diff --git a/actions.json b/actions.json new file mode 100644 index 0000000..e506b49 --- /dev/null +++ b/actions.json @@ -0,0 +1,20 @@ +[{ + "id": "public_private", + "name": "Move to public or private", + "command": "/bin/bash scripts/actions/public_private", + "user": "root", + "accepted_return_codes": [0], + "description": { + "en": "Change the public access of the app." + }, + "arguments": [ + { + "name": "is_public", + "type": "boolean", + "ask": { + "en": "Is it a public app ?" + }, + "default": true + } + ] +}] diff --git a/config_panel.json b/config_panel.json new file mode 100644 index 0000000..ed71819 --- /dev/null +++ b/config_panel.json @@ -0,0 +1,30 @@ +{ + "name": "Jenkins configuration panel", + "version": "0.1", + "panel": [{ + "name": "Jenkins configuration", + "id": "main", + "sections": [{ + "name": "Public access", + "id": "is_public", + "options": [{ + "name": "Is it a public app ?", + "id": "is_public", + "type": "bool", + "default": true + }] + }, + { + "name": "Overwriting config files", + "id": "overwrite_files", + "options": [{ + "name": "Overwrite the nginx config file ?", + "help": "If the file is overwritten, a backup will be created.", + "id": "overwrite_nginx", + "type": "bool", + "default": true + }] + }] + } +] +} diff --git a/scripts/_common.sh b/scripts/_common.sh index 21234d0..8d58e36 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -30,6 +30,24 @@ IS_PACKAGE_CHECK () { return $(env | grep -c container=lxc) } +#================================================= +# BOOLEAN CONVERTER +#================================================= + +bool_to_01 () { + local var="$1" + [ "$var" = "true" ] && var=1 + [ "$var" = "false" ] && var=0 + echo "$var" +} + +bool_to_true_false () { + local var="$1" + [ "$var" = "1" ] && var=true + [ "$var" = "0" ] && var=false + echo "$var" +} + #================================================= # EXPERIMENTAL HELPERS #================================================= @@ -517,7 +535,7 @@ EOF ynh_store_file_checksum "$finalfail2banjailconf" ynh_store_file_checksum "$finalfail2banfilterconf" - systemctl reload fail2ban + systemctl restart fail2ban local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")" if [ -n "$fail2ban_error" ] then @@ -532,7 +550,7 @@ EOF ynh_remove_fail2ban_config () { ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf" ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" - systemctl reload fail2ban + systemctl restart fail2ban } #================================================= diff --git a/scripts/actions/public_private b/scripts/actions/public_private new file mode 100755 index 0000000..fa17c0a --- /dev/null +++ b/scripts/actions/public_private @@ -0,0 +1,60 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +# Get is_public +is_public=${YNH_ACTION_IS_PUBLIC} + +app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} + +#================================================= +# CHECK IF ARGUMENTS ARE CORRECT +#================================================= + +#================================================= +# CHECK IF AN ACTION HAS TO BE DONE +#================================================= + +is_public_old=$(ynh_app_setting_get $app is_public) + +if [ $is_public -eq $is_public_old ] +then + ynh_die "is_public is already set as $is_public." 0 +fi + +#================================================= +# SPECIFIC ACTION +#================================================= +# MOVE TO PUBLIC OR PRIVATE +#================================================= + +if [ $is_public -eq 0 ] +then + ynh_app_setting_delete $app unprotected_uris + ynh_app_setting_set $app skipped_uris "/github-webhook" # /path/github-webhook doit rester accessible pour les webhooks de github. +else + ynh_app_setting_delete $app skipped_uris + ynh_app_setting_set $app unprotected_uris "/" +fi + +# Regen ssowat configuration +yunohost app ssowatconf + +# Update the config of the app +ynh_app_setting_set $app is_public $is_public + +#================================================= +# RELOAD NGINX +#================================================= + +systemctl reload nginx diff --git a/scripts/config b/scripts/config new file mode 100644 index 0000000..9319a80 --- /dev/null +++ b/scripts/config @@ -0,0 +1,84 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers +# Load common variables for all scripts. +source _variables + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} + +final_path=$(ynh_app_setting_get $app final_path) + +#================================================= +# SPECIFIC CODE +#================================================= +# LOAD VALUES +#================================================= + +# Load the real value from the app config or elsewhere. +# Then get the value from the form. +# If the form has a value for a variable, take the value from the form, +# Otherwise, keep the value from the app config. + +# is_public +old_is_public="$(ynh_app_setting_get $app is_public)" +old_is_public=$(bool_to_true_false $old_is_public) +is_public="${YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC:-$old_is_public}" + +# Overwrite nginx configuration +old_overwrite_nginx="$(ynh_app_setting_get $app overwrite_nginx)" +old_overwrite_nginx=$(bool_to_true_false $old_overwrite_nginx) +overwrite_nginx="${YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX:-$old_overwrite_nginx}" + +#================================================= +# SHOW_CONFIG FUNCTION FOR 'SHOW' COMMAND +#================================================= + +show_config() { + # here you are supposed to read some config file/database/other then print the values + # echo "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" + + echo "YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC=$is_public" + + echo "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx" +} + +#================================================= +# MODIFY THE CONFIGURATION +#================================================= + +apply_config() { + + # Change public accessibility + if [ "$is_public" = "true" ] + then + yunohost app action run $app public_private --args is_public=1 + else + yunohost app action run $app public_private --args is_public=0 + fi + + # Set overwrite_nginx + overwrite_nginx=$(bool_to_01 $overwrite_nginx) + ynh_app_setting_set $app overwrite_nginx "$overwrite_nginx" +} + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SELECT THE ACTION FOLLOWING THE GIVEN ARGUMENT +#================================================= + +case $1 in + show) show_config;; + apply) apply_config;; +esac diff --git a/scripts/install b/scripts/install index 036ace0..1696ff4 100644 --- a/scripts/install +++ b/scripts/install @@ -58,6 +58,7 @@ ynh_app_setting_set $app domain $domain ynh_app_setting_set $app path $path_url ynh_app_setting_set $app is_public $is_public ynh_app_setting_set $app final_path $final_path +ynh_app_setting_set $app overwrite_nginx "1" #================================================= # STANDARD MODIFICATIONS diff --git a/scripts/upgrade b/scripts/upgrade index 102e4e4..dd4390e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -22,6 +22,7 @@ domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) is_public=$(ynh_app_setting_get $app is_public) port=$(ynh_app_setting_get $app port) +overwrite_nginx=$(ynh_app_setting_get $app overwrite_nginx) #================================================= # CHECK VERSION @@ -41,6 +42,12 @@ elif [ "$is_public" = "No" ]; then is_public=0 fi +# If overwrite_nginx doesn't exist, create it +if [ -z "$overwrite_nginx" ]; then + overwrite_nginx=1 + ynh_app_setting_set $app overwrite_nginx $overwrite_nginx +fi + # Remove the apt list entry for jenkins if [ -e "/etc/apt/sources.list.d/jenkins.list" ] then @@ -97,7 +104,11 @@ fi # NGINX CONFIGURATION #================================================= -ynh_add_nginx_config +# Overwrite the nginx configuration only if it's allowed +if [ $overwrite_nginx -eq 1 ] +then + ynh_add_nginx_config +fi #================================================= # SETUP SSOWAT