diff --git a/check_process b/check_process index 6672889..c3c4b2f 100644 --- a/check_process +++ b/check_process @@ -1,17 +1,9 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest domain="domain.tld" path="/" - admin="john" - language="fr" is_public=1 password="1Strong-Password" - port="666" ; Checks pkg_linter=1 setup_sub_dir=0 @@ -20,10 +12,9 @@ setup_private=1 setup_public=1 upgrade=1 - upgrade=1 from_commit=CommitHash + #upgrade=1 from_commit=CommitHash backup_restore=1 multi_instance=0 - port_already_use=0 change_url=1 ;;; Options Email= diff --git a/conf/.env b/conf/.env index c666778..3b881ee 100644 --- a/conf/.env +++ b/conf/.env @@ -1,4 +1,4 @@ -MINIO_ROOT_USER=__MINIO_ID__ +MINIO_ROOT_USER=__APP__ MINIO_VOLUMES="__DATADIR__/" MINIO_OPTS="-C __FINAL_PATH__/ --address 127.0.0.1:__PORT__ --console-address :__CONSOLE_PORT__" MINIO_ROOT_PASSWORD=__MINIO_KEY__ \ No newline at end of file diff --git a/conf/amd64.src b/conf/amd64.src new file mode 100644 index 0000000..ae7431b --- /dev/null +++ b/conf/amd64.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://dl.min.io/server/minio/release/linux-amd64/minio +SOURCE_SUM=d81f52faf6f0626fa4b23964c403bae60ff840577f4d75ec3e208ceb78f19ee2 +SOURCE_SUM_PRG=sha256sum +SOURCE_IN_SUBDIR=false +SOURCE_FILENAME=minio +SOURCE_EXTRACT=false diff --git a/conf/app.src b/conf/app.src deleted file mode 100644 index ab0fe4f..0000000 --- a/conf/app.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://dl.min.io/server/minio/release/linux-amd64/archive/minio.RELEASE.2021-11-05T09-16-26Z -SOURCE_SUM=6398ef9107d248cc25e4f21aa36d582b5bf74d9b1c671fa79c81c1f4f607531f -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT= -SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=minio -SOURCE_EXTRACT=false diff --git a/conf/arm64.src b/conf/arm64.src new file mode 100644 index 0000000..ae7431b --- /dev/null +++ b/conf/arm64.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://dl.min.io/server/minio/release/linux-amd64/minio +SOURCE_SUM=d81f52faf6f0626fa4b23964c403bae60ff840577f4d75ec3e208ceb78f19ee2 +SOURCE_SUM_PRG=sha256sum +SOURCE_IN_SUBDIR=false +SOURCE_FILENAME=minio +SOURCE_EXTRACT=false diff --git a/conf/mc.src b/conf/mc.src index 8f12cdd..3114d22 100644 --- a/conf/mc.src +++ b/conf/mc.src @@ -1,7 +1,6 @@ SOURCE_URL=https://dl.min.io/client/mc/release/linux-amd64/archive/mc.RELEASE.2021-11-05T10-05-06Z SOURCE_SUM=9f5ad72fd93678f9f756c6da34a8d4d1e61f7356a96ee327c652ad765975d2b2 SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT= SOURCE_IN_SUBDIR=false SOURCE_FILENAME=mc SOURCE_EXTRACT=false diff --git a/conf/nginx.conf b/conf/nginx.conf index 43fa859..10b366e 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,10 +1,5 @@ location / { - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - proxy_pass http://127.0.0.1:__PORT__; proxy_redirect off; proxy_set_header Host $host; diff --git a/manifest.json b/manifest.json index d4bde56..5998506 100644 --- a/manifest.json +++ b/manifest.json @@ -6,13 +6,12 @@ "en": "High Performance, Kubernetes Native Object Storage", "fr": "Serveur de stockage d'objets hautes performances" }, - "version": "2021-11-05T09-16-26Z~ynh1", + "version": "2022.01.28~ynh1", "url": "https://min.io/", "upstream": { "license": "AGPL-3.0-only", "website": "https://min.io", - "admindoc": "https://yunohost.org/packaging_apps", - "userdoc": "https://yunohost.org/apps", + "admindoc": "https://docs.min.io/", "code": "https://github.com/minio/minio" }, "license": "AGPL-3.0-only", @@ -20,7 +19,7 @@ "name": "Raoul de Limezy" }, "requirements": { - "yunohost": ">= 4.1.3" + "yunohost": ">= 4.3.0" }, "multi_instance": false, "services": [ diff --git a/scripts/backup b/scripts/backup index b01124b..5843064 100755 --- a/scripts/backup +++ b/scripts/backup @@ -39,11 +39,6 @@ mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) #================================================= ynh_print_info --message="Declaring files to be backed up..." -### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs -### to be backuped and not an actual copy of any file. The actual backup that -### creates and fill the archive with the files happens in the core after this -### script is called. Hence ynh_backups calls takes basically 0 seconds to run. - #================================================= # BACKUP THE APP MAIN DIR #================================================= diff --git a/scripts/install b/scripts/install index 8a0109d..a0765f4 100755 --- a/scripts/install +++ b/scripts/install @@ -27,38 +27,16 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" is_public=$YNH_APP_ARG_IS_PUBLIC -#language=$YNH_APP_ARG_LANGUAGE - -### If it's a multi-instance app, meaning it can be installed several times independently -### The id of the app as stated in the manifest is available as $YNH_APP_ID -### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...) -### The app instance name is available as $YNH_APP_INSTANCE_NAME -### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -### - ynhexample__{N} for the subsequent installations, with N=3,4... -### The app instance name is probably what interests you most, since this is -### guaranteed to be unique. This is a good unique identifier to define installation path, -### db names... -app=$YNH_APP_INSTANCE_NAME - -minio_id="minio" minio_key=$(ynh_string_random) +architecture=$YNH_ARCH + +app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -### About --weight and --time -### ynh_script_progression will show to your final users the progression of each scripts. -### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script. -### --time is a packager option, it will show you the execution time since the previous call. -### This option should be removed before releasing your app. -### Use the execution time, given by --time, to estimate the weight of a step. -### A common way to do it is to set a weight equal to the execution time in second +1. -### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. ynh_script_progression --message="Validating installation parameters..." --time --weight=1 -### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". -### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app" final_path=/opt/yunohost/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" @@ -67,10 +45,6 @@ mc_path=$final_path/mc # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -datadir=/home/yunohost.app/$app -test ! -e "$datadir" || ynh_die --message="This path already contains a folder" - #================================================= # STORE SETTINGS FROM MANIFEST #================================================= @@ -78,11 +52,9 @@ ynh_script_progression --message="Storing installation settings..." --time --wei ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=minio_id --value=$minio_id ynh_app_setting_set --app=$app --key=minio_key --value=$minio_key ynh_app_setting_set --app=$app --key=mc_path --value=$mc_path - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -90,11 +62,6 @@ ynh_app_setting_set --app=$app --key=mc_path --value=$mc_path #================================================= ynh_script_progression --message="Finding an available port..." --time --weight=1 -### Use these lines if you have to open a port for the application -### `ynh_find_port` will find the first available port starting from the given port. -### If you're not using these lines: -### - Remove the section "CLOSE A PORT" in the remove script - # Find an available port port=$(ynh_find_port --port=9000) ynh_app_setting_set --app=$app --key=port --value=$port @@ -103,29 +70,6 @@ ynh_app_setting_set --app=$app --key=port --value=$port console_port=$(ynh_find_port --port=36669) ynh_app_setting_set --app=$app --key=console_port --value=$console_port -# Optional: Expose this port publicly -# (N.B.: you only need to do this if the app actually needs to expose the port publicly. -# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) - -# Open the port -# ynh_script_progression --message="Configuring firewall..." --time --weight=1 -# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port - -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing dependencies..." --time --weight=1 - -### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. -### Those deb packages will be installed as dependencies of this package. -### If you're not using this helper: -### - Remove the section "REMOVE DEPENDENCIES" in the remove script -### - Remove the variable "pkg_dependencies" in _common.sh -### - As well as the section "REINSTALL DEPENDENCIES" in the restore script -### - And the section "UPGRADE DEPENDENCIES" in the upgrade script - -#ynh_install_app_dependencies $pkg_dependencies - #================================================= # CREATE DEDICATED USER #================================================= @@ -139,24 +83,15 @@ ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= ynh_script_progression --message="Setting up source files..." --time --weight=1 -### `ynh_setup_source` is used to install an app from a zip or tar.gz file, -### downloaded from an upstream source, like a git repository. -### `ynh_setup_source` use the file conf/app.src - ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. chmod -R 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" +chmod +x "$final_path/minio" #================================================= # DOWNLOAD, CHECK AND UNPACK MINIO CLIENT @@ -165,12 +100,6 @@ ynh_script_progression --message="Setting up MinIO client..." --time --weight=1 ynh_setup_source --dest_dir="$mc_path" --source_id=mc -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. chmod -R 750 "$mc_path" chmod -R o-rwx "$mc_path" chown -R $app:www-data "$mc_path" @@ -180,29 +109,15 @@ chown -R $app:www-data "$mc_path" #================================================= ynh_script_progression --message="Configuring NGINX web server..." --time --weight=1 -### `ynh_add_nginx_config` will use the file conf/nginx.conf - # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# SPECIFIC SETUP -#================================================= -# ... -#================================================= - #================================================= # CREATE DATA DIRECTORY #================================================= ynh_script_progression --message="Creating a data directory..." --time --weight=1 -### Use these lines if you need to create a directory to store "persistent files" for the application. -### Usually this directory is used to store uploaded files or any file that won't be updated during -### an upgrade and that won't be deleted during app removal -### If you're not using these lines: -### - Remove the section "BACKUP THE DATA DIR" in the backup script -### - As well as the section "RESTORE THE DATA DIRECTORY" in the restore script - +datadir=/home/yunohost.app/$app ynh_app_setting_set --app=$app --key=datadir --value=$datadir mkdir -p $datadir @@ -227,73 +142,14 @@ ynh_add_config --template="../conf/.env" --destination="$final_path/.env" chmod 750 "$final_path/.env" chown $app:$app "$final_path/.env" -### You can add specific configuration files. -### -### Typically, put your template conf file in ../conf/your_config_file -### The template may contain strings such as __FOO__ or __FOO_BAR__, -### which will automatically be replaced by the values of $foo and $foo_bar -### -### ynh_add_config will also keep track of the config file's checksum, -### which later during upgrade may allow to automatically backup the config file -### if it's found that the file was manually modified -### -### Check the documentation of `ynh_add_config` for more info. - -#ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file" - -# FIXME: this should be handled by the core in the future -# You may need to use chmod 600 instead of 400, -# for example if the app is expected to be able to modify its own config -#chmod 400 "$final_path/some_config_file" -#chown $app:$app "$final_path/some_config_file" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file" -### ynh_store_file_checksum --file="$final_path/some_config_file" - #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." --time --weight=1 -### `ynh_systemd_config` is used to configure a systemd script for an app. -### It can be used for apps that use sysvinit (with adaptation) or systemd. -### Have a look at the app to be sure this app needs a systemd script. -### `ynh_systemd_config` will use the file conf/systemd.service -### If you're not using these lines: -### - You can remove those files in conf/. -### - Remove the section "BACKUP SYSTEMD" in the backup script -### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script -### - As well as the section "RESTORE SYSTEMD" in the restore script -### - And the section "SETUP SYSTEMD" in the upgrade script - # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# SETUP APPLICATION WITH CURL -#================================================= - -### Use these lines only if the app installation needs to be finalized through -### web forms. We generally don't want to ask the final user, -### so we're going to use curl to automatically fill the fields and submit the -### forms. - -# Set the app as temporarily public for curl call -#ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 -# Making the app public for curl -#ynh_permission_update --permission="main" --add="visitors" - -# Installation with curl -#ynh_script_progression --message="Finalizing installation..." --time --weight=1 -#ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" - -# Remove the public access -#ynh_permission_update --permission="main" --remove="visitors" - #================================================= # GENERIC FINALIZATION #================================================= @@ -301,14 +157,6 @@ ynh_add_systemd_config #================================================= ynh_script_progression --message="Configuring log rotation..." --time --weight=1 -### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. -### Use this helper only if there is effectively a log file for this app. -### If you're not using this helper: -### - Remove the section "BACKUP LOGROTATE" in the backup script -### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script -### - And the section "SETUP LOGROTATE" in the upgrade script - # Use logrotate to manage application logfile(s) ynh_use_logrotate @@ -317,57 +165,16 @@ ynh_use_logrotate #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 -### `yunohost service add` integrates a service in YunoHost. It then gets -### displayed in the admin interface and through the others `yunohost service` commands. -### (N.B.: this line only makes sense if the app adds a service to the system!) -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script -### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script -### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script - yunohost service add $app --description="A High Performance, Kubernetes Native Object Storage" --log="/var/log/$app/$app.log" -### Additional options starting with 3.8: -### -### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed -### which will then be checked by YunoHost's diagnosis system -### (N.B. DO NOT USE THIS is the port is only internal!!!) -### -### --test_status "some command" a custom command to check the status of the service -### (only relevant if 'systemctl status' doesn't do a good job) -### -### --test_conf "some command" some command similar to "nginx -t" that validates the conf of the service -### -### Re-calling 'yunohost service add' during the upgrade script is the right way -### to proceed if you later realize that you need to enable some flags that -### weren't enabled on old installs (be careful it'll override the existing -### service though so you should re-provide all relevant flags when doing so) - #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --time --weight=1 -### `ynh_systemd_action` is used to start a systemd service for an app. -### Only needed if you have configure a systemd service -### If you're not using these lines: -### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script -### - As well as the section "START SYSTEMD SERVICE" in the restore script -### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script -### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script - # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# SETUP FAIL2BAN -#================================================= -#ynh_script_progression --message="Configuring Fail2Ban..." --time --weight=1 - -# Create a dedicated Fail2Ban config -#ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" - #================================================= # SETUP SSOWAT #================================================= @@ -376,22 +183,9 @@ ynh_script_progression --message="Configuring permissions..." --time --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi -### N.B. : the following extra permissions only make sense if your app -### does have for example an admin interface or an API. - -# Only the admin can access the admin panel of the app (if the app has an admin panel) -#ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin - -# Everyone can access the API part -# We don't want to display the tile in the SSO so we put --show_tile="false" -# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true" -#ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" - #================================================= # RELOAD NGINX #================================================= @@ -407,7 +201,7 @@ sleep 5 ynh_script_progression --message="Configuring MinIO client..." --time --weight=1 pushd $mc_path - ynh_exec_warn_less sudo -u minio ./mc alias set minio "https://$domain" "$minio_id" "$minio_key" + ynh_exec_warn_less sudo -u minio ./mc alias set minio "https://$domain" "$app" "$minio_key" popd #================================================= diff --git a/scripts/remove b/scripts/remove index 3d7b7af..c791d5c 100755 --- a/scripts/remove +++ b/scripts/remove @@ -58,7 +58,17 @@ ynh_script_progression --message="Removing app main directory..." --time --weigh # Remove the app directory securely ynh_secure_remove --file="$final_path" -ynh_secure_remove --file="$datadir" + +#================================================= +# REMOVE DATA DIR +#================================================= + +# Remove the data directory if --purge option is used +if [ "${YNH_APP_PURGE:-0}" -eq 1 ] +then + ynh_script_progression --message="Removing app data directory..." --time --weight=1 + ynh_secure_remove --file="$datadir" +fi #================================================= # REMOVE NGINX CONFIGURATION @@ -68,30 +78,6 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# CLOSE A PORT -#================================================= - -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port..." --time --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port -fi - -if yunohost firewall list | grep -q "\- $console_port$" -then - ynh_script_progression --message="Closing port $console_port..." --time --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port -fi - -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Removing Fail2ban configuration..." --time --weight=1 - -# Remove the dedicated Fail2Ban config -ynh_remove_fail2ban_config - #================================================= # SPECIFIC REMOVE #================================================= diff --git a/scripts/restore b/scripts/restore index d960d38..ef1f884 100755 --- a/scripts/restore +++ b/scripts/restore @@ -34,7 +34,6 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) datadir=$(ynh_app_setting_get --app=$app --key=datadir) mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) - #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= @@ -67,15 +66,10 @@ ynh_script_progression --message="Restoring the app main directory..." --time -- ynh_restore_file --origin_path="$final_path" -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:$app "$final_path" +chmod +x "$final_path/minio" #================================================= # RESTORE THE DATA DIRECTORY @@ -86,25 +80,10 @@ ynh_restore_file --origin_path="$datadir" --not_mandatory mkdir -p $datadir -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. chmod 750 "$datadir" chmod -R o-rwx "$datadir" chown -R $app:www-data "$datadir" -#================================================= -# RESTORE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --time --weight=1 - -ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban - #================================================= # RESTORE SYSTEMD #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 05e0362..ca9bf7f 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,20 +20,13 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) port=$(ynh_app_setting_get --app=$app --key=port) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -minio_id=$(ynh_app_setting_get --app=$app --key=minio_id) minio_key=$(ynh_app_setting_get --app=$app --key=minio_key) - +architecture=$YNH_ARCH #================================================= # CHECK VERSION #================================================= -### This helper will compare the version of the currently installed app and the version of the upstream package. -### $upgrade_type can have 2 different values -### - UPGRADE_APP if the upstream app version has changed -### - UPGRADE_PACKAGE if only the YunoHost package has changed -### ynh_check_app_version_changed will stop the upgrade if the app is up to date. -### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. upgrade_type=$(ynh_check_app_version_changed) #================================================= @@ -76,18 +69,13 @@ then ynh_script_progression --message="Upgrading source files..." --time --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" fi -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:$app "$final_path" +chmod +x "$final_path/minio" #================================================= # NGINX CONFIGURATION @@ -146,14 +134,6 @@ ynh_script_progression --message="Starting a systemd service..." --time --weight ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --time --weight=1 - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - #================================================= # RELOAD NGINX #=================================================