#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= ynh_clean_setup () { ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH launch_on_boot=$YNH_APP_ARG_LAUNCH_ON_BOOT open_webserver_port=$YNH_APP_ARG_OPEN_WEBSERVER_PORT arch=$(uname -m) app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_app_setting_set --app=$app --key=launch_on_boot --value=$launch_on_boot ynh_app_setting_set --app=$app --key=open_webserver_port --value=$open_webserver_port #================================================= # STANDARD MODIFICATIONS #================================================= # FIND AND OPEN A PORT #================================================= ynh_script_progression --message="Finding an available port..." # Find an available port port=8080 ynh_app_setting_set --app=$app --key=port --value=$port # Optional: Expose this port publicly # (N.B.: you only need to do this if the app actually needs to expose the port publicly. # If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) # Open the port # ynh_script_progression --message="Configuring firewall..." if [ "$open_webserver_port" -eq 1 ] then ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port fi #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." if [[ $arch != arm* ]]; then ynh_install_app_dependencies $pkg_dependencies else ynh_install_app_dependencies $arm_pkg_dependencies fi #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Configuring system user..." # Create a system user ynh_system_user_create --username=$app --home_dir=$final_path #================================================= # SPECIFIC SETUP #================================================= # X11 SETTINGS #================================================= ynh_script_progression --message="Configuring X11..." ynh_replace_string "allowed_users=console" "allowed_users=anybody" /etc/X11/Xwrapper.config #================================================= # CONFUGURING KODI #================================================= ynh_script_progression --message="Configuring Kodi..." mkdir -p "$final_path/.kodi/userdata/" cp ../conf/advancedsettings.xml "$final_path/.kodi/userdata/advancedsettings.xml" mkdir -p "$final_path/.kodi/addons/" if [[ $arch != arm* ]]; then ynh_setup_source --dest_dir="$final_path/.kodi/addons/" --source_id="arm-chorus2" fi #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." # Create a dedicated systemd config ynh_add_systemd_config if [ "$launch_on_boot" -eq 0 ] then systemctl disable "$app" fi #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= ynh_script_progression --message="Securing files and directories..." # Set permissions to app files chown -R $app:$app $final_path usermod -a -G cdrom,audio,video,plugdev,users,dialout,dip,input,netdev "$app" #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." yunohost service add $app --log "$final_path/.kodi/temp/kodi.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." # Start a systemd service ynh_systemd_action --service_name=$app --action="start" #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring permissions..." ynh_app_setting_set "$app" protected_uris "/" domainregex=$(echo "$domain" | sed 's/-/\%&/g') ynh_app_setting_set "$app" skipped_regex "$domainregex/jsonrpc.*$,$domainregex/image.*$" # Reload SSOwat config yunohost app ssowatconf # Make app public if necessary if [ $is_public -eq 1 ] then # Everyone can access the app. # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi # Only the admin can access the admin panel of the app (if the app has an admin panel) ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin # Everyone can access to the api part # We don't want to display the tile in the sso so we put --show_tile="false" # And we don't want that the YunoHost Admin can remove visitors group to this permission, so we put --protected="true" ynh_permission_create --permission="api" --url "/api" --allowed="visitors" --show_tile="false" --protected="true" #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Installation of $app completed"