commit 0a2472c105ad55b9ade88f265c4f34e71c1f8496 Author: Maniack Crudelis Date: Mon Mar 16 21:10:39 2015 +0100 Mise à jour diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f0ff6f7 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.swp +*~ +Notes diff --git a/README.md b/README.md new file mode 100644 index 0000000..388d331 --- /dev/null +++ b/README.md @@ -0,0 +1,10 @@ +Lutim for YunoHost +================== + +[Yunohost project](https://yunohost.org/#/) + +...Description... + +https://lut.im + +Le script installe le module perl *carton* via cpan et les paquets *fonts-droid* *ghostscript* *gsfonts* *imagemagick-common* *libavahi-client3* *libavahi-common-data* *libavahi-common3* *libcups2* *libcupsimage2* *libgs9* *libgs9-common* *libijs-0.35* *libjasper1* *libjbig0* *libjbig2dec0* *liblcms2-2* *liblqr-1-0* *libmagickcore5* *libpaper-utils* *libpaper1* *libtiff4* *perlmagick* *poppler-data*. diff --git a/conf/cron_lutim b/conf/cron_lutim new file mode 100644 index 0000000..e0f1a91 --- /dev/null +++ b/conf/cron_lutim @@ -0,0 +1,12 @@ +# Génération des statistiques. Tous les jours, à 5h. +# 0 5 * * * www-data carton exec script/lutim cron stats && carton exec hypnotoad __FINALPATH__/script/lutim +0 5 * * * www-data cd "__FINALPATH__" && /usr/local/bin/carton exec script/lutim cron stats + +# Suppression des adresses IP obsolètes. Tous les jours, à 6h. +0 6 * * * www-data cd "__FINALPATH__" && /usr/local/bin/carton exec script/lutim cron cleanbdd + +# Suppression des images dont le délai a expiré. Tous les jours, à 6h. +0 6 * * * www-data cd "__FINALPATH__" && /usr/local/bin/carton exec script/lutim cron cleanfiles + +# Vérification de l'occupation du dossier des images. Tous les jours, à 7h. +0 7 * * * www-data cd "__FINALPATH__" && /usr/local/bin/carton exec script/lutim cron watch diff --git a/conf/lutim.conf.template b/conf/lutim.conf.template new file mode 100644 index 0000000..7d30974 --- /dev/null +++ b/conf/lutim.conf.template @@ -0,0 +1,138 @@ +# vim:set sw=4 ts=4 sts=4 ft=perl expandtab: +{ + #################### + # Hypnotoad settings + #################### + # see http://mojolicio.us/perldoc/Mojo/Server/Hypnotoad for a full list of settings + hypnotoad => { + # array of IP addresses and ports you want to listen to + #listen => ['http://127.0.0.1:8080'], + listen => ['http://127.0.0.1:__PORT__'], + # user and group you want for Lutim to run with + # be sure that this user/group have rights on the lutim directory + # if you launch lutim from a different user, be sure that this user have the right to su this user/group + # => if current_user is not the user that you sets here and is not root, there's chances that it will fail (see https://github.com/ldidry/lutim/issues/25) + user => 'www-data', + group => 'www-data' + }, + + ################ + # Lutim settings + ################ + + # put a way to contact you here and uncomment it + # mandatory + contact => 'webmaster@__DOMAIN__', + + # random string used to encrypt cookies + # mandatory + secrets => ['__SECRET__'], + + # length of the images random URL + # optional, default is 8 + #length => 8, + + # how many URLs will be provisioned in a batch ? + # optional, default is 5 + #provis_step => 5, + + # max number of URLs to be provisioned + # optional, default is 100 + #provisioning => 100, + + # anti-flood protection delay, in seconds + # users won't be able to ask Lutim to download images more than one per anti_flood_delay seconds + # optional, default is 5 + #anti_flood_delay => 5, + + # twitter account which will appear on twitter cards + # see https://dev.twitter.com/docs/cards/validation/validator to register your Lutim instance on twitter + # optional, default is @framasky + #tweet_card_via => '@framasky', + + # max image size, in octets + # you can write it 10*1024*1024 + # optional, default is 10485760 + #max_file_size => 10485760, + + # if you want to have piwik statistics, provide a piwik image tracker + # only the image tracker is allowed, no javascript + # optional, no default + #piwik_img => 'https://piwik.example.org/piwik.php?idsite=1&rec=1', + + # if you want to include something in the right of the screen, put it here + # here's an exemple to put the logo of your hoster + # optional, no default + #hosted_by => 'My super hoster Hoster logo', + hosted_by => 'Statistiques', + + # DEPRECATED DEPRECATED DEPRECATED DEPRECATED DEPRECATED DEPRECATED DEPRECATED DEPRECATED DEPRECATED DEPRECATED + # Lutim now checks if the X-Forwarded-Proto header is present and equal to https. + # set to 1 if you use Lutim behind a secure web server + # optional, default is 0 + #https => 0, + + # broadcast_message which will displayed on all pages of Lutim (but no in json response) + # optional, no default + #broadcast_message => 'Maintenance', + + # array of authorized domains for API calls. + # if you want to authorize everyone to use the API: ['*'] + # optional, no domains allowed by default + #allowed_domains => ['http://1.example.com', 'http://2.example.com'], + + # default time limit for files + # valid values are 0, 1, 7, 30 and 365 + # optional, default is 0 (no limit) + default_delay => 365, + + # number of days after which the images will be deleted, even if they were uploaded with "no delay" (or value superior to max_delay) + # a warning message will be displayed on homepage + # optional, default is 0 (no limit) + #max_delay => 0, + + # if set to 1, all the images will be encrypted and the encryption option will no be displayed + # optional, default is 0 + #always_encrypt => 0, + + # length of the image's delete token + # optional, default is 24 + #token_length => 24, + + # URL sub-directory in which you want Lutim to be accessible + # example: you want to have Lutim under https://example.org/lutim/ + # => set url_sub_dir to '/lutim' or to '/lutim/', it doesn't matter + # optional, defaut is / + #url_sub_dir => '/', + url_sub_dir => '__PATH__', + + ########################## + # Lutim cron jobs settings + ########################## + + # number of days shown in /stats page (used with script/lutim cron stats) + # optional, default is 365 + #stats_day_num => 365, + + # number of days senders' IP addresses are kept in database + # after that delay, they will be deleted from database (used with script/lutim cron cleanbdd) + # optional, default is 365 + #keep_ip_during => 365, + + # max size of the files directory, in octets + # used by script/lutim cron watch to trigger an action + # optional, no default + #max_total_size => 10*1024*1024*1024, # (=10 Go) + max_total_size => 1024*1024*1024, # (=1 Go) + + # default action when files directory is over max_total_size (used with script/lutim cron watch) + # valid values are 'warn', 'stop-upload' and 'delete' + # please, see readme + # optional, default is 'warn' + policy_when_full => 'stop-upload', + + # images which are not viewed since delete_no_longer_viewed_files days will be deleted by the cron cleanfiles task + # if delete_no_longer_viewed_files is not set, the no longer viewed files will NOT be deleted + # optional, no default + #delete_no_longer_viewed_files => 90 +}; diff --git a/conf/lutim.default b/conf/lutim.default new file mode 100644 index 0000000..3c305d8 --- /dev/null +++ b/conf/lutim.default @@ -0,0 +1,3 @@ +# LDIR is the path where you installed Lutim +# It has to end with a final / +LDIR=__FINALPATH__ diff --git a/conf/lutim.init b/conf/lutim.init new file mode 100755 index 0000000..3cc0782 --- /dev/null +++ b/conf/lutim.init @@ -0,0 +1,193 @@ +#!/bin/sh +# vim: set ts=4 sw=4 sts=4 tw=0: +# vim: set expandtab: + +### BEGIN INIT INFO +# Provides: lutim +# Required-Start: $local_fs $remote_fs $network $syslog +# Required-Stop: $local_fs $remote_fs $network $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: starts lutim with hypnotoad +# Description: starts lutim with hypnotoad +### END INIT INFO + + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=script/lutim +NAME=lutim +DESC=lutim +LUTIM_DIR=__PATH__ + +if [ -f "/etc/default/lutim" ] +then + . /etc/default/lutim + if [ -z $LDIR ] + then + echo "LDIR variable is empty, please fill it in /etc/default/lutim" + exit 0 + fi +else + echo "Missing /etc/default/lutim file" + exit 0 +fi + +if [ ! -f "$LDIR$DAEMON" ] +then + echo "Missing $LDIR$DAEMON file" + exit 0 +fi + +set -e + +. /lib/lsb/init-functions + +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + + cd $LDIR + carton exec hypnotoad $DAEMON >> $LUTIM_DIR/log/production.log 2>&1 + return "$?" +} + +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + + cd $LDIR + carton exec hypnotoad -s $DAEMON >> $LUTIM_DIR/log/production.log 2>&1 + + return "$?" +} + +do_status() +{ + cd $LDIR + if [ -f "script/hypnotoad.pid" ] + then + pgrep -lf $DAEMON >/dev/null 2>&1 + if [ "$?" = "0" ]; then + log_progress_msg "$NAME is running" + else + log_progress_msg "$NAME is NOT running" + fi + else + log_progress_msg "$NAME is NOT running" + fi +} + +case "$1" in + start) + log_daemon_msg "Starting $NAME" + cd $LDIR + if [ -f "script/hypnotoad.pid" ] + then + pgrep -lf $DAEMON >/dev/null 2>&1 + if [ "$?" = "0" ] + then + log_progress_msg "$NAME is already running. Unable to start." + log_end_msg 1; + else + do_start + case "$?" in + 0|1) + log_progress_msg "done" + log_end_msg 0 + ;; + 2) + log_progress_msg "failed" + log_end_msg 1 + ;; + esac + fi + else + do_start + case "$?" in + 0|1) + log_progress_msg "done" + log_end_msg 0 + ;; + 2) + log_progress_msg "failed" + log_end_msg 1 + ;; + esac + fi + ;; + stop) + log_daemon_msg "Stopping $NAME" + cd $LDIR + if [ -f "script/hypnotoad.pid" ] + then + pgrep -lf $DAEMON >/dev/null 2>&1 + if [ "$?" = "0" ]; then + do_stop + case "$?" in + 0|1) + log_progress_msg "done" + log_end_msg 0 + ;; + *) + log_progress_msg "failed" + log_end_msg 1 + ;; + esac + else + log_progress_msg "$NAME is NOT running. Unable to stop" + log_end_msg 1 + fi + else + log_progress_msg "$NAME is NOT running. Unable to stop" + log_end_msg 1 + fi + ;; + status) + log_daemon_msg "Checking $NAME status" + do_status + log_end_msg 0 + ;; + reload) + log_daemon_msg "Reloading $NAME" + do_start + case "$?" in + 0|1) + log_progress_msg "done" + log_end_msg 0 + ;; + 2) + log_progress_msg "failed" + log_end_msg 1 + ;; + esac + ;; + restart) + log_daemon_msg "Restarting $NAME" + do_stop + sleep 1 + do_start + case "$?" in + 0|1) + log_progress_msg "done" + log_end_msg 0 + ;; + 2) + log_progress_msg "failed"; + log_end_msg 1 + ;; + esac + ;; + *) + echo "Usage: $0 {start|stop|status|reload|restart}" >&2 + exit 3 + ;; +esac + +exit 0 diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..732fb89 --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,36 @@ +location __PATH__ { + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; + } + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; + + # This is important for user's privacy ! + access_log off; + error_log /var/log/nginx/lutim.error.log; + + # This is important ! Make it OK with your Lutim configuration + client_max_body_size 40M; + + proxy_pass http://127.0.0.1:__PORT__; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + # Lutim reads this header and understands that the current session is actually HTTPS. + # Enable it if you run a HTTPS server (in this case, don't forgot to change the listen port $ + proxy_set_header X-Forwarded-Proto https; + + # We expect the downsteam servers to redirect to the right hostname, so don't do any rewrite$ + proxy_redirect off; +} diff --git a/manifest.json b/manifest.json new file mode 100644 index 0000000..29f684c --- /dev/null +++ b/manifest.json @@ -0,0 +1,55 @@ +{ + "name": "Lutim", + "id": "lutim", + "description": { + "en": "Leed is a minimalistic RSS feed aggregator which allows quick and non-intrusive reading of feeds.", + "fr": "Lutim est un logiciel d’hébergement d’images. Il s’agit aussi du nom du logiciel (libre) qui fournit ce service." + }, + "version": "0.6", + "url": "https://lut.im", + "maintainer": { + "name": "Maniack Crudelis", + "email": "maniackc_dev@crudelis.fr" + }, + "multi_instance": "false", + "arguments": { + "install" : [ + { + "name": "domain", + "ask": { + "en": "Choose a domain for Lutim", + "fr": "Choisissez un domaine pour Lutim" + }, + "example": "domain.org", + "default": "crudelis-test.fr" + }, + { + "name": "path", + "ask": { + "en": "Choose a path for Lutim", + "fr": "Choisissez un chemin pour Lutim" + }, + "example": "/lutim", + "default": "/lutim" + }, + { + "name": "admin", + "ask": { + "en": "Choose the Lutim administrator (must be an existing YunoHost user)", + "fr": "Choisissez un administrateur Lutim (doit être un utilisateur YunoHost)" + }, + "example": "john", + "default": "mcrudelis" + }, + { + "name": "is_public", + "ask": { + "en": "Uploading images is it public?", + "fr": "L'upload des images est-il public ?" + }, + "choices": ["Yes", "No"], + "default": "No" + } + ] + } +} diff --git a/scripts/install b/scripts/install new file mode 100644 index 0000000..5cdf456 --- /dev/null +++ b/scripts/install @@ -0,0 +1,117 @@ +#!/bin/bash + +# Retrieve arguments +domain=$1 +path=$2 +admin=$3 +is_public=$4 +app=lutim + +# Check if admin exists +sudo yunohost user list --json | grep -q "\"username\": \"$admin\"" +if [[ ! $? -eq 0 ]]; then + echo "Wrong admin" + exit 1 +fi + +# Vérifie l'existence du / en fin de path +if [ $(echo "$path" | grep -c '/$') -eq 0 ] +then + path="$path/" +fi + +# Check domain/path availability +sudo yunohost app checkurl $domain$path -a $app +if [[ ! $? -eq 0 ]]; then + exit 1 +fi + +# Get an available port +port=8095 +sudo yunohost app checkport $port +while [[ ! $? -eq 0 ]]; do + port=$((port+1)) + sudo yunohost app checkport $port +done + +# Check /var/www/$app path is available +final_path=/var/www/$app +if [ -e "$final_path" ] +then + echo "This path already contains a folder" + exit 1 +fi + +# Add settings to YunoHost +sudo yunohost app setting $app admin -v $admin +sudo yunohost app setting $app domain -v $domain +sudo yunohost app setting $app is_public -v $is_public + + +# Copy files to right place +sudo mkdir -p $final_path +# Création archive source: tar -czp -f lutim.tar.gz lutim +# Décompresse la source +tar -x -f ../sources/lutim.tar.gz +sudo cp -a lutim/. $final_path +sudo cp -a ../sources/ajouts/. $final_path +sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf + +# Installation du module perl carton +echo "Installation du module perl carton. Attention, étape très longue..." +# yes | sudo cpan Carton | sudo tee $final_path/cpan_setup.log 2>&1 > /dev/null 2>&1 # Debug +yes | sudo cpan Carton > /dev/null 2>&1 + +# Installation de perlmagick, interface perl pour imagemagick +sudo apt-get install perlmagick -qy + +## Copie et configuration du fichier de conf. +sudo cp ../conf/lutim.conf.template $final_path/lutim.conf +sudo sed -i "s@__DOMAIN__@$domain@g" $final_path/lutim.conf +sudo sed -i "s@__PATH__@$path@g" $final_path/lutim.conf +sudo sed -i "s@__PORT__@$port@g" $final_path/lutim.conf +secret=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d '[A-Za-z0-9]' | sed -n 's/\(.\{24\}\).*/\1/p') +sudo sed -i "s@__SECRET__@$secret@g" $final_path/lutim.conf + + +# Mise en place des scripts init +sudo cp ../conf/lutim.init /etc/init.d/lutim +sudo cp ../conf/lutim.default /etc/default/lutim +sudo chmod +x /etc/init.d/lutim +sudo chown root:root /etc/init.d/lutim /etc/default/lutim +sudo sed -i "s@__FINALPATH__@$final_path/@g" /etc/default/lutim + +## Mise en place des crons +sudo cp ../conf/cron_lutim /etc/cron.d/$app +sudo sed -i "s@__FINALPATH__@$final_path/@g" /etc/cron.d/$app + +# Installation de lutim via carton +cd $final_path +sudo carton install + +## Démarrage auto des scripts init +sudo update-rc.d lutim defaults +# sudo update-rc.d -f lutim remove + +# Change variables in nginx configuration +sudo sed -i "s@__PATH__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf +sudo sed -i "s@__PORT__@$port@g" /etc/nginx/conf.d/$domain.d/$app.conf + +# Make app public or private +sudo yunohost app setting $app skipped_uris -v "/" +if [ "$is_public" = "No" ]; +then # Si l'app est privée, seul le visionnage des images est public + sudo yunohost app setting $app protected_regex -v "/stats$","/manifest.webapp$","/$","/d/.*$","/m/.*$" +# sudo yunohost app setting $app skipped_regex -v "$domain/$path/[0-9A-Za-z]{8}" +fi + +# Set right permissions +sudo chown -R www-data: $final_path +# Start lutim +sudo /etc/init.d/lutim start +# Set right permissions on new files created at first start +sudo chown -R www-data: $final_path + +# Reload Nginx and regenerate SSOwat conf +sudo service nginx reload +sudo yunohost app ssowatconf diff --git a/scripts/remove b/scripts/remove new file mode 100644 index 0000000..703f64e --- /dev/null +++ b/scripts/remove @@ -0,0 +1,12 @@ +#!/bin/bash + +app=lutim + +domain=$(sudo yunohost app setting $app domain) +final_path=$(sudo yunohost app setting $app final_path) +sudo service lutim stop +sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf +# sudo rm -rf $final_path +sudo rm -rf /var/www/lutim +sudo rm -f /etc/default/lutim +sudo rm -f /etc/init.d/lutim \ No newline at end of file diff --git a/scripts/upgrade b/scripts/upgrade new file mode 100644 index 0000000..e68f3d3 --- /dev/null +++ b/scripts/upgrade @@ -0,0 +1,42 @@ +#!/bin/bash + +# Retrieve arguments +domain=$(sudo yunohost app setting leed domain) +path=$(sudo yunohost app setting leed path) +is_public=$(sudo yunohost app setting leed is_public) + +# Copy files to right place +final_path=/var/www/leed +sudo mkdir -p $final_path +sudo cp -a ../sources/* $final_path +sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/leed.conf + +# Set right permissions +sudo chown -R www-data: $final_path + +# Change variables in Leed configuration +sudo sed -i "s@PATHTOCHANGE@$path@g" /etc/nginx/conf.d/$domain.d/leed.conf +sudo sed -i "s@ALIASTOCHANGE@$final_path/@g" /etc/nginx/conf.d/$domain.d/leed.conf + +# Files owned by root, www-data can just read +sudo find $final_path -type f | xargs sudo chmod 644 +sudo find $final_path -type d | xargs sudo chmod 755 +sudo chown -R root: $final_path +# www-data can write on plugins and cache +sudo chown -R www-data $final_path/cache $final_path/plugins + +# Make app private if necessary +sudo yunohost app setting leed is_public -v "$is_public" +if [ "$is_public" = "No" ]; +then + # Retire l'autorisation d'accès de la page d'install. + sudo yunohost app setting leed unprotected_uris -d + # Rend la page d'actualisation accessible pour le script cron. + sudo yunohost app setting leed skipped_uris -v "/action.php" +else # Si l'app est publique + sudo yunohost app setting leed unprotected_uris -v "/" +fi + +# Reload Nginx and regenerate SSOwat conf +sudo service nginx reload +sudo yunohost app ssowatconf diff --git a/sources/ajouts/cpanfile b/sources/ajouts/cpanfile new file mode 100644 index 0000000..cfac929 --- /dev/null +++ b/sources/ajouts/cpanfile @@ -0,0 +1,15 @@ +requires 'Mojolicious'; +requires 'EV'; +requires 'Data::Validate::URI'; +requires 'Mojolicious::Plugin::I18N'; +requires 'Mojolicious::Plugin::AssetPack'; +requires 'ORLite'; +requires 'File::Type'; +requires 'Text::Unidecode'; +requires 'DateTime'; +requires 'Filesys::DiskUsage'; +requires 'Switch'; +requires 'Data::Validate::URI'; +requires 'Crypt::CBC'; +requires 'Crypt::Blowfish'; +requires "IO::Socket::SSL"; diff --git a/sources/lutim.tar.gz b/sources/lutim.tar.gz new file mode 100644 index 0000000..5022b26 Binary files /dev/null and b/sources/lutim.tar.gz differ diff --git a/version b/version new file mode 100644 index 0000000..b58efb0 --- /dev/null +++ b/version @@ -0,0 +1 @@ +Leed 1.6