diff --git a/manifest.json b/manifest.json index 8a4c9e1..d8425a4 100644 --- a/manifest.json +++ b/manifest.json @@ -15,7 +15,7 @@ "url": "https://jocelyn.delalande.fr" }, "requirements": { - "yunohost": ">= 2.6.3" + "yunohost": ">= 3.8" }, "multi_instance": false, "services": ["nginx", "mysql", "postfix"], diff --git a/scripts/_common.sh b/scripts/_common.sh index 5395b8b..29243e4 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,6 +1,5 @@ ### Constants -nginx_conf_path="/etc/nginx/conf.d/${domain}.d/ihatemoney.conf" supervisor_conf_path="/etc/supervisor/conf.d/ihatemoney.conf" gunicorn_conf_path="/etc/ihatemoney/gunicorn.conf.py" ihatemoney_conf_path="/etc/ihatemoney/ihatemoney.cfg" @@ -21,19 +20,19 @@ install_apt_dependencies() { } create_unix_user() { - sudo mkdir -p /opt/yunohost - sudo useradd ihatemoney -d /opt/yunohost/ihatemoney/ --create-home || ynh_die "User creation failed" + mkdir -p /opt/yunohost + useradd ihatemoney -d /opt/yunohost/ihatemoney/ --create-home || ynh_die "User creation failed" } create_system_dirs() { - sudo install -o ihatemoney -g ihatemoney -m 755 -d \ + install -o ihatemoney -g ihatemoney -m 755 -d \ /var/log/ihatemoney \ /etc/ihatemoney - sudo mkdir -p /opt/yunohost + mkdir -p /opt/yunohost } init_virtualenv () { - sudo virtualenv /opt/yunohost/ihatemoney/venv --python /usr/bin/python3 + virtualenv /opt/yunohost/ihatemoney/venv --python /usr/bin/python3 # PyMySQL → cryptography → setuptools>=18.5 # Required on Jessie, Stretch has setuptools>=18.5 @@ -41,7 +40,7 @@ init_virtualenv () { } pip_install () { - sudo /opt/yunohost/ihatemoney/venv/bin/pip install --upgrade \ + /opt/yunohost/ihatemoney/venv/bin/pip install --upgrade \ 'gunicorn>=19.3.0' \ 'PyMySQL>=0.9,<0.10' \ 'ihatemoney>=4,<5' \ @@ -53,16 +52,15 @@ configure_nginx () { local path=$2 local python_version="$(readlink /usr/bin/python3|sed s/.*python//)" - - sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf - sed -i "s@PYTHON_VERSION@$python_version@g" ../conf/nginx.conf + ynh_replace_string "PATHTOCHANGE" "$path" ../conf/nginx.conf + ynh_replace_string "PYTHON_VERSION" "$python_version" ../conf/nginx.conf # Fix double-slash for domain-root install - sed -i "s@location //@location /@" ../conf/nginx.conf - sudo install -o root -g root -m644 \ + ynh_replace_string "location //" "location /" ../conf/nginx.conf + install -o root -g root -m644 \ ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/ihatemoney.conf } configure_supervisor () { - sudo install -o root -g root -m 644 \ + install -o root -g root -m 644 \ ../conf/supervisord.conf /etc/supervisor/conf.d/ihatemoney.conf } diff --git a/scripts/backup b/scripts/backup index 9749d13..7c21e82 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,6 +1,7 @@ #!/bin/bash # Source YunoHost helpers +source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers ynh_abort_if_errors @@ -19,21 +20,12 @@ domain=$(ynh_app_setting_get "$app" domain) path=$(ynh_app_setting_get "$app" path) dbpass=$(ynh_app_setting_get "$app" mysqlpwd) -# Source local utils -if [ ! -e _common.sh ]; then - # Fetch the local helpers files, because unavail to restore script - sudo cp ../settings/scripts/_common.sh ./_common.sh - sudo chmod a+rx _common.sh -fi - -source _common.sh - # Backup conf files mkdir ./conf -ynh_backup "$nginx_conf_path" "conf/nginx.conf" -ynh_backup "$gunicorn_conf_path" "conf/gunicorn.conf.py" -ynh_backup "$supervisor_conf_path" "conf/supervisor.conf" -ynh_backup "$ihatemoney_conf_path" "conf/ihatemoney.cfg" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup "$gunicorn_conf_path" +ynh_backup "$supervisor_conf_path" +ynh_backup "$ihatemoney_conf_path" # Dump the database mysqldump -u "$dbuser" -p"$dbpass" --no-create-db "$dbname" > ./db.sql diff --git a/scripts/install b/scripts/install index b6f8061..8c1202c 100755 --- a/scripts/install +++ b/scripts/install @@ -1,6 +1,7 @@ #!/bin/bash # Source YunoHost helpers +source _common.sh source /usr/share/yunohost/helpers # Retrieve arguments @@ -9,19 +10,13 @@ path=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC app=ihatemoney -# Source local utils -source _common.sh - -path=$(ynh_normalize_url_path $path) - # Database settings db_pwd=$(ynh_string_random) db_name=$app db_user=$app # Constant arguments -db_user=ihatemoney -secret_key=`openssl rand -base64 32` +secret_key=$(ynh_string_random --length 32) mails_sender="no-reply@${domain}" @@ -31,11 +26,10 @@ ynh_webpath_register $app $domain $path # Configure database ynh_mysql_create_db "$db_name" "$db_user" "$db_pwd" -ynh_app_setting_set $app mysqlpwd $db_pwd # Save app settings -ynh_app_setting_set $app domain $domain -ynh_app_setting_set $app is_public "$is_public" +ynh_app_setting_set "$app" mysqlpwd "$db_pwd" +ynh_app_setting_set "$app" is_public "$is_public" install_apt_dependencies @@ -48,7 +42,7 @@ pip_install create_system_dirs # Configure gunicorn -sudo install -o ihatemoney -g ihatemoney -m 644 \ +install -o ihatemoney -g ihatemoney -m 644 \ ../conf/gunicorn.conf.py /etc/ihatemoney/gunicorn.conf.py # Configure supervisor @@ -56,16 +50,16 @@ configure_supervisor # In case it was already installed before, # so that it picks /etc/supervisor/conf.d/ihatemoney.conf: supervisorctl update -sudo yunohost service add supervisor +yunohost service add supervisor # Configure ihatemoney -sed -i "s@MY_SECRET_KEY@$secret_key@" ../conf/ihatemoney.cfg -sed -i "s/MY_EMAIL/$mails_sender/" ../conf/ihatemoney.cfg -sed -i "s@MY_MYSQL_PW@$db_pwd@" ../conf/ihatemoney.cfg -sed -i "s@MY_PATH@$path@" ../conf/ihatemoney.cfg +ynh_replace_string "MY_SECRET_KEY" "$secret_key" ../conf/ihatemoney.cfg +ynh_replace_string "MY_EMAIL" "$mails_sender" ../conf/ihatemoney.cfg +ynh_replace_string "MY_MYSQL_PW" "$db_pwd" ../conf/ihatemoney.cfg +ynh_replace_string "MY_PATH" "$path" ../conf/ihatemoney.cfg # Remove the conf directive if served at root sed -i "/APPLICATION_ROOT='\/'/d" ../conf/ihatemoney.cfg -sudo install -o ihatemoney -g ihatemoney -m 640 \ +install -o ihatemoney -g ihatemoney -m 640 \ ../conf/ihatemoney.cfg /etc/ihatemoney/ihatemoney.cfg # If app is public, add url to SSOWat conf as skipped_uris @@ -78,10 +72,7 @@ fi configure_nginx "$domain" "$path" # Start backend -sudo systemctl start supervisor - -# Reconfigure sso -sudo yunohost app ssowatconf +systemctl start supervisor # Wait that gunicorn is ready to consider the install finished, that is to # avoid HTTP 502 right after installation @@ -92,6 +83,6 @@ do done # If socket not ready after 2 minutes waiting, ihatemoney will not work. -test -S /tmp/budget.gunicorn.sock || exit_properly +test -S /tmp/budget.gunicorn.sock || ynh_die -sudo systemctl reload nginx +systemctl reload nginx diff --git a/scripts/remove b/scripts/remove index be63595..5620f80 100755 --- a/scripts/remove +++ b/scripts/remove @@ -11,27 +11,27 @@ app=ihatemoney domain=$(ynh_app_setting_get $app domain) db_user=$app db_name=$app -root_pwd=$(sudo cat /etc/yunohost/mysql) # Stop service -sudo supervisorctl stop budget +supervisorctl stop budget # Drop database ynh_mysql_drop_db $db_name ynh_mysql_drop_user $db_user # Remove src and venv -sudo rm -rf /opt/yunohost/ihatemoney/ +ynh_secure_remove /opt/yunohost/ihatemoney # Remove settings -sudo rm -rf /etc/ihatemoney -sudo rm /etc/supervisor/conf.d/ihatemoney.conf -sudo rm /etc/nginx/conf.d/$domain.d/ihatemoney.conf +ynh_secure_remove /etc/ihatemoney +ynh_secure_remove /etc/supervisor/conf.d/ihatemoney.conf +ynh_remove_nginx_config # Restart services -sudo systemctl force-reload supervisor -sudo systemctl reload nginx -sudo yunohost app ssowatconf +systemctl force-reload supervisor + +# Remove app dependencies +ynh_remove_app_dependencies # Delete user -sudo userdel ihatemoney +userdel ihatemoney diff --git a/scripts/restore b/scripts/restore index 5852c6c..0912f3f 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,8 +1,11 @@ #!/bin/bash # Source app helpers +source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers +ynh_abort_if_errors + # Get multi-instances specific variables app=$YNH_APP_INSTANCE_NAME @@ -16,25 +19,10 @@ path=$(ynh_app_setting_get "$app" path) dbpass=$(ynh_app_setting_get "$app" mysqlpwd) -# Source local utils -if [ ! -e _common.sh ]; then - # Fetch the local helpers files, because unavail to restore script - sudo cp ../settings/scripts/_common.sh ./_common.sh - sudo chmod a+rx _common.sh -fi - -source _common.sh - -ynh_abort_if_errors - test -d $INSTALL_DIR && ynh_die \ "The destination directory '$INSTALL_DIR' already exists.\ You should safely delete it before restoring this app." -test -f $nginx_conf_path && ynh_die \ -"The NGINX configuration already exists at '${nginx_conf_path}'. - You should safely delete it before restoring this app." - test -f $supervisor_conf_path && ynh_die \ "The Supervisor configuration already exists at '${supervisor_conf_path}'. You should safely delete it before restoring this app." @@ -57,6 +45,14 @@ ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql # Reload -sudo systemctl reload nginx -sudo systemctl restart supervisor -sudo supervisorctl restart budget +systemctl reload nginx +systemctl restart supervisor +supervisorctl restart budget + +# Wait that gunicorn is ready to consider the install finished, that is to +# avoid HTTP 502 right after installation +for i in `seq 1 120` +do + test -S /tmp/budget.gunicorn.sock && break + sleep 1 +done diff --git a/scripts/upgrade b/scripts/upgrade index 71de201..5bfd8b1 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -21,7 +21,7 @@ source _common.sh ynh_clean_setup () { if [ -e /opt/yunohost/ihatemoney/venv-old ] then - sudo mv /opt/yunohost/ihatemoney/venv{-old,} + mv /opt/yunohost/ihatemoney/venv{-old,} fi } @@ -52,13 +52,13 @@ if [[ "$VENV_PY_VERSION" == 2.7 ]] then install_apt_dependencies # Trash py2 venv - sudo mv ${INSTALL_DIR}/venv ${INSTALL_DIR}/venv-old + mv ${INSTALL_DIR}/venv ${INSTALL_DIR}/venv-old init_virtualenv # Clears all cookie-sessions, because py2 & py3 sessions are incompatible # Relates https://github.com/lepture/flask-wtf/issues/279 (fix unreleased) - new_secret_key=`openssl rand -base64 32` - sudo sed -i "s/SECRET_KEY = \".*\"/SECRET_KEY = \"${new_secret_key}\"/g" /etc/ihatemoney/ihatemoney.cfg + new_secret_key=$(ynh_string_random 32) + ynh_replace_string "SECRET_KEY = \".*\"" "SECRET_KEY = \"${new_secret_key}\"" /etc/ihatemoney/ihatemoney.cfg fi @@ -68,7 +68,7 @@ fi # Useful for Py 3.4 → 3.5, Jessie → Stretch, ynh 2.x → 3.x if [[ "$VENV_PY_VERSION" != '2.7' ]] && [[ "$VENV_PY_VERSION" != "$SYSTEM_PY_VERSION" ]] then - sudo mv ${INSTALL_DIR}/venv ${INSTALL_DIR}/venv-old + mv ${INSTALL_DIR}/venv ${INSTALL_DIR}/venv-old init_virtualenv # the static path changed @@ -88,13 +88,13 @@ pip_install # Python-MySQL is no longer maintained and does not support Py3 -sudo sed -i "s@'mysql://@'mysql+pymysql://@g" ${ihatemoney_conf_path} +ynh_replace_string "'mysql://" "'mysql+pymysql://" ${ihatemoney_conf_path} # MIGRATION: Remove old code (from pre-2.x versions, not using pip) -sudo rm -rf ${INSTALL_DIR}/src +ynh_secure_remove ${INSTALL_DIR}/src @@ -115,9 +115,9 @@ fi if [ -e /etc/ihatemoney/settings.py ]; then # Strip out the no longer used part of the settings - sudo python2 -c "d = open('/etc/ihatemoney/settings.py').read().replace('try:\n from settings import *\nexcept ImportError:\n pass\n', ''); open('/etc/ihatemoney/settings.py', 'w').write(d)" + python2 -c "d = open('/etc/ihatemoney/settings.py').read().replace('try:\n from settings import *\nexcept ImportError:\n pass\n', ''); open('/etc/ihatemoney/settings.py', 'w').write(d)" # Rename - sudo mv /etc/ihatemoney/settings.py ${ihatemoney_conf_path} + mv /etc/ihatemoney/settings.py ${ihatemoney_conf_path} fi @@ -125,17 +125,17 @@ fi # MIGRATION: Remove no longer used symlink # (ihatemoney now read its conf by default from /etc/ihatemoney/ihatemoney.cfg) -sudo rm -f ${INSTALL_DIR}/src/budget/settings.py +ynh_secure_remove ${INSTALL_DIR}/src/budget/settings.py #----------------------------FINALIZATION----------------------- # Everything went ok ? Let's keep this new venv. -sudo rm -rf ${INSTALL_DIR}/venv-old +ynh_secure_remove ${INSTALL_DIR}/venv-old # Restart backend -sudo supervisorctl restart budget +supervisorctl restart budget # Reload nginx conf -sudo systemctl reload nginx +systemctl reload nginx