diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100755 index 0000000..ddd5460 --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,129 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +# Remove this exit command when you are ready to run this Action +exit 1 + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) +echo "${#assets[@]} available asset(s)" + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Here we use the $assets variable to get the resources published in the upstream release. +# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. + +# Let's loop over the array of assets URLs +for asset_url in ${assets[@]}; do + +echo "Handling asset at $asset_url" + +# Assign the asset to a source file in conf/ directory +# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) +# Leave $src empty to ignore the asset +case $asset_url in + *".tar.gz"*) + src="app" + ;; +esac + +# If $src is not empty, let's process the asset +if [ ! -z "$src" ]; then + +# Create the temporary directory +tempdir="$(mktemp -d)" + +# Download sources and calculate checksum +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" +checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + +# Rewrite source file +cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +EOT +echo "... conf/$src.src updated" + +else +echo "... asset ignored" +fi + +done + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..fb72ba0 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,49 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it every day at 6:00 UTC + schedule: + - cron: '0 6 * * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + draft: false diff --git a/README.md b/README.md index c9d012b..4065ead 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,10 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in ## Overview -Microblogging platform +Misskey is a decentralized microblogging platform. Since it exists within the Fediverse (a universe where various social media platforms are organized), it is mutually linked with other social media platforms. -**Shipped version:** 12.84.2~ynh2 + +**Shipped version:** 12.96.1~ynh1 @@ -51,7 +52,6 @@ screen -r ## Documentation and resources * Official app website: https://join.misskey.page -* Official user documentation: https://yunohost.org/apps * Upstream app code repository: https://github.com/misskey-dev/misskey * YunoHost documentation for this app: https://yunohost.org/app_misskey * Report a bug: https://github.com/YunoHost-Apps/misskey_ynh/issues diff --git a/README_fr.md b/README_fr.md index 709c597..71633fd 100644 --- a/README_fr.md +++ b/README_fr.md @@ -11,9 +11,9 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour ## Vue d'ensemble -Platforme de Microblogging +Misskey est une plateforme de microblogging décentralisée. Puisqu'il existe au sein du Fediverse (un univers où diverses plateformes de médias sociaux sont organisées), il est mutuellement lié à d'autres plateformes de médias sociaux. -**Version incluse :** 12.84.2~ynh2 +**Version incluse :** 12.96.1~ynh1 @@ -47,7 +47,6 @@ screen -r ## Documentations et ressources * Site officiel de l'app : https://join.misskey.page -* Documentation officielle utilisateur : https://yunohost.org/apps * Dépôt de code officiel de l'app : https://github.com/misskey-dev/misskey * Documentation YunoHost pour cette app : https://yunohost.org/app_misskey * Signaler un bug : https://github.com/YunoHost-Apps/misskey_ynh/issues diff --git a/check_process b/check_process index 356f407..93b0e2f 100644 --- a/check_process +++ b/check_process @@ -11,7 +11,7 @@ setup_public=1 upgrade=1 # 12.84.0~ynh1 - upgrade=1 from_commit=32c061ef1a6cedb00300ffd38184cd7d5fff4c95 + #upgrade=1 from_commit=32c061ef1a6cedb00300ffd38184cd7d5fff4c95 backup_restore=1 multi_instance=1 change_url=0 diff --git a/conf/app.src b/conf/app.src index 776183f..b339ee7 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,6 +1,5 @@ -SOURCE_URL=https://github.com/misskey-dev/misskey/archive/refs/tags/12.84.2.tar.gz -SOURCE_SUM=ec12513a37e41b0c92d51563b2a925017f5eb3c2c05bbcf54357e5e39064d2d1 +SOURCE_URL=https://github.com/misskey-dev/misskey/archive/refs/tags/12.96.1.tar.gz +SOURCE_SUM=95a50390b0a4b23e8d3b4992277987cc1526846218a992cd8167f1c15cc7f7dc SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= diff --git a/conf/default.yml b/conf/default.yml index bf55dca..50f8d70 100644 --- a/conf/default.yml +++ b/conf/default.yml @@ -80,7 +80,7 @@ redis: port: 6379 #pass: example-pass #prefix: example-prefix - #db: 1 + db: __REDIS_DB__ # ┌─────────────────────────────┐ #───┘ Elasticsearch configuration └───────────────────────────── diff --git a/conf/nginx.conf b/conf/nginx.conf index 82bf4b1..54fc79b 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,12 +1,5 @@ location / { - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - - #client_max_body_size 50M; - proxy_pass http://127.0.0.1:__PORT__; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; diff --git a/conf/systemd.service b/conf/systemd.service index 9540e71..170795f 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,7 +6,7 @@ Type=simple User=__APP__ Group=__APP__ WorkingDirectory=__FINALPATH__ -Environment=__YNH_NODE_LOAD_PATH__ +Environment="PATH=__ENV_PATH__" Environment="NODE_ENV=production" ExecStart=__YNH_NPM__ start TimeoutSec=60 diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..f1d9c76 --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1 @@ +Misskey is a decentralized microblogging platform. Since it exists within the Fediverse (a universe where various social media platforms are organized), it is mutually linked with other social media platforms. diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md new file mode 100644 index 0000000..e17cec6 --- /dev/null +++ b/doc/DESCRIPTION_fr.md @@ -0,0 +1 @@ +Misskey est une plateforme de microblogging décentralisée. Puisqu'il existe au sein du Fediverse (un univers où diverses plateformes de médias sociaux sont organisées), il est mutuellement lié à d'autres plateformes de médias sociaux. \ No newline at end of file diff --git a/manifest.json b/manifest.json index 333a875..4cde368 100644 --- a/manifest.json +++ b/manifest.json @@ -6,12 +6,11 @@ "en": "Microblogging platform", "fr": "Platforme de Microblogging" }, - "version": "12.84.2~ynh2", + "version": "12.96.1~ynh1", "url": "https://join.misskey.page/en/", "upstream": { "license": "AGPL-3.0", "website": "https://join.misskey.page", - "userdoc": "https://yunohost.org/apps", "code": "https://github.com/misskey-dev/misskey" }, "license": "AGPL-3.0", @@ -19,7 +18,7 @@ "name": "Anmol Sharma" }, "requirements": { - "yunohost": ">= 4.2.4" + "yunohost": ">= 4.3.0" }, "multi_instance": true, "services": ["nginx"], @@ -27,8 +26,7 @@ "install": [ { "name": "domain", - "type": "domain", - "example": "example.com" + "type": "domain" }, { "name": "is_public", diff --git a/scripts/_common.sh b/scripts/_common.sh index 5745215..59c3cd0 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,12 +4,10 @@ # COMMON VARIABLES #================================================= -MEMORY_NEEDED="2560" +NODEJS_VERSION="16" # dependencies used by the app -pkg_dependencies="build-essential ffmpeg redis-server redis-tools postgresql postgresql-contrib" - -NODEJS_VERSION="12" +pkg_dependencies="ffmpeg postgresql" #================================================= # PERSONAL HELPERS @@ -20,97 +18,43 @@ NODEJS_VERSION="12" #================================================= #================================================= -# FUTURE OFFICIAL HELPERS +# REDIS HELPERS #================================================= -# Add swap +# get the first available redis database # -# usage: ynh_add_swap --size=SWAP in Mb -# | arg: -s, --size= - Amount of SWAP to add in Mb. -ynh_add_swap () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [s]=size= ) - local size - # Manage arguments with getopts - ynh_handle_getopts_args "$@" +# usage: ynh_redis_get_free_db +# | returns: the database number to use +ynh_redis_get_free_db() { + local result max db + result="$(redis-cli INFO keyspace)" - local swap_max_size=$(( $size * 1024 )) + # get the num + max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") - local free_space=$(df --output=avail / | sed 1d) - # Because we don't want to fill the disk with a swap file, divide by 2 the available space. - local usable_space=$(( $free_space / 2 )) + db=0 + # default Debian setting is 15 databases + for i in $(seq 0 "$max") + do + if ! echo "$result" | grep -q "db$i" + then + db=$i + break 1 + fi + db=-1 + done - SD_CARD_CAN_SWAP=${SD_CARD_CAN_SWAP:-0} + test "$db" -eq -1 && ynh_die --message="No available Redis databases..." - # Swap on SD card only if it's is specified - if ynh_is_main_device_a_sd_card && [ "$SD_CARD_CAN_SWAP" == "0" ] - then - ynh_print_warn --message="The main mountpoint of your system '/' is on an SD card, swap will not be added to prevent some damage of this one, but that can cause troubles for the app $app. If you still want activate the swap, you can relaunch the command preceded by 'SD_CARD_CAN_SWAP=1'" - return - fi - - # Compare the available space with the size of the swap. - # And set a acceptable size from the request - if [ $usable_space -ge $swap_max_size ] - then - local swap_size=$swap_max_size - elif [ $usable_space -ge $(( $swap_max_size / 2 )) ] - then - local swap_size=$(( $swap_max_size / 2 )) - elif [ $usable_space -ge $(( $swap_max_size / 3 )) ] - then - local swap_size=$(( $swap_max_size / 3 )) - elif [ $usable_space -ge $(( $swap_max_size / 4 )) ] - then - local swap_size=$(( $swap_max_size / 4 )) - else - echo "Not enough space left for a swap file" >&2 - local swap_size=0 - fi - - # If there's enough space for a swap, and no existing swap here - if [ $swap_size -ne 0 ] && [ ! -e /swap_$app ] - then - # Preallocate space for the swap file, fallocate may sometime not be used, use dd instead in this case - if ! fallocate -l ${swap_size}K /swap_$app - then - dd if=/dev/zero of=/swap_$app bs=1024 count=${swap_size} - fi - chmod 0600 /swap_$app - # Create the swap - mkswap /swap_$app - # And activate it - swapon /swap_$app - # Then add an entry in fstab to load this swap at each boot. - echo -e "/swap_$app swap swap defaults 0 0 #Swap added by $app" >> /etc/fstab - fi + echo "$db" } -ynh_del_swap () { - # If there a swap at this place - if [ -e /swap_$app ] - then - # Clean the fstab - sed -i "/#Swap added by $app/d" /etc/fstab - # Desactive the swap file - swapoff /swap_$app - # And remove it - rm /swap_$app - fi -} - -# Check if the device of the main mountpoint "/" is an SD card +# Create a master password and set up global settings +# Please always call this script in install and restore scripts # -# [internal] -# -# return 0 if it's an SD card, else 1 -ynh_is_main_device_a_sd_card () { - local main_device=$(lsblk --output PKNAME --noheadings $(findmnt / --nofsroot --uniq --output source --noheadings --first-only)) - - if echo $main_device | grep --quiet "mmc" && [ $(tail -n1 /sys/block/$main_device/queue/rotational) == "0" ] - then - return 0 - else - return 1 - fi +# usage: ynh_redis_remove_db database +# | arg: database - the database to erase +ynh_redis_remove_db() { + local db=$1 + redis-cli -n "$db" flushall } diff --git a/scripts/backup b/scripts/backup index a64c9b1..9315100 100755 --- a/scripts/backup +++ b/scripts/backup @@ -55,6 +55,12 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/systemd/system/$app.service" +#================================================= +# BACKUP LOGROTATE +#================================================= + +ynh_backup --src_path="/etc/logrotate.d/$app" + #================================================= # BACKUP THE POSTGRESQL DATABASE #================================================= diff --git a/scripts/install b/scripts/install index 78fa0ed..b946706 100755 --- a/scripts/install +++ b/scripts/install @@ -79,6 +79,7 @@ ynh_script_progression --message="Creating a PostgreSQL database..." --weight=2 # Create postgresql database db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_psql_test_if_first_run ynh_psql_setup_db --db_user=$db_name --db_name=$db_name @@ -89,7 +90,7 @@ ynh_psql_setup_db --db_user=$db_name --db_name=$db_name ynh_script_progression --message="Configuring system user..." --weight=2 # Create a system user -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -100,6 +101,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -113,12 +118,19 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Configuring a systemd service..." --weight=1 +ynh_replace_string --match_string="__ENV_PATH__" --replace_string="$PATH" --target_file="../conf/systemd.service" + # Create a dedicated systemd config ynh_add_systemd_config #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= +ynh_script_progression --message="Adding a configuration file..." --weight=1 + +# Configure redis +redis_db=$(ynh_redis_get_free_db) +ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" ynh_add_config --template="../conf/default.yml" --destination="$final_path/.config/default.yml" @@ -128,19 +140,19 @@ ynh_add_config --template="../conf/default.yml" --destination="$final_path/.conf ynh_script_progression --message="Installing Misskey..." --weight=15 pushd "$final_path" + ynh_use_nodejs ynh_exec_warn_less yarn add ts-node webpack - ynh_exec_warn_less NODE_ENV=production yarn build + ynh_exec_warn_less yarn build ynh_exec_warn_less yarn run init popd #================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES +# SETUP LOGROTATE #================================================= +ynh_script_progression --message="Configuring log rotation..." --weight=1 -# Set permissions to app files -chown -R $app: $final_path +# Use logrotate to manage application logfile(s) +ynh_use_logrotate #================================================= # INTEGRATE SERVICE IN YUNOHOST diff --git a/scripts/remove b/scripts/remove index dcac200..0da75b1 100755 --- a/scripts/remove +++ b/scripts/remove @@ -51,6 +51,13 @@ ynh_script_progression --message="Removing the PostgreSQL database..." --weight= # Remove a database if it exists, along with the associated user ynh_psql_remove_db --db_user="$db_user" --db_name="$db_name" +#================================================= +# REMOVE THE REDIS DATABASE +#================================================= +ynh_script_progression --message="Removing the redis database..." --weight=1 + +ynh_redis_remove_db "$redis_db" + #================================================= # REMOVE DEPENDENCIES #================================================= @@ -77,6 +84,14 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- # Remove the dedicated nginx config ynh_remove_nginx_config +#================================================= +# REMOVE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Removing logrotate configuration..." --weight=1 + +# Remove the app-specific logrotate config +ynh_remove_logrotate + #================================================= # SPECIFIC REMOVE #================================================= diff --git a/scripts/restore b/scripts/restore index 8c790e1..84399b8 100755 --- a/scripts/restore +++ b/scripts/restore @@ -40,25 +40,15 @@ db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " -# STANDARD RESTORATION STEPS #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring the app main directory..." --weight=1 - -ynh_restore_file --origin_path="$final_path" - #================================================= # RECREATE THE DEDICATED USER #================================================= @@ -68,18 +58,22 @@ ynh_script_progression --message="Recreating the dedicated system user..." --wei ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# RESTORE USER RIGHTS +# RESTORE THE APP MAIN DIR #================================================= +ynh_script_progression --message="Restoring the app main directory..." --weight=1 -# Restore permissions on app files -chown -R $app: $final_path +ynh_restore_file --origin_path="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=1 +ynh_script_progression --message="Reinstalling dependencies..." --weight=5 # Define and install dependencies ynh_install_nodejs --nodejs_version=$NODEJS_VERSION @@ -105,6 +99,13 @@ ynh_script_progression --message="Restoring the systemd configuration..." --weig ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 + +ynh_restore_file --origin_path="/etc/logrotate.d/$app" + #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 81932fe..5a30f3c 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -29,6 +29,20 @@ port=$(ynh_app_setting_get --app=$app --key=port) upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -53,20 +67,6 @@ if ynh_legacy_permissions_exists; then ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -82,7 +82,7 @@ ynh_systemd_action --service_name=$app --action=stop --log_path=systemd --line_m ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -96,6 +96,10 @@ then ynh_setup_source --dest_dir="$final_path" --keep="$final_path/.config/default.yml" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -107,7 +111,7 @@ ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading dependencies..." +ynh_script_progression --message="Upgrading dependencies..." --weight=5 ynh_install_nodejs --nodejs_version=$NODEJS_VERSION @@ -122,7 +126,7 @@ ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ st pushd "$final_path" ynh_exec_warn_less yarn install - ynh_exec_warn_less NODE_ENV=production yarn build + ynh_exec_warn_less yarn build ynh_exec_warn_less yarn migrate popd @@ -131,17 +135,18 @@ popd #================================================= ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 +ynh_replace_string --match_string="__ENV_PATH__" --replace_string="$PATH" --target_file="../conf/systemd.service" + # Create a dedicated systemd config ynh_add_systemd_config #================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES +# SETUP LOGROTATE #================================================= +ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 -# Set permissions on app files -chown -R $app: $final_path +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append #================================================= # INTEGRATE SERVICE IN YUNOHOST