diff --git a/scripts/_common.sh b/scripts/_common.sh index 15edd5a..8e8e0bd 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -136,3 +136,19 @@ myynh_install_homeassistant () { && pip --no-cache-dir install --upgrade $app==$VERSION \ " } + +# Set permissions +myynh_set_permissions () { + chown -R $app: "$final_path" + chmod 750 "$final_path" + chmod -R o-rwx "$final_path" + + chown -R $app: "$data_path" + chmod 750 "$data_path" + chmod -R o-rwx "$data_path" + chmod -R +x "$data_path/bin/" + + chown -R $app: "$(dirname "$log_file")" + + chown -R root: "/etc/sudoers.d/$app" +} diff --git a/scripts/install b/scripts/install index 1b52cef..5348086 100644 --- a/scripts/install +++ b/scripts/install @@ -45,17 +45,13 @@ ynh_system_user_create --username="$app" # create a directory for the installation of Home Assistant myynh_create_dir "$final_path" -chown $app: "$final_path" # create a directory with its log file myynh_create_dir "$(dirname "$log_file")" touch "$log_file" -chown -R $app: "$(dirname "$log_file")" # create a directory for the datas of Home Assistant myynh_create_dir "$data_path" -myynh_create_dir "$data_path/.cache" -chown -R $app: "$data_path" # build (if needed) & install Pyhton ynh_script_progression --message="Installing dependencies..." @@ -69,21 +65,21 @@ ynh_exec_fully_quiet myynh_install_homeassistant ynh_script_progression --message="Configuring the installation..." cp -r "../conf/homeassistant_conf_files/." "$data_path/" ynh_add_config --template="../conf/homeassistant_conf_files/configuration.yaml" --destination="$data_path/configuration.yaml" -chown -R $app: "$data_path" -chmod -R +x "$data_path/bin/" # grant sudo permissions to the user to manage his own systemd service myynh_create_dir "/etc/sudoers.d" ynh_add_config --template="../conf/sudoers" --destination="/etc/sudoers.d/$app" -chown -R root: "/etc/sudoers.d/$app" # setup up systemd service ynh_script_progression --message="Adding the dedicated service..." ynh_add_systemd_config -## add service in admin panel +# add service in admin panel yunohost service add "$app" --log "$log_file" --description "Home Assistant server" --needs_exposed_ports $port +# set permissions +myynh_set_permissions + # start systemd service ynh_script_progression --message="Starting the Home Assistant server..." ynh_systemd_action --service_name="$app" --action=start --line_match="Home Assistant initialized" --log_path="$log_file" --timeout=3600 diff --git a/scripts/restore b/scripts/restore index 5bc9e6e..b6dd55c 100644 --- a/scripts/restore +++ b/scripts/restore @@ -40,18 +40,14 @@ ynh_restore_file --origin_path="/etc/sudoers.d/$app" # restore source ynh_script_progression --message="Restoring the app..." ynh_restore_file --origin_path="$final_path" -chown -R $app: "$final_path" # restore data ynh_script_progression --message="Restoring the data..." ynh_restore_file --origin_path="$data_path" -chown -R $app: "$data_path" -chmod -R +x "$data_path/bin" # restore log ynh_script_progression --message="Restoring the app..." ynh_restore_file --origin_path="$(dirname "$log_file")" -chown -R $app: "$log_file" # add required packages ynh_script_progression --message="Restoring the packages dependencies..." @@ -64,6 +60,9 @@ ynh_restore_file --origin_path="/etc/systemd/system/$app.service" # add service in admin panel yunohost service add "$app" --log "$log_file" --description "Home Assistant server" --needs_exposed_ports $port +# set permissions +myynh_set_permissions + # restart the app ynh_script_progression --message="Starting the Home Assistant server..." sed --in-place "/ExecStart/s/$/ --verbose/" "/etc/systemd/system/$app.service" @@ -82,11 +81,6 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app" # restore nginx ynh_script_progression --message="Restoring nginx web server..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -sleep 10s #Only necessary for CI test otherwise curl failed to nginx page - ynh_systemd_action --service_name=nginx --action=reload -sleep 10s #Only necessary for CI test otherwise curl failed to nginx page - ynh_script_progression --message="Recovery of $app completed" --last diff --git a/scripts/upgrade b/scripts/upgrade index 9a52847..2a87702 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -55,7 +55,6 @@ ynh_script_progression --message="If needed, migrating to new app architecture.. if [ ! -d "$final_path" ]; then # move $final_path to new directory mv "/opt/yunohost/$app" "$final_path" - chown -R $app: "$final_path" fi if [ ! -d "$data_path" ]; then # remove pip cache @@ -63,13 +62,11 @@ if [ ! -d "$data_path" ]; then # move $data_path to new directory mv "/""home""/$app" "$data_path" ynh_replace_string --match_string="/home/homeassistant/.homeassistant" --replace_string="$data_path" --target_file="$data_path/configuration.yaml" - chown -R $app: "$data_path" fi if [ ! -f "$log_file" ]; then # create a directory with its log file myynh_create_dir "$(dirname "$log_file")" touch "$log_file" - chown -R $app: "$(dirname "$log_file")" fi if [ -f "/etc/systemd/system/$app@$app.service" ]; then # remove old systemd service @@ -86,8 +83,6 @@ ynh_exec_fully_quiet myynh_install_homeassistant # update script in bin ynh_script_progression --message="Updating YunoHost script used by homeassitant..." cp -r "../conf/homeassistant_conf_files/bin/." "$data_path/bin/" -chown -R $app: "$data_path/bin" -chmod -R +x "$data_path/bin/" # setup up systemd service ynh_script_progression --message="Adding the dedicated service..." @@ -96,11 +91,13 @@ ynh_add_systemd_config # grant sudo permissions to the user to manage his own systemd service ynh_script_progression --message="Creating dedicated user, rights and folders..." ynh_add_config --template="../conf/sudoers" --destination="/etc/sudoers.d/$app" -chown -R root: "/etc/sudoers.d/$app" # add service in admin panel yunohost service add "$app" --log "$log_file" --description "Home Assistant server" --needs_exposed_ports $port +# set permissions +myynh_set_permissions + # start systemd service ynh_script_progression --message="Starting the Home Assistant server..." systemctl daemon-reload