diff --git a/README.md b/README.md index 042169b..6bcb16b 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ It shall NOT be edited by hand. # Lufi for YunoHost -[![Integration level](https://dash.yunohost.org/integration/lufi.svg)](https://dash.yunohost.org/appci/app/lufi) ![](https://ci-apps.yunohost.org/ci/badges/lufi.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/lufi.maintain.svg) +[![Integration level](https://dash.yunohost.org/integration/lufi.svg)](https://dash.yunohost.org/appci/app/lufi) ![Working status](https://ci-apps.yunohost.org/ci/badges/lufi.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/lufi.maintain.svg) [![Install Lufi with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lufi) *[Lire ce readme en français.](./README_fr.md)* @@ -23,13 +23,13 @@ The administrator of the Lufi instance you use will not be able to see what is i The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https://en.wikipedia.org/wiki/Fragment_identifier)), that means this part is only processed client-side and does not reach the server. :-) -**Shipped version:** 0.05.16~ynh2 +**Shipped version:** 0.05.18~ynh1 **Demo:** https://demo.lufi.io/ ## Screenshots -![](./doc/screenshots/screenshot_lufi_1.png) +![Screenshot of Lufi](./doc/screenshots/screenshot_lufi_1.png) ## Disclaimers / important information @@ -39,20 +39,21 @@ The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https: ## Documentation and resources -* Official admin documentation: https://framagit.org/luc/lufi/wikis/home -* Upstream app code repository: https://framagit.org/fiat-tux/hat-softwares/lufi -* YunoHost documentation for this app: https://yunohost.org/app_lufi -* Report a bug: https://github.com/YunoHost-Apps/lufi_ynh/issues +* Official admin documentation: +* Upstream app code repository: +* YunoHost documentation for this app: +* Report a bug: ## Developer info Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/lufi_ynh/tree/testing). To try the testing branch, please proceed like that. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/lufi_ynh/tree/testing --debug or sudo yunohost app upgrade lufi -u https://github.com/YunoHost-Apps/lufi_ynh/tree/testing --debug ``` -**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file +**More info regarding app packaging:** diff --git a/README_fr.md b/README_fr.md index 9f2d864..be1b35b 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,10 +1,14 @@ + + # Lufi pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/lufi.svg)](https://dash.yunohost.org/appci/app/lufi) ![](https://ci-apps.yunohost.org/ci/badges/lufi.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/lufi.maintain.svg) +[![Niveau d'intégration](https://dash.yunohost.org/integration/lufi.svg)](https://dash.yunohost.org/appci/app/lufi) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/lufi.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/lufi.maintain.svg) [![Installer Lufi avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lufi) *[Read this readme in english.](./README.md)* -*[Lire ce readme en français.](./README_fr.md)* > *Ce package vous permet d'installer Lufi rapidement et simplement sur un serveur YunoHost. Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* @@ -19,13 +23,13 @@ The administrator of the Lufi instance you use will not be able to see what is i The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https://en.wikipedia.org/wiki/Fragment_identifier)), that means this part is only processed client-side and does not reach the server. :-) -**Version incluse :** 0.05.16~ynh2 +**Version incluse :** 0.05.18~ynh1 **Démo :** https://demo.lufi.io/ ## Captures d'écran -![](./doc/screenshots/screenshot_lufi_1.png) +![Capture d'écran de Lufi](./doc/screenshots/screenshot_lufi_1.png) ## Avertissements / informations importantes @@ -35,20 +39,21 @@ The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https: ## Documentations et ressources -* Documentation officielle de l'admin : https://framagit.org/luc/lufi/wikis/home -* Dépôt de code officiel de l'app : https://framagit.org/fiat-tux/hat-softwares/lufi -* Documentation YunoHost pour cette app : https://yunohost.org/app_lufi -* Signaler un bug : https://github.com/YunoHost-Apps/lufi_ynh/issues +* Documentation officielle de l'admin : +* Dépôt de code officiel de l'app : +* Documentation YunoHost pour cette app : +* Signaler un bug : ## Informations pour les développeurs Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/lufi_ynh/tree/testing). Pour essayer la branche testing, procédez comme suit. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/lufi_ynh/tree/testing --debug ou sudo yunohost app upgrade lufi -u https://github.com/YunoHost-Apps/lufi_ynh/tree/testing --debug ``` -**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file +**Plus d'infos sur le packaging d'applications :** diff --git a/check_process b/check_process index 78fc26a..58a4206 100644 --- a/check_process +++ b/check_process @@ -1,5 +1,4 @@ -;; Nom du test - auto_remove=1 +;; Test complet ; Manifest domain="domain.tld" path="/path" @@ -14,11 +13,17 @@ setup_private=1 setup_public=1 upgrade=1 - # 0.03.5 + # 0.03.5~ynh2 upgrade=1 from_commit=23e84578464b1fa09f79c98b6a9b5f19bbcf83f3 + # 0.05.16~ynh2 + upgrade=1 from_commit=b208e35276b861a78a28bb7d468dad9d11943023 backup_restore=1 multi_instance=1 + port_already_use=0 change_url=1 +;;; Options +Email= +Notification=none ;;; Upgrade options ; commit=23e84578464b1fa09f79c98b6a9b5f19bbcf83f3 name=Merge pull request #35 from YunoHost-Apps/fix-buster diff --git a/conf/app.src b/conf/app.src index 795afb9..3b6734e 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,7 @@ -SOURCE_URL=https://framagit.org/fiat-tux/hat-softwares/lufi/-/archive/0.05.16/lufi-0.05.16.tar.gz -SOURCE_SUM=bd8146e6062fb180897544c27f862b5de56840e3fe7cde41824538f1de55a2b6 +SOURCE_URL=https://framagit.org/fiat-tux/hat-softwares/lufi/-/archive/0.05.18/lufi-0.05.18.tar.gz +SOURCE_SUM=da388595d8c39a82ae118c1c92bb7d8ad637f7351997392bbb645929852a3963 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/lufi.conf.template b/conf/lufi.conf.template index 20993f6..b83da8d 100644 --- a/conf/lufi.conf.template +++ b/conf/lufi.conf.template @@ -18,17 +18,17 @@ clients => 1, }, - # put a way to contact you here and uncomment it - # you can put some HTML in it + # Put a way to contact you here and uncomment it + # You can put some HTML in it # MANDATORY contact => 'Contact page', - # put an URL or an email address to receive file reports and uncomment it - # it's for make reporting illegal files easy for users + # Put an URL or an email address to receive file reports and uncomment it + # It's for make reporting illegal files easy for users # MANDATORY report => 'webmaster@__DOMAIN__', - # array of random strings used to encrypt cookies + # Array of random strings used to encrypt cookies # optional, default is ['fdjsofjoihrei'], PLEASE, CHANGE IT secrets => ['__SECRET__'], @@ -36,53 +36,53 @@ # optional, default is Lufi #instance_name => 'Lufi', - # choose a theme. See the available themes in `themes` directory - # optional, default is 'default' + # Choose a theme. See the available themes in `themes` directory + # Optional, default is 'default' #theme => 'default', - # length of the random URL + # Length of the random URL # optional, default is 8 #length => 8, - # how many URLs will be provisioned in a batch ? + # How many URLs will be provisioned in a batch ? # optional, default is 5 #provis_step => 5, - # max number of URLs to be provisioned + # Max number of URLs to be provisioned # optional, default is 100 #provisioning => 100, - # length of the modify/delete token + # Length of the modify/delete token # optional, default is 32 #token_length => 32, - # max file size, in octets - # you can write it 100*1024*1024 + # Max file size, in octets + # You can write it 100*1024*1024 # optional, no default __MAX_SIZE_SET__max_file_size => __MAX_FILE_SIZE__*1024*1024, - # if you want to have piwik statistics, provide a piwik image tracker - # only the image tracker is allowed, no javascript + # If you want to have piwik statistics, provide a piwik image tracker + # Only the image tracker is allowed, no javascript # optional, no default #piwik_img => 'https://piwik.example.org/piwik.php?idsite=1&rec=1', - # broadcast_message which will displayed on the index page + # Broadcast_message which will displayed on the index page # optional, no default #broadcast_message => 'Maintenance', - # default time limit for files - # valid values are 0, 1, 7, 30 and 365 + # Default time limit for files + # Valid values are 0, 1, 7, 30 and 365 # optional, default is 0 (no limit) default_delay => 365, # Number of days after which the files will be deleted, even if they were uploaded with "no delay" (or value superior to max_delay) - # a warning message will be displayed on homepage + # A warning message will be displayed on homepage # optional, default is 0 (no limit) #max_delay => 0, - # size thresholds: if you want to define max delays for different sizes of file - # the keys are size in Bytes, you can't have 10*1000*10000 as key - # if a file is smaller than the smallest configured size, it will have a expiration delay of max_delay (see above) + # Size thresholds: if you want to define max delays for different sizes of file + # The keys are size in Bytes, you can't have 10*1000*10000 as key + # If a file is smaller than the smallest configured size, it will have a expiration delay of max_delay (see above) # optional, default is using max_delay (see above) for all sizes #delay_for_size => { # 10000000 => 90, # between 10MB and 50MB => max is 90 days, less than 10MB => max is max_delay (see above) @@ -96,33 +96,54 @@ # optional, defaut is / prefix => '__PATH__', - # array of authorized domains for API calls. - # if you want to authorize everyone to use the API: ['*'] + # Array of authorized domains for API calls. + # If you want to authorize everyone to use the API: ['*'] # optional, no domains allowed by default - #allowed_domains => ['http://1.example.com', 'http://2.example.com'], + #allowed_domains => ['http://1.example.com', 'http://2.example.com'], + + # String of the URL to be redirected to when accessing /logout + # optional, default is no redirection after logging out + #logout_custom => 'https://sso.example.com/logout?redirect_uri=https%3A%2F%2Fexample.com', # Define a path to the upload directory, where the uploaded files will be stored # You can define it relative to lufi directory or set an absolute path # Remember that it has to be in a directory writable by Lufi user # DO NOT CHANGE THIS IF FILES HAVE BEEN ALREADY UPLOADED: THEY WILL NOT BE DOWNLOADABLE ANYMORE # optional, default is 'files' - #upload_dir => 'files', + #upload_dir => 'files', - # allow to add a password on files, asked before allowing to download files + #!!!!!!!!!!!!!!! + # EXPERIMENTAL ! + #!!!!!!!!!!!!!!! + # You can store files on Swift object storage (https://en.wikipedia.org/wiki/OpenStack#Swift) instead of filesystem + # Please read https://metacpan.org/pod/Net::OpenStack::Swift#SYNOPSIS to know how to configure this setting + # IMPORTANT: add a `container` key in it, to let Lufi know which container to use. This is not a regular Net::OpenStack::Swift setting, but Lufi need it. + # EXPERIMENTAL: if the upload or download of files are stucked, reload Lufi and create a cron task to reload Lufi once a day + # You can copy Lufi files to Swift object storage by launching the command `carton exec script/lufi copyFilesToSwift` (can take a long time) + # optional, no default + #swift => { + # auth_url => 'https://auth-endpoint-url/v2.0', + # user => 'userid', + # password => 'password', + # tenant_name => 'project_id', + # container => 'lufi' + #}, + + # Allow to add a password on files, asked before allowing to download files # optional, default is 0 allow_pwd_on_files => 1, - # force all files to be in "Burn after reading mode" + # Force all files to be in "Burn after reading mode" # optional, default is 0 #force_burn_after_reading => 0, - # if set, the files' URLs will always use this domain + # If set, the files' URLs will always use this domain # optional, no default #fixed_domain => 'example.org', - # abuse reasons - # set an integer in the abuse field of a file in the database and it will not be downloadable anymore - # the reason will be displayed to the downloader, according to the reasons you will configure here. + # Abuse reasons + # Set an integer in the abuse field of a file in the database and it will not be downloadable anymore + # The reason will be displayed to the downloader, according to the reasons you will configure here. # optional, no default #abuse => { # 0 => 'Copyright infringment', @@ -135,7 +156,7 @@ # Mail configuration # See https://metacpan.org/pod/Mojolicious::Plugin::Mail#EXAMPLES - # Optional, default to sendmail method with no arguments + # optional, default to sendmail method with no arguments #mail => { # # Valid values are 'sendmail' and 'smtp' # how => 'smtp', @@ -143,27 +164,31 @@ #}, # Email sender address - # Optional, default to no-reply@lufi.io + # optional, default to no-reply@lufi.io #mail_sender => 'no-reply@lufi.io', + # Disable sending mail through the server + # optional, default is false + #disable_mail_sending => 0, + ############# # DB settings ############# - # choose what database you want to use - # valid choices are sqlite, postgresql and mysql (all lowercase) + # Choose what database you want to use + # Valid choices are sqlite, postgresql and mysql (all lowercase) # optional, default is sqlite dbtype => 'postgresql', # SQLite ONLY - only used if dbtype is set to sqlite - # define a path to the SQLite database - # you can define it relative to lufi directory or set an absolute path - # remember that it has to be in a directory writable by Lufi user + # Define a path to the SQLite database + # You can define it relative to lufi directory or set an absolute path + # Remember that it has to be in a directory writable by Lufi user # optional, default is lufi.db #db_path => 'lufi.db', # PostgreSQL ONLY - only used if dbtype is set to postgresql - # these are the credentials to access the PostgreSQL database + # These are the credentials to access the PostgreSQL database # mandatory if you choosed postgresql as dbtype pgdb => { database => '__DB_NAME__', @@ -178,7 +203,7 @@ }, # MySQL ONLY - only used if dbtype is set to mysql - # these are the credentials to access the MySQL database + # These are the credentials to access the MySQL database # mandatory if you choosed mysql as dbtype #mysqldb => { # database => 'lufi', @@ -196,8 +221,8 @@ # LDAP settings (authentication and features) ############################################# - # set `ldap` if you want that only authenticated users can upload files - # please note that everybody can still download files + # Set `ldap` if you want that only authenticated users can upload files + # Please note that everybody can still download files # optional, no default __LDAP__ldap => { __LDAP__ uri => 'ldap://localhost:389', # server URI @@ -214,7 +239,7 @@ __LDAP__ #} __LDAP__}, - # if you've set ldap above, the session will last `session_duration` seconds before + # If you've set ldap above, the session will last `session_duration` seconds before # the user needs to reauthenticate # optional, default is 3600 #session_duration => 3600, @@ -271,10 +296,32 @@ # Htpasswd authentication ######################### - # set `htpasswd` if you want to use an htpasswd file instead of ldap - # see 'man htpasswd' to know how to create such file + # Set `htpasswd` if you want to use an htpasswd file instead of ldap + # See 'man htpasswd' to know how to create such file #htpasswd => 'lufi.passwd', + ############################ + # HTTP header authentication + ############################ + + # Set `auth_headers` if you want to use HTTP header auth. + # Typically, these headers are set by a reverse-proxy + # acting as an authentication server. Useful for SSO. + # `auth_headers` should contains the user's username. + # + # /!\ LUFI BLINDLY TRUSTS THESE HEADERS + # /!\ IT'S UP TO YOU TO SANITIZE INCOMING HEADERS TO SECURE YOUR INSTANCE + # + #auth_headers => 'X-AUTH-PREFERRED-USERNAME', + #auth_headers_map_value => { + # # Like ldap_map_attr but for headers + # displayname => 'X-AUTH-DISPLAYNAME', + # firstname => 'X-AUTH-GIVENNAME', + # lastname => 'X-AUTH-LASTNAME', + # mail => 'X-AUTH-EMAIL' + #}, + + ####################### # HTTP Headers settings ####################### @@ -311,24 +358,28 @@ # Lufi cron jobs settings ######################### - # number of days senders' IP addresses are kept in database - # after that delay, they will be deleted from database (used with script/lufi cron cleanbdd) + # Expired files will be kept for 2 additional days after the expiration time has passed! + # The reasoning behind this is to allow downloads to complete and avoid deleting them while + # they are still being tranfered. + + # Number of days senders' IP addresses are kept in database + # After that delay, they will be deleted from database (used with script/lufi cron cleanbdd) # optional, default is 365 #keep_ip_during => 365, - # max size of the files directory, in octets - # used by script/lufi cron watch to trigger an action + # Max size of the files directory, in octets + # Used by script/lufi cron watch to trigger an action # optional, no default #max_total_size => 10*1024*1024*1024, - # default action when files directory is over max_total_size (used with script/lufi cron watch) - # valid values are 'warn', 'stop-upload' and 'delete' + # Default action when files directory is over max_total_size (used with script/lufi cron watch) + # Valid values are 'warn', 'stop-upload' and 'delete' # Please, see README.md # optional, default is 'warn' #policy_when_full => 'warn', # Files which are not viewed since delete_no_longer_viewed_files days will be deleted by the cron cleanfiles task - # if delete_no_longer_viewed_files is not set, the no longer viewed files will NOT be deleted + # If delete_no_longer_viewed_files is not set, the no longer viewed files will NOT be deleted # optional, no default #delete_no_longer_viewed_files => 90, }; diff --git a/conf/systemd.service b/conf/systemd.service index 560d102..259d082 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -8,7 +8,7 @@ After=network.target Type=forking User=__APP__ Group=__APP__ -WorkingDirectory=__FINALPATH__ +WorkingDirectory=__FINALPATH__/ PIDFile=__FINALPATH__/script/hypnotoad.pid ExecStart=/usr/bin/carton exec hypnotoad script/lufi ExecStop=/usr/bin/carton exec hypnotoad -s script/lufi diff --git a/manifest.json b/manifest.json index a749850..2b8bbf7 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Self hosting files and sharing anonymous application", "fr": "Application d'hébergement et de partage de fichiers anonyme" }, - "version": "0.05.16~ynh2", + "version": "0.05.18~ynh1", "url": "https://git.framasoft.org/luc/lufi", "upstream": { "license": "AGPL-3.0-or-later", diff --git a/scripts/backup b/scripts/backup index dbd2762..f50339b 100644 --- a/scripts/backup +++ b/scripts/backup @@ -15,7 +15,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ynh_clean_check_starting + true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors diff --git a/scripts/change_url b/scripts/change_url index cb2f20c..7f21894 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -46,6 +46,7 @@ ynh_script_progression --message="Backing up the app before changing its URL (ma # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_clean_check_starting # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" @@ -142,6 +143,7 @@ chown $app:$app $final_path/lufi.conf #================================================= ynh_script_progression --message="Starting a systemd service..." +# Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="$final_path/log/production.log" --line_match="Creating process id file" #================================================= diff --git a/scripts/install b/scripts/install index 6f2d44e..85e4c9e 100644 --- a/scripts/install +++ b/scripts/install @@ -195,8 +195,11 @@ ynh_systemd_action --service_name=$app --action="start" --line_match="Creating p #================================================= ynh_script_progression --message="Configuring permissions..." +# Make app public if necessary if [ $is_public -eq 1 ] then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi diff --git a/scripts/remove b/scripts/remove index 61cf84f..f7d2e34 100644 --- a/scripts/remove +++ b/scripts/remove @@ -57,7 +57,7 @@ ynh_remove_logrotate ynh_script_progression --message="Removing the PostgreSQL database..." # Remove a database if it exists, along with the associated user -ynh_psql_remove_db --db_user="$db_user" --db_name="$db_name" +ynh_psql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE APP MAIN DIR diff --git a/scripts/restore b/scripts/restore index 17d0466..7fc5f5f 100644 --- a/scripts/restore +++ b/scripts/restore @@ -23,7 +23,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -44,13 +44,6 @@ test ! -d $final_path \ #================================================= # STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring NGINX configuration..." - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # RECREATE THE DEDICATED USER #================================================= @@ -80,6 +73,13 @@ ynh_script_progression --message="Reinstalling dependencies..." # Define and install dependencies ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + #================================================= # RESTORE THE POSTGRESQL DATABASE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 006df5d..f347ec9 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -56,7 +56,7 @@ ynh_abort_if_errors #================================================= ynh_script_progression --message="Stopping a systemd service..." -ynh_systemd_action --service_name=$app --action=stop --log_path="$final_path/log/production.log" +ynh_systemd_action --service_name=$app --action="stop" --log_path="$final_path/log/production.log" #================================================= # ENSURE DOWNWARD COMPATIBILITY @@ -137,6 +137,13 @@ chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." + +ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies + #================================================= # NGINX CONFIGURATION #================================================= @@ -145,13 +152,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." - -ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies - #================================================= # SPECIFIC UPGRADE #=================================================