1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/lufi_ynh.git synced 2024-09-03 19:36:28 +02:00
* Small fixs

* Auto-update README

* Version 2 (#79)

* v2

* Auto-update README

* v2

* Auto-update README

* fix

* Update install

* Update systemd.service

* fix

* fix

* fix

* fix

* Update manifest.toml

* cleaning

* Update config_panel.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>

* Delete check_process

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
This commit is contained in:
Éric Gaspar 2023-04-21 19:11:39 +02:00 committed by GitHub
parent 87d6e99887
commit 4311a7ac2d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
25 changed files with 217 additions and 795 deletions

View file

@ -6,6 +6,7 @@ It shall NOT be edited by hand.
# Lufi for YunoHost
[![Integration level](https://dash.yunohost.org/integration/lufi.svg)](https://dash.yunohost.org/appci/app/lufi) ![Working status](https://ci-apps.yunohost.org/ci/badges/lufi.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/lufi.maintain.svg)
[![Install Lufi with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lufi)
*[Lire ce readme en français.](./README_fr.md)*
@ -15,15 +16,12 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
## Overview
It stores files and allows you to download them.
Is that all? No. All the files are encrypted **by the browser**! It means that your files **never** leave your computer unencrypted.
Lufi stores files and allows you to download them. Is that all? No. All the files are encrypted **by the browser**! It means that your files **never** leave your computer unencrypted.
The administrator of the Lufi instance you use will not be able to see what is in your file, neither will your network administrator, or your ISP.
The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https://en.wikipedia.org/wiki/Fragment_identifier)), that means this part is only processed client-side and does not reach the server. :-)
**Shipped version:** 0.05.18~ynh2
**Shipped version:** 0.05.21~ynh1
**Demo:** https://demo.lufi.io/
@ -31,14 +29,9 @@ The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https:
![Screenshot of Lufi](./doc/screenshots/screenshot_lufi_1.png)
## Disclaimers / important information
## Configuration
* How to configure this app: a plain file at `/var/www/lufi/lufi.conf` with SSH.
## Documentation and resources
* Official app website: <https://git.framasoft.org/luc/lufi>
* Official admin documentation: <https://framagit.org/luc/lufi/wikis/home>
* Upstream app code repository: <https://framagit.org/fiat-tux/hat-softwares/lufi>
* YunoHost documentation for this app: <https://yunohost.org/app_lufi>

View file

@ -5,42 +5,35 @@ It shall NOT be edited by hand.
# Lufi pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/lufi.svg)](https://dash.yunohost.org/appci/app/lufi) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/lufi.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/lufi.maintain.svg)
[![Niveau dintégration](https://dash.yunohost.org/integration/lufi.svg)](https://dash.yunohost.org/appci/app/lufi) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/lufi.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/lufi.maintain.svg)
[![Installer Lufi avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lufi)
*[Read this readme in english.](./README.md)*
> *Ce package vous permet d'installer Lufi rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
> *Ce package vous permet dinstaller Lufi rapidement et simplement sur un serveur YunoHost.
Si vous navez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment linstaller et en profiter.*
## Vue d'ensemble
## Vue densemble
It stores files and allows you to download them.
Is that all? No. All the files are encrypted **by the browser**! It means that your files **never** leave your computer unencrypted.
Lufi stores files and allows you to download them. Is that all? No. All the files are encrypted **by the browser**! It means that your files **never** leave your computer unencrypted.
The administrator of the Lufi instance you use will not be able to see what is in your file, neither will your network administrator, or your ISP.
The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https://en.wikipedia.org/wiki/Fragment_identifier)), that means this part is only processed client-side and does not reach the server. :-)
**Version incluse :** 0.05.18~ynh2
**Version incluse :** 0.05.21~ynh1
**Démo :** https://demo.lufi.io/
## Captures d'écran
## Captures décran
![Capture d'écran de Lufi](./doc/screenshots/screenshot_lufi_1.png)
## Avertissements / informations importantes
## Configuration
* Comment configurer cette application: un fichier brut `/var/www/lufi/lufi.conf` en SSH.
![Capture décran de Lufi](./doc/screenshots/screenshot_lufi_1.png)
## Documentations et ressources
* Documentation officielle de l'admin : <https://framagit.org/luc/lufi/wikis/home>
* Dépôt de code officiel de l'app : <https://framagit.org/fiat-tux/hat-softwares/lufi>
* Site officiel de lapp : <https://git.framasoft.org/luc/lufi>
* Documentation officielle de ladmin : <https://framagit.org/luc/lufi/wikis/home>
* Dépôt de code officiel de lapp : <https://framagit.org/fiat-tux/hat-softwares/lufi>
* Documentation YunoHost pour cette app : <https://yunohost.org/app_lufi>
* Signaler un bug : <https://github.com/YunoHost-Apps/lufi_ynh/issues>
@ -56,4 +49,4 @@ ou
sudo yunohost app upgrade lufi -u https://github.com/YunoHost-Apps/lufi_ynh/tree/testing --debug
```
**Plus d'infos sur le packaging d'applications :** <https://yunohost.org/packaging_apps>
**Plus dinfos sur le packaging dapplications :** <https://yunohost.org/packaging_apps>

View file

@ -1,29 +0,0 @@
;; Test complet
; Manifest
domain="domain.tld"
path="/path"
is_public=1
max_file_size=100
use_ldap=0
; Checks
pkg_linter=1
setup_sub_dir=1
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
# 0.03.5~ynh2
upgrade=1 from_commit=23e84578464b1fa09f79c98b6a9b5f19bbcf83f3
# 0.05.16~ynh2
upgrade=1 from_commit=b208e35276b861a78a28bb7d468dad9d11943023
backup_restore=1
multi_instance=1
port_already_use=0
change_url=1
;;; Options
Email=
Notification=none
;;; Upgrade options
; commit=23e84578464b1fa09f79c98b6a9b5f19bbcf83f3
name=Merge pull request #35 from YunoHost-Apps/fix-buster

View file

@ -1,7 +0,0 @@
SOURCE_URL=https://framagit.org/fiat-tux/hat-softwares/lufi/-/archive/0.05.18/lufi-0.05.18.tar.gz
SOURCE_SUM=da388595d8c39a82ae118c1c92bb7d8ad637f7351997392bbb645929852a3963
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

11
conf/cron Normal file
View file

@ -0,0 +1,11 @@
# Génération des statistiques. Tous les jours, à 5h.
0 5 * * * __USER__ cd "__INSTALL_DIR__" && /usr/bin/carton exec script/lufi cron stats
# Suppression des adresses IP obsolètes. Tous les jours, à 6h.
0 6 * * * __USER__ cd "__INSTALL_DIR__" && /usr/bin/carton exec script/lufi cron cleanbdd
# Suppression des images dont le délai a expiré. Tous les jours, à 6h.
0 6 * * * __USER__ cd "__INSTALL_DIR__" && /usr/bin/carton exec script/lufi cron cleanfiles
# Vérification de l'occupation du dossier des images. Tous les jours, à 7h.
0 7 * * * __USER__ cd "__INSTALL_DIR__" && /usr/bin/carton exec script/lufi cron watch

View file

@ -1,11 +0,0 @@
# Génération des statistiques. Tous les jours, à 5h.
0 5 * * * __USER__ cd "__FINALPATH__" && /usr/bin/carton exec script/lufi cron stats
# Suppression des adresses IP obsolètes. Tous les jours, à 6h.
0 6 * * * __USER__ cd "__FINALPATH__" && /usr/bin/carton exec script/lufi cron cleanbdd
# Suppression des images dont le délai a expiré. Tous les jours, à 6h.
0 6 * * * __USER__ cd "__FINALPATH__" && /usr/bin/carton exec script/lufi cron cleanfiles
# Vérification de l'occupation du dossier des images. Tous les jours, à 7h.
0 7 * * * __USER__ cd "__FINALPATH__" && /usr/bin/carton exec script/lufi cron watch

View file

@ -1,5 +1,5 @@
__FINALPATH__/log/production.log {
__INSTALL_DIR__/log/production.log {
# Effectue une rotation des logs tout les mois
monthly
# Ou si le fichier de log dépasse 100Mo

View file

@ -59,7 +59,7 @@
# Max file size, in octets
# You can write it 100*1024*1024
# optional, no default
__MAX_SIZE_SET__max_file_size => __MAX_FILE_SIZE__*1024*1024,
max_file_size => __MAX_FILE_SIZE__*1024*1024,
# If you want to have piwik statistics, provide a piwik image tracker
# Only the image tracker is allowed, no javascript
@ -110,7 +110,7 @@
# Remember that it has to be in a directory writable by Lufi user
# DO NOT CHANGE THIS IF FILES HAVE BEEN ALREADY UPLOADED: THEY WILL NOT BE DOWNLOADABLE ANYMORE
# optional, default is 'files'
upload_dir => '__DATADIR__/upload',
upload_dir => '__DATA_DIR__/upload',
#!!!!!!!!!!!!!!!
# EXPERIMENTAL !

View file

@ -1,5 +1,5 @@
[Unit]
Description=Image hosting and sharing service
Description=Lufi: image hosting and sharing service
Documentation=https://framagit.org/luc/lufi/wikis/home
Requires=network.target
After=network.target
@ -8,11 +8,41 @@ After=network.target
Type=forking
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/
PIDFile=__FINALPATH__/script/hypnotoad.pid
WorkingDirectory=__INSTALL_DIR__/
PIDFile=__INSTALL_DIR__/script/hypnotoad.pid
ExecStart=/usr/bin/carton exec hypnotoad script/lufi
ExecStop=/usr/bin/carton exec hypnotoad -s script/lufi
ExecReload=/usr/bin/carton exec hypnotoad script/lufi
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

15
config_panel.toml Normal file
View file

@ -0,0 +1,15 @@
version = "1.0"
[main]
name = "Lufi configuration"
services = ["__APP__"]
[main.config]
name = "Configuration Options"
[main.config.max_file_size]
ask = "Max file size"
type = "number"
default = 100
help = "Choose the maximum file size allowed to send, in Mo (0 = no limit)"
bind = "max_file_size:/var/www/__APP__/lufi.conf"

1
doc/ADMIN.md Normal file
View file

@ -0,0 +1 @@
How to configure this app: a plain file at `__INSTALL_DIR__/lufi.conf` with SSH.

1
doc/ADMIN_fr.md Normal file
View file

@ -0,0 +1 @@
Comment configurer cette application : un fichier brut `__INSTALL_DIR__/lufi.conf` en SSH.

View file

@ -1,6 +1,3 @@
It stores files and allows you to download them.
Is that all? No. All the files are encrypted **by the browser**! It means that your files **never** leave your computer unencrypted.
Lufi stores files and allows you to download them. Is that all? No. All the files are encrypted **by the browser**! It means that your files **never** leave your computer unencrypted.
The administrator of the Lufi instance you use will not be able to see what is in your file, neither will your network administrator, or your ISP.
The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https://en.wikipedia.org/wiki/Fragment_identifier)), that means this part is only processed client-side and does not reach the server. :-)

View file

@ -1,3 +0,0 @@
## Configuration
* How to configure this app: a plain file at `/var/www/lufi/lufi.conf` with SSH.

View file

@ -1,3 +0,0 @@
## Configuration
* Comment configurer cette application: un fichier brut `/var/www/lufi/lufi.conf` en SSH.

View file

@ -1,71 +0,0 @@
{
"name": "Lufi",
"id": "lufi",
"packaging_format": 1,
"description": {
"en": "Self hosting files and sharing anonymous application",
"fr": "Application d'hébergement et de partage de fichiers anonyme"
},
"version": "0.05.18~ynh2",
"url": "https://git.framasoft.org/luc/lufi",
"upstream": {
"license": "AGPL-3.0-or-later",
"demo": "https://demo.lufi.io/",
"admindoc": "https://framagit.org/luc/lufi/wikis/home",
"code": "https://framagit.org/fiat-tux/hat-softwares/lufi"
},
"license": "AGPL-3.0-or-later",
"maintainer": {
"name": "frju365, cyp",
"email": "win10@tutanota.com, cyp@rouquin.me"
},
"requirements": {
"yunohost": ">= 4.3.0"
},
"multi_instance": true,
"services": [
"nginx"
],
"arguments": {
"install": [
{
"name": "domain",
"type": "domain"
},
{
"name": "path",
"type": "path",
"example": "/lufi",
"default": "/lufi"
},
{
"name": "is_public",
"type": "boolean",
"default": true
},
{
"name": "max_file_size",
"type": "string",
"ask": {
"en": "Choose a max file size, in Mo (0 = no limit)",
"fr": "Choisissez une taille de fichier maximum chemin, en Mo (0 = pas de limite)"
},
"example": "100",
"default": "100"
},
{
"name": "use_ldap",
"type": "boolean",
"ask": {
"en": "Install Lufi with LDAP configuration?",
"fr": "Installer Lufi avec la configuration LDAP ?"
},
"help": {
"en": "A Lufi with LDAP enabled will allow only YunoHost users to upload.",
"fr": "Un Lufi avec LDAP activé autorisera seulement les utilisateurs YunoHost à téléverser."
},
"default": false
}
]
}
}

70
manifest.toml Normal file
View file

@ -0,0 +1,70 @@
packaging_format = 2
id = "lufi"
name = "Lufi"
description.en = "Files and sharing anonymous application"
description.fr = "Application de partage de fichiers anonyme"
version = "0.05.21~ynh1"
maintainers = ["frju365, cyp"]
[upstream]
license = "AGPL-3.0-or-later"
demo = "https://demo.lufi.io/"
admindoc = "https://framagit.org/luc/lufi/wikis/home"
code = "https://framagit.org/fiat-tux/hat-softwares/lufi"
website = "https://git.framasoft.org/luc/lufi"
[integration]
yunohost = ">= 11.1.17"
architectures = "all"
multi_instance = true
ldap = true
sso = false
disk = "50M"
ram.build = "550M"
ram.runtime = "50M"
[install]
[install.domain]
type = "domain"
[install.path]
type = "path"
default = "/lufi"
[install.init_main_permission]
type = "group"
default = "visitors"
[install.use_ldap]
ask.en = "Install Lufi with LDAP configuration?"
ask.fr = "Installer Lufi avec la configuration LDAP ?"
help.en = "Lufi with LDAP enabled will allow only YunoHost users to upload."
help.fr = "Lufi avec LDAP activé autorisera seulement les utilisateurs YunoHost à téléverser."
type = "boolean"
default = false
[resources]
[resources.sources.main]
url = "https://framagit.org/fiat-tux/hat-softwares/lufi/-/archive/0.05.21/lufi-0.05.21.tar.gz"
sha256 = "a1da42688d82239a9441355ad0e1d773e24d0225edcdc463b425a5032133765a"
[resources.ports]
[resources.system_user]
[resources.install_dir]
[resources.data_dir]
subdirs = "upload"
[resources.permissions]
main.url = "/"
[resources.apt]
packages = "build-essential libssl-dev libio-socket-ssl-perl liblwp-protocol-https-perl libpq-dev postgresql carton"
[resources.database]
type = "postgresql"

View file

@ -4,9 +4,6 @@
# COMMON VARIABLES
#=================================================
# dependencies used by the app
pkg_dependencies="build-essential libssl-dev libio-socket-ssl-perl liblwp-protocol-https-perl libpq-dev postgresql carton"
#=================================================
# PERSONAL HELPERS
#=================================================

View file

@ -10,28 +10,6 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@ -41,13 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$final_path"
ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE DATA DIR
#=================================================
ynh_backup --src_path="$datadir" --is_big
ynh_backup --src_path="$data_dir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION

View file

@ -9,70 +9,6 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# Add settings here as needed by your application
port=$(ynh_app_setting_get --app=$app --key=port)
use_ldap=$(ynh_app_setting_get --app=$app --key=use_ldap)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
db_user=$db_name
secret=$(ynh_app_setting_get --app=$app --key=secret)
max_file_size=$(ynh_app_setting_get --app=$app --key=max_file_size)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..."
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
@ -80,36 +16,14 @@ fi
#=================================================
ynh_script_progression --message="Stopping a systemd service..."
ynh_systemd_action --service_name=$app --action="stop" --log_path="$final_path/log/production.log"
ynh_systemd_action --service_name=$app --action="stop" --log_path="$install_dir/log/production.log"
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..."
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the NGINX config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original NGINX config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for NGINX helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated NGINX config
ynh_add_nginx_config
fi
# Change the domain for NGINX
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
ynh_change_url_nginx_config
#=================================================
# SPECIFIC MODIFICATIONS
@ -119,7 +33,7 @@ fi
ynh_script_progression --message="Configuring lufi..."
domain="$new_domain"
path_url="$new_path"
path="$new_path"
ldap="#"
if [ $use_ldap -eq 1 ];
@ -127,15 +41,10 @@ then
ldap=""
fi
max_size_set=""
if [ $max_file_size -eq 0 ]; then # Comment the limitation line if no limit
max_size_set="#"
fi
ynh_add_config --template="../conf/lufi.conf" --destination="$install_dir/lufi.conf"
ynh_add_config --template="../conf/lufi.conf.template" --destination="$final_path/lufi.conf"
chmod 600 $final_path/lufi.conf
chown $app:$app $final_path/lufi.conf
chmod 600 $install_dir/lufi.conf
chown $app:$app $install_dir/lufi.conf
#=================================================
# GENERIC FINALISATION
@ -145,14 +54,7 @@ chown $app:$app $final_path/lufi.conf
ynh_script_progression --message="Starting a systemd service..."
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="$final_path/log/production.log" --line_match="Creating process id file"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemd_action --service_name=$app --action="start" --log_path="$install_dir/log/production.log" --line_match="Creating process id file"
#=================================================
# END OF SCRIPT

View file

@ -8,108 +8,32 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
max_file_size=$YNH_APP_ARG_MAX_FILE_SIZE
use_ldap=$YNH_APP_ARG_USE_LDAP
secret=$(ynh_string_random --length=24)
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Check if max_file_size is a number
if ! [[ $max_file_size =~ "^[\-0-9]+$" ]] && [ $max_file_size -lt 0 ]; then
ynh_die --message="Max file must be a number positive or zero"
fi
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
max_file_size=100
use_ldap=$YNH_APP_ARG_USE_LDAP
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=use_ldap --value=$use_ldap
ynh_app_setting_set --app=$app --key=max_file_size --value=$max_file_size
ynh_app_setting_set --app=$app --key=secret --value=$secret
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..."
# Find an available port
port=$(ynh_find_port --port=8095)
ynh_app_setting_set --app=$app --key=port --value=$port
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..."
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# CREATE A POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Creating a PostgreSQL database..."
# Create postgresql database
ynh_psql_test_if_first_run
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) # Password created in ynh_psql_setup_db function
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..."
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
ynh_setup_source --dest_dir="$install_dir"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# NGINX CONFIGURATION
@ -119,21 +43,16 @@ ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..."
# Create a dedicated systemd config
ynh_add_systemd_config
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
mkdir -p $datadir/upload
yunohost service add $app --description="Lufi service" --log="$install_dir/log/production.log"
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app"
chmod +x $install_dir/script/lufi
#=================================================
# CONFIGURE LUFI
@ -146,83 +65,27 @@ then
ldap=""
fi
max_size_set=""
if [ $max_file_size -eq 0 ]; then # Comment the limitation line if no limit
max_size_set="#"
fi
ynh_add_config --template="../conf/lufi.conf" --destination="$install_dir/lufi.conf"
ynh_add_config --template="../conf/lufi.conf.template" --destination="$final_path/lufi.conf"
chmod 600 $final_path/lufi.conf
chown $app:$app $final_path/lufi.conf
chmod 600 $install_dir/lufi.conf
chown $app:$app $install_dir/lufi.conf
#=================================================
# INSTALL LUFI
#=================================================
ynh_script_progression --message="Installing $app..."
pushd $final_path
pushd $install_dir
carton install --deployment --without=sqlite --without=mysql --without=htpasswd --without=test
popd
#=================================================
# SETUP CRON
#=================================================
ynh_script_progression --message="Setuping a cron..."
ynh_add_config --template="../conf/cron_lufi" --destination="/etc/cron.d/$app"
chmod +x $final_path/script/lufi
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..."
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..."
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app --description="Lufi service" --log="$final_path/log/production.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..."
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --line_match="Creating process id file" --log_path="$final_path/log/production.log"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..."
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemd_action --service_name=$app --action="start" --line_match="Creating process id file" --log_path="$install_dir/log/production.log"
#=================================================
# END OF SCRIPT

View file

@ -9,20 +9,6 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# STANDARD REMOVE
#=================================================
@ -36,88 +22,21 @@ then
yunohost service remove $app
fi
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_script_progression --message="Stopping and removing the systemd service..."
# Remove the dedicated systemd config
ynh_remove_systemd_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..."
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Removing the PostgreSQL database..."
# Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..."
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE DATA DIR
#=================================================
# Remove the data directory if --purge option is used
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then
ynh_script_progression --message="Removing app data directory..."
ynh_secure_remove --file="$datadir"
fi
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..."
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..."
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE VARIOUS FILES
#=================================================
ynh_script_progression --message="Removing various files..."
# Remove a cron file
ynh_secure_remove --file="/etc/cron.d/$app"
# Remove the log files
ynh_secure_remove --file="/var/log/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..."
# Delete a system user
ynh_system_user_delete --username=$app
#=================================================
# END OF SCRIPT
#=================================================

View file

@ -10,141 +10,49 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..."
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..."
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file --origin_path="$final_path"
ynh_restore_file --origin_path="$install_dir"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring the data directory..."
ynh_restore_file --origin_path="$datadir" --not_mandatory
mkdir -p $datadir
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..."
# Define and install dependencies
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PostregSQL database..."
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name"
#=================================================
# RESTORE VARIOUS FILES
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Restoring various files..."
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/cron.d/$app"
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..."
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..."
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app --description="Lufi service" --log="$final_path/log/production.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app --action="start" --log_path="$final_path/log/production.log" --line_match="Creating process id file"
yunohost service add $app --description="Lufi service" --log="$install_dir/log/production.log"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="$install_dir/log/production.log" --line_match="Creating process id file"
ynh_systemd_action --service_name=nginx --action=reload

View file

@ -9,47 +9,12 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
use_ldap=$(ynh_app_setting_get --app=$app --key=use_ldap)
port=$(ynh_app_setting_get --app=$app --key=port)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
secret=$(ynh_app_setting_get --app=$app --key=secret)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
max_file_size=$(ynh_app_setting_get --app=$app --key=max_file_size)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
@ -57,82 +22,18 @@ ynh_abort_if_errors
#=================================================
ynh_script_progression --message="Stopping a systemd service..."
ynh_systemd_action --service_name=$app --action="stop" --log_path="$final_path/log/production.log"
ynh_systemd_action --service_name=$app --action="stop" --log_path="$install_dir/log/production.log"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
db_name=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
if [ -z "$max_file_size" ]; then
if [ -z "${max_file_size:-}" ]; then
max_file_size=100 # 100 Mo
ynh_app_setting_set --app=$app --key=max_file_size --value=$max_file_size
fi
# Check if is_public settings exist and is set to true
was_public=$(ynh_app_setting_get --app=$app --key=is_public)
if [ $was_public -eq 1 ]
then
# Fix permissions if true
ynh_print_info --message="Upgrading from legacy permission..."
ynh_print_info --message="Legacy public instance detected, allow visitors with new permission."
use_ldap=0
# Add new permission to allow visitors
ynh_permission_update --permission="main" --add="visitors"
# Remove deprecated is_public settings
ynh_app_setting_delete --app=$app --key=is_public
fi
# Check if legacy permissions exists (meanning that is_public was set to false)
if ynh_legacy_permissions_exists; then
ynh_print_info --message="Upgrading from legacy permission..."
ynh_print_info --message="Legacy private instance detected, keep LDAP enabled."
# Legacy private install have LDAP enabled
use_ldap=1
# Cleaning legacy permissions
ynh_print_info --message="Removing legacy permission..."
ynh_legacy_permissions_delete_all
# Remove deprecated is_public settings
ynh_app_setting_delete --app=$app --key=is_public
fi
# If datadir doesn't exist, create it
if [ -z "$datadir" ]; then
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir
mv -f "$final_path/files" "$datadir/upload"
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@ -142,27 +43,11 @@ then
ynh_script_progression --message="Upgrading source files..."
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
ynh_setup_source --dest_dir="$install_dir"
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..."
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated NGINX config
ynh_add_nginx_config
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# SPECIFIC UPGRADE
@ -177,22 +62,17 @@ then
ldap=""
fi
max_size_set=""
if [ $max_file_size -eq 0 ]; then # Comment the limitation line if no limit
max_size_set="#"
fi
ynh_add_config --template="../conf/lufi.conf" --destination="$install_dir/lufi.conf"
ynh_add_config --template="../conf/lufi.conf.template" --destination="$final_path/lufi.conf"
chmod 600 $final_path/lufi.conf
chown $app:$app $final_path/lufi.conf
chmod 600 $install_dir/lufi.conf
chown $app:$app $install_dir/lufi.conf
#=================================================
# BUILD LUFI
#=================================================
ynh_script_progression --message="Building Lufi..."
pushd $final_path
pushd $install_dir
carton install --deployment --without=sqlite --without=mysql --without=htpasswd --without=test
popd
@ -201,47 +81,26 @@ popd
#=================================================
ynh_script_progression --message="Setuping cron..."
ynh_add_config --template="../conf/cron_lufi" --destination="/etc/cron.d/$app"
chmod +x $final_path/script/lufi
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..."
ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app"
chmod +x $install_dir/script/lufi
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..."
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app --description="Lufi service" --log="$final_path/log/production.log"
yunohost service add $app --description="Lufi service" --log="$install_dir/log/production.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app --action="restart" --log_path="$final_path/log/production.log" --line_match="Creating process id file"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemd_action --service_name=$app --action="restart" --log_path="$install_dir/log/production.log" --line_match="Creating process id file"
#=================================================
# END OF SCRIPT

9
tests.toml Normal file
View file

@ -0,0 +1,9 @@
test_format = 1.0
[default]
# -------------------------------
# Default args to use for install
# -------------------------------
args.use_ldap=0