From 512d8ef91551f8dcb8c7749211967dadfe246e28 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 29 Jan 2020 21:24:28 +0700 Subject: [PATCH 01/13] New permission system --- hooks/post_app_addaccess | 15 +++++++++++++++ hooks/post_app_removeaccess | 18 ++++++++++++++++++ scripts/install | 15 ++++++++++++--- scripts/upgrade | 31 ++++++++++++++----------------- 4 files changed, 59 insertions(+), 20 deletions(-) create mode 100644 hooks/post_app_addaccess create mode 100644 hooks/post_app_removeaccess diff --git a/hooks/post_app_addaccess b/hooks/post_app_addaccess new file mode 100644 index 0000000..ab21465 --- /dev/null +++ b/hooks/post_app_addaccess @@ -0,0 +1,15 @@ +#!/bin/bash + +# Source app helpers +source /usr/share/yunohost/helpers + +app=$1 +added_users=$2 +permission=$3 +added_groups=$4 + +if [ "$app" == __APP__ ]; then + if [ "$added_groups" = "visitors" ]; then + ynh_app_setting_delete --app=$app --key=protected_regex + fi +fi \ No newline at end of file diff --git a/hooks/post_app_removeaccess b/hooks/post_app_removeaccess new file mode 100644 index 0000000..dbeb996 --- /dev/null +++ b/hooks/post_app_removeaccess @@ -0,0 +1,18 @@ +#!/bin/bash + +# Source app helpers +source /usr/share/yunohost/helpers + +app=$1 +removed_users=$2 +permission=$3 +removed_groups=$4 + +if [ "$app" == __APP__ ]; then + if [ "$removed_groups" = "visitors" ]; then + domain=$(ynh_app_setting_get --app=$app --key=domain) + path_url=$(ynh_app_setting_get --app=$app --key=path) + domain_regex=$(echo "$domain" | sed 's@-@.@g') + ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" + fi +fi \ No newline at end of file diff --git a/scripts/install b/scripts/install index 217b5c3..0dd291a 100644 --- a/scripts/install +++ b/scripts/install @@ -49,7 +49,6 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url ynh_script_progression --message="Storing installation settings..." --weight=2 ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=is_public --value=$is_public ynh_app_setting_set --app=$app --key=always_encrypt --value=$always_encrypt ynh_app_setting_set --app=$app --key=overwrite_settings --value=1 @@ -121,6 +120,13 @@ ynh_replace_string --match_string="__WORKERS__" --replace_string="$(( $(nproc) * # Calculate and store the config file checksum into the app settings ynh_store_file_checksum --file="$final_path/lutim.conf" +#================================================= +# SETUP HOOKS FILE +#================================================= + +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_app_addaccess" +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_app_removeaccess" + #================================================= # SETUP SYSTEMD #================================================= @@ -192,8 +198,11 @@ yunohost service add $app --log $final_path/log/production.log #================================================= ynh_script_progression --message="Configuring SSOwat..." -ynh_app_setting_set --app=$app --key=skipped_uris --value="/" -if [ $is_public -eq 0 ] +ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" + +ynh_permission_url --permission="main" + +if [ $fis_public -eq 0 ] then # If the app is private, viewing images stays publicly accessible. if [ "$path_url" == "/" ]; then diff --git a/scripts/upgrade b/scripts/upgrade index e5b1313..4f78c1f 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,7 +20,6 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -is_public=$(ynh_app_setting_get --app=$app --key=is_public) port=$(ynh_app_setting_get --app=$app --key=port) always_encrypt=$(ynh_app_setting_get --app=$app --key=always_encrypt) final_path=$(ynh_app_setting_get --app=$app --key=final_path) @@ -35,6 +34,8 @@ admin_mail_html=$(ynh_app_setting_get --app=$app --key=admin_mail_html) antiflood=$(ynh_app_setting_get --app=$app --key=antiflood) delay=$(ynh_app_setting_get --app=$app --key=delay) +skipped_uris=$(ynh_app_setting_get --app=$app --key=skipped_uris) + #================================================= # CHECK VERSION #================================================= @@ -46,13 +47,9 @@ upgrade_type=$(ynh_check_app_version_changed) #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=2 -# Fix is_public as a boolean -if [ "$is_public" = "Yes" ]; then - ynh_app_setting_set --app=$app --key=is_public --value=1 - is_public=1 -elif [ "$is_public" = "No" ]; then - ynh_app_setting_set --app=$app --key=is_public --value=0 - is_public=0 +if [ ! -z "$skipped_uris" ]; then + ynh_app_setting_delete --app=$app --key=skipped_uris + ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" fi # if final_path isn't set, which can happens with old scripts, set final_path. @@ -206,6 +203,13 @@ then fi fi +#================================================= +# SETUP HOOKS FILE +#================================================= + +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_app_addaccess" +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_app_removeaccess" + #================================================= # SETUP SYSTEMD #================================================= @@ -256,16 +260,9 @@ chown $app -R /var/log/$app #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." +ynh_script_progression --message="Upgrading permission..." -ynh_app_setting_set --app=$app --key=skipped_uris --value="/" -if [ $is_public -eq 0 ] -then - # If the app is private, viewing images stays publicly accessible. - # Modify the domain to be used in a regex - domain_regex=$(echo "$domain" | sed 's@-@.@g') - ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" -fi +ynh_permission_url --permission="main" #================================================= # RELOAD NGINX From d3b4829d7cec57497eabec00996149d7a44ee4a9 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Tue, 11 Feb 2020 15:59:59 +0700 Subject: [PATCH 02/13] Use a new permission to allow visitors --- hooks/post_app_addaccess | 10 ++++++++-- hooks/post_app_removeaccess | 16 +++++++++++----- scripts/change_url | 3 +-- scripts/install | 8 +++++--- scripts/upgrade | 11 +++++++++-- 5 files changed, 34 insertions(+), 14 deletions(-) diff --git a/hooks/post_app_addaccess b/hooks/post_app_addaccess index ab21465..47fed69 100644 --- a/hooks/post_app_addaccess +++ b/hooks/post_app_addaccess @@ -9,7 +9,13 @@ permission=$3 added_groups=$4 if [ "$app" == __APP__ ]; then - if [ "$added_groups" = "visitors" ]; then - ynh_app_setting_delete --app=$app --key=protected_regex + if [ "$permission" = "upload images" ]; then + if [ "$added_groups" = "visitors" ]; then + ynh_app_setting_delete --app=$app --key=protected_regex + + yunohost app ssowatconf + else + ynh_print_warn --message="This app doesn't support this authorisation, you can only add or remove visitors group." + fi fi fi \ No newline at end of file diff --git a/hooks/post_app_removeaccess b/hooks/post_app_removeaccess index dbeb996..d78cd20 100644 --- a/hooks/post_app_removeaccess +++ b/hooks/post_app_removeaccess @@ -9,10 +9,16 @@ permission=$3 removed_groups=$4 if [ "$app" == __APP__ ]; then - if [ "$removed_groups" = "visitors" ]; then - domain=$(ynh_app_setting_get --app=$app --key=domain) - path_url=$(ynh_app_setting_get --app=$app --key=path) - domain_regex=$(echo "$domain" | sed 's@-@.@g') - ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" + if [ "$permission" = "upload images" ]; then + if [ "$removed_groups" = "visitors" ]; then + domain=$(ynh_app_setting_get --app=$app --key=domain) + path_url=$(ynh_app_setting_get --app=$app --key=path) + domain_regex=$(echo "$domain" | sed 's@-@.@g') + ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" + + yunohost app ssowatconf + else + ynh_print_warn --message="This app doesn't support this authorisation, you can only add or remove visitors group." + fi fi fi \ No newline at end of file diff --git a/scripts/change_url b/scripts/change_url index 701a082..d107825 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -27,7 +27,6 @@ app=$YNH_APP_INSTANCE_NAME ynh_script_progression --message="Loading installation settings..." --weight=2 final_path=$(ynh_app_setting_get --app=$app --key=final_path) -is_public=$(ynh_app_setting_get --app=$app --key=is_public) port=$(ynh_app_setting_get --app=$app --key=port) #================================================= @@ -122,7 +121,7 @@ fi #================================================= ynh_script_progression --message="Reconfiguring SSOwat..." -if [ $is_public -eq 0 ] +if [ ! -z $(ynh_app_setting_get --app=$app --key=protected_regex) ] # Only user with a yunohost account can upload an image then # If the app is private, viewing images stays publicly accessible. if [ "$new_path" == "/" ]; then diff --git a/scripts/install b/scripts/install index 0dd291a..0883271 100644 --- a/scripts/install +++ b/scripts/install @@ -198,11 +198,11 @@ yunohost service add $app --log $final_path/log/production.log #================================================= ynh_script_progression --message="Configuring SSOwat..." -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" +ynh_permission_update --permission="main" --add="visitors" -ynh_permission_url --permission="main" +ynh_permission_create --permission="upload images" --allowed="visitors" -if [ $fis_public -eq 0 ] +if [ $is_public -eq 0 ] then # If the app is private, viewing images stays publicly accessible. if [ "$path_url" == "/" ]; then @@ -212,6 +212,8 @@ then # Modify the domain to be used in a regex domain_regex=$(echo "$domain" | sed 's@-@.@g') ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" + + ynh_permission_update --permission="upload images" --remove="visitors" fi #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 4f78c1f..4782583 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -49,7 +49,6 @@ ynh_script_progression --message="Ensuring downward compatibility..." --weight=2 if [ ! -z "$skipped_uris" ]; then ynh_app_setting_delete --app=$app --key=skipped_uris - ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" fi # if final_path isn't set, which can happens with old scripts, set final_path. @@ -262,7 +261,15 @@ chown $app -R /var/log/$app #================================================= ynh_script_progression --message="Upgrading permission..." -ynh_permission_url --permission="main" +if ! ynh_permission_exists --permission="upload images" +then + if [ -z $(ynh_app_setting_get --app=$app --key=protected_regex) ] # Everyone can upload image + then + ynh_permission_create --permission="upload images" --allowed="visitors" + else # Only user with a yunohost account can upload an image + ynh_permission_create --permission="upload images" --allowed="all_users" + fi +fi #================================================= # RELOAD NGINX From 5f9bc5b2c80981466256b6f9bcd1fe022391e75c Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 12 Feb 2020 18:15:20 +0700 Subject: [PATCH 03/13] keep is_public for readability --- hooks/post_app_addaccess | 1 + hooks/post_app_removeaccess | 1 + scripts/change_url | 3 ++- scripts/install | 1 + scripts/upgrade | 12 +++++++++++- 5 files changed, 16 insertions(+), 2 deletions(-) diff --git a/hooks/post_app_addaccess b/hooks/post_app_addaccess index 47fed69..a9ca384 100644 --- a/hooks/post_app_addaccess +++ b/hooks/post_app_addaccess @@ -12,6 +12,7 @@ if [ "$app" == __APP__ ]; then if [ "$permission" = "upload images" ]; then if [ "$added_groups" = "visitors" ]; then ynh_app_setting_delete --app=$app --key=protected_regex + ynh_app_setting_set --app=$app --key=is_public --value=1 yunohost app ssowatconf else diff --git a/hooks/post_app_removeaccess b/hooks/post_app_removeaccess index d78cd20..8c4a928 100644 --- a/hooks/post_app_removeaccess +++ b/hooks/post_app_removeaccess @@ -15,6 +15,7 @@ if [ "$app" == __APP__ ]; then path_url=$(ynh_app_setting_get --app=$app --key=path) domain_regex=$(echo "$domain" | sed 's@-@.@g') ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" + ynh_app_setting_set --app=$app --key=is_public --value=0 yunohost app ssowatconf else diff --git a/scripts/change_url b/scripts/change_url index d107825..9fdfded 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -27,6 +27,7 @@ app=$YNH_APP_INSTANCE_NAME ynh_script_progression --message="Loading installation settings..." --weight=2 final_path=$(ynh_app_setting_get --app=$app --key=final_path) +is_public=$(ynh_app_setting_get --app=$app --key=is_public) port=$(ynh_app_setting_get --app=$app --key=port) #================================================= @@ -121,7 +122,7 @@ fi #================================================= ynh_script_progression --message="Reconfiguring SSOwat..." -if [ ! -z $(ynh_app_setting_get --app=$app --key=protected_regex) ] # Only user with a yunohost account can upload an image +if [ $is_public -eq 0 ] # Only user with a yunohost account can upload an image then # If the app is private, viewing images stays publicly accessible. if [ "$new_path" == "/" ]; then diff --git a/scripts/install b/scripts/install index 0883271..15d8a39 100644 --- a/scripts/install +++ b/scripts/install @@ -49,6 +49,7 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url ynh_script_progression --message="Storing installation settings..." --weight=2 ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=is_public --value=$is_public ynh_app_setting_set --app=$app --key=always_encrypt --value=$always_encrypt ynh_app_setting_set --app=$app --key=overwrite_settings --value=1 diff --git a/scripts/upgrade b/scripts/upgrade index 4782583..33835d8 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,6 +20,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) +is_public=$(ynh_app_setting_get --app=$app --key=is_public) port=$(ynh_app_setting_get --app=$app --key=port) always_encrypt=$(ynh_app_setting_get --app=$app --key=always_encrypt) final_path=$(ynh_app_setting_get --app=$app --key=final_path) @@ -47,6 +48,15 @@ upgrade_type=$(ynh_check_app_version_changed) #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=2 +# Fix is_public as a boolean +if [ "$is_public" = "Yes" ]; then + ynh_app_setting_set --app=$app --key=is_public --value=1 + is_public=1 +elif [ "$is_public" = "No" ]; then + ynh_app_setting_set --app=$app --key=is_public --value=0 + is_public=0 +fi + if [ ! -z "$skipped_uris" ]; then ynh_app_setting_delete --app=$app --key=skipped_uris fi @@ -263,7 +273,7 @@ ynh_script_progression --message="Upgrading permission..." if ! ynh_permission_exists --permission="upload images" then - if [ -z $(ynh_app_setting_get --app=$app --key=protected_regex) ] # Everyone can upload image + if [ $is_public -eq 1 ] # Everyone can upload image then ynh_permission_create --permission="upload images" --allowed="visitors" else # Only user with a yunohost account can upload an image From 21a6a7ced635291babcdb835ddbcf16b41e296a7 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 13 Feb 2020 22:14:56 +0700 Subject: [PATCH 04/13] Add comments and bug fixing --- hooks/post_app_addaccess | 8 +++++-- hooks/post_app_removeaccess | 13 +++++++++-- scripts/install | 4 ++++ scripts/upgrade | 44 +++++++++++++++++++++++-------------- 4 files changed, 48 insertions(+), 21 deletions(-) diff --git a/hooks/post_app_addaccess b/hooks/post_app_addaccess index a9ca384..2218b35 100644 --- a/hooks/post_app_addaccess +++ b/hooks/post_app_addaccess @@ -9,9 +9,13 @@ permission=$3 added_groups=$4 if [ "$app" == __APP__ ]; then - if [ "$permission" = "upload images" ]; then - if [ "$added_groups" = "visitors" ]; then + if [ "$permission" = "upload images" ]; then # The fake permission "upload images" is modifed. + if [ "$added_groups" = "visitors" ]; then # As is it a fake permission we can only grant/remove the "visitors" group. + + # We remove the regex, no more protection is needed. ynh_app_setting_delete --app=$app --key=protected_regex + + # Sync the is_public variable according to the permission ynh_app_setting_set --app=$app --key=is_public --value=1 yunohost app ssowatconf diff --git a/hooks/post_app_removeaccess b/hooks/post_app_removeaccess index 8c4a928..d0ca2f7 100644 --- a/hooks/post_app_removeaccess +++ b/hooks/post_app_removeaccess @@ -9,12 +9,21 @@ permission=$3 removed_groups=$4 if [ "$app" == __APP__ ]; then - if [ "$permission" = "upload images" ]; then - if [ "$removed_groups" = "visitors" ]; then + if [ "$permission" = "upload images" ]; then # The fake permission "upload images" is modifed. + if [ "$removed_groups" = "visitors" ]; then # As is it a fake permission we can only grant/remove the "visitors" group. domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) + + # If the app is private, viewing images stays publicly accessible. + if [ "$path_url" == "/" ]; then + # If the path is /, clear it to prevent any error with the regex. + path_url="" + fi + # Modify the domain to be used in a regex domain_regex=$(echo "$domain" | sed 's@-@.@g') ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" + + # Sync the is_public variable according to the permission ynh_app_setting_set --app=$app --key=is_public --value=0 yunohost app ssowatconf diff --git a/scripts/install b/scripts/install index 15d8a39..602a0a4 100644 --- a/scripts/install +++ b/scripts/install @@ -201,6 +201,9 @@ ynh_script_progression --message="Configuring SSOwat..." ynh_permission_update --permission="main" --add="visitors" +# This is a fake permission without any URL. +# The purpose of this permission is only to trigger hooks post_app_add/removeaccess when it's modified. +# We can't use a real permission for now because the actual permision system doesn't support regex. ynh_permission_create --permission="upload images" --allowed="visitors" if [ $is_public -eq 0 ] @@ -214,6 +217,7 @@ then domain_regex=$(echo "$domain" | sed 's@-@.@g') ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" + # If the app is not public, then the "visitors" group doesn't have this permission ynh_permission_update --permission="upload images" --remove="visitors" fi diff --git a/scripts/upgrade b/scripts/upgrade index 33835d8..f0526a4 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -35,8 +35,6 @@ admin_mail_html=$(ynh_app_setting_get --app=$app --key=admin_mail_html) antiflood=$(ynh_app_setting_get --app=$app --key=antiflood) delay=$(ynh_app_setting_get --app=$app --key=delay) -skipped_uris=$(ynh_app_setting_get --app=$app --key=skipped_uris) - #================================================= # CHECK VERSION #================================================= @@ -57,10 +55,37 @@ elif [ "$is_public" = "No" ]; then is_public=0 fi +skipped_uris=$(ynh_app_setting_get --app=$app --key=skipped_uris) + +# Unused with the permission system if [ ! -z "$skipped_uris" ]; then ynh_app_setting_delete --app=$app --key=skipped_uris fi +# Create the permission "upload images" only if it doesn't exist. +if ! ynh_permission_exists --permission="upload images" +then + # This is a fake permission without any URL. + # The purpose of this permission is only to trigger hooks post_app_add/removeaccess when it's modified. + # We can't use a real permission for now because the actual permision system doesn't support regex. + ynh_permission_create --permission="upload images" --allowed="visitors" + + if [ $is_public -eq 0 ] + then + # If the app is private, viewing images stays publicly accessible. + if [ "$path_url" == "/" ]; then + # If the path is /, clear it to prevent any error with the regex. + path_url="" + fi + # Modify the domain to be used in a regex + domain_regex=$(echo "$domain" | sed 's@-@.@g') + ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" + + # If the app is not public, then the "visitors" group doesn't have this permission + ynh_permission_update --permission="upload images" --remove="visitors" + fi +fi + # if final_path isn't set, which can happens with old scripts, set final_path. if [ -z "$final_path" ]; then final_path=/var/www/$app @@ -266,21 +291,6 @@ ynh_script_progression --message="Upgrading logrotate configuration..." ynh_use_logrotate --non-append chown $app -R /var/log/$app -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Upgrading permission..." - -if ! ynh_permission_exists --permission="upload images" -then - if [ $is_public -eq 1 ] # Everyone can upload image - then - ynh_permission_create --permission="upload images" --allowed="visitors" - else # Only user with a yunohost account can upload an image - ynh_permission_create --permission="upload images" --allowed="all_users" - fi -fi - #================================================= # RELOAD NGINX #================================================= From 3952aec54985c65d07653409663de829fdb2f591 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 13 Feb 2020 22:16:33 +0700 Subject: [PATCH 05/13] Remove public_private action/config --- actions.toml | 12 ----- config_panel.toml | 8 ---- scripts/actions/public_private | 83 ---------------------------------- scripts/config | 14 ------ 4 files changed, 117 deletions(-) delete mode 100755 scripts/actions/public_private diff --git a/actions.toml b/actions.toml index fdbb619..9b10324 100644 --- a/actions.toml +++ b/actions.toml @@ -21,15 +21,3 @@ name = "Reset the config file and restore a default one." command = "/bin/bash scripts/actions/reset_default_config \"lutim.conf\"" accepted_return_codes = [0] description = "Reset the config file lutim.conf." - -[public_private] -name = "Move to public or private" -command = "/bin/bash scripts/actions/public_private" -accepted_return_codes = [0] -description = "Change the public access of the app." - - [public_private.arguments] - [public_private.arguments.is_public] - type = "boolean" - ask = "Is it a public app ?" - default = true diff --git a/config_panel.toml b/config_panel.toml index 34b1565..2dc90df 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -24,14 +24,6 @@ name = "Lutim configuration" default = "Year" help = "Users won't be able to ask Lutim to download images more than one per anti_flood_delay seconds." - [main.is_public] - name = "Public access" - - [main.is_public.is_public] - ask = "Is it a public website?" - type = "boolean" - default = true - [main.overwrite_files] name = "Overwriting config files" diff --git a/scripts/actions/public_private b/scripts/actions/public_private deleted file mode 100755 index 1d166c3..0000000 --- a/scripts/actions/public_private +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash - -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - -source scripts/_common.sh -source /usr/share/yunohost/helpers - -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -# Get is_public -is_public=${YNH_ACTION_IS_PUBLIC} - -app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) - -#================================================= -# CHECK IF ARGUMENTS ARE CORRECT -#================================================= - -#================================================= -# CHECK IF AN ACTION HAS TO BE DONE -#================================================= - -is_public_old=$(ynh_app_setting_get --app=$app --key=is_public) - -if [ $is_public -eq $is_public_old ] -then - ynh_die --message="is_public is already set as $is_public." --ret_code=0 -fi - -#================================================= -# SPECIFIC ACTION -#================================================= -# MOVE TO PUBLIC OR PRIVATE -#================================================= - -if [ $is_public -eq 0 ]; then - public_private="private" -else - public_private="public" -fi -ynh_script_progression --message="Moving the application to $public_private..." --weight=3 - -if [ $is_public -eq 0 ] -then - # If the app is private, viewing images stays publicly accessible. - if [ "$path_url" == "/" ]; then - # If the path is /, clear it to prevent any error with the regex. - path_url="" - fi - # Modify the domain to be used in a regex - domain_regex=$(echo "$domain" | sed 's@-@.@g') - ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" -else - ynh_app_setting_delete --app=$app --key=protected_regex -fi - -ynh_script_progression --message="Upgrading SSOwat configuration..." -# Regen ssowat configuration -yunohost app ssowatconf - -# Update the config of the app -ynh_app_setting_set --app=$app --key=is_public --value=$is_public - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading nginx web server..." - -ynh_systemd_action --service_name=nginx --action=reload - -#================================================= -# END OF SCRIPT -#================================================= - -ynh_script_progression --message="Execution completed" --last diff --git a/scripts/config b/scripts/config index 6525edb..eef76b6 100644 --- a/scripts/config +++ b/scripts/config @@ -61,10 +61,6 @@ else fi delay="${YNH_CONFIG_MAIN_CONFIGURATION_DELAY:-$old_delay}" -# is_public -old_is_public="$(ynh_app_setting_get --app=$app --key=is_public)" -is_public="${YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC:-$old_is_public}" - # Overwrite settings.json file old_overwrite_settings="$(ynh_app_setting_get --app=$app --key=overwrite_settings)" overwrite_settings="${YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SETTINGS:-$old_overwrite_settings}" @@ -93,8 +89,6 @@ show_config() { ynh_return "YNH_CONFIG_MAIN_CONFIGURATION_ANTIFLOOD=$antiflood" ynh_return "YNH_CONFIG_MAIN_CONFIGURATION_DELAY=$delay" - ynh_return "YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC=$is_public" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SETTINGS=$overwrite_settings" ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx" ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SYSTEMD=$overwrite_systemd" @@ -154,14 +148,6 @@ apply_config() { ynh_systemd_action --action=restart --line_match="Manager.*started" --log_path="/var/log/$app/production.log" --timeout="120" fi - # Change public accessibility - if [ "$is_public" = "true" ] - then - yunohost app action run $app public_private --args is_public=1 - else - yunohost app action run $app public_private --args is_public=0 - fi - # Set overwrite_settings ynh_app_setting_set --app=$app --key=overwrite_settings --value="$overwrite_settings" # Set overwrite_nginx From a799e219cd9c40c17c746a0ff6f80c92f86c921e Mon Sep 17 00:00:00 2001 From: maniack Date: Sat, 14 Mar 2020 20:18:45 +0100 Subject: [PATCH 06/13] Fix config-panel --- scripts/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/config b/scripts/config index 6525edb..20f6c6b 100644 --- a/scripts/config +++ b/scripts/config @@ -155,7 +155,7 @@ apply_config() { fi # Change public accessibility - if [ "$is_public" = "true" ] + if [ "$is_public" = "1" ] then yunohost app action run $app public_private --args is_public=1 else From 075918a2537bc455ed405cc022ba53cc5a386a3d Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 27 Mar 2020 12:29:46 +0100 Subject: [PATCH 07/13] Requirement to 3.7 --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 9d761d2..9cf852d 100644 --- a/manifest.json +++ b/manifest.json @@ -14,7 +14,7 @@ "email": "maniackc_dev@crudelis.fr" }, "requirements": { - "yunohost": ">= 3.5" + "yunohost": ">= 3.7" }, "multi_instance": false, "services": [ From 4e28257f0550378297789c77a5354b004100f5ae Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 24 Apr 2020 19:50:15 +0200 Subject: [PATCH 08/13] Add new badges --- README.md | 6 +++--- README_fr.md | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index b9c070f..b9d2ec3 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Lutim for YunoHost -[![Integration level](https://dash.yunohost.org/integration/lutim.svg)](https://dash.yunohost.org/appci/app/lutim) +[![Integration level](https://dash.yunohost.org/integration/lutim.svg)](https://dash.yunohost.org/appci/app/lutim) ![](https://ci-apps.yunohost.org/ci/badges/lutim.status.svg) [![](https://ci-apps.yunohost.org/ci/badges/lutim.maintain.svg)](https://github.com/YunoHost/Apps/#what-to-do-if-i-cant-maintain-my-app-anymore-) [![Install Lutim with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=lutim) *[Lire ce readme en français.](./README_fr.md)* @@ -41,7 +41,7 @@ Not relevant. * x86-64b - [![](https://ci-apps.yunohost.org/ci/logs/lutim%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/lutim/) * ARMv8-A - [![](https://ci-apps-arm.yunohost.org/ci/logs/lutim%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/lutim/) -* Jessie x86-64b - [![](https://ci-stretch.nohost.me/ci/logs/lutim%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/lutim/) +* Buster x86-64b - [![](https://ci-buster.nohost.me/ci/logs/lutim%20%28Apps%29.svg)](https://ci-buster.nohost.me/ci/apps/lutim/) ## Limitations @@ -63,7 +63,7 @@ Please do your pull request to the [testing branch](https://github.com/YunoHost- To try the testing branch, please proceed like that. ``` -sudo yunohost app install https://github.com/YunoHost-Apps/lutim_ynh/tree/testing --debug +sudo yunohost app install https://github.com/YunoHost-Apps/lutim_ynh/tree/testing --force --debug or sudo yunohost app upgrade lutim -u https://github.com/YunoHost-Apps/lutim_ynh/tree/testing --debug ``` diff --git a/README_fr.md b/README_fr.md index b9816ae..6e4cda1 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,6 +1,6 @@ # Lutim pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/lutim.svg)](https://dash.yunohost.org/appci/app/lutim) +[![Niveau d'intégration](https://dash.yunohost.org/integration/lutim.svg)](https://dash.yunohost.org/appci/app/lutim) ![](https://ci-apps.yunohost.org/ci/badges/lutim.status.svg) [![](https://ci-apps.yunohost.org/ci/badges/lutim.maintain.svg)](https://github.com/YunoHost/Apps/#what-to-do-if-i-cant-maintain-my-app-anymore-) [![Installer Lutim avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=lutim) *[Read this readme in english.](./README.md)* @@ -41,7 +41,7 @@ Non applicable. * x86-64b - [![](https://ci-apps.yunohost.org/ci/logs/lutim%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/lutim/) * ARMv8-A - [![](https://ci-apps-arm.yunohost.org/ci/logs/lutim%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/lutim/) -* Jessie x86-64b - [![](https://ci-stretch.nohost.me/ci/logs/lutim%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/lutim/) +* Buster x86-64b - [![](https://ci-buster.nohost.me/ci/logs/lutim%20%28Apps%29.svg)](https://ci-buster.nohost.me/ci/apps/lutim/) ## Limitations @@ -63,7 +63,7 @@ Merci de faire vos pull request sur la [branche testing](https://github.com/Yuno Pour tester la branche testing, merci de procéder ainsi. ``` -sudo yunohost app install https://github.com/YunoHost-Apps/lutim_ynh/tree/testing --debug +sudo yunohost app install https://github.com/YunoHost-Apps/lutim_ynh/tree/testing --force --debug ou sudo yunohost app upgrade lutim -u https://github.com/YunoHost-Apps/lutim_ynh/tree/testing --debug ``` From a934b7369842dfbdc45e7c1dfdf3483276d4c755 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 24 Apr 2020 19:59:27 +0200 Subject: [PATCH 09/13] Indentation --- check_process | 42 ++++---- conf/nginx.conf | 40 ++++---- manifest.json | 124 +++++++++++------------ scripts/actions/reset_default_config | 18 ++-- scripts/change_url | 44 ++++---- scripts/config | 38 +++---- scripts/install | 22 ++-- scripts/restore | 6 +- scripts/upgrade | 144 +++++++++++++-------------- 9 files changed, 239 insertions(+), 239 deletions(-) diff --git a/check_process b/check_process index d6cc2f0..e6201ea 100644 --- a/check_process +++ b/check_process @@ -1,22 +1,22 @@ ;; Test complet - ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - is_public=1 (PUBLIC|public=1|private=0) - always_encrypt=1 - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - upgrade=1 from_commit=4c29aa94f9d9048411c6e165e122e03574fb9b8d - backup_restore=1 - multi_instance=0 - port_already_use=1 (8095) - change_url=1 + ; Manifest + domain="domain.tld" (DOMAIN) + path="/path" (PATH) + is_public=1 (PUBLIC|public=1|private=0) + always_encrypt=1 + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_nourl=0 + setup_private=1 + setup_public=1 + upgrade=1 + upgrade=1 from_commit=4c29aa94f9d9048411c6e165e122e03574fb9b8d + backup_restore=1 + multi_instance=0 + port_already_use=1 (8095) + change_url=1 ;;; Levels # Level 5: https://github.com/YunoHost/package_linter/issues/36 Level 5=1 @@ -24,6 +24,6 @@ Email= Notification=down ;;; Upgrade options - ; commit=4c29aa94f9d9048411c6e165e122e03574fb9b8d - name=08 Sep 2017 4c29aa94f9d9048411c6e165e122e03574fb9b8d - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1&always_encrypt=1& + ; commit=4c29aa94f9d9048411c6e165e122e03574fb9b8d + name=08 Sep 2017 4c29aa94f9d9048411c6e165e122e03574fb9b8d + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1&always_encrypt=1& diff --git a/conf/nginx.conf b/conf/nginx.conf index 78fb128..4f77ee9 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,30 +1,30 @@ location __PATH__ { - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } + # Force usage of https + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; - # This is important for user's privacy ! - access_log off; - error_log /var/log/nginx/lutim.error.log; + # This is important for user's privacy ! + access_log off; + error_log /var/log/nginx/lutim.error.log; - # This is important ! Make it OK with your Lutim configuration - client_max_body_size 40M; + # This is important ! Make it OK with your Lutim configuration + client_max_body_size 40M; - proxy_pass http://127.0.0.1:__PORT__; + proxy_pass http://127.0.0.1:__PORT__; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # Lutim reads this header and understands that the current session is actually HTTPS. - # Enable it if you run a HTTPS server (in this case, don't forgot to change the listen port - proxy_set_header X-Forwarded-Proto https; + # Lutim reads this header and understands that the current session is actually HTTPS. + # Enable it if you run a HTTPS server (in this case, don't forgot to change the listen port + proxy_set_header X-Forwarded-Proto https; - # We expect the downsteam servers to redirect to the right hostname, so don't do any rewrite - proxy_redirect off; + # We expect the downsteam servers to redirect to the right hostname, so don't do any rewrite + proxy_redirect off; } diff --git a/manifest.json b/manifest.json index 9cf852d..cc0267a 100644 --- a/manifest.json +++ b/manifest.json @@ -1,64 +1,64 @@ { - "name": "Lutim", - "id": "lutim", - "packaging_format": 1, - "description": { - "en": "Self hosting images and sharing anonymous application", - "fr": "Application d'hébergement et de partage d'images anonyme" - }, - "version": "0.11.6~ynh3", - "url": "https://lut.im", - "license": "AGPL-3.0", - "maintainer": { - "name": "Maniack Crudelis et matlink", - "email": "maniackc_dev@crudelis.fr" - }, - "requirements": { - "yunohost": ">= 3.7" - }, - "multi_instance": false, - "services": [ - "nginx" - ], - "arguments": { - "install" : [ - { - "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain for Lutim", - "fr": "Choisissez un domaine pour Lutim" - }, - "example": "domain.org" - }, - { - "name": "path", - "type": "path", - "ask": { - "en": "Choose a path for Lutim", - "fr": "Choisissez un chemin pour Lutim" - }, - "example": "/lutim", - "default": "/lutim" - }, - { - "name": "is_public", - "type": "boolean", - "ask": { - "en": "Uploading images is it public?", - "fr": "L'upload des images est-il public ?" - }, - "default": false - }, - { - "name": "always_encrypt", - "type": "boolean", - "ask": { - "en": "Force the encryption of images?", - "fr": "Forcer le chiffrement des images ?" - }, - "default": true - } - ] - } + "name": "Lutim", + "id": "lutim", + "packaging_format": 1, + "description": { + "en": "Self hosting images and sharing anonymous application", + "fr": "Application d'hébergement et de partage d'images anonyme" + }, + "version": "0.11.6~ynh3", + "url": "https://lut.im", + "license": "AGPL-3.0", + "maintainer": { + "name": "Maniack Crudelis et matlink", + "email": "maniackc_dev@crudelis.fr" + }, + "requirements": { + "yunohost": ">= 3.7" + }, + "multi_instance": false, + "services": [ + "nginx" + ], + "arguments": { + "install" : [ + { + "name": "domain", + "type": "domain", + "ask": { + "en": "Choose a domain for Lutim", + "fr": "Choisissez un domaine pour Lutim" + }, + "example": "domain.org" + }, + { + "name": "path", + "type": "path", + "ask": { + "en": "Choose a path for Lutim", + "fr": "Choisissez un chemin pour Lutim" + }, + "example": "/lutim", + "default": "/lutim" + }, + { + "name": "is_public", + "type": "boolean", + "ask": { + "en": "Uploading images is it public?", + "fr": "L'upload des images est-il public ?" + }, + "default": false, + }, + { + "name": "always_encrypt", + "type": "boolean", + "ask": { + "en": "Force the encryption of images?", + "fr": "Forcer le chiffrement des images ?" + }, + "default": true + } + ] + } } diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index d68db89..7526268 100755 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -28,7 +28,7 @@ secret=$(ynh_app_setting_get --app=$app --key=secret) file="$1" if [ "$file" = "lutim.conf" ]; then - config_file="$final_path/lutim.conf" + config_file="$final_path/lutim.conf" fi #================================================= @@ -43,15 +43,15 @@ ynh_backup_if_checksum_is_different --file="$config_file" if [ "$file" = "lutim.conf" ] then - # Get the default file and overwrite the current config - cp /etc/yunohost/apps/$app/conf/lutim.conf.template "$config_file" + # Get the default file and overwrite the current config + cp /etc/yunohost/apps/$app/conf/lutim.conf.template "$config_file" - # Recreate the default config - ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config_file" - ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$config_file" - ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config_file" - ynh_replace_string --match_string="__ENCRYPT__" --replace_string="$always_encrypt" --target_file="$config_file" - ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$config_file" + # Recreate the default config + ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config_file" + ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$config_file" + ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config_file" + ynh_replace_string --match_string="__ENCRYPT__" --replace_string="$always_encrypt" --target_file="$config_file" + ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$config_file" # Set the number of process for Lutim to twice the number of CPU core. ynh_replace_string --match_string="__WORKERS__" --replace_string="$(( $(nproc) * 2 ))" --target_file="$final_path/lutim.conf" fi diff --git a/scripts/change_url b/scripts/change_url index 9fdfded..369918d 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -63,13 +63,13 @@ ynh_maintenance_mode_ON change_domain=0 if [ "$old_domain" != "$new_domain" ] then - change_domain=1 + change_domain=1 fi change_path=0 if [ "$old_path" != "$new_path" ] then - change_path=1 + change_path=1 fi #================================================= @@ -95,26 +95,26 @@ nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf # Change the path in the nginx config file if [ $change_path -eq 1 ] then - # Make a backup of the original nginx config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Make a backup of the original nginx config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for nginx helper - domain="$old_domain" - path_url="$new_path" + # Set global variables for nginx helper + domain="$old_domain" + path_url="$new_path" - # Create a dedicated nginx config - ynh_add_nginx_config + # Create a dedicated nginx config + ynh_add_nginx_config fi # Change the domain for nginx if [ $change_domain -eq 1 ] then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi #================================================= @@ -124,14 +124,14 @@ ynh_script_progression --message="Reconfiguring SSOwat..." if [ $is_public -eq 0 ] # Only user with a yunohost account can upload an image then - # If the app is private, viewing images stays publicly accessible. - if [ "$new_path" == "/" ]; then - # If the path is /, clear it to prevent any error with the regex. - new_path="" - fi - # Modify the domain to be used in a regex - domain_regex=$(echo "$new_domain" | sed 's@-@.@g') - ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$new_path/stats/?$","$domain_regex$new_path/manifest.webapp/?$","$domain_regex$new_path/?$","$domain_regex$new_path/[d-m]/.*$" + # If the app is private, viewing images stays publicly accessible. + if [ "$new_path" == "/" ]; then + # If the path is /, clear it to prevent any error with the regex. + new_path="" + fi + # Modify the domain to be used in a regex + domain_regex=$(echo "$new_domain" | sed 's@-@.@g') + ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$new_path/stats/?$","$domain_regex$new_path/manifest.webapp/?$","$domain_regex$new_path/?$","$domain_regex$new_path/[d-m]/.*$" fi #================================================= diff --git a/scripts/config b/scripts/config index eef76b6..8162129 100644 --- a/scripts/config +++ b/scripts/config @@ -26,9 +26,9 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) config_file="$final_path/lutim.conf" get_config_value() { - option_name="$1" - # Get the value of this option in the config file - grep "$option_name *=>" "$config_file" | cut -d'>' -f2 | sed s'/ //g' | cut -d',' -f1 + option_name="$1" + # Get the value of this option in the config file + grep "$option_name *=>" "$config_file" | cut -d'>' -f2 | sed s'/ //g' | cut -d',' -f1 } #================================================= @@ -49,15 +49,15 @@ antiflood="${YNH_CONFIG_MAIN_CONFIGURATION_ANTIFLOOD:-$old_antiflood}" # delay old_delay="$(get_config_value default_delay)" if [ $old_delay -eq 0 ]; then - old_delay=None + old_delay=None elif [ $old_delay -eq 1 ]; then - old_delay=Day + old_delay=Day elif [ $old_delay -eq 7 ]; then - old_delay=Week + old_delay=Week elif [ $old_delay -eq 30 ]; then - old_delay=Month + old_delay=Month else - old_delay=Year + old_delay=Year fi delay="${YNH_CONFIG_MAIN_CONFIGURATION_DELAY:-$old_delay}" @@ -82,18 +82,18 @@ admin_mail_html="${YNH_CONFIG_MAIN_GLOBAL_CONFIG_EMAIL_TYPE:-$old_admin_mail_htm #================================================= show_config() { - # here you are supposed to read some config file/database/other then print the values - # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" + # here you are supposed to read some config file/database/other then print the values + # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" - ynh_return "YNH_CONFIG_MAIN_CONFIGURATION_ALWAYS_ENCRYPT=$always_encrypt" - ynh_return "YNH_CONFIG_MAIN_CONFIGURATION_ANTIFLOOD=$antiflood" - ynh_return "YNH_CONFIG_MAIN_CONFIGURATION_DELAY=$delay" + ynh_return "YNH_CONFIG_MAIN_CONFIGURATION_ALWAYS_ENCRYPT=$always_encrypt" + ynh_return "YNH_CONFIG_MAIN_CONFIGURATION_ANTIFLOOD=$antiflood" + ynh_return "YNH_CONFIG_MAIN_CONFIGURATION_DELAY=$delay" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SETTINGS=$overwrite_settings" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SYSTEMD=$overwrite_systemd" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SETTINGS=$overwrite_settings" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SYSTEMD=$overwrite_systemd" - ynh_return "YNH_CONFIG_MAIN_GLOBAL_CONFIG_EMAIL_TYPE=$admin_mail_html" + ynh_return "YNH_CONFIG_MAIN_GLOBAL_CONFIG_EMAIL_TYPE=$admin_mail_html" } #================================================= @@ -166,6 +166,6 @@ apply_config() { #================================================= case $1 in - show) show_config;; - apply) apply_config;; + show) show_config;; + apply) apply_config;; esac diff --git a/scripts/install b/scripts/install index 602a0a4..8364344 100644 --- a/scripts/install +++ b/scripts/install @@ -17,7 +17,7 @@ source _variables ynh_clean_setup () { # Clean installation remaining that are not handle by the remove script. - ynh_clean_check_starting + ynh_clean_check_starting } ynh_abort_if_errors @@ -158,7 +158,7 @@ carton install 2>&1 | tee -a "/var/log/$app/setup_carton.log") arch_dir=$(ls -1 $final_path/local/lib/perl5/ | grep linux-gnu) if [ "$?" -ne 0 ] then - ynh_die --message="Unable to find the perl directory for your architecture." + ynh_die --message="Unable to find the perl directory for your architecture." fi ynh_replace_string --match_string="__ARCHDIR__" --replace_string="$arch_dir" --target_file="$final_path/script/lutim" @@ -208,17 +208,17 @@ ynh_permission_create --permission="upload images" --allowed="visitors" if [ $is_public -eq 0 ] then - # If the app is private, viewing images stays publicly accessible. - if [ "$path_url" == "/" ]; then - # If the path is /, clear it to prevent any error with the regex. - path_url="" - fi - # Modify the domain to be used in a regex - domain_regex=$(echo "$domain" | sed 's@-@.@g') + # If the app is private, viewing images stays publicly accessible. + if [ "$path_url" == "/" ]; then + # If the path is /, clear it to prevent any error with the regex. + path_url="" + fi + # Modify the domain to be used in a regex + domain_regex=$(echo "$domain" | sed 's@-@.@g') ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" - # If the app is not public, then the "visitors" group doesn't have this permission - ynh_permission_update --permission="upload images" --remove="visitors" + # If the app is not public, then the "visitors" group doesn't have this permission + ynh_permission_update --permission="upload images" --remove="visitors" fi #================================================= diff --git a/scripts/restore b/scripts/restore index f5388e7..170efbc 100644 --- a/scripts/restore +++ b/scripts/restore @@ -17,7 +17,7 @@ source ../settings/scripts/_variables ynh_clean_setup () { # Clean installation remaining that are not handle by the remove script. - ynh_clean_check_starting + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -39,9 +39,9 @@ path_url=$(ynh_app_setting_get --app=$app --key=path) ynh_script_progression --message="Validating restoration parameters..." ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" + || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " + || ynh_die --message="There is already a directory: $final_path " #================================================= # ACTIVATE MAINTENANCE MODE diff --git a/scripts/upgrade b/scripts/upgrade index 425d68e..d16892d 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -48,87 +48,87 @@ ynh_script_progression --message="Ensuring downward compatibility..." --weight=2 # Fix is_public as a boolean if [ "$is_public" = "Yes" ]; then - ynh_app_setting_set --app=$app --key=is_public --value=1 - is_public=1 + ynh_app_setting_set --app=$app --key=is_public --value=1 + is_public=1 elif [ "$is_public" = "No" ]; then - ynh_app_setting_set --app=$app --key=is_public --value=0 - is_public=0 + ynh_app_setting_set --app=$app --key=is_public --value=0 + is_public=0 fi skipped_uris=$(ynh_app_setting_get --app=$app --key=skipped_uris) # Unused with the permission system if [ ! -z "$skipped_uris" ]; then - ynh_app_setting_delete --app=$app --key=skipped_uris + ynh_app_setting_delete --app=$app --key=skipped_uris fi # Create the permission "upload images" only if it doesn't exist. if ! ynh_permission_exists --permission="upload images" then - # This is a fake permission without any URL. - # The purpose of this permission is only to trigger hooks post_app_add/removeaccess when it's modified. - # We can't use a real permission for now because the actual permision system doesn't support regex. - ynh_permission_create --permission="upload images" --allowed="visitors" + # This is a fake permission without any URL. + # The purpose of this permission is only to trigger hooks post_app_add/removeaccess when it's modified. + # We can't use a real permission for now because the actual permision system doesn't support regex. + ynh_permission_create --permission="upload images" --allowed="visitors" - if [ $is_public -eq 0 ] - then - # If the app is private, viewing images stays publicly accessible. - if [ "$path_url" == "/" ]; then - # If the path is /, clear it to prevent any error with the regex. - path_url="" - fi - # Modify the domain to be used in a regex - domain_regex=$(echo "$domain" | sed 's@-@.@g') - ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" + if [ $is_public -eq 0 ] + then + # If the app is private, viewing images stays publicly accessible. + if [ "$path_url" == "/" ]; then + # If the path is /, clear it to prevent any error with the regex. + path_url="" + fi + # Modify the domain to be used in a regex + domain_regex=$(echo "$domain" | sed 's@-@.@g') + ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$" - # If the app is not public, then the "visitors" group doesn't have this permission - ynh_permission_update --permission="upload images" --remove="visitors" - fi + # If the app is not public, then the "visitors" group doesn't have this permission + ynh_permission_update --permission="upload images" --remove="visitors" + fi fi # if final_path isn't set, which can happens with old scripts, set final_path. if [ -z "$final_path" ]; then - final_path=/var/www/$app - ynh_app_setting_set --app=$app --key=final_path --value=$final_path + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi # Fix always_encrypt as a boolean if [ "$always_encrypt" = "Yes" ]; then - ynh_app_setting_set --app=$app --key=always_encrypt --value=1 - always_encrypt=1 + ynh_app_setting_set --app=$app --key=always_encrypt --value=1 + always_encrypt=1 elif [ "$always_encrypt" = "No" ]; then - ynh_app_setting_set --app=$app --key=always_encrypt --value=0 - always_encrypt=0 + ynh_app_setting_set --app=$app --key=always_encrypt --value=0 + always_encrypt=0 fi # If overwrite_settings doesn't exist, create it if [ -z "$overwrite_settings" ]; then - overwrite_settings=1 - ynh_app_setting_set --app=$app --key=overwrite_settings --value=$overwrite_settings + overwrite_settings=1 + ynh_app_setting_set --app=$app --key=overwrite_settings --value=$overwrite_settings fi # If overwrite_nginx doesn't exist, create it if [ -z "$overwrite_nginx" ]; then - overwrite_nginx=1 - ynh_app_setting_set --app=$app --key=overwrite_nginx --value=$overwrite_nginx + overwrite_nginx=1 + ynh_app_setting_set --app=$app --key=overwrite_nginx --value=$overwrite_nginx fi # If overwrite_systemd doesn't exist, create it if [ -z "$overwrite_systemd" ]; then - overwrite_systemd=1 - ynh_app_setting_set --app=$app --key=overwrite_systemd --value=$overwrite_systemd + overwrite_systemd=1 + ynh_app_setting_set --app=$app --key=overwrite_systemd --value=$overwrite_systemd fi # If secret doesn't exist, create it if [ -z "$secret" ]; then - secret=$(grep "secrets *=>" "$final_path/lutim.conf" | cut -d\' -f2) - ynh_app_setting_set --app=$app --key=secret --value=$secret + secret=$(grep "secrets *=>" "$final_path/lutim.conf" | cut -d\' -f2) + ynh_app_setting_set --app=$app --key=secret --value=$secret fi # Close opened port if yunohost firewall list | grep -q "\- $port$" then - ynh_exec_quiet yunohost firewall disallow TCP $port + ynh_exec_quiet yunohost firewall disallow TCP $port fi # Replace skipped_uris by unprotected_uris for the migration to the new permission system. @@ -144,9 +144,9 @@ ynh_script_progression --message="Backing up the app before upgrading (may take ynh_backup_before_upgrade ynh_clean_setup () { # Clean installation remaining that are not handle by the remove script. - ynh_clean_check_starting - # restore it if the upgrade fails - ynh_restore_upgradebackup + ynh_clean_check_starting + # restore it if the upgrade fails + ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -173,9 +173,9 @@ ynh_maintenance_mode_ON if [ "$upgrade_type" == "UPGRADE_APP" ] then - ynh_script_progression --message="Upgrading source files..." - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_script_progression --message="Upgrading source files..." + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" fi #================================================= @@ -192,8 +192,8 @@ ynh_install_app_dependencies $app_depencencies # Overwrite the nginx configuration only if it's allowed if [ $overwrite_nginx -eq 1 ] then - ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2 - ynh_add_nginx_config + ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2 + ynh_add_nginx_config fi #================================================= @@ -214,31 +214,31 @@ ynh_script_progression --message="Reconfigure Lutim" # Overwrite the settings config file only if it's allowed if [ $overwrite_settings -eq 1 ] then - # Configure Lutim - # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. - ynh_backup_if_checksum_is_different --file="$final_path/lutim.conf" - cp ../conf/lutim.conf.template "$final_path/lutim.conf" - ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/lutim.conf" - ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$final_path/lutim.conf" - ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/lutim.conf" - ynh_replace_string --match_string="__ENCRYPT__" --replace_string="$always_encrypt" --target_file="$final_path/lutim.conf" - ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$final_path/lutim.conf" + # Configure Lutim + # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. + ynh_backup_if_checksum_is_different --file="$final_path/lutim.conf" + cp ../conf/lutim.conf.template "$final_path/lutim.conf" + ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/lutim.conf" + ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$final_path/lutim.conf" + ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/lutim.conf" + ynh_replace_string --match_string="__ENCRYPT__" --replace_string="$always_encrypt" --target_file="$final_path/lutim.conf" + ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$final_path/lutim.conf" # Set the number of process for Lutim to twice the number of CPU core. ynh_replace_string --match_string="__WORKERS__" --replace_string="$(( $(nproc) * 2 ))" --target_file="$final_path/lutim.conf" - # Recalculate and store the checksum of the file for the next upgrade. - ynh_store_file_checksum --file="$final_path/lutim.conf" + # Recalculate and store the checksum of the file for the next upgrade. + ynh_store_file_checksum --file="$final_path/lutim.conf" - # Optional parameters from config-panel feature - if [ -n "$antiflood" ]; then - ynh_replace_string --match_string=".*anti_flood_delay *=>.*" --replace_string=" anti_flood_delay => $antiflood," --target_file="$final_path/lutim.conf" - # Disable anti_flood_delay if the delay is 0 - if [ $antiflood = 0 ]; then - ynh_replace_string --match_string="\(anti_flood_delay *=>.*\)" --replace_string="#\1" --target_file="$final_path/lutim.conf" - fi - fi - if [ -n "$delay" ]; then - ynh_replace_string --match_string=".*default_delay *=>.*" --replace_string=" default_delay => $delay," --target_file="$final_path/lutim.conf" - fi + # Optional parameters from config-panel feature + if [ -n "$antiflood" ]; then + ynh_replace_string --match_string=".*anti_flood_delay *=>.*" --replace_string=" anti_flood_delay => $antiflood," --target_file="$final_path/lutim.conf" + # Disable anti_flood_delay if the delay is 0 + if [ $antiflood = 0 ]; then + ynh_replace_string --match_string="\(anti_flood_delay *=>.*\)" --replace_string="#\1" --target_file="$final_path/lutim.conf" + fi + fi + if [ -n "$delay" ]; then + ynh_replace_string --match_string=".*default_delay *=>.*" --replace_string=" default_delay => $delay," --target_file="$final_path/lutim.conf" + fi fi #================================================= @@ -255,8 +255,8 @@ ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_fil # Overwrite the systemd configuration only if it's allowed if [ $overwrite_systemd -eq 1 ] then - ynh_script_progression --message="Upgrading systemd configuration..." --weight=2 - ynh_add_systemd_config + ynh_script_progression --message="Upgrading systemd configuration..." --weight=2 + ynh_add_systemd_config fi #================================================= @@ -273,9 +273,9 @@ ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_fil if [ "$upgrade_type" == "UPGRADE_APP" ] then - ynh_script_progression --message="Upgrading Lutim with carton..." --weight=4 - (cd $final_path - carton install 2>&1 | tee -a "/var/log/$app/setup_carton.log") + ynh_script_progression --message="Upgrading Lutim with carton..." --weight=4 + (cd $final_path + carton install 2>&1 | tee -a "/var/log/$app/setup_carton.log") fi #================================================= From 750ea401950f4e8b3facfa7caa5bc2388b6a4272 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 24 Apr 2020 20:16:33 +0200 Subject: [PATCH 10/13] Misc upgrade --- check_process | 5 +- manifest.json | 3 + scripts/actions/check_quota | 9 ++- scripts/actions/clean_images | 9 ++- scripts/actions/clean_ip | 9 ++- scripts/actions/reset_default_config | 14 +++- scripts/change_url | 21 ++--- scripts/config | 117 +++++++++++++++------------ scripts/install | 7 +- scripts/remove | 2 +- scripts/restore | 5 +- scripts/upgrade | 7 +- 12 files changed, 126 insertions(+), 82 deletions(-) diff --git a/check_process b/check_process index e6201ea..44f262b 100644 --- a/check_process +++ b/check_process @@ -18,11 +18,10 @@ port_already_use=1 (8095) change_url=1 ;;; Levels -# Level 5: https://github.com/YunoHost/package_linter/issues/36 - Level 5=1 + Level 5=auto ;;; Options Email= -Notification=down +Notification=change ;;; Upgrade options ; commit=4c29aa94f9d9048411c6e165e122e03574fb9b8d name=08 Sep 2017 4c29aa94f9d9048411c6e165e122e03574fb9b8d diff --git a/manifest.json b/manifest.json index cc0267a..c5929a3 100644 --- a/manifest.json +++ b/manifest.json @@ -49,6 +49,9 @@ "fr": "L'upload des images est-il public ?" }, "default": false, + "help": { + "en": "If you set Lutim as public, everyone will be able to upload images and share them.
But even if not public, everyone can see an image from a link shared with your Lutim." + } }, { "name": "always_encrypt", diff --git a/scripts/actions/check_quota b/scripts/actions/check_quota index bd5d58b..dccf93d 100755 --- a/scripts/actions/check_quota +++ b/scripts/actions/check_quota @@ -9,11 +9,18 @@ source scripts/_common.sh source /usr/share/yunohost/helpers +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # RETRIEVE ARGUMENTS #================================================= -app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} +app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) diff --git a/scripts/actions/clean_images b/scripts/actions/clean_images index b671415..73eb953 100755 --- a/scripts/actions/clean_images +++ b/scripts/actions/clean_images @@ -9,11 +9,18 @@ source scripts/_common.sh source /usr/share/yunohost/helpers +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # RETRIEVE ARGUMENTS #================================================= -app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} +app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) diff --git a/scripts/actions/clean_ip b/scripts/actions/clean_ip index 8e7db98..fa70070 100755 --- a/scripts/actions/clean_ip +++ b/scripts/actions/clean_ip @@ -9,11 +9,18 @@ source scripts/_common.sh source /usr/share/yunohost/helpers +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # RETRIEVE ARGUMENTS #================================================= -app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} +app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index 7526268..f7239cf 100755 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -9,11 +9,23 @@ source scripts/_common.sh source /usr/share/yunohost/helpers +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { +# Clean installation remaining that are not handle by the remove script. + ynh_clean_check_starting +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # RETRIEVE ARGUMENTS #================================================= -app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} +app=$YNH_APP_INSTANCE_NAME + final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) diff --git a/scripts/change_url b/scripts/change_url index 369918d..8bb481c 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -38,11 +38,13 @@ ynh_script_progression --message="Backing up the app before changing its url (ma # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + ynh_clean_check_starting - # restore it if the upgrade fails - ynh_restore_upgradebackup + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # restore it if the upgrade fails + ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -72,17 +74,6 @@ then change_path=1 fi -#================================================= -# MANAGE FAILURE OF THE SCRIPT -#================================================= - -ynh_clean_setup () { -# Clean installation remaining that are not handle by the remove script. - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD MODIFICATIONS #================================================= diff --git a/scripts/config b/scripts/config index 8162129..550874d 100644 --- a/scripts/config +++ b/scripts/config @@ -13,7 +13,7 @@ source /usr/share/yunohost/helpers # RETRIEVE ARGUMENTS #================================================= -app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} +app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) @@ -43,9 +43,11 @@ get_config_value() { # always_encrypt old_always_encrypt="$(get_config_value always_encrypt)" always_encrypt="${YNH_CONFIG_MAIN_CONFIGURATION_ALWAYS_ENCRYPT:-$old_always_encrypt}" + # antiflood old_antiflood="$(get_config_value anti_flood_delay)" antiflood="${YNH_CONFIG_MAIN_CONFIGURATION_ANTIFLOOD:-$old_antiflood}" + # delay old_delay="$(get_config_value default_delay)" if [ $old_delay -eq 0 ]; then @@ -101,62 +103,75 @@ show_config() { #================================================= apply_config() { - restart_lutim=0 - # Change configuration if needed - # always_encrypt - if [ "$always_encrypt" != "$old_always_encrypt" ] - then - ynh_replace_string --match_string=".*always_encrypt *=>.*" --replace_string=" always_encrypt => $always_encrypt," --target_file="$config_file" - restart_lutim=1 - fi + #================================================= + # MODIFY LUTIM CONFIGURATION + #================================================= - # antiflood - if [ "$antiflood" != "$old_antiflood" ] - then - ynh_replace_string --match_string=".*anti_flood_delay *=>.*" --replace_string=" anti_flood_delay => $antiflood," --target_file="$config_file" - # Disable anti_flood_delay if the delay is 0 - if [ $antiflood = 0 ]; then - ynh_replace_string --match_string="\(anti_flood_delay *=>.*\)" --replace_string="#\1" --target_file="$config_file" - fi - ynh_app_setting_set --app=$app --key=antiflood --value="$antiflood" - restart_lutim=1 - fi + restart_lutim=0 - # delay - if [ "$delay" != "$old_delay" ] - then - if [ $delay = None ]; then - delay=0 - elif [ $delay = Day ]; then - delay=1 - elif [ $delay = Week ]; then - delay=7 - elif [ $delay = Month ]; then - delay=30 - else - delay=360 - fi - ynh_replace_string --match_string=".*default_delay *=>.*" --replace_string=" default_delay => $delay," --target_file="$config_file" - ynh_app_setting_set --app=$app --key=delay --value="$delay" - restart_lutim=1 - fi + # Change configuration if needed + # always_encrypt + if [ "$always_encrypt" != "$old_always_encrypt" ] + then + ynh_replace_string --match_string=".*always_encrypt *=>.*" --replace_string=" always_encrypt => $always_encrypt," --target_file="$config_file" + restart_lutim=1 + fi - if [ $restart_lutim -eq 1 ] - then - # Wait for lutim to be fully started - ynh_systemd_action --action=restart --line_match="Manager.*started" --log_path="/var/log/$app/production.log" --timeout="120" - fi + # antiflood + if [ "$antiflood" != "$old_antiflood" ] + then + ynh_replace_string --match_string=".*anti_flood_delay *=>.*" --replace_string=" anti_flood_delay => $antiflood," --target_file="$config_file" + # Disable anti_flood_delay if the delay is 0 + if [ $antiflood = 0 ]; then + ynh_replace_string --match_string="\(anti_flood_delay *=>.*\)" --replace_string="#\1" --target_file="$config_file" + fi + ynh_app_setting_set --app=$app --key=antiflood --value="$antiflood" + restart_lutim=1 + fi - # Set overwrite_settings - ynh_app_setting_set --app=$app --key=overwrite_settings --value="$overwrite_settings" - # Set overwrite_nginx - ynh_app_setting_set --app=$app --key=overwrite_nginx --value="$overwrite_nginx" - # Set overwrite_systemd - ynh_app_setting_set --app=$app --key=overwrite_systemd --value="$overwrite_systemd" + # delay + if [ "$delay" != "$old_delay" ] + then + if [ $delay = None ]; then + delay=0 + elif [ $delay = Day ]; then + delay=1 + elif [ $delay = Week ]; then + delay=7 + elif [ $delay = Month ]; then + delay=30 + else + delay=360 + fi + ynh_replace_string --match_string=".*default_delay *=>.*" --replace_string=" default_delay => $delay," --target_file="$config_file" + ynh_app_setting_set --app=$app --key=delay --value="$delay" + restart_lutim=1 + fi - # Set admin_mail_html - ynh_app_setting_set --app=$app --key=admin_mail_html --value="$admin_mail_html" + if [ $restart_lutim -eq 1 ] + then + # Wait for lutim to be fully started + ynh_systemd_action --action=restart --line_match="Manager.*started" --log_path="/var/log/$app/production.log" --timeout="120" + fi + + #================================================= + # MODIFY OVERWRITTING SETTINGS + #================================================= + + # Set overwrite_settings + ynh_app_setting_set --app=$app --key=overwrite_settings --value="$overwrite_settings" + # Set overwrite_nginx + ynh_app_setting_set --app=$app --key=overwrite_nginx --value="$overwrite_nginx" + # Set overwrite_systemd + ynh_app_setting_set --app=$app --key=overwrite_systemd --value="$overwrite_systemd" + + #================================================= + # MODIFY EMAIL SETTING + #================================================= + + # Set admin_mail_html + ynh_app_setting_set --app=$app --key=admin_mail_html --value="$admin_mail_html" } #================================================= diff --git a/scripts/install b/scripts/install index 8364344..e0e519b 100644 --- a/scripts/install +++ b/scripts/install @@ -6,11 +6,12 @@ # IMPORT GENERIC HELPERS #================================================= -source _common.sh -source /usr/share/yunohost/helpers # Load common variables for all scripts. source _variables +source _common.sh +source /usr/share/yunohost/helpers + #================================================= # MANAGE FAILURE OF THE SCRIPT #================================================= @@ -259,4 +260,4 @@ ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="root" --type # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --time --last +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 8480254..5c04deb 100644 --- a/scripts/remove +++ b/scripts/remove @@ -94,4 +94,4 @@ ynh_system_user_delete --username=$app # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --time --last +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 170efbc..d522562 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,11 +6,12 @@ # IMPORT GENERIC HELPERS #================================================= -source ../settings/scripts/_common.sh -source /usr/share/yunohost/helpers # Load common variables for all scripts. source ../settings/scripts/_variables +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + #================================================= # MANAGE SCRIPT FAILURE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index d16892d..309da4b 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -6,11 +6,12 @@ # IMPORT GENERIC HELPERS #================================================= -source _common.sh -source /usr/share/yunohost/helpers # Load common variables for all scripts. source _variables +source _common.sh +source /usr/share/yunohost/helpers + #================================================= # LOAD SETTINGS #================================================= @@ -209,7 +210,7 @@ ynh_system_user_create --username=$app #================================================= # SETUP LUTIM #================================================= -ynh_script_progression --message="Reconfigure Lutim" +ynh_script_progression --message="Reconfiguring Lutim..." # Overwrite the settings config file only if it's allowed if [ $overwrite_settings -eq 1 ] From e481e03e0511787f297e10f85d6a54b3fedb5470 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 24 Apr 2020 20:16:59 +0200 Subject: [PATCH 11/13] Fix potential error on install --- scripts/install | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/install b/scripts/install index e0e519b..749c212 100644 --- a/scripts/install +++ b/scripts/install @@ -236,10 +236,14 @@ ynh_script_progression --message="Restarting Lutim..." --weight=6 # Wait for lutim to be fully started ynh_systemd_action --action=restart --line_match="Manager.*started" --log_path="/var/log/$app/production.log" --timeout="120" +ynh_systemd_action --action=stop # Set right permissions on new files created at first start chown -R $app: $final_path +# Wait for lutim to be fully started +ynh_systemd_action --action=restart --line_match="Manager.*started" --log_path="/var/log/$app/production.log" --timeout="120" + #================================================= # SEND A README FOR THE ADMIN #================================================= From e1c90a7c1b2c0c66c4d7bfc8a8e2a221d5c817ab Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sat, 25 Apr 2020 13:14:03 +0200 Subject: [PATCH 12/13] New reset actions --- actions.toml | 29 +++++ check_process | 11 ++ manifest.json | 2 +- scripts/actions/reset_default_app | 158 +++++++++++++++++++++++++++ scripts/actions/reset_default_system | 67 ++++++++++++ 5 files changed, 266 insertions(+), 1 deletion(-) create mode 100755 scripts/actions/reset_default_app create mode 100755 scripts/actions/reset_default_system diff --git a/actions.toml b/actions.toml index 9b10324..48f0d88 100644 --- a/actions.toml +++ b/actions.toml @@ -21,3 +21,32 @@ name = "Reset the config file and restore a default one." command = "/bin/bash scripts/actions/reset_default_config \"lutim.conf\"" accepted_return_codes = [0] description = "Reset the config file lutim.conf." + + +[reset_default_nginx] +name = "Reset the nginx config for this app." +command = "/bin/bash scripts/actions/reset_default_system nginx" +# user = "root" # optional +# cwd = "/" # optional +# accepted_return_codes = [0, 1, 2, 3] # optional +accepted_return_codes = [0] +description = "Reset the nginx config for this app." + +[reset_default_systemd] +name = "Reset the systemd config for this app." +command = "/bin/bash scripts/actions/reset_default_system systemd" +# user = "root" # optional +# cwd = "/" # optional +# accepted_return_codes = [0, 1, 2, 3] # optional +accepted_return_codes = [0] +description = "Reset the systemd config for this app." + + +[reset_default_app] +name = "Reset the app with a default configuration." +command = "/bin/bash scripts/actions/reset_default_app" +# user = "root" # optional +# cwd = "/" # optional +# accepted_return_codes = [0, 1, 2, 3] # optional +accepted_return_codes = [0] +description = "Reset the app to its default configuration to try to fix potential issues.
This action won't remove any data added to the app.
However, if you have modified any configuration, it will be overwritten." diff --git a/check_process b/check_process index 44f262b..06ab3b9 100644 --- a/check_process +++ b/check_process @@ -4,6 +4,15 @@ path="/path" (PATH) is_public=1 (PUBLIC|public=1|private=0) always_encrypt=1 + ; Actions + ; Config_panel + main.configuration.always_encrypt=0|1 + main.configuration.antiflood=10 + main.configuration.delay=None|Day|Week|Month|Year + main.overwrite_files.overwrite_settings=0|1 + main.overwrite_files.overwrite_nginx=0|1 + main.overwrite_files.overwrite_systemd=0|1 + main.global_config.email_type=0|1 ; Checks pkg_linter=1 setup_sub_dir=1 @@ -17,6 +26,8 @@ multi_instance=0 port_already_use=1 (8095) change_url=1 + actions=1 + config_panel=1 ;;; Levels Level 5=auto ;;; Options diff --git a/manifest.json b/manifest.json index c5929a3..a764961 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Self hosting images and sharing anonymous application", "fr": "Application d'hébergement et de partage d'images anonyme" }, - "version": "0.11.6~ynh3", + "version": "0.11.6~ynh4", "url": "https://lut.im", "license": "AGPL-3.0", "maintainer": { diff --git a/scripts/actions/reset_default_app b/scripts/actions/reset_default_app new file mode 100755 index 0000000..f2cc664 --- /dev/null +++ b/scripts/actions/reset_default_app @@ -0,0 +1,158 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +# Load common variables for all scripts. +source scripts/_variables + +source scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { +# Clean installation remaining that are not handle by the remove script. + ynh_clean_check_starting +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +is_public=$(ynh_app_setting_get --app=$app --key=is_public) +port=$(ynh_app_setting_get --app=$app --key=port) +always_encrypt=$(ynh_app_setting_get --app=$app --key=always_encrypt) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +secret=$(ynh_app_setting_get --app=$app --key=secret) + +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= + +ynh_app_setting_set --app=$app --key=overwrite_settings --value=1 +ynh_app_setting_set --app=$app --key=overwrite_nginx --value=1 +ynh_app_setting_set --app=$app --key=overwrite_systemd --value=1 +ynh_app_setting_set --app=$app --key=admin_mail_html --value=1 + +#================================================= +# SPECIFIC ACTION +#================================================= +# ACTIVATE MAINTENANCE MODE +#================================================= +ynh_script_progression --message="Activating maintenance mode..." + +ynh_maintenance_mode_ON + +#================================================= +# STOP LUTIM +#================================================= + +ynh_systemd_action --action=stop + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +ynh_script_progression --message="Resetting source files..." --weight=2 + +# Download, check integrity, uncompress and patch the source from app.src +(cd scripts; YNH_CWD=$PWD ynh_setup_source --dest_dir="$final_path") + +#================================================= +# NGINX CONFIGURATION +#================================================= + +ynh_script_progression --message="Resetting nginx web server configuration..." --weight=4 + +# Create a dedicated nginx config +yunohost app action run $app reset_default_nginx + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app + +#================================================= +# RECONFIGURE APP +#================================================= + +ynh_script_progression --message="Reconfiguring Lutim..." --weight=2 + +# Configure Lutim +# Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. +ynh_backup_if_checksum_is_different --file="$final_path/lutim.conf" +(cd scripts; cp ../conf/lutim.conf.template "$final_path/lutim.conf") +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/lutim.conf" +ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$final_path/lutim.conf" +ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/lutim.conf" +ynh_replace_string --match_string="__ENCRYPT__" --replace_string="$always_encrypt" --target_file="$final_path/lutim.conf" +ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$final_path/lutim.conf" +# Set the number of process for Lutim to twice the number of CPU core. +ynh_replace_string --match_string="__WORKERS__" --replace_string="$(( $(nproc) * 2 ))" --target_file="$final_path/lutim.conf" +# Recalculate and store the checksum of the file for the next upgrade. +ynh_store_file_checksum --file="$final_path/lutim.conf" + +#================================================= +# SETUP CRON +#================================================= + +(cd scripts; cp ../conf/cron_lutim /etc/cron.d/$app) +ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file=/etc/cron.d/$app +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=/etc/cron.d/$app + +#================================================= +# SECURING FILES AND DIRECTORIES +#================================================= + +# Set permissions on app files +chown -R $app: $final_path + +#================================================= +# SETUP SYSTEMD +#================================================= + +ynh_script_progression --message="Resetting systemd configuration..." +yunohost app action run $app reset_default_systemd + +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Resetting logrotate configuration..." + +ynh_use_logrotate --non-append +chown $app -R /var/log/$app + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# DEACTIVE MAINTENANCE MODE +#================================================= +ynh_script_progression --message="Disabling maintenance mode..." + +ynh_maintenance_mode_OFF + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Execution completed" --last diff --git a/scripts/actions/reset_default_system b/scripts/actions/reset_default_system new file mode 100755 index 0000000..25fd088 --- /dev/null +++ b/scripts/actions/reset_default_system @@ -0,0 +1,67 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { +# Clean installation remaining that are not handle by the remove script. + ynh_clean_check_starting +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +type=$1 + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +port=$(ynh_app_setting_get --app=$app --key=port) + +#================================================= +# SPECIFIC ACTION +#================================================= +# RESET THE CONFIG FILE +#================================================= + +if [ $type == nginx ]; then + name=Nginx +elif [ $type == systemd ]; then + name=systemd +else + ynh_die --message="The type $type is not recognized" +fi + +ynh_script_progression --message="Resetting the specific configuration of $name for the app $app..." --weight=3 + +if [ $type == nginx ] +then + (cd scripts; ynh_add_nginx_config) + +elif [ $type == systemd ] +then + ynh_systemd_action --action=stop + (cd scripts; ynh_add_systemd_config) + ynh_systemd_action --action=restart --line_match="Manager.*started" --log_path="/var/log/$app/production.log" --timeout="300" +fi + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Execution completed" --last From e9da233327cf114647ddf2963e26e08ef408f826 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sat, 25 Apr 2020 13:21:34 +0200 Subject: [PATCH 13/13] Update CHANGELOG.md --- CHANGELOG.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 47f2dce..416ed08 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,20 @@ Changelog ## Unreleased - Nothing for now... +## [0.11.6~ynh4](https://github.com/YunoHost-Apps/lutim_ynh/pull/46) - 2020-04-25 + +#### Added +- [Add new badges](https://github.com/YunoHost-Apps/lutim_ynh/pull/46/commits/4e28257f0550378297789c77a5354b004100f5ae) +* [New reset actions](https://github.com/YunoHost-Apps/lutim_ynh/pull/46/commits/e1c90a7c1b2c0c66c4d7bfc8a8e2a221d5c817ab) + +#### Fixed +- [Fix potential error on install](https://github.com/YunoHost-Apps/lutim_ynh/pull/46/commits/e481e03e0511787f297e10f85d6a54b3fedb5470) + +#### Changed +- [Indentation](https://github.com/YunoHost-Apps/lutim_ynh/pull/46/commits/a934b7369842dfbdc45e7c1dfdf3483276d4c755) +- [Misc upgrade](https://github.com/YunoHost-Apps/lutim_ynh/pull/46/commits/750ea401950f4e8b3facfa7caa5bc2388b6a4272) + + ## [0.11.6~ynh3](https://github.com/YunoHost-Apps/lutim_ynh/pull/45) - 2020-03-12 #### Changed