diff --git a/README.md b/README.md index 633e307..5a801a1 100644 --- a/README.md +++ b/README.md @@ -39,9 +39,9 @@ Not supported. #### Supported architectures -* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/badge/icon)](https://ci-apps-arm.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/) -* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/jenkins/job/leed%20(Community)/badge/icon)](https://ci-stretch.nohost.me/jenkins/job/leed%20(Community)/) +* x86-64b - [![](https://ci-apps.yunohost.org/ci/logs/leed%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/leed/) +* ARMv8-A - [![](https://ci-apps-arm.yunohost.org/ci/logs/leed%20%28Community%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/leed/) +* Jessie x86-64b - [![](https://ci-stretch.nohost.me/ci/logs/leed%20%28Community%29.svg)](https://ci-stretch.nohost.me/ci/apps/leed/) ## Limitations @@ -62,7 +62,7 @@ Please do your pull request to the [testing branch](https://github.com/YunoHost- To try the testing branch, please proceed like that. ``` -sudo yunohost app install https://github.com/YunoHost-Apps/leed_ynh/tree/testing --verbose +sudo yunohost app install https://github.com/YunoHost-Apps/leed_ynh/tree/testing --debug or -sudo yunohost app upgrade leed -u https://github.com/YunoHost-Apps/leed_ynh/tree/testing --verbose +sudo yunohost app upgrade leed -u https://github.com/YunoHost-Apps/leed_ynh/tree/testing --debug ``` diff --git a/README_fr.md b/README_fr.md index d4707cc..9aa601c 100644 --- a/README_fr.md +++ b/README_fr.md @@ -39,9 +39,9 @@ Non supportée. #### Architectures supportées. -* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/badge/icon)](https://ci-apps-arm.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/) -* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/jenkins/job/leed%20(Community)/badge/icon)](https://ci-stretch.nohost.me/jenkins/job/leed%20(Community)/) +* x86-64b - [![](https://ci-apps.yunohost.org/ci/logs/leed%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/leed/) +* ARMv8-A - [![](https://ci-apps-arm.yunohost.org/ci/logs/leed%20%28Community%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/leed/) +* Jessie x86-64b - [![](https://ci-stretch.nohost.me/ci/logs/leed%20%28Community%29.svg)](https://ci-stretch.nohost.me/ci/apps/leed/) ## Informations additionnelles @@ -60,7 +60,7 @@ Merci de faire vos pull request sur la [branche testing](https://github.com/Yuno Pour tester la branche testing, merci de procéder ainsi. ``` -sudo yunohost app install https://github.com/YunoHost-Apps/leed_ynh/tree/testing --verbose +sudo yunohost app install https://github.com/YunoHost-Apps/leed_ynh/tree/testing --debug ou -sudo yunohost app upgrade leed -u https://github.com/YunoHost-Apps/leed_ynh/tree/testing --verbose +sudo yunohost app upgrade leed -u https://github.com/YunoHost-Apps/leed_ynh/tree/testing --debug ``` diff --git a/check_process b/check_process index 8ebf953..54efc65 100644 --- a/check_process +++ b/check_process @@ -15,7 +15,7 @@ setup_private=1 setup_public=1 upgrade=1 - upgrade=1 from_commit=c4b966ff2a977b8c0923d4f8ad403d86454883cb + upgrade=1 from_commit=8b622d430db9ab860aee156a32086507669243fd backup_restore=1 multi_instance=1 incorrect_path=1 @@ -37,6 +37,6 @@ Email= Notification=down ;;; Upgrade options - ; commit=c4b966ff2a977b8c0923d4f8ad403d86454883cb - name=Fix fail2ban helper + ; commit=8b622d430db9ab860aee156a32086507669243fd + name=MAJ 1.8.2 manifest_arg=domain=DOMAIN&path=PATH&admin=USER&password=pass&language=fr&market=1&is_public=1& diff --git a/conf/php-fpm.ini b/conf/php-fpm.ini deleted file mode 100644 index 98d3099..0000000 --- a/conf/php-fpm.ini +++ /dev/null @@ -1,3 +0,0 @@ -; upload_max_filesize=100M -; post_max_size=100M -; max_execution_time=60 diff --git a/manifest.json b/manifest.json index 1c8d820..3b0789b 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Leed is a minimalistic RSS feed aggregator which allows quick and non-intrusive reading of feeds.", "fr": "Leed est un agrégateur RSS minimaliste qui permet la consultation de flux RSS de manière rapide et non intrusive." }, - "version": "1.8.3~ynh4", + "version": "1.8.3~ynh5", "url": "http://leed.idleman.fr/", "license": "AGPL-3.0", "maintainer": { @@ -14,7 +14,7 @@ "email": "maniackc_dev@crudelis.fr" }, "requirements": { - "yunohost": ">= 2.7.14" + "yunohost": ">= 3.3.3" }, "multi_instance": true, "services": [ diff --git a/scripts/_common.sh b/scripts/_common.sh index 8d58e36..caf8bc7 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -49,11 +49,13 @@ bool_to_true_false () { } #================================================= -# EXPERIMENTAL HELPERS +# FUTUR OFFICIAL HELPERS #================================================= # Internal helper design to allow helpers to use getopts to manage their arguments # +# [internal] +# # example: function my_helper() # { # declare -Ar args_array=( [a]=arg1= [b]=arg2= [c]=arg3 ) @@ -103,33 +105,33 @@ ynh_handle_getopts_args () { # For each option in the array, reduce to short options for getopts (e.g. for [u]=user, --user will be -u) # And built parameters string for getopts - # ${!args_array[@]} is the list of all keys in the array (A key is 'u' in [u]=user, user is a value) + # ${!args_array[@]} is the list of all option_flags in the array (An option_flag is 'u' in [u]=user, user is a value) local getopts_parameters="" - local key="" - for key in "${!args_array[@]}" + local option_flag="" + for option_flag in "${!args_array[@]}" do - # Concatenate each keys of the array to build the string of arguments for getopts + # Concatenate each option_flags of the array to build the string of arguments for getopts # Will looks like 'abcd' for -a -b -c -d - # If the value of a key finish by =, it's an option with additionnal values. (e.g. --user bob or -u bob) - # Check the last character of the value associate to the key - if [ "${args_array[$key]: -1}" = "=" ] + # If the value of an option_flag finish by =, it's an option with additionnal values. (e.g. --user bob or -u bob) + # Check the last character of the value associate to the option_flag + if [ "${args_array[$option_flag]: -1}" = "=" ] then # For an option with additionnal values, add a ':' after the letter for getopts. - getopts_parameters="${getopts_parameters}${key}:" + getopts_parameters="${getopts_parameters}${option_flag}:" else - getopts_parameters="${getopts_parameters}${key}" + getopts_parameters="${getopts_parameters}${option_flag}" fi # Check each argument given to the function local arg="" # ${#arguments[@]} is the size of the array for arg in `seq 0 $(( ${#arguments[@]} - 1 ))` do - # And replace long option (value of the key) by the short option, the key itself + # And replace long option (value of the option_flag) by the short option, the option_flag itself # (e.g. for [u]=user, --user will be -u) # Replace long option with = - arguments[arg]="${arguments[arg]//--${args_array[$key]}/-${key} }" + arguments[arg]="${arguments[arg]//--${args_array[$option_flag]}/-${option_flag} }" # And long option without = - arguments[arg]="${arguments[arg]//--${args_array[$key]%=}/-${key}}" + arguments[arg]="${arguments[arg]//--${args_array[$option_flag]%=}/-${option_flag}}" done done @@ -148,10 +150,10 @@ ynh_handle_getopts_args () { if [ "$parameter" = "?" ] then - ynh_die "Invalid argument: -${OPTARG:-}" + ynh_die --message="Invalid argument: -${OPTARG:-}" elif [ "$parameter" = ":" ] then - ynh_die "-$OPTARG parameter requires an argument." + ynh_die --message="-$OPTARG parameter requires an argument." else local shift_value=1 # Use the long option, corresponding to the short option read by getopts, as a variable @@ -179,19 +181,20 @@ ynh_handle_getopts_args () { shift_value=$(( shift_value - 1 )) fi + # Declare the content of option_var as a variable. + eval ${option_var}="" # Then read the array value per value + local i for i in `seq 0 $(( ${#all_args[@]} - 1 ))` do # If this argument is an option, end here. - if [ "${all_args[$i]:0:1}" == "-" ] || [ -z "${all_args[$i]}" ] + if [ "${all_args[$i]:0:1}" == "-" ] then # Ignore the first value of the array, which is the option itself if [ "$i" -ne 0 ]; then break fi else - # Declare the content of option_var as a variable. - eval ${option_var}="" # Else, add this value to this option # Each value will be separated by ';' if [ -n "${!option_var}" ] @@ -215,25 +218,33 @@ ynh_handle_getopts_args () { # Check if there's getopts arguments if [ "${arguments[0]:0:1}" != "-" ] then - # If not, enter in legacy mode and manage the arguments as positionnal ones. - echo "! Helper used in legacy mode !" + # If not, enter in legacy mode and manage the arguments as positionnal ones.. + # Dot not echo, to prevent to go through a helper output. But print only in the log. + set -x; echo "! Helper used in legacy mode !" > /dev/null; set +x + local i for i in `seq 0 $(( ${#arguments[@]} -1 ))` do - # Use getopts_parameters as a list of key of the array args_array + # Try to use legacy_args as a list of option_flag of the array args_array + # Otherwise, fallback to getopts_parameters to get the option_flag. But an associative arrays isn't always sorted in the correct order... # Remove all ':' in getopts_parameters - getopts_parameters=${getopts_parameters//:} - # Get the key from getopts_parameters, by using the key according to the position of the argument. - key=${getopts_parameters:$i:1} - # Use the long option, corresponding to the key, as a variable + getopts_parameters=${legacy_args:-${getopts_parameters//:}} + # Get the option_flag from getopts_parameters, by using the option_flag according to the position of the argument. + option_flag=${getopts_parameters:$i:1} + if [ -z "$option_flag" ]; then + ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored." + continue + fi + # Use the long option, corresponding to the option_flag, as a variable # (e.g. for [u]=user, 'user' will be used as a variable) # Also, remove '=' at the end of the long option # The variable name will be stored in 'option_var' - local option_var="${args_array[$key]%=}" + local option_var="${args_array[$option_flag]%=}" # Store each value given as argument in the corresponding variable # The values will be stored in the same order than $args_array eval ${option_var}+=\"${arguments[$i]}\" done + unset legacy_args else # END LEGACY MODE # Call parse_arg and pass the modified list of args as an array of arguments. @@ -245,197 +256,28 @@ ynh_handle_getopts_args () { #================================================= -# Start or restart a service and follow its booting -# -# usage: ynh_check_starting "Line to match" [Log file] [Timeout] [Service name] -# -# | arg: -m, --line_to_match= - Line to match - The line to find in the log to attest the service have finished to boot. -# | arg: -l, --app_log= - Log file - The log file to watch; specify "systemd" to read systemd journal for specified service -# /var/log/$app/$app.log will be used if no other log is defined. -# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Defaut 300 seconds. -# | arg: -n, --service_name= - Service name - -ynh_check_starting () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [m]=line_to_match= [l]=app_log= [t]=timeout= [n]=service_name= ) - local line_to_match - local app_log - local timeout - local service_name - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - local app_log="${app_log:-/var/log/$service_name/$service_name.log}" - local timeout=${timeout:-300} - local service_name="${service_name:-$app}" - - echo "Starting of $service_name" >&2 - systemctl stop $service_name - local templog="$(mktemp)" - # Following the starting of the app in its log - if [ "$app_log" == "systemd" ] ; then - # Read the systemd journal - journalctl -u $service_name -f --since=-45 > "$templog" & - else - # Read the specified log file - tail -F -n0 "$app_log" > "$templog" & - fi - # Get the PID of the last command - local pid_tail=$! - systemctl start $service_name - - local i=0 - for i in `seq 1 $timeout` - do - # Read the log until the sentence is found, which means the app finished starting. Or run until the timeout. - if grep --quiet "$line_to_match" "$templog" - then - echo "The service $service_name has correctly started." >&2 - break - fi - echo -n "." >&2 - sleep 1 - done - if [ $i -eq $timeout ] - then - echo "The service $service_name didn't fully start before the timeout." >&2 - fi - - echo "" - ynh_clean_check_starting -} - -# Clean temporary process and file used by ynh_check_starting -# (usually used in ynh_clean_setup scripts) -# -# usage: ynh_clean_check_starting -ynh_clean_check_starting () { - # Stop the execution of tail. - kill -s 15 $pid_tail 2>&1 - ynh_secure_remove "$templog" 2>&1 -} - -#================================================= - -ynh_print_log () { - echo "${1}" -} - -# Print an info on stdout -# -# usage: ynh_print_info "Text to print" -# | arg: text - The text to print -ynh_print_info () { - ynh_print_log "[INFO] ${1}" -} - -# Print a warning on stderr -# -# usage: ynh_print_warn "Text to print" -# | arg: text - The text to print -ynh_print_warn () { - ynh_print_log "[WARN] ${1}" >&2 -} - -# Print a error on stderr -# -# usage: ynh_print_err "Text to print" -# | arg: text - The text to print -ynh_print_err () { - ynh_print_log "[ERR] ${1}" >&2 -} - -# Execute a command and print the result as an error -# -# usage: ynh_exec_err command to execute -# usage: ynh_exec_err "command to execute | following command" -# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe. -# -# | arg: command - command to execute -ynh_exec_err () { - ynh_print_err "$(eval $@)" -} - -# Execute a command and print the result as a warning -# -# usage: ynh_exec_warn command to execute -# usage: ynh_exec_warn "command to execute | following command" -# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe. -# -# | arg: command - command to execute -ynh_exec_warn () { - ynh_print_warn "$(eval $@)" -} - -# Execute a command and force the result to be printed on stdout -# -# usage: ynh_exec_warn_less command to execute -# usage: ynh_exec_warn_less "command to execute | following command" -# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe. -# -# | arg: command - command to execute -ynh_exec_warn_less () { - eval $@ 2>&1 -} - -# Execute a command and redirect stdout in /dev/null -# -# usage: ynh_exec_quiet command to execute -# usage: ynh_exec_quiet "command to execute | following command" -# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe. -# -# | arg: command - command to execute -ynh_exec_quiet () { - eval $@ > /dev/null -} - -# Execute a command and redirect stdout and stderr in /dev/null -# -# usage: ynh_exec_fully_quiet command to execute -# usage: ynh_exec_fully_quiet "command to execute | following command" -# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe. -# -# | arg: command - command to execute -ynh_exec_fully_quiet () { - eval $@ > /dev/null 2>&1 -} - -# Remove any logs for all the following commands. -# -# usage: ynh_print_OFF -# WARNING: You should be careful with this helper, and never forgot to use ynh_print_ON as soon as possible to restore the logging. -ynh_print_OFF () { - set +x -} - -# Restore the logging after ynh_print_OFF -# -# usage: ynh_print_ON -ynh_print_ON () { - set -x - # Print an echo only for the log, to be able to know that ynh_print_ON has been called. - echo ynh_print_ON > /dev/null -} - -#================================================= - # Install or update the main directory yunohost.multimedia # # usage: ynh_multimedia_build_main_dir ynh_multimedia_build_main_dir () { - local ynh_media_release="v1.0" - local checksum="4852c8607db820ad51f348da0dcf0c88" + local ynh_media_release="v1.2" + local checksum="806a827ba1902d6911095602a9221181" - # Download yunohost.multimedia scripts - wget -nv https://github.com/YunoHost-Apps/yunohost.multimedia/archive/${ynh_media_release}.tar.gz + # Download yunohost.multimedia scripts + wget -nv https://github.com/YunoHost-Apps/yunohost.multimedia/archive/${ynh_media_release}.tar.gz - # Check the control sum - echo "${checksum} ${ynh_media_release}.tar.gz" | md5sum -c --status \ - || ynh_die "Corrupt source" + # Check the control sum + echo "${checksum} ${ynh_media_release}.tar.gz" | md5sum -c --status \ + || ynh_die "Corrupt source" - # Extract - mkdir yunohost.multimedia-master - tar -xf ${ynh_media_release}.tar.gz -C yunohost.multimedia-master --strip-components 1 - ./yunohost.multimedia-master/script/ynh_media_build.sh + # Check if the package acl is installed. Or install it. + ynh_package_is_installed 'acl' \ + || ynh_package_install acl + + # Extract + mkdir yunohost.multimedia-master + tar -xf ${ynh_media_release}.tar.gz -C yunohost.multimedia-master --strip-components 1 + ./yunohost.multimedia-master/script/ynh_media_build.sh } # Add a directory in yunohost.multimedia @@ -496,26 +338,31 @@ ynh_multimedia_addaccess () { # Create a dedicated fail2ban config (jail and filter conf files) # # usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]] -# | arg: log_file - Log file to be checked by fail2ban -# | arg: failregex - Failregex to be looked for by fail2ban -# | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3 -# | arg: ports - Ports blocked for a banned IP address - default: http,https +# | arg: -l, --logpath= - Log file to be checked by fail2ban +# | arg: -r, --failregex= - Failregex to be looked for by fail2ban +# | arg: -m, --max_retry= - Maximum number of retries allowed before banning IP address - default: 3 +# | arg: -p, --ports= - Ports blocked for a banned IP address - default: http,https ynh_add_fail2ban_config () { - # Process parameters - logpath=$1 - failregex=$2 - max_retry=${3:-3} - ports=${4:-http,https} + # Declare an array to define the options of this helper. + declare -Ar args_array=( [l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= ) + local logpath + local failregex + local max_retry + local ports + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + max_retry=${max_retry:-3} + ports=${ports:-http,https} - test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." - test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." + test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." + test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." - finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf" - finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 - ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 + finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf" + finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf" + ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 + ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 - sudo tee $finalfail2banjailconf <&2 - echo "WARNING${fail2ban_error#*WARNING}" >&2 - fi + if [ "$(lsb_release --codename --short)" != "jessie" ]; then + systemctl reload fail2ban + else + systemctl restart fail2ban + fi + local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")" + if [ -n "$fail2ban_error" ] + then + echo "[ERR] Fail2ban failed to load the jail for $app" >&2 + echo "WARNING${fail2ban_error#*WARNING}" >&2 + fi } # Remove the dedicated fail2ban config (jail and filter conf files) # # usage: ynh_remove_fail2ban_config ynh_remove_fail2ban_config () { - ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf" - ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" - systemctl restart fail2ban + ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf" + ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" + if [ "$(lsb_release --codename --short)" != "jessie" ]; then + systemctl reload fail2ban + else + systemctl restart fail2ban + fi } #================================================= @@ -558,12 +413,17 @@ ynh_remove_fail2ban_config () { # Read the value of a key in a ynh manifest file # # usage: ynh_read_manifest manifest key -# | arg: manifest - Path of the manifest to read -# | arg: key - Name of the key to find +# | arg: -m, --manifest= - Path of the manifest to read +# | arg: -k, --key= - Name of the key to find ynh_read_manifest () { - manifest="$1" - key="$2" - python3 -c "import sys, json;print(json.load(open('$manifest', encoding='utf-8'))['$key'])" + # Declare an array to define the options of this helper. + declare -Ar args_array=( [m]=manifest= [k]=manifest_key= ) + local manifest + local manifest_key + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + python3 -c "import sys, json;print(json.load(open('$manifest', encoding='utf-8'))['$manifest_key'])" } # Read the upstream version from the manifest @@ -572,16 +432,21 @@ ynh_read_manifest () { # This include the number before ~ynh # In the last example it return 4.3-2 # -# usage: ynh_app_upstream_version +# usage: ynh_app_upstream_version [-m manifest] +# | arg: -m, --manifest= - Path of the manifest to read ynh_app_upstream_version () { - manifest_path="../manifest.json" - if [ ! -e "$manifest_path" ]; then - manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place - fi - version_key=$(ynh_read_manifest "$manifest_path" "version") - echo "${version_key/~ynh*/}" -} + declare -Ar args_array=( [m]=manifest= ) + local manifest + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + manifest="${manifest:-../manifest.json}" + if [ ! -e "$manifest" ]; then + manifest="../settings/manifest.json" # Into the restore script, the manifest is not at the same place + fi + version_key=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version") + echo "${version_key/~ynh*/}" +} # Read package version from the manifest # The version number in the manifest is defined by ~ynh @@ -589,14 +454,20 @@ ynh_app_upstream_version () { # This include the number after ~ynh # In the last example it return 3 # -# usage: ynh_app_package_version +# usage: ynh_app_package_version [-m manifest] +# | arg: -m, --manifest= - Path of the manifest to read ynh_app_package_version () { - manifest_path="../manifest.json" - if [ ! -e "$manifest_path" ]; then - manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place - fi - version_key=$(ynh_read_manifest "$manifest_path" "version") - echo "${version_key/*~ynh/}" + declare -Ar args_array=( [m]=manifest= ) + local manifest + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + manifest="${manifest:-../manifest.json}" + if [ ! -e "$manifest" ]; then + manifest="../settings/manifest.json" # Into the restore script, the manifest is not at the same place + fi + version_key=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version") + echo "${version_key/*~ynh/}" } # Checks the app version to upgrade with the existing app version and returns: @@ -611,58 +482,173 @@ ynh_app_package_version () { # To force an upgrade, even if the package is up to date, # you have to set the variable YNH_FORCE_UPGRADE before. # example: sudo YNH_FORCE_UPGRADE=1 yunohost app upgrade MyApp - +# # usage: ynh_check_app_version_changed ynh_check_app_version_changed () { - local force_upgrade=${YNH_FORCE_UPGRADE:-0} - local package_check=${PACKAGE_CHECK_EXEC:-0} + local force_upgrade=${YNH_FORCE_UPGRADE:-0} + local package_check=${PACKAGE_CHECK_EXEC:-0} - # By default, upstream app version has changed - local return_value="UPGRADE_APP" + # By default, upstream app version has changed + local return_value="UPGRADE_APP" - local current_version=$(ynh_read_manifest "/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" "version" || echo 1.0) - local current_upstream_version="${current_version/~ynh*/}" - local update_version=$(ynh_read_manifest "../manifest.json" "version" || echo 1.0) - local update_upstream_version="${update_version/~ynh*/}" + local current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" --manifest_key="version" || echo 1.0) + local current_upstream_version="$(ynh_app_upstream_version --manifest="/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json")" + local update_version=$(ynh_read_manifest --manifest="../manifest.json" --manifest_key="version" || echo 1.0) + local update_upstream_version="$(ynh_app_upstream_version)" - if [ "$current_version" == "$update_version" ] ; then - # Complete versions are the same - if [ "$force_upgrade" != "0" ] - then - echo "Upgrade forced by YNH_FORCE_UPGRADE." >&2 - unset YNH_FORCE_UPGRADE - elif [ "$package_check" != "0" ] - then - echo "Upgrade forced for package check." >&2 - else - ynh_die "Up-to-date, nothing to do" 0 - fi - elif [ "$current_upstream_version" == "$update_upstream_version" ] ; then - # Upstream versions are the same, only YunoHost package versions differ - return_value="UPGRADE_PACKAGE" - fi - echo $return_value + if [ "$current_version" == "$update_version" ] ; then + # Complete versions are the same + if [ "$force_upgrade" != "0" ] + then + echo "Upgrade forced by YNH_FORCE_UPGRADE." >&2 + unset YNH_FORCE_UPGRADE + elif [ "$package_check" != "0" ] + then + echo "Upgrade forced for package check." >&2 + else + ynh_die "Up-to-date, nothing to do" 0 + fi + elif [ "$current_upstream_version" == "$update_upstream_version" ] ; then + # Upstream versions are the same, only YunoHost package versions differ + return_value="UPGRADE_PACKAGE" + fi + echo $return_value +} + +#================================================= + +# Delete a file checksum from the app settings +# +# $app should be defined when calling this helper +# +# usage: ynh_remove_file_checksum file +# | arg: -f, --file= - The file for which the checksum will be deleted +ynh_delete_file_checksum () { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [f]=file= ) + local file + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' + ynh_app_setting_delete $app $checksum_setting_name +} + +#================================================= +# EXPERIMENTAL HELPERS +#================================================= + +# Start (or other actions) a service, print a log in case of failure and optionnaly wait until the service is completely started +# +# usage: ynh_systemd_action [-n service_name] [-a action] [ [-l "line to match"] [-p log_path] [-t timeout] [-e length] ] +# | arg: -n, --service_name= - Name of the service to reload. Default : $app +# | arg: -a, --action= - Action to perform with systemctl. Default: start +# | arg: -l, --line_match= - Line to match - The line to find in the log to attest the service have finished to boot. +# If not defined it don't wait until the service is completely started. +# | arg: -p, --log_path= - Log file - Path to the log file. Default : /var/log/$app/$app.log +# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Default : 300 seconds. +# | arg: -e, --length= - Length of the error log : Default : 20 +ynh_systemd_action() { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= ) + local service_name + local action + local line_match + local length + local log_path + local timeout + + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + local service_name="${service_name:-$app}" + local action=${action:-start} + local log_path="${log_path:-/var/log/$service_name/$service_name.log}" + local length=${length:-20} + local timeout=${timeout:-300} + + # Start to read the log + if [[ -n "${line_match:-}" ]] + then + local templog="$(mktemp)" + # Following the starting of the app in its log + if [ "$log_path" == "systemd" ] ; then + # Read the systemd journal + journalctl -u $service_name -f --since=-45 > "$templog" & + else + # Read the specified log file + tail -F -n0 "$log_path" > "$templog" & + fi + # Get the PID of the tail command + local pid_tail=$! + fi + + echo "${action^} the service $service_name" >&2 + systemctl $action $service_name \ + || ( journalctl --lines=$length -u $service_name >&2 \ + ; test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 \ + ; false ) + + # Start the timeout and try to find line_match + if [[ -n "${line_match:-}" ]] + then + local i=0 + for i in $(seq 1 $timeout) + do + # Read the log until the sentence is found, that means the app finished to start. Or run until the timeout + if grep --quiet "$line_match" "$templog" + then + echo "The service $service_name has correctly started." >&2 + break + fi + echo -n "." >&2 + sleep 1 + done + if [ $i -eq $timeout ] + then + echo "The service $service_name didn't fully started before the timeout." >&2 + echo "Please find here an extract of the end of the log of the service $service_name:" + journalctl --lines=$length -u $service_name >&2 + test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 + fi + + echo "" + ynh_clean_check_starting + fi +} + +# Clean temporary process and file used by ynh_check_starting +# (usually used in ynh_clean_setup scripts) +# +# usage: ynh_clean_check_starting +ynh_clean_check_starting () { + # Stop the execution of tail. + kill -s 15 $pid_tail 2>&1 + ynh_secure_remove "$templog" 2>&1 } #================================================= # Send an email to inform the administrator # -# usage: ynh_send_readme_to_admin app_message [recipients] +# usage: ynh_send_readme_to_admin --app_message=app_message [--recipients=recipients] [--type=type] # | arg: -m --app_message= - The message to send to the administrator. # | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root # example: "root admin@domain" # If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you # example: "root admin@domain user1 user2" +# | arg: -t, --type= - Type of mail, could be 'backup', 'change_url', 'install', 'remove', 'restore', 'upgrade' ynh_send_readme_to_admin() { # Declare an array to define the options of this helper. - declare -Ar args_array=( [m]=app_message= [r]=recipients= ) + declare -Ar args_array=( [m]=app_message= [r]=recipients= [t]=type= ) local app_message local recipients + local type # Manage arguments with getopts ynh_handle_getopts_args "$@" - local app_message="${app_message:-...No specific information...}" - local recipients="${recipients:-root}" + app_message="${app_message:-...No specific information...}" + recipients="${recipients:-root}" + type="${type:-install}" # Retrieve the email of users find_mails () { @@ -688,7 +674,23 @@ ynh_send_readme_to_admin() { } recipients=$(find_mails "$recipients") - local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!" + # Subject base + local mail_subject="☁️🆈🅽🅷☁️: \`$app\`" + + # Adapt the subject according to the type of mail required. + if [ "$type" = "backup" ]; then + mail_subject="$mail_subject has just been backup." + elif [ "$type" = "change_url" ]; then + mail_subject="$mail_subject has just been moved to a new URL!" + elif [ "$type" = "remove" ]; then + mail_subject="$mail_subject has just been removed!" + elif [ "$type" = "restore" ]; then + mail_subject="$mail_subject has just been restored!" + elif [ "$type" = "upgrade" ]; then + mail_subject="$mail_subject has just been upgraded!" + else # install + mail_subject="$mail_subject has just been installed!" + fi local mail_message="This is an automated message from your beloved YunoHost server. @@ -715,26 +717,6 @@ $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')" #================================================= -# Reload (or other actions) a service and print a log in case of failure. -# -# usage: ynh_system_reload service_name [action] -# | arg: -n, --service_name= - Name of the service to reload -# | arg: -a, --action= - Action to perform with systemctl. Default: reload -ynh_system_reload () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [n]=service_name= [a]=action= ) - local service_name - local action - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - local action=${action:-reload} - - # Reload, restart or start and print the log if the service fail to start or reload - systemctl $action $service_name || ( journalctl --lines=20 -u $service_name >&2 && false) -} - -#================================================= - ynh_debian_release () { lsb_release --codename --short } @@ -759,19 +741,6 @@ is_jessie () { #================================================= -# Delete a file checksum from the app settings -# -# $app should be defined when calling this helper -# -# usage: ynh_remove_file_checksum file -# | arg: file - The file for which the checksum will be deleted -ynh_delete_file_checksum () { - local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' - ynh_app_setting_delete $app $checksum_setting_name -} - -#================================================= - ynh_maintenance_mode_ON () { # Load value of $path_url and $domain from the config if their not set if [ -z $path_url ]; then @@ -848,3 +817,69 @@ ynh_maintenance_mode_OFF () { systemctl reload nginx } + +#================================================= + +# Download and check integrity of a file from app.src_file +# +# The file conf/app.src_file need to contains: +# +# FILE_URL=Address to download the file +# FILE_SUM=Control sum +# # (Optional) Program to check the integrity (sha256sum, md5sum...) +# # default: sha256 +# FILE_SUM_PRG=sha256 +# # (Optionnal) Name of the local archive (offline setup support) +# # default: Name of the downloaded file. +# FILENAME=example.deb +# +# usage: ynh_download_file --dest_dir="/destination/directory" [--source_id=myfile] +# | arg: -d, --dest_dir= - Directory where to download the file +# | arg: -s, --source_id= - Name of the source file 'app.src_file' if it isn't '$app' +ynh_download_file () { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [d]=dest_dir= [s]=source_id= ) + local dest_dir + local source_id + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + source_id=${source_id:-app} # If the argument is not given, source_id equals "$app" + + # Load value from configuration file (see above for a small doc about this file + # format) + local src_file="$YNH_CWD/../conf/${source_id}.src_file" + # If the src_file doesn't exist, use the backup path instead, with a "settings" directory + if [ ! -e "$src_file" ] + then + src_file="$YNH_CWD/../settings/conf/${source_id}.src_file" + fi + local file_url=$(grep 'FILE_URL=' "$src_file" | cut -d= -f2-) + local file_sum=$(grep 'FILE_SUM=' "$src_file" | cut -d= -f2-) + local file_sumprg=$(grep 'FILE_SUM_PRG=' "$src_file" | cut -d= -f2-) + local filename=$(grep 'FILENAME=' "$src_file" | cut -d= -f2-) + + # Default value + file_sumprg=${file_sumprg:-sha256sum} + if [ "$filename" = "" ] ; then + filename="$(basename "$file_url")" + fi + local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${filename}" + + if test -e "$local_src" + then # Use the local source file if it is present + cp $local_src $filename + else # If not, download the source + local out=`wget -nv -O $filename $file_url 2>&1` || ynh_print_err $out + fi + + # Check the control sum + echo "${file_sum} ${filename}" | ${file_sumprg} -c --status \ + || ynh_die "Corrupt file" + + # Create the destination directory, if it's not already. + mkdir -p "$dest_dir" + + # Move the file to its destination + mv $filename $dest_dir +} diff --git a/scripts/actions/public_private b/scripts/actions/public_private index 47c01c9..f685d1e 100755 --- a/scripts/actions/public_private +++ b/scripts/actions/public_private @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +source scripts/_common.sh source /usr/share/yunohost/helpers #================================================= @@ -41,7 +42,7 @@ fi if [ $is_public -eq 0 ] then ynh_app_setting_delete $app unprotected_uris - # Rend la page d'actualisation accessible pour le script cron. + # Set the action.php script public for the cron task ynh_app_setting_set $app skipped_uris "/action.php" else ynh_app_setting_delete $app skipped_uris @@ -58,4 +59,4 @@ ynh_app_setting_set $app is_public $is_public # RELOAD NGINX #================================================= -systemctl reload nginx +ynh_systemd_action --action=reload --service_name=nginx diff --git a/scripts/backup b/scripts/backup index 422f2f2..6f7b599 100644 --- a/scripts/backup +++ b/scripts/backup @@ -30,27 +30,26 @@ db_pwd=$(ynh_app_setting_get "$app" mysqlpwd) #================================================= # STANDARD BACKUP STEPS #================================================= -# BACKUP OF THE MAIN DIR OF THE APP +# BACKUP THE APP MAIN DIR #================================================= CHECK_SIZE "$final_path" ynh_backup "$final_path" #================================================= -# BACKUP OF THE NGINX CONFIGURATION +# BACKUP NGINX CONFIGURATION #================================================= ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# BACKUP OF THE PHP-FPM CONFIGURATION +# BACKUP PHP-FPM CONFIGURATION #================================================= ynh_backup "/etc/php5/fpm/pool.d/$app.conf" -ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini" #================================================= -# BACKUP OF THE SQL BDD +# BACKUP THE MYSQL DATABASE #================================================= ynh_mysql_dump_db "$db_name" > db.sql @@ -66,7 +65,7 @@ ynh_backup "/etc/fail2ban/filter.d/$app.conf" #================================================= # SPECIFIC BACKUP #================================================= -# BACKUP OF THE CRON FILE +# BACKUP THE CRON FILE #================================================= ynh_backup "/etc/cron.d/$app" diff --git a/scripts/change_url b/scripts/change_url index dbe709b..75d1c69 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -130,7 +130,7 @@ ynh_mysql_execute_as_root "UPDATE leed_configuration SET value='$domain_path/' W # RELOAD NGINX #================================================= -ynh_system_reload --service_name=nginx +ynh_systemd_action --action=reload --service_name=nginx #================================================= # DEACTIVE MAINTENANCE MODE diff --git a/scripts/install b/scripts/install index ba3069e..52ad340 100644 --- a/scripts/install +++ b/scripts/install @@ -13,7 +13,8 @@ source /usr/share/yunohost/helpers # MANAGE FAILURE OF THE SCRIPT #================================================= -ynh_abort_if_errors # Active trap pour arrêter le script si une erreur est détectée. +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST @@ -38,8 +39,6 @@ test ! -e "$final_path" || ynh_die "This path already contains a folder" # Normalize the url path syntax path_url=$(ynh_normalize_url_path $path_url) -# Check web path availability -ynh_webpath_available $domain $path_url # Register (book) web path ynh_webpath_register $app $domain $path_url @@ -56,7 +55,7 @@ ynh_app_setting_set $app overwrite_phpfpm "1" #================================================= # STANDARD MODIFICATIONS #================================================= -# CREATE A SQL BDD +# CREATE A MYSQL DATABASE #================================================= db_name=$(ynh_sanitize_dbid $app) @@ -68,25 +67,29 @@ ynh_mysql_setup_db $db_name $db_name #================================================= ynh_app_setting_set $app final_path $final_path -ynh_setup_source "$final_path" # Télécharge la source, décompresse et copie dans $final_path +# Download, check integrity and uncompress the source from app.src +ynh_setup_source "$final_path" #================================================= # NGINX CONFIGURATION #================================================= +# Create a dedicated nginx config ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= -ynh_system_user_create $app # Créer un utilisateur système dédié à l'app +# Create a dedicated system user +ynh_system_user_create $app #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_add_fpm_config # Créer le fichier de configuration du pool php-fpm et le configure. +# Create a dedicated php-fpm config +ynh_add_fpm_config #================================================= # SPECIFIC SETUP @@ -97,12 +100,13 @@ ynh_add_fpm_config # Créer le fichier de configuration du pool php-fpm et le co # Set right permissions for curl install chown -R $app: $final_path -# Rend la page d'install publique pour curl -ynh_app_setting_set $app unprotected_uris "/" #L'usage de unprotected_uris a la place de skipped_uris permet de passer le header d'auth http +# Set the app as temporarily public for curl call +ynh_app_setting_set $app unprotected_uris "/" +# Regen SSOwat configuration yunohost app ssowatconf # Reload Nginx -ynh_system_reload --service_name=nginx +ynh_systemd_action --action=reload --service_name=nginx # Leed installation via curl ynh_print_OFF @@ -131,9 +135,9 @@ cp ../conf/cron_leed /etc/cron.d/$app # SECURING FILES AND DIRECTORIES #================================================= -# Les fichiers appartiennent à root +# Set permissions to app files chown -R root: $final_path -# $app doit avoir les droits d'écriture dans plugins, cache et updates +# $app need write permissions in plugins, cache and updates mkdir $final_path/cache chown -R $app $final_path/cache $final_path/plugins $final_path/updates @@ -141,7 +145,8 @@ chown -R $app $final_path/cache $final_path/plugins $final_path/updates # SETUP FAIL2BAN #================================================= -ynh_add_fail2ban_config "/var/log/nginx/${domain}-error.log" "PHP message: Leed: wrong login for .* client: " 5 +# Create a dedicated fail2ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="PHP message: Leed: wrong login for .* client: " --max_retry=5 #================================================= # SETUP SSOWAT @@ -151,9 +156,9 @@ ynh_add_fail2ban_config "/var/log/nginx/${domain}-error.log" "PHP message: Leed: ynh_app_setting_set $app is_public "$is_public" if [ $is_public -eq 0 ]; then - # Retire l'autorisation d'accès de la page d'install. + # Remove the public access ynh_app_setting_delete $app unprotected_uris - # Rend la page d'actualisation accessible pour le script cron. + # Set the action.php script public for the cron task ynh_app_setting_set $app skipped_uris "/action.php" fi @@ -161,16 +166,22 @@ fi # RELOAD NGINX #================================================= -ynh_system_reload --service_name=nginx +ynh_systemd_action --action=reload --service_name=nginx #================================================= # SEND A README FOR THE ADMIN #================================================= +# Get main domain and buid the url of the admin panel of the app. +admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app" + ynh_print_OFF message="Please take note of your password for this application: '$user_pwd'. -If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh" +You can configure this app easily by using the experimental config-panel feature: $admin_panel/config-panel. +You can also find some specific actions for this app by using the experimental action feature: $admin_panel/actions. -ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" +If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh" + +ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" --type="install" ynh_print_ON diff --git a/scripts/remove b/scripts/remove index 3df10eb..4690bbc 100644 --- a/scripts/remove +++ b/scripts/remove @@ -21,33 +21,38 @@ db_name=$(ynh_app_setting_get $app db_name) #================================================= # STANDARD REMOVE #================================================= -# REMOVE THE SQL BDD +# REMOVE THE MYSQL DATABASE #================================================= -ynh_mysql_remove_db $db_name $db_name # Suppression de la base de donnée et de l'utilisateur associé. +# Remove a database if it exists, along with the associated user +ynh_mysql_remove_db $db_name $db_name #================================================= -# REMOVE THE MAIN DIR OF THE APP +# REMOVE APP MAIN DIR #================================================= -ynh_secure_remove "/var/www/$app" # Suppression du dossier de l'application +# Remove the app directory securely +ynh_secure_remove "/var/www/$app" #================================================= -# REMOVE THE NGINX CONFIGURATION +# REMOVE NGINX CONFIGURATION #================================================= -ynh_remove_nginx_config # Suppression de la configuration nginx +# Remove the dedicated nginx config +ynh_remove_nginx_config #================================================= -# REMOVE THE PHP-FPM CONFIGURATION +# REMOVE PHP-FPM CONFIGURATION #================================================= -ynh_remove_fpm_config # Suppression de la configuration du pool php-fpm +# Remove the dedicated php-fpm config +ynh_remove_fpm_config #================================================= # REMOVE FAIL2BAN CONFIGURATION #================================================= +# Remove the dedicated fail2ban config ynh_remove_fail2ban_config #================================================= @@ -64,4 +69,5 @@ ynh_secure_remove "/etc/cron.d/$app" # REMOVE DEDICATED USER #================================================= +# Delete dedicated system user ynh_system_user_delete $app diff --git a/scripts/restore b/scripts/restore index bccf17f..0a5057d 100644 --- a/scripts/restore +++ b/scripts/restore @@ -46,19 +46,19 @@ ynh_maintenance_mode_ON #================================================= # STANDARD RESTORE STEPS #================================================= -# RESTORE OF THE NGINX CONFIGURATION +# RESTORE THE NGINX CONFIGURATION #================================================= ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# RESTORE OF THE MAIN DIR OF THE APP +# RESTORE THE APP MAIN DIR #================================================= ynh_restore_file "$final_path" #================================================= -# RESTORE OF THE SQL BDD +# RESTORE THE MYSQL DATABASE #================================================= db_pwd=$(ynh_app_setting_get $app mysqlpwd) @@ -69,14 +69,14 @@ ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql # RECREATE THE DEDICATED USER #================================================= -ynh_system_user_create $app # Recreate the dedicated user, if not exist +# Create the dedicated user (if not existing) +ynh_system_user_create $app #================================================= -# RESTORE OF THE PHP-FPM CONFIGURATION +# RESTORE THE PHP-FPM CONFIGURATION #================================================= ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" -ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini" #================================================= # RESTORE FAIL2BAN CONFIGURATION @@ -84,12 +84,12 @@ ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini" ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" -ynh_system_reload --service_name=fail2ban --action=restart +ynh_systemd_action --action=restart --service_name=fail2ban #================================================= # SPECIFIC RESTORE #================================================= -# RESTORE OF THE CRON FILE +# RESTORE THE CRON FILE #================================================= ynh_restore_file "/etc/cron.d/$app" @@ -106,8 +106,8 @@ chown -R $app $final_path/cache $final_path/plugins $final_path/updates # RELOAD NGINX AND PHP-FPM #================================================= -ynh_system_reload --service_name=php5-fpm -ynh_system_reload --service_name=nginx +ynh_systemd_action --action=reload --service_name=php5-fpm +ynh_systemd_action --action=reload --service_name=nginx #================================================= # DEACTIVE MAINTENANCE MODE @@ -119,6 +119,12 @@ ynh_maintenance_mode_OFF # SEND A README FOR THE ADMIN #================================================= -message="If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh" +# Get main domain and buid the url of the admin panel of the app. +admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app" -ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" +message="You can configure this app easily by using the experimental config-panel feature: $admin_panel/config-panel. +You can also find some specific actions for this app by using the experimental action feature: $admin_panel/actions. + +If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh" + +ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" --type="restore" diff --git a/scripts/upgrade b/scripts/upgrade index d3bad19..86e56ea 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -29,34 +29,38 @@ overwrite_phpfpm=$(ynh_app_setting_get $app overwrite_phpfpm) # CHECK VERSION #================================================= -# ynh_abort_if_up_to_date upgrade_type=$(ynh_check_app_version_changed) #================================================= -# FIX OLD THINGS +# ENSURE DOWNWARD COMPATIBILITY #================================================= -if [ -z "$final_path" ]; then # Si final_path n'est pas renseigné dans app setting +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then final_path=/var/www/$app ynh_app_setting_set $app final_path $final_path fi -if [ -z "$db_name" ]; then # Si db_name n'est pas renseigné dans app setting +# If db_name doesn't exist, create it +if [ -z "$db_name" ]; then db_name=$(ynh_make_valid_dbid $app) ynh_app_setting_set $app db_name $db_name fi -if [ -z "$is_public" ]; then # Raté avec get au lieu de set... +# If is_public doesn't exist, create it +if [ -z "$is_public" ]; then public_check=$(ynh_app_setting_get $app skipped_uris) - if [ -z "$public_check" ]; then # Si skipped_uris est vide, c'était une install publique. + # If skipped_uris is empty, that was a public installation. + if [ -z "$public_check" ]; then is_public=1 else is_public=0 fi ynh_app_setting_set $app is_public $is_public else + # Fix is_public as a boolean if [ "$is_public" = "Yes" ]; then - ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen + ynh_app_setting_set $app is_public 1 is_public=1 elif [ "$is_public" = "No" ]; then ynh_app_setting_set $app is_public 0 @@ -93,7 +97,8 @@ ynh_abort_if_errors # CHECK THE PATH #================================================= -path_url=$(ynh_normalize_url_path $path_url) # Vérifie et corrige la syntaxe du path. +# Normalize the URL path syntax +path_url=$(ynh_normalize_url_path $path_url) #================================================= # ACTIVATE MAINTENANCE MODE @@ -109,7 +114,8 @@ ynh_maintenance_mode_ON if [ "$upgrade_type" == "UPGRADE_APP" ] then - ynh_setup_source "$final_path" # Télécharge la source, décompresse et copie dans $final_path + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source "$final_path" fi #================================================= @@ -119,6 +125,7 @@ fi # Overwrite the nginx configuration only if it's allowed if [ $overwrite_nginx -eq 1 ] then + # Create a dedicated nginx config ynh_add_nginx_config fi @@ -126,7 +133,8 @@ fi # CREATE DEDICATED USER #================================================= -ynh_system_user_create $app # Create the dedicated user, if not exist +# Create a dedicated user (if not existing) +ynh_system_user_create $app #================================================= # PHP-FPM CONFIGURATION @@ -135,7 +143,8 @@ ynh_system_user_create $app # Create the dedicated user, if not exist # Overwrite the php-fpm configuration only if it's allowed if [ $overwrite_phpfpm -eq 1 ] then - ynh_add_fpm_config # Créer le fichier de configuration du pool php-fpm et le configure. + # Create a dedicated php-fpm config + ynh_add_fpm_config fi #================================================= @@ -160,9 +169,9 @@ cp ../conf/cron_leed /etc/cron.d/$app # SECURING FILES AND DIRECTORIES #================================================= -# Les fichiers appartiennent à root +# Set permissions on app files chown -R root: $final_path -# www-data doit avoir les droits d'écriture dans plugins, cache et updates +# $app need write permissions in plugins, cache and updates mkdir -p $final_path/cache chown -R $app $final_path/cache $final_path/plugins $final_path/updates @@ -172,13 +181,13 @@ chown -R $app $final_path/cache $final_path/plugins $final_path/updates if [ "$upgrade_type" == "UPGRADE_APP" ] then - # Vide le cache de leed pour la mise à jour + # Clear leed cache ynh_secure_remove $final_path/cache/* - # Laisse un accès libre pour curl. + # Set the app as temporarily public for curl call ynh_app_setting_set $app unprotected_uris "/" - # Régénère la configuration de SSOwat + # Regen SSOwat configuration yunohost app ssowatconf - # Lance la procédure de mise à jour de leed. + # Start the upgrade procedure of leed. ynh_local_curl "/" fi @@ -188,7 +197,8 @@ fi # UPGRADE FAIL2BAN #================================================= -ynh_add_fail2ban_config "/var/log/nginx/${domain}-error.log" "PHP message: Leed: wrong login for .* client: " 5 +# Create a dedicated fail2ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="PHP message: Leed: wrong login for .* client: " --max_retry=5 #================================================= # SETUP SSOWAT @@ -197,9 +207,9 @@ ynh_add_fail2ban_config "/var/log/nginx/${domain}-error.log" "PHP message: Leed: # Make app private if necessary if [ $is_public -eq 0 ]; then - # Retire l'autorisation d'accès à leed + # Remove the public access ynh_app_setting_delete $app unprotected_uris - # Rend la page d'actualisation accessible pour le script cron. + # Set the action.php script public for the cron task ynh_app_setting_set $app skipped_uris "/action.php" fi @@ -207,10 +217,24 @@ fi # RELOAD NGINX #================================================= -ynh_system_reload --service_name=nginx +ynh_systemd_action --action=reload --service_name=nginx #================================================= # DEACTIVE MAINTENANCE MODE #================================================= ynh_maintenance_mode_OFF + +#================================================= +# SEND A README FOR THE ADMIN +#================================================= + +# Get main domain and buid the url of the admin panel of the app. +admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app" + +message="You can configure this app easily by using the experimental config-panel feature: $admin_panel/config-panel. +You can also find some specific actions for this app by using the experimental action feature: $admin_panel/actions. + +If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh" + +ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" --type="upgrade"