diff --git a/issue_template.md b/issue_template.md index 4a290c4..afce05a 100644 --- a/issue_template.md +++ b/issue_template.md @@ -8,7 +8,7 @@ about: When creating a bug report, please use the following template to provide 1. *Read this whole template first.* 2. *Determine if you are on the right place:* - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* - - *Otherwise, the issue may be due to REPLACEBYYOURAPP itself. Refer to its documentation or repository for help.* + - *Otherwise, the issue may be due to lxd itself. Refer to its documentation or repository for help.* - *When in doubt, post here and we will figure it out together.* 3. *Delete the italic comments as you write over them below, and remove this guide.* --- @@ -31,7 +31,7 @@ about: When creating a bug report, please use the following template to provide - *If you performed a command from the CLI, the command itself is enough. For example:* ```sh - sudo yunohost app install REPLACEBYYOURAPP + sudo yunohost app install lxd ``` - *If you used the webadmin, please perform the equivalent command from the CLI first.* - *If the error occurs in your browser, explain what you did:* diff --git a/manifest.json b/manifest.json index 8f9947f..33f3207 100644 --- a/manifest.json +++ b/manifest.json @@ -7,7 +7,7 @@ }, "version": "4.11~ynh1", "url": "https://example.com", - "license": "free", + "license": "Apache-2.0", "maintainer": { "name": "kay0u", "email": "pierre@kayou.io" diff --git a/scripts/backup b/scripts/backup index 6ea8892..9ef2d30 100755 --- a/scripts/backup +++ b/scripts/backup @@ -28,77 +28,34 @@ ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= ynh_print_info --message="Declaring files to be backed up..." -### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs -### to be backuped and not an actual copy of any file. The actual backup that -### creates and fill the archive with the files happens in the core after this -### script is called. Hence ynh_backups calls takes basically 0 seconds to run. - -#================================================= -# BACKUP THE APP MAIN DIR -#================================================= - -ynh_backup --src_path="$final_path" - -#================================================= -# BACKUP THE NGINX CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# BACKUP THE PHP-FPM CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -#================================================= -# BACKUP FAIL2BAN CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" - #================================================= # SPECIFIC BACKUP -#================================================= -# BACKUP LOGROTATE -#================================================= - -ynh_backup --src_path="/etc/logrotate.d/$app" - #================================================= # BACKUP SYSTEMD #================================================= ynh_backup --src_path="/etc/systemd/system/$app.service" +ynh_backup --src_path="/etc/systemd/system/$app.socket" #================================================= # BACKUP VARIOUS FILES #================================================= -ynh_backup --src_path="/etc/cron.d/$app" +ynh_backup --src_path="/usr/local/lib/$app/" -ynh_backup --src_path="/etc/$app/" +ynh_backup --src_path="/usr/local/bin/lxc" +ynh_backup --src_path="/usr/local/bin/lxd" +ynh_backup --src_path="/usr/local/bin/lxc-to-lxd" +ynh_backup --src_path="/usr/local/bin/lxd-p2c" -#================================================= -# BACKUP THE MYSQL DATABASE -#================================================= -ynh_print_info --message="Backing up the MySQL database..." +ynh_backup --src_path="/etc/dnsmasq.d/lxd" -### (However, things like MySQL dumps *do* take some time to run, though the -### copy of the generated dump to the archive still happens later) - -ynh_mysql_dump_db --database="$db_name" > db.sql +ynh_backup --src_path="/etc/ld.so.conf.d/$app.conf" #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index de553f9..f3a6ecc 100755 --- a/scripts/install +++ b/scripts/install @@ -101,14 +101,6 @@ ynh_system_user_create --username=$app #================================================= # SPECIFIC SETUP -#================================================= -# CONFIGURE DNSMASQ -#================================================= - -echo "bind-interfaces -except-interface=lxdbr0" > /etc/dnsmasq.d/lxd -systemctl restart dnsmasq - #================================================= # SETUP SYSTEMD #================================================= @@ -122,11 +114,19 @@ ynh_add_systemd_config # MODIFY A CONFIG FILE #================================================= +echo "bind-interfaces +except-interface=lxdbr0" > /etc/dnsmasq.d/lxd +systemctl restart dnsmasq + +ynh_store_file_checksum --file="/etc/dnsmasq.d/lxd" + echo "/usr/local/lib/$app/" > /etc/ld.so.conf.d/$app.conf +ynh_store_file_checksum --file="/etc/ld.so.conf.d/$app.conf" + ldconfig -echo "root:1000000:65536 # Added by lxd#" | sudo tee -a /etc/subuid /etc/subgid +echo "root:1000000:65536 # Added by lxd#" | tee -a /etc/subuid /etc/subgid #================================================= # GENERIC FINALIZATION diff --git a/scripts/remove b/scripts/remove index 7d066c8..fad2445 100755 --- a/scripts/remove +++ b/scripts/remove @@ -89,6 +89,12 @@ ynh_script_progression --message="Removing the dedicated system user..." --time # Delete a system user ynh_system_user_delete --username=$app +#================================================= +# INFO TO REMOVE CONTAINERS +#================================================= + +ynh_print_warn --message="If you really want to delete all containers and files related to lxd please run \"sudo rm /var/lib/lxd -rf\"" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index c334a77..a333ff0 100755 --- a/scripts/restore +++ b/scripts/restore @@ -28,38 +28,8 @@ ynh_script_progression --message="Loading installation settings..." --time --wei app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --time --weight=1 - -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - #================================================= # STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring the app main directory..." --time --weight=1 - -ynh_restore_file --origin_path="$final_path" - #================================================= # RECREATE THE DEDICATED USER #================================================= @@ -69,26 +39,11 @@ ynh_script_progression --message="Recreating the dedicated system user..." --tim ynh_system_user_create --username=$app #================================================= -# RESTORE USER RIGHTS +# OPEN A PORT #================================================= +ynh_script_progression --message="Configuring firewall..." --time --weight=1 -# Restore permissions on app files -chown -R root: $final_path - -#================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= - -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -#================================================= -# RESTORE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --time --weight=1 - -ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban +ynh_exec_warn_less yunohost firewall allow --no-upnp Both 67 #================================================= # SPECIFIC RESTORATION @@ -100,21 +55,13 @@ ynh_script_progression --message="Reinstalling dependencies..." --time --weight= # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies -#================================================= -# RESTORE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Restoring the MySQL database..." --time --weight=1 - -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql - #================================================= # RESTORE SYSTEMD #================================================= ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1 ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +ynh_restore_file --origin_path="/etc/systemd/system/$app.socket" systemctl enable $app.service --quiet #================================================= @@ -122,7 +69,28 @@ systemctl enable $app.service --quiet #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --log="/var/log/$app/$app.log" --needs_exposed_ports=67 + +#================================================= +# RESTORE VARIOUS FILES +#================================================= + +ynh_restore_file --origin_path="/usr/local/lib/$app/" + +ynh_restore_file --origin_path="/usr/local/bin/lxc" +ynh_restore_file --origin_path="/usr/local/bin/lxd" +ynh_restore_file --origin_path="/usr/local/bin/lxc-to-lxd" +ynh_restore_file --origin_path="/usr/local/bin/lxd-p2c" + +ynh_restore_file --origin_path="/etc/dnsmasq.d/lxd" + +systemctl restart dnsmasq + +ynh_restore_file --origin_path="/etc/ld.so.conf.d/$app.conf" + +ldconfig + +echo "root:1000000:65536 # Added by lxd#" | tee -a /etc/subuid /etc/subgid #================================================= # START SYSTEMD SERVICE @@ -131,30 +99,6 @@ ynh_script_progression --message="Starting a systemd service..." --time --weight ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# RESTORE VARIOUS FILES -#================================================= - -ynh_restore_file --origin_path="/etc/cron.d/$app" - -ynh_restore_file --origin_path="/etc/$app/" - -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= - -ynh_restore_file --origin_path="/etc/logrotate.d/$app" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX AND PHP-FPM -#================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --time --weight=1 - -ynh_systemd_action --service_name=php$phpversion-fpm --action=reload -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index fff0363..04f5545 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -16,68 +16,11 @@ ynh_script_progression --message="Loading installation settings..." --time --wei app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -language=$(ynh_app_setting_get --app=$app --key=language) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) - -#================================================= -# CHECK VERSION -#================================================= - -### This helper will compare the version of the currently installed app and the version of the upstream package. -### $upgrade_type can have 2 different values -### - UPGRADE_APP if the upstream app version has changed -### - UPGRADE_PACKAGE if only the YunoHost package has changed -### ynh_check_app_version_changed will stop the upgrade if the app is up to date. -### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. -upgrade_type=$(ynh_check_app_version_changed) - #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 -# -# N.B. : the followings setting migrations snippets are provided as *EXAMPLES* -# of what you may want to do in some cases (e.g. a setting was not defined on -# some legacy installs and you therefore want to initiaze stuff during upgrade) -# - -# If db_name doesn't exist, create it -#if [ -z "$db_name" ]; then -# db_name=$(ynh_sanitize_dbid --db_name=$app) -# ynh_app_setting_set --app=$app --key=db_name --value=$db_name -#fi - -# If final_path doesn't exist, create it -#if [ -z "$final_path" ]; then -# final_path=/var/www/$app -# ynh_app_setting_set --app=$app --key=final_path --value=$final_path -#fi - -### If nobody installed your app before 4.1, -### then you may safely remove these lines - -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -if ! ynh_permission_exists --permission="admin"; then - # Create the required permissions - ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin -fi - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url "/api" --allowed="visitors" --show_tile="false" --protected="true" -fi - #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -86,6 +29,8 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_secure_remove --file="$go_tmp" + ynh_secure_remove --file="$lxd_tmp" # Restore it if the upgrade fails ynh_restore_upgradebackup } @@ -101,26 +46,6 @@ ynh_script_progression --message="Stopping a systemd service..." --time --weight ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" -#================================================= -# DOWNLOAD, CHECK AND UNPACK SOURCE -#================================================= - -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." --time --weight=1 - - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" -fi - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1 - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # UPGRADE DEPENDENCIES #================================================= @@ -128,6 +53,47 @@ ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 ynh_install_app_dependencies $pkg_dependencies +ynh_script_progression --message="Setting up source files..." --time --weight=1 + +# Download, check integrity, uncompress and patch the source from app.src +go_tmp=$(mktemp -d) +ynh_setup_source --dest_dir="$go_tmp" --source_id="go.$(ynh_detect_arch)" + +export PATH=$go_tmp/bin:$PATH + +lxd_tmp=$(mktemp -d) +ynh_setup_source --dest_dir="$lxd_tmp" --source_id="lxd" + +export GOPATH=${lxd_tmp}/_dist + +#================================================= +# BUILD FROM SOURCES +#================================================= +ynh_script_progression --message="Building lxd from sources..." --time --weight=1 + +pushd ${lxd_tmp} + +make deps +export CGO_CFLAGS="-I${GOPATH}/deps/raft/include/ -I${GOPATH}/deps/dqlite/include/" +export CGO_LDFLAGS="-L${GOPATH}/deps/raft/.libs -L${GOPATH}/deps/dqlite/.libs/" +export LD_LIBRARY_PATH="${GOPATH}/deps/raft/.libs/:${GOPATH}/deps/dqlite/.libs/" +export CGO_LDFLAGS_ALLOW="-Wl,-wrap,pthread_create" +cd $GOPATH/src/github.com/lxc/lxd + +# https://github.com/golang/go/issues/31997#issuecomment-782864390 +go env -w GO111MODULE=auto + +make + +mkdir -p /usr/local/lib/$app +mkdir -p /var/log/$app +cp -a ${GOPATH}/deps/{raft,dqlite}/.libs/lib*.so* /usr/local/lib/$app/ +cp ${GOPATH}/bin/{lxc,lxd,lxc-to-lxd,lxd-p2c} /usr/local/bin +popd + +ynh_secure_remove --file="$go_tmp" +ynh_secure_remove --file="$lxd_tmp" + #================================================= # CREATE DEDICATED USER #================================================= @@ -136,87 +102,56 @@ ynh_script_progression --message="Making sure dedicated system user exists..." - # Create a dedicated user (if not existing) ynh_system_user_create --username=$app -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --time --weight=1 - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config - #================================================= # SPECIFIC UPGRADE -#================================================= -# ... -#================================================= - #================================================= # SETUP SYSTEMD #================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1 +ynh_script_progression --message="Configuring a systemd service..." --time --weight=1 # Create a dedicated systemd config +ynh_add_systemd_socket_config ynh_add_systemd_config #================================================= # MODIFY A CONFIG FILE #================================================= -### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. -### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. -ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE" +ynh_backup_if_checksum_is_different --file="/etc/dnsmasq.d/lxd" -ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE" +echo "bind-interfaces +except-interface=lxdbr0" > /etc/dnsmasq.d/lxd +systemctl restart dnsmasq -# Recalculate and store the checksum of the file for the next upgrade. -ynh_store_file_checksum --file="$final_path/CONFIG_FILE" +ynh_store_file_checksum --file="/etc/dnsmasq.d/lxd" + +ynh_backup_if_checksum_is_different --file="/etc/ld.so.conf.d/$app.conf" + +echo "/usr/local/lib/$app/" > /etc/ld.so.conf.d/$app.conf + +ynh_store_file_checksum --file="/etc/ld.so.conf.d/$app.conf" + +ldconfig + +echo "root:1000000:65536 # Added by lxd#" | tee -a /etc/subuid /etc/subgid #================================================= # GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions on app files -chown -R root: $final_path - -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1 - -# Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate --non-append - #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --log="/var/log/$app/$app.log" --needs_exposed_ports=67 #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --time --weight=1 +# Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --time --weight=1 - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #=================================================