mirror of
https://github.com/YunoHost-Apps/leed_ynh.git
synced 2024-09-03 19:26:32 +02:00
commit
8faea60ad0
8 changed files with 95 additions and 50 deletions
|
@ -35,7 +35,8 @@ Not supported.
|
|||
|
||||
#### Supported architectures
|
||||
|
||||
* Tested on x86_64
|
||||
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/)
|
||||
* ARMv8-A - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/)
|
||||
|
||||
## Limitations
|
||||
|
||||
|
|
|
@ -35,7 +35,8 @@ Non supportée.
|
|||
|
||||
#### Architectures supportées.
|
||||
|
||||
* Testé sur x86_64
|
||||
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/)
|
||||
* ARMv8-A - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/)
|
||||
|
||||
## Limitations
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
"en": "Leed is a minimalistic RSS feed aggregator which allows quick and non-intrusive reading of feeds.",
|
||||
"fr": "Leed est un agrégateur RSS minimaliste qui permet la consultation de flux RSS de manière rapide et non intrusive."
|
||||
},
|
||||
"version": "1.8.3~ynh2",
|
||||
"version": "1.8.3~ynh3",
|
||||
"url": "http://leed.idleman.fr/",
|
||||
"license": "AGPL-3.0",
|
||||
"maintainer": {
|
||||
|
|
|
@ -212,15 +212,17 @@ EOF
|
|||
|
||||
# Start or restart a service and follow its booting
|
||||
#
|
||||
# usage: ynh_check_starting "Line to match" [Log file] [Timeout]
|
||||
# usage: ynh_check_starting "Line to match" [Log file] [Timeout] [Service name]
|
||||
#
|
||||
# | arg: Line to match - The line to find in the log to attest the service have finished to boot.
|
||||
# | arg: Log file - The log file to watch
|
||||
# | arg: Service name
|
||||
# /var/log/$app/$app.log will be used if no other log is defined.
|
||||
# | arg: Timeout - The maximum time to wait before ending the watching. Defaut 300 seconds.
|
||||
ynh_check_starting () {
|
||||
local line_to_match="$1"
|
||||
local app_log="${2:-/var/log/$app/$app.log}"
|
||||
local service_name="${4:-$app}"
|
||||
local app_log="${2:-/var/log/$service_name/$service_name.log}"
|
||||
local timeout=${3:-300}
|
||||
|
||||
ynh_clean_check_starting () {
|
||||
|
@ -229,13 +231,14 @@ ynh_check_starting () {
|
|||
ynh_secure_remove "$templog" 2>&1
|
||||
}
|
||||
|
||||
echo "Starting of $app" >&2
|
||||
systemctl restart $app
|
||||
echo "Starting of $service_name" >&2
|
||||
systemctl stop $service_name
|
||||
local templog="$(mktemp)"
|
||||
# Following the starting of the app in its log
|
||||
tail -f -n1 "$app_log" > "$templog" &
|
||||
tail -F -n0 "$app_log" > "$templog" &
|
||||
# Get the PID of the tail command
|
||||
local pid_tail=$!
|
||||
systemctl start $service_name
|
||||
|
||||
local i=0
|
||||
for i in `seq 1 $timeout`
|
||||
|
@ -243,7 +246,7 @@ ynh_check_starting () {
|
|||
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
|
||||
if grep --quiet "$line_to_match" "$templog"
|
||||
then
|
||||
echo "The service $app has correctly started." >&2
|
||||
echo "The service $service_name has correctly started." >&2
|
||||
break
|
||||
fi
|
||||
echo -n "." >&2
|
||||
|
@ -251,7 +254,7 @@ ynh_check_starting () {
|
|||
done
|
||||
if [ $i -eq $timeout ]
|
||||
then
|
||||
echo "The service $app didn't fully started before the timeout." >&2
|
||||
echo "The service $service_name didn't fully started before the timeout." >&2
|
||||
fi
|
||||
|
||||
echo ""
|
||||
|
@ -419,55 +422,56 @@ ynh_multimedia_addaccess () {
|
|||
# | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3
|
||||
# | arg: ports - Ports blocked for a banned IP address - default: http,https
|
||||
ynh_add_fail2ban_config () {
|
||||
# Process parameters
|
||||
logpath=$1
|
||||
failregex=$2
|
||||
max_retry=${3:-3}
|
||||
ports=${4:-http,https}
|
||||
|
||||
test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
|
||||
test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
|
||||
|
||||
finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf"
|
||||
finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf"
|
||||
ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
|
||||
ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
|
||||
|
||||
sudo tee $finalfail2banjailconf <<EOF
|
||||
# Process parameters
|
||||
logpath=$1
|
||||
failregex=$2
|
||||
max_retry=${3:-3}
|
||||
ports=${4:-http,https}
|
||||
|
||||
test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
|
||||
test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
|
||||
|
||||
finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf"
|
||||
finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf"
|
||||
ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
|
||||
ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
|
||||
|
||||
sudo tee $finalfail2banjailconf <<EOF
|
||||
[$app]
|
||||
enabled = true
|
||||
port = $ports
|
||||
filter = $app
|
||||
logpath = $logpath
|
||||
maxretry = $max_retry"
|
||||
maxretry = $max_retry
|
||||
EOF
|
||||
|
||||
sudo tee $finalfail2banfilterconf <<EOF
|
||||
sudo tee $finalfail2banfilterconf <<EOF
|
||||
[INCLUDES]
|
||||
before = common.conf
|
||||
[Definition]
|
||||
failregex = $failregex
|
||||
ignoreregrex ="
|
||||
ignoreregex =
|
||||
EOF
|
||||
|
||||
ynh_store_file_checksum "$finalfail2banjailconf"
|
||||
ynh_store_file_checksum "$finalfail2banfilterconf"
|
||||
|
||||
sudo systemctl restart fail2ban
|
||||
if local fail2ban_error="$(tail -n50 /var/log/fail2ban.log | grep "WARNING Command.*$app.*addfailregex")"
|
||||
then
|
||||
echo "[ERR] Fail2ban fail to load the jail for $app" >&2
|
||||
echo "WARNING${fail2ban_error#*WARNING}" >&2
|
||||
fi
|
||||
ynh_store_file_checksum "$finalfail2banjailconf"
|
||||
ynh_store_file_checksum "$finalfail2banfilterconf"
|
||||
|
||||
systemctl restart fail2ban
|
||||
local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")"
|
||||
if [ -n "$fail2ban_error" ]
|
||||
then
|
||||
echo "[ERR] Fail2ban failed to load the jail for $app" >&2
|
||||
echo "WARNING${fail2ban_error#*WARNING}" >&2
|
||||
fi
|
||||
}
|
||||
|
||||
# Remove the dedicated fail2ban config (jail and filter conf files)
|
||||
#
|
||||
# usage: ynh_remove_fail2ban_config
|
||||
ynh_remove_fail2ban_config () {
|
||||
ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
|
||||
sudo systemctl restart fail2ban
|
||||
ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
|
||||
sudo systemctl restart fail2ban
|
||||
}
|
||||
|
||||
#=================================================
|
||||
|
@ -480,7 +484,7 @@ ynh_remove_fail2ban_config () {
|
|||
ynh_read_manifest () {
|
||||
manifest="$1"
|
||||
key="$2"
|
||||
python3 -c "import sys, json;print(json.load(open('$manifest'))['$key'])"
|
||||
python3 -c "import sys, json;print(json.load(open('$manifest', encoding='utf-8'))['$key'])"
|
||||
}
|
||||
|
||||
# Exit without error if the package is up to date
|
||||
|
@ -525,7 +529,7 @@ ynh_abort_if_up_to_date () {
|
|||
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
|
||||
# example: "root admin@domain user1 user2"
|
||||
ynh_send_readme_to_admin() {
|
||||
local app_message="${1:-...No specific informations...}"
|
||||
local app_message="${1:-...No specific information...}"
|
||||
local recipients="${2:-root}"
|
||||
|
||||
# Retrieve the email of users
|
||||
|
@ -556,7 +560,7 @@ ynh_send_readme_to_admin() {
|
|||
|
||||
local mail_message="This is an automated message from your beloved YunoHost server.
|
||||
|
||||
Specific informations for the application $app.
|
||||
Specific information for the application $app.
|
||||
|
||||
$app_message
|
||||
|
||||
|
@ -569,6 +573,45 @@ $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
|
|||
echo "$mail_message" | mail -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
|
||||
}
|
||||
|
||||
#=================================================
|
||||
|
||||
# Reload (or other actions) a service and print a log in case of failure.
|
||||
#
|
||||
# usage: ynh_system_reload service_name [action]
|
||||
# | arg: service_name - Name of the service to reload
|
||||
# | arg: action - Action to perform with systemctl. Default: reload
|
||||
ynh_system_reload () {
|
||||
local service_name=$1
|
||||
local action=${2:-reload}
|
||||
|
||||
# Reload, restart or start and print the log if the service fail to start or reload
|
||||
systemctl $action $service_name || ( journalctl --lines=20 -u $service_name >&2 && false)
|
||||
}
|
||||
|
||||
#=================================================
|
||||
|
||||
ynh_debian_release () {
|
||||
lsb_release --codename --short
|
||||
}
|
||||
|
||||
is_stretch () {
|
||||
if [ "$(ynh_debian_release)" == "stretch" ]
|
||||
then
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
is_jessie () {
|
||||
if [ "$(ynh_debian_release)" == "jessie" ]
|
||||
then
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
#=================================================
|
||||
#============= FUTURE YUNOHOST HELPER ============
|
||||
#=================================================
|
||||
|
|
|
@ -126,4 +126,4 @@ ynh_mysql_execute_as_root "UPDATE leed_configuration SET value='$domain_path/' W
|
|||
# RELOAD NGINX
|
||||
#=================================================
|
||||
|
||||
systemctl reload nginx
|
||||
ynh_system_reload nginx
|
||||
|
|
|
@ -104,7 +104,7 @@ ynh_app_setting_set $app unprotected_uris "/" #L'usage de unprotected_uris a la
|
|||
yunohost app ssowatconf
|
||||
|
||||
# Reload Nginx
|
||||
systemctl reload nginx
|
||||
ynh_system_reload nginx
|
||||
|
||||
# Leed installation via curl
|
||||
ynh_print_OFF
|
||||
|
@ -163,7 +163,7 @@ fi
|
|||
# RELOAD NGINX
|
||||
#=================================================
|
||||
|
||||
systemctl reload nginx
|
||||
ynh_system_reload nginx
|
||||
|
||||
#=================================================
|
||||
# SEND A README FOR THE ADMIN
|
||||
|
|
|
@ -83,7 +83,7 @@ ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini"
|
|||
|
||||
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
|
||||
systemctl restart fail2ban
|
||||
ynh_system_reload fail2ban restart
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC RESTORE
|
||||
|
@ -105,8 +105,8 @@ chown -R $app $final_path/cache $final_path/plugins $final_path/updates
|
|||
# RELOAD NGINX AND PHP-FPM
|
||||
#=================================================
|
||||
|
||||
systemctl reload php5-fpm
|
||||
systemctl reload nginx
|
||||
ynh_system_reload php5-fpm
|
||||
ynh_system_reload nginx
|
||||
|
||||
#=================================================
|
||||
# SEND A README FOR THE ADMIN
|
||||
|
|
|
@ -176,4 +176,4 @@ fi
|
|||
# RELOAD NGINX
|
||||
#=================================================
|
||||
|
||||
systemctl reload nginx
|
||||
ynh_system_reload nginx
|
||||
|
|
Loading…
Reference in a new issue