|
|
|
@ -212,15 +212,17 @@ EOF
|
|
|
|
|
|
|
|
|
|
# Start or restart a service and follow its booting
|
|
|
|
|
#
|
|
|
|
|
# usage: ynh_check_starting "Line to match" [Log file] [Timeout]
|
|
|
|
|
# usage: ynh_check_starting "Line to match" [Log file] [Timeout] [Service name]
|
|
|
|
|
#
|
|
|
|
|
# | arg: Line to match - The line to find in the log to attest the service have finished to boot.
|
|
|
|
|
# | arg: Log file - The log file to watch
|
|
|
|
|
# | arg: Service name
|
|
|
|
|
# /var/log/$app/$app.log will be used if no other log is defined.
|
|
|
|
|
# | arg: Timeout - The maximum time to wait before ending the watching. Defaut 300 seconds.
|
|
|
|
|
ynh_check_starting () {
|
|
|
|
|
local line_to_match="$1"
|
|
|
|
|
local app_log="${2:-/var/log/$app/$app.log}"
|
|
|
|
|
local service_name="${4:-$app}"
|
|
|
|
|
local app_log="${2:-/var/log/$service_name/$service_name.log}"
|
|
|
|
|
local timeout=${3:-300}
|
|
|
|
|
|
|
|
|
|
ynh_clean_check_starting () {
|
|
|
|
@ -229,13 +231,14 @@ ynh_check_starting () {
|
|
|
|
|
ynh_secure_remove "$templog" 2>&1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
echo "Starting of $app" >&2
|
|
|
|
|
systemctl restart $app
|
|
|
|
|
echo "Starting of $service_name" >&2
|
|
|
|
|
systemctl stop $service_name
|
|
|
|
|
local templog="$(mktemp)"
|
|
|
|
|
# Following the starting of the app in its log
|
|
|
|
|
tail -f -n1 "$app_log" > "$templog" &
|
|
|
|
|
tail -F -n0 "$app_log" > "$templog" &
|
|
|
|
|
# Get the PID of the tail command
|
|
|
|
|
local pid_tail=$!
|
|
|
|
|
systemctl start $service_name
|
|
|
|
|
|
|
|
|
|
local i=0
|
|
|
|
|
for i in `seq 1 $timeout`
|
|
|
|
@ -243,7 +246,7 @@ ynh_check_starting () {
|
|
|
|
|
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
|
|
|
|
|
if grep --quiet "$line_to_match" "$templog"
|
|
|
|
|
then
|
|
|
|
|
echo "The service $app has correctly started." >&2
|
|
|
|
|
echo "The service $service_name has correctly started." >&2
|
|
|
|
|
break
|
|
|
|
|
fi
|
|
|
|
|
echo -n "." >&2
|
|
|
|
@ -251,7 +254,7 @@ ynh_check_starting () {
|
|
|
|
|
done
|
|
|
|
|
if [ $i -eq $timeout ]
|
|
|
|
|
then
|
|
|
|
|
echo "The service $app didn't fully started before the timeout." >&2
|
|
|
|
|
echo "The service $service_name didn't fully started before the timeout." >&2
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
echo ""
|
|
|
|
@ -419,55 +422,56 @@ ynh_multimedia_addaccess () {
|
|
|
|
|
# | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3
|
|
|
|
|
# | arg: ports - Ports blocked for a banned IP address - default: http,https
|
|
|
|
|
ynh_add_fail2ban_config () {
|
|
|
|
|
# Process parameters
|
|
|
|
|
logpath=$1
|
|
|
|
|
failregex=$2
|
|
|
|
|
max_retry=${3:-3}
|
|
|
|
|
ports=${4:-http,https}
|
|
|
|
|
|
|
|
|
|
test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
|
|
|
|
|
test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
|
|
|
|
|
|
|
|
|
|
finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf"
|
|
|
|
|
finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf"
|
|
|
|
|
ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
|
|
|
|
|
ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
|
|
|
|
|
|
|
|
|
|
sudo tee $finalfail2banjailconf <<EOF
|
|
|
|
|
# Process parameters
|
|
|
|
|
logpath=$1
|
|
|
|
|
failregex=$2
|
|
|
|
|
max_retry=${3:-3}
|
|
|
|
|
ports=${4:-http,https}
|
|
|
|
|
|
|
|
|
|
test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
|
|
|
|
|
test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
|
|
|
|
|
|
|
|
|
|
finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf"
|
|
|
|
|
finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf"
|
|
|
|
|
ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
|
|
|
|
|
ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
|
|
|
|
|
|
|
|
|
|
sudo tee $finalfail2banjailconf <<EOF
|
|
|
|
|
[$app]
|
|
|
|
|
enabled = true
|
|
|
|
|
port = $ports
|
|
|
|
|
filter = $app
|
|
|
|
|
logpath = $logpath
|
|
|
|
|
maxretry = $max_retry"
|
|
|
|
|
maxretry = $max_retry
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
|
|
sudo tee $finalfail2banfilterconf <<EOF
|
|
|
|
|
sudo tee $finalfail2banfilterconf <<EOF
|
|
|
|
|
[INCLUDES]
|
|
|
|
|
before = common.conf
|
|
|
|
|
[Definition]
|
|
|
|
|
failregex = $failregex
|
|
|
|
|
ignoreregrex ="
|
|
|
|
|
ignoreregex =
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
|
|
ynh_store_file_checksum "$finalfail2banjailconf"
|
|
|
|
|
ynh_store_file_checksum "$finalfail2banfilterconf"
|
|
|
|
|
|
|
|
|
|
sudo systemctl restart fail2ban
|
|
|
|
|
if local fail2ban_error="$(tail -n50 /var/log/fail2ban.log | grep "WARNING Command.*$app.*addfailregex")"
|
|
|
|
|
then
|
|
|
|
|
echo "[ERR] Fail2ban fail to load the jail for $app" >&2
|
|
|
|
|
echo "WARNING${fail2ban_error#*WARNING}" >&2
|
|
|
|
|
fi
|
|
|
|
|
ynh_store_file_checksum "$finalfail2banjailconf"
|
|
|
|
|
ynh_store_file_checksum "$finalfail2banfilterconf"
|
|
|
|
|
|
|
|
|
|
systemctl restart fail2ban
|
|
|
|
|
local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")"
|
|
|
|
|
if [ -n "$fail2ban_error" ]
|
|
|
|
|
then
|
|
|
|
|
echo "[ERR] Fail2ban failed to load the jail for $app" >&2
|
|
|
|
|
echo "WARNING${fail2ban_error#*WARNING}" >&2
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Remove the dedicated fail2ban config (jail and filter conf files)
|
|
|
|
|
#
|
|
|
|
|
# usage: ynh_remove_fail2ban_config
|
|
|
|
|
ynh_remove_fail2ban_config () {
|
|
|
|
|
ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
|
|
|
|
|
ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
|
|
|
|
|
sudo systemctl restart fail2ban
|
|
|
|
|
ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
|
|
|
|
|
ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
|
|
|
|
|
sudo systemctl restart fail2ban
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
@ -480,7 +484,7 @@ ynh_remove_fail2ban_config () {
|
|
|
|
|
ynh_read_manifest () {
|
|
|
|
|
manifest="$1"
|
|
|
|
|
key="$2"
|
|
|
|
|
python3 -c "import sys, json;print(json.load(open('$manifest'))['$key'])"
|
|
|
|
|
python3 -c "import sys, json;print(json.load(open('$manifest', encoding='utf-8'))['$key'])"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Exit without error if the package is up to date
|
|
|
|
@ -525,7 +529,7 @@ ynh_abort_if_up_to_date () {
|
|
|
|
|
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
|
|
|
|
|
# example: "root admin@domain user1 user2"
|
|
|
|
|
ynh_send_readme_to_admin() {
|
|
|
|
|
local app_message="${1:-...No specific informations...}"
|
|
|
|
|
local app_message="${1:-...No specific information...}"
|
|
|
|
|
local recipients="${2:-root}"
|
|
|
|
|
|
|
|
|
|
# Retrieve the email of users
|
|
|
|
@ -556,7 +560,7 @@ ynh_send_readme_to_admin() {
|
|
|
|
|
|
|
|
|
|
local mail_message="This is an automated message from your beloved YunoHost server.
|
|
|
|
|
|
|
|
|
|
Specific informations for the application $app.
|
|
|
|
|
Specific information for the application $app.
|
|
|
|
|
|
|
|
|
|
$app_message
|
|
|
|
|
|
|
|
|
@ -569,6 +573,45 @@ $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
|
|
|
|
|
echo "$mail_message" | mail -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
|
|
# Reload (or other actions) a service and print a log in case of failure.
|
|
|
|
|
#
|
|
|
|
|
# usage: ynh_system_reload service_name [action]
|
|
|
|
|
# | arg: service_name - Name of the service to reload
|
|
|
|
|
# | arg: action - Action to perform with systemctl. Default: reload
|
|
|
|
|
ynh_system_reload () {
|
|
|
|
|
local service_name=$1
|
|
|
|
|
local action=${2:-reload}
|
|
|
|
|
|
|
|
|
|
# Reload, restart or start and print the log if the service fail to start or reload
|
|
|
|
|
systemctl $action $service_name || ( journalctl --lines=20 -u $service_name >&2 && false)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
|
|
ynh_debian_release () {
|
|
|
|
|
lsb_release --codename --short
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
is_stretch () {
|
|
|
|
|
if [ "$(ynh_debian_release)" == "stretch" ]
|
|
|
|
|
then
|
|
|
|
|
return 0
|
|
|
|
|
else
|
|
|
|
|
return 1
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
is_jessie () {
|
|
|
|
|
if [ "$(ynh_debian_release)" == "jessie" ]
|
|
|
|
|
then
|
|
|
|
|
return 0
|
|
|
|
|
else
|
|
|
|
|
return 1
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
#============= FUTURE YUNOHOST HELPER ============
|
|
|
|
|
#=================================================
|
|
|
|
|