YunoHost-Apps/jitsi_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/jitsi_ynh.git synced 2024-09-03 19:35:57 +02:00
Code Issues Activity Actions

Update manifestv2

Browse source
This commit is contained in:
Salamandar 2024-01-18 16:39:14 +01:00
parent b7f9e1ab9f
commit 1e3108a85a
6 changed files with 164 additions and 461 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
scripts/_common.sh
View file

@ -8,11 +8,30 @@
# PERSONAL HELPERS # PERSONAL HELPERS
#================================================= #=================================================
ynh_version_gt () _setup_sources() {
{ # Download, check integrity, uncompress and patch the source from app.src
dpkg --compare-versions "$1" gt "$2" declare -A packages=(
[jitsi-jicofo]="jicofo"
[jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
[jitsi-meet-web]="jitsi-meet"
[jitsi-videobridge]="jitsi-videobridge"
)
for package in "${!packages[@]}"; do
ynh_setup_source --dest_dir="$install_dir/temp" --source_id="$package"
pushd "$install_dir/temp"
ar x "$package.deb" data.tar.xz
tar xf data.tar.xz
popd
mv "$install_dir/temp/usr/share/${packages[$package]}/" "$install_dir/$package/"
ynh_secure_remove --file="$install_dir/temp"
done
ynh_setup_source --dest_dir="$install_dir/jitsi-meet-prosody" --source_id=mod_auth_ldap
} }
ynh_jniwrapper_armhf () ynh_jniwrapper_armhf ()
{ {
@ -27,20 +46,18 @@ ynh_jniwrapper_armhf ()
packages_arm[jitsi-sctp]="jitsi-sctp" packages_arm[jitsi-sctp]="jitsi-sctp"
packages_arm[usrsctp]="jitsi-sctp/usrsctp/usrsctp" packages_arm[usrsctp]="jitsi-sctp/usrsctp/usrsctp"
for package_arm in "${!packages_arm[@]}" for package_arm in "${!packages_arm[@]}"; do
do ynh_setup_source --dest_dir="$tempdir/${packages_arm[$package_arm]}" --source_id=$package_arm
ynh_setup_source --dest_dir="$tempdir/${packages_arm[$package_arm]}" --source_id=$package_arm
done done
# needed to make compile works # needed to make compile works
if [ ! -d "$tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/" ] if [ ! -d "$tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/" ]; then
then mkdir -p $tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/
mkdir -p $tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/
fi fi
pushd "$tempdir/jitsi-sctp" pushd "$tempdir/jitsi-sctp"
mvn package -DbuildSctp -DbuildNativeWrapper -DdeployNewJnilib -DskipTests mvn package -DbuildSctp -DbuildNativeWrapper -DdeployNewJnilib -DskipTests
mvn package mvn package
popd popd
# rm official jniwrapper to copy # rm official jniwrapper to copy

26
scripts/backup
View file

@ -22,26 +22,24 @@ ynh_print_info --message="Declaring files to be backed up..."
ynh_backup --src_path="$install_dir" ynh_backup --src_path="$install_dir"
#================================================= #=================================================
# BACKUP THE NGINX CONFIGURATION # SYSTEM CONFIGURATION
#================================================= #=================================================
# Backup the nginx configuration
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= # Backup the systemd service units
# SPECIFIC BACKUP
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_backup --src_path="/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_backup --src_path="/etc/systemd/system/$app-videobridge.service" ynh_backup --src_path="/etc/systemd/system/$app-videobridge.service"
ynh_backup --src_path="/etc/systemd/system/$app-jicofo.service" ynh_backup --src_path="/etc/systemd/system/$app-jicofo.service"
# Backup the logrotate configuration
ynh_backup --src_path="/etc/logrotate.d/$app"
# Backup the Fail2Ban config
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#================================================= #=================================================
# BACKUP VARIOUS FILES # BACKUP VARIOUS FILES
#================================================= #=================================================
@ -50,6 +48,8 @@ ynh_backup --src_path="/etc/$app/"
ynh_backup --src_path="/etc/prosody/conf.avail/$domain.cfg.lua" ynh_backup --src_path="/etc/prosody/conf.avail/$domain.cfg.lua"
ynh_backup --src_path="/var/log/$app/"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

156
scripts/install
View file

@ -10,95 +10,57 @@ source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST # INITIALIZE AND STORE SETTINGS
#================================================= #=================================================
#YOURSECRET3
focus_password=$(ynh_string_random --length=8)
#YOURSECRET1
videobridge_secret=$(ynh_string_random --length=8)
#YOURSECRET2
focus_secret=$(ynh_string_random --length=8)
#OTHER SECRET
turn_secret=$(ynh_string_random --length=8)
focus_user="focus" focus_user="focus"
focus_password=$(ynh_string_random --length=8)
ynh_app_setting_set --app="$app" --key=focus_user --value="$focus_user"
ynh_app_setting_set --app="$app" --key=focus_password --value="$focus_password"
videobridge_user="jvb" videobridge_user="jvb"
videobridge_secret=$(ynh_string_random --length=8)
ynh_app_setting_set --app="$app" --key=videobridge_user --value="$videobridge_user"
ynh_app_setting_set --app="$app" --key=videobridge_secret --value="$videobridge_secret"
focus_secret=$(ynh_string_random --length=8)
turn_secret=$(ynh_string_random --length=8)
ynh_app_setting_set --app="$app" --key=focus_secret --value="$focus_secret"
ynh_app_setting_set --app="$app" --key=turn_secret --value="$turn_secret"
max_memory=200 #125 mib with no user +1,5*50 users=75 mib max_memory=200 #125 mib with no user +1,5*50 users=75 mib
ynh_app_setting_set --app="$app" --key=max_memory --value="$max_memory"
#================================================= muc_nickname=$(uuidgen)
# STORE SETTINGS FROM MANIFEST ynh_app_setting_set --app="$app" --key=muc_nickname --value="$muc_nickname"
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=max_memory --value=$max_memory
ynh_app_setting_set --app=$app --key=focus_user --value=$focus_user
ynh_app_setting_set --app=$app --key=focus_password --value=$focus_password
ynh_app_setting_set --app=$app --key=focus_secret --value=$focus_secret
ynh_app_setting_set --app=$app --key=videobridge_user --value=$videobridge_user
ynh_app_setting_set --app=$app --key=videobridge_secret --value=$videobridge_secret
ynh_app_setting_set --app=$app --key=turn_secret --value=$turn_secret
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=1
if [ $YNH_ARCH == "armhf" ]
then
ynh_script_progression --message="Installing specific arm dependencies..."
ynh_install_extra_app_dependencies --repo="deb http://security.debian.org/debian-security stretch/updates main" --package="$pkg_extra_depedencies_arm" --key="https://ftp-master.debian.org/keys/archive-key-9-security.asc"
fi
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Configuring system user..." --weight=1 ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user gpasswd --add prosody "$app"
gpasswd --add prosody $app gpasswd --add www-data "$app"
gpasswd --add www-data $app
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Setting up source files..." --weight=1 ynh_script_progression --message="Setting up source files..." --weight=1
# Download, check integrity, uncompress and patch the source from app.src _setup_sources
declare -A packages
packages[jitsi-jicofo]="jicofo"
packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
packages[jitsi-meet-web]="jitsi-meet"
packages[jitsi-videobridge]="jitsi-videobridge"
for package in "${!packages[@]}"
do
ynh_setup_source --dest_dir="$install_dir/${package}_temp" --source_id=$package
pushd "$install_dir/${package}_temp"
ar x $package.deb data.tar.xz
tar xf data.tar.xz
popd
mv "$install_dir/${package}_temp/usr/share/${packages[$package]}/" "$install_dir/${package}/"
ynh_secure_remove --file="$install_dir/${package}_temp"
done
ynh_setup_source --dest_dir="$install_dir/jitsi-meet-prosody" --source_id=mod_auth_ldap
chmod 750 "$install_dir" chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir" chmod -R o-rwx "$install_dir"
chown -R $app:$app "$install_dir" chown -R "$app:$app" "$install_dir"
#================================================= #=================================================
# NGINX CONFIGURATION # REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE
#================================================= #=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Create a dedicated NGINX config if [ "$YNH_ARCH" == "armhf" ]; then
ynh_add_nginx_config ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1
ynh_jniwrapper_armhf
fi
#================================================= #=================================================
# SPECIFIC SETUP # SPECIFIC SETUP
@ -111,12 +73,12 @@ ynh_add_config --template="prosody.cfg.lua" --destination="/etc/prosody/conf.ava
chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua" chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua"
ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua" ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua"
echo | prosodyctl cert generate $domain ynh_exec_warn_less prosodyctl cert generate "$domain"
ln -sf "/var/lib/prosody/$domain.key" "/etc/prosody/certs/$domain.key" ln -sf "/var/lib/prosody/$domain.key" "/etc/prosody/certs/$domain.key"
ln -sf "/var/lib/prosody/$domain.crt" "/etc/prosody/certs/$domain.crt" ln -sf "/var/lib/prosody/$domain.crt" "/etc/prosody/certs/$domain.crt"
ln -sf "/var/lib/prosody/$domain.crt" "/usr/local/share/ca-certificates/$domain.crt" ln -sf "/var/lib/prosody/$domain.crt" "/usr/local/share/ca-certificates/$domain.crt"
echo | prosodyctl cert generate "auth.$domain" ynh_exec_warn_less prosodyctl cert generate "auth.$domain"
ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key" ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key"
ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt" ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt"
ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt" ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt"
@ -126,10 +88,8 @@ update-ca-certificates -f
ynh_systemd_action --service_name="prosody" --action="restart" ynh_systemd_action --service_name="prosody" --action="restart"
prosodyctl register "$focus_user" "auth.$domain" "$focus_password" prosodyctl register "$focus_user" "auth.$domain" "$focus_password"
prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret" prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret"
prosodyctl mod_roster_command subscribe "$focus_user.$domain" "$focus_user@auth.$domain"
prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain
#================================================= #=================================================
# CONFIGURE JITSI-VIDEOBRIDGE # CONFIGURE JITSI-VIDEOBRIDGE
@ -139,31 +99,14 @@ ynh_script_progression --message="Configuring Jitsi-Videobridge..." --weight=1
public_ipv4="$(curl ip.yunohost.org)" || true public_ipv4="$(curl ip.yunohost.org)" || true
private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true
muc_nickname=$(uuidgen)
ynh_app_setting_set --app=$app --key=muc_nickname --value=$muc_nickname
mkdir -p "/etc/$app/videobridge" mkdir -p "/etc/$app/videobridge"
ynh_add_config --template="jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties" ynh_add_config --template="jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties"
ynh_add_config --template="jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf" ynh_add_config --template="jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf"
ynh_add_config --template="jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties" ynh_add_config --template="jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties"
ynh_add_config --template="jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties" ynh_add_config --template="jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties"
ynh_add_config --template="jitsi-videobridge.config" --destination="/etc/$app/videobridge/config" ynh_add_config --template="jitsi-videobridge.config" --destination="/etc/$app/videobridge/config"
#=================================================
# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE
#=================================================
if [ $YNH_ARCH == "armhf" ]
then
ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1
ynh_jniwrapper_armhf
fi
#================================================= #=================================================
# CONFIGURE JITSI-JICOFO # CONFIGURE JITSI-JICOFO
#================================================= #=================================================
@ -172,9 +115,7 @@ ynh_script_progression --message="Configuring Jitsi-Jicofo..." --weight=1
mkdir -p "/etc/$app/jicofo" mkdir -p "/etc/$app/jicofo"
ynh_add_config --template="jitsi-jicofo-config" --destination="/etc/$app/jicofo/config" ynh_add_config --template="jitsi-jicofo-config" --destination="/etc/$app/jicofo/config"
ynh_add_config --template="jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf" ynh_add_config --template="jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf"
ynh_add_config --template="jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties" ynh_add_config --template="jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties"
#================================================= #=================================================
@ -187,49 +128,34 @@ mkdir -p "/etc/$app/meet"
ynh_add_config --template="jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js" ynh_add_config --template="jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js"
chmod 644 "/etc/$app/meet/$domain-config.js" chmod 644 "/etc/$app/meet/$domain-config.js"
#=================================================
# CREATE LOG DIR
#=================================================
ynh_script_progression --message="Creating log dir..." --weight=1
mkdir -p "/var/log/$app"
chown -R $app: /var/log/$app
chmod -R 770 /var/log/$app
#================================================= #=================================================
# SECURE FILES AND DIRECTORIES # SECURE FILES AND DIRECTORIES
#================================================= #=================================================
ynh_script_progression --message="Securing files and directories..." --weight=1 ynh_script_progression --message="Securing files and directories..." --weight=1
# Set permissions to app files # Set permissions to app files
chown -R $app: /etc/$app chown -R "$app:" "/etc/$app"
#================================================= #=================================================
# SETUP SYSTEMD # SYSTEM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1 ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service" ynh_add_systemd_config --service="$app-videobridge" --template="jitsi-videobridge.service"
ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service" yunohost service add "$app-videobridge" --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports "$port" "$port_videobridge"
#================================================= ynh_add_systemd_config --service="$app-jicofo" --template="jitsi-jicofo.service"
# GENERIC FINALIZATION yunohost service add "$app-jicofo" --log "/var/log/$app/$app-jicofo.log"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Use logrotate to manage application logfile(s) # Use logrotate to manage application logfile(s)
ynh_use_logrotate ynh_use_logrotate
#================================================= chown -R "$app:" "/var/log/$app"
# INTEGRATE SERVICE IN YUNOHOST chmod -R 770 "/var/log/$app"
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge
yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
@ -237,8 +163,8 @@ yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log"
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service # Start a systemd service
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" ynh_systemd_action --service_name="$app-jicofo" --action="start" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" ynh_systemd_action --service_name="$app-videobridge" --action="start" --log_path="/var/log/$app/$app-videobridge.log"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

51
scripts/remove
View file

@ -10,38 +10,36 @@ source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
# STANDARD REMOVE # REMOVE SYSTEM CONFIGURATIONS
#=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app-videobridge >/dev/null if ynh_exec_warn_less yunohost service status "$app-videobridge" >/dev/null; then
then yunohost service remove "$app-videobridge"
ynh_script_progression --message="Removing $app-videobridge service..." --weight=1
yunohost service remove $app-videobridge
fi fi
if ynh_exec_warn_less yunohost service status $app-jicofo >/dev/null if ynh_exec_warn_less yunohost service status "$app-jicofo" >/dev/null; then
then yunohost service remove "$app-jicofo"
ynh_script_progression --message="Removing $app-jicofo service..." --weight=1
yunohost service remove $app-jicofo
fi fi
# Remove the dedicated systemd config # Remove the dedicated systemd config
ynh_remove_systemd_config --service=$app-videobridge ynh_remove_systemd_config --service="$app-videobridge"
ynh_remove_systemd_config --service=$app-jicofo ynh_remove_systemd_config --service="$app-jicofo"
# Remove the app-specific logrotate config # Remove the app-specific logrotate config
ynh_remove_logrotate ynh_remove_logrotate
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#================================================= #=================================================
# RECONFIGURE PROSODY # RECONFIGURE PROSODY
#================================================= #=================================================
ynh_script_progression --message="Reconfiguring Prosody..." --weight=1 ynh_script_progression --message="Reconfiguring Prosody..." --weight=1
prosodyctl deluser $focus_user@auth.$domain || true prosodyctl deluser "$focus_user@auth.$domain" || true
prosodyctl deluser $videobridge_user@auth.$domain || true prosodyctl deluser "$videobridge_user@auth.$domain" || true
# Remove domain conf template # Remove domain conf template
ynh_secure_remove --file="/etc/prosody/conf.d/$domain.cfg.lua" ynh_secure_remove --file="/etc/prosody/conf.d/$domain.cfg.lua"
@ -60,24 +58,16 @@ ynh_secure_remove --file="/usr/local/share/ca-certificates/auth.$domain.crt"
update-ca-certificates -f update-ca-certificates -f
gpasswd --delete prosody "$app"
ynh_systemd_action --service_name=prosody --action=restart ynh_systemd_action --service_name=prosody --action=restart
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#================================================= #=================================================
# REMOVE DEPENDENCIES # REMOVE DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Removing dependencies..." --weight=1 ynh_script_progression --message="Removing dependencies..." --weight=1
# Remove Prosody ynh_app_setting_delete --app="$app" --key=require_prosody
ynh_app_setting_delete --app=$app --key=require_prosody
gpasswd --delete prosody $app
ynh_remove_apps ynh_remove_apps
@ -94,15 +84,6 @@ ynh_secure_remove --file="/etc/$app"
# Remove the log files # Remove the log files
ynh_secure_remove --file="/var/log/$app" ynh_secure_remove --file="/var/log/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..." --weight=1
gpasswd --delete www-data $app
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

108
scripts/restore
View file

@ -15,10 +15,10 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
# RECREATE THE DEDICATED USER # RECREATE THE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 ynh_script_progression --message="Reconfiguring the dedicated system user..." --weight=1
# Create the dedicated user (if not existing) gpasswd --add prosody "$app"
gpasswd --add www-data $app gpasswd --add www-data "$app"
#================================================= #=================================================
# RESTORE THE APP MAIN DIR # RESTORE THE APP MAIN DIR
@ -29,42 +29,7 @@ ynh_restore_file --origin_path="$install_dir"
chmod 750 "$install_dir" chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir" chmod -R o-rwx "$install_dir"
chown -R $app:$app "$install_dir" chown -R "$app:$app" "$install_dir"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." --weight=1
# Define and install dependencies
ynh_install_apps --apps="$ynh_app_dependencies"
ynh_install_app_dependencies $pkg_dependencies
if [ $YNH_ARCH == "armhf" ]
then
ynh_script_progression --message="Installing specific arm dependencies..." --weight=1
ynh_install_extra_app_dependencies --repo="deb http://security.debian.org/debian-security stretch/updates main" --package="$pkg_extra_depedencies_arm" --key="https://ftp-master.debian.org/keys/archive-key-9-security.asc"
fi
gpasswd --add prosody $app
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# CONFIGURE FIREWALL
#=================================================
ynh_script_progression --message="Configuring firewall..." --weight=1
# Open this port
ynh_exec_warn_less yunohost firewall allow TCP $port
ynh_exec_warn_less yunohost firewall allow UDP $port_videobridge
#================================================= #=================================================
# CONFIGURE PROSODY # CONFIGURE PROSODY
@ -75,9 +40,11 @@ ynh_restore_file --origin_path="/etc/prosody/conf.avail/$domain.cfg.lua"
chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua" chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua"
ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua" ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua"
ln -sf /var/lib/prosody/$domain.key /etc/prosody/certs/$domain.key ynh_exec_warn_less prosodyctl cert generate "$domain"
ln -sf /var/lib/prosody/$domain.crt /etc/prosody/certs/$domain.crt ln -sf "/var/lib/prosody/$domain.key" "/etc/prosody/certs/$domain.key"
ln -sf "/var/lib/prosody/$domain.crt" "/etc/prosody/certs/$domain.crt"
ynh_exec_warn_less prosodyctl cert generate "auth.$domain"
ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key" ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key"
ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt" ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt"
ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt" ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt"
@ -87,67 +54,42 @@ update-ca-certificates -f
ynh_systemd_action --service_name="prosody" --action="restart" ynh_systemd_action --service_name="prosody" --action="restart"
prosodyctl register "$focus_user" "auth.$domain" "$focus_password" prosodyctl register "$focus_user" "auth.$domain" "$focus_password"
prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret" prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret"
prosodyctl mod_roster_command subscribe "$focus_user.$domain" "$focus_user@auth.$domain"
prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain
#================================================= #=================================================
# RESTORE THE APP CONFIG # RESTORE SYSTEM CONFIGURATIONS
#================================================= #=================================================
ynh_script_progression --message="Restoring the app config..." --weight=1 ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
ynh_restore_file --origin_path="/etc/$app" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
chmod 644 "/etc/$app/meet/$domain-config.js"
#=================================================
# CREATE LOG DIR
#=================================================
ynh_script_progression --message="Creating log dir..." --weight=1
mkdir -p "/var/log/$app"
chown -R $app: /var/log/$app
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
ynh_restore_file --origin_path="/etc/systemd/system/$app-videobridge.service" ynh_restore_file --origin_path="/etc/systemd/system/$app-videobridge.service"
systemctl enable $app-videobridge.service --quiet systemctl enable "$app-videobridge.service" --quiet
ynh_restore_file --origin_path="/etc/systemd/system/$app-jicofo.service" yunohost service add "$app-videobridge" --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge
systemctl enable $app-jicofo.service --quiet
#================================================= ynh_restore_file --origin_path="/etc/systemd/system/$app-jicofo.service"
# RESTORE THE LOGROTATE CONFIGURATION systemctl enable "$app-jicofo.service" --quiet
#================================================= yunohost service add "$app-jicofo" --log "/var/log/$app/$app-jicofo.log"
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
ynh_restore_file --origin_path="/etc/logrotate.d/$app" ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # RESTORE VARIOUS FILES
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge ynh_restore_file --origin_path="/etc/$app/"
yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log" chmod 644 "/etc/$app/meet/$domain-config.js"
ynh_restore_file --origin_path="/var/log/$app/"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" ynh_systemd_action --service_name="$app-jicofo" --action="start" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" ynh_systemd_action --service_name="$app-videobridge" --action="start" --log_path="/var/log/$app/$app-videobridge.log"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload

245
scripts/upgrade
View file

@ -9,55 +9,6 @@
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..." --weight=1
#REMOVEME? app=$YNH_APP_INSTANCE_NAME
#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path)
#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
#REMOVEME? max_memory=$(ynh_app_setting_get --app=$app --key=max_memory)
#REMOVEME? focus_user=$(ynh_app_setting_get --app=$app --key=focus_user)
#REMOVEME? focus_password=$(ynh_app_setting_get --app=$app --key=focus_password)
#REMOVEME? focus_secret=$(ynh_app_setting_get --app=$app --key=focus_secret)
#REMOVEME? videobridge_user=$(ynh_app_setting_get --app=$app --key=videobridge_user)
#REMOVEME? videobridge_secret=$(ynh_app_setting_get --app=$app --key=videobridge_secret)
#REMOVEME? turn_secret=$(ynh_app_setting_get --app=$app --key=turn_secret)
#REMOVEME? muc_nickname=$(ynh_app_setting_get --app=$app --key=muc_nickname)
#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port)
#REMOVEME? port_videobridge=$(ynh_app_setting_get --app=$app --key=port_videobridge)
#REMOVEME? port_component=$(ynh_app_setting_get --app=$app --key=port_component)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed)
current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$app/manifest.json" --manifest_key="version" || echo 1.0)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
#REMOVEME? ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Backup the current version of the app
#REMOVEME? ynh_backup_before_upgrade
#REMOVEME? ynh_clean_setup () {
# Restore it if the upgrade fails
#REMOVEME? ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
#REMOVEME? ynh_abort_if_errors
#================================================= #=================================================
# STANDARD UPGRADE STEPS # STANDARD UPGRADE STEPS
#================================================= #=================================================
@ -65,182 +16,81 @@ current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$app/manifest
#================================================= #=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=$app-videobridge --action="stop" --log_path="/var/log/$app/$app-videobridge.log" ynh_systemd_action --service_name="$app-videobridge" --action="stop" --log_path="/var/log/$app/$app-videobridge.log"
ynh_systemd_action --service_name=$app-jicofo --action="stop" --log_path="/var/log/$app/$app-jicofo.log" ynh_systemd_action --service_name="$app-jicofo" --action="stop" --log_path="/var/log/$app/$app-jicofo.log"
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# If install_dir doesn't exist, create it
if [ -z "$install_dir" ]; then
#REMOVEME? install_dir=/var/www/$app
#REMOVEME? ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir
fi
# If max_memory doesn't exist, create it and set to default 75 mb value # If max_memory doesn't exist, create it and set to default 75 mb value
if [ -z "$max_memory" ]; then if [ -z "$max_memory" ]; then
max_memory=200 max_memory=200
ynh_app_setting_set --app=$app --key=max_memory --value=$max_memory ynh_app_setting_set --app="$app" --key=max_memory --value="$max_memory"
fi fi
#================================================= gpasswd --add prosody "$app"
# CREATE DEDICATED USER gpasswd --add www-data "$app"
#=================================================
#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
# Create a dedicated user (if not existing)
#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir"
gpasswd --add www-data $app
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Upgrading source files..." --weight=1
if [ "$upgrade_type" == "UPGRADE_APP" ] _setup_sources
then
ynh_script_progression --message="Upgrading source files..." --weight=1
# Download, check integrity, uncompress and patch the source from app.src
declare -A packages
packages[jitsi-jicofo]="jicofo"
packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
packages[jitsi-meet-web]="jitsi-meet"
packages[jitsi-videobridge]="jitsi-videobridge"
for package in "${!packages[@]}"
do
#REMOVEME? ynh_secure_remove --file="$install_dir/${package}"
ynh_setup_source --dest_dir="$install_dir/${package}_temp" --source_id=$package
pushd "$install_dir/${package}_temp"
ar x $package.deb data.tar.xz
tar xf data.tar.xz
popd
mv "$install_dir/${package}_temp/usr/share/${packages[$package]}/" "$install_dir/${package}/"
#REMOVEME? ynh_secure_remove --file="$install_dir/${package}_temp"
done
ynh_setup_source --dest_dir="$install_dir/jitsi-meet-prosody" --source_id=mod_auth_ldap
fi
chmod 750 "$install_dir" chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir" chmod -R o-rwx "$install_dir"
chown -R $app:$app "$install_dir" chown -R "$app:$app" "$install_dir"
#================================================= #=================================================
# UPGRADE DEPENDENCIES # REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE
#================================================= #=================================================
#REMOVEME? ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_install_apps --apps="$ynh_app_dependencies" if [ "$YNH_ARCH" == "armhf" ]; then
#REMOVEME? ynh_install_app_dependencies $pkg_dependencies ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1
ynh_jniwrapper_armhf
if [ $YNH_ARCH == "armhf" ]
then
#REMOVEME? ynh_script_progression --message="Installing specific arm dependencies..." --weight=1
#REMOVEME? ynh_install_extra_app_dependencies --repo="deb http://security.debian.org/debian-security stretch/updates main" --package="$pkg_extra_depedencies_arm" --key="https://ftp-master.debian.org/keys/archive-key-9-security.asc"
fi fi
gpasswd --add prosody $app
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# CONFIGURE FIREWALL
#=================================================
ynh_script_progression --message="Configuring firewall..." --weight=1
# Open this port
ynh_exec_warn_less yunohost firewall allow TCP $port
ynh_exec_warn_less yunohost firewall allow UDP $port_videobridge
#================================================= #=================================================
# CONFIGURE PROSODY # CONFIGURE PROSODY
#================================================= #=================================================
ynh_script_progression --message="Configuring Prosody..." --weight=1 ynh_script_progression --message="Configuring Prosody..." --weight=1
if [ "$upgrade_type" == "UPGRADE_APP" ] ynh_add_config --template="../conf/prosody.cfg.lua" --destination="/etc/prosody/conf.avail/$domain.cfg.lua"
then chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua"
ynh_add_config --template="../conf/prosody.cfg.lua" --destination="/etc/prosody/conf.avail/$domain.cfg.lua"
chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua"
fi
#================================================= #=================================================
# CONFIGURE JITSI-VIDEOBRIDGE # CONFIGURE JITSI-VIDEOBRIDGE
#================================================= #=================================================
ynh_script_progression --message="Configuring Jitsi-Videobridge..." --weight=1 ynh_script_progression --message="Configuring Jitsi-Videobridge..." --weight=1
if [ "$upgrade_type" == "UPGRADE_APP" ] public_ipv4="$(curl ip.yunohost.org)" || true
then private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true
public_ipv4="$(curl ip.yunohost.org)" || true
private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true
ynh_add_config --template="../conf/jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties" ynh_add_config --template="../conf/jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties"
ynh_add_config --template="../conf/jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf"
ynh_add_config --template="../conf/jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf" ynh_add_config --template="../conf/jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties"
ynh_add_config --template="../conf/jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties"
ynh_add_config --template="../conf/jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties" ynh_add_config --template="../conf/jitsi-videobridge.config" --destination="/etc/$app/videobridge/config"
ynh_add_config --template="../conf/jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties"
ynh_add_config --template="../conf/jitsi-videobridge.config" --destination="/etc/$app/videobridge/config"
fi
#=================================================
# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE
#=================================================
if [ $YNH_ARCH == "armhf" ]
then
ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1
ynh_jniwrapper_armhf
fi
#================================================= #=================================================
# CONFIGURE JITSI-JICOFO # CONFIGURE JITSI-JICOFO
#================================================= #=================================================
ynh_script_progression --message="configuring Jitsi-Jicofo..." --weight=1 ynh_script_progression --message="configuring Jitsi-Jicofo..." --weight=1
if [ "$upgrade_type" == "UPGRADE_APP" ] ynh_add_config --template="../conf/jitsi-jicofo-config" --destination="/etc/$app/jicofo/config"
then ynh_add_config --template="../conf/jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf"
ynh_add_config --template="../conf/jitsi-jicofo-config" --destination="/etc/$app/jicofo/config" ynh_add_config --template="../conf/jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties"
ynh_add_config --template="../conf/jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf"
ynh_add_config --template="../conf/jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties"
fi
#================================================= #=================================================
# CONFIGURE JITSI-MEET # CONFIGURE JITSI-MEET
#================================================= #=================================================
ynh_script_progression --message="Configuring Jitsi-Meet..." --weight=1 ynh_script_progression --message="Configuring Jitsi-Meet..." --weight=1
if [ "$upgrade_type" == "UPGRADE_APP" ] ynh_add_config --template="../conf/jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js"
then chmod 644 "/etc/$app/meet/$domain-config.js"
ynh_add_config --template="../conf/jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js"
chmod 644 "/etc/$app/meet/$domain-config.js"
fi
#=================================================
# CREATE LOG DIR
#=================================================
ynh_script_progression --message="Creating log dir..." --weight=1
mkdir -p "/var/log/$app"
chown -R $app: /var/log/$app
chmod -R 770 /var/log/$app
#================================================= #=================================================
# SECURE FILES AND DIRECTORIES # SECURE FILES AND DIRECTORIES
@ -248,49 +98,36 @@ chmod -R 770 /var/log/$app
ynh_script_progression --message="Securing files and directories..." --weight=1 ynh_script_progression --message="Securing files and directories..." --weight=1
# Set permissions on app files # Set permissions on app files
chown -R $app: /etc/$app chown -R "$app:" "/etc/$app"
#================================================= #=================================================
# SETUP SYSTEMD # REAPPLY SYSTEM CONFIGURATIONS
#================================================= #=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service" ynh_add_systemd_config --service="$app-videobridge" --template="jitsi-videobridge.service"
ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service" yunohost service add "$app-videobridge" --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports "$port" "$port_videobridge"
#================================================= ynh_add_systemd_config --service="$app-jicofo" --template="jitsi-jicofo.service"
# GENERIC FINALIZATION yunohost service add "$app-jicofo" --log "/var/log/$app/$app-jicofo.log"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
# Use logrotate to manage app-specific logfile(s) # Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append ynh_use_logrotate --non-append
#================================================= chown -R "$app:" "/var/log/$app"
# INTEGRATE SERVICE IN YUNOHOST chmod -R 770 "/var/log/$app"
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge
yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log" ynh_systemd_action --service_name="$app-jicofo" --action="start" --log_path="/var/log/$app/$app-jicofo.log"
ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log" ynh_systemd_action --service_name="$app-videobridge" --action="start" --log_path="/var/log/$app/$app-videobridge.log"
#=================================================
# RELOAD NGINX
#=================================================
#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1
#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT