.home-assistant.io/ - * Upstream app repository: https://github.com/home-assistant/home-assistant - * YunoHost website: https://yunohost.org/ - ---- +* Official app website: https://www.home-assistant.io +* Official admin documentation: https://www.home-assistant.io/docs/ +* YunoHost documentation for this app: https://yunohost.org/app_homeassistant +* Report a bug: https://github.com/YunoHost-Apps/homeassistant_ynh/issues ## Developer info @@ -69,3 +52,5 @@ sudo yunohost app install https://github.com/YunoHost-Apps/homeassistant_ynh/tre or sudo yunohost app upgrade homeassistant -u https://github.com/YunoHost-Apps/homeassistant_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..d7cadca --- /dev/null +++ b/README_fr.md @@ -0,0 +1,52 @@ +# Home Assistant pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/homeassistant.svg)](https://dash.yunohost.org/appci/app/homeassistant) ![](https://ci-apps.yunohost.org/ci/badges/homeassistant.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/homeassistant.maintain.svg) +[![Installer Home Assistant avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=homeassistant) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer Home Assistant rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +Plateforme domotique + +**Version incluse :** 2021.11.5~ynh1 + +**Démo :** https://demo.home-assistant.io + +## Captures d'écran + +![](./doc/screenshots/screenshot1) + +## Avertissements / informations importantes + +* Known limitations: + * Are LDAP and HTTP auth supported? LDAP=Yes | HTTP auth=No + * Can the app be used by multiple users? Yes + + +* Additional informations: + * As the pyhton version shipped in Debian stable is not always supported, a recent version could be built during the installation process. It may take a while to achive that (15 to 60 minutes) + +## Documentations et ressources + +* Site officiel de l'app : https://www.home-assistant.io +* Documentation officielle de l'admin : https://www.home-assistant.io/docs/ +* Documentation YunoHost pour cette app : https://yunohost.org/app_homeassistant +* Signaler un bug : https://github.com/YunoHost-Apps/homeassistant_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/homeassistant_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/homeassistant_ynh/tree/testing --debug +ou +sudo yunohost app upgrade homeassistant -u https://github.com/YunoHost-Apps/homeassistant_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/check_process b/check_process index 5e5eb9c..52d2af2 100644 --- a/check_process +++ b/check_process @@ -1,23 +1,23 @@ ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - is_public=1 (PUBLIC|public=1|private=0) - ; Actions - is_public=1|0 + domain="domain.tld" + is_public=1 ; Checks - pkg_linter=1 + pkg_linter=1 setup_sub_dir=0 setup_root=1 setup_nourl=0 setup_private=1 setup_public=1 upgrade=1 - upgrade=1 from_commit=b07405d0f885f28764031dd80d27af84a90007b1 + upgrade=1 from_commit=4eaade48e9bdccf56a53f09a269b2e5ba7621296 backup_restore=1 multi_instance=0 port_already_use=1 change_url=1 - actions=0 - config_panel=0 ;;; Options Notification=all +;;; Upgrade options + ; commit=4eaade48e9bdccf56a53f09a269b2e5ba7621296 + name= Update to 2021.6.5 on 21/06/2021 + manifest_arg=domain=DOMAIN&is_public=1& diff --git a/conf/homeassistant_conf_files/.storage/onboarding b/conf/homeassistant_conf_files/.storage/onboarding index b92aa42..9677c86 100644 --- a/conf/homeassistant_conf_files/.storage/onboarding +++ b/conf/homeassistant_conf_files/.storage/onboarding @@ -1,11 +1,12 @@ { + "version": 4, + "key": "onboarding", "data": { "done": [ "user", "core_config", + "analytics", "integration" ] - }, - "key": "onboarding", - "version": 3 + } } diff --git a/conf/homeassistant_conf_files/bin/upgrade_homeassistant.sh b/conf/homeassistant_conf_files/bin/upgrade_homeassistant.sh index 5bd35f1..36e08c5 100755 --- a/conf/homeassistant_conf_files/bin/upgrade_homeassistant.sh +++ b/conf/homeassistant_conf_files/bin/upgrade_homeassistant.sh @@ -8,7 +8,8 @@ DEBUG=0 # define usefull variables app="homeassistant" -final_path="/opt/yunohost/$app" +final_path="/var/www/$app" +data_path="/home/yunohost.app/$app" ########## END OF CONFIGURATION ########## @@ -49,16 +50,13 @@ $MY_PYTHON -m venv "$final_path" # activate the virtual environment source "$final_path/bin/activate" -# install last version of pip -pip install --upgrade pip - # install last version of wheel -pip install --upgrade wheel +pip --cache-dir "$data_path/.cache" install --upgrade wheel # upgrade homeassistant python package -pip install --upgrade $app +pip --cache-dir "$data_path/.cache" install --upgrade $app # restart homeassistant systemd service -sudo systemctl restart $app@$app.service +sudo systemctl restart $app.service exit 0 diff --git a/conf/homeassistant_conf_files/configuration.yaml b/conf/homeassistant_conf_files/configuration.yaml index 924eb99..a500827 100644 --- a/conf/homeassistant_conf_files/configuration.yaml +++ b/conf/homeassistant_conf_files/configuration.yaml @@ -1,7 +1,7 @@ homeassistant: auth_providers: - type: command_line - command: /home/homeassistant/.homeassistant/bin/ynh_ldap-auth.sh + command: __DATA_PATH__/bin/ynh_ldap-auth.sh meta: true http: @@ -13,3 +13,11 @@ http: # Apply default set of integrations default_config: + +# Switches +switch: + - platform: command_line + switches: + upgrade_homeassistant: + command_on: "nohup bash -c __DATA_PATH__/bin/upgrade_homeassistant.sh $1 > /dev/null 2>&1 &" + friendly_name: Upgrade Home Assistant diff --git a/conf/nginx.conf b/conf/nginx.conf index b61db04..4aae8e1 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,9 +1,6 @@ -location / { +# see https://github.com/home-assistant/addons/blob/master/nginx_proxy/data/nginx.conf - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - +location / { proxy_pass http://localhost:__PORT__; proxy_set_header Host $host; proxy_redirect http:// https://; diff --git a/conf/sudoers b/conf/sudoers index 71e014d..6c98bb8 100644 --- a/conf/sudoers +++ b/conf/sudoers @@ -1,5 +1,5 @@ # Grant sudo permissions to the user to manage his own systemd service -homeassistant ALL=(ALL) NOPASSWD: /bin/systemctl stop homeassistant@homeassistant.service -homeassistant ALL=(ALL) NOPASSWD: /bin/systemctl start homeassistant@homeassistant.service -homeassistant ALL=(ALL) NOPASSWD: /bin/systemctl restart homeassistant@homeassistant.service -homeassistant ALL=(ALL) NOPASSWD: /bin/systemctl status homeassistant@homeassistant.service +__APP__ ALL=(ALL) NOPASSWD: /bin/systemctl stop __APP__.service +__APP__ ALL=(ALL) NOPASSWD: /bin/systemctl start __APP__.service +__APP__ ALL=(ALL) NOPASSWD: /bin/systemctl restart __APP__.service +__APP__ ALL=(ALL) NOPASSWD: /bin/systemctl status __APP__.service diff --git a/conf/systemd.service b/conf/systemd.service index 8f9fe92..a42c0db 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,12 +1,44 @@ [Unit] Description=Home Assistant -After=network-online.target +After=network.target [Service] Type=simple -User=homeassistant -WorkingDirectory=/home/homeassistant/.homeassistant -ExecStart=/opt/yunohost/homeassistant/bin/hass -c "/home/homeassistant/.homeassistant" --verbose +User=__APP__ +WorkingDirectory=__DATA_PATH__ +ExecStart=__FINALPATH__/bin/hass --config "__DATA_PATH__" --log-file "__LOG_FILE__" --verbose +StandardOutput=append:__LOG_FILE__ +StandardError=inherit + +# Sandboxing options to harden security +# Depending on specificities of your service/app, you may need to tweak these +# .. but this should be a good baseline +# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html +NoNewPrivileges=yes +PrivateTmp=yes +#CANT BE ACTIVATED FOR __APP__ #PrivateDevices=yes +#CANT BE ACTIVATED FOR __APP__ #RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +DevicePolicy=closed +ProtectSystem=full +ProtectControlGroups=yes +ProtectKernelModules=yes +# ProtectKernelTunables=yes +LockPersonality=yes +SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap + +# Denying access to capabilities that should not be relevant for webapps +# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html +CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD +CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE +CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT +CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK +CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM +CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG +CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE +CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW +CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG [Install] WantedBy=multi-user.target diff --git a/doc/.gitkeep b/doc/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..7ddb739 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,7 @@ +* Known limitations: + * Are LDAP and HTTP auth supported? LDAP=Yes | HTTP auth=No + * Can the app be used by multiple users? Yes + + +* Additional informations: + * As the pyhton version shipped in Debian stable is not always supported, a recent version could be built during the installation process. It may take a while to achive that (15 to 60 minutes) diff --git a/doc/screenshots/.gitkeep b/doc/screenshots/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/screenshots/screenshot1 b/doc/screenshots/screenshot1 new file mode 100644 index 0000000..1305cdd Binary files /dev/null and b/doc/screenshots/screenshot1 differ diff --git a/manifest.json b/manifest.json index 6602325..05b2755 100644 --- a/manifest.json +++ b/manifest.json @@ -6,15 +6,21 @@ "en": "Home automation platform", "fr": "Plateforme domotique" }, - "version": "2021.6.5~ynh1", + "version": "2021.11.5~ynh1", "url": "https://github.com/home-assistant/home-assistant", + "upstream": { + "license": "Apache-2.0", + "website": "https://www.home-assistant.io", + "demo": "https://demo.home-assistant.io", + "admindoc": "https://www.home-assistant.io/docs/" + }, "license": "Apache-2.0", "maintainer": { "name": "ewilly", "email": "ewilly@ewilly.fr" }, "requirements": { - "yunohost": ">= 4.0.0" + "yunohost": ">= 4.3.0" }, "multi_instance": false, "services": [ @@ -24,24 +30,11 @@ "install": [ { "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain for Home Assistant", - "fr": "Choisissez un domaine pour Home Assistant" - }, - "help": { - "en": "Installation in a path is not possible", - "fr": "L'installation sous un chemin de domaine n'est pas possible" - }, - "example": "domain.org or homeassistant.domain.org" + "type": "domain" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Should this application be public?", - "fr": "Est-ce que cette application doit être visible publiquement ?" - }, "help": { "en": "If not public, Smartphone app will not work", "fr": "Dans le cas contraire, l'application sur Smartphone ne fonctionnera pas" diff --git a/scripts/_common.sh b/scripts/_common.sh index 184e1a4..98af024 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,26 +3,26 @@ # # Release to install -VERSION=2021.6.5 +VERSION=2021.11.5 # Package dependencies PKG_DEPENDENCIES="python3 python3-dev python3-venv python3-pip libffi-dev libssl-dev libjpeg-dev zlib1g-dev autoconf build-essential libopenjp2-7 libtiff5" # Requirements (Major.Minor.Patch) -# PY_VERSION=$(curl -s "https://www.python.org/ftp/python/" | grep ">3.8" | tail -n1 | cut -d '/' -f 2 | cut -d '>' -f 2) -PY_REQUIRED_VERSION=3.8.7 +# PY_VERSION=$(curl -s "https://www.python.org/ftp/python/" | grep ">3.9" | tail -n1 | cut -d '/' -f 2 | cut -d '>' -f 2) +# Pyhton 3.9.2 will be shiped with bullseye +PY_REQUIRED_VERSION=3.9.2 -# Execute a command as another user -# usage: exec_as USER COMMAND [ARG ...] -exec_as() { - local USER=$1 - shift 1 - - if [[ $USER = $(whoami) ]]; then - eval "$@" - else - sudo -u "$USER" "$@" - fi +# Check if directory/file already exists (path in argument) +myynh_check_path () { + [ -z "$1" ] && ynh_die "No argument supplied" + [ ! -e "$1" ] || ynh_die "$1 already exists" +} + +# Create directory only if not already exists (path in argument) +myynh_create_dir () { + [ -z "$1" ] && ynh_die "No argument supplied" + [ -d "$1" ] || mkdir -p "$1" } # Compare version in arguments @@ -67,7 +67,6 @@ myynh_install_dependencies () { ynh_handle_getopts_args "$@" # Install main dependencies from apt - ynh_script_progression --message="Installing dependencies..." ynh_install_app_dependencies "${PKG_DEPENDENCIES}" # Check python version from APT @@ -84,40 +83,40 @@ myynh_install_dependencies () { # Compare version if [ $(myynh_version_compare $PY_APT_VERSION $python) -le 1 ]; then # APT >= Required - ynh_script_progression --message="Using provided python3..." + ynh_print_info --message="Using provided python3..." MY_PYTHON="python3" else # Either python already built or to build - ynh_script_progression --message="Installing additional dependencies..." - PKG_DEPENDENCIES="${PKG_DEPENDENCIES} tk-dev libncurses5-dev libncursesw5-dev libreadline6-dev libdb5.3-dev libgdbm-dev libsqlite3-dev libbz2-dev libexpat1-dev liblzma-dev wget tar" - ynh_install_app_dependencies "${PKG_DEPENDENCIES}" if [ $(myynh_version_compare $PY_BUILT_VERSION $python) -le 1 ]; then # Built >= Required - ynh_script_progression --message="Using already used python3 built version..." + ynh_print_info --message="Using already used python3 built version..." MY_PYTHON="/usr/local/bin/python${PY_BUILT_VERSION:0:3}" else - # APT < Minimal & Actual < Minimal => Build & install Python into /usr/local/bin - ynh_script_progression --message="Building python (may take a while)..." - # Store current direcotry - local MY_DIR=$(pwd) - # Download - wget -O "/tmp/Python-$python.tar.xz" "https://www.python.org/ftp/python/$python/Python-$python.tar.xz" 2>&1 - # Extract - cd /tmp - tar xf "Python-$python.tar.xz" - # Install - cd "Python-$python" - ./configure --enable-optimizations - ynh_exec_warn_less make -j4 - ynh_exec_warn_less make altinstall - # Clean - cd .. - ynh_secure_remove "Python-$python" - ynh_secure_remove "Python-$python.tar.xz" - # Set version - MY_PYTHON="/usr/local/bin/python${python:0:3}" - # Go back to working directory - cd $MY_DIR + ynh_print_info --message="Installing additional dependencies to build python..." + PKG_DEPENDENCIES="${PKG_DEPENDENCIES} tk-dev libncurses5-dev libncursesw5-dev libreadline6-dev libdb5.3-dev libgdbm-dev libsqlite3-dev libbz2-dev libexpat1-dev liblzma-dev wget tar" + ynh_install_app_dependencies "${PKG_DEPENDENCIES}" + # APT < Minimal & Actual < Minimal => Build & install Python into /usr/local/bin + ynh_print_info --message="Building python (may take a while)..." + # Store current direcotry + local MY_DIR=$(pwd) + # Download + wget -O "/tmp/Python-$python.tar.xz" "https://www.python.org/ftp/python/$python/Python-$python.tar.xz" 2>&1 + # Extract + cd /tmp + tar xf "Python-$python.tar.xz" + # Install + cd "Python-$python" + ./configure --enable-optimizations + ynh_exec_warn_less make -j4 + ynh_exec_warn_less make altinstall + # Clean + cd .. + ynh_secure_remove "Python-$python" + ynh_secure_remove "Python-$python.tar.xz" + # Set version + MY_PYTHON="/usr/local/bin/python${python:0:3}" + # Go back to working directory + cd $MY_DIR fi fi # Save python version in settings @@ -126,28 +125,30 @@ myynh_install_dependencies () { # Install/Upgrade Homeassistant in virtual environement myynh_install_homeassistant () { - exec_as $app -H -s /bin/bash -c " \ - echo 'create the virtual environment' \ - && $MY_PYTHON -m venv "$final_path" \ - && echo 'activate the virtual environment' \ - && source "$final_path/bin/activate" \ - && echo 'install last version of pip' \ - && pip install --upgrade pip \ - && echo 'install last version of wheel' \ - && pip install --upgrade wheel \ - && echo 'install Home Assistant' \ - && pip install --upgrade $app==$VERSION \ - " + ynh_exec_as $app -H -s /bin/bash -c " \ + echo 'create the virtual environment' \ + && $MY_PYTHON -m venv "$final_path" \ + && echo 'activate the virtual environment' \ + && source "$final_path/bin/activate" \ + && echo 'install last version of wheel' \ + && pip --cache-dir "$data_path/.cache" install --upgrade wheel \ + && echo 'install Home Assistant' \ + && pip --cache-dir "$data_path/.cache" install --upgrade $app==$VERSION \ + " } -# Check if directory/file already exists (path in argument) -myynh_check_path () { - [ -z "$1" ] && ynh_die "No argument supplied" - [ ! -e "$1" ] || ynh_die "$1 already exists" -} +# Set permissions +myynh_set_permissions () { + chown -R $app: "$final_path" + chmod 750 "$final_path" + chmod -R o-rwx "$final_path" -# Create directory only if not already exists (path in argument) -myynh_create_dir () { - [ -z "$1" ] && ynh_die "No argument supplied" - [ -d "$1" ] || mkdir -p "$1" + chown -R $app: "$data_path" + chmod 750 "$data_path" + chmod -R o-rwx "$data_path" + chmod -R +x "$data_path/bin/" + + chown -R $app: "$(dirname "$log_file")" + + chown -R root: "/etc/sudoers.d/$app" } diff --git a/scripts/backup b/scripts/backup index b5a73b4..02d2ff8 100644 --- a/scripts/backup +++ b/scripts/backup @@ -11,23 +11,21 @@ ynh_abort_if_errors # retrieve arguments app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app="$app" --key=domain) - -# definie useful vars -final_path="/opt/yunohost/$app" -home_path="/home/$app" - -ynh_print_info --message="Storing the python version in settings..." -# store python version -python=$(cat "$final_path/bin/python3" --version | cut -d ' ' -f 2) -ynh_app_setting_set --app="$app" --key=python --value="$python" +port=$(ynh_app_setting_get --app="$app" --key=port) +final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +data_path=$(ynh_app_setting_get --app="$app" --key=data_path) +log_file=$(ynh_app_setting_get --app="$app" --key=log_file) +path_url=$(ynh_app_setting_get --app="$app" --key=path_url) +python=$(ynh_app_setting_get --app="$app" --key=python) # backup source & conf files ynh_print_info --message="Declaring files to be backed up..." ynh_backup --src_path="$final_path" -ynh_backup --src_path="$home_path" +ynh_backup --src_path="$data_path" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/sudoers.d/$app" -ynh_backup --src_path="/etc/systemd/system/$app@$app.service" +ynh_backup --src_path="/etc/systemd/system/$app.service" ynh_backup --src_path="/etc/logrotate.d/$app" +ynh_backup --src_path="$(dirname "$log_file")" ynh_print_info --message="Backup of $app completed" diff --git a/scripts/install b/scripts/install index a369a79..2321a9e 100644 --- a/scripts/install +++ b/scripts/install @@ -15,9 +15,9 @@ domain=$YNH_APP_ARG_DOMAIN is_public=$YNH_APP_ARG_IS_PUBLIC # definie useful vars -final_path="/opt/yunohost/$app" -home_path="/home/$app" -data_path="/home/$app/.$app" +final_path="/var/www/$app" +data_path="/home/yunohost.app/$app" +log_file="/var/log/$app/$app.log" path_url="/" # check domain/path availability @@ -25,65 +25,81 @@ ynh_script_progression --message="Validating installation parameters..." [ ! -d "$final_path" ] || ynh_die --message="This path already contains a folder" ynh_webpath_register --app="$app" --domain="$domain" --path_url="$path_url" -# save app settings -ynh_script_progression --message="Storing installation settings..." -ynh_app_setting_set --app="$app" --key=domain --value="$domain" - # find a free port & open it ynh_script_progression --message="Looking for a free port and opening it..." port=$(ynh_find_port 8123) -ynh_app_setting_set --app="$app" --key=port --value="$port" ynh_exec_fully_quiet yunohost firewall allow TCP "$port" +# save app settings +ynh_script_progression --message="Storing installation settings..." +ynh_app_setting_set --app="$app" --key=domain --value="$domain" +ynh_app_setting_set --app="$app" --key=port --value="$port" +ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" +ynh_app_setting_set --app="$app" --key=data_path --value="$data_path" +ynh_app_setting_set --app="$app" --key=log_file --value="$log_file" +ynh_app_setting_set --app="$app" --key=path_url --value="$path_url" + # create a dedicated system user ynh_script_progression --message="Creating dedicated user, rights and folders..." ynh_system_user_create --username="$app" -## grant sudo permissions to the user to manage his own systemd service -myynh_create_dir "/etc/sudoers.d" -cp "../conf/sudoers" "/etc/sudoers.d/$app" -## create a directory for the installation of Home Assistant + +# create a directory for the installation of Home Assistant myynh_create_dir "$final_path" -chown $app: "$final_path" -## create a directory for the datas of Home Assistant -myynh_create_dir "$data_path" -chown -R $app: "$home_path" +chown -R $app: "$final_path" + +# create a directory with its log file +myynh_create_dir "$(dirname "$log_file")" +touch "$log_file" + +# create a directory for the datas of Home Assistant +myynh_create_dir "$data_path/.cache" +chown -R $app: "$data_path" # build (if needed) & install Pyhton +ynh_script_progression --message="Installing dependencies..." myynh_install_dependencies --python="$PY_REQUIRED_VERSION" # installation in a virtual environment ynh_script_progression --message="Installing Home Assistant in a virtual environment..." -myynh_install_homeassistant +ynh_exec_fully_quiet myynh_install_homeassistant # set default configuration files and move all homeassistant_conf_files ynh_script_progression --message="Configuring the installation..." -ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="../conf/homeassistant_conf_files/configuration.yaml" cp -r "../conf/homeassistant_conf_files/." "$data_path/" -chown -R $app: "$data_path" -chmod -R +x "$data_path/bin/" +ynh_add_config --template="../conf/homeassistant_conf_files/configuration.yaml" --destination="$data_path/configuration.yaml" + +# grant sudo permissions to the user to manage his own systemd service +myynh_create_dir "/etc/sudoers.d" +ynh_add_config --template="../conf/sudoers" --destination="/etc/sudoers.d/$app" # setup up systemd service ynh_script_progression --message="Adding the dedicated service..." -ynh_add_systemd_config --service="$app@$app" -## add service in admin panel -yunohost service add "$app@$app" --log "$data_path/home-assistant.log" --description "Home Assistant server" --needs_exposed_ports $port +ynh_add_systemd_config + +# add service in admin panel +yunohost service add "$app" --log "$log_file" --description "Home Assistant server" --needs_exposed_ports $port + +# set permissions +myynh_set_permissions # start systemd service ynh_script_progression --message="Starting the Home Assistant server..." -ynh_systemd_action --service_name="$app@$app" --action=start --line_match="Home Assistant initialized" --log_path="systemd" --timeout=3600 +ynh_systemd_action --service_name="$app" --action=start --line_match="Home Assistant initialized" --log_path="$log_file" --timeout=3600 + # remove --verbose from service -ynh_replace_string --match_string=" --verbose" --replace_string="" --target_file="/etc/systemd/system/$app@$app.service" -ynh_store_file_checksum --file="/etc/systemd/system/$app@$app.service" +ynh_replace_string --match_string=" --verbose" --replace_string="" --target_file="/etc/systemd/system/$app.service" +ynh_store_file_checksum --file="/etc/systemd/system/$app.service" systemctl daemon-reload -ynh_systemd_action --service_name="$app@$app" --action=restart +ynh_systemd_action --service_name="$app" --action=restart # enable logrotate -ynh_use_logrotate --logfile="$data_path/home-assistant.log" +ynh_use_logrotate --logfile="$log_file" # create a dedicated nginx config ynh_script_progression --message="Configuring nginx web server..." ynh_add_nginx_config -## reload nginx + +# reload nginx ynh_systemd_action --service_name=nginx --action=reload # unprotect app access if public (needed for Android app to work) diff --git a/scripts/remove b/scripts/remove index 817e6b4..9fb0765 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,6 +1,6 @@ #!/bin/bash # to test the functionnality : -# yunohost app remove homeassistant +# yunohost app remove homeassistant --purge source _common.sh source /usr/share/yunohost/helpers @@ -9,41 +9,58 @@ source /usr/share/yunohost/helpers app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) port=$(ynh_app_setting_get --app=$app --key=port) - -# definie useful vars -final_path="/opt/yunohost/$app" -home_path="/home/$app" - -# remove metapackage and its dependencies -ynh_remove_app_dependencies - -# remove the app directory securely -ynh_secure_remove --file="$final_path" - -# remove the dedicated nginx config -ynh_remove_nginx_config - -# remove a directory securely -ynh_secure_remove --file="$home_path" +final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +data_path=$(ynh_app_setting_get --app="$app" --key=data_path) +log_file=$(ynh_app_setting_get --app="$app" --key=log_file) +path_url=$(ynh_app_setting_get --app="$app" --key=path_url) +python=$(ynh_app_setting_get --app="$app" --key=python) # Remove a service from the admin panel, added by `yunohost service add` -if yunohost service status "$app@$app" >/dev/null 2>&1 ; then - yunohost service remove "$app@$app" +if ynh_exec_warn_less yunohost service status "$app" >/dev/null ; then + ynh_script_progression --message="Removing $app service integration..." + yunohost service remove "$app" fi # remove systemd service -ynh_systemd_action --service_name="$app@$app" --action=stop -ynh_systemd_action --service_name="$app@$app" --action=disable -ynh_secure_remove --file="/etc/systemd/system/$app@$app.service" +ynh_script_progression --message="Stopping and removing the systemd service..." +ynh_remove_systemd_config --service="$app" -# remove logrotate config +# remove the app-specific logrotate config +ynh_script_progression --message="Removing logrotate configuration..." ynh_remove_logrotate +# remove metapackage and its dependencies +ynh_script_progression --message="Removing dependencies..." +ynh_remove_app_dependencies + +# remove the app directory securely +ynh_script_progression --message="Removing app main directory..." +ynh_secure_remove --file="$final_path" + +# remove a directory securely if --purge option is used +if [ "${YNH_APP_PURGE:-0}" -eq 1 ] ; then + ynh_script_progression --message="Removing app data directory..." + ynh_secure_remove --file="$data_path" +fi + +# remove the dedicated nginx config +ynh_script_progression --message="Removing NGINX web server configuration..." +ynh_remove_nginx_config + # close port -ynh_exec_fully_quiet yunohost firewall disallow TCP $port - -# delete a system user -ynh_system_user_delete --username="$app" +if yunohost firewall list | grep -q "\- $port$" ; then + ynh_script_progression --message="Closing port $port..." + ynh_exec_warn_less yunohost firewall disallow TCP $port +fi +ynh_script_progression --message="Removing various files..." # remove sudoers file ynh_secure_remove --file="/etc/sudoers.d/$app" +# Remove the log files +ynh_secure_remove --file="$(dirname "$log_file")" + +# delete a system user +ynh_script_progression --message="Removing the dedicated system user..." +ynh_system_user_delete --username="$app" + +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 42666e2..b6dd55c 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,8 +1,9 @@ #!/bin/bash # to test the functionnality : # yunohost backup create -n "homeassistant-test" --apps homeassistant -# yunohost app remove homeassistant +# yunohost app remove homeassistant --purge # yunohost backup restore "homeassistant-test" +# yunohost backup delete "homeassistant-test" source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -17,62 +18,69 @@ ynh_abort_if_errors app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app="$app" --key=domain) port=$(ynh_app_setting_get --app="$app" --key=port) +final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +data_path=$(ynh_app_setting_get --app="$app" --key=data_path) +log_file=$(ynh_app_setting_get --app="$app" --key=log_file) +path_url=$(ynh_app_setting_get --app="$app" --key=path_url) python=$(ynh_app_setting_get --app="$app" --key=python) -# definie useful vars -final_path="/opt/yunohost/$app" -home_path="/home/$app" -data_path="/home/$app/.$app" -path_url="/" - -ynh_script_progression --message="Validating recovery parameters..." # check domain/path availability +ynh_script_progression --message="Validating recovery parameters..." [ ! -d "$final_path" ] || ynh_die --message="This path already contains a folder" -ynh_webpath_available --domain="$domain" --path_url="$path_url" || ynh_die "$domain/$path_url is not available, please use an other domain." -ynh_script_progression --message="Restoring the port and opening it..." # restore port +ynh_script_progression --message="Restoring the port and opening it..." ynh_exec_warn_less yunohost firewall allow TCP $port -ynh_script_progression --message="Restoring dedicated user, rights and folders..." # restore dedicated system user +ynh_script_progression --message="Restoring dedicated user and rights folders..." ynh_system_user_create --username="$app" ynh_restore_file --origin_path="/etc/sudoers.d/$app" + # restore source +ynh_script_progression --message="Restoring the app..." ynh_restore_file --origin_path="$final_path" -chown -R $app: "$final_path" -ynh_script_progression --message="Restoring the data..." # restore data -ynh_restore_file --origin_path="$home_path" -chown -R $app: "$home_path" -chmod -R +x "$home_path/.homeassistant/bin" +ynh_script_progression --message="Restoring the data..." +ynh_restore_file --origin_path="$data_path" + +# restore log +ynh_script_progression --message="Restoring the app..." +ynh_restore_file --origin_path="$(dirname "$log_file")" -ynh_script_progression --message="Restoring the packages dependencies..." # add required packages +ynh_script_progression --message="Restoring the packages dependencies..." myynh_install_dependencies --python="$python" +# restore the systemd service ynh_script_progression --message="Restoring the dedicated service..." -ynh_restore_file --origin_path="/etc/systemd/system/$app@$app.service" +ynh_restore_file --origin_path="/etc/systemd/system/$app.service" + # add service in admin panel -yunohost service add "$app@$app" --log "$data_path/home-assistant.log" --description "Home Assistant server" --needs_exposed_ports $port +yunohost service add "$app" --log "$log_file" --description "Home Assistant server" --needs_exposed_ports $port +# set permissions +myynh_set_permissions + +# restart the app ynh_script_progression --message="Starting the Home Assistant server..." -# add --verbose to service -sed --in-place "/ExecStart/s/$/ --verbose/" "/etc/systemd/system/$app@$app.service" -# start -ynh_systemd_action --service_name="$app@$app" --action=start --line_match="Home Assistant initialized" --log_path="systemd" --timeout=3600 -# remove --verbose from service and restart -ynh_replace_string --match_string=" --verbose" --replace_string="" --target_file="/etc/systemd/system/$app@$app.service" -systemctl daemon-reload -ynh_systemd_action --service_name="$app@$app" --action=restart --line_match="Started Home Assistant" --log_path="systemd" --timeout=3600 +sed --in-place "/ExecStart/s/$/ --verbose/" "/etc/systemd/system/$app.service" +ynh_systemd_action --service_name="$app" --action=start --line_match="Home Assistant initialized" --log_path="$log_file" --timeout=900 + +# remove --verbose from service and restart +ynh_replace_string --match_string=" --verbose" --replace_string="" --target_file="/etc/systemd/system/$app.service" +ynh_store_file_checksum --file="/etc/systemd/system/$app.service" +systemctl daemon-reload +ynh_systemd_action --service_name="$app" --action=restart -ynh_script_progression --message="Restoring nginx web server..." -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" # restore logrotate +ynh_script_progression --message="Restoring logrotate..." ynh_restore_file --origin_path="/etc/logrotate.d/$app" -# reload nginx +# restore nginx +ynh_script_progression --message="Restoring nginx web server..." +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_systemd_action --service_name=nginx --action=reload ynh_script_progression --message="Recovery of $app completed" --last diff --git a/scripts/upgrade b/scripts/upgrade index 97eee49..d75fd2d 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -14,17 +14,23 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app="$app" --key=domain) port=$(ynh_app_setting_get --app="$app" --key=port) -# Cleaning legacy permissions -ynh_script_progression --message="Cleaning legacy permissions..." -is_public=$(ynh_app_setting_get --app="$app" --key=is_public) -if [ -n "$is_public" ]; then - ynh_app_setting_delete --app="$app" --key=is_public - ynh_app_setting_delete --app="$app" --key=unprotected_uris -fi - # definie useful vars -final_path="/opt/yunohost/$app" -data_path="/home/$app/.$app" +if [ -z $(ynh_app_setting_get --app="$app" --key=final_path) ]; then + final_path="/var/www/$app" + data_path="/home/yunohost.app/$app" + log_file="/var/log/$app/$app.log" + path_url="/" + ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" + ynh_app_setting_set --app="$app" --key=data_path --value="$data_path" + ynh_app_setting_set --app="$app" --key=log_file --value="$log_file" + ynh_app_setting_set --app="$app" --key=path_url --value="$path_url" +else + final_path=$(ynh_app_setting_get --app="$app" --key=final_path) + data_path=$(ynh_app_setting_get --app="$app" --key=data_path) + log_file=$(ynh_app_setting_get --app="$app" --key=log_file) + path_url=$(ynh_app_setting_get --app="$app" --key=path_url) + python=$(ynh_app_setting_get --app="$app" --key=python) +fi # use prior backup and restore on error only if backup feature exists on installed instance ynh_script_progression --message="Creating backup in case of failure..." @@ -36,49 +42,82 @@ if [ -f "/etc/yunohost/apps/$app/scripts/backup" ] ; then } fi -# grant sudo permissions to the user to manage his own systemd service -ynh_script_progression --message="Creating dedicated user, rights and folders..." -myynh_create_dir "/etc/sudoers.d" -cp "../conf/sudoers" "/etc/sudoers.d/$app" - # build (if needed) & install Pyhton +ynh_script_progression --message="Installing dependencies..." myynh_install_dependencies --python="$PY_REQUIRED_VERSION" # stop systemd service ynh_script_progression --message="Stoping service..." -ynh_systemd_action --service_name="$app@$app" --action=stop +ynh_systemd_action --service_name="$app" --action=stop --line_match="Stopped Home Assistant" --log_path="$log_file" --timeout=300 + +# migrate to new app architecture +ynh_script_progression --message="If needed, migrating to new app architecture..." +if [ -f "/etc/systemd/system/$app@$app.service" ]; then + # remove old systemd service + if ynh_exec_warn_less yunohost service status "$app@$app" >/dev/null ; then + yunohost service remove "$app@$app" + fi + ynh_remove_systemd_config --service="$app@$app" +fi +if [ ! -d "$final_path" ]; then + # move $final_path to new directory + mv "/opt/yunohost/$app" "$final_path" + chown -R $app: "$final_path" +fi +if [ ! -d "$data_path" ]; then + # move $data_path to new directory + mv "/""home""/$app" "$data_path" + find "$data_path/.$app" -maxdepth 1 -mindepth 1 -exec mv {} "$data_path" \; + rmdir "$data_path/.$app" + ynh_replace_string --match_string="/home/homeassistant/.homeassistant" --replace_string="$data_path" --target_file="$data_path/configuration.yaml" + chown -R $app: "$data_path" +fi +if [ ! -f "$log_file" ]; then + # create a directory with its log file + myynh_create_dir "$(dirname "$log_file")" + touch "$log_file" +fi # installation in a virtual environment ynh_script_progression --message="Installing Home Assistant in a virtual environment..." -myynh_install_homeassistant +ynh_exec_fully_quiet myynh_install_homeassistant # update script in bin ynh_script_progression --message="Updating YunoHost script used by homeassitant..." cp -r "../conf/homeassistant_conf_files/bin/." "$data_path/bin/" -chown -R $app: "$data_path/bin" -chmod -R +x "$data_path/bin/" # setup up systemd service ynh_script_progression --message="Adding the dedicated service..." -ynh_add_systemd_config --service="$app@$app" -## add service in admin panel -yunohost service add "$app@$app" --log "$data_path/home-assistant.log" --description "Home Assistant server" --needs_exposed_ports $port +ynh_add_systemd_config + +# grant sudo permissions to the user to manage his own systemd service +ynh_script_progression --message="Creating dedicated user, rights and folders..." +ynh_add_config --template="../conf/sudoers" --destination="/etc/sudoers.d/$app" + +# add service in admin panel +yunohost service add "$app" --log "$log_file" --description "Home Assistant server" --needs_exposed_ports $port + +# set permissions +myynh_set_permissions # start systemd service ynh_script_progression --message="Starting the Home Assistant server..." -ynh_systemd_action --service_name="$app@$app" --action=start --line_match="Home Assistant initialized" --log_path="systemd" --timeout=3600 -# remove --verbose from service -ynh_replace_string --match_string=" --verbose" --replace_string="" --target_file="/etc/systemd/system/$app@$app.service" -ynh_store_file_checksum --file="/etc/systemd/system/$app@$app.service" systemctl daemon-reload -ynh_systemd_action --service_name="$app@$app" --action=restart +ynh_systemd_action --service_name="$app" --action=start --line_match="Home Assistant initialized" --log_path="$log_file" --timeout=3600 + +# remove --verbose from service +ynh_replace_string --match_string=" --verbose" --replace_string="" --target_file="/etc/systemd/system/$app.service" +ynh_store_file_checksum --file="/etc/systemd/system/$app.service" +systemctl daemon-reload +ynh_systemd_action --service_name="$app" --action=restart # enable logrotate -ynh_use_logrotate --logfile="$data_path/home-assistant.log" --nonappend +ynh_use_logrotate --logfile="$log_file" --nonappend # create a dedicated nginx config ynh_script_progression --message="Configuring nginx web server..." ynh_add_nginx_config + # reload nginx ynh_systemd_action --service_name=nginx --action=reload