From 73f75150fe2c0e2761aaa654c91f5d8bd0fad20b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 16 Sep 2021 11:39:20 +0200 Subject: [PATCH 1/4] Set rights (#274) * Set rights --- check_process | 8 +++--- scripts/backup | 3 +- scripts/install | 42 +++++++++++++-------------- scripts/remove | 3 +- scripts/restore | 37 +++++++++++++----------- scripts/upgrade | 75 ++++++++++++++++++++++--------------------------- 6 files changed, 82 insertions(+), 86 deletions(-) diff --git a/check_process b/check_process index b8bc603..de67898 100644 --- a/check_process +++ b/check_process @@ -19,7 +19,7 @@ setup_private=1 setup_public=1 upgrade=1 - upgrade=1 from_commit=202cc0725652d4b8fbca52630267247bd58c8de1 + upgrade=1 from_commit=4fa3ee4ad82a6154f2eb858a3da285a35afecef8 backup_restore=1 multi_instance=1 port_already_use=0 @@ -43,11 +43,11 @@ setup_private=1 setup_public=1 upgrade=1 - upgrade=1 from_commit=202cc0725652d4b8fbca52630267247bd58c8de1 + upgrade=1 from_commit=4fa3ee4ad82a6154f2eb858a3da285a35afecef8 ;;; Options Email=kemenaran@gmail.com Notification=none ;;; Upgrade options - ; commit=202cc0725652d4b8fbca52630267247bd58c8de1 - name=Merge pull request #196 from amyblais/patch-51 + ; commit=4fa3ee4ad82a6154f2eb858a3da285a35afecef8 + name= Merge pull request #268 from YunoHost-Apps/testing \ No newline at end of file diff --git a/scripts/backup b/scripts/backup index 941ad87..fd92d5e 100755 --- a/scripts/backup +++ b/scripts/backup @@ -26,6 +26,7 @@ app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +data_path=$(ynh_app_setting_get --app=$app --key=data_path) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -42,7 +43,7 @@ ynh_backup --src_path="$final_path" # BACKUP THE APP DATA #================================================= -ynh_backup --src_path="/home/yunohost.app/$app" --is_big +ynh_backup --src_path="$data_path" --is_big #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/install b/scripts/install index 8144413..2ef3c9b 100644 --- a/scripts/install +++ b/scripts/install @@ -69,6 +69,14 @@ ynh_script_progression --message="Finding an available port..." --weight=3 port=$(ynh_find_port --port=8065) ynh_app_setting_set --app=$app --key=port --value=$port +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=3 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # CREATE A MYSQL DATABASE #================================================= @@ -76,18 +84,9 @@ ynh_script_progression --message="Creating a MySQL database..." --weight=10 db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name - ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=3 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -104,17 +103,23 @@ elif [ "$version" = "Team" ]; then ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # CREATE DIRECTORY FOR DATA #================================================= ynh_script_progression --message="Creating the data directory..." --weight=1 -# Create datadir folder -mkdir -p "/home/yunohost.app/$app" -# Define app's data directory -data_path="/home/yunohost.app/$app" -# Give permission to the datadir -chown -R $app: "$data_path" +data_path=/home/yunohost.app/$app +ynh_app_setting_set --app=$app --key=data_path --value=$data_path + +mkdir -p $data_path + +chmod 750 "$data_path" +chmod -R o-rwx "$data_path" +chown -R $app:www-data "$data_path" #================================================= # HANDLE LOG FILES AND LOGROTATE @@ -142,13 +147,6 @@ url=https://$domain$path_url ynh_add_config --template="../conf/config.json" --destination="$final_path/config/config.json" -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -chown -R $app: $final_path -chmod -R g+w $final_path - #================================================= # NGINX CONFIGURATION #================================================= diff --git a/scripts/remove b/scripts/remove index 783d0d0..cbb87ee 100755 --- a/scripts/remove +++ b/scripts/remove @@ -20,6 +20,7 @@ port=$(ynh_app_setting_get --app=$app --key=port) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name final_path=$(ynh_app_setting_get --app=$app --key=final_path) +data_path=$(ynh_app_setting_get --app=$app --key=data_path) #================================================= # STANDARD REMOVE @@ -59,7 +60,7 @@ ynh_script_progression --message="Removing $app main directory..." --weight=6 ynh_secure_remove --file="$final_path" # We don't delete this dir as it is marked as is-big -# ynh_secure_remove --file="/home/yunohost.app/$app" +# ynh_secure_remove --file="$data_path" #================================================= # REMOVE NGINX CONFIGURATION diff --git a/scripts/restore b/scripts/restore index 6ece5f9..a5d42d6 100644 --- a/scripts/restore +++ b/scripts/restore @@ -32,14 +32,13 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name +data_path=$(ynh_app_setting_get --app=$app --key=data_path) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -51,6 +50,14 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -58,20 +65,22 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= -# RESTORE THE APP DATA +# RESTORE THE DATA DIRECTORY #================================================= +ynh_script_progression --message="Restoring the data directory..." --weight=4 -ynh_restore_file --origin_path="/home/yunohost.app/$app" --not_mandatory -chown -R $app: "/home/yunohost.app/$app" +ynh_restore_file --origin_path="$data_path" --not_mandatory + +mkdir -p $data_path + +chmod 750 "$data_path" +chmod -R o-rwx "$data_path" +chown -R $app:www-data "$data_path" #================================================= # RESTORE THE MYSQL DATABASE @@ -86,10 +95,6 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./ # RESTORE USER RIGHTS #================================================= -# Restore permissions on app files -chown -R $app: $final_path -chmod -R g+w $final_path - logs_path="/var/log/$app" mkdir -p $logs_path chown -R $app: $logs_path diff --git a/scripts/upgrade b/scripts/upgrade index 486e0e1..00d02f1 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -34,6 +34,7 @@ language=$(ynh_app_setting_get --app=$app --key=language) db_name=$(ynh_app_setting_get --app=$app --key=db_name) architecture=$(ynh_detect_arch) version=$(ynh_app_setting_get --app=$app --key=version) +data_path=$(ynh_app_setting_get --app=$app --key=data_path) #================================================= # CHECK VERSION @@ -43,6 +44,20 @@ ynh_script_progression --message="Checking version..." --weight=1 previous_upstream_version="$(ynh_app_upstream_version --manifest="/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json")" upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -70,6 +85,12 @@ if [ -z "$db_name" ]; then ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi +# If final_path doesn't exist, create it +if [ -z "$data_path" ]; then + data_path="/home/yunohost.app/$app" + ynh_app_setting_set --app=$app --key=data_path --value=$data_path +fi + # Cleaning legacy permissions if ynh_legacy_permissions_exists; then ynh_legacy_permissions_delete_all @@ -77,20 +98,6 @@ if ynh_legacy_permissions_exists; then ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -100,6 +107,14 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=3 ynh_systemd_action --service_name=$app --action=stop --log_path="/var/log/$app/$app.log" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -130,6 +145,10 @@ then ynh_secure_remove --file="$tmpdir" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -138,14 +157,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # SETUP SYSTEMD #================================================= @@ -154,26 +165,6 @@ ynh_script_progression --message="Upgrading systemd configuration..." --weight=2 # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# CREATE DIRECTORY FOR DATA -#================================================= -ynh_script_progression --message="Creating the data directory..." --weight=1 - -# Define app's data directory -data_path="/home/yunohost.app/$app" -# Create datadir folder -mkdir -p $data_path -# Give permission to the datadir -chown -R $app: "$data_path" - -#================================================= -# RESTORE FILE PERMISSIONS -#================================================= - -chown -R $app: $final_path -chmod -R g+w $final_path -chown -R $app: "/var/log/$app" - #================================================= # SETUP LOGROTATE #================================================= From d8f0ab251c780b1a16d6f24db6778ba931a4b9d8 Mon Sep 17 00:00:00 2001 From: Pierre de La Morinerie Date: Sat, 2 Oct 2021 23:45:01 +0200 Subject: [PATCH 2/4] Upgrade to Matermost 5.39.0 --- README.md | 2 +- README_fr.md | 2 +- conf/arm.src | 6 +++--- conf/arm64.src | 6 +++--- conf/enterprise.src | 6 +++--- conf/x86-64.src | 6 +++--- manifest.json | 2 +- 7 files changed, 15 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 297691a..0c988c1 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Open source collaboration platform built for developers -**Shipped version:** 5.38.2~ynh1 +**Shipped version:** 5.39.0~ynh1 diff --git a/README_fr.md b/README_fr.md index 347ba21..2ede0ba 100644 --- a/README_fr.md +++ b/README_fr.md @@ -13,7 +13,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour Plateforme de collaboration open source conçue pour les développeurs -**Version incluse :** 5.38.2~ynh1 +**Version incluse :** 5.39.0~ynh1 diff --git a/conf/arm.src b/conf/arm.src index 43f44df..2efc2e4 100644 --- a/conf/arm.src +++ b/conf/arm.src @@ -1,6 +1,6 @@ -SOURCE_URL=https://github.com/SmartHoneybee/ubiquitous-memory/releases/download/v5.38.2/mattermost-v5.38.2-linux-arm.tar.gz -SOURCE_SUM=6e1d4e36c3139c00736e72fe2d96236e45cb84cd66f9d72b3f050c6c186fb2d6f0d949d32e16a2f2e102625d66395314d748a9fffb4bdab4c5d6561a06f6a413 +SOURCE_URL=https://github.com/SmartHoneybee/ubiquitous-memory/releases/download/v5.39.0/mattermost-v5.39.0-linux-arm.tar.gz +SOURCE_SUM=c95e52f8977130d5e4a68ddc6b5a1c1e2756f6b40630d003e05cd82f8bed209712e2dad0874f2f92984a3b47b56a114abfecd60d290a91ac36fcb5b70e235fe7 SOURCE_SUM_PRG=sha512sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=mattermost-v5.38.2-linux-arm.tar.gz +SOURCE_FILENAME=mattermost-v5.39.0-linux-arm.tar.gz diff --git a/conf/arm64.src b/conf/arm64.src index 218afb7..335e78d 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,6 +1,6 @@ -SOURCE_URL=https://github.com/SmartHoneybee/ubiquitous-memory/releases/download/v5.38.2/mattermost-v5.38.2-linux-arm64.tar.gz -SOURCE_SUM=e2c95ca30b5604580413231747013eb36a2474298bd0feabdffd7f77e469931b77575ccb010e174ff2a910aeb513a4bcb7a7b8c5775ea2b562b284dcd8064bb2 +SOURCE_URL=https://github.com/SmartHoneybee/ubiquitous-memory/releases/download/v5.39.0/mattermost-v5.39.0-linux-arm64.tar.gz +SOURCE_SUM=77ef43e344c6129916cafcd2d13d3a527beb6ed92a81393e7c9765405be4254e1b63df13b1a396e7af23a08900e7c3bef819bcb05b28a14a5673cb861cc48e7c SOURCE_SUM_PRG=sha512sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=mattermost-v5.38.2-linux-arm64.tar.gz +SOURCE_FILENAME=mattermost-v5.39.0-linux-arm64.tar.gz diff --git a/conf/enterprise.src b/conf/enterprise.src index e66e2c7..132cb51 100644 --- a/conf/enterprise.src +++ b/conf/enterprise.src @@ -1,6 +1,6 @@ -SOURCE_URL=https://releases.mattermost.com/5.38.2/mattermost-enterprise-5.38.2-linux-amd64.tar.gz -SOURCE_SUM=5d6769cca6aa058547965408baa6937135e08718bc5d1477033df1000e43ec8b +SOURCE_URL=https://releases.mattermost.com/5.39.0/mattermost-enterprise-5.39.0-linux-amd64.tar.gz +SOURCE_SUM=ac0adea65fa8c9a0dcb0effcb4fab2c101b65ac246b205dd5514bfa9f1c22ed4 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=mattermost-enterprise-5.38.2-linux-amd64.tar.gz +SOURCE_FILENAME=mattermost-enterprise-5.39.0-linux-amd64.tar.gz diff --git a/conf/x86-64.src b/conf/x86-64.src index a9c55aa..c328e93 100644 --- a/conf/x86-64.src +++ b/conf/x86-64.src @@ -1,6 +1,6 @@ -SOURCE_URL=https://releases.mattermost.com/5.38.2/mattermost-team-5.38.2-linux-amd64.tar.gz -SOURCE_SUM=b6f2f6f24017eeca9e40d3bda750047171c5728f12c29564384e1aca764e0bf0 +SOURCE_URL=https://releases.mattermost.com/5.39.0/mattermost-team-5.39.0-linux-amd64.tar.gz +SOURCE_SUM=07175b78b0a6e14601d93ac8363e541eadcf95943338892a80640208211284b9 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=mattermost-team-5.38.2-linux-amd64.tar.gz +SOURCE_FILENAME=mattermost-team-5.39.0-linux-amd64.tar.gz diff --git a/manifest.json b/manifest.json index 6d8ed07..2b27d26 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Open source collaboration platform built for developers", "fr": "Plateforme de collaboration open source conçue pour les développeurs" }, - "version": "5.38.2~ynh1", + "version": "5.39.0~ynh1", "url": "http://www.mattermost.org/", "upstream": { "license": "GPL-3.0-only", From 5b27b0b5fc7d6f60f42785c602efc5e03419ab2d Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 3 Oct 2021 09:52:06 +0200 Subject: [PATCH 3/4] Update config.json --- conf/config.json | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/conf/config.json b/conf/config.json index 703b910..be7d18d 100644 --- a/conf/config.json +++ b/conf/config.json @@ -513,7 +513,8 @@ "EnableFileDeletion": false, "MessageRetentionDays": 365, "FileRetentionDays": 365, - "DeletionJobStartTime": "02:00" + "DeletionJobStartTime": "02:00", + "BatchSize": 3000 }, "MessageExportSettings": { "EnableExport": false, @@ -552,7 +553,8 @@ "AutomaticPrepackagedPlugins": true, "RequirePluginSignature": false, "MarketplaceUrl": "https://api.integrations.mattermost.com", - "SignaturePublicKeyFiles": [] + "SignaturePublicKeyFiles": [], + "ChimeraOAuthProxyUrl": "" }, "DisplaySettings": { "CustomUrlSchemes": [], @@ -584,7 +586,6 @@ "PluginIncidentManagement": "1.14.3", "PluginApps": "", "PluginFocalboard": "", - "CustomDataRetentionEnabled": false, "TimedDND": false }, "ImportSettings": { From ca434cb757fc02cfb85e51621cedd293cb388e31 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 3 Oct 2021 19:24:16 +0200 Subject: [PATCH 4/4] source for auto-update --- conf/arm.src | 6 +++--- conf/arm64.src | 6 +++--- conf/enterprise.src | 2 +- conf/x86-64.src | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/conf/arm.src b/conf/arm.src index 2efc2e4..3bb5937 100644 --- a/conf/arm.src +++ b/conf/arm.src @@ -1,6 +1,6 @@ SOURCE_URL=https://github.com/SmartHoneybee/ubiquitous-memory/releases/download/v5.39.0/mattermost-v5.39.0-linux-arm.tar.gz -SOURCE_SUM=c95e52f8977130d5e4a68ddc6b5a1c1e2756f6b40630d003e05cd82f8bed209712e2dad0874f2f92984a3b47b56a114abfecd60d290a91ac36fcb5b70e235fe7 -SOURCE_SUM_PRG=sha512sum +SOURCE_SUM=06cf528404a2c096dc69a005654ce9c2fa89301d2f4faf38fa72bd80c05ade1a +SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=mattermost-v5.39.0-linux-arm.tar.gz +SOURCE_FILENAME=mattermost.tar.gz diff --git a/conf/arm64.src b/conf/arm64.src index 335e78d..57db370 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,6 +1,6 @@ SOURCE_URL=https://github.com/SmartHoneybee/ubiquitous-memory/releases/download/v5.39.0/mattermost-v5.39.0-linux-arm64.tar.gz -SOURCE_SUM=77ef43e344c6129916cafcd2d13d3a527beb6ed92a81393e7c9765405be4254e1b63df13b1a396e7af23a08900e7c3bef819bcb05b28a14a5673cb861cc48e7c -SOURCE_SUM_PRG=sha512sum +SOURCE_SUM=53bfd2bc0c7c7996c101c2905f8caced4ac1be53239e654e8c47ad5a1d397d60 +SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=mattermost-v5.39.0-linux-arm64.tar.gz +SOURCE_FILENAME=mattermost.tar.gz diff --git a/conf/enterprise.src b/conf/enterprise.src index 132cb51..6a4ca08 100644 --- a/conf/enterprise.src +++ b/conf/enterprise.src @@ -3,4 +3,4 @@ SOURCE_SUM=ac0adea65fa8c9a0dcb0effcb4fab2c101b65ac246b205dd5514bfa9f1c22ed4 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=mattermost-enterprise-5.39.0-linux-amd64.tar.gz +SOURCE_FILENAME=mattermost.tar.gz diff --git a/conf/x86-64.src b/conf/x86-64.src index c328e93..1286dc2 100644 --- a/conf/x86-64.src +++ b/conf/x86-64.src @@ -3,4 +3,4 @@ SOURCE_SUM=07175b78b0a6e14601d93ac8363e541eadcf95943338892a80640208211284b9 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=mattermost-team-5.39.0-linux-amd64.tar.gz +SOURCE_FILENAME=mattermost.tar.gz