YunoHost-Apps/mastodon_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mastodon_ynh.git synced 2024-09-03 19:46:02 +02:00
Code Issues Activity Actions

adding ynh_add_secure_repos__2

Browse source
This commit is contained in:
yalh76 2019-03-22 23:59:16 +01:00
parent 5cd0ad6b49
commit dddaefcd63
5 changed files with 180 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

166
conf/ynh_add_secure_repos__2 Normal file
View file

@ -0,0 +1,166 @@
#!/bin/bash
# Pin a repository.
#
# usage: ynh_pin_repo --package=packages --pin=pin_filter --priority=priority_value [--name=name] [--append]
# | arg: -p, --package - Packages concerned by the pin. Or all, *.
# | arg: -i, --pin - Filter for the pin.
# | arg: -p, --priority - Priority for the pin
# | arg: -n, --name - Name for the files for this repo, $app as default value.
# | arg: -a, --append - Do not overwrite existing files.
#
# See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html for information about pinning.
#
ynh_pin_repo () {
# Declare an array to define the options of this helper.
local legacy_args=pirna
declare -Ar args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append )
local package
local pin
local priority
local name
local append
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
package="${package:-*}"
priority=${priority:-50}
name="${name:-$app}"
append=${append:-0}
if [ $append -eq 1 ]
then
append="tee -a"
else
append="tee"
fi
mkdir -p "/etc/apt/preferences.d"
echo "Package: $package
Pin: $pin
Pin-Priority: $priority" \
| $append "/etc/apt/preferences.d/$name"
}
# Add a repository.
#
# usage: ynh_add_repo --uri=uri --suite=suite --component=component [--name=name] [--append]
# | arg: -u, --uri - Uri of the repository.
# | arg: -s, --suite - Suite of the repository.
# | arg: -c, --component - Component of the repository.
# | arg: -n, --name - Name for the files for this repo, $app as default value.
# | arg: -a, --append - Do not overwrite existing files.
#
# Example for a repo like deb http://forge.yunohost.org/debian/ stretch stable
# uri suite component
# ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable
#
ynh_add_repo () {
# Declare an array to define the options of this helper.
local legacy_args=uscna
declare -Ar args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append )
local uri
local suite
local component
local name
local append
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
append=${append:-0}
if [ $append -eq 1 ]
then
append="tee -a"
else
append="tee"
fi
mkdir -p "/etc/apt/sources.list.d"
# Add the new repo in sources.list.d
echo "deb $uri $suite $component" \
| $append "/etc/apt/sources.list.d/$name.list"
}
# Add an extra repository correctly, pin it and get the key.
#
# usage: ynh_install_extra_repo --repo="repo" [--key=key_url] [--name=name] [--append]
# | arg: -r, --repo - Complete url of the extra repository.
# | arg: -k, --key - url to get the public key.
# | arg: -n, --name - Name for the files for this repo, $app as default value.
# | arg: -a, --append - Do not overwrite existing files.
ynh_install_extra_repo () {
# Declare an array to define the options of this helper.
local legacy_args=rkna
declare -Ar args_array=( [r]=repo= [k]=key= [n]=name= [a]=append )
local repo
local key
local name
local append
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
append=${append:-0}
key=${key:-0}
if [ $append -eq 1 ]
then
append="--append"
wget_append="tee -a"
else
append=""
wget_append="tee"
fi
# Split the repository into uri, suite and components.
# Remove "deb " at the beginning of the repo.
repo="${repo#deb }"
# Get the uri
local uri="$(echo "$repo" | awk '{ print $1 }')"
# Get the suite
local suite="$(echo "$repo" | awk '{ print $2 }')"
# Get the components
local component="${repo##$uri $suite }"
# Add the repository into sources.list.d
ynh_add_repo --uri="$uri" --suite="$suite" --component="$component" --name="$name" $append
# Pin the new repo with the default priority, so it won't be used for upgrades.
# Build $pin from the uri without http and any sub path
local pin="${uri#*://}"
pin="${pin%%/*}"
ynh_pin_repo --package="*" --pin="origin \"$pin\"" --name="$name" $append
# Get the public key for the repo
if [ -n "$key" ]
then
mkdir -p "/etc/apt/trusted.gpg.d"
wget -q "$key" -O - | $wget_append /etc/apt/trusted.gpg.d/$name.gpg
fi
# Update the list of package with the new repo
ynh_package_update
}
# Remove an extra repository and the assiociated configuration.
#
# usage: ynh_remove_extra_repo [--name=name]
# | arg: -n, --name - Name for the files for this repo, $app as default value.
ynh_remove_extra_repo () {
# Declare an array to define the options of this helper.
local legacy_args=n
declare -Ar args_array=( [n]=name= )
local name
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
ynh_secure_remove "/etc/apt/sources.list.d/$name.list"
ynh_secure_remove "/etc/apt/preferences.d/$name"
ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.gpg"
# Update the list of package to exclude the old repo
ynh_package_update
}

7
scripts/install
View file

@ -92,12 +92,11 @@ if [[ "$arch" = arm* ]]; then
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
fi fi
# Install source.list debian package backports & yarn # Install extra_repo debian package backports & yarn
if [ "$(lsb_release --codename --short)" == "jessie" ]; then if [ "$(lsb_release --codename --short)" == "jessie" ]; then
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main"
fi fi
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
ynh_package_update ynh_package_update
# install nodejs # install nodejs

10
scripts/remove
View file

@ -9,6 +9,7 @@
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
source ynh_install_ruby source ynh_install_ruby
source ynh_add_secure_repos__2
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
@ -77,13 +78,8 @@ ynh_remove_ruby
ynh_remove_app_dependencies ynh_remove_app_dependencies
ynh_remove_nodejs ynh_remove_nodejs
#================================================= ynh_remove_extra_repo jessie-backports
# REMOVE APT SOURCES ynh_remove_extra_repo yarn
#=================================================
ynh_print_info "Removing apt sources"
ynh_secure_remove "/etc/apt/sources.list.d/jessie-backports.list"
ynh_secure_remove "/etc/apt/sources.list.d/yarn.list"
#================================================= #=================================================
# REMOVE APP MAIN DIR # REMOVE APP MAIN DIR

8
scripts/restore
View file

@ -10,6 +10,7 @@
source ../settings/scripts/_common.sh source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
source ../settings/scripts/ynh_install_ruby source ../settings/scripts/ynh_install_ruby
source ../settings/scripts/ynh_add_secure_repos__2
#================================================= #=================================================
# MANAGE SCRIPT FAILURE # MANAGE SCRIPT FAILURE
@ -86,12 +87,11 @@ if [[ "$arch" = arm* ]]; then
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
fi fi
# Install source.list debian package backports & yarn # Install extra_repo debian package backports & yarn
if [ "$(lsb_release --codename --short)" == "jessie" ]; then if [ "$(lsb_release --codename --short)" == "jessie" ]; then
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main"
fi fi
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
ynh_package_update ynh_package_update
# install nodejs # install nodejs

8
scripts/upgrade
View file

@ -9,6 +9,7 @@
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
source ynh_install_ruby source ynh_install_ruby
source ynh_add_secure_repos__2
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
@ -124,12 +125,11 @@ ynh_add_nginx_config
#================================================= #=================================================
ynh_print_info "Upgrading dependencies..." ynh_print_info "Upgrading dependencies..."
# Install source.list debian package backports & yarn # Install extra_repo debian package backports & yarn
if [ "$(lsb_release --codename --short)" == "jessie" ]; then if [ "$(lsb_release --codename --short)" == "jessie" ]; then
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main"
fi fi
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
ynh_package_update ynh_package_update
# install nodejs # install nodejs