YunoHost-Apps/mastodon_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mastodon_ynh.git synced 2024-09-03 19:46:02 +02:00
Code Issues Activity Actions

Merge branch 'master' into master

Browse source
This commit is contained in:
nemsia 2017-04-20 10:05:30 +02:00 committed by GitHub
commit fc458eb300
7 changed files with 110 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
manifest.json
View file

@ -44,8 +44,8 @@
"name": "passwd", "name": "passwd",
"type": "password", "type": "password",
"ask": { "ask": {
"en": "Add password for the Admin YunoHost", "en": "Enter password of this administrator",
"fr": "Ajouter le mot de passe l'Administrateur YunoHost" "fr": "Ajouter le mot de passe pour cette administrateur"
}, },
"example": "adminpassword" "example": "adminpassword"
}, },

28
scripts/.fonctions
View file

@ -233,3 +233,31 @@ ynh_psql_drop_db() {
ynh_psql_drop_user() { ynh_psql_drop_user() {
sudo su -c "dropuser ${1}" postgres sudo su -c "dropuser ${1}" postgres
} }
# Remove a file or a directory securely
#
# usage: ynh_secure_remove path_to_remove
# | arg: path_to_remove - File or directory to remove
ynh_secure_remove () {
path_to_remove=$1
forbidden_path=" \
/var/www \
/home/yunohost.app"
if [[ "$forbidden_path" =~ "$path_to_remove" \
# Match all path or subpath in $forbidden_path
|| "$path_to_remove" =~ ^/[[:alnum:]]+$ \
# Match all first level path from / (Like /var, /root, etc...)
|| "${path_to_remove:${#path_to_remove}-1}" = "/" ]]
# Match if the path finish by /. Because it's seems there is an empty variable
then
echo "Avoid deleting of $path_to_remove." >&2
else
if [ -e "$path_to_remove" ]
then
sudo rm -R "$path_to_remove"
else
echo "$path_to_remove doesn't deleted because it's not exist." >&2
fi
fi
}

18
scripts/backup
View file

@ -3,12 +3,19 @@
# Exit on command errors and treat unset variables as an error # Exit on command errors and treat unset variables as an error
set -eu set -eu
# Get multi-instances specific variables if [ ! -e .fonctions ]; then
app=$YNH_APP_INSTANCE_NAME # Get file fonction if not been to the current directory
sudo cp ../settings/scripts/.fonctions ./.fonctions
sudo chmod a+rx .fonctions
fi
# Loads the generic functions usually used in the script
source .fonctions
# Source app helpers # Source app helpers
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
# Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME
# Retrieve app settings # Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain) domain=$(ynh_app_setting_get "$app" domain)
@ -25,6 +32,7 @@ ynh_backup "/etc/systemd/system/mastodon-streaming.service" "systemd_streaming.s
# Backup db # Backup db
sudo su - postgres <<COMMANDS sudo su - postgres <<COMMANDS
pg_dump mastodon_production > /home/backup/mastodon_db.sql pg_dump --role=mastodon -U postgres --no-password mastodon_production > mastodon_db.sql
COMMANDS COMMANDS
ynh_backup "/home/backup/mastodon_db.sql" "mastodon_db.sql" ynh_backup "/var/lib/postgresql/${app}_db.sql" "${app}_db.sql"
ynh_secure_remove /var/lib/postgresql/mastodon_db.sql

9
scripts/install
View file

@ -135,9 +135,12 @@ sudo sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path}
language="$(echo $language | head -c 2)" language="$(echo $language | head -c 2)"
sudo sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production" sudo sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production"
sudo sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=$(head -n128 /dev/urandom | tr -dc -d 'a-z0-9' | head -c128)@g" "${final_path}/live/.env.production" paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
sudo sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=$(head -n128 /dev/urandom | tr -dc -d 'a-z0-9' | head -c128)@g" "${final_path}/live/.env.production" secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
sudo sed -i "s@OTP_SECRET=@OTP_SECRET=$(head -n128 /dev/urandom | tr -dc -d 'a-z0-9' | head -c128)@g" "${final_path}/live/.env.production" otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
sudo sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=${paperclip_secret}@g" "${final_path}/live/.env.production"
sudo sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=${secret_key_base}@g" "${final_path}/live/.env.production"
sudo sed -i "s@OTP_SECRET=@OTP_SECRET=${otp_secret}@g" "${final_path}/live/.env.production"
sudo sed -i 's,SMTP_LOGIN=,SMTP_LOGIN='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production" sudo sed -i 's,SMTP_LOGIN=,SMTP_LOGIN='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production"
sudo sed -i "s@SMTP_PASSWORD=@SMTP_PASSWORD=${admin_pass}@g" "${final_path}/live/.env.production" sudo sed -i "s@SMTP_PASSWORD=@SMTP_PASSWORD=${admin_pass}@g" "${final_path}/live/.env.production"

22
scripts/remove
View file

@ -17,8 +17,8 @@ domain=$(ynh_app_setting_get "$app" domain)
if [ -e "/etc/systemd/system/mastodon-web.service" ]; then if [ -e "/etc/systemd/system/mastodon-web.service" ]; then
echo "Delete systemd script" echo "Delete systemd script"
sudo systemctl stop mastodon-web.service sudo systemctl stop mastodon-web.service
ynh_secure_remove "/etc/systemd/system/mastodon-web.service"
sudo systemctl disable mastodon-web.service sudo systemctl disable mastodon-web.service
sudo rm "/etc/systemd/system/mastodon-web.service"
fi fi
@ -26,16 +26,16 @@ fi
if [ -e "/etc/systemd/system/mastodon-sidekiq.service" ]; then if [ -e "/etc/systemd/system/mastodon-sidekiq.service" ]; then
echo "Delete systemd script" echo "Delete systemd script"
sudo systemctl stop mastodon-sidekiq.service sudo systemctl stop mastodon-sidekiq.service
ynh_secure_remove "/etc/systemd/system/mastodon-sidekiq.service"
sudo systemctl disable mastodon-sidekiq.service sudo systemctl disable mastodon-sidekiq.service
sudo rm "/etc/systemd/system/mastodon-sidekiq.service"
fi fi
# Stop mastodon-sidekiq # Stop mastodon-sidekiq
if [ -e "/etc/systemd/system/mastodon-streaming.service" ]; then if [ -e "/etc/systemd/system/mastodon-streaming.service" ]; then
echo "Delete systemd script" echo "Delete systemd script"
sudo systemctl stop mastodon-sidekiq.streaming sudo systemctl stop mastodon-sidekiq.streaming
ynh_secure_remove "/etc/systemd/system/mastodon-streaming.service"
sudo systemctl disable mastodon-streaming.service sudo systemctl disable mastodon-streaming.service
sudo rm "/etc/systemd/system/mastodon-streaming.service"
fi fi
# Delete service on Yunohost monitoring # Delete service on Yunohost monitoring
@ -74,27 +74,25 @@ sudo apt-get remove --purge -y yarn
#sudo apt-get remove --purge -y autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev #sudo apt-get remove --purge -y autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev
# Delete app directory and configurations # Delete app directory and configurations
SECURE_REMOVE '/opt/$app' ynh_secure_remove /opt/$app
[[ -n $domain ]] && sudo rm -f "/etc/nginx/conf.d/${domain}.d/${app}.conf" [[ -n $domain ]] && sudo rm -f "/etc/nginx/conf.d/${domain}.d/${app}.conf"
# Delete nginx configuration # Delete nginx configuration
REMOVE_NGINX_CONF REMOVE_NGINX_CONF
# Delete log
SECURE_REMOVE '/var/log/$app/'
# Delete cronlog # Delete cronlog
SECURE_REMOVE '/etc/cron.d/$app' ynh_secure_remove /etc/cron.d/$app
# Delete source.list # Delete source.list
sudo rm /etc/apt/sources.list.d/backports.list ynh_secure_remove /etc/apt/sources.list.d/backports.list
sudo rm /etc/apt/sources.list.d/yarn.list ynh_secure_remove /etc/apt/sources.list.d/yarn.list
# Delete ruby symb link # Delete ruby exec
# sudo rm /usr/bin/ruby ynh_secure_remove /usr/bin/ruby
# Remove user # Remove user
sudo userdel -f $app sudo userdel -f $app
# Reload services # Reload services
sudo service nginx reload sudo systemctl reload nginx
echo -e "\e[0m" # Restore normal color echo -e "\e[0m" # Restore normal color

51
scripts/restore
View file

@ -4,12 +4,19 @@
# Exit on command errors and treat unset variables as an error # Exit on command errors and treat unset variables as an error
set -eu set -eu
# The parameter $app is the id of the app instance ex: ynhexample__2 if [ ! -e .fonctions ]; then
app=$YNH_APP_INSTANCE_NAME # Get file fonction if not been to the current directory
sudo cp ../settings/scripts/.fonctions ./.fonctions
sudo chmod a+rx .fonctions
fi
# Loads the generic functions usually used in the script
source .fonctions
# Source app helpers # Source app helpers
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
# The parameter $app is the id of the app instance ex: ynhexample__2
app=$YNH_APP_INSTANCE_NAME
# Get old parameter of the app # Get old parameter of the app
domain=$(ynh_app_setting_get $app domain) domain=$(ynh_app_setting_get $app domain)
path=$(ynh_app_setting_get $app path) path=$(ynh_app_setting_get $app path)
@ -30,7 +37,7 @@ nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
if [ -f $nginx_conf ]; then if [ -f $nginx_conf ]; then
ynh_die "The NGINX configuration already exists at '${nginx_conf}'. ynh_die "The NGINX configuration already exists at '${nginx_conf}'.
You should safely delete it before restoring this app." You should safely delete it before restoring this app."
fi
# Check configuration files php-fpm # Check configuration files php-fpm
crontab_conf="/etc/cron.d/${app}" crontab_conf="/etc/cron.d/${app}"
if [ -f $crontab_conf ]; then if [ -f $crontab_conf ]; then
@ -55,18 +62,34 @@ if [ -f "${streaming_systemd}" ]; then
You should safely delete it before restoring this app." You should safely delete it before restoring this app."
fi fi
# Create user unix
sudo adduser $app --home /opt/$app --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password --disabled-login
# Restore sources & data # Restore sources & data
sudo cp -a ./sources "$final_path" sudo cp -a ./sources "$final_path"
# Set permissions # Set permissions
sudo chown -R $app: "$final_path" sudo chown -R $app: "$final_path"
# Set UTF8 encoding by default
sudo su -c "psql" postgres <<< \
"update pg_database set datistemplate='false' where datname='template1';"
sudo su -c "psql" postgres <<< \
"drop database template1;"
sudo su -c "psql" postgres <<< \
"create database template1 encoding='UTF8' template template0;"
sudo su -c "psql" postgres <<< \
"update pg_database set datistemplate='true' where datname='template1';"
# Restore db # Restore db
ynh_psql_create_db_without_password "$app" ynh_psql_create_db_without_password "$app"
sudo su - postgres <<COMMANDS sudo su - postgres <<COMMANDS
pg_dump mastodon_production < ./mastodon_db.sql pg_dump --role=mastodon -U postgres --no-password mastodon < $YNH_APP_BACKUP_DIR/mastodon_db.sql
COMMANDS COMMANDS
# Create symlink for ruby
sudo ln -s /opt/mastodon/.rbenv/versions/2.4.1/bin/ruby /usr/bin/ruby || true
# Restore Mastodon # Restore Mastodon
sudo su - $app <<RCOMMANDS sudo su - $app <<RCOMMANDS
cd ~/live cd ~/live
@ -79,5 +102,23 @@ sudo cp -a ./nginx.conf "$nginx_conf"
# Restore crontab # Restore crontab
sudo cp -a ./cron.conf "$crontab_conf" sudo cp -a ./cron.conf "$crontab_conf"
sudo cp ../conf/mastodon-web.service /etc/systemd/system/mastodon-web.service
sudo chown root: /etc/systemd/system/mastodon-web.service
sudo cp ../conf/mastodon-sidekiq.service /etc/systemd/system/mastodon-sidekiq.service
sudo chown root: /etc/systemd/system/mastodon-sidekiq.service
sudo cp ../conf/mastodon-streaming.service /etc/systemd/system/mastodon-streaming.service
sudo chown root: /etc/systemd/system/mastodon-streaming.service
sudo systemctl daemon-reload
sudo systemctl enable /etc/systemd/system/mastodon-*.service
sudo systemctl start mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service
# debug
sudo systemctl status mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service
# Add service YunoHost
sudo yunohost service add mastodon-web
sudo yunohost service add mastodon-sidekiq
sudo yunohost service add mastodon-streaming
# Reload services # Reload services
sudo systemctl reload nginx sudo systemctl reload nginx

8
scripts/upgrade
View file

@ -3,8 +3,10 @@
# Exit on command errors and treat unset variables as an error # Exit on command errors and treat unset variables as an error
set -eu set -eu
source .fonctions # Loads the generic functions usually used in the script # Loads the generic functions usually used in the script
source /usr/share/yunohost/helpers # Source YunoHost helpers source .fonctions
# Source YunoHost helpers
source /usr/share/yunohost/helpers
# See comments in install script # See comments in install script
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -39,7 +41,7 @@ sudo su - $app <<COMMANDS
pushd ~/live pushd ~/live
git fetch git fetch
git pull https://github.com/tootsuite/mastodon.git master git pull https://github.com/tootsuite/mastodon.git master
git checkout v1.2 git checkout $(git tag | tail -n 1)
bin/bundle install bin/bundle install
yarn install --production yarn install --production
RAILS_ENV=production bundle exec rails assets:clean RAILS_ENV=production bundle exec rails assets:clean