YunoHost-Apps/mastodon_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mastodon_ynh.git synced 2024-09-03 19:46:02 +02:00
Code Issues Activity Actions

Convert to v2 (#383)

Browse source 
* convert script

* v2

* Auto-update README

* Update documentation cc @panomaki

* Bump ruby version from 3.0.6 to 3.2.2

* v2

* Auto-update README

* woops

* v2

* v2

* s/final_path/install_dir

* Update PRE_INSTALL.md

* too soon...

* v2

* v2

* v2

* Update tests.toml

* Update doc/PRE_INSTALL.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update doc/PRE_INSTALL_fr.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update tests.toml

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update tests.toml

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update doc/PRE_INSTALL.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update doc/PRE_INSTALL_fr.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Apply suggestions

* Update manifest.toml

* Auto-update README

* Update manifest.toml

* Update scripts

* Auto-update README

* Remove SSO integration

* Use new mail mechanism

* cleaning

* Update manifest.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>
Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com>
This commit is contained in:
Tagada 2023-07-23 04:49:07 +02:00 committed by GitHub
parent f2e80e2a60
commit 8d58702500
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
27 changed files with 392 additions and 902 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
README.md
View file

@ -26,49 +26,6 @@ Mastodon is a free, open-source microblogging social network. It is a decentrali
![Screenshot of Mastodon](./doc/screenshots/mastodon.png)
## Disclaimers / important information
## Important points to read before installing
1. **Mastodon** require a dedicated **root domain**, eg. mastodon.domain.tld
1. The user choosen during the installation is automatically created in Mastodon with admin rights
1. At the end of the installation a mail is sent to the user with the automatically generated password
1. It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
## Configuration
### Install
#### Using *screen* in case of disconnect
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Recover after disconnect:
```
$ screen -d
$ screen -r
```
### Update
#### Using *screen* highly recommended
`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
### Administrate with tooctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## YunoHost specific features
#### Multi-users support
LDAP authentication is activated. All YunoHost users can authenticate.
Log-out from YunoHost's portal doesn't log out from Mastodon. See https://github.com/YunoHost/issues/issues/501
## Documentation and resources
* Official app website: <https://joinmastodon.org/>

48
README_fr.md
View file

@ -27,54 +27,6 @@ Mastodon est un réseau social de microblog auto-hébergé et open source. C'est
![Capture décran de Mastodon](./doc/screenshots/mastodon.png)
## Avertissements / informations importantes
## Points importants à lire avant l'installation
1. **Mastodon** nécessite un **nom de domaine** dédié, par exemple : mastodon.domain.tld
1. L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Mastodon avec des droits d'administration.
1. À la fin de l'installation, un mail est envoyé à cet utilisateur avec un mot de passe généré automatiquement.
1. Pour que votre instance Mastodon reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances distantes indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## Captures d'écran
![](https://framalibre.org/sites/default/files/mastodon.png)
## Configuration
### Installation
#### Utilisation de *screen* en cas de déconnection
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Récupérer l'installation après une deconnection :
```
$ screen -d
$ screen -r
```
L'utilisateur admin est créé automatiquement comme : user@domain.tld
### Mise à jour
#### Utilisation de *screen* fortement recommandée
`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
### Administration avec tooctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## Caractéristiques spécifiques YunoHost
#### Support multi-utilisateur
L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'authentifier.
Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir https://github.com/YunoHost/issues/issues/501
## Documentations et ressources
* Site officiel de lapp : <https://joinmastodon.org/>

22
check_process
View file

@ -1,22 +0,0 @@
;; Test complet
; Manifest
domain="domain.tld"
is_public=1
admin="john"
language="fr_FR"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
# 4.02~ynh2
upgrade=1 from_commit=94381183ca2d14da72234b53c9a83972ffb16e54
backup_restore=1
multi_instance=0
change_url=0
;;; Options
Email=yalh@yahoo.com
Notification=all

41
conf/.env.production.sample
View file

@ -30,11 +30,14 @@ DB_NAME=__DB_NAME__
DB_PASS=__DB_PWD__
DB_PORT=5432
# ElasticSearch (optional)
# Elasticsearch (optional)
# ------------------------
# ES_ENABLED=true
# ES_HOST=es
ES_ENABLED=false
# ES_HOST=localhost
# ES_PORT=9200
# Authentication for ES (optional)
# ES_USER=elastic
# ES_PASS=password
# Secrets
# -------
@ -54,17 +57,12 @@ VAPID_PUBLIC_KEY=__VAPID_PUBLIC_KEY__
# ------------
SMTP_SERVER=localhost
SMTP_PORT=25
#SMTP_LOGIN=
#SMTP_PASSWORD=
SMTP_FROM_ADDRESS=__ADMIN_MAIL__
#SMTP_REPLY_TO=
#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
SMTP_DELIVERY_METHOD=sendmail # delivery method can also be smtp
SMTP_AUTH_METHOD=none
#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
SMTP_LOGIN=__APP__
SMTP_PASSWORD=__MAIL_PWD__
SMTP_FROM_ADDRESS=Mastodon <__APP__@__DOMAIN__>
SMTP_DELIVERY_METHOD=smtp
SMTP_AUTH_METHOD=plain
SMTP_OPENSSL_VERIFY_MODE=none
#SMTP_ENABLE_STARTTLS_AUTO=true
#SMTP_TLS=true
# Registrations
# ------------
@ -80,16 +78,13 @@ DEFAULT_LOCALE=__LANGUAGE__
# File storage (optional)
# -----------------------
# S3_ENABLED=true
# S3_BUCKET=
S3_ENABLED=false
# S3_BUCKET=files.example.com
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# S3_REGION=
# S3_PROTOCOL=http
# S3_HOSTNAME=192.168.1.123:9000
# S3_ALIAS_HOST=
# S3_ALIAS_HOST=files.example.com
# LDAP authentication (optional)
# IP and session retention
# -----------------------
LDAP_ENABLED=true
LDAP_HOST=localhost
@ -105,3 +100,9 @@ LDAP_UID_CONVERSION_ENABLED=true
LDAP_UID_CONVERSION_SEARCH=., -
LDAP_UID_CONVERSION_REPLACE=_
LDAP_TLS_NO_VERIFY=true
# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
# -----------------------
IP_RETENTION_PERIOD=1209600
SESSION_RETENTION_PERIOD=1209600

7
conf/app.src
View file

@ -1,7 +0,0 @@
SOURCE_URL=https://github.com/tootsuite/mastodon/archive/refs/tags/v4.1.4.tar.gz
SOURCE_SUM=524bac8c4108acc07b001caf44951446cb587f9626d8e0d15ed2f5811b980aaa
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

10
conf/cron
View file

@ -1,7 +1,7 @@
# This is a system cron file, see crontab(5)
# m h dom mon dow user command
@daily __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove
@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove-orphans
@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl accounts cull
@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl statuses remove
@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl preview_cards remove
@daily __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove
@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove-orphans
@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl accounts cull
@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl statuses remove
@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl preview_cards remove

4
conf/mastodon-sidekiq.service
View file

@ -5,13 +5,13 @@ After=network.target
[Service]
Type=simple
User=__APP__
WorkingDirectory=__FINALPATH__/live
WorkingDirectory=__INSTALL_DIR__/live
Environment="__LD_PRELOAD__"
Environment="RAILS_ENV=production"
Environment="DB_POOL=25"
Environment="MALLOC_ARENA_MAX=2"
Environment="__YNH_RUBY_LOAD_PATH__"
ExecStart=__FINALPATH__/live/bin/bundle exec sidekiq -c 25
ExecStart=__INSTALL_DIR__/live/bin/bundle exec sidekiq -c 25
TimeoutSec=15
Restart=always
StandardError=syslog

2
conf/mastodon-streaming.service
View file

@ -5,7 +5,7 @@ After=network.target
[Service]
Type=simple
User=__APP__
WorkingDirectory=__FINALPATH__/live
WorkingDirectory=__INSTALL_DIR__/live
Environment="NODE_ENV=production"
Environment="PORT=__PORT_STREAM__"
Environment="STREAMING_CLUSTER_NUM=1"

4
conf/mastodon-web.service
View file

@ -5,12 +5,12 @@ After=network.target
[Service]
Type=simple
User=__APP__
WorkingDirectory=__FINALPATH__/live
WorkingDirectory=__INSTALL_DIR__/live
Environment="__LD_PRELOAD__"
Environment="RAILS_ENV=production"
Environment="PORT=__PORT_WEB__"
Environment="__YNH_RUBY_LOAD_PATH__"
ExecStart=__FINALPATH__/live/bin/bundle exec puma -C config/puma.rb
ExecStart=__INSTALL_DIR__/live/bin/bundle exec puma -C config/puma.rb
ExecReload=/bin/kill -SIGUSR1 $MAINPID
TimeoutSec=15
Restart=always

2
conf/nginx.conf
View file

@ -1,6 +1,6 @@
client_max_body_size 99m;
root __FINALPATH__/live/public;
root __INSTALL_DIR__/live/public;
location / {

36
doc/ADMIN.md Normal file
View file

@ -0,0 +1,36 @@
## Administrate with tooctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## Update
**`screen` (or `tmux`) can be used to make sure your session is not interrupted in case of connection problems.**
See [tutorial](https://www.howtogeek.com/662422/how-to-use-linuxs-screen-command/) for more background information.
```
$ screen
$ sudo yunohost app upgrade mastodon
```
## Backups
First of all: Mastodon uses a local cache to save media (such as posted images, videos etc.). This cache can grow huge.
You could consider cleaning up your local cache first as otherwise your backup will be very big and you might run out of disk space:
To check your space usage, on a command line run:
`$ sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media usage`
If your cache is too big to backup, you can run the following command to clean up Attachments (the first line). Substitute X by the number of days you want to keep, e.g. 1 day. All older images will be deleted but will be refetched from the original server if necessary.
First dry-run to see how much space is freed up (without actually removing):
`$ sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X --dry-run`
If all looks good commit the cleanup:
`$ sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X `
## Known Bugs
- Log-out from YunoHost's portal doesn't log out from Mastodon. See https://github.com/YunoHost/issues/issues/501

34
doc/ADMIN_fr.md Normal file
View file

@ -0,0 +1,34 @@
## Administration avec tooctl
`$ cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help`
## Mise à jour
**`screen` (ou `tmux`) peut être utilisé pour vous assurer que votre session n'est pas interrompue en cas de problème de connection.**
Consultez ce [tutoriel](https://www.howtogeek.com/662422/how-to-use-linuxs-screen-command/) pour plus de détails.
```
$ screen
$ sudo yunohost app upgrade mastodon
```
## Sauvegardes
Tout d'abord : Mastodon utilise un cache local pour sauvegarder les médias (comme les images, vidéos, etc). Ce cache peut devenir énorme.
Vous devriez réfléchir à vider votre cache local avant de faire une sauvegarde, qui pourrait être énorme et vous pourriez manquer d'espace de stockage.
Pour vérifier l'utilisation du stockage, en ligne de commande utilisez :
`$ sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media usage`
Si le cache est trop gros pour être sauvegardé, vous pouvez lancer la commande suivante pour en supprimer les médias attachés. Changez `X` par le nombre de cache à conserver, par ex. 1 jour. Tous les médias plus anciens seront supprimés, mais ils pourront être rechargé du serveur d'origine si nécessaire.
En premier faite un essai à blanc pour voir combien de place sera libérée (sans rien supprimer):
`$ sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X --dry-run`
Si cela semble bon, effectuez le nettoyage :
`$ sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X `
## Bugs connus
- Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir https://github.com/YunoHost/issues/issues/501

40
doc/DISCLAIMER.md
View file

@ -1,40 +0,0 @@
## Important points to read before installing
1. **Mastodon** require a dedicated **root domain**, eg. mastodon.domain.tld
1. The user choosen during the installation is automatically created in Mastodon with admin rights
1. At the end of the installation a mail is sent to the user with the automatically generated password
1. It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
## Configuration
### Install
#### Using *screen* in case of disconnect
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Recover after disconnect:
```
$ screen -d
$ screen -r
```
### Update
#### Using *screen* highly recommended
`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
### Administrate with tooctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## YunoHost specific features
#### Multi-users support
LDAP authentication is activated. All YunoHost users can authenticate.
Log-out from YunoHost's portal doesn't log out from Mastodon. See https://github.com/YunoHost/issues/issues/501

45
doc/DISCLAIMER_fr.md
View file

@ -1,45 +0,0 @@
## Points importants à lire avant l'installation
1. **Mastodon** nécessite un **nom de domaine** dédié, par exemple : mastodon.domain.tld
1. L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Mastodon avec des droits d'administration.
1. À la fin de l'installation, un mail est envoyé à cet utilisateur avec un mot de passe généré automatiquement.
1. Pour que votre instance Mastodon reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances distantes indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## Captures d'écran
![](https://framalibre.org/sites/default/files/mastodon.png)
## Configuration
### Installation
#### Utilisation de *screen* en cas de déconnection
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Récupérer l'installation après une deconnection :
```
$ screen -d
$ screen -r
```
L'utilisateur admin est créé automatiquement comme : user@domain.tld
### Mise à jour
#### Utilisation de *screen* fortement recommandée
`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
### Administration avec tooctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## Caractéristiques spécifiques YunoHost
#### Support multi-utilisateur
L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'authentifier.
Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir https://github.com/YunoHost/issues/issues/501

18
doc/PRE_INSTALL.md Normal file
View file

@ -0,0 +1,18 @@
## Important points to read before installing
- **Mastodon** require a dedicated **root domain**, eg. `domaine.tld` or `mastodon.domain.tld`, with no other apps installed on that domain. You can't change the domain once installed.
- The user choosen during the installation is automatically created in Mastodon with admin rights
- It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
## Using *screen* in case of disconnect
```
$ sudo apt install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Recover after disconnect:
```
$ screen -d
$ screen -r
```

20
doc/PRE_INSTALL_fr.md Normal file
View file

@ -0,0 +1,20 @@
## Points importants à lire avant l'installation
- **Mastodon** nécessite un **nom de domaine** dédié, par exemple : `domaine.tld` ou `mastodon.domaine.tld` sans apps installées sur ce domaine. Il est impossible de changer le nom de domaine après l'installation.
- L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Mastodon avec des droits d'administration.
- Pour que votre instance Mastodon reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## Utilisation de *screen* en cas de déconnexion
L'installation de Mastodon peut être longue, selon les performances du serveur. Pour éviter que le processus soit interrompu par une déconnexion, on peut utiliser `screen`.
```
$ sudo apt install screen
$ screen
$ sudo yunohost app install mastodon
```
Récupérer l'installation après une deconnection :
```
$ screen -d
$ screen -r
```

69
manifest.json
View file

@ -1,69 +0,0 @@
{
"name": "Mastodon",
"id": "mastodon",
"packaging_format": 1,
"description": {
"en": "Libre and federated social network",
"fr": "Réseau social libre et fédéré"
},
"version": "4.1.4~ynh1",
"url": "https://github.com/mastodon/mastodon",
"upstream": {
"license": "AGPL-3.0-or-later",
"website": "https://joinmastodon.org/",
"demo": "https://joinmastodon.org/",
"admindoc": "https://docs.joinmastodon.org/",
"code": "https://github.com/mastodon/mastodon"
},
"license": "AGPL-3.0-or-later",
"maintainer": {
"name": "yalh76"
},
"previous_maintainer": [
{
"name": "cyp",
"email": "cyp@rouquin.me"
},
{
"name": "nemsia",
"email": "nemsia@nemsia.org"
}
],
"requirements": {
"yunohost": ">= 4.3.0"
},
"multi_instance": true,
"services": [
"nginx"
],
"arguments": {
"install": [
{
"name": "domain",
"type": "domain"
},
{
"name": "is_public",
"type": "boolean",
"default": true
},
{
"name": "language",
"type": "string",
"ask": {
"en": "Choose the application language",
"fr": "Choisissez la langue de l'application"
},
"choices": [
"en_EN",
"fr_FR"
],
"default": "fr_FR"
},
{
"name": "admin",
"type": "user"
}
]
}
}

86
manifest.toml Normal file
View file

@ -0,0 +1,86 @@
packaging_format = 2
id = "mastodon"
name = "Mastodon"
description.en = "Libre and federated social network"
description.fr = "Réseau social libre et fédéré"
version = "4.1.4~ynh1"
maintainers = ["yalh76"]
[upstream]
license = "AGPL-3.0-or-later"
website = "https://joinmastodon.org/"
demo = "https://joinmastodon.org/"
admindoc = "https://docs.joinmastodon.org/"
code = "https://github.com/mastodon/mastodon"
cpe = " cpe:2.3:a:joinmastodon:mastodon"
fund = "https://joinmastodon.org/sponsors"
[integration]
yunohost = ">= 11.2"
architectures = "all"
multi_instance = true
ldap = true
sso = false
disk = "2G"
ram.build = "1G"
ram.runtime = "500M"
[install]
[install.domain]
# this is a generic question - ask strings are automatically handled by Yunohost's core
type = "domain"
full_domain = true
[install.init_main_permission]
type = "group"
default = "visitors"
[install.language]
ask.en = "Choose the application language"
ask.fr = "Choisissez la langue de l'application"
type = "string"
choices = ["en_EN", "fr_FR"]
default = "fr_FR"
[install.admin]
# this is a generic question - ask strings are automatically handled by Yunohost's core
type = "user"
[resources]
[resources.sources]
[resources.sources.main]
url = "https://github.com/tootsuite/mastodon/archive/refs/tags/v4.1.4.tar.gz"
sha256 = "524bac8c4108acc07b001caf44951446cb587f9626d8e0d15ed2f5811b980aaa"
autoupdate.strategy = "latest_github_release"
[resources.system_user]
allow_email = true
[resources.install_dir]
[resources.permissions]
main.url = "/"
api.url = "/api"
api.allowed = "visitors"
api.auth_header = false
api.show_tile = false
api.protected = true
[resources.ports]
web.default = 3000
stream.default = 4000
[resources.apt]
packages = "imagemagick, ffmpeg, libpq-dev, libxml2-dev, libxslt1-dev, file, git-core, g++, libprotobuf-dev, protobuf-compiler, pkg-config, gcc, autoconf, bison, build-essential, libssl-dev, libyaml-dev, libreadline6-dev, zlib1g-dev, libncurses5-dev, libffi-dev, libgdbm6, libgdbm-dev, redis-tools, redis-server, postgresql, postgresql-contrib, libidn11-dev, libicu-dev, libjemalloc-dev, curl, apt-transport-https"
[resources.apt.extras.yarn]
repo = "deb https://dl.yarnpkg.com/debian/ stable main"
key = "https://dl.yarnpkg.com/debian/pubkey.gpg"
packages = "yarn"
[resources.database]
type = "postgresql"

7
scripts/_common.sh
View file

@ -4,17 +4,14 @@
# COMMON VARIABLES
#=================================================
# dependencies used by the app (must be on a single line)
pkg_dependencies="imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3|libgdbm6 libgdbm-dev redis-tools redis-server postgresql postgresql-contrib libidn11-dev libicu-dev libjemalloc-dev curl apt-transport-https"
build_pkg_dependencies=""
memory_needed="2560"
ruby_version=3.0.6
nodejs_version=16
# Workaround for Mastodon on Bullseye
# See https://github.com/mastodon/mastodon/issues/15751#issuecomment-873594463
if [ "$(lsb_release --codename --short)" = "bullseye" ]; then
if [ "$(lsb_release --codename --short)" = "bullseye" ];
then
case $YNH_ARCH in
amd64)
ld_preload="LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so"

23
scripts/backup
View file

@ -10,27 +10,6 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@ -40,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$final_path"
ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE NGINX CONFIGURATION

199
scripts/install
View file

@ -11,120 +11,28 @@ source ynh_install_ruby__2
source ynh_add_swap
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url="/"
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
admin=$YNH_APP_ARG_ADMIN
app=$YNH_APP_INSTANCE_NAME
admin_mail=$(ynh_user_get_info --username=$admin --key=mail)
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=language --value=$language
ynh_app_setting_set --app=$app --key=admin --value=$admin
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=1
# Find an available port
port_web=$(ynh_find_port --port=3000)
ynh_app_setting_set --app=$app --key=port_web --value=$port_web
port_stream=$(ynh_find_port --port=4000)
ynh_app_setting_set --app=$app --key=port_stream --value=$port_stream
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=1
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $build_pkg_dependencies
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# CREATE A POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=1
db_name=$(ynh_sanitize_dbid --db_name="${app}_production")
db_user=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;"
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
# APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC)
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=1
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/live"
ynh_setup_source --dest_dir="$install_dir/live"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
chown -R $app:www-data "$install_dir"
#=================================================
# NGINX CONFIGURATION
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
ynh_script_progression --message="Installing Ruby and NodeJS..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#=================================================
# SPECIFIC SETUP
#=================================================
# ADD SWAP IF NEEDED
#=================================================
@ -146,7 +54,7 @@ ynh_add_swap --size=$swap_needed
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1
config="$final_path/live/.env.production"
config="$install_dir/live/.env.production"
language="$(echo $language | head -c 2)"
@ -159,28 +67,29 @@ ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base
otp_secret=$(ynh_string_random --length=128)
ynh_app_setting_set --app="$app" --key=otp_secret --value="$otp_secret"
# We need rake to build vapid keys, we generate them later once the app is installed
vapid_private_key=""
vapid_public_key=""
ynh_add_config --template="../conf/.env.production.sample" --destination="$config"
chmod 400 "$config"
chown $app:$app "$config"
ynh_replace_string --match_string="registrations_mode: 'open'" --replace_string="registrations_mode: 'none'" --target_file="$final_path/live/config/settings.yml"
ynh_replace_string --match_string="min_invite_role: 'admin'" --replace_string="min_invite_role: 'none'" --target_file="$final_path/live/config/settings.yml"
ynh_replace_string --match_string="registrations_mode: 'open'" --replace_string="registrations_mode: 'none'" --target_file="$install_dir/live/config/settings.yml"
ynh_replace_string --match_string="min_invite_role: 'admin'" --replace_string="min_invite_role: 'none'" --target_file="$install_dir/live/config/settings.yml"
ynh_store_file_checksum --file="$final_path/live/config/settings.yml"
ynh_store_file_checksum --file="$install_dir/live/config/settings.yml"
chmod 400 "$final_path/live/config/settings.yml"
chown $app:$app "$final_path/live/config/settings.yml"
chmod 400 "$install_dir/live/config/settings.yml"
chown $app:$app "$install_dir/live/config/settings.yml"
#=================================================
# BUILD APP
#=================================================
ynh_script_progression --message="Building app..." --weight=1
pushd "$final_path/live"
pushd "$install_dir/live"
# Building ruby packages
ynh_use_ruby
ynh_gem update --system
ynh_gem install bundler --no-document
@ -188,93 +97,61 @@ pushd "$final_path/live"
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle config without 'development test'
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle config set force_ruby_platform true
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
# Building assets
ynh_use_nodejs
ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile
echo "SAFETY_ASSURED=1">> $config
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:setup --quiet
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:migrate --quiet
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails assets:precompile --quiet
# Generate vapid keys
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=Admin > /dev/null
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl accounts modify "$admin" --approve
# Create the first admin user
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=Owner > /dev/null
popd
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$final_path/live/key.txt")
# Re-generate config with vapid keys
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$install_dir/live/key.txt")
ynh_app_setting_set --app="$app" --key=vapid_private_key --value="$vapid_private_key"
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$final_path/live/key.txt")
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$install_dir/live/key.txt")
ynh_app_setting_set --app="$app" --key=vapid_public_key --value="$vapid_public_key"
ynh_secure_remove --file="$final_path/live/key.txt"
ynh_secure_remove --file="$install_dir/live/key.txt"
ynh_delete_file_checksum --file="$config"
ynh_add_config --template="../conf/.env.production.sample" --destination="$config"
chmod 400 "$config"
chown $app:$app "$config"
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_package_autoremove
#=================================================
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1
# Create a dedicated NGINX config using the conf/nginx.conf template
ynh_add_nginx_config
# Create a dedicated systemd config
ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service"
yunohost service add "$app-web" --description="$app web service"
ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service"
yunohost service add "$app-streaming" --description="$app streaming service"
#=================================================
# SETUP THE CRON FILE
#=================================================
ynh_script_progression --message="Setuping the cron file..." --weight=1
# Create a cron file
ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add "$app-web" --description="$app web service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
yunohost service add "$app-streaming" --description="$app streaming service"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_script_progression --message="Starting all systemd services..." --weight=1
ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on"
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Worker 1 now listening"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================

74
scripts/remove
View file

@ -12,22 +12,11 @@ source ynh_add_swap
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
# REMOVE SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status "$app-web" >/dev/null
@ -48,73 +37,24 @@ then
yunohost service remove "$app-streaming"
fi
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
# Remove the dedicated systemd config
ynh_remove_systemd_config --service="$app-web"
ynh_remove_systemd_config --service="$app-sidekiq"
ynh_remove_systemd_config --service="$app-streaming"
#=================================================
# REMOVE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Removing the PostgreSQL database..." --weight=1
# Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..." --weight=1
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..." --weight=1
# Remove metapackage and its dependencies
ynh_remove_ruby
ynh_remove_nodejs
ynh_remove_app_dependencies
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE VARIOUS FILES
#=================================================
ynh_script_progression --message="Removing various files..." --weight=1
# Remove a cron file
ynh_secure_remove --file="/etc/cron.d/$app"
# Remove metapackage and its dependencies
ynh_remove_ruby
ynh_remove_nodejs
# Remove swap
ynh_del_swap
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..." --weight=1
# Delete a system user
ynh_system_user_delete --username=$app
#=================================================
# END OF SCRIPT
#=================================================

122
scripts/restore
View file

@ -12,86 +12,24 @@ source ../settings/scripts/ynh_install_ruby__2
source ../settings/scripts/ynh_add_swap
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=1
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_restore_file --origin_path="$final_path"
ynh_restore_file --origin_path="$install_dir"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
# Define and install dependencies
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $build_pkg_dependencies
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=1
ynh_psql_test_if_first_run
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;"
ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name"
@ -111,62 +49,56 @@ fi
ynh_script_progression --message="Adding $swap_needed Mo to swap..." --weight=1
ynh_add_swap --size=$swap_needed
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling Ruby and NodeJS..." --weight=1
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#=================================================
# BUILD APP
#=================================================
ynh_script_progression --message="Building app..." --weight=1
pushd "$final_path/live"
pushd "$install_dir/live"
ynh_use_ruby
ynh_gem update --system
ynh_gem install bundler --no-document
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle install --redownload -j$(getconf _NPROCESSORS_ONLN)
popd
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_package_autoremove
#=================================================
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
#=================================================
# RESTORE VARIOUS FILES
#=================================================
ynh_script_progression --message="Restoring various files..." --weight=1
ynh_restore_file --origin_path="/etc/cron.d/$app"
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/systemd/system/$app-web.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-sidekiq.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-streaming.service"
systemctl enable "$app-web" "$app-sidekiq" "$app-streaming" --quiet
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add "$app-web" --description="$app web service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
yunohost service add "$app-streaming" --description="$app streaming service"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on"
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Worker 1 now listening"
ynh_restore_file --origin_path="/etc/cron.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on"
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Worker 1 now listening"
ynh_systemd_action --service_name=nginx --action=reload

252
scripts/upgrade
View file

@ -11,109 +11,18 @@ source ynh_install_ruby__2
source ynh_add_swap
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
language=$(ynh_app_setting_get --app=$app --key=language)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
redis_namespace=$(ynh_app_setting_get --app=$app --key=db_name)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
admin_mail=$(ynh_user_get_info --username=$admin --key='mail')
port_web=$(ynh_app_setting_get --app=$app --key=port_web)
port_stream=$(ynh_app_setting_get --app=$app --key=port_stream)
secret_key_base=$(ynh_app_setting_get --app=$app --key=secret_key_base)
otp_secret=$(ynh_app_setting_get --app=$app --key=otp_secret)
vapid_private_key=$(ynh_app_setting_get --app=$app --key=vapid_private_key)
vapid_public_key=$(ynh_app_setting_get --app=$app --key=vapid_public_key)
config="$final_path/live/.env.production"
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
admin_mail=$(ynh_user_get_info --username=$admin --key='mail')
config="$install_dir/live/.env.production"
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=systemd --line_match="Stopped"
ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=systemd --line_match="Stopped"
ynh_systemd_action --service_name=${app}-streaming --action="stop" --log_path=systemd --line_match="Stopped"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
# Create a permission if needed
if ! ynh_permission_exists --permission="api"; then
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
fi
# If port_web doesn't exist, create it, needed for old install
if [[ -z "$port_web" ]]; then
port_web=3000
ynh_app_setting_set --app=$app --key=port_web --value=$port_web
fi
# If port_web doesn't exist, create it, needed for old install
if [[ -z "$port_stream" ]]; then
port_stream=4000
ynh_app_setting_set --app=$app --key=port_stream --value=$port_stream
fi
# If db_user doesn't exist, create it, needed for old install
if [[ -z "$db_user" ]]; then
db_user=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
fi
# If db_pwd doesn't exist, create it, needed for old install
if [[ -z "$db_pwd" ]]; then
db_pwd=$(ynh_string_random)
ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
ynh_psql_test_if_first_run
sudo --login --user=postgres psql -c"ALTER user $app WITH PASSWORD '$db_pwd'" postgres
ynh_replace_string --match_string="DB_PASS=" --replace_string="DB_PASS=${db_pwd}" --target_file="$config"
fi
# Remove paperclip_secret
ynh_app_setting_delete --app=$app --key=paperclip_secret
@ -153,67 +62,14 @@ fi
ynh_remove_extra_repo
#=================================================
# CREATE DEDICATED USER
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
ynh_script_progression --message="Stopping a systemd service..." --weight=1
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=systemd --line_match="Stopped"
ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=systemd --line_match="Stopped"
ynh_systemd_action --service_name=${app}-streaming --action="stop" --log_path=systemd --line_match="Stopped"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=1
# Download Mastodon
tmpdir="$(mktemp -d)"
mkdir $tmpdir/system
if [ -d "$final_path/live/public/system" ]; then
mv --verbose --no-target-directory --backup=numbered "$final_path/live/public/system" "$final_path/system.tmp"
fi
rsync -a "$config" "$tmpdir/."
ynh_secure_remove --file="$final_path/live"
ynh_setup_source --dest_dir="$final_path/live"
if [ -d "$final_path/system.tmp" ]; then
mv --verbose --no-target-directory "$final_path/system.tmp" "$final_path/live/public/system"
fi
rsync -a "$tmpdir/.env.production" "$final_path/live/."
ynh_secure_remove --file="$tmpdir"
# Clean files which are not needed anymore
ynh_secure_remove --file="$final_path/live/config/initializers/timeout.rb"
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $build_pkg_dependencies
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# ADD SWAP IF NEEDED
#=================================================
@ -231,11 +87,37 @@ ynh_script_progression --message="Adding $swap_needed Mo to swap..."
ynh_add_swap --size=$swap_needed
#=================================================
# BUILD APP
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Building app..." --weight=1
ynh_script_progression --message="Upgrading Ruby and NodeJS..." --weight=1
pushd "$final_path/live"
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#=================================================
# "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD...)
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=1
# Download Mastodon
ynh_setup_source --dest_dir="$install_dir/live" --keep="public/system/"
chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
fi
#=================================================
# BUILD ASSETS
#=================================================
ynh_script_progression --message="Building assets..." --weight=1
pushd "$install_dir/live"
ynh_use_ruby
ynh_gem update --system
ynh_gem install bundler --no-document
@ -247,13 +129,29 @@ pushd "$final_path/live"
ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails assets:clean
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails assets:precompile
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:migrate
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl cache clear
popd
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_package_autoremove
#=================================================
# REAPPLY SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
ynh_add_nginx_config
# Create a dedicated systemd config
ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service"
yunohost service add "$app-web" --description="$app web service"
ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service"
yunohost service add "$app-streaming" --description="$app streaming service"
ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app"
#=================================================
# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
#=================================================
# UPDATE A CONFIG FILE
#=================================================
@ -267,32 +165,15 @@ chmod 400 "$config"
chown $app:$app "$config"
#=================================================
# SETUP SYSTEMD
# APPLY MIGRATIONS
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
ynh_script_progression --message="Applying migrations..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service"
ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service"
ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service"
#=================================================
# SETUP THE CRON FILE
#=================================================
ynh_script_progression --message="Setuping the cron file..." --weight=1
ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add "$app-web" --description="$app web service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
yunohost service add "$app-streaming" --description="$app streaming service"
pushd "$install_dir/live"
ynh_use_ruby
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:migrate
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl cache clear
popd
#=================================================
# START SYSTEMD SERVICE
@ -303,13 +184,6 @@ ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Worker 1 now listening"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================

4
scripts/ynh_install_ruby__2
View file

@ -36,7 +36,7 @@ build_pkg_dependencies="$build_pkg_dependencies $build_ruby_dependencies"
# However, $PATH is duplicated into $ruby_path to outlast any manipulation of $PATH
# You can use the variable `$ynh_ruby_load_path` to quickly load your Ruby version
# in $PATH for an usage into a separate script.
# Exemple: $ynh_ruby_load_path $final_path/script_that_use_gem.sh`
# Exemple: $ynh_ruby_load_path $install_dir/script_that_use_gem.sh`
#
#
# Finally, to start a Ruby service with the correct version, 2 solutions
@ -81,7 +81,7 @@ ynh_use_ruby () {
ynh_ruby_load_path="PATH=$PATH"
# Sets the local application-specific Ruby version
pushd $final_path
pushd $install_dir
$rbenv_install_dir/bin/rbenv local $ruby_version
popd
}

56
sources/patches/app-sso.patch
View file

@ -1,56 +0,0 @@
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7c36bc6b8..3f691d102 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -69,7 +69,7 @@ class ApplicationController < ActionController::Base
end
def after_sign_out_path_for(_resource_or_scope)
- new_user_session_path
+ "https://#{File.read('/etc/yunohost/current_host')}/yunohost/sso/?action=logout"
end
protected
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 5232e6cfd..160348674 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -180,7 +180,7 @@ Devise.setup do |config|
# given strategies, for example, `config.http_authenticatable = [:database]` will
# enable it only for database authentication. The supported strategies are:
# :database = Support basic authentication with authentication key + password
- config.http_authenticatable = [:pam, :database]
+ config.http_authenticatable = [:two_factor_ldap, :pam, :database]
# If 401 status code should be returned for AJAX requests. True by default.
# config.http_authenticatable_on_xhr = true
diff --git a/lib/devise/two_factor_ldap_authenticatable.rb b/lib/devise/two_factor_ldap_authenticatable.rb
index 065aa2de8..0eb4be10c 100644
--- a/lib/devise/two_factor_ldap_authenticatable.rb
+++ b/lib/devise/two_factor_ldap_authenticatable.rb
@@ -5,13 +5,13 @@ require 'devise/strategies/base'
module Devise
module Strategies
- class TwoFactorLdapAuthenticatable < Base
+ class TwoFactorLdapAuthenticatable < Authenticatable
def valid?
- valid_params? && mapping.to.respond_to?(:authenticate_with_ldap)
+ (valid_for_params_auth? || valid_for_http_auth?) && mapping.to.respond_to?(:authenticate_with_ldap)
end
def authenticate!
- resource = mapping.to.authenticate_with_ldap(params[scope])
+ resource = mapping.to.authenticate_with_ldap(authentication_hash.merge(:password => password))
if resource && !resource.otp_required_for_login?
success!(resource)
@@ -23,7 +23,7 @@ module Devise
protected
def valid_params?
- params[scope] && params[scope][:password].present?
+ super && params[scope][:password].present?
end
end
end

26
tests.toml Normal file
View file

@ -0,0 +1,26 @@
test_format = 1.0
[default]
# ------------
# Tests to run
# ------------
exclude = ["install.multi", "change_url"]
# The test IDs to be used in only/exclude statements are: install.root, install.subdir, install.nourl, install.multi, backup_restore, upgrade, upgrade.someCommitId change_url
# -------------------------------
# Default args to use for install
# -------------------------------
# Nothing to do here...yet
# -------------------------------
# Commits to test upgrade from
# -------------------------------
test_upgrade_from.bda899e.name = "Upgrade from 4.1.2~ynh1"
test_upgrade_from.bda899e.args.domain="domain.tld"
test_upgrade_from.bda899e.args.is_public=1
test_upgrade_from.bda899e.args.admin="john"
test_upgrade_from.bda899e.args.language="fr_FR"