diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 8f144f3..0000000 --- a/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -*~ -*.sw[op] -.DS_Store diff --git a/check_process b/check_process index c3c4b2f..565f9f1 100644 --- a/check_process +++ b/check_process @@ -1,13 +1,13 @@ ;; Test complet ; Manifest domain="domain.tld" - path="/" is_public=1 + admin="john" password="1Strong-Password" ; Checks pkg_linter=1 setup_sub_dir=0 - setup_root=0 + setup_root=1 setup_nourl=0 setup_private=1 setup_public=1 @@ -15,11 +15,8 @@ #upgrade=1 from_commit=CommitHash backup_restore=1 multi_instance=0 + port_already_use=0 change_url=1 ;;; Options Email= Notification=none -;;; Upgrade options - ; commit=CommitHash - name=Name and date of the commit. - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& diff --git a/conf/.env b/conf/.env index 8ea98a5..549c366 100644 --- a/conf/.env +++ b/conf/.env @@ -1,4 +1,4 @@ -MINIO_ROOT_USER=__APP__ -MINIO_ROOT_PASSWORD=__MINIO_KEY__ +MINIO_ROOT_USER=__ADMIN__ +MINIO_ROOT_PASSWORD=__PASSWORD__ MINIO_VOLUMES="__DATADIR__/" MINIO_OPTS="-C __FINAL_PATH__/ --address 127.0.0.1:__PORT__ --console-address :__CONSOLE_PORT__" diff --git a/conf/nginx.conf b/conf/nginx.conf index 44fd264..7bcebc4 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,11 +1,7 @@ -location / { +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - - proxy_pass http://127.0.0.1:__PORT__/; + proxy_pass http://127.0.0.1:__CONSOLE_PORT__/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_cache_bypass $http_upgrade; diff --git a/conf/systemd.service b/conf/systemd.service index a349b45..9b6ab5b 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -9,9 +9,9 @@ AssertFileIsExecutable=__FINALPATH__/minio Type=simple User=__APP__ Group=__APP__ -ProtectProc=invisible -WorkingDirectory=__FINAL_PATH__/ -EnvironmentFile=__FINAL_PATH__/.env +#ProtectProc=invisible +WorkingDirectory=__FINALPATH__/ +EnvironmentFile=__FINALPATH__/.env ExecStart=__FINALPATH__/minio server $MINIO_OPTS $MINIO_VOLUMES # Let systemd restart this service always Restart=always diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index 0685205..3fb5acf 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -1,9 +1 @@ -Some long and extensive description of what the app is and does, lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. - -### Features - -- Ut enim ad minim veniam, quis nostrud exercitation ullamco ; -- Laboris nisi ut aliquip ex ea commodo consequat ; -- Duis aute irure dolor in reprehenderit in voluptate ; -- Velit esse cillum dolore eu fugiat nulla pariatur ; -- Excepteur sint occaecat cupidatat non proident, sunt in culpa." +MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. It is API compatible with Amazon S3 cloud storage service. Use MinIO to build high performance infrastructure for machine learning, analytics and application data workloads. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index aded581..e69de29 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -1,12 +0,0 @@ -* Any known limitations, constrains or stuff not working, such as (but not limited to): - * requiring a full dedicated domain ? - * architectures not supported ? - * not-working single-sign on or LDAP integration ? - * the app requires an important amount of RAM / disk / .. to install or to work properly - * etc... - -* Other infos that people should be aware of, such as: - * any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...) - * how to configure / administrate the application if it ain't obvious - * upgrade process / specificities / things to be aware of ? - * security considerations ? diff --git a/manifest.json b/manifest.json index 5998506..44e83ae 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "High Performance, Kubernetes Native Object Storage", "fr": "Serveur de stockage d'objets hautes performances" }, - "version": "2022.01.28~ynh1", + "version": "2022.01.28~ynh2", "url": "https://min.io/", "upstream": { "license": "AGPL-3.0-only", @@ -26,7 +26,7 @@ "nginx" ], "arguments": { - "install" : [ + "install": [ { "name": "domain", "type": "domain" @@ -35,6 +35,18 @@ "name": "is_public", "type": "boolean", "default": true + }, + { + "name": "admin", + "type": "user" + }, + { + "name": "password", + "type": "password", + "help": { + "en": "Use the help field to add an information for the admin about this question.", + "fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question." + } } ] } diff --git a/scripts/backup b/scripts/backup index f4db696..67278fd 100755 --- a/scripts/backup +++ b/scripts/backup @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -30,9 +29,7 @@ app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) datadir=$(ynh_app_setting_get --app=$app --key=datadir) -mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP diff --git a/scripts/change_url b/scripts/change_url index 6721178..ed3b14e 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -24,7 +24,7 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --time --weight=1 +ynh_script_progression --message="Loading installation settings..." --weight=1 # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) @@ -32,11 +32,12 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --time --weight=1 +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_clean_check_starting # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" @@ -67,14 +68,14 @@ fi #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 +ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." --time --weight=1 +ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf @@ -100,25 +101,19 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi -#================================================= -# SPECIFIC MODIFICATIONS -#================================================= -# ... -#================================================= - #================================================= # GENERIC FINALISATION #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --time --weight=1 +ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Console:" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload @@ -126,4 +121,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --time --last +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index 2271559..f7b0408 100755 --- a/scripts/install +++ b/scripts/install @@ -14,8 +14,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -27,7 +26,8 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" is_public=$YNH_APP_ARG_IS_PUBLIC -minio_key=$(ynh_string_random) +admin=$YNH_APP_ARG_ADMIN +password=$YNH_APP_ARG_PASSWORD architecture=$YNH_ARCH app=$YNH_APP_INSTANCE_NAME @@ -52,7 +52,8 @@ ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=minio_key --value=$minio_key +ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=password --value=$password ynh_app_setting_set --app=$app --key=mc_path --value=$mc_path #================================================= @@ -84,25 +85,14 @@ ynh_system_user_create --username=$app --home_dir="$final_path" ynh_script_progression --message="Setting up source files..." --weight=10 ynh_app_setting_set --app=$app --key=final_path --value=$final_path - # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" +ynh_setup_source --dest_dir="$mc_path" --source_id="mc" -chmod -R 750 "$final_path" +chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" chmod +x "$final_path/minio" - -#================================================= -# DOWNLOAD, CHECK AND UNPACK MINIO CLIENT -#================================================= -ynh_script_progression --message="Setting up MinIO client..." --weight=1 - -ynh_setup_source --dest_dir="$mc_path" --source_id="mc" - -chmod -R 750 "$mc_path" -chmod -R o-rwx "$mc_path" -chown -R $app:www-data "$mc_path" chmod +x "$mc_path/mc" #================================================= @@ -113,12 +103,14 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=4 # Create a dedicated NGINX config ynh_add_nginx_config +#================================================= +# SPECIFIC SETUP #================================================= # CREATE DATA DIRECTORY #================================================= ynh_script_progression --message="Creating a data directory..." --weight=1 -datadir="/home/yunohost.app/$app" +datadir=/home/yunohost.app/$app ynh_app_setting_set --app=$app --key=datadir --value=$datadir mkdir -p $datadir @@ -134,7 +126,7 @@ ynh_script_progression --message="Adding a configuration file..." --weight=2 ynh_add_config --template="../conf/.env" --destination="$final_path/.env" -chmod 750 "$final_path/.env" +chmod 400 "$final_path/.env" chown $app:$app "$final_path/.env" #================================================= @@ -168,7 +160,7 @@ yunohost service add $app --description="A High Performance, Kubernetes Native O ynh_script_progression --message="Starting a systemd service..." --weight=3 # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Console:" #================================================= # SETUP SSOWAT @@ -178,6 +170,8 @@ ynh_script_progression --message="Configuring permissions..." --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi @@ -194,7 +188,7 @@ ynh_systemd_action --service_name=nginx --action=reload ynh_script_progression --message="Configuring MinIO client..." --weight=1 pushd $mc_path - ynh_exec_warn_less sudo -u $app ./mc alias set minio "https://$domain" "$app" "$minio_key" --api S3v4 + ynh_exec_warn_less sudo -u $app ./mc alias set minio "https://$domain" "$admin" "$password" --api S3v4 popd #================================================= diff --git a/scripts/remove b/scripts/remove index 8d04375..4ad2869 100755 --- a/scripts/remove +++ b/scripts/remove @@ -17,8 +17,6 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -console_port=$(ynh_app_setting_get --app=$app --key=console_port) final_path=$(ynh_app_setting_get --app=$app --key=final_path) datadir=$(ynh_app_setting_get --app=$app --key=datadir) diff --git a/scripts/restore b/scripts/restore index cce485a..a720975 100755 --- a/scripts/restore +++ b/scripts/restore @@ -15,8 +15,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. - true + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -47,7 +46,7 @@ test ! -d $final_path \ #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 +ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" @@ -68,8 +67,9 @@ ynh_restore_file --origin_path="$final_path" chmod 750 "$final_path" chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +chown -R $app:www-data "$final_path" chmod +x "$final_path/minio" +chmod +x "$mc_path/mc" #================================================= # RESTORE THE DATA DIRECTORY @@ -111,7 +111,7 @@ yunohost service add $app --description="A High Performance, Kubernetes Native O #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=3 -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Console:" #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index e5a8ddd..6fb28ff 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -21,12 +21,14 @@ port=$(ynh_app_setting_get --app=$app --key=port) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) -minio_key=$(ynh_app_setting_get --app=$app --key=minio_key) +admin=$(ynh_app_setting_get --app=$app --key=admin) +password=$(ynh_app_setting_get --app=$app --key=password) architecture=$YNH_ARCH #================================================= # CHECK VERSION #================================================= +ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) @@ -38,6 +40,7 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_clean_check_starting # Restore it if the upgrade fails ynh_restore_upgradebackup } @@ -54,6 +57,11 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=2 ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" #================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." + +================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 @@ -71,23 +79,13 @@ then # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" --keep="$final_path/.env" + ynh_setup_source --dest_dir="$mc_path" --source_id="mc" fi chmod 750 "$final_path" chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +chown -R $app:www-data "$final_path" chmod +x "$final_path/minio" - -#================================================= -# DOWNLOAD, CHECK AND UNPACK MINIO CLIENT -#================================================= -ynh_script_progression --message="Setting up MinIO client..." --weight=1 - -ynh_setup_source --dest_dir="$mc_path" --source_id="mc" - -chmod -R 750 "$mc_path" -chmod -R o-rwx "$mc_path" -chown -R $app:www-data "$mc_path" chmod +x "$mc_path/mc" #================================================= @@ -98,15 +96,15 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config -# #================================================= -# # ADD A CONFIGURATION -# #================================================= -# ynh_script_progression --message="Adding a configuration file..." --weight=2 +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating a configuration file..." -# ynh_add_config --template="../conf/.env" --destination="$final_path/.env" +ynh_add_config --template="../conf/.env" --destination="$final_path/.env" -# chmod 750 "$final_path/.env" -# chown $app:$app "$final_path/.env" +chmod 400 "$final_path/.env" +chown $app:$app "$final_path/.env" #================================================= # SETUP SYSTEMD @@ -138,7 +136,7 @@ yunohost service add $app --description="A High Performance, Kubernetes Native O #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=3 -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Console:" #================================================= # RELOAD NGINX @@ -153,7 +151,7 @@ ynh_systemd_action --service_name=nginx --action=reload ynh_script_progression --message="Configuring MinIO client..." --weight=1 pushd $mc_path - ynh_exec_warn_less sudo -u $app ./mc alias set minio "https://$domain" "$app" "$minio_key" --api S3v4 + ynh_exec_warn_less sudo -u $app ./mc alias set minio "https://$domain" "$admin" "$password" --api S3v4 popd #================================================= diff --git a/sources/extra_files/app/.gitignore b/sources/extra_files/app/.gitignore deleted file mode 100644 index 783a4ae..0000000 --- a/sources/extra_files/app/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*~ -*.sw[op] diff --git a/sources/patches/.gitignore b/sources/patches/.gitignore deleted file mode 100644 index 783a4ae..0000000 --- a/sources/patches/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*~ -*.sw[op]