YunoHost-Apps/leed_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/leed_ynh.git synced 2024-09-03 19:26:32 +02:00
Code Issues Activity Actions

Merge pull request #16 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Maniack Crudelis 2019-01-21 14:02:36 +01:00 committed by GitHub
commit 639c08c938
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 488 additions and 409 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
README.md
View file

@ -39,9 +39,9 @@ Not supported.
#### Supported architectures #### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/) * x86-64b - [![](https://ci-apps.yunohost.org/ci/logs/leed%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/leed/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/badge/icon)](https://ci-apps-arm.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/) * ARMv8-A - [![](https://ci-apps-arm.yunohost.org/ci/logs/leed%20%28Community%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/leed/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/jenkins/job/leed%20(Community)/badge/icon)](https://ci-stretch.nohost.me/jenkins/job/leed%20(Community)/) * Jessie x86-64b - [![](https://ci-stretch.nohost.me/ci/logs/leed%20%28Community%29.svg)](https://ci-stretch.nohost.me/ci/apps/leed/)
## Limitations ## Limitations
@ -62,7 +62,7 @@ Please do your pull request to the [testing branch](https://github.com/YunoHost-
To try the testing branch, please proceed like that. To try the testing branch, please proceed like that.
``` ```
sudo yunohost app install https://github.com/YunoHost-Apps/leed_ynh/tree/testing --verbose sudo yunohost app install https://github.com/YunoHost-Apps/leed_ynh/tree/testing --debug
or or
sudo yunohost app upgrade leed -u https://github.com/YunoHost-Apps/leed_ynh/tree/testing --verbose sudo yunohost app upgrade leed -u https://github.com/YunoHost-Apps/leed_ynh/tree/testing --debug
``` ```

10
README_fr.md
View file

@ -39,9 +39,9 @@ Non supportée.
#### Architectures supportées. #### Architectures supportées.
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/) * x86-64b - [![](https://ci-apps.yunohost.org/ci/logs/leed%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/leed/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/badge/icon)](https://ci-apps-arm.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/) * ARMv8-A - [![](https://ci-apps-arm.yunohost.org/ci/logs/leed%20%28Community%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/leed/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/jenkins/job/leed%20(Community)/badge/icon)](https://ci-stretch.nohost.me/jenkins/job/leed%20(Community)/) * Jessie x86-64b - [![](https://ci-stretch.nohost.me/ci/logs/leed%20%28Community%29.svg)](https://ci-stretch.nohost.me/ci/apps/leed/)
## Informations additionnelles ## Informations additionnelles
@ -60,7 +60,7 @@ Merci de faire vos pull request sur la [branche testing](https://github.com/Yuno
Pour tester la branche testing, merci de procéder ainsi. Pour tester la branche testing, merci de procéder ainsi.
``` ```
sudo yunohost app install https://github.com/YunoHost-Apps/leed_ynh/tree/testing --verbose sudo yunohost app install https://github.com/YunoHost-Apps/leed_ynh/tree/testing --debug
ou ou
sudo yunohost app upgrade leed -u https://github.com/YunoHost-Apps/leed_ynh/tree/testing --verbose sudo yunohost app upgrade leed -u https://github.com/YunoHost-Apps/leed_ynh/tree/testing --debug
``` ```

6
check_process
View file

@ -15,7 +15,7 @@
setup_private=1 setup_private=1
setup_public=1 setup_public=1
upgrade=1 upgrade=1
upgrade=1 from_commit=c4b966ff2a977b8c0923d4f8ad403d86454883cb upgrade=1 from_commit=8b622d430db9ab860aee156a32086507669243fd
backup_restore=1 backup_restore=1
multi_instance=1 multi_instance=1
incorrect_path=1 incorrect_path=1
@ -37,6 +37,6 @@
Email= Email=
Notification=down Notification=down
;;; Upgrade options ;;; Upgrade options
; commit=c4b966ff2a977b8c0923d4f8ad403d86454883cb ; commit=8b622d430db9ab860aee156a32086507669243fd
name=Fix fail2ban helper name=MAJ 1.8.2
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&password=pass&language=fr&market=1&is_public=1& manifest_arg=domain=DOMAIN&path=PATH&admin=USER&password=pass&language=fr&market=1&is_public=1&

3
conf/php-fpm.ini
View file

@ -1,3 +0,0 @@
; upload_max_filesize=100M
; post_max_size=100M
; max_execution_time=60

4
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Leed is a minimalistic RSS feed aggregator which allows quick and non-intrusive reading of feeds.", "en": "Leed is a minimalistic RSS feed aggregator which allows quick and non-intrusive reading of feeds.",
"fr": "Leed est un agrégateur RSS minimaliste qui permet la consultation de flux RSS de manière rapide et non intrusive." "fr": "Leed est un agrégateur RSS minimaliste qui permet la consultation de flux RSS de manière rapide et non intrusive."
}, },
"version": "1.8.3~ynh4", "version": "1.8.3~ynh5",
"url": "http://leed.idleman.fr/", "url": "http://leed.idleman.fr/",
"license": "AGPL-3.0", "license": "AGPL-3.0",
"maintainer": { "maintainer": {
@ -14,7 +14,7 @@
"email": "maniackc_dev@crudelis.fr" "email": "maniackc_dev@crudelis.fr"
}, },
"requirements": { "requirements": {
"yunohost": ">= 2.7.14" "yunohost": ">= 3.3.3"
}, },
"multi_instance": true, "multi_instance": true,
"services": [ "services": [

577
scripts/_common.sh
View file

@ -49,11 +49,13 @@ bool_to_true_false () {
} }
#================================================= #=================================================
# EXPERIMENTAL HELPERS # FUTUR OFFICIAL HELPERS
#================================================= #=================================================
# Internal helper design to allow helpers to use getopts to manage their arguments # Internal helper design to allow helpers to use getopts to manage their arguments
# #
# [internal]
#
# example: function my_helper() # example: function my_helper()
# { # {
# declare -Ar args_array=( [a]=arg1= [b]=arg2= [c]=arg3 ) # declare -Ar args_array=( [a]=arg1= [b]=arg2= [c]=arg3 )
@ -103,33 +105,33 @@ ynh_handle_getopts_args () {
# For each option in the array, reduce to short options for getopts (e.g. for [u]=user, --user will be -u) # For each option in the array, reduce to short options for getopts (e.g. for [u]=user, --user will be -u)
# And built parameters string for getopts # And built parameters string for getopts
# ${!args_array[@]} is the list of all keys in the array (A key is 'u' in [u]=user, user is a value) # ${!args_array[@]} is the list of all option_flags in the array (An option_flag is 'u' in [u]=user, user is a value)
local getopts_parameters="" local getopts_parameters=""
local key="" local option_flag=""
for key in "${!args_array[@]}" for option_flag in "${!args_array[@]}"
do do
# Concatenate each keys of the array to build the string of arguments for getopts # Concatenate each option_flags of the array to build the string of arguments for getopts
# Will looks like 'abcd' for -a -b -c -d # Will looks like 'abcd' for -a -b -c -d
# If the value of a key finish by =, it's an option with additionnal values. (e.g. --user bob or -u bob) # If the value of an option_flag finish by =, it's an option with additionnal values. (e.g. --user bob or -u bob)
# Check the last character of the value associate to the key # Check the last character of the value associate to the option_flag
if [ "${args_array[$key]: -1}" = "=" ] if [ "${args_array[$option_flag]: -1}" = "=" ]
then then
# For an option with additionnal values, add a ':' after the letter for getopts. # For an option with additionnal values, add a ':' after the letter for getopts.
getopts_parameters="${getopts_parameters}${key}:" getopts_parameters="${getopts_parameters}${option_flag}:"
else else
getopts_parameters="${getopts_parameters}${key}" getopts_parameters="${getopts_parameters}${option_flag}"
fi fi
# Check each argument given to the function # Check each argument given to the function
local arg="" local arg=""
# ${#arguments[@]} is the size of the array # ${#arguments[@]} is the size of the array
for arg in `seq 0 $(( ${#arguments[@]} - 1 ))` for arg in `seq 0 $(( ${#arguments[@]} - 1 ))`
do do
# And replace long option (value of the key) by the short option, the key itself # And replace long option (value of the option_flag) by the short option, the option_flag itself
# (e.g. for [u]=user, --user will be -u) # (e.g. for [u]=user, --user will be -u)
# Replace long option with = # Replace long option with =
arguments[arg]="${arguments[arg]//--${args_array[$key]}/-${key} }" arguments[arg]="${arguments[arg]//--${args_array[$option_flag]}/-${option_flag} }"
# And long option without = # And long option without =
arguments[arg]="${arguments[arg]//--${args_array[$key]%=}/-${key}}" arguments[arg]="${arguments[arg]//--${args_array[$option_flag]%=}/-${option_flag}}"
done done
done done
@ -148,10 +150,10 @@ ynh_handle_getopts_args () {
if [ "$parameter" = "?" ] if [ "$parameter" = "?" ]
then then
ynh_die "Invalid argument: -${OPTARG:-}" ynh_die --message="Invalid argument: -${OPTARG:-}"
elif [ "$parameter" = ":" ] elif [ "$parameter" = ":" ]
then then
ynh_die "-$OPTARG parameter requires an argument." ynh_die --message="-$OPTARG parameter requires an argument."
else else
local shift_value=1 local shift_value=1
# Use the long option, corresponding to the short option read by getopts, as a variable # Use the long option, corresponding to the short option read by getopts, as a variable
@ -179,19 +181,20 @@ ynh_handle_getopts_args () {
shift_value=$(( shift_value - 1 )) shift_value=$(( shift_value - 1 ))
fi fi
# Declare the content of option_var as a variable.
eval ${option_var}=""
# Then read the array value per value # Then read the array value per value
local i
for i in `seq 0 $(( ${#all_args[@]} - 1 ))` for i in `seq 0 $(( ${#all_args[@]} - 1 ))`
do do
# If this argument is an option, end here. # If this argument is an option, end here.
if [ "${all_args[$i]:0:1}" == "-" ] || [ -z "${all_args[$i]}" ] if [ "${all_args[$i]:0:1}" == "-" ]
then then
# Ignore the first value of the array, which is the option itself # Ignore the first value of the array, which is the option itself
if [ "$i" -ne 0 ]; then if [ "$i" -ne 0 ]; then
break break
fi fi
else else
# Declare the content of option_var as a variable.
eval ${option_var}=""
# Else, add this value to this option # Else, add this value to this option
# Each value will be separated by ';' # Each value will be separated by ';'
if [ -n "${!option_var}" ] if [ -n "${!option_var}" ]
@ -215,25 +218,33 @@ ynh_handle_getopts_args () {
# Check if there's getopts arguments # Check if there's getopts arguments
if [ "${arguments[0]:0:1}" != "-" ] if [ "${arguments[0]:0:1}" != "-" ]
then then
# If not, enter in legacy mode and manage the arguments as positionnal ones. # If not, enter in legacy mode and manage the arguments as positionnal ones..
echo "! Helper used in legacy mode !" # Dot not echo, to prevent to go through a helper output. But print only in the log.
set -x; echo "! Helper used in legacy mode !" > /dev/null; set +x
local i
for i in `seq 0 $(( ${#arguments[@]} -1 ))` for i in `seq 0 $(( ${#arguments[@]} -1 ))`
do do
# Use getopts_parameters as a list of key of the array args_array # Try to use legacy_args as a list of option_flag of the array args_array
# Otherwise, fallback to getopts_parameters to get the option_flag. But an associative arrays isn't always sorted in the correct order...
# Remove all ':' in getopts_parameters # Remove all ':' in getopts_parameters
getopts_parameters=${getopts_parameters//:} getopts_parameters=${legacy_args:-${getopts_parameters//:}}
# Get the key from getopts_parameters, by using the key according to the position of the argument. # Get the option_flag from getopts_parameters, by using the option_flag according to the position of the argument.
key=${getopts_parameters:$i:1} option_flag=${getopts_parameters:$i:1}
# Use the long option, corresponding to the key, as a variable if [ -z "$option_flag" ]; then
ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored."
continue
fi
# Use the long option, corresponding to the option_flag, as a variable
# (e.g. for [u]=user, 'user' will be used as a variable) # (e.g. for [u]=user, 'user' will be used as a variable)
# Also, remove '=' at the end of the long option # Also, remove '=' at the end of the long option
# The variable name will be stored in 'option_var' # The variable name will be stored in 'option_var'
local option_var="${args_array[$key]%=}" local option_var="${args_array[$option_flag]%=}"
# Store each value given as argument in the corresponding variable # Store each value given as argument in the corresponding variable
# The values will be stored in the same order than $args_array # The values will be stored in the same order than $args_array
eval ${option_var}+=\"${arguments[$i]}\" eval ${option_var}+=\"${arguments[$i]}\"
done done
unset legacy_args
else else
# END LEGACY MODE # END LEGACY MODE
# Call parse_arg and pass the modified list of args as an array of arguments. # Call parse_arg and pass the modified list of args as an array of arguments.
@ -245,185 +256,12 @@ ynh_handle_getopts_args () {
#================================================= #=================================================
# Start or restart a service and follow its booting
#
# usage: ynh_check_starting "Line to match" [Log file] [Timeout] [Service name]
#
# | arg: -m, --line_to_match= - Line to match - The line to find in the log to attest the service have finished to boot.
# | arg: -l, --app_log= - Log file - The log file to watch; specify "systemd" to read systemd journal for specified service
# /var/log/$app/$app.log will be used if no other log is defined.
# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Defaut 300 seconds.
# | arg: -n, --service_name= - Service name
ynh_check_starting () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [m]=line_to_match= [l]=app_log= [t]=timeout= [n]=service_name= )
local line_to_match
local app_log
local timeout
local service_name
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local app_log="${app_log:-/var/log/$service_name/$service_name.log}"
local timeout=${timeout:-300}
local service_name="${service_name:-$app}"
echo "Starting of $service_name" >&2
systemctl stop $service_name
local templog="$(mktemp)"
# Following the starting of the app in its log
if [ "$app_log" == "systemd" ] ; then
# Read the systemd journal
journalctl -u $service_name -f --since=-45 > "$templog" &
else
# Read the specified log file
tail -F -n0 "$app_log" > "$templog" &
fi
# Get the PID of the last command
local pid_tail=$!
systemctl start $service_name
local i=0
for i in `seq 1 $timeout`
do
# Read the log until the sentence is found, which means the app finished starting. Or run until the timeout.
if grep --quiet "$line_to_match" "$templog"
then
echo "The service $service_name has correctly started." >&2
break
fi
echo -n "." >&2
sleep 1
done
if [ $i -eq $timeout ]
then
echo "The service $service_name didn't fully start before the timeout." >&2
fi
echo ""
ynh_clean_check_starting
}
# Clean temporary process and file used by ynh_check_starting
# (usually used in ynh_clean_setup scripts)
#
# usage: ynh_clean_check_starting
ynh_clean_check_starting () {
# Stop the execution of tail.
kill -s 15 $pid_tail 2>&1
ynh_secure_remove "$templog" 2>&1
}
#=================================================
ynh_print_log () {
echo "${1}"
}
# Print an info on stdout
#
# usage: ynh_print_info "Text to print"
# | arg: text - The text to print
ynh_print_info () {
ynh_print_log "[INFO] ${1}"
}
# Print a warning on stderr
#
# usage: ynh_print_warn "Text to print"
# | arg: text - The text to print
ynh_print_warn () {
ynh_print_log "[WARN] ${1}" >&2
}
# Print a error on stderr
#
# usage: ynh_print_err "Text to print"
# | arg: text - The text to print
ynh_print_err () {
ynh_print_log "[ERR] ${1}" >&2
}
# Execute a command and print the result as an error
#
# usage: ynh_exec_err command to execute
# usage: ynh_exec_err "command to execute | following command"
# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
#
# | arg: command - command to execute
ynh_exec_err () {
ynh_print_err "$(eval $@)"
}
# Execute a command and print the result as a warning
#
# usage: ynh_exec_warn command to execute
# usage: ynh_exec_warn "command to execute | following command"
# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
#
# | arg: command - command to execute
ynh_exec_warn () {
ynh_print_warn "$(eval $@)"
}
# Execute a command and force the result to be printed on stdout
#
# usage: ynh_exec_warn_less command to execute
# usage: ynh_exec_warn_less "command to execute | following command"
# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
#
# | arg: command - command to execute
ynh_exec_warn_less () {
eval $@ 2>&1
}
# Execute a command and redirect stdout in /dev/null
#
# usage: ynh_exec_quiet command to execute
# usage: ynh_exec_quiet "command to execute | following command"
# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
#
# | arg: command - command to execute
ynh_exec_quiet () {
eval $@ > /dev/null
}
# Execute a command and redirect stdout and stderr in /dev/null
#
# usage: ynh_exec_fully_quiet command to execute
# usage: ynh_exec_fully_quiet "command to execute | following command"
# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
#
# | arg: command - command to execute
ynh_exec_fully_quiet () {
eval $@ > /dev/null 2>&1
}
# Remove any logs for all the following commands.
#
# usage: ynh_print_OFF
# WARNING: You should be careful with this helper, and never forgot to use ynh_print_ON as soon as possible to restore the logging.
ynh_print_OFF () {
set +x
}
# Restore the logging after ynh_print_OFF
#
# usage: ynh_print_ON
ynh_print_ON () {
set -x
# Print an echo only for the log, to be able to know that ynh_print_ON has been called.
echo ynh_print_ON > /dev/null
}
#=================================================
# Install or update the main directory yunohost.multimedia # Install or update the main directory yunohost.multimedia
# #
# usage: ynh_multimedia_build_main_dir # usage: ynh_multimedia_build_main_dir
ynh_multimedia_build_main_dir () { ynh_multimedia_build_main_dir () {
local ynh_media_release="v1.0" local ynh_media_release="v1.2"
local checksum="4852c8607db820ad51f348da0dcf0c88" local checksum="806a827ba1902d6911095602a9221181"
# Download yunohost.multimedia scripts # Download yunohost.multimedia scripts
wget -nv https://github.com/YunoHost-Apps/yunohost.multimedia/archive/${ynh_media_release}.tar.gz wget -nv https://github.com/YunoHost-Apps/yunohost.multimedia/archive/${ynh_media_release}.tar.gz
@ -432,6 +270,10 @@ ynh_multimedia_build_main_dir () {
echo "${checksum} ${ynh_media_release}.tar.gz" | md5sum -c --status \ echo "${checksum} ${ynh_media_release}.tar.gz" | md5sum -c --status \
|| ynh_die "Corrupt source" || ynh_die "Corrupt source"
# Check if the package acl is installed. Or install it.
ynh_package_is_installed 'acl' \
|| ynh_package_install acl
# Extract # Extract
mkdir yunohost.multimedia-master mkdir yunohost.multimedia-master
tar -xf ${ynh_media_release}.tar.gz -C yunohost.multimedia-master --strip-components 1 tar -xf ${ynh_media_release}.tar.gz -C yunohost.multimedia-master --strip-components 1
@ -496,16 +338,21 @@ ynh_multimedia_addaccess () {
# Create a dedicated fail2ban config (jail and filter conf files) # Create a dedicated fail2ban config (jail and filter conf files)
# #
# usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]] # usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]]
# | arg: log_file - Log file to be checked by fail2ban # | arg: -l, --logpath= - Log file to be checked by fail2ban
# | arg: failregex - Failregex to be looked for by fail2ban # | arg: -r, --failregex= - Failregex to be looked for by fail2ban
# | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3 # | arg: -m, --max_retry= - Maximum number of retries allowed before banning IP address - default: 3
# | arg: ports - Ports blocked for a banned IP address - default: http,https # | arg: -p, --ports= - Ports blocked for a banned IP address - default: http,https
ynh_add_fail2ban_config () { ynh_add_fail2ban_config () {
# Process parameters # Declare an array to define the options of this helper.
logpath=$1 declare -Ar args_array=( [l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= )
failregex=$2 local logpath
max_retry=${3:-3} local failregex
ports=${4:-http,https} local max_retry
local ports
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
max_retry=${max_retry:-3}
ports=${ports:-http,https}
test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
@ -515,7 +362,7 @@ ynh_add_fail2ban_config () {
ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
sudo tee $finalfail2banjailconf <<EOF tee $finalfail2banjailconf <<EOF
[$app] [$app]
enabled = true enabled = true
port = $ports port = $ports
@ -524,7 +371,7 @@ logpath = $logpath
maxretry = $max_retry maxretry = $max_retry
EOF EOF
sudo tee $finalfail2banfilterconf <<EOF tee $finalfail2banfilterconf <<EOF
[INCLUDES] [INCLUDES]
before = common.conf before = common.conf
[Definition] [Definition]
@ -535,7 +382,11 @@ EOF
ynh_store_file_checksum "$finalfail2banjailconf" ynh_store_file_checksum "$finalfail2banjailconf"
ynh_store_file_checksum "$finalfail2banfilterconf" ynh_store_file_checksum "$finalfail2banfilterconf"
if [ "$(lsb_release --codename --short)" != "jessie" ]; then
systemctl reload fail2ban
else
systemctl restart fail2ban systemctl restart fail2ban
fi
local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")" local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")"
if [ -n "$fail2ban_error" ] if [ -n "$fail2ban_error" ]
then then
@ -550,7 +401,11 @@ EOF
ynh_remove_fail2ban_config () { ynh_remove_fail2ban_config () {
ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf" ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
if [ "$(lsb_release --codename --short)" != "jessie" ]; then
systemctl reload fail2ban
else
systemctl restart fail2ban systemctl restart fail2ban
fi
} }
#================================================= #=================================================
@ -558,12 +413,17 @@ ynh_remove_fail2ban_config () {
# Read the value of a key in a ynh manifest file # Read the value of a key in a ynh manifest file
# #
# usage: ynh_read_manifest manifest key # usage: ynh_read_manifest manifest key
# | arg: manifest - Path of the manifest to read # | arg: -m, --manifest= - Path of the manifest to read
# | arg: key - Name of the key to find # | arg: -k, --key= - Name of the key to find
ynh_read_manifest () { ynh_read_manifest () {
manifest="$1" # Declare an array to define the options of this helper.
key="$2" declare -Ar args_array=( [m]=manifest= [k]=manifest_key= )
python3 -c "import sys, json;print(json.load(open('$manifest', encoding='utf-8'))['$key'])" local manifest
local manifest_key
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
python3 -c "import sys, json;print(json.load(open('$manifest', encoding='utf-8'))['$manifest_key'])"
} }
# Read the upstream version from the manifest # Read the upstream version from the manifest
@ -572,30 +432,41 @@ ynh_read_manifest () {
# This include the number before ~ynh # This include the number before ~ynh
# In the last example it return 4.3-2 # In the last example it return 4.3-2
# #
# usage: ynh_app_upstream_version # usage: ynh_app_upstream_version [-m manifest]
# | arg: -m, --manifest= - Path of the manifest to read
ynh_app_upstream_version () { ynh_app_upstream_version () {
manifest_path="../manifest.json" declare -Ar args_array=( [m]=manifest= )
if [ ! -e "$manifest_path" ]; then local manifest
manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place # Manage arguments with getopts
ynh_handle_getopts_args "$@"
manifest="${manifest:-../manifest.json}"
if [ ! -e "$manifest" ]; then
manifest="../settings/manifest.json" # Into the restore script, the manifest is not at the same place
fi fi
version_key=$(ynh_read_manifest "$manifest_path" "version") version_key=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version")
echo "${version_key/~ynh*/}" echo "${version_key/~ynh*/}"
} }
# Read package version from the manifest # Read package version from the manifest
# The version number in the manifest is defined by <upstreamversion>~ynh<packageversion> # The version number in the manifest is defined by <upstreamversion>~ynh<packageversion>
# For example : 4.3-2~ynh3 # For example : 4.3-2~ynh3
# This include the number after ~ynh # This include the number after ~ynh
# In the last example it return 3 # In the last example it return 3
# #
# usage: ynh_app_package_version # usage: ynh_app_package_version [-m manifest]
# | arg: -m, --manifest= - Path of the manifest to read
ynh_app_package_version () { ynh_app_package_version () {
manifest_path="../manifest.json" declare -Ar args_array=( [m]=manifest= )
if [ ! -e "$manifest_path" ]; then local manifest
manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place # Manage arguments with getopts
ynh_handle_getopts_args "$@"
manifest="${manifest:-../manifest.json}"
if [ ! -e "$manifest" ]; then
manifest="../settings/manifest.json" # Into the restore script, the manifest is not at the same place
fi fi
version_key=$(ynh_read_manifest "$manifest_path" "version") version_key=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version")
echo "${version_key/*~ynh/}" echo "${version_key/*~ynh/}"
} }
@ -611,7 +482,7 @@ ynh_app_package_version () {
# To force an upgrade, even if the package is up to date, # To force an upgrade, even if the package is up to date,
# you have to set the variable YNH_FORCE_UPGRADE before. # you have to set the variable YNH_FORCE_UPGRADE before.
# example: sudo YNH_FORCE_UPGRADE=1 yunohost app upgrade MyApp # example: sudo YNH_FORCE_UPGRADE=1 yunohost app upgrade MyApp
#
# usage: ynh_check_app_version_changed # usage: ynh_check_app_version_changed
ynh_check_app_version_changed () { ynh_check_app_version_changed () {
local force_upgrade=${YNH_FORCE_UPGRADE:-0} local force_upgrade=${YNH_FORCE_UPGRADE:-0}
@ -620,10 +491,10 @@ ynh_check_app_version_changed () {
# By default, upstream app version has changed # By default, upstream app version has changed
local return_value="UPGRADE_APP" local return_value="UPGRADE_APP"
local current_version=$(ynh_read_manifest "/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" "version" || echo 1.0) local current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" --manifest_key="version" || echo 1.0)
local current_upstream_version="${current_version/~ynh*/}" local current_upstream_version="$(ynh_app_upstream_version --manifest="/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json")"
local update_version=$(ynh_read_manifest "../manifest.json" "version" || echo 1.0) local update_version=$(ynh_read_manifest --manifest="../manifest.json" --manifest_key="version" || echo 1.0)
local update_upstream_version="${update_version/~ynh*/}" local update_upstream_version="$(ynh_app_upstream_version)"
if [ "$current_version" == "$update_version" ] ; then if [ "$current_version" == "$update_version" ] ; then
# Complete versions are the same # Complete versions are the same
@ -646,23 +517,138 @@ ynh_check_app_version_changed () {
#================================================= #=================================================
# Delete a file checksum from the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_remove_file_checksum file
# | arg: -f, --file= - The file for which the checksum will be deleted
ynh_delete_file_checksum () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [f]=file= )
local file
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
# Start (or other actions) a service, print a log in case of failure and optionnaly wait until the service is completely started
#
# usage: ynh_systemd_action [-n service_name] [-a action] [ [-l "line to match"] [-p log_path] [-t timeout] [-e length] ]
# | arg: -n, --service_name= - Name of the service to reload. Default : $app
# | arg: -a, --action= - Action to perform with systemctl. Default: start
# | arg: -l, --line_match= - Line to match - The line to find in the log to attest the service have finished to boot.
# If not defined it don't wait until the service is completely started.
# | arg: -p, --log_path= - Log file - Path to the log file. Default : /var/log/$app/$app.log
# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Default : 300 seconds.
# | arg: -e, --length= - Length of the error log : Default : 20
ynh_systemd_action() {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= )
local service_name
local action
local line_match
local length
local log_path
local timeout
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local service_name="${service_name:-$app}"
local action=${action:-start}
local log_path="${log_path:-/var/log/$service_name/$service_name.log}"
local length=${length:-20}
local timeout=${timeout:-300}
# Start to read the log
if [[ -n "${line_match:-}" ]]
then
local templog="$(mktemp)"
# Following the starting of the app in its log
if [ "$log_path" == "systemd" ] ; then
# Read the systemd journal
journalctl -u $service_name -f --since=-45 > "$templog" &
else
# Read the specified log file
tail -F -n0 "$log_path" > "$templog" &
fi
# Get the PID of the tail command
local pid_tail=$!
fi
echo "${action^} the service $service_name" >&2
systemctl $action $service_name \
|| ( journalctl --lines=$length -u $service_name >&2 \
; test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 \
; false )
# Start the timeout and try to find line_match
if [[ -n "${line_match:-}" ]]
then
local i=0
for i in $(seq 1 $timeout)
do
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
if grep --quiet "$line_match" "$templog"
then
echo "The service $service_name has correctly started." >&2
break
fi
echo -n "." >&2
sleep 1
done
if [ $i -eq $timeout ]
then
echo "The service $service_name didn't fully started before the timeout." >&2
echo "Please find here an extract of the end of the log of the service $service_name:"
journalctl --lines=$length -u $service_name >&2
test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2
fi
echo ""
ynh_clean_check_starting
fi
}
# Clean temporary process and file used by ynh_check_starting
# (usually used in ynh_clean_setup scripts)
#
# usage: ynh_clean_check_starting
ynh_clean_check_starting () {
# Stop the execution of tail.
kill -s 15 $pid_tail 2>&1
ynh_secure_remove "$templog" 2>&1
}
#=================================================
# Send an email to inform the administrator # Send an email to inform the administrator
# #
# usage: ynh_send_readme_to_admin app_message [recipients] # usage: ynh_send_readme_to_admin --app_message=app_message [--recipients=recipients] [--type=type]
# | arg: -m --app_message= - The message to send to the administrator. # | arg: -m --app_message= - The message to send to the administrator.
# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root # | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain" # example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you # If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2" # example: "root admin@domain user1 user2"
# | arg: -t, --type= - Type of mail, could be 'backup', 'change_url', 'install', 'remove', 'restore', 'upgrade'
ynh_send_readme_to_admin() { ynh_send_readme_to_admin() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
declare -Ar args_array=( [m]=app_message= [r]=recipients= ) declare -Ar args_array=( [m]=app_message= [r]=recipients= [t]=type= )
local app_message local app_message
local recipients local recipients
local type
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
local app_message="${app_message:-...No specific information...}" app_message="${app_message:-...No specific information...}"
local recipients="${recipients:-root}" recipients="${recipients:-root}"
type="${type:-install}"
# Retrieve the email of users # Retrieve the email of users
find_mails () { find_mails () {
@ -688,7 +674,23 @@ ynh_send_readme_to_admin() {
} }
recipients=$(find_mails "$recipients") recipients=$(find_mails "$recipients")
local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!" # Subject base
local mail_subject="☁️🆈🅽🅷☁️: \`$app\`"
# Adapt the subject according to the type of mail required.
if [ "$type" = "backup" ]; then
mail_subject="$mail_subject has just been backup."
elif [ "$type" = "change_url" ]; then
mail_subject="$mail_subject has just been moved to a new URL!"
elif [ "$type" = "remove" ]; then
mail_subject="$mail_subject has just been removed!"
elif [ "$type" = "restore" ]; then
mail_subject="$mail_subject has just been restored!"
elif [ "$type" = "upgrade" ]; then
mail_subject="$mail_subject has just been upgraded!"
else # install
mail_subject="$mail_subject has just been installed!"
fi
local mail_message="This is an automated message from your beloved YunoHost server. local mail_message="This is an automated message from your beloved YunoHost server.
@ -715,26 +717,6 @@ $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
#================================================= #=================================================
# Reload (or other actions) a service and print a log in case of failure.
#
# usage: ynh_system_reload service_name [action]
# | arg: -n, --service_name= - Name of the service to reload
# | arg: -a, --action= - Action to perform with systemctl. Default: reload
ynh_system_reload () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [n]=service_name= [a]=action= )
local service_name
local action
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local action=${action:-reload}
# Reload, restart or start and print the log if the service fail to start or reload
systemctl $action $service_name || ( journalctl --lines=20 -u $service_name >&2 && false)
}
#=================================================
ynh_debian_release () { ynh_debian_release () {
lsb_release --codename --short lsb_release --codename --short
} }
@ -759,19 +741,6 @@ is_jessie () {
#================================================= #=================================================
# Delete a file checksum from the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_remove_file_checksum file
# | arg: file - The file for which the checksum will be deleted
ynh_delete_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}
#=================================================
ynh_maintenance_mode_ON () { ynh_maintenance_mode_ON () {
# Load value of $path_url and $domain from the config if their not set # Load value of $path_url and $domain from the config if their not set
if [ -z $path_url ]; then if [ -z $path_url ]; then
@ -848,3 +817,69 @@ ynh_maintenance_mode_OFF () {
systemctl reload nginx systemctl reload nginx
} }
#=================================================
# Download and check integrity of a file from app.src_file
#
# The file conf/app.src_file need to contains:
#
# FILE_URL=Address to download the file
# FILE_SUM=Control sum
# # (Optional) Program to check the integrity (sha256sum, md5sum...)
# # default: sha256
# FILE_SUM_PRG=sha256
# # (Optionnal) Name of the local archive (offline setup support)
# # default: Name of the downloaded file.
# FILENAME=example.deb
#
# usage: ynh_download_file --dest_dir="/destination/directory" [--source_id=myfile]
# | arg: -d, --dest_dir= - Directory where to download the file
# | arg: -s, --source_id= - Name of the source file 'app.src_file' if it isn't '$app'
ynh_download_file () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [d]=dest_dir= [s]=source_id= )
local dest_dir
local source_id
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
source_id=${source_id:-app} # If the argument is not given, source_id equals "$app"
# Load value from configuration file (see above for a small doc about this file
# format)
local src_file="$YNH_CWD/../conf/${source_id}.src_file"
# If the src_file doesn't exist, use the backup path instead, with a "settings" directory
if [ ! -e "$src_file" ]
then
src_file="$YNH_CWD/../settings/conf/${source_id}.src_file"
fi
local file_url=$(grep 'FILE_URL=' "$src_file" | cut -d= -f2-)
local file_sum=$(grep 'FILE_SUM=' "$src_file" | cut -d= -f2-)
local file_sumprg=$(grep 'FILE_SUM_PRG=' "$src_file" | cut -d= -f2-)
local filename=$(grep 'FILENAME=' "$src_file" | cut -d= -f2-)
# Default value
file_sumprg=${file_sumprg:-sha256sum}
if [ "$filename" = "" ] ; then
filename="$(basename "$file_url")"
fi
local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${filename}"
if test -e "$local_src"
then # Use the local source file if it is present
cp $local_src $filename
else # If not, download the source
local out=`wget -nv -O $filename $file_url 2>&1` || ynh_print_err $out
fi
# Check the control sum
echo "${file_sum} ${filename}" | ${file_sumprg} -c --status \
|| ynh_die "Corrupt file"
# Create the destination directory, if it's not already.
mkdir -p "$dest_dir"
# Move the file to its destination
mv $filename $dest_dir
}

5
scripts/actions/public_private
View file

@ -6,6 +6,7 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
source scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
@ -41,7 +42,7 @@ fi
if [ $is_public -eq 0 ] if [ $is_public -eq 0 ]
then then
ynh_app_setting_delete $app unprotected_uris ynh_app_setting_delete $app unprotected_uris
# Rend la page d'actualisation accessible pour le script cron. # Set the action.php script public for the cron task
ynh_app_setting_set $app skipped_uris "/action.php" ynh_app_setting_set $app skipped_uris "/action.php"
else else
ynh_app_setting_delete $app skipped_uris ynh_app_setting_delete $app skipped_uris
@ -58,4 +59,4 @@ ynh_app_setting_set $app is_public $is_public
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
systemctl reload nginx ynh_systemd_action --action=reload --service_name=nginx

11
scripts/backup
View file

@ -30,27 +30,26 @@ db_pwd=$(ynh_app_setting_get "$app" mysqlpwd)
#================================================= #=================================================
# STANDARD BACKUP STEPS # STANDARD BACKUP STEPS
#================================================= #=================================================
# BACKUP OF THE MAIN DIR OF THE APP # BACKUP THE APP MAIN DIR
#================================================= #=================================================
CHECK_SIZE "$final_path" CHECK_SIZE "$final_path"
ynh_backup "$final_path" ynh_backup "$final_path"
#================================================= #=================================================
# BACKUP OF THE NGINX CONFIGURATION # BACKUP NGINX CONFIGURATION
#================================================= #=================================================
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# BACKUP OF THE PHP-FPM CONFIGURATION # BACKUP PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_backup "/etc/php5/fpm/pool.d/$app.conf" ynh_backup "/etc/php5/fpm/pool.d/$app.conf"
ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini"
#================================================= #=================================================
# BACKUP OF THE SQL BDD # BACKUP THE MYSQL DATABASE
#================================================= #=================================================
ynh_mysql_dump_db "$db_name" > db.sql ynh_mysql_dump_db "$db_name" > db.sql
@ -66,7 +65,7 @@ ynh_backup "/etc/fail2ban/filter.d/$app.conf"
#================================================= #=================================================
# SPECIFIC BACKUP # SPECIFIC BACKUP
#================================================= #=================================================
# BACKUP OF THE CRON FILE # BACKUP THE CRON FILE
#================================================= #=================================================
ynh_backup "/etc/cron.d/$app" ynh_backup "/etc/cron.d/$app"

2
scripts/change_url
View file

@ -130,7 +130,7 @@ ynh_mysql_execute_as_root "UPDATE leed_configuration SET value='$domain_path/' W
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_system_reload --service_name=nginx ynh_systemd_action --action=reload --service_name=nginx
#================================================= #=================================================
# DEACTIVE MAINTENANCE MODE # DEACTIVE MAINTENANCE MODE

47
scripts/install
View file

@ -13,7 +13,8 @@ source /usr/share/yunohost/helpers
# MANAGE FAILURE OF THE SCRIPT # MANAGE FAILURE OF THE SCRIPT
#================================================= #=================================================
ynh_abort_if_errors # Active trap pour arrêter le script si une erreur est détectée. # Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#================================================= #=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST # RETRIEVE ARGUMENTS FROM THE MANIFEST
@ -38,8 +39,6 @@ test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Normalize the url path syntax # Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url) path_url=$(ynh_normalize_url_path $path_url)
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path # Register (book) web path
ynh_webpath_register $app $domain $path_url ynh_webpath_register $app $domain $path_url
@ -56,7 +55,7 @@ ynh_app_setting_set $app overwrite_phpfpm "1"
#================================================= #=================================================
# STANDARD MODIFICATIONS # STANDARD MODIFICATIONS
#================================================= #=================================================
# CREATE A SQL BDD # CREATE A MYSQL DATABASE
#================================================= #=================================================
db_name=$(ynh_sanitize_dbid $app) db_name=$(ynh_sanitize_dbid $app)
@ -68,25 +67,29 @@ ynh_mysql_setup_db $db_name $db_name
#================================================= #=================================================
ynh_app_setting_set $app final_path $final_path ynh_app_setting_set $app final_path $final_path
ynh_setup_source "$final_path" # Télécharge la source, décompresse et copie dans $final_path # Download, check integrity and uncompress the source from app.src
ynh_setup_source "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
# Create a dedicated nginx config
ynh_add_nginx_config ynh_add_nginx_config
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
ynh_system_user_create $app # Créer un utilisateur système dédié à l'app # Create a dedicated system user
ynh_system_user_create $app
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_add_fpm_config # Créer le fichier de configuration du pool php-fpm et le configure. # Create a dedicated php-fpm config
ynh_add_fpm_config
#================================================= #=================================================
# SPECIFIC SETUP # SPECIFIC SETUP
@ -97,12 +100,13 @@ ynh_add_fpm_config # Créer le fichier de configuration du pool php-fpm et le co
# Set right permissions for curl install # Set right permissions for curl install
chown -R $app: $final_path chown -R $app: $final_path
# Rend la page d'install publique pour curl # Set the app as temporarily public for curl call
ynh_app_setting_set $app unprotected_uris "/" #L'usage de unprotected_uris a la place de skipped_uris permet de passer le header d'auth http ynh_app_setting_set $app unprotected_uris "/"
# Regen SSOwat configuration
yunohost app ssowatconf yunohost app ssowatconf
# Reload Nginx # Reload Nginx
ynh_system_reload --service_name=nginx ynh_systemd_action --action=reload --service_name=nginx
# Leed installation via curl # Leed installation via curl
ynh_print_OFF ynh_print_OFF
@ -131,9 +135,9 @@ cp ../conf/cron_leed /etc/cron.d/$app
# SECURING FILES AND DIRECTORIES # SECURING FILES AND DIRECTORIES
#================================================= #=================================================
# Les fichiers appartiennent à root # Set permissions to app files
chown -R root: $final_path chown -R root: $final_path
# $app doit avoir les droits d'écriture dans plugins, cache et updates # $app need write permissions in plugins, cache and updates
mkdir $final_path/cache mkdir $final_path/cache
chown -R $app $final_path/cache $final_path/plugins $final_path/updates chown -R $app $final_path/cache $final_path/plugins $final_path/updates
@ -141,7 +145,8 @@ chown -R $app $final_path/cache $final_path/plugins $final_path/updates
# SETUP FAIL2BAN # SETUP FAIL2BAN
#================================================= #=================================================
ynh_add_fail2ban_config "/var/log/nginx/${domain}-error.log" "PHP message: Leed: wrong login for .* client: <HOST>" 5 # Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="PHP message: Leed: wrong login for .* client: <HOST>" --max_retry=5
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
@ -151,9 +156,9 @@ ynh_add_fail2ban_config "/var/log/nginx/${domain}-error.log" "PHP message: Leed:
ynh_app_setting_set $app is_public "$is_public" ynh_app_setting_set $app is_public "$is_public"
if [ $is_public -eq 0 ]; if [ $is_public -eq 0 ];
then then
# Retire l'autorisation d'accès de la page d'install. # Remove the public access
ynh_app_setting_delete $app unprotected_uris ynh_app_setting_delete $app unprotected_uris
# Rend la page d'actualisation accessible pour le script cron. # Set the action.php script public for the cron task
ynh_app_setting_set $app skipped_uris "/action.php" ynh_app_setting_set $app skipped_uris "/action.php"
fi fi
@ -161,16 +166,22 @@ fi
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_system_reload --service_name=nginx ynh_systemd_action --action=reload --service_name=nginx
#================================================= #=================================================
# SEND A README FOR THE ADMIN # SEND A README FOR THE ADMIN
#================================================= #=================================================
# Get main domain and buid the url of the admin panel of the app.
admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app"
ynh_print_OFF ynh_print_OFF
message="Please take note of your password for this application: '$user_pwd'. message="Please take note of your password for this application: '$user_pwd'.
If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh" You can configure this app easily by using the experimental config-panel feature: $admin_panel/config-panel.
You can also find some specific actions for this app by using the experimental action feature: $admin_panel/actions.
ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh"
ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" --type="install"
ynh_print_ON ynh_print_ON

22
scripts/remove
View file

@ -21,33 +21,38 @@ db_name=$(ynh_app_setting_get $app db_name)
#================================================= #=================================================
# STANDARD REMOVE # STANDARD REMOVE
#================================================= #=================================================
# REMOVE THE SQL BDD # REMOVE THE MYSQL DATABASE
#================================================= #=================================================
ynh_mysql_remove_db $db_name $db_name # Suppression de la base de donnée et de l'utilisateur associé. # Remove a database if it exists, along with the associated user
ynh_mysql_remove_db $db_name $db_name
#================================================= #=================================================
# REMOVE THE MAIN DIR OF THE APP # REMOVE APP MAIN DIR
#================================================= #=================================================
ynh_secure_remove "/var/www/$app" # Suppression du dossier de l'application # Remove the app directory securely
ynh_secure_remove "/var/www/$app"
#================================================= #=================================================
# REMOVE THE NGINX CONFIGURATION # REMOVE NGINX CONFIGURATION
#================================================= #=================================================
ynh_remove_nginx_config # Suppression de la configuration nginx # Remove the dedicated nginx config
ynh_remove_nginx_config
#================================================= #=================================================
# REMOVE THE PHP-FPM CONFIGURATION # REMOVE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_remove_fpm_config # Suppression de la configuration du pool php-fpm # Remove the dedicated php-fpm config
ynh_remove_fpm_config
#================================================= #=================================================
# REMOVE FAIL2BAN CONFIGURATION # REMOVE FAIL2BAN CONFIGURATION
#================================================= #=================================================
# Remove the dedicated fail2ban config
ynh_remove_fail2ban_config ynh_remove_fail2ban_config
#================================================= #=================================================
@ -64,4 +69,5 @@ ynh_secure_remove "/etc/cron.d/$app"
# REMOVE DEDICATED USER # REMOVE DEDICATED USER
#================================================= #=================================================
# Delete dedicated system user
ynh_system_user_delete $app ynh_system_user_delete $app

30
scripts/restore
View file

@ -46,19 +46,19 @@ ynh_maintenance_mode_ON
#================================================= #=================================================
# STANDARD RESTORE STEPS # STANDARD RESTORE STEPS
#================================================= #=================================================
# RESTORE OF THE NGINX CONFIGURATION # RESTORE THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RESTORE OF THE MAIN DIR OF THE APP # RESTORE THE APP MAIN DIR
#================================================= #=================================================
ynh_restore_file "$final_path" ynh_restore_file "$final_path"
#================================================= #=================================================
# RESTORE OF THE SQL BDD # RESTORE THE MYSQL DATABASE
#================================================= #=================================================
db_pwd=$(ynh_app_setting_get $app mysqlpwd) db_pwd=$(ynh_app_setting_get $app mysqlpwd)
@ -69,14 +69,14 @@ ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql
# RECREATE THE DEDICATED USER # RECREATE THE DEDICATED USER
#================================================= #=================================================
ynh_system_user_create $app # Recreate the dedicated user, if not exist # Create the dedicated user (if not existing)
ynh_system_user_create $app
#================================================= #=================================================
# RESTORE OF THE PHP-FPM CONFIGURATION # RESTORE THE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf"
ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini"
#================================================= #=================================================
# RESTORE FAIL2BAN CONFIGURATION # RESTORE FAIL2BAN CONFIGURATION
@ -84,12 +84,12 @@ ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini"
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
ynh_system_reload --service_name=fail2ban --action=restart ynh_systemd_action --action=restart --service_name=fail2ban
#================================================= #=================================================
# SPECIFIC RESTORE # SPECIFIC RESTORE
#================================================= #=================================================
# RESTORE OF THE CRON FILE # RESTORE THE CRON FILE
#================================================= #=================================================
ynh_restore_file "/etc/cron.d/$app" ynh_restore_file "/etc/cron.d/$app"
@ -106,8 +106,8 @@ chown -R $app $final_path/cache $final_path/plugins $final_path/updates
# RELOAD NGINX AND PHP-FPM # RELOAD NGINX AND PHP-FPM
#================================================= #=================================================
ynh_system_reload --service_name=php5-fpm ynh_systemd_action --action=reload --service_name=php5-fpm
ynh_system_reload --service_name=nginx ynh_systemd_action --action=reload --service_name=nginx
#================================================= #=================================================
# DEACTIVE MAINTENANCE MODE # DEACTIVE MAINTENANCE MODE
@ -119,6 +119,12 @@ ynh_maintenance_mode_OFF
# SEND A README FOR THE ADMIN # SEND A README FOR THE ADMIN
#================================================= #=================================================
message="If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh" # Get main domain and buid the url of the admin panel of the app.
admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app"
ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" message="You can configure this app easily by using the experimental config-panel feature: $admin_panel/config-panel.
You can also find some specific actions for this app by using the experimental action feature: $admin_panel/actions.
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh"
ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" --type="restore"

66
scripts/upgrade
View file

@ -29,34 +29,38 @@ overwrite_phpfpm=$(ynh_app_setting_get $app overwrite_phpfpm)
# CHECK VERSION # CHECK VERSION
#================================================= #=================================================
# ynh_abort_if_up_to_date
upgrade_type=$(ynh_check_app_version_changed) upgrade_type=$(ynh_check_app_version_changed)
#================================================= #=================================================
# FIX OLD THINGS # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
if [ -z "$final_path" ]; then # Si final_path n'est pas renseigné dans app setting # If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app final_path=/var/www/$app
ynh_app_setting_set $app final_path $final_path ynh_app_setting_set $app final_path $final_path
fi fi
if [ -z "$db_name" ]; then # Si db_name n'est pas renseigné dans app setting # If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
db_name=$(ynh_make_valid_dbid $app) db_name=$(ynh_make_valid_dbid $app)
ynh_app_setting_set $app db_name $db_name ynh_app_setting_set $app db_name $db_name
fi fi
if [ -z "$is_public" ]; then # Raté avec get au lieu de set... # If is_public doesn't exist, create it
if [ -z "$is_public" ]; then
public_check=$(ynh_app_setting_get $app skipped_uris) public_check=$(ynh_app_setting_get $app skipped_uris)
if [ -z "$public_check" ]; then # Si skipped_uris est vide, c'était une install publique. # If skipped_uris is empty, that was a public installation.
if [ -z "$public_check" ]; then
is_public=1 is_public=1
else else
is_public=0 is_public=0
fi fi
ynh_app_setting_set $app is_public $is_public ynh_app_setting_set $app is_public $is_public
else else
# Fix is_public as a boolean
if [ "$is_public" = "Yes" ]; then if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen ynh_app_setting_set $app is_public 1
is_public=1 is_public=1
elif [ "$is_public" = "No" ]; then elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0 ynh_app_setting_set $app is_public 0
@ -93,7 +97,8 @@ ynh_abort_if_errors
# CHECK THE PATH # CHECK THE PATH
#================================================= #=================================================
path_url=$(ynh_normalize_url_path $path_url) # Vérifie et corrige la syntaxe du path. # Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)
#================================================= #=================================================
# ACTIVATE MAINTENANCE MODE # ACTIVATE MAINTENANCE MODE
@ -109,7 +114,8 @@ ynh_maintenance_mode_ON
if [ "$upgrade_type" == "UPGRADE_APP" ] if [ "$upgrade_type" == "UPGRADE_APP" ]
then then
ynh_setup_source "$final_path" # Télécharge la source, décompresse et copie dans $final_path # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
fi fi
#================================================= #=================================================
@ -119,6 +125,7 @@ fi
# Overwrite the nginx configuration only if it's allowed # Overwrite the nginx configuration only if it's allowed
if [ $overwrite_nginx -eq 1 ] if [ $overwrite_nginx -eq 1 ]
then then
# Create a dedicated nginx config
ynh_add_nginx_config ynh_add_nginx_config
fi fi
@ -126,7 +133,8 @@ fi
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
ynh_system_user_create $app # Create the dedicated user, if not exist # Create a dedicated user (if not existing)
ynh_system_user_create $app
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
@ -135,7 +143,8 @@ ynh_system_user_create $app # Create the dedicated user, if not exist
# Overwrite the php-fpm configuration only if it's allowed # Overwrite the php-fpm configuration only if it's allowed
if [ $overwrite_phpfpm -eq 1 ] if [ $overwrite_phpfpm -eq 1 ]
then then
ynh_add_fpm_config # Créer le fichier de configuration du pool php-fpm et le configure. # Create a dedicated php-fpm config
ynh_add_fpm_config
fi fi
#================================================= #=================================================
@ -160,9 +169,9 @@ cp ../conf/cron_leed /etc/cron.d/$app
# SECURING FILES AND DIRECTORIES # SECURING FILES AND DIRECTORIES
#================================================= #=================================================
# Les fichiers appartiennent à root # Set permissions on app files
chown -R root: $final_path chown -R root: $final_path
# www-data doit avoir les droits d'écriture dans plugins, cache et updates # $app need write permissions in plugins, cache and updates
mkdir -p $final_path/cache mkdir -p $final_path/cache
chown -R $app $final_path/cache $final_path/plugins $final_path/updates chown -R $app $final_path/cache $final_path/plugins $final_path/updates
@ -172,13 +181,13 @@ chown -R $app $final_path/cache $final_path/plugins $final_path/updates
if [ "$upgrade_type" == "UPGRADE_APP" ] if [ "$upgrade_type" == "UPGRADE_APP" ]
then then
# Vide le cache de leed pour la mise à jour # Clear leed cache
ynh_secure_remove $final_path/cache/* ynh_secure_remove $final_path/cache/*
# Laisse un accès libre pour curl. # Set the app as temporarily public for curl call
ynh_app_setting_set $app unprotected_uris "/" ynh_app_setting_set $app unprotected_uris "/"
# Régénère la configuration de SSOwat # Regen SSOwat configuration
yunohost app ssowatconf yunohost app ssowatconf
# Lance la procédure de mise à jour de leed. # Start the upgrade procedure of leed.
ynh_local_curl "/" ynh_local_curl "/"
fi fi
@ -188,7 +197,8 @@ fi
# UPGRADE FAIL2BAN # UPGRADE FAIL2BAN
#================================================= #=================================================
ynh_add_fail2ban_config "/var/log/nginx/${domain}-error.log" "PHP message: Leed: wrong login for .* client: <HOST>" 5 # Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="PHP message: Leed: wrong login for .* client: <HOST>" --max_retry=5
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
@ -197,9 +207,9 @@ ynh_add_fail2ban_config "/var/log/nginx/${domain}-error.log" "PHP message: Leed:
# Make app private if necessary # Make app private if necessary
if [ $is_public -eq 0 ]; if [ $is_public -eq 0 ];
then then
# Retire l'autorisation d'accès à leed # Remove the public access
ynh_app_setting_delete $app unprotected_uris ynh_app_setting_delete $app unprotected_uris
# Rend la page d'actualisation accessible pour le script cron. # Set the action.php script public for the cron task
ynh_app_setting_set $app skipped_uris "/action.php" ynh_app_setting_set $app skipped_uris "/action.php"
fi fi
@ -207,10 +217,24 @@ fi
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_system_reload --service_name=nginx ynh_systemd_action --action=reload --service_name=nginx
#================================================= #=================================================
# DEACTIVE MAINTENANCE MODE # DEACTIVE MAINTENANCE MODE
#================================================= #=================================================
ynh_maintenance_mode_OFF ynh_maintenance_mode_OFF
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
# Get main domain and buid the url of the admin panel of the app.
admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app"
message="You can configure this app easily by using the experimental config-panel feature: $admin_panel/config-panel.
You can also find some specific actions for this app by using the experimental action feature: $admin_panel/actions.
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh"
ynh_send_readme_to_admin --app_message="$message" --recipients="$admin" --type="upgrade"