mirror of
https://github.com/YunoHost-Apps/lemmy_ynh.git
synced 2024-09-03 19:36:09 +02:00
commit
99efad793f
29 changed files with 1025 additions and 303 deletions
|
@ -8,7 +8,7 @@ about: When creating a bug report, please use the following template to provide
|
|||
1. *Read this whole template first.*
|
||||
2. *Determine if you are on the right place:*
|
||||
- *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!*
|
||||
- *Otherwise, the issue may be due to REPLACEBYYOURAPP itself. Refer to its documentation or repository for help.*
|
||||
- *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.*
|
||||
- *When in doubt, post here and we will figure it out together.*
|
||||
3. *Delete the italic comments as you write over them below, and remove this guide.*
|
||||
---
|
||||
|
@ -31,7 +31,7 @@ about: When creating a bug report, please use the following template to provide
|
|||
|
||||
- *If you performed a command from the CLI, the command itself is enough. For example:*
|
||||
```sh
|
||||
sudo yunohost app install REPLACEBYYOURAPP
|
||||
sudo yunohost app install the_app
|
||||
```
|
||||
- *If you used the webadmin, please perform the equivalent command from the CLI first.*
|
||||
- *If the error occurs in your browser, explain what you did:*
|
16
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
16
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
|
@ -0,0 +1,16 @@
|
|||
## Problem
|
||||
|
||||
- *Description of why you made this PR*
|
||||
|
||||
## Solution
|
||||
|
||||
- *And how do you fix that problem*
|
||||
|
||||
## PR Status
|
||||
|
||||
- [ ] Code finished and ready to be reviewed/tested
|
||||
- [ ] The fix/enhancement were manually tested (if applicable)
|
||||
|
||||
## Automatic tests
|
||||
|
||||
Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)
|
76
README.md
76
README.md
|
@ -1,74 +1,52 @@
|
|||
<!--
|
||||
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
|
||||
It shall NOT be edited by hand.
|
||||
-->
|
||||
|
||||
# lemmy for YunoHost
|
||||
|
||||
# Lemmy app for YunoHost
|
||||
**Warning:** This app uses Docker. YunoHost do not encourages to use black box container technologies like Docker and Ansible.
|
||||
[![Integration level](https://dash.yunohost.org/integration/lemmy.svg)](https://dash.yunohost.org/appci/app/lemmy) ![](https://ci-apps.yunohost.org/ci/badges/lemmy.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/lemmy.maintain.svg)
|
||||
[![Install lemmy with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lemmy)
|
||||
|
||||
Then why this package uses Docker?
|
||||
It's because the developers of the core app do not support simple installation. And packaging without documentaion is time consuming.
|
||||
*[Lire ce readme en français.](./README_fr.md)*
|
||||
|
||||
[![Integration level](https://dash.yunohost.org/integration/lemmy.svg)](https://dash.yunohost.org/appci/app/lemmy) ![](https://ci-apps.yunohost.org/ci/badges/lemmy.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/lemmy.maintain.svg)
|
||||
|
||||
[![Install Lemmy with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lemmy)
|
||||
|
||||
|
||||
> *This package allows you to install Lemmy quickly and simply on a YunoHost server.
|
||||
> *This package allows you to install lemmy quickly and simply on a YunoHost server.
|
||||
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
|
||||
|
||||
## Overview
|
||||
Lemmy is similar to sites like Reddit, Lobste.rs, Raddle, or Hacker News: you subscribe to forums you're interested in, post links and discussions, then vote, and comment on them. Behind the scenes, it is very different; anyone can easily run a server, and all these servers are federated (think email), and connected to the same universe, called the Fediverse.
|
||||
|
||||
**Shipped version:** 0.9.9
|
||||
A link aggregator / Reddit clone for the fediverse.
|
||||
|
||||
**Shipped version:** 0.11.3~ynh1
|
||||
|
||||
**Demo:** https://join.lemmy.ml/join/
|
||||
|
||||
## Screenshots
|
||||
|
||||
![](https://raw.githubusercontent.com/LemmyNet/joinlemmy-site/main/static/images/main_img.webp)
|
||||
![](./doc/screenshots/screenshot1.webp)
|
||||
|
||||
## Demo
|
||||
## Disclaimers / important information
|
||||
|
||||
* [Official demo](https://join.lemmy.ml/join/)
|
||||
* Any known limitations, constrains or stuff not working, such as (but not limited to):
|
||||
* Lemmy require full domain path to be installed. Eg. lemmy.domain.tld
|
||||
* The admin username and password will be sent to the admin of the YunoHost through mail.
|
||||
## Documentation and resources
|
||||
|
||||
## Configuration
|
||||
|
||||
Lemmy require full domain path to be instlled. Eg. lemmy.domain.tld
|
||||
|
||||
The admin username and password will be sent to the admin of the YunoHost through mail.
|
||||
|
||||
## Documentation
|
||||
|
||||
* Official documentation: https://join.lemmy.ml/docs/en/index.html
|
||||
|
||||
|
||||
## YunoHost specific features
|
||||
|
||||
#### Multi-user support
|
||||
|
||||
Are LDAP and HTTP auth supported? No
|
||||
Can the app be used by multiple users? Yes
|
||||
|
||||
#### Supported architectures
|
||||
|
||||
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/lemmy%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/lemmy/)
|
||||
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/lemmy%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/lemmy/)
|
||||
|
||||
## Links
|
||||
|
||||
* Report a bug: https://github.com/YunoHost-Apps/lemmy_ynh/issues
|
||||
* App website: https://join.lemmy.ml
|
||||
* Upstream app repository: https://github.com/LemmyNet/lemmy
|
||||
* YunoHost website: https://yunohost.org/
|
||||
|
||||
---
|
||||
* Official app website: https://join-lemmy.org/
|
||||
* Official admin documentation: https://join-lemmy.org/docs/en/
|
||||
* Upstream app code repository: https://github.com/LemmyNet/lemmy
|
||||
* YunoHost documentation for this app: https://yunohost.org/app_lemmy
|
||||
* Report a bug: https://github.com/YunoHost-Apps/lemmy_ynh/issues
|
||||
|
||||
## Developer info
|
||||
|
||||
**Only if you want to use a testing branch for coding, instead of merging directly into master.**
|
||||
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/lemmy_ynh/tree/testing).
|
||||
|
||||
To try the testing branch, please proceed like that.
|
||||
```
|
||||
sudo yunohost app install https://github.com/YunoHost-Apps/lemmy_ynh/tree/testing --debug
|
||||
|
||||
or
|
||||
|
||||
sudo yunohost app upgrade lemmy -u https://github.com/YunoHost-Apps/lemmy_ynh/tree/testing --debug
|
||||
```
|
||||
|
||||
**More info regarding app packaging:** https://yunohost.org/packaging_apps
|
48
README_fr.md
Normal file
48
README_fr.md
Normal file
|
@ -0,0 +1,48 @@
|
|||
# lemmy pour YunoHost
|
||||
|
||||
[![Niveau d'intégration](https://dash.yunohost.org/integration/lemmy.svg)](https://dash.yunohost.org/appci/app/lemmy) ![](https://ci-apps.yunohost.org/ci/badges/lemmy.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/lemmy.maintain.svg)
|
||||
[![Installer lemmy avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lemmy)
|
||||
|
||||
*[Read this readme in english.](./README.md)*
|
||||
*[Lire ce readme en français.](./README_fr.md)*
|
||||
|
||||
> *Ce package vous permet d'installer lemmy rapidement et simplement sur un serveur YunoHost.
|
||||
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
|
||||
|
||||
## Vue d'ensemble
|
||||
|
||||
|
||||
|
||||
**Version incluse :** 0.11.3~ynh1
|
||||
|
||||
**Démo :** https://join.lemmy.ml/join/
|
||||
|
||||
## Captures d'écran
|
||||
|
||||
![](./doc/screenshots/screenshot1.webp)
|
||||
|
||||
## Avertissements / informations importantes
|
||||
|
||||
* Any known limitations, constrains or stuff not working, such as (but not limited to):
|
||||
* Lemmy require full domain path to be installed. Eg. lemmy.domain.tld
|
||||
* The admin username and password will be sent to the admin of the YunoHost through mail.
|
||||
## Documentations et ressources
|
||||
|
||||
* Site officiel de l'app : https://join-lemmy.org/
|
||||
* Documentation officielle de l'admin : https://join-lemmy.org/docs/en/
|
||||
* Dépôt de code officiel de l'app : https://github.com/LemmyNet/lemmy
|
||||
* Documentation YunoHost pour cette app : https://yunohost.org/app_lemmy
|
||||
* Signaler un bug : https://github.com/YunoHost-Apps/lemmy_ynh/issues
|
||||
|
||||
## Informations pour les développeurs
|
||||
|
||||
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/lemmy_ynh/tree/testing).
|
||||
|
||||
Pour essayer la branche testing, procédez comme suit.
|
||||
```
|
||||
sudo yunohost app install https://github.com/YunoHost-Apps/lemmy_ynh/tree/testing --debug
|
||||
ou
|
||||
sudo yunohost app upgrade lemmy -u https://github.com/YunoHost-Apps/lemmy_ynh/tree/testing --debug
|
||||
```
|
||||
|
||||
**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
|
|
@ -1,14 +1,9 @@
|
|||
# See here for more information
|
||||
# https://github.com/YunoHost/package_check#syntax-check_process-file
|
||||
|
||||
# Move this file from check_process.default to check_process when you have filled it.
|
||||
|
||||
;; Test complet
|
||||
; Manifest
|
||||
domain="domain.tld" (DOMAIN)
|
||||
path="/path" (PATH)
|
||||
admin="john" (USER)
|
||||
sitename="lemmy website) (SITENAME)
|
||||
domain="domain.tld"
|
||||
path="/"
|
||||
admin="john"
|
||||
sitename="lemmy website"
|
||||
; Checks
|
||||
pkg_linter=1
|
||||
setup_sub_dir=0
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
SOURCE_URL=url of app's source
|
||||
SOURCE_SUM=sha256 checksum
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
||||
SOURCE_EXTRACT=true
|
|
@ -1,56 +0,0 @@
|
|||
version: "2.2"
|
||||
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:12-alpine
|
||||
environment:
|
||||
- POSTGRES_USER=lemmy
|
||||
- POSTGRES_PASSWORD=password
|
||||
- POSTGRES_DB=lemmy
|
||||
volumes:
|
||||
- ./volumes/postgres:/var/lib/postgresql/data
|
||||
restart: always
|
||||
|
||||
lemmy:
|
||||
image: dessalines/lemmy:0.9.9
|
||||
ports:
|
||||
- "127.0.0.1:__PORT__LEMMY__:8536"
|
||||
restart: always
|
||||
environment:
|
||||
- RUST_LOG=error
|
||||
volumes:
|
||||
- ./lemmy.hjson:/config/config.hjson
|
||||
depends_on:
|
||||
- postgres
|
||||
- pictrs
|
||||
- iframely
|
||||
|
||||
lemmy-ui:
|
||||
image: dessalines/lemmy-ui:0.9.9
|
||||
ports:
|
||||
- "127.0.0.1:__PORT_UI__:1234"
|
||||
restart: always
|
||||
environment:
|
||||
- LEMMY_INTERNAL_HOST=lemmy:8536
|
||||
- LEMMY_EXTERNAL_HOST=localhost:__PORT__LEMMY__
|
||||
- LEMMY_HTTPS=false
|
||||
depends_on:
|
||||
- lemmy
|
||||
|
||||
pictrs:
|
||||
image: asonix/pictrs:v0.2.5-r0
|
||||
ports:
|
||||
- "127.0.0.1:__PORT_PICTRS__:8080"
|
||||
user: 991:991
|
||||
volumes:
|
||||
- ./volumes/pictrs:/mnt
|
||||
restart: always
|
||||
|
||||
iframely:
|
||||
image: dogbin/iframely:latest
|
||||
ports:
|
||||
- "127.0.0.1:__PORT_IFRAMELY__:80"
|
||||
volumes:
|
||||
- ./iframely.config.local.js:/iframely/config.local.js:ro
|
||||
restart: always
|
||||
mem_limit: 100m
|
7
conf/docker-image-extract.src
Normal file
7
conf/docker-image-extract.src
Normal file
|
@ -0,0 +1,7 @@
|
|||
SOURCE_URL=https://codeload.github.com/jjlin/docker-image-extract/tar.gz/a9e455e44bbbfba897bf3342d9661b182cee67a9
|
||||
SOURCE_SUM=9eb0c734e83a3fd7102fc7209af4977024ec467fbc819782491af47295675f67
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
||||
SOURCE_EXTRACT=true
|
|
@ -37,7 +37,7 @@
|
|||
},
|
||||
*/
|
||||
|
||||
port: 80, //can be overridden by PORT env var
|
||||
port: __PORT_IFRAMELY__, //can be overridden by PORT env var
|
||||
host: '0.0.0.0', // Dockers beware. See https://github.com/itteco/iframely/issues/132#issuecomment-242991246
|
||||
//can be overridden by HOST env var
|
||||
|
||||
|
|
45
conf/iframely.service
Normal file
45
conf/iframely.service
Normal file
|
@ -0,0 +1,45 @@
|
|||
[Unit]
|
||||
Description=__APP__ Iframely Daemon
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=__APP__
|
||||
Group=__APP__
|
||||
WorkingDirectory=__FINALPATH__/iframely/
|
||||
ExecStart=__YNH_NODE__ -- server
|
||||
StandardOutput=append:/var/log/__APP__/__APP__-iframely.log
|
||||
StandardError=inherit
|
||||
|
||||
# Sandboxing options to harden security
|
||||
# Depending on specificities of your service/app, you may need to tweak these
|
||||
# .. but this should be a good baseline
|
||||
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||
NoNewPrivileges=yes
|
||||
PrivateTmp=yes
|
||||
PrivateDevices=yes
|
||||
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
||||
RestrictNamespaces=yes
|
||||
RestrictRealtime=yes
|
||||
DevicePolicy=closed
|
||||
ProtectSystem=full
|
||||
ProtectControlGroups=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
LockPersonality=yes
|
||||
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
|
||||
|
||||
# Denying access to capabilities that should not be relevant for webapps
|
||||
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
|
||||
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
|
||||
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
|
||||
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
|
||||
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
|
||||
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
|
||||
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
7
conf/imagemagick.src
Normal file
7
conf/imagemagick.src
Normal file
|
@ -0,0 +1,7 @@
|
|||
SOURCE_URL=https://github.com/ImageMagick/ImageMagick/archive/refs/tags/7.0.10-62.tar.gz
|
||||
SOURCE_SUM=84442158aea070095efa832cfe868fd99d6befdf609444f0c9e9f1b4f25480cd
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
||||
SOURCE_EXTRACT=true
|
7
conf/lemmy-translations.src
Normal file
7
conf/lemmy-translations.src
Normal file
|
@ -0,0 +1,7 @@
|
|||
SOURCE_URL=https://codeload.github.com/LemmyNet/lemmy-translations/tar.gz/9e3dfebe14693553f1002ef06f02201ca1d52863
|
||||
SOURCE_SUM=1693789ac4d6a3905530b2cf76ad50151082f5e96d1639dc06e30219649a6c87
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
||||
SOURCE_EXTRACT=true
|
49
conf/lemmy-ui.service
Normal file
49
conf/lemmy-ui.service
Normal file
|
@ -0,0 +1,49 @@
|
|||
[Unit]
|
||||
Description=__APP__ Lemmy UI Daemon
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=__APP__
|
||||
Group=__APP__
|
||||
Environment="LEMMY_INTERNAL_HOST=127.0.0.1:__PORT_LEMMY__"
|
||||
Environment="LEMMY_EXTERNAL_HOST=__DOMAIN__"
|
||||
Environment="LEMMY_HTTPS=true"
|
||||
Environment="LEMMY_UI_HOST=0.0.0.0:__PORT_UI__"
|
||||
WorkingDirectory=__FINALPATH__/lemmy-ui/
|
||||
ExecStart=__YNH_NODE__ dist/js/server.js
|
||||
StandardOutput=append:/var/log/__APP__/__APP__-ui.log
|
||||
StandardError=inherit
|
||||
|
||||
# Sandboxing options to harden security
|
||||
# Depending on specificities of your service/app, you may need to tweak these
|
||||
# .. but this should be a good baseline
|
||||
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||
NoNewPrivileges=yes
|
||||
PrivateTmp=yes
|
||||
PrivateDevices=yes
|
||||
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
||||
RestrictNamespaces=yes
|
||||
RestrictRealtime=yes
|
||||
DevicePolicy=closed
|
||||
ProtectSystem=full
|
||||
ProtectControlGroups=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
LockPersonality=yes
|
||||
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
|
||||
|
||||
# Denying access to capabilities that should not be relevant for webapps
|
||||
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
|
||||
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
|
||||
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
|
||||
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
|
||||
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
|
||||
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
|
||||
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
103
conf/lemmy.hjson
103
conf/lemmy.hjson
|
@ -6,41 +6,90 @@
|
|||
# username for the admin user
|
||||
admin_username: "__ADMIN__"
|
||||
# password for the admin user
|
||||
admin_password: "__ADMIN_PASS__"
|
||||
admin_password: "__PASSWORD__"
|
||||
# optional: email for the admin user (can be omitted and set later through the website)
|
||||
admin_email: "__ADMIN_EMAIL__"
|
||||
# name of the site (can be changed later)
|
||||
site_name: "__NAME__"
|
||||
site_name: "__SITENAME__"
|
||||
}
|
||||
# settings related to the postgresql database
|
||||
database: {
|
||||
# username to connect to postgres
|
||||
user: "__DB_USER__"
|
||||
# password to connect to postgres
|
||||
password: "__DB_PWD__"
|
||||
# host where postgres is running
|
||||
host: "localhost"
|
||||
# port where postgres can be accessed
|
||||
port: 5432
|
||||
# name of the postgres database for lemmy
|
||||
database: "__DB_NAME__"
|
||||
# maximum number of active sql connections
|
||||
pool_size: 5
|
||||
}
|
||||
|
||||
# the domain name of your instance (eg "lemmy.ml")
|
||||
hostname: "__DOMAIN__"
|
||||
# address where lemmy should listen for incoming requests
|
||||
bind: "0.0.0.0"
|
||||
# port where lemmy should listen for incoming requests
|
||||
port: 8536
|
||||
port: __PORT_LEMMY__
|
||||
# whether tls is required for activitypub. only disable this for debugging, never for producion.
|
||||
tls_enabled: true
|
||||
# json web token for authorization between server and client
|
||||
jwt_secret: "__RANDOM__"
|
||||
# settings related to the postgresql database
|
||||
database: {
|
||||
# name of the postgres database for lemmy
|
||||
database: "lemmy"
|
||||
# username to connect to postgres
|
||||
user: "lemmy"
|
||||
# password to connect to postgres
|
||||
password: "password"
|
||||
# host where postgres is running
|
||||
host: "postgres"
|
||||
# address where pictrs is available
|
||||
pictrs_url: "http://127.0.0.1:__PORT_PICTRS__"
|
||||
# address where iframely is available
|
||||
iframely_url: "http://127.0.0.1:__PORT_IFRAMELY__"
|
||||
# rate limits for various user actions, by user ip
|
||||
rate_limit: {
|
||||
# maximum number of messages created in interval
|
||||
message: 180
|
||||
# interval length for message limit
|
||||
message_per_second: 60
|
||||
# maximum number of posts created in interval
|
||||
post: 6
|
||||
# interval length for post limit
|
||||
post_per_second: 600
|
||||
# maximum number of registrations in interval
|
||||
register: 3
|
||||
# interval length for registration limit
|
||||
register_per_second: 3600
|
||||
# maximum number of image uploads in interval
|
||||
image: 6
|
||||
# interval length for image uploads
|
||||
image_per_second: 3600
|
||||
}
|
||||
# settings related to activitypub federation
|
||||
federation: {
|
||||
# whether to enable activitypub federation.
|
||||
enabled: true
|
||||
# Allows and blocks are described here:
|
||||
# https://join-lemmy.org/docs/en/federation/administration.html#instance-allowlist-and-blocklist
|
||||
#
|
||||
# list of instances with which federation is allowed
|
||||
# allowed_instances: ["instance1.tld","instance2.tld"]
|
||||
# instances which we never federate anything with (but previously federated objects are unaffected)
|
||||
# blocked_instances: []
|
||||
# If true, only federate with instances on the allowlist and block everything else. If false,
|
||||
# use allowlist only for remote communities, and posts/comments in local communities.
|
||||
# strict_allowlist: true
|
||||
}
|
||||
captcha: {
|
||||
enabled: true
|
||||
difficulty: medium # Can be easy, medium, or hard
|
||||
}
|
||||
# email sending configuration
|
||||
email: {
|
||||
# hostname and port of the smtp server
|
||||
smtp_server: "127.0.0.1:25"
|
||||
# login name for smtp server
|
||||
smtp_login: ""
|
||||
# password to login to the smtp server
|
||||
smtp_password: ""
|
||||
# address to send emails from, eg "noreply@your-instance.com"
|
||||
smtp_from_address: "lemmy@__DOMAIN__"
|
||||
# whether or not smtp connections should use tls
|
||||
use_tls: true
|
||||
}
|
||||
# # optional: email sending configuration
|
||||
# email: {
|
||||
# # hostname and port of the smtp server
|
||||
smtp_server: "127.0.0.1:25"
|
||||
# # login name for smtp server
|
||||
smtp_login: ""
|
||||
# # password to login to the smtp server
|
||||
smtp_password: ""
|
||||
# # address to send emails from, eg "noreply@your-instance.com"
|
||||
smtp_from_address: "lemmy@__DOMAIN__"
|
||||
# # whether or not smtp connections should use tls
|
||||
use_tls: true
|
||||
# }
|
||||
}
|
||||
|
|
46
conf/lemmy.service
Normal file
46
conf/lemmy.service
Normal file
|
@ -0,0 +1,46 @@
|
|||
[Unit]
|
||||
Description=__APP__ Lemmy Daemon
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=__APP__
|
||||
Group=__APP__
|
||||
Environment="LEMMY_CONFIG_LOCATION=__FINALPATH__/config/config.hjson"
|
||||
WorkingDirectory=__FINALPATH__/lemmy/
|
||||
ExecStart=__FINALPATH__/lemmy/lemmy
|
||||
StandardOutput=append:/var/log/__APP__/__APP__.log
|
||||
StandardError=inherit
|
||||
|
||||
# Sandboxing options to harden security
|
||||
# Depending on specificities of your service/app, you may need to tweak these
|
||||
# .. but this should be a good baseline
|
||||
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||
NoNewPrivileges=yes
|
||||
PrivateTmp=yes
|
||||
PrivateDevices=yes
|
||||
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
||||
RestrictNamespaces=yes
|
||||
RestrictRealtime=yes
|
||||
DevicePolicy=closed
|
||||
ProtectSystem=full
|
||||
ProtectControlGroups=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
LockPersonality=yes
|
||||
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
|
||||
|
||||
# Denying access to capabilities that should not be relevant for webapps
|
||||
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
|
||||
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
|
||||
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
|
||||
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
|
||||
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
|
||||
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
|
||||
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
45
conf/pict-rs.service
Normal file
45
conf/pict-rs.service
Normal file
|
@ -0,0 +1,45 @@
|
|||
[Unit]
|
||||
Description=__APP__ pict-rs Daemon
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=__APP__
|
||||
Group=__APP__
|
||||
WorkingDirectory=__FINALPATH__/pict-rs/
|
||||
ExecStart=__FINALPATH__/pict-rs/pict-rs -a 127.0.0.1:__PORT_PICTRS__ -p __DATADIR__/pictrs-data
|
||||
StandardOutput=append:/var/log/__APP__/__APP__-pict-rs.log
|
||||
StandardError=inherit
|
||||
|
||||
# Sandboxing options to harden security
|
||||
# Depending on specificities of your service/app, you may need to tweak these
|
||||
# .. but this should be a good baseline
|
||||
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||
NoNewPrivileges=yes
|
||||
PrivateTmp=yes
|
||||
PrivateDevices=yes
|
||||
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
||||
RestrictNamespaces=yes
|
||||
RestrictRealtime=yes
|
||||
DevicePolicy=closed
|
||||
ProtectSystem=full
|
||||
ProtectControlGroups=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
LockPersonality=yes
|
||||
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
|
||||
|
||||
# Denying access to capabilities that should not be relevant for webapps
|
||||
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
|
||||
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
|
||||
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
|
||||
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
|
||||
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
|
||||
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
|
||||
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
7
conf/pict-rs.src
Normal file
7
conf/pict-rs.src
Normal file
|
@ -0,0 +1,7 @@
|
|||
SOURCE_URL=https://git.asonix.dog/asonix/pict-rs/archive/v0.2.6-r2.tar.gz
|
||||
SOURCE_SUM=c8542ff79fc2f0699b33994d6718a9f8f4bfc94e6c7c7e1e5dc13911afd40d10
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
||||
SOURCE_EXTRACT=true
|
0
doc/.gitkeep
Normal file
0
doc/.gitkeep
Normal file
3
doc/DISCLAIMER.md
Normal file
3
doc/DISCLAIMER.md
Normal file
|
@ -0,0 +1,3 @@
|
|||
* Any known limitations, constrains or stuff not working, such as (but not limited to):
|
||||
* Lemmy require full domain path to be installed. Eg. lemmy.domain.tld
|
||||
* The admin username and password will be sent to the admin of the YunoHost through mail.
|
0
doc/screenshots/.gitkeep
Normal file
0
doc/screenshots/.gitkeep
Normal file
BIN
doc/screenshots/screenshot1.webp
Normal file
BIN
doc/screenshots/screenshot1.webp
Normal file
Binary file not shown.
After Width: | Height: | Size: 97 KiB |
|
@ -5,8 +5,15 @@
|
|||
"description": {
|
||||
"en": "A link aggregator / Reddit clone for the fediverse."
|
||||
},
|
||||
"version": "0.9.9~ynh1",
|
||||
"version": "0.11.3~ynh1",
|
||||
"url": "https://join.lemmy.ml/",
|
||||
"upstream": {
|
||||
"license": "GPL-3.0",
|
||||
"website": "https://join-lemmy.org/",
|
||||
"demo": "https://join.lemmy.ml/join/",
|
||||
"admindoc": "https://join-lemmy.org/docs/en/",
|
||||
"code": "https://github.com/LemmyNet/lemmy"
|
||||
},
|
||||
"license": "GPL-3.0",
|
||||
"maintainer": {
|
||||
"name": "Anmol Sharma",
|
||||
|
@ -25,19 +32,11 @@
|
|||
{
|
||||
"name": "domain",
|
||||
"type": "domain",
|
||||
"ask": {
|
||||
"en": "Choose a domain name for Lemmy",
|
||||
"fr": "Choisissez un nom de domaine pour Lemmy"
|
||||
},
|
||||
"example": "example.com"
|
||||
},
|
||||
{
|
||||
"name": "admin",
|
||||
"type": "string",
|
||||
"ask": {
|
||||
"en": "Choose an admin username",
|
||||
"fr": "Choisissez l'administrateur"
|
||||
},
|
||||
"type": "user",
|
||||
"example": "johndoe"
|
||||
},
|
||||
{
|
||||
|
@ -48,7 +47,6 @@
|
|||
},
|
||||
"example": "lemmy website"
|
||||
}
|
||||
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,16 +0,0 @@
|
|||
## Problem
|
||||
- *Description of why you made this PR*
|
||||
|
||||
## Solution
|
||||
- *And how do you fix that problem*
|
||||
|
||||
## PR Status
|
||||
- [ ] Code finished.
|
||||
- [ ] Tested with Package_check.
|
||||
- [ ] Fix or enhancement tested.
|
||||
- [ ] Upgrade from last version tested.
|
||||
- [ ] Can be reviewed and tested.
|
||||
|
||||
## Package_check results
|
||||
---
|
||||
* An automatic package_check will be launch at https://ci-apps-dev.yunohost.org/, when you add a specific comment to your Pull Request: "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!"*
|
|
@ -5,7 +5,26 @@
|
|||
#=================================================
|
||||
|
||||
# dependencies used by the app
|
||||
pkg_dependencies="deb1 deb2 php$YNH_DEFAULT_PHP_VERSION-deb1 php$YNH_DEFAULT_PHP_VERSION-deb2"
|
||||
lemmy_dependencies="postgresql postgresql-contrib"
|
||||
lemmyui_dependencies="espeak"
|
||||
imagemagick_build_dependencies="libltdl-dev libjpeg-dev libpng-dev libwebp-dev liblzma-dev libxml2-dev"
|
||||
imagemagick_dependencies=""
|
||||
pictrs_build_dependencies="pkg-config build-essential libgexiv2-dev libxml2 libltdl7 libavcodec-dev libavfilter-dev libavdevice-dev libavformat-dev libavresample-dev libavutil-dev libswscale-dev libswresample-dev llvm-dev libclang-dev clang"
|
||||
pictrs_dependencies="libgexiv2-2 libpng16-16 libjpeg62-turbo libwebp6 libwebpdemux2 libwebpmux3 libltdl7 libgomp1 libxml2 libavcodec58 libavfilter7 libavdevice58 libavformat58 libavresample4 libavutil56 libswscale5 libswresample3 tini"
|
||||
iframely_dependencies="musl-dev"
|
||||
|
||||
pkg_dependencies="$lemmy_dependencies $lemmyui_dependencies $imagemagick_dependencies $pictrs_dependencies $iframely_dependencies"
|
||||
pkg_build_dependencies="$imagemagick_build_dependencies $pictrs_build_dependencies"
|
||||
|
||||
NODEJS_VERSION=12
|
||||
|
||||
LEMMY_VERSION=0.11.3
|
||||
|
||||
LEMMYUI_VERSION=0.11.3
|
||||
|
||||
PICTRS_VERSION=v0.2.6-r2
|
||||
|
||||
IFRAMELY_VERSION=latest
|
||||
|
||||
#=================================================
|
||||
# PERSONAL HELPERS
|
||||
|
|
|
@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers
|
|||
#=================================================
|
||||
|
||||
ynh_clean_setup () {
|
||||
### Remove this function if there's nothing to clean before calling the remove script.
|
||||
true
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
|
@ -30,26 +29,55 @@ app=$YNH_APP_INSTANCE_NAME
|
|||
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||
|
||||
#=================================================
|
||||
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||
#=================================================
|
||||
ynh_print_info --message="Declaring files to be backed up..."
|
||||
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE APP MAIN DIR
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="$final_path"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE DATA DIR
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="$datadir" --is_big
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC BACKUP
|
||||
#=================================================
|
||||
# BACKUP LOGROTATE
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="/etc/logrotate.d/$app"
|
||||
|
||||
#=================================================
|
||||
# BACKUP SYSTEMD
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="/etc/systemd/system/$app.service"
|
||||
ynh_backup --src_path="/etc/systemd/system/$app-ui.service"
|
||||
ynh_backup --src_path="/etc/systemd/system/$app-iframely.service"
|
||||
ynh_backup --src_path="/etc/systemd/system/$app-pict-rs.service"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE POSTGRESQL DATABASE
|
||||
#=================================================
|
||||
ynh_print_info --message="Backing up the PostgreSQL database..."
|
||||
|
||||
ynh_psql_dump_db --database="$db_name" > db.sql
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
|
|
238
scripts/install
238
scripts/install
|
@ -14,8 +14,7 @@ source /usr/share/yunohost/helpers
|
|||
#=================================================
|
||||
|
||||
ynh_clean_setup () {
|
||||
### Remove this function if there's nothing to clean before calling the remove script.
|
||||
true
|
||||
ynh_clean_check_starting
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
@ -26,19 +25,18 @@ ynh_abort_if_errors
|
|||
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path_url="/"
|
||||
version=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep 'tag_name' | cut -d\" -f4)
|
||||
admin=$YNH_APP_ARG_ADMIN
|
||||
password=$(ynh_string_random --length=12)
|
||||
sitename=$YNH_APP_ARG_SITENAME
|
||||
random=$(ynh_string_random --length=10)
|
||||
admin_email=$(ynh_user_get_info --username=$admin --key="mail")
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Validating installation parameters..." --weight=1
|
||||
ynh_script_progression --message="Validating installation parameters..."
|
||||
|
||||
final_path=/var/www/$app
|
||||
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
||||
|
@ -49,7 +47,7 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
|||
#=================================================
|
||||
# STORE SETTINGS FROM MANIFEST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Storing installation settings..." --weight=1
|
||||
ynh_script_progression --message="Storing installation settings..."
|
||||
|
||||
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
||||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
||||
|
@ -63,97 +61,231 @@ ynh_app_setting_set --app=$app --key=random --value=$random
|
|||
#=================================================
|
||||
# FIND AND OPEN A PORT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Finding an available port..." --weight=1
|
||||
ynh_script_progression --message="Finding an available port..."
|
||||
|
||||
# Find an available port
|
||||
port_lemmy=$(ynh_find_port --port=8536)
|
||||
port_ui=$(ynh_find_port --port=1235)
|
||||
port_pictrs=$(ynh_find_port --port=8537)
|
||||
port_iframely=$(ynh_find_port --port=8061)
|
||||
ynh_app_setting_set --app=$app --key=port_lemmy --value=$port_lemmy
|
||||
port_ui=$(ynh_find_port --port=1235)
|
||||
ynh_app_setting_set --app=$app --key=port_ui --value=$port_ui
|
||||
port_pictrs=$(ynh_find_port --port=8537)
|
||||
ynh_app_setting_set --app=$app --key=port_pictrs --value=$port_pictrs
|
||||
port_iframely=$(ynh_find_port --port=8061)
|
||||
ynh_app_setting_set --app=$app --key=port_iframely --value=$port_iframely
|
||||
|
||||
#=================================================
|
||||
# INSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Installing dependencies..." --weight=1
|
||||
ynh_script_progression --message="Installing dependencies..."
|
||||
|
||||
#ynh_install_app_dependencies $pkg_dependencies
|
||||
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $pkg_build_dependencies
|
||||
ynh_install_nodejs --nodejs_version=$NODEJS_VERSION
|
||||
ynh_use_nodejs
|
||||
ln -fs /usr/lib/x86_64-linux-musl/libc.so /lib/libc.musl-x86_64.so.1
|
||||
|
||||
# Install Docker and compose
|
||||
curl -sSL https://get.docker.com | sh
|
||||
systemctl enable docker --quiet
|
||||
curl -L https://github.com/docker/compose/releases/download/${version}/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring system user..."
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||
|
||||
#=================================================
|
||||
# CREATE A POSTGRESQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Creating a PostgreSQL database..."
|
||||
|
||||
ynh_psql_test_if_first_run
|
||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
||||
db_user=$db_name
|
||||
db_pwd=$(ynh_string_random --length=30)
|
||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||
ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
|
||||
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Setting up source files..." --weight=1
|
||||
ynh_script_progression --message="Setting up source files..."
|
||||
|
||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path/build-lemmy/" --source_id="docker-image-extract"
|
||||
ynh_setup_source --dest_dir="$final_path/build-lemmy-ui/" --source_id="docker-image-extract"
|
||||
ynh_setup_source --dest_dir="$final_path/lemmy-ui/lemmy-translations/" --source_id="lemmy-translations"
|
||||
ynh_setup_source --dest_dir="$final_path/build-imagemagick/" --source_id="imagemagick"
|
||||
ynh_setup_source --dest_dir="$final_path/build-pict-rs/" --source_id="pict-rs"
|
||||
ynh_setup_source --dest_dir="$final_path/build-iframely/" --source_id="docker-image-extract"
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:$app "$final_path"
|
||||
|
||||
mkdir "$final_path"
|
||||
cp -f ../conf/docker-compose.yml "$final_path/docker-compose.yml"
|
||||
cp -f ../conf/lemmy.hjson "$final_path/lemmy.hjson"
|
||||
cp -f ../conf/iframely.config.local.js "$final_path/iframely.config.local.js"
|
||||
pushd "$final_path"
|
||||
mkdir -p volumes/pictrs
|
||||
chown -R 991:991 volumes/pictrs
|
||||
popd
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
|
||||
ynh_script_progression --message="Configuring NGINX web server..."
|
||||
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config 'port_lemmy port_ui port_pictrs port_iframely'
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# MODIFY A CONFIG FILE
|
||||
# SPECIFIC SETUP
|
||||
#=================================================
|
||||
# CREATE DATA DIRECTORY
|
||||
#=================================================
|
||||
ynh_script_progression --message="Creating a data directory..."
|
||||
|
||||
datadir=/home/yunohost.app/$app
|
||||
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
|
||||
|
||||
mkdir -p $datadir/pictrs-data
|
||||
|
||||
ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__ADMIN_PASS__" --replace_string="$password" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__NAME__" --replace_string="$sitename" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__RANDOM__" --replace_string="$random" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__PORT__LEMMY__" --replace_string="$port_lemmy" --target_file="$final_path/docker-compose.yml"
|
||||
ynh_replace_string --match_string="__PORT_UI__" --replace_string="$port_ui" --target_file="$final_path/docker-compose.yml"
|
||||
ynh_replace_string --match_string="__PORT_PICTRS__" --replace_string="$port_pictrs" --target_file="$final_path/docker-compose.yml"
|
||||
ynh_replace_string --match_string="__PORT_IFRAMELY__" --replace_string="$port_iframely" --target_file="$final_path/docker-compose.yml"
|
||||
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/iframely.config.local.js"
|
||||
chmod 750 "$datadir"
|
||||
chmod -R o-rwx "$datadir"
|
||||
chown -R $app:$app "$datadir"
|
||||
|
||||
#=================================================
|
||||
# MAKE INSTALL
|
||||
#=================================================
|
||||
ynh_script_progression --message="Making install..."
|
||||
|
||||
# Install lemmy
|
||||
pushd $final_path/build-lemmy
|
||||
./docker-image-extract dessalines/lemmy:$LEMMY_VERSION
|
||||
popd
|
||||
mkdir -p "$final_path/lemmy/"
|
||||
mv -f "$final_path/build-lemmy/output/app/lemmy" "$final_path/lemmy/lemmy"
|
||||
ynh_secure_remove --file="$final_path/build-lemmy"
|
||||
|
||||
# Install lemmy-ui
|
||||
pushd $final_path/build-lemmy-ui
|
||||
./docker-image-extract dessalines/lemmy-ui:$LEMMYUI_VERSION
|
||||
popd
|
||||
mkdir -p "$final_path/lemmy-ui/"
|
||||
rsync -a "$final_path/build-lemmy-ui/output/app/" "$final_path/lemmy-ui/"
|
||||
ynh_secure_remove --file="$final_path/build-lemmy-ui"
|
||||
|
||||
# Install ImageMagick
|
||||
pushd "$final_path/build-imagemagick/"
|
||||
ynh_exec_warn_less ./configure --with-modules
|
||||
ynh_exec_warn_less make
|
||||
ynh_exec_warn_less make install
|
||||
ynh_exec_warn_less ldconfig /usr/local/lib
|
||||
popd
|
||||
ynh_secure_remove --file="$final_path/build-imagemagick"
|
||||
|
||||
# Install rustup with the toolchain needed by pict-rs
|
||||
pushd "$final_path"
|
||||
sudo -u "$app" RUSTUP_HOME="$final_path/.rustup" CARGO_HOME="$final_path/.cargo" bash -c 'curl -sSf -L https://static.rust-lang.org/rustup.sh | sh -s -- -y --default-toolchain nightly'
|
||||
popd
|
||||
|
||||
export PATH="$PATH:$final_path/.cargo/bin:$final_path/.local/bin:/usr/local/sbin"
|
||||
|
||||
# Install pict-rs
|
||||
pushd $final_path/build-pict-rs
|
||||
ynh_exec_warn_less sudo -u "$app" env PATH="$PATH" cargo build --release
|
||||
popd
|
||||
mkdir -p "$final_path/pict-rs/"
|
||||
mv -f "$final_path/build-pict-rs/target/release/pict-rs" "$final_path/pict-rs/pict-rs"
|
||||
ynh_secure_remove --file="$final_path/build-pict-rs"
|
||||
|
||||
# Remove rustup
|
||||
ynh_secure_remove --file="$final_path/.cargo"
|
||||
ynh_secure_remove --file="$final_path/.rustup"
|
||||
|
||||
# Install iframely
|
||||
pushd $final_path/build-iframely
|
||||
./docker-image-extract dogbin/iframely:$IFRAMELY_VERSION
|
||||
popd
|
||||
mkdir -p "$final_path/iframely/"
|
||||
rsync -a "$final_path/build-iframely/output/iframely/" "$final_path/iframely/"
|
||||
ynh_secure_remove --file="$final_path/build-iframely"
|
||||
|
||||
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:$app "$final_path"
|
||||
|
||||
#=================================================
|
||||
# ADD A CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Adding a configuration file..."
|
||||
|
||||
mkdir -p "$final_path/config/"
|
||||
ynh_add_config --template="../conf/lemmy.hjson" --destination="$final_path/config/config.hjson"
|
||||
|
||||
chmod 400 "$final_path/config/config.hjson"
|
||||
chown $app:$app "$final_path/config/config.hjson"
|
||||
|
||||
ynh_add_config --template="../conf/iframely.config.local.js" --destination="$final_path/iframely/iframely.config.local.js"
|
||||
|
||||
chmod 400 "$final_path/iframely/iframely.config.local.js"
|
||||
chown $app:$app "$final_path/iframely/iframely.config.local.js"
|
||||
|
||||
#=================================================
|
||||
# SETUP SYSTEMD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring a systemd service..."
|
||||
|
||||
# Create a dedicated systemd config
|
||||
ynh_add_systemd_config --service="$app" --template="lemmy.service"
|
||||
ynh_add_systemd_config --service="$app-ui" --template="lemmy-ui.service"
|
||||
ynh_add_systemd_config --service="$app-iframely" --template="iframely.service"
|
||||
ynh_add_systemd_config --service="$app-pict-rs" --template="pict-rs.service"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SETUP LOGROTATE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring log rotation..."
|
||||
|
||||
mkdir -p "/var/log/$app"
|
||||
chmod 750 "/var/log/$app"
|
||||
chmod -R o-rwx "/var/log/$app"
|
||||
chown -R $app:$app "/var/log/$app"
|
||||
|
||||
# Use logrotate to manage application logfile(s)
|
||||
ynh_use_logrotate
|
||||
|
||||
#=================================================
|
||||
# INTEGRATE SERVICE IN YUNOHOST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Integrating service in YunoHost..."
|
||||
|
||||
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
|
||||
yunohost service add $app-ui --description="A short description of the app" --log="/var/log/$app/$app-ui.log"
|
||||
yunohost service add $app-pict-rs --description="A short description of the app" --log="/var/log/$app/$app-pict-rs.log"
|
||||
yunohost service add $app-iframely --description="A short description of the app" --log="/var/log/$app/$app-iframely.log"
|
||||
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting a systemd service..."
|
||||
|
||||
# Start a systemd service
|
||||
ynh_systemd_action --service_name=$app --action="start" --line_match="Started" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-ui --action="start" --line_match="Started" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-pict-rs --action="start" --line_match="Started" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-iframely --action="start" --line_match="Started" --log_path=systemd
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring permissions..." --weight=1
|
||||
|
||||
ynh_script_progression --message="Configuring permissions..."
|
||||
|
||||
# Make app public
|
||||
ynh_permission_update --permission="main" --add="visitors"
|
||||
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||
ynh_script_progression --message="Reloading NGINX web server..."
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
|
||||
#=================================================
|
||||
# Run Lemmy through Docker
|
||||
#=================================================
|
||||
# chown -R $(whoami) /usr/local/bin
|
||||
|
||||
chmod +x /usr/local/bin/docker-compose
|
||||
cd "$final_path" && docker-compose up -d
|
||||
|
||||
|
||||
#=================================================
|
||||
# SEND A README FOR THE ADMIN
|
||||
#=================================================
|
||||
|
@ -175,4 +307,4 @@ ynh_send_readme_to_admin "$message"
|
|||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Installation of $app completed" --last
|
||||
ynh_script_progression --message="Installation of $app completed"
|
||||
|
|
101
scripts/remove
101
scripts/remove
|
@ -12,30 +12,99 @@ source /usr/share/yunohost/helpers
|
|||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
|
||||
#=================================================
|
||||
# STANDARD REMOVE
|
||||
#=================================================
|
||||
cd "$final_path" && docker-compose down --rmi all
|
||||
# REMOVE SERVICE INTEGRATION IN YUNOHOST
|
||||
#=================================================
|
||||
|
||||
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
|
||||
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
||||
then
|
||||
ynh_script_progression --message="Removing $app service integration..."
|
||||
yunohost service remove $app
|
||||
fi
|
||||
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
||||
then
|
||||
ynh_script_progression --message="Removing $app-ui service integration..."
|
||||
yunohost service remove $app-ui
|
||||
fi
|
||||
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
||||
then
|
||||
ynh_script_progression --message="Removing $app-iframely service integration..."
|
||||
yunohost service remove $app-iframely
|
||||
fi
|
||||
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
||||
then
|
||||
ynh_script_progression --message="Removing $app-pict-rs service integration..."
|
||||
yunohost service remove $app-pict-rs
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# STOP AND REMOVE SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Stopping and removing the systemd service..."
|
||||
|
||||
# Remove the dedicated systemd config
|
||||
ynh_remove_systemd_config
|
||||
ynh_remove_systemd_config --service=$app-ui
|
||||
ynh_remove_systemd_config --service=$app-iframely
|
||||
ynh_remove_systemd_config --service=$app-pict-rs
|
||||
|
||||
#=================================================
|
||||
# REMOVE LOGROTATE CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing logrotate configuration..."
|
||||
|
||||
# Remove the app-specific logrotate config
|
||||
ynh_remove_logrotate
|
||||
|
||||
#=================================================
|
||||
# REMOVE THE POSTGRESQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing the PostgreSQL database..."
|
||||
|
||||
# Remove a database if it exists, along with the associated user
|
||||
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
|
||||
|
||||
#=================================================
|
||||
# REMOVE IMAGEMAGICK
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing ImageMagick..."
|
||||
|
||||
ynh_setup_source --dest_dir="$final_path/build-imagemagick/" --source_id="imagemagick"
|
||||
|
||||
# Install ImageMagick
|
||||
pushd "$final_path/build-imagemagick/"
|
||||
ynh_exec_warn_less ./configure
|
||||
ynh_exec_warn_less make uninstall
|
||||
popd
|
||||
|
||||
ynh_secure_remove --file="$final_path/build-imagemagick"
|
||||
|
||||
#=================================================
|
||||
# REMOVE DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing dependencies..." --weight=1
|
||||
ynh_script_progression --message="Removing dependencies..."
|
||||
|
||||
# Remove metapackage and its dependencies
|
||||
ynh_remove_nodejs
|
||||
ynh_remove_app_dependencies
|
||||
ynh_secure_remove --file="/lib/libc.musl-x86_64.so.1"
|
||||
|
||||
#=================================================
|
||||
# REMOVE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing app main directory..." --weight=1
|
||||
ynh_script_progression --message="Removing app main directory..."
|
||||
|
||||
# Remove the app directory securely
|
||||
ynh_secure_remove --file="$final_path"
|
||||
|
@ -43,13 +112,33 @@ ynh_secure_remove --file="$final_path"
|
|||
#=================================================
|
||||
# REMOVE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
|
||||
ynh_script_progression --message="Removing NGINX web server configuration..."
|
||||
|
||||
# Remove the dedicated NGINX config
|
||||
ynh_remove_nginx_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC REMOVE
|
||||
#=================================================
|
||||
# REMOVE VARIOUS FILES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing various files..."
|
||||
|
||||
# Remove the log files
|
||||
ynh_secure_remove --file="/var/log/$app"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# REMOVE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing the dedicated system user..."
|
||||
|
||||
# Delete a system user
|
||||
ynh_system_user_delete --username=$app
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Removal of $app completed" --last
|
||||
ynh_script_progression --message="Removal of $app completed"
|
||||
|
|
133
scripts/restore
133
scripts/restore
|
@ -15,8 +15,7 @@ source /usr/share/yunohost/helpers
|
|||
#=================================================
|
||||
|
||||
ynh_clean_setup () {
|
||||
#### Remove this function if there's nothing to clean before calling the remove script.
|
||||
true
|
||||
ynh_clean_check_starting
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
@ -24,19 +23,22 @@ ynh_abort_if_errors
|
|||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
version=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep 'tag_name' | cut -d\" -f4)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
|
||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE RESTORED
|
||||
#=================================================
|
||||
ynh_script_progression --message="Validating restoration parameters..." --weight=1
|
||||
ynh_script_progression --message="Validating restoration parameters..."
|
||||
|
||||
ynh_webpath_available --domain=$domain --path_url=$path_url \
|
||||
|| ynh_die --message="Path not available: ${domain}${path_url}"
|
||||
|
@ -48,45 +50,136 @@ test ! -d $final_path \
|
|||
#=================================================
|
||||
# RESTORE THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the NGINX web server configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Recreating the dedicated system user..."
|
||||
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the app main directory..." --weight=1
|
||||
ynh_script_progression --message="Restoring the app main directory..."
|
||||
|
||||
ynh_restore_file --origin_path="$final_path"
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:$app "$final_path"
|
||||
|
||||
#=================================================
|
||||
# INSTALL DEPENDENCIES
|
||||
# RESTORE THE DATA DIRECTORY
|
||||
#=================================================
|
||||
ynh_script_progression --message="Installing dependencies..." --weight=1
|
||||
ynh_script_progression --message="Restoring the data directory..."
|
||||
|
||||
#ynh_install_app_dependencies $pkg_dependencies
|
||||
ynh_restore_file --origin_path="$datadir" --not_mandatory
|
||||
|
||||
# Install Docker and compose
|
||||
curl -sSL https://get.docker.com | sh
|
||||
systemctl enable docker --quiet
|
||||
curl -L https://github.com/docker/compose/releases/download/${version}/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
|
||||
mkdir -p $datadir
|
||||
|
||||
chmod 750 "$datadir"
|
||||
chmod -R o-rwx "$datadir"
|
||||
chown -R $app:$app "$datadir"
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC RESTORATION
|
||||
#=================================================
|
||||
# Run Lemmy through Docker
|
||||
# REINSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
# chown -R $(whoami) /usr/local/bin
|
||||
ynh_script_progression --message="Reinstalling dependencies..."
|
||||
|
||||
chmod +x /usr/local/bin/docker-compose
|
||||
cd "$final_path" && docker-compose up -d
|
||||
# Define and install dependencies
|
||||
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
|
||||
ynh_install_nodejs --nodejs_version=$NODEJS_VERSION
|
||||
ynh_use_nodejs
|
||||
ln -fs /usr/lib/x86_64-linux-musl/libc.so /lib/libc.musl-x86_64.so.1
|
||||
|
||||
#=================================================
|
||||
# BUILDING IMAGEMAGICK
|
||||
#=================================================
|
||||
ynh_script_progression --message="Building ImageMagick..."
|
||||
|
||||
ynh_setup_source --dest_dir="$final_path/build-imagemagick/" --source_id="imagemagick"
|
||||
|
||||
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $imagemagick_build_dependencies
|
||||
|
||||
# Install ImageMagick
|
||||
pushd "$final_path/build-imagemagick/"
|
||||
ynh_exec_warn_less ./configure --with-modules
|
||||
ynh_exec_warn_less make
|
||||
ynh_exec_warn_less make install
|
||||
ynh_exec_warn_less ldconfig /usr/local/lib
|
||||
popd
|
||||
ynh_secure_remove --file="$final_path/build-imagemagick"
|
||||
|
||||
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE POSTGRESQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the PostgreSQL database..."
|
||||
|
||||
ynh_psql_test_if_first_run
|
||||
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
|
||||
ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name"
|
||||
|
||||
#=================================================
|
||||
# RESTORE SYSTEMD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the systemd configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
|
||||
systemctl enable $app.service --quiet
|
||||
ynh_restore_file --origin_path="/etc/systemd/system/$app-ui.service"
|
||||
systemctl enable $app-ui.service --quiet
|
||||
ynh_restore_file --origin_path="/etc/systemd/system/$app-iframely.service"
|
||||
systemctl enable $app-iframely.service --quiet
|
||||
ynh_restore_file --origin_path="/etc/systemd/system/$app-pict-rs.service"
|
||||
systemctl enable $app-pict-rs.service --quiet
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE LOGROTATE CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the logrotate configuration..."
|
||||
|
||||
mkdir -p "/var/log/$app"
|
||||
chmod 750 "/var/log/$app"
|
||||
chmod -R o-rwx "/var/log/$app"
|
||||
chown -R $app:$app "/var/log/$app"
|
||||
|
||||
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
|
||||
|
||||
#=================================================
|
||||
# INTEGRATE SERVICE IN YUNOHOST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Integrating service in YunoHost..."
|
||||
|
||||
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
|
||||
yunohost service add $app-ui --description="A short description of the app" --log="/var/log/$app/$app-ui.log"
|
||||
yunohost service add $app-iframely --description="A short description of the app" --log="/var/log/$app/$app-iframely.log"
|
||||
yunohost service add $app-pict-rs --description="A short description of the app" --log="/var/log/$app/$app-pict-rs.log"
|
||||
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting a systemd service..."
|
||||
|
||||
ynh_systemd_action --service_name=$app --action="start" --line_match="Started" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-ui --action="start" --line_match="Started" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-iframely --action="start" --line_match="Started" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-pict-rs --action="start" --line_match="Started" --log_path=systemd
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# RELOAD NGINX AND PHP-FPM
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||
ynh_script_progression --message="Reloading NGINX web server..."
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
|
@ -94,4 +187,4 @@ ynh_systemd_action --service_name=nginx --action=reload
|
|||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Restoration completed for $app" --last
|
||||
ynh_script_progression --message="Restoration completed for $app"
|
||||
|
|
224
scripts/upgrade
224
scripts/upgrade
|
@ -12,7 +12,7 @@ source /usr/share/yunohost/helpers
|
|||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
|
@ -20,6 +20,10 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
|
||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||
password=$(ynh_app_setting_get --app=$app --key=password)
|
||||
sitename=$(ynh_app_setting_get --app=$app --key=sitename)
|
||||
random=$(ynh_app_setting_get --app=$app --key=random)
|
||||
|
@ -27,17 +31,24 @@ port_lemmy=$(ynh_app_setting_get --app=$app --key=port_lemmy)
|
|||
port_ui=$(ynh_app_setting_get --app=$app --key=port_ui)
|
||||
port_pictrs=$(ynh_app_setting_get --app=$app --key=port_pictrs)
|
||||
port_iframely=$(ynh_app_setting_get --app=$app --key=port_iframely)
|
||||
version=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep 'tag_name' | cut -d\" -f4)
|
||||
admin_email=$(ynh_user_get_info --username=$admin --key="mail")
|
||||
|
||||
#=================================================
|
||||
# CHECK VERSION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Checking version..."
|
||||
|
||||
upgrade_type=$(ynh_check_app_version_changed)
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
|
||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
ynh_clean_setup () {
|
||||
ynh_clean_check_starting
|
||||
# Restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
|
@ -47,7 +58,34 @@ ynh_abort_if_errors
|
|||
#=================================================
|
||||
# STANDARD UPGRADE STEPS
|
||||
#=================================================
|
||||
# STOP SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Stopping a systemd service..."
|
||||
|
||||
ynh_systemd_action --service_name=$app --action="stop" --line_match="Stopped" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-ui --action="stop" --line_match="Stopped" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-pict-rs --action="stop" --line_match="Stopped" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-iframely --action="stop" --line_match="Stopped" --log_path=systemd
|
||||
|
||||
#=================================================
|
||||
# ENSURE DOWNWARD COMPATIBILITY
|
||||
#=================================================
|
||||
ynh_script_progression --message="Ensuring downward compatibility..."
|
||||
|
||||
# Cleaning legacy permissions
|
||||
if ynh_legacy_permissions_exists; then
|
||||
ynh_legacy_permissions_delete_all
|
||||
|
||||
ynh_app_setting_delete --app=$app --key=is_public
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Making sure dedicated system user exists..."
|
||||
|
||||
# Create a dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
|
@ -55,78 +93,180 @@ ynh_abort_if_errors
|
|||
|
||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||
then
|
||||
ynh_script_progression --message="Upgrading source files..." --weight=1
|
||||
ynh_script_progression --message="Upgrading source files..."
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
cp -f ../conf/docker-compose.yml "$final_path/docker-compose.yml"
|
||||
cp -f ../conf/lemmy.hjson "$final_path/lemmy.hjson"
|
||||
cp -f ../conf/iframely.config.local.js "$final_path/iframely.config.local.js"
|
||||
pushd "$final_path"
|
||||
chown -R 991:991 volumes/pictrs
|
||||
popd
|
||||
# Download, check integrity, uncompress the source of lemmy from app.src to his build directory
|
||||
ynh_setup_source --dest_dir="$final_path/build-lemmy/" --source_id="docker-image-extract"
|
||||
ynh_setup_source --dest_dir="$final_path/build-lemmy-ui/" --source_id="docker-image-extract"
|
||||
ynh_setup_source --dest_dir="$final_path/lemmy-ui/lemmy-translations/" --source_id="lemmy-translations"
|
||||
ynh_setup_source --dest_dir="$final_path/build-imagemagick/" --source_id="imagemagick"
|
||||
ynh_setup_source --dest_dir="$final_path/build-pict-rs/" --source_id="pict-rs"
|
||||
ynh_setup_source --dest_dir="$final_path/build-iframely/" --source_id="docker-image-extract"
|
||||
fi
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:$app "$final_path"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
|
||||
ynh_script_progression --message="Upgrading NGINX web server configuration..."
|
||||
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config 'port_lemmy port_ui port_pictrs port_iframely'
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# UPGRADE DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading dependencies..." --weight=1
|
||||
|
||||
#ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
# Install Docker and compose
|
||||
curl -sSL https://get.docker.com | sh
|
||||
systemctl enable docker --quiet
|
||||
curl -L https://github.com/docker/compose/releases/download/${version}/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
|
||||
ynh_script_progression --message="Upgrading dependencies..."
|
||||
|
||||
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
|
||||
ynh_install_nodejs --nodejs_version=$NODEJS_VERSION
|
||||
ynh_use_nodejs
|
||||
ln -fs /usr/lib/x86_64-linux-musl/libc.so /lib/libc.musl-x86_64.so.1
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC UPGRADE
|
||||
#=================================================
|
||||
# MAKE UPGRADE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Making upgrade..."
|
||||
|
||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||
then
|
||||
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $pkg_build_dependencies
|
||||
|
||||
# Install lemmy
|
||||
pushd $final_path/build-lemmy
|
||||
./docker-image-extract dessalines/lemmy:$LEMMY_VERSION
|
||||
popd
|
||||
mkdir -p "$final_path/lemmy/"
|
||||
mv -f "$final_path/build-lemmy/output/app/lemmy" "$final_path/lemmy/lemmy"
|
||||
ynh_secure_remove --file="$final_path/build-lemmy"
|
||||
|
||||
# Install lemmy-ui
|
||||
pushd $final_path/build-lemmy-ui
|
||||
./docker-image-extract dessalines/lemmy-ui:$LEMMYUI_VERSION
|
||||
popd
|
||||
mkdir -p "$final_path/lemmy-ui/"
|
||||
rsync -a "$final_path/build-lemmy-ui/output/app/" "$final_path/lemmy-ui/"
|
||||
ynh_secure_remove --file="$final_path/build-lemmy-ui"
|
||||
|
||||
# Install ImageMagick
|
||||
pushd "$final_path/build-imagemagick/"
|
||||
ynh_exec_warn_less ./configure --with-modules
|
||||
ynh_exec_warn_less make
|
||||
ynh_exec_warn_less make install
|
||||
ynh_exec_warn_less ldconfig /usr/local/lib
|
||||
popd
|
||||
ynh_secure_remove --file="$final_path/build-imagemagick"
|
||||
|
||||
# Install rustup with the toolchain needed by pict-rs
|
||||
pushd "$final_path"
|
||||
sudo -u "$app" RUSTUP_HOME="$final_path/.rustup" CARGO_HOME="$final_path/.cargo" bash -c 'curl -sSf -L https://static.rust-lang.org/rustup.sh | sh -s -- -y --default-toolchain nightly'
|
||||
popd
|
||||
|
||||
export PATH="$PATH:$final_path/.cargo/bin:$final_path/.local/bin:/usr/local/sbin"
|
||||
|
||||
# Install pict-rs
|
||||
pushd $final_path/build-pict-rs
|
||||
ynh_exec_warn_less sudo -u "$app" env PATH="$PATH" cargo build --release
|
||||
popd
|
||||
mkdir -p "$final_path/pict-rs/"
|
||||
mv -f "$final_path/build-pict-rs/target/release/pict-rs" "$final_path/pict-rs/pict-rs"
|
||||
ynh_secure_remove --file="$final_path/build-pict-rs"
|
||||
|
||||
# Remove rustup
|
||||
ynh_secure_remove --file="$final_path/.cargo"
|
||||
ynh_secure_remove --file="$final_path/.rustup"
|
||||
|
||||
# Install iframely
|
||||
pushd $final_path/build-iframely
|
||||
./docker-image-extract dogbin/iframely:latest
|
||||
popd
|
||||
mkdir -p "$final_path/iframely/"
|
||||
rsync -a "$final_path/build-iframely/output/iframely/" "$final_path/iframely/"
|
||||
ynh_secure_remove --file="$final_path/build-iframely"
|
||||
|
||||
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
|
||||
fi
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:$app "$final_path"
|
||||
|
||||
#=================================================
|
||||
# MODIFY A CONFIG FILE
|
||||
# UPDATE A CONFIG FILE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Updating a configuration file..."
|
||||
|
||||
mkdir -p "$final_path/lemmy/"
|
||||
ynh_add_config --template="../conf/lemmy.hjson" --destination="$final_path/config/config.hjson"
|
||||
|
||||
ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE"
|
||||
chmod 400 "$final_path/config/config.hjson"
|
||||
chown $app:$app "$final_path/config/config.hjson"
|
||||
|
||||
ynh_add_config --template="../conf/iframely.config.local.js" --destination="$final_path/iframely/iframely.config.local.js"
|
||||
|
||||
ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__ADMIN_PASS__" --replace_string="$password" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__NAME__" --replace_string="$sitename" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__RANDOM__" --replace_string="$random" --target_file="$final_path/lemmy.hjson"
|
||||
ynh_replace_string --match_string="__PORT__LEMMY__" --replace_string="$port_lemmy" --target_file="$final_path/docker-compose.yml"
|
||||
ynh_replace_string --match_string="__PORT_UI__" --replace_string="$port_ui" --target_file="$final_path/docker-compose.yml"
|
||||
ynh_replace_string --match_string="__PORT_PICTRS__" --replace_string="$port_pictrs" --target_file="$final_path/docker-compose.yml"
|
||||
ynh_replace_string --match_string="__PORT_IFRAMELY__" --replace_string="$port_iframely" --target_file="$final_path/docker-compose.yml"
|
||||
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/iframely.config.local.js"
|
||||
chmod 400 "$final_path/iframely/iframely.config.local.js"
|
||||
chown $app:$app "$final_path/iframely/iframely.config.local.js"
|
||||
|
||||
#=================================================
|
||||
# SETUP SYSTEMD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading systemd configuration..."
|
||||
|
||||
# Create a dedicated systemd config
|
||||
ynh_add_systemd_config --service="$app" --template="lemmy.service"
|
||||
ynh_add_systemd_config --service="$app-ui" --template="lemmy-ui.service"
|
||||
ynh_add_systemd_config --service="$app-iframely" --template="iframely.service"
|
||||
ynh_add_systemd_config --service="$app-pict-rs" --template="pict-rs.service"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SETUP LOGROTATE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading logrotate configuration..."
|
||||
|
||||
mkdir -p "/var/log/$app"
|
||||
chmod 750 "/var/log/$app"
|
||||
chmod -R o-rwx "/var/log/$app"
|
||||
chown -R $app:$app "/var/log/$app"
|
||||
|
||||
# Use logrotate to manage app-specific logfile(s)
|
||||
ynh_use_logrotate --non-append
|
||||
|
||||
#=================================================
|
||||
# INTEGRATE SERVICE IN YUNOHOST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Integrating service in YunoHost..."
|
||||
|
||||
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
|
||||
yunohost service add $app-ui --description="A short description of the app" --log="/var/log/$app/$app-ui.log"
|
||||
yunohost service add $app-pict-rs --description="A short description of the app" --log="/var/log/$app/$app-pict-rs.log"
|
||||
yunohost service add $app-iframely --description="A short description of the app" --log="/var/log/$app/$app-iframely.log"
|
||||
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting a systemd service..."
|
||||
|
||||
ynh_systemd_action --service_name=$app --action="start" --line_match="Started" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-ui --action="start" --line_match="Started" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-pict-rs --action="start" --line_match="Started" --log_path=systemd
|
||||
ynh_systemd_action --service_name=$app-iframely --action="start" --line_match="Started" --log_path=systemd
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||
ynh_script_progression --message="Reloading NGINX web server..."
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
# Run Lemmy through Docker
|
||||
#=================================================
|
||||
#chown -R $(whoami) /usr/local/bin
|
||||
chmod +x /usr/local/bin/docker-compose
|
||||
cd "$final_path" && docker-compose up -d
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Upgrade of $app completed" --last
|
||||
ynh_script_progression --message="Upgrade of $app completed"
|
||||
|
|
Loading…
Reference in a new issue