From f7c7e3eb2e06147e72f5f81087332bac51f13348 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 7 Mar 2024 19:48:51 +0100 Subject: [PATCH] Manifest v2 --- .vscode/settings.json | 23 +++++ check_process | 27 ------ conf/app.src | 7 -- conf/cronjeedom | 2 +- conf/cronjeedom_watchdog | 2 +- conf/nginx.conf | 2 +- doc/DISCLAIMER.md | 3 - manifest.json | 57 ----------- manifest.toml | 97 +++++++++++++++++++ scripts/_common.sh | 45 ++++----- scripts/backup | 39 +------- scripts/change_url | 95 +----------------- scripts/install | 184 ++++++----------------------------- scripts/remove | 61 +----------- scripts/restore | 130 ++++--------------------- scripts/upgrade | 203 +++++++-------------------------------- tests.toml | 9 ++ 17 files changed, 247 insertions(+), 739 deletions(-) create mode 100644 .vscode/settings.json delete mode 100644 check_process delete mode 100644 conf/app.src delete mode 100644 doc/DISCLAIMER.md delete mode 100644 manifest.json create mode 100644 manifest.toml create mode 100644 tests.toml diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..53478d4 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,23 @@ +{ + "python.autoComplete.extraPaths": [ + "${workspaceFolder}/sources/poky/bitbake/lib", + "${workspaceFolder}/sources/poky/meta/lib" + ], + "python.analysis.extraPaths": [ + "${workspaceFolder}/sources/poky/bitbake/lib", + "${workspaceFolder}/sources/poky/meta/lib" + ], + "[python]": { + "diffEditor.ignoreTrimWhitespace": false, + "gitlens.codeLens.symbolScopes": [ + "!Module" + ], + "editor.formatOnType": true, + "editor.wordBasedSuggestions": "off", + "files.trimTrailingWhitespace": false + }, + "[shellscript]": { + "files.eol": "\n", + "files.trimTrailingWhitespace": false + } +} diff --git a/check_process b/check_process deleted file mode 100644 index d3b3911..0000000 --- a/check_process +++ /dev/null @@ -1,27 +0,0 @@ -;; Test complet - ; Manifest - domain="domain.tld" - path="/jeedom" - admin="john" - sudo=1 - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=0 - upgrade=1 - # 3.3.45~ynh1 - upgrade=1 from_commit=7c7a55f99f8a593078fc37d2200bd6ca86766233 - # 3.3.45~ynh2 - upgrade=1 from_commit=4067b16fa1ef2c15247089852a5aca3249bf466a - # 4.1.19~ynh1 - upgrade=1 from_commit=bbf6b7145f37b4e918d80d3293628970fc0acb51 - backup_restore=1 - multi_instance=0 - port_already_use=0 - change_url=0 -;;; Options -Email= -Notification=none diff --git a/conf/app.src b/conf/app.src deleted file mode 100644 index e89c314..0000000 --- a/conf/app.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://github.com/jeedom/core/archive/refs/tags/4.1.19.tar.gz -SOURCE_SUM=be50f67286d1533c93584f3653d4669b36d649033ad1750342b704f9a824476a -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/cronjeedom b/conf/cronjeedom index fb39792..1b755ee 100644 --- a/conf/cronjeedom +++ b/conf/cronjeedom @@ -1 +1 @@ -* * * * * root /usr/bin/php__PHPVERSION__ -f __FINALPATH__/core/php/jeeCron.php" \ No newline at end of file +* * * * * root /usr/bin/php__PHPVERSION__ -f __INSTALL_DIR__/core/php/jeeCron.php diff --git a/conf/cronjeedom_watchdog b/conf/cronjeedom_watchdog index 3d26b48..e5fb8a3 100644 --- a/conf/cronjeedom_watchdog +++ b/conf/cronjeedom_watchdog @@ -1 +1 @@ -* * * * * root /usr/bin/php__PHPVERSION__ -f __FINALPATH__/core/php/watchdog.php \ No newline at end of file +* * * * * root /usr/bin/php__PHPVERSION__ -f __INSTALL_DIR__/core/php/watchdog.php \ No newline at end of file diff --git a/conf/nginx.conf b/conf/nginx.conf index 62adbb4..9814f7f 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -2,7 +2,7 @@ location __PATH__/ { # Path to source - alias __FINALPATH__/; + alias __INSTALL_DIR__/; index index.php; diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md deleted file mode 100644 index 96105cc..0000000 --- a/doc/DISCLAIMER.md +++ /dev/null @@ -1,3 +0,0 @@ -#### Multi-user support - -- LDAP login: your YunoHost users also become Jeedom users diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 3d56c2b..0000000 --- a/manifest.json +++ /dev/null @@ -1,57 +0,0 @@ -{ - "name": "Jeedom", - "id": "jeedom", - "packaging_format": 1, - "description": { - "en": "Home automation application", - "fr": "Application de domotique" - }, - "version": "4.1.19~ynh4", - "url": "https://www.jeedom.com", - "upstream": { - "license": "GPL-2.0-or-later", - "website": "https://www.jeedom.com", - "admindoc": "https://doc.jeedom.com", - "code": "https://github.com/jeedom/core" - }, - "license": "GPL-2.0-or-later", - "maintainer": { - "name": "" - }, - "requirements": { - "yunohost": ">= 11.0.9" - }, - "multi_instance": false, - "services": [ - "nginx", - "php7.3-fpm", - "mysql" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "example": "/jeedom", - "default": "/jeedom" - }, - { - "name": "admin", - "type": "user" - }, - { - "name": "sudo", - "type": "boolean", - "ask": { - "en": "Do you agree giving sudo rights to the Jeedom user? This is required for most Jeedom features to work. However, attackers could use vulnerabilities in Jeedom to take control of your server.", - "fr": "Acceptez-vous de donner les droits sudo à l'utilisateur Jeedom ? Ces droits sont nécessaires au bon fonctionnement de Jeedom. Toutefois, des attaquants pourraient exploiter des failles de Jeedom pour prendre le controle de votre serveur." - }, - "default": true - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..53e484f --- /dev/null +++ b/manifest.toml @@ -0,0 +1,97 @@ +#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json + +packaging_format = 2 + +id = "jeedom" +name = "Jeedom" +description.en = "Home automation application" +description.fr = "Application de domotique" + +version = "4.1.19~ynh5" + +maintainers = [] + +[upstream] +license = "GPL-2.0-or-later" +website = "https://www.jeedom.com" +admindoc = "https://doc.jeedom.com" +code = "https://github.com/jeedom/core" +cpe = "cpe:2.3:a:jeedom:jeedom" + +[integration] +yunohost = ">= 11.2" +architectures = "all" +multi_instance = false +ldap = true +sso = true +disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... +ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... + +[install] + [install.domain] + type = "domain" + + [install.path] + type = "path" + default = "/jeedom" + + [install.admin] + type = "user" + + [install.sudo] + ask.en = "Do you agree giving sudo rights to the Jeedom user? This is required for most Jeedom features to work. However, attackers could use vulnerabilities in Jeedom to take control of your server." + ask.fr = "Acceptez-vous de donner les droits sudo à l'utilisateur Jeedom ? Ces droits sont nécessaires au bon fonctionnement de Jeedom. Toutefois, des attaquants pourraient exploiter des failles de Jeedom pour prendre le controle de votre serveur." + type = "boolean" + default = true + +[resources] + [resources.sources.main] + url = "https://github.com/jeedom/core/archive/refs/tags/4.1.19.tar.gz" + sha256 = "be50f67286d1533c93584f3653d4669b36d649033ad1750342b704f9a824476a" + + + [resources.system_user] + + [resources.install_dir] + + [resources.permissions] + main.url = "/" + + [resources.apt] + packages = [ + "ntp", "ca-certificates", "unzip", "curl", "cron", "locate", "tar", + "telnet", "wget", "logrotate", "fail2ban", "dos2unix", "ntpdate", "htop", + "iotop", "vim", "iftop", "smbclient", "git", "python3", "python3-pip", + "software-properties-common", "libexpat1", "ssl-cert", "apt-transport-https", + "xvfb", "cutycapt", "xauth", "duplicity", "at", "ffmpeg", + + "php7.4-curl", + "php7.4-gd", + "php7.4-imap", + "php7.4-xml", + "php7.4-soap", + "php7.4-xmlrpc", + "php7.4-dev", + "php7.4-zip", + "php7.4-ssh2", + "php7.4-mbstring", + "php7.4-ldap", + ] + + [resources.apt.extras.nonfree] + repo = "deb http://deb.debian.org/debian bullseye contrib non-free" + key = "https://ftp-master.debian.org/keys/release-11.asc" + packages = [ + "libsox-fmt-mp3", + "sox", + "libttspico-utils", + "espeak", + "mbrola", + "brltty", + "net-tools", + "nmap", + ] + + [resources.database] + type = "mysql" diff --git a/scripts/_common.sh b/scripts/_common.sh index a4fd6df..6f0d7f8 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,34 +4,31 @@ # COMMON VARIABLES #================================================= -YNH_PHP_VERSION="7.4" - -# dependencies used by the app -pkg_dependencies="ntp ca-certificates unzip curl cron \ -locate tar telnet wget logrotate fail2ban dos2unix ntpdate htop iotop vim iftop smbclient \ -git \ -python3 python3-pip \ -software-properties-common \ -libexpat1 ssl-cert \ -apt-transport-https \ -xvfb cutycapt xauth \ -duplicity \ -at \ -php$YNH_PHP_VERSION-curl php$YNH_PHP_VERSION-gd php$YNH_PHP_VERSION-imap php$YNH_PHP_VERSION-xml php$YNH_PHP_VERSION-soap php$YNH_PHP_VERSION-xmlrpc php$YNH_PHP_VERSION-dev php$YNH_PHP_VERSION-zip php$YNH_PHP_VERSION-ssh2 php$YNH_PHP_VERSION-mbstring php$YNH_PHP_VERSION-ldap \ -ffmpeg" - -# ntp usb-modeswitch python-serial -extra_pkg_dependencies="libsox-fmt-mp3 sox libttspico-utils \ -espeak \ -mbrola \ -brltty \ -net-tools \ -nmap" - #================================================= # PERSONAL HELPERS #================================================= +_jeedom_set_permission() { + # For nginx user to be able to communicate with home automation devices + if getent group dialout >/dev/null; then + usermod -a -G dialout "$app" + fi + if getent group gpio >/dev/null; then + usermod -a -G gpio "$app" + fi + if getent group tty >/dev/null; then + usermod -a -G tty "$app" + fi + + # Sudo permissions to the user if agreed to + if [ "$sudo" ]; then + usermod -a -G "sudo" "$app" + if ! grep -q "www-data ALL=(ALL) NOPASSWD: ALL" /etc/sudoers; then + echo "www-data ALL=(ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo) + fi + fi +} + #================================================= # EXPERIMENTAL HELPERS #================================================= diff --git a/scripts/backup b/scripts/backup index d9a5fb5..f2b2f98 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,28 +8,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -41,24 +17,19 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= -# BACKUP THE NGINX CONFIGURATION +# SYSTEM CONFIGURATION #================================================= +# Backup the PHP-FPM configuration ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP THE PHP-FPM CONFIGURATION -#================================================= - +# Backup the nginx configuration ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -#================================================= -# BACKUP VARIOUS FILES -#================================================= - +# Backup the cron configuration ynh_backup --src_path="/etc/cron.d/${app}" ynh_backup --src_path="/etc/cron.d/${app}_watchdog" diff --git a/scripts/change_url b/scripts/change_url index eb8535c..6dd5830 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC STARTING #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -9,103 +7,12 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." - -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -# Add settings here as needed by your application -#db_name=$(ynh_app_setting_get --app=$app --key=db_name) -#db_user=$db_name -#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - -#================================================= -# STANDARD MODIFICATIONS #================================================= # MODIFY URL IN NGINX CONF #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi - -#================================================= -# GENERIC FINALISATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload +ynh_change_url_nginx_config #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index a704eef..0f07f88 100644 --- a/scripts/install +++ b/scripts/install @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,155 +8,49 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE SCRIPT FAILURE +# INITIALIZE AND STORE SETTINGS #================================================= -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN -sudo=$YNH_APP_ARG_SUDO - -app=$YNH_APP_INSTANCE_NAME fpm_footprint="low" fpm_free_footprint=0 fpm_usage="low" -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." - -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url +ynh_app_setting_set --app="$app" --key="fpm_footprint" --value="$fpm_footprint" +ynh_app_setting_set --app="$app" --key="fpm_free_footprint" --value="$fpm_free_footprint" +ynh_app_setting_set --app="$app" --key="fpm_usage" --value="$fpm_usage" #================================================= -# STORE SETTINGS FROM MANIFEST +# CONFIGURING RIGHTS #================================================= -ynh_script_progression --message="Storing installation settings..." +ynh_script_progression --message="Configuring permissions..." -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key="sudo" --value=$sudo -ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint -ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint -ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing dependencies..." - -ynh_install_app_dependencies $pkg_dependencies -ynh_install_extra_app_dependencies --repo="deb http://deb.debian.org/debian $(lsb_release --codename --short) contrib non-free" --package="$extra_pkg_dependencies" --key="https://ftp-master.debian.org/keys/release-$(lsb_release --release --short).asc" - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" - -#================================================= -# CREATE A MYSQL DATABASE -#================================================= -ynh_script_progression --message="Creating a MySQL database..." - -db_name=$(ynh_sanitize_dbid --db_name=$app) -db_user=$db_name -ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name +_jeedom_set_permission #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." -ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" - -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# SPECIFIC SETUP -#================================================= -# CONFIGURING RIGHTS -#================================================= -ynh_script_progression --message="Configuring rights..." +chmod -R o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" +# FIXME: is it used?? It's not even reboot persistent… # Create tmp required by Jeedom mkdir -p /tmp/jeedom -chmod 750 -R /tmp/jeedom -chown $app:www-data -R /tmp/jeedom - -# For nginx user to be able to communicate with home automation devices -if [ $(getent group dialout) ]; then - usermod -a -G dialout $app -fi -if [ $(getent group gpio) ]; then - usermod -a -G gpio $app -fi -if [ $(getent group tty) ]; then - usermod -a -G tty $app -fi - -# Sudo permissions to the user if agreed to -if [ ${sudo} ]; then - usermod -a -G "sudo" $app - if [ $(grep "www-data ALL=(ALL) NOPASSWD: ALL" /etc/sudoers | wc -l) -eq 0 ];then - bash -c 'echo "www-data ALL=(ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)' - fi -fi +chmod 750 /tmp/jeedom +chown "$app:www-data" -R /tmp/jeedom #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." +ynh_script_progression --message="Adding $app's configuration files..." --weight=1 -ynh_add_config --template="common.config.php" --destination="$final_path/core/config/common.config.php" - -chmod 400 "$final_path/core/config/common.config.php" -chown $app:$app "$final_path/core/config/common.config.php" - -# Cron -ynh_add_config --template="cronjeedom" --destination="/etc/cron.d/${app}" -ynh_add_config --template="cronjeedom_watchdog" --destination="/etc/cron.d/${app}_watchdog" +ynh_add_config --template="common.config.php" --destination="$install_dir/core/config/common.config.php" +chmod 400 "$install_dir/core/config/common.config.php" +chown "$app:$app" "$install_dir/core/config/common.config.php" #================================================= # INSTALL JEEDOM @@ -166,43 +58,27 @@ ynh_add_config --template="cronjeedom_watchdog" --destination="/etc/cron.d/${app ynh_script_progression --message="Installing Jeedom..." # Install Jeedom -php$phpversion $final_path/install/install.php mode=force +"php$phpversion" "$install_dir/install/install.php" mode=force # Configure LDAP and the Admin User and access settings -ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="../conf/config.sql" -ynh_mysql_execute_file_as_root --file="../conf/config.sql" --database=$db_name +ynh_add_config --template="config.sql" --destination="$install_dir/config.sql" +ynh_mysql_execute_file_as_root --file="$install_dir/config.sql" --database="$db_name" +ynh_secure_remove --file="$install_dir/config.sql" #================================================= -# SECURE FILES AND DIRECTORIES +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Securing files and directories..." +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 -# Set permissions to app files -chmod 750 -R $final_path -chown -R $app:www-data $final_path +# Create a dedicated PHP-FPM config +ynh_add_fpm_config --usage="$fpm_usage" --footprint="$fpm_footprint" -# Create tmp required by Jeedom -chmod 750 -R /tmp/jeedom -chown $app:www-data -R /tmp/jeedom +# Create a dedicated NGINX config +ynh_add_nginx_config -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." - -# Everyone can access the API part -# We don't want to display the tile in the SSO so we put --show_tile="false" -# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true" -ynh_permission_create --permission="api" --url="/core/api/jeeApi.php" --allowed="visitors" --show_tile="false" --protected="true" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload +# Cron +ynh_add_config --template="cronjeedom" --destination="/etc/cron.d/${app}" +ynh_add_config --template="cronjeedom_watchdog" --destination="/etc/cron.d/${app}_watchdog" #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index 1dbea90..e6f018c 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,61 +8,16 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# LOAD SETTINGS +# REMOVE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -#================================================= -# STANDARD REMOVE -#================================================= -# REMOVE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Removing the MySQL database..." - -# Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name - -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." - # Remove the dedicated PHP-FPM config ynh_remove_fpm_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." - -# Remove metapackage and its dependencies -ynh_remove_app_dependencies - -#================================================= -# SPECIFIC REMOVE #================================================= # REMOVE VARIOUS FILES #================================================= @@ -76,16 +29,6 @@ ynh_secure_remove --file="/etc/cron.d/${app}_watchdog" ynh_secure_remove --file="/tmp/jeedom" -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." - -# Delete a system user -ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 69988f6..939103d 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -11,144 +9,56 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE SCRIPT FAILURE +# CONFIGURING RIGHTS #================================================= +ynh_script_progression --message="Configuring permissions..." -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -sudo=$(ynh_app_setting_get --app=$app --key=sudo) - -fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) -fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" +_jeedom_set_permission #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod -R o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" + +# Create tmp required by Jeedom +mkdir -p /tmp/jeedom +chmod 750 /tmp/jeedom +chown "$app:www-data" -R /tmp/jeedom #================================================= -# SPECIFIC RESTORATION +# RESTORE THE MYSQL DATABASE #================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." +ynh_script_progression --message="Restoring the MySQL database..." --weight=1 -# Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies -ynh_install_extra_app_dependencies --repo="deb http://deb.debian.org/debian $(lsb_release --codename --short) contrib non-free" --package="$extra_pkg_dependencies" --key="https://ftp-master.debian.org/keys/release-$(lsb_release --release --short).asc" +ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql #================================================= -# RESTORE THE PHP-FPM CONFIGURATION +# RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Restoring the PHP-FPM configuration..." +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" # Recreate a dedicated php-fpm config ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$phpversion -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." - ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# CONFIGURING RIGHTS -#================================================= -ynh_script_progression --message="Configuring rights..." - -# Create tmp required by Jeedom -mkdir -p /tmp/jeedom -chmod 750 -R /tmp/jeedom -chown $app:www-data -R /tmp/jeedom - -# For nginx user to be able to communicate with home automation devices -if [ $(getent group dialout) ]; then - usermod -a -G dialout $app -fi -if [ $(getent group gpio) ]; then - usermod -a -G gpio $app -fi -if [ $(getent group tty) ]; then - usermod -a -G tty $app -fi - -# Sudo permissions to the user if agreed to -if [ ${sudo} ]; then - usermod -a -G "sudo" $app - if [ $(grep "www-data ALL=(ALL) NOPASSWD: ALL" /etc/sudoers | wc -l) -eq 0 ];then - bash -c 'echo "www-data ALL=(ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)' - fi -fi - -#================================================= -# RESTORE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Restoring the MySQL database..." - -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql - -#================================================= -# RESTORE VARIOUS FILES -#================================================= -ynh_script_progression --message="Restoring various files..." - ynh_restore_file --origin_path="/etc/cron.d/${app}" ynh_restore_file --origin_path="/etc/cron.d/${app}_watchdog" #================================================= -# GENERIC FINALIZATION +# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= -# RELOAD NGINX AND PHP-FPM -#================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." +ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 + +ynh_systemd_action --service_name="php$phpversion-fpm" --action=reload -ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index dd2d55b..c3531eb 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -9,216 +7,87 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -sudo=$(ynh_app_setting_get --app=$app --key=sudo) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - -fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) -fpm_free_footprint=$(ynh_app_setting_get --app=$app --key=fpm_free_footprint) -fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) - -#================================================= -# CHECK VERSION -#================================================= -ynh_script_progression --message="Checking version..." - -upgrade_type=$(ynh_check_app_version_changed) - -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." # If fpm_footprint doesn't exist, create it -if [ -z "$fpm_footprint" ]; then +if [ -z "${fpm_footprint:-}" ]; then fpm_footprint=low - ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint + ynh_app_setting_set --app="$app" --key="fpm_footprint" --value="$fpm_footprint" fi # If fpm_free_footprint doesn't exist, create it -if [ -z "$fpm_free_footprint" ]; then +if [ -z "${fpm_free_footprint:-}" ]; then fpm_free_footprint=0 - ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint + ynh_app_setting_set --app="$app" --key="fpm_free_footprint" --value="$fpm_free_footprint" fi # If fpm_usage doesn't exist, create it -if [ -z "$fpm_usage" ]; then +if [ -z "${fpm_usage:-}" ]; then fpm_usage=low - ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage -fi - -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url="/core/api/jeeApi.php" --allowed="visitors" --show_tile="false" --protected="true" + ynh_app_setting_set --app="$app" --key="fpm_usage" --value="$fpm_usage" fi #================================================= -# CREATE DEDICATED USER +# CONFIGURING RIGHTS #================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." +ynh_script_progression --message="Configuring permissions..." -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" +_jeedom_set_permission #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_script_progression --message="Upgrading source files..." -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep="/core/config/common.config.php" - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --keep="/core/config/common.config.php" -fi - -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" - -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." - -ynh_install_app_dependencies $pkg_dependencies -ynh_install_extra_app_dependencies --repo="deb http://deb.debian.org/debian $(lsb_release --codename --short) contrib non-free" --package="$extra_pkg_dependencies" --key="https://ftp-master.debian.org/keys/release-$(lsb_release --release --short).asc" - -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# SPECIFIC UPGRADE -#================================================= -# CONFIGURING RIGHTS -#================================================= -ynh_script_progression --message="Configuring rights..." +chmod -R o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" # Create tmp required by Jeedom mkdir -p /tmp/jeedom -chmod 750 -R /tmp/jeedom -chown $app:www-data -R /tmp/jeedom - -# For nginx user to be able to communicate with home automation devices -if [ $(getent group dialout) ]; then - usermod -a -G dialout $app -fi -if [ $(getent group gpio) ]; then - usermod -a -G gpio $app -fi -if [ $(getent group tty) ]; then - usermod -a -G tty $app -fi - -# Sudo permissions to the user if agreed to -if [ ${sudo} ]; then - usermod -a -G "sudo" $app - if [ $(grep "www-data ALL=(ALL) NOPASSWD: ALL" /etc/sudoers | wc -l) -eq 0 ];then - bash -c 'echo "www-data ALL=(ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)' - fi -fi +chmod 750 /tmp/jeedom +chown "$app:www-data" -R /tmp/jeedom #================================================= # UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Updating a configuration file..." +ynh_script_progression --message="Updating $app's configuration files..." -ynh_add_config --template="common.config.php" --destination="$final_path/core/config/common.config.php" - -chmod 400 "$final_path/core/config/common.config.php" -chown $app:$app "$final_path/core/config/common.config.php" - -# Cron -ynh_add_config --template="cronjeedom" --destination="/etc/cron.d/${app}" -ynh_add_config --template="cronjeedom_watchdog" --destination="/etc/cron.d/${app}_watchdog" +ynh_add_config --template="common.config.php" --destination="$install_dir/core/config/common.config.php" +chmod 400 "$install_dir/core/config/common.config.php" +chown "$app:$app" "$install_dir/core/config/common.config.php" #================================================= # UPGRADE JEEDOM #================================================= ynh_script_progression --message="Upgrading Jeedom..." -# Upgrade Jeedom -php$phpversion $final_path/install/install.php mode=force +# Upgrade Jeedom +"php$phpversion" "$install_dir/install/install.php" mode=force + +# Check +# "php$phpversion" "$install_dir/install/sick.php" + +#================================================= +# REAPPLY SYSTEM CONFIGURATIONS +#================================================= +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 + +# Create a dedicated PHP-FPM config +ynh_add_fpm_config --usage="$fpm_usage" --footprint="$fpm_footprint" + +# Create a dedicated NGINX config +ynh_add_nginx_config # Cron ynh_add_config --template="cronjeedom" --destination="/etc/cron.d/${app}" ynh_add_config --template="cronjeedom_watchdog" --destination="/etc/cron.d/${app}_watchdog" -# Check -#php $final_path/install/sick.php - -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions to app files -chmod 750 -R $final_path -chown -R $app:www-data $final_path - -# Create tmp required by Jeedom -chmod 750 -R /tmp/jeedom -chown $app:www-data -R /tmp/jeedom - -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..dead061 --- /dev/null +++ b/tests.toml @@ -0,0 +1,9 @@ +#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json + +test_format = 1.0 + +[default] + + test_upgrade_from.7c7a55f99f8a593078fc37d2200bd6ca86766233.name = "3.3.45~ynh1" + test_upgrade_from.4067b16fa1ef2c15247089852a5aca3249bf466a.name = "3.3.45~ynh2" + test_upgrade_from.bbf6b7145f37b4e918d80d3293628970fc0acb51.name = "4.1.19~ynh1"