From 23d821d0ec868967fc1695f5699e8f10e8fea6c8 Mon Sep 17 00:00:00 2001 From: selfhoster1312 Date: Tue, 21 May 2024 14:44:31 +0200 Subject: [PATCH] Use firewall helper --- manifest.toml | 7 +++++++ scripts/_common.sh | 30 +++++++++++++++++++++++++++++- scripts/install | 14 +++++++++----- scripts/remove | 14 ++------------ scripts/restore | 15 +++++++++++---- scripts/upgrade | 38 ++++++++++++-------------------------- 6 files changed, 70 insertions(+), 48 deletions(-) diff --git a/manifest.toml b/manifest.toml index 0063c8e..19d648e 100644 --- a/manifest.toml +++ b/manifest.toml @@ -146,5 +146,12 @@ ram.runtime = "100M" [resources.ports] main.default = 8095 + # If we ever want to automatically expose the discovery ports without a setting + # servicediscovery.default = 1900 + # servicediscovery.exposed = "UDP" + # servicediscovery.fixed = true + # clientdiscovery.default = 7359 + # clientdiscovery.exposed = "UDP" + # clientdiscovery.fixed = true [resources.apt] diff --git a/scripts/_common.sh b/scripts/_common.sh index 669f9f0..7cb3b0b 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -65,11 +65,39 @@ install_jellyfin_packages() { apt-mark auto jellyfin-server jellyfin-web jellyfin-ffmpeg6 } -open_jellyfin_discovery_ports() { +configure_jellyfin_discovery_ports() { + case $1 in + "install") + install_jellyfin_discovery_ports + ;; + "remove") + remove_jellyfin_discovery_ports + ;; + *) + ynh_print_warn --message="Invalid script calling configure_jellyfin_discovery_ports with args (should be install|remove): $@" + ;; + esac +} + +remove_jellyfin_discovery_ports() { + if [[ $discovery_service -eq 1 ]] && yunohost firewall list | grep -q "\- $discovery_service_port$" +then + ynh_exec_warn_less yunohost firewall disallow UDP $discovery_service_port +fi + +if [[ $discovery_client -eq 1 ]] && yunohost firewall list | grep -q "\- $discovery_client_port$" +then + ynh_exec_warn_less yunohost firewall disallow UDP $discovery_client_port +fi + +} + +install_jellyfin_discovery_ports() { discovery_service=$discovery discovery_client=$discovery if [ "$discovery" -eq 1 ]; then + opened_ports=($discovery_service_port $discovery_client_port) # Open port $discovery_service_port for service auto-discovery if ynh_port_available --port=$discovery_service_port; then diff --git a/scripts/install b/scripts/install index 5919604..515b5ab 100644 --- a/scripts/install +++ b/scripts/install @@ -23,10 +23,8 @@ ynh_app_setting_set --app="$app" --key=config_path --value="$config_path" #================================================= # OPEN PORTS #================================================= - -ynh_script_progression --message="Configuring firewall..." --weight=1 - -open_jellyfin_discovery_ports +ynh_script_progression --message="Checking whether to open ports..." --weight=1 +configure_jellyfin_discovery_ports install #================================================= # INSTALL PACKAGES @@ -107,7 +105,13 @@ ynh_use_logrotate #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add "$app" --description="Jellyfin media center" +ports_args=() +if [[ "${opened_ports:-__NOTHING__}" = "__NOTHING__" ]]; then + ports_args+=('--open-ports') + ports_args+=(${ports}) +fi + +yunohost service add "$app" --description="Jellyfin media center" "${ports_args[@]}" # Only the admin can access the admin panel of the app (if the app has an admin panel) ynh_permission_update --permission="admin" --add="$admin" diff --git a/scripts/remove b/scripts/remove index 40fb648..e08f2b3 100644 --- a/scripts/remove +++ b/scripts/remove @@ -41,18 +41,8 @@ ynh_remove_app_dependencies #================================================= # CLOSE A PORT #================================================= - -if [[ $discovery_service -eq 1 ]] && yunohost firewall list | grep -q "\- $discovery_service_port$" -then - ynh_script_progression --message="Closing port $discovery_service_port..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow UDP $discovery_service_port -fi - -if [[ $discovery_client -eq 1 ]] && yunohost firewall list | grep -q "\- $discovery_client_port$" -then - ynh_script_progression --message="Closing port $discovery_client_port..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow UDP $discovery_client_port -fi +ynh_script_progression --message="Checking whether to open ports..." --weight=1 +configure_jellyfin_discovery_ports remove #================================================= # SPECIFIC REMOVE diff --git a/scripts/restore b/scripts/restore index 45c8098..b18d424 100644 --- a/scripts/restore +++ b/scripts/restore @@ -27,9 +27,8 @@ fi #================================================= # OPEN PORTS #================================================= -ynh_script_progression --message="Configuring firewall..." --weight=1 - -open_jellyfin_discovery_ports +ynh_script_progression --message="Checking whether to open ports..." --weight=1 +configure_jellyfin_discovery_ports install #================================================= # RESTORE THE APP MAIN DIR @@ -93,7 +92,15 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="Jellyfin media center" +ports_args=() +if [[ "${opened_ports:-__NOTHING__}" = "__NOTHING__" ]]; then + ports_args+=('--open-ports') + ports_args+=(${ports}) +fi + +yunohost service add "$app" --description="Jellyfin media center" "${ports_args[@]}" + + #================================================= # START SYSTEMD SERVICE diff --git a/scripts/upgrade b/scripts/upgrade index 36e4f57..a0fc1f8 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -55,31 +55,11 @@ if [ ! -f "/etc/logrotate.d/$app" ]; then ynh_use_logrotate fi -discovery_service=$discovery -discovery_client=$discovery - -if [ $discovery -eq 1 ]; then - ynh_script_progression --message="Configuring firewall..." --weight=1 - - # Open port $discovery_service_port for service auto-discovery - if ynh_port_available --port=$discovery_service_port; then - ynh_exec_warn_less yunohost firewall allow UDP $discovery_service_port - else - discovery_service=0 - ynh_print_warn --message="Port $discovery_service_port (for service auto-discovery) is not available. Continuing nonetheless." - fi - - # Open port $discovery_client_port for client auto-discovery - if ynh_port_available --port=$discovery_client_port; then - ynh_exec_warn_less yunohost firewall allow UDP $discovery_client_port - else - discovery_client=0 - ynh_print_warn --message="Port $discovery_client_port (for client auto-discovery) is not available. Continuing nonetheless." - fi -fi - -ynh_app_setting_set --app=$app --key=discovery_service --value=$discovery_service -ynh_app_setting_set --app=$app --key=discovery_client --value=$discovery_client +#================================================= +# OPEN PORTS +#================================================= +ynh_script_progression --message="Checking whether to open ports..." --weight=1 +configure_jellyfin_discovery_ports install #================================================= # UPGRADE PACKAGES @@ -189,7 +169,13 @@ ynh_use_logrotate #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="Jellyfin media center" +ports_args=() +if [[ "${opened_ports:-__NOTHING__}" = "__NOTHING__" ]]; then + ports_args+=('--open-ports') + ports_args+=(${ports}) +fi + +yunohost service add "$app" --description="Jellyfin media center" "${ports_args[@]}" #================================================= # EDIT SYSTEMD ENVIRONMENT VARIABLE FOR AUTO-DISCOVERY