diff --git a/conf/base.config.yaml b/conf/base.config.yaml index 6d92260..4ce0bef 100644 --- a/conf/base.config.yaml +++ b/conf/base.config.yaml @@ -108,7 +108,7 @@ database: # with username "user", password "pass", host "localhost" and database name "dbname". # # Modify each value as necessary - connString: "postgresql://__DB_USER__:__DB_PASSWORD__@localhost/__DB_NAME__" + connString: "postgresql://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__" # Use SQLite3 as a database backend # diff --git a/scripts/_common.sh b/scripts/_common.sh index 4974ea8..ee8ef00 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -12,33 +12,3 @@ NODEJS_VERSION=14 #================================================= # PERSONAL HELPERS #================================================= - -install_node_deps() { - pushd "$final_path" - ynh_use_nodejs - ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH npm install - popd -} - -run_registration() { - pushd "$final_path" - ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH NODE_ENV=production $final_path/run.sh -r -f "$app.yaml" - popd -} - -setup_final_path_rights() { - chmod 750 "$final_path" - chmod -R o-rwx "$final_path" - chown -R $app:$app "$final_path" -} - -setup_run_script_rights() { - chmod 750 "$final_path/run.sh" - chown "$app:$app" "$final_path/run.sh" -} - -create_etc() { - local etc_path=$1 - mkdir -p -m 750 "$etc_path" - chown "$app:$app" "$etc_path" -} diff --git a/scripts/install b/scripts/install index 6a31ceb..af3effd 100755 --- a/scripts/install +++ b/scripts/install @@ -45,10 +45,6 @@ log_path="/var/log/$app" base_config_path="$final_path/base.config.yaml" user_config_path="/etc/$app/user.config.yaml" -ynh_print_OFF -db_password=$(ynh_string_random --length=30) -ynh_print_ON - #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= @@ -64,9 +60,6 @@ ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=log_path --value=$log_path ynh_app_setting_set --app=$app --key=app_service_registration_path --value=$app_service_registration_path -ynh_print_OFF -ynh_app_setting_set --app=$app --key=db_password --value=$db_password -ynh_print_ON ynh_app_setting_set --app=$app --key=synapse_instance --value=$synapse_instance #================================================= @@ -109,7 +102,7 @@ ynh_script_progression --message="Creating a PostgresSql database..." --weight=1 db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_password +ynh_psql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -119,14 +112,19 @@ ynh_script_progression --message="Setting up source files..." --weight=1 ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_setup_source --dest_dir="$final_path" -setup_final_path_rights +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # INSTALL NODE DEPENDENCIES #================================================= ynh_script_progression --message="Building Node dependencies..." --weight=30 -install_node_deps +pushd "$final_path" + ynh_use_nodejs + ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH npm install +popd #================================================= # SETUP PIP (FOR YQ) @@ -143,7 +141,9 @@ ynh_script_progression --message="Adding configuration files..." --weight=1 etc_path=$(dirname $user_config_path) ynh_app_setting_set --app=$app --key=etc_path --value=$etc_path -create_etc "$etc_path" + +mkdir -p -m 750 "$etc_path" +chown "$app:$app" "$etc_path" any_account_of_domain="@.*:${domain//\./\\\.}" @@ -174,7 +174,9 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1 # Create startup script ynh_add_config --template="../sources/extra_files/app/run.sh" --destination="$final_path/run.sh" -setup_run_script_rights + +chmod 750 "$final_path/run.sh" +chown "$app:$app" "$final_path/run.sh" # Create a dedicated systemd config ynh_add_systemd_config @@ -198,7 +200,10 @@ chown $app:$app "$log_path" #================================================= ynh_script_progression --message="Register module in Synapse" --weight=1 -run_registration +pushd "$final_path" + ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH NODE_ENV=production $final_path/run.sh -r -f "$app.yaml" +popd + cp "$final_path/$app.yaml" $app_service_registration_path/$app.yaml /opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \ || ynh_die "Synapse can't restart with the appservice configuration" diff --git a/scripts/remove b/scripts/remove index 0e0c913..5f50d04 100755 --- a/scripts/remove +++ b/scripts/remove @@ -24,10 +24,6 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) log_path=$(ynh_app_setting_get --app=$app --key=log_path) etc_path=$(ynh_app_setting_get --app=$app --key=etc_path) -ynh_print_OFF -db_password=$(ynh_string_random --length=30) -ynh_print_ON - #================================================= # STANDARD REMOVE #================================================= @@ -75,16 +71,6 @@ ynh_script_progression --message="Removing app main directory..." --weight=1 # Remove the app directory securely ynh_secure_remove --file="$final_path" -#================================================= -# CLOSE A PORT -#================================================= - -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port -fi - #================================================= # SPECIFIC REMOVE #================================================= diff --git a/scripts/restore b/scripts/restore index 3fb82ba..95c627a 100755 --- a/scripts/restore +++ b/scripts/restore @@ -58,7 +58,9 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -setup_final_path_rights +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # SPECIFIC RESTORATION @@ -78,12 +80,10 @@ ynh_use_nodejs ynh_script_progression --message="Restoring the PostgresSql database..." --weight=20 ynh_psql_test_if_first_run -ynh_print_OFF -db_pwd=$(ynh_app_setting_get --app=$app --key=db_password) +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) # TODO: should I let these operation be logged? ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql -ynh_print_ON #================================================= # RESTORE VARIOUS FILES @@ -114,8 +114,9 @@ ynh_script_progression --message="Restoring the systemd configuration..." --weig ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -setup_run_script_rights +chmod 750 "$final_path/run.sh" +chown "$app:$app" "$final_path/run.sh" #================================================= # INTEGRATE SERVICE IN YUNOHOST diff --git a/scripts/upgrade b/scripts/upgrade index 5d1b67d..3284ae6 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -24,9 +24,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) language=$(ynh_app_setting_get --app=$app --key=language) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name -ynh_print_OFF -db_password=$(ynh_app_setting_get --app=$app --key=db_password) -ynh_print_ON +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) synapse_instance=$(ynh_app_setting_get --app=$app --key=synapse_instance) log_path=$(ynh_app_setting_get --app=$app --key=log_path) etc_path=$(ynh_app_setting_get --app=$app --key=etc_path) @@ -115,7 +113,9 @@ then ynh_setup_source --dest_dir="$final_path" fi -setup_final_path_rights +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # UPGRADE DEPENDENCIES @@ -131,7 +131,10 @@ ynh_install_nodejs --nodejs_version=$NODEJS_VERSION ynh_script_progression --message="Building Node dependencies..." --weight=3 -install_node_deps +pushd "$final_path" + ynh_use_nodejs + ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH npm install +popd #================================================= # SPECIFIC UPGRADE @@ -167,7 +170,9 @@ ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 # Create startup script ynh_add_config --template="../sources/extra_files/app/run.sh" --destination="$final_path/run.sh" -setup_run_script_rights + +chmod 750 "$final_path/run.sh" +chown "$app:$app" "$final_path/run.sh" yunohost service add $app --description "$app daemon for bridging Discord and Matrix messages" @@ -181,7 +186,11 @@ ynh_systemd_action --service_name=$app --action="start" #================================================= # REGISTER MODULE IN SYNAPSE #================================================= -run_registration + +pushd "$final_path" + ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH NODE_ENV=production $final_path/run.sh -r -f "$app.yaml" +popd + cp "$final_path/$app.yaml" $app_service_registration_path/$app.yaml /opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \ || ynh_die "Synapse can't restart with the appservice configuration"