From 1e3108a85ae3560ebf0422114bd59c1e7afed899 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 18 Jan 2024 16:39:14 +0100 Subject: [PATCH] Update manifestv2 --- scripts/_common.sh | 39 ++++++-- scripts/backup | 26 ++--- scripts/install | 156 ++++++++--------------------- scripts/remove | 51 +++------- scripts/restore | 108 +++++--------------- scripts/upgrade | 245 ++++++++------------------------------------- 6 files changed, 164 insertions(+), 461 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 900dd62..f3cb8e5 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -8,11 +8,30 @@ # PERSONAL HELPERS #================================================= -ynh_version_gt () -{ - dpkg --compare-versions "$1" gt "$2" +_setup_sources() { + # Download, check integrity, uncompress and patch the source from app.src + declare -A packages=( + [jitsi-jicofo]="jicofo" + [jitsi-meet-prosody]="jitsi-meet/prosody-plugins" + [jitsi-meet-web]="jitsi-meet" + [jitsi-videobridge]="jitsi-videobridge" + ) + + for package in "${!packages[@]}"; do + ynh_setup_source --dest_dir="$install_dir/temp" --source_id="$package" + pushd "$install_dir/temp" + ar x "$package.deb" data.tar.xz + tar xf data.tar.xz + popd + + mv "$install_dir/temp/usr/share/${packages[$package]}/" "$install_dir/$package/" + ynh_secure_remove --file="$install_dir/temp" + done + + ynh_setup_source --dest_dir="$install_dir/jitsi-meet-prosody" --source_id=mod_auth_ldap } + ynh_jniwrapper_armhf () { @@ -27,20 +46,18 @@ ynh_jniwrapper_armhf () packages_arm[jitsi-sctp]="jitsi-sctp" packages_arm[usrsctp]="jitsi-sctp/usrsctp/usrsctp" - for package_arm in "${!packages_arm[@]}" - do - ynh_setup_source --dest_dir="$tempdir/${packages_arm[$package_arm]}" --source_id=$package_arm + for package_arm in "${!packages_arm[@]}"; do + ynh_setup_source --dest_dir="$tempdir/${packages_arm[$package_arm]}" --source_id=$package_arm done # needed to make compile works - if [ ! -d "$tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/" ] - then - mkdir -p $tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/ + if [ ! -d "$tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/" ]; then + mkdir -p $tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/ fi pushd "$tempdir/jitsi-sctp" - mvn package -DbuildSctp -DbuildNativeWrapper -DdeployNewJnilib -DskipTests - mvn package + mvn package -DbuildSctp -DbuildNativeWrapper -DdeployNewJnilib -DskipTests + mvn package popd # rm official jniwrapper to copy diff --git a/scripts/backup b/scripts/backup index 686d212..3a167ba 100644 --- a/scripts/backup +++ b/scripts/backup @@ -22,26 +22,24 @@ ynh_print_info --message="Declaring files to be backed up..." ynh_backup --src_path="$install_dir" #================================================= -# BACKUP THE NGINX CONFIGURATION +# SYSTEM CONFIGURATION #================================================= +# Backup the nginx configuration ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# SPECIFIC BACKUP -#================================================= -# BACKUP LOGROTATE -#================================================= - -ynh_backup --src_path="/etc/logrotate.d/$app" - -#================================================= -# BACKUP SYSTEMD -#================================================= - +# Backup the systemd service units ynh_backup --src_path="/etc/systemd/system/$app-videobridge.service" ynh_backup --src_path="/etc/systemd/system/$app-jicofo.service" +# Backup the logrotate configuration +ynh_backup --src_path="/etc/logrotate.d/$app" + +# Backup the Fail2Ban config +ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" +ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" + + #================================================= # BACKUP VARIOUS FILES #================================================= @@ -50,6 +48,8 @@ ynh_backup --src_path="/etc/$app/" ynh_backup --src_path="/etc/prosody/conf.avail/$domain.cfg.lua" +ynh_backup --src_path="/var/log/$app/" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 0e6924d..bcf914a 100644 --- a/scripts/install +++ b/scripts/install @@ -10,95 +10,57 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST +# INITIALIZE AND STORE SETTINGS #================================================= -#YOURSECRET3 -focus_password=$(ynh_string_random --length=8) -#YOURSECRET1 -videobridge_secret=$(ynh_string_random --length=8) -#YOURSECRET2 -focus_secret=$(ynh_string_random --length=8) - -#OTHER SECRET -turn_secret=$(ynh_string_random --length=8) - focus_user="focus" +focus_password=$(ynh_string_random --length=8) +ynh_app_setting_set --app="$app" --key=focus_user --value="$focus_user" +ynh_app_setting_set --app="$app" --key=focus_password --value="$focus_password" videobridge_user="jvb" +videobridge_secret=$(ynh_string_random --length=8) +ynh_app_setting_set --app="$app" --key=videobridge_user --value="$videobridge_user" +ynh_app_setting_set --app="$app" --key=videobridge_secret --value="$videobridge_secret" + +focus_secret=$(ynh_string_random --length=8) +turn_secret=$(ynh_string_random --length=8) +ynh_app_setting_set --app="$app" --key=focus_secret --value="$focus_secret" +ynh_app_setting_set --app="$app" --key=turn_secret --value="$turn_secret" max_memory=200 #125 mib with no user +1,5*50 users=75 mib +ynh_app_setting_set --app="$app" --key=max_memory --value="$max_memory" -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." --weight=1 - -ynh_app_setting_set --app=$app --key=max_memory --value=$max_memory -ynh_app_setting_set --app=$app --key=focus_user --value=$focus_user -ynh_app_setting_set --app=$app --key=focus_password --value=$focus_password -ynh_app_setting_set --app=$app --key=focus_secret --value=$focus_secret -ynh_app_setting_set --app=$app --key=videobridge_user --value=$videobridge_user -ynh_app_setting_set --app=$app --key=videobridge_secret --value=$videobridge_secret -ynh_app_setting_set --app=$app --key=turn_secret --value=$turn_secret - -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing dependencies..." --weight=1 - -if [ $YNH_ARCH == "armhf" ] -then - ynh_script_progression --message="Installing specific arm dependencies..." - ynh_install_extra_app_dependencies --repo="deb http://security.debian.org/debian-security stretch/updates main" --package="$pkg_extra_depedencies_arm" --key="https://ftp-master.debian.org/keys/archive-key-9-security.asc" -fi +muc_nickname=$(uuidgen) +ynh_app_setting_set --app="$app" --key=muc_nickname --value="$muc_nickname" #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Configuring system user..." --weight=1 -# Create a system user -gpasswd --add prosody $app -gpasswd --add www-data $app +gpasswd --add prosody "$app" +gpasswd --add www-data "$app" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 -# Download, check integrity, uncompress and patch the source from app.src -declare -A packages -packages[jitsi-jicofo]="jicofo" -packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins" -packages[jitsi-meet-web]="jitsi-meet" -packages[jitsi-videobridge]="jitsi-videobridge" - -for package in "${!packages[@]}" -do - ynh_setup_source --dest_dir="$install_dir/${package}_temp" --source_id=$package - pushd "$install_dir/${package}_temp" - ar x $package.deb data.tar.xz - tar xf data.tar.xz - popd - - mv "$install_dir/${package}_temp/usr/share/${packages[$package]}/" "$install_dir/${package}/" - ynh_secure_remove --file="$install_dir/${package}_temp" -done - -ynh_setup_source --dest_dir="$install_dir/jitsi-meet-prosody" --source_id=mod_auth_ldap +_setup_sources chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" +chown -R "$app:$app" "$install_dir" #================================================= -# NGINX CONFIGURATION +# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE #================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=1 -# Create a dedicated NGINX config -ynh_add_nginx_config +if [ "$YNH_ARCH" == "armhf" ]; then + ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1 + ynh_jniwrapper_armhf +fi #================================================= # SPECIFIC SETUP @@ -111,12 +73,12 @@ ynh_add_config --template="prosody.cfg.lua" --destination="/etc/prosody/conf.ava chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua" ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua" -echo | prosodyctl cert generate $domain +ynh_exec_warn_less prosodyctl cert generate "$domain" ln -sf "/var/lib/prosody/$domain.key" "/etc/prosody/certs/$domain.key" ln -sf "/var/lib/prosody/$domain.crt" "/etc/prosody/certs/$domain.crt" ln -sf "/var/lib/prosody/$domain.crt" "/usr/local/share/ca-certificates/$domain.crt" -echo | prosodyctl cert generate "auth.$domain" +ynh_exec_warn_less prosodyctl cert generate "auth.$domain" ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key" ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt" ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt" @@ -126,10 +88,8 @@ update-ca-certificates -f ynh_systemd_action --service_name="prosody" --action="restart" prosodyctl register "$focus_user" "auth.$domain" "$focus_password" - prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret" - -prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain +prosodyctl mod_roster_command subscribe "$focus_user.$domain" "$focus_user@auth.$domain" #================================================= # CONFIGURE JITSI-VIDEOBRIDGE @@ -139,31 +99,14 @@ ynh_script_progression --message="Configuring Jitsi-Videobridge..." --weight=1 public_ipv4="$(curl ip.yunohost.org)" || true private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true -muc_nickname=$(uuidgen) -ynh_app_setting_set --app=$app --key=muc_nickname --value=$muc_nickname - mkdir -p "/etc/$app/videobridge" ynh_add_config --template="jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties" - ynh_add_config --template="jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf" - ynh_add_config --template="jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties" - ynh_add_config --template="jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties" - ynh_add_config --template="jitsi-videobridge.config" --destination="/etc/$app/videobridge/config" -#================================================= -# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE -#================================================= - -if [ $YNH_ARCH == "armhf" ] -then - ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1 - ynh_jniwrapper_armhf -fi - #================================================= # CONFIGURE JITSI-JICOFO #================================================= @@ -172,9 +115,7 @@ ynh_script_progression --message="Configuring Jitsi-Jicofo..." --weight=1 mkdir -p "/etc/$app/jicofo" ynh_add_config --template="jitsi-jicofo-config" --destination="/etc/$app/jicofo/config" - ynh_add_config --template="jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf" - ynh_add_config --template="jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties" #================================================= @@ -187,49 +128,34 @@ mkdir -p "/etc/$app/meet" ynh_add_config --template="jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js" chmod 644 "/etc/$app/meet/$domain-config.js" -#================================================= -# CREATE LOG DIR -#================================================= -ynh_script_progression --message="Creating log dir..." --weight=1 - -mkdir -p "/var/log/$app" -chown -R $app: /var/log/$app -chmod -R 770 /var/log/$app - #================================================= # SECURE FILES AND DIRECTORIES #================================================= ynh_script_progression --message="Securing files and directories..." --weight=1 # Set permissions to app files -chown -R $app: /etc/$app +chown -R "$app:" "/etc/$app" #================================================= -# SETUP SYSTEMD +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring a systemd service..." --weight=1 +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 + +# Create a dedicated NGINX config +ynh_add_nginx_config # Create a dedicated systemd config -ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service" -ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service" +ynh_add_systemd_config --service="$app-videobridge" --template="jitsi-videobridge.service" +yunohost service add "$app-videobridge" --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports "$port" "$port_videobridge" -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 +ynh_add_systemd_config --service="$app-jicofo" --template="jitsi-jicofo.service" +yunohost service add "$app-jicofo" --log "/var/log/$app/$app-jicofo.log" # Use logrotate to manage application logfile(s) ynh_use_logrotate -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge -yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log" +chown -R "$app:" "/var/log/$app" +chmod -R 770 "/var/log/$app" #================================================= # START SYSTEMD SERVICE @@ -237,8 +163,8 @@ yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log" ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service -ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" -ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" +ynh_systemd_action --service_name="$app-jicofo" --action="start" --log_path="/var/log/$app/$app-jicofo.log" +ynh_systemd_action --service_name="$app-videobridge" --action="start" --log_path="/var/log/$app/$app-videobridge.log" #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index 980dd59..d7a6509 100644 --- a/scripts/remove +++ b/scripts/remove @@ -10,38 +10,36 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# STANDARD REMOVE -#================================================= -# REMOVE SERVICE INTEGRATION IN YUNOHOST +# REMOVE SYSTEM CONFIGURATIONS #================================================= +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status $app-videobridge >/dev/null -then - ynh_script_progression --message="Removing $app-videobridge service..." --weight=1 - yunohost service remove $app-videobridge +if ynh_exec_warn_less yunohost service status "$app-videobridge" >/dev/null; then + yunohost service remove "$app-videobridge" fi -if ynh_exec_warn_less yunohost service status $app-jicofo >/dev/null -then - ynh_script_progression --message="Removing $app-jicofo service..." --weight=1 - yunohost service remove $app-jicofo +if ynh_exec_warn_less yunohost service status "$app-jicofo" >/dev/null; then + yunohost service remove "$app-jicofo" fi # Remove the dedicated systemd config -ynh_remove_systemd_config --service=$app-videobridge -ynh_remove_systemd_config --service=$app-jicofo +ynh_remove_systemd_config --service="$app-videobridge" +ynh_remove_systemd_config --service="$app-jicofo" # Remove the app-specific logrotate config ynh_remove_logrotate +# Remove the dedicated NGINX config +ynh_remove_nginx_config + #================================================= # RECONFIGURE PROSODY #================================================= ynh_script_progression --message="Reconfiguring Prosody..." --weight=1 -prosodyctl deluser $focus_user@auth.$domain || true -prosodyctl deluser $videobridge_user@auth.$domain || true +prosodyctl deluser "$focus_user@auth.$domain" || true +prosodyctl deluser "$videobridge_user@auth.$domain" || true # Remove domain conf template ynh_secure_remove --file="/etc/prosody/conf.d/$domain.cfg.lua" @@ -60,24 +58,16 @@ ynh_secure_remove --file="/usr/local/share/ca-certificates/auth.$domain.crt" update-ca-certificates -f +gpasswd --delete prosody "$app" + ynh_systemd_action --service_name=prosody --action=restart -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 - -# Remove the dedicated NGINX config -ynh_remove_nginx_config - #================================================= # REMOVE DEPENDENCIES #================================================= ynh_script_progression --message="Removing dependencies..." --weight=1 -# Remove Prosody -ynh_app_setting_delete --app=$app --key=require_prosody -gpasswd --delete prosody $app +ynh_app_setting_delete --app="$app" --key=require_prosody ynh_remove_apps @@ -94,15 +84,6 @@ ynh_secure_remove --file="/etc/$app" # Remove the log files ynh_secure_remove --file="/var/log/$app" -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 - -gpasswd --delete www-data $app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 44a0e08..86e41fe 100644 --- a/scripts/restore +++ b/scripts/restore @@ -15,10 +15,10 @@ source /usr/share/yunohost/helpers #================================================= # RECREATE THE DEDICATED USER #================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 +ynh_script_progression --message="Reconfiguring the dedicated system user..." --weight=1 -# Create the dedicated user (if not existing) -gpasswd --add www-data $app +gpasswd --add prosody "$app" +gpasswd --add www-data "$app" #================================================= # RESTORE THE APP MAIN DIR @@ -29,42 +29,7 @@ ynh_restore_file --origin_path="$install_dir" chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" - -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." --weight=1 - -# Define and install dependencies -ynh_install_apps --apps="$ynh_app_dependencies" - ynh_install_app_dependencies $pkg_dependencies - -if [ $YNH_ARCH == "armhf" ] -then - ynh_script_progression --message="Installing specific arm dependencies..." --weight=1 - ynh_install_extra_app_dependencies --repo="deb http://security.debian.org/debian-security stretch/updates main" --package="$pkg_extra_depedencies_arm" --key="https://ftp-master.debian.org/keys/archive-key-9-security.asc" -fi - -gpasswd --add prosody $app - -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# CONFIGURE FIREWALL -#================================================= -ynh_script_progression --message="Configuring firewall..." --weight=1 - -# Open this port -ynh_exec_warn_less yunohost firewall allow TCP $port -ynh_exec_warn_less yunohost firewall allow UDP $port_videobridge +chown -R "$app:$app" "$install_dir" #================================================= # CONFIGURE PROSODY @@ -75,9 +40,11 @@ ynh_restore_file --origin_path="/etc/prosody/conf.avail/$domain.cfg.lua" chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua" ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua" -ln -sf /var/lib/prosody/$domain.key /etc/prosody/certs/$domain.key -ln -sf /var/lib/prosody/$domain.crt /etc/prosody/certs/$domain.crt +ynh_exec_warn_less prosodyctl cert generate "$domain" +ln -sf "/var/lib/prosody/$domain.key" "/etc/prosody/certs/$domain.key" +ln -sf "/var/lib/prosody/$domain.crt" "/etc/prosody/certs/$domain.crt" +ynh_exec_warn_less prosodyctl cert generate "auth.$domain" ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key" ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt" ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt" @@ -87,67 +54,42 @@ update-ca-certificates -f ynh_systemd_action --service_name="prosody" --action="restart" prosodyctl register "$focus_user" "auth.$domain" "$focus_password" - prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret" - -prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain +prosodyctl mod_roster_command subscribe "$focus_user.$domain" "$focus_user@auth.$domain" #================================================= -# RESTORE THE APP CONFIG +# RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Restoring the app config..." --weight=1 +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 -ynh_restore_file --origin_path="/etc/$app" - -chmod 644 "/etc/$app/meet/$domain-config.js" - -#================================================= -# CREATE LOG DIR -#================================================= -ynh_script_progression --message="Creating log dir..." --weight=1 - -mkdir -p "/var/log/$app" -chown -R $app: /var/log/$app - -#================================================= -# RESTORE SYSTEMD -#================================================= -ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/systemd/system/$app-videobridge.service" -systemctl enable $app-videobridge.service --quiet -ynh_restore_file --origin_path="/etc/systemd/system/$app-jicofo.service" -systemctl enable $app-jicofo.service --quiet +systemctl enable "$app-videobridge.service" --quiet +yunohost service add "$app-videobridge" --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 +ynh_restore_file --origin_path="/etc/systemd/system/$app-jicofo.service" +systemctl enable "$app-jicofo.service" --quiet +yunohost service add "$app-jicofo" --log "/var/log/$app/$app-jicofo.log" ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= -# INTEGRATE SERVICE IN YUNOHOST +# RESTORE VARIOUS FILES #================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge -yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log" +ynh_restore_file --origin_path="/etc/$app/" +chmod 644 "/etc/$app/meet/$domain-config.js" + +ynh_restore_file --origin_path="/var/log/$app/" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 +ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 -ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" -ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX AND PHP-FPM -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +ynh_systemd_action --service_name="$app-jicofo" --action="start" --log_path="/var/log/$app/$app-jicofo.log" +ynh_systemd_action --service_name="$app-videobridge" --action="start" --log_path="/var/log/$app/$app-videobridge.log" ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index 8e6e57c..f19a956 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,55 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading settings..." --weight=1 - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) - -#REMOVEME? max_memory=$(ynh_app_setting_get --app=$app --key=max_memory) - -#REMOVEME? focus_user=$(ynh_app_setting_get --app=$app --key=focus_user) -#REMOVEME? focus_password=$(ynh_app_setting_get --app=$app --key=focus_password) -#REMOVEME? focus_secret=$(ynh_app_setting_get --app=$app --key=focus_secret) - -#REMOVEME? videobridge_user=$(ynh_app_setting_get --app=$app --key=videobridge_user) -#REMOVEME? videobridge_secret=$(ynh_app_setting_get --app=$app --key=videobridge_secret) - -#REMOVEME? turn_secret=$(ynh_app_setting_get --app=$app --key=turn_secret) -#REMOVEME? muc_nickname=$(ynh_app_setting_get --app=$app --key=muc_nickname) - -#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) -#REMOVEME? port_videobridge=$(ynh_app_setting_get --app=$app --key=port_videobridge) -#REMOVEME? port_component=$(ynh_app_setting_get --app=$app --key=port_component) - -#================================================= -# CHECK VERSION -#================================================= -ynh_script_progression --message="Checking version..." --weight=1 - -upgrade_type=$(ynh_check_app_version_changed) -current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$app/manifest.json" --manifest_key="version" || echo 1.0) - -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -#REMOVEME? ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." - -# Backup the current version of the app -#REMOVEME? ynh_backup_before_upgrade -#REMOVEME? ynh_clean_setup () { - # Restore it if the upgrade fails -#REMOVEME? ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -65,182 +16,81 @@ current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$app/manifest #================================================= ynh_script_progression --message="Stopping a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app-videobridge --action="stop" --log_path="/var/log/$app/$app-videobridge.log" -ynh_systemd_action --service_name=$app-jicofo --action="stop" --log_path="/var/log/$app/$app-jicofo.log" +ynh_systemd_action --service_name="$app-videobridge" --action="stop" --log_path="/var/log/$app/$app-videobridge.log" +ynh_systemd_action --service_name="$app-jicofo" --action="stop" --log_path="/var/log/$app/$app-jicofo.log" #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 -# If install_dir doesn't exist, create it -if [ -z "$install_dir" ]; then -#REMOVEME? install_dir=/var/www/$app -#REMOVEME? ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir -fi - # If max_memory doesn't exist, create it and set to default 75 mb value if [ -z "$max_memory" ]; then - max_memory=200 - ynh_app_setting_set --app=$app --key=max_memory --value=$max_memory + max_memory=200 + ynh_app_setting_set --app="$app" --key=max_memory --value="$max_memory" fi -#================================================= -# CREATE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" -gpasswd --add www-data $app +gpasswd --add prosody "$app" +gpasswd --add www-data "$app" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_script_progression --message="Upgrading source files..." --weight=1 -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." --weight=1 - - # Download, check integrity, uncompress and patch the source from app.src - declare -A packages - packages[jitsi-jicofo]="jicofo" - packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins" - packages[jitsi-meet-web]="jitsi-meet" - packages[jitsi-videobridge]="jitsi-videobridge" - - for package in "${!packages[@]}" - do -#REMOVEME? ynh_secure_remove --file="$install_dir/${package}" - ynh_setup_source --dest_dir="$install_dir/${package}_temp" --source_id=$package - pushd "$install_dir/${package}_temp" - ar x $package.deb data.tar.xz - tar xf data.tar.xz - popd - - mv "$install_dir/${package}_temp/usr/share/${packages[$package]}/" "$install_dir/${package}/" -#REMOVEME? ynh_secure_remove --file="$install_dir/${package}_temp" - done - - ynh_setup_source --dest_dir="$install_dir/jitsi-meet-prosody" --source_id=mod_auth_ldap -fi +_setup_sources chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" +chown -R "$app:$app" "$install_dir" #================================================= -# UPGRADE DEPENDENCIES +# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE #================================================= -#REMOVEME? ynh_script_progression --message="Upgrading dependencies..." --weight=1 -ynh_install_apps --apps="$ynh_app_dependencies" -#REMOVEME? ynh_install_app_dependencies $pkg_dependencies - -if [ $YNH_ARCH == "armhf" ] -then -#REMOVEME? ynh_script_progression --message="Installing specific arm dependencies..." --weight=1 -#REMOVEME? ynh_install_extra_app_dependencies --repo="deb http://security.debian.org/debian-security stretch/updates main" --package="$pkg_extra_depedencies_arm" --key="https://ftp-master.debian.org/keys/archive-key-9-security.asc" +if [ "$YNH_ARCH" == "armhf" ]; then + ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1 + ynh_jniwrapper_armhf fi -gpasswd --add prosody $app - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# SPECIFIC UPGRADE -#================================================= -# CONFIGURE FIREWALL -#================================================= -ynh_script_progression --message="Configuring firewall..." --weight=1 - -# Open this port -ynh_exec_warn_less yunohost firewall allow TCP $port -ynh_exec_warn_less yunohost firewall allow UDP $port_videobridge - #================================================= # CONFIGURE PROSODY #================================================= ynh_script_progression --message="Configuring Prosody..." --weight=1 -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_add_config --template="../conf/prosody.cfg.lua" --destination="/etc/prosody/conf.avail/$domain.cfg.lua" - chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua" -fi +ynh_add_config --template="../conf/prosody.cfg.lua" --destination="/etc/prosody/conf.avail/$domain.cfg.lua" +chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua" #================================================= # CONFIGURE JITSI-VIDEOBRIDGE #================================================= ynh_script_progression --message="Configuring Jitsi-Videobridge..." --weight=1 -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - public_ipv4="$(curl ip.yunohost.org)" || true - private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true +public_ipv4="$(curl ip.yunohost.org)" || true +private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true - ynh_add_config --template="../conf/jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties" - - ynh_add_config --template="../conf/jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf" - - ynh_add_config --template="../conf/jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties" - - ynh_add_config --template="../conf/jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties" - - ynh_add_config --template="../conf/jitsi-videobridge.config" --destination="/etc/$app/videobridge/config" -fi - - -#================================================= -# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE -#================================================= - -if [ $YNH_ARCH == "armhf" ] -then - ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1 - ynh_jniwrapper_armhf - -fi +ynh_add_config --template="../conf/jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties" +ynh_add_config --template="../conf/jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf" +ynh_add_config --template="../conf/jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties" +ynh_add_config --template="../conf/jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties" +ynh_add_config --template="../conf/jitsi-videobridge.config" --destination="/etc/$app/videobridge/config" #================================================= # CONFIGURE JITSI-JICOFO #================================================= ynh_script_progression --message="configuring Jitsi-Jicofo..." --weight=1 -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_add_config --template="../conf/jitsi-jicofo-config" --destination="/etc/$app/jicofo/config" - - ynh_add_config --template="../conf/jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf" - - ynh_add_config --template="../conf/jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties" -fi +ynh_add_config --template="../conf/jitsi-jicofo-config" --destination="/etc/$app/jicofo/config" +ynh_add_config --template="../conf/jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf" +ynh_add_config --template="../conf/jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties" #================================================= # CONFIGURE JITSI-MEET #================================================= ynh_script_progression --message="Configuring Jitsi-Meet..." --weight=1 -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_add_config --template="../conf/jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js" - chmod 644 "/etc/$app/meet/$domain-config.js" -fi - -#================================================= -# CREATE LOG DIR -#================================================= -ynh_script_progression --message="Creating log dir..." --weight=1 - -mkdir -p "/var/log/$app" -chown -R $app: /var/log/$app -chmod -R 770 /var/log/$app +ynh_add_config --template="../conf/jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js" +chmod 644 "/etc/$app/meet/$domain-config.js" #================================================= # SECURE FILES AND DIRECTORIES @@ -248,49 +98,36 @@ chmod -R 770 /var/log/$app ynh_script_progression --message="Securing files and directories..." --weight=1 # Set permissions on app files -chown -R $app: /etc/$app +chown -R "$app:" "/etc/$app" #================================================= -# SETUP SYSTEMD +# REAPPLY SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 + +# Create a dedicated NGINX config +ynh_add_nginx_config # Create a dedicated systemd config -ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service" -ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service" +ynh_add_systemd_config --service="$app-videobridge" --template="jitsi-videobridge.service" +yunohost service add "$app-videobridge" --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports "$port" "$port_videobridge" -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 +ynh_add_systemd_config --service="$app-jicofo" --template="jitsi-jicofo.service" +yunohost service add "$app-jicofo" --log "/var/log/$app/$app-jicofo.log" # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge -yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log" +chown -R "$app:" "/var/log/$app" +chmod -R 770 "/var/log/$app" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" -ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" - -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload +ynh_systemd_action --service_name="$app-jicofo" --action="start" --log_path="/var/log/$app/$app-jicofo.log" +ynh_systemd_action --service_name="$app-videobridge" --action="start" --log_path="/var/log/$app/$app-videobridge.log" #================================================= # END OF SCRIPT