From b10e7fa2c8e820364da851217b22fa5b85f44b5a Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Tue, 16 Nov 2021 23:06:34 +0100 Subject: [PATCH] Fix --- conf/nginx.conf | 7 ---- manifest.json | 2 +- scripts/_common.sh | 98 +--------------------------------------------- scripts/backup | 6 +++ scripts/install | 18 +++++---- scripts/remove | 8 ++++ scripts/restore | 24 +++++++----- scripts/upgrade | 17 ++++---- 8 files changed, 52 insertions(+), 128 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 82bf4b1..54fc79b 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,12 +1,5 @@ location / { - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - - #client_max_body_size 50M; - proxy_pass http://127.0.0.1:__PORT__; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; diff --git a/manifest.json b/manifest.json index 91066a3..99e0fe6 100644 --- a/manifest.json +++ b/manifest.json @@ -19,7 +19,7 @@ "name": "Anmol Sharma" }, "requirements": { - "yunohost": ">= 4.2.4" + "yunohost": ">= 4.3.0" }, "multi_instance": true, "services": ["nginx"], diff --git a/scripts/_common.sh b/scripts/_common.sh index 5745215..177115e 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,12 +4,10 @@ # COMMON VARIABLES #================================================= -MEMORY_NEEDED="2560" +NODEJS_VERSION="12" # dependencies used by the app -pkg_dependencies="build-essential ffmpeg redis-server redis-tools postgresql postgresql-contrib" - -NODEJS_VERSION="12" +pkg_dependencies="build-essential ffmpeg postgresql postgresql-contrib" #================================================= # PERSONAL HELPERS @@ -22,95 +20,3 @@ NODEJS_VERSION="12" #================================================= # FUTURE OFFICIAL HELPERS #================================================= - -# Add swap -# -# usage: ynh_add_swap --size=SWAP in Mb -# | arg: -s, --size= - Amount of SWAP to add in Mb. -ynh_add_swap () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [s]=size= ) - local size - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - - local swap_max_size=$(( $size * 1024 )) - - local free_space=$(df --output=avail / | sed 1d) - # Because we don't want to fill the disk with a swap file, divide by 2 the available space. - local usable_space=$(( $free_space / 2 )) - - SD_CARD_CAN_SWAP=${SD_CARD_CAN_SWAP:-0} - - # Swap on SD card only if it's is specified - if ynh_is_main_device_a_sd_card && [ "$SD_CARD_CAN_SWAP" == "0" ] - then - ynh_print_warn --message="The main mountpoint of your system '/' is on an SD card, swap will not be added to prevent some damage of this one, but that can cause troubles for the app $app. If you still want activate the swap, you can relaunch the command preceded by 'SD_CARD_CAN_SWAP=1'" - return - fi - - # Compare the available space with the size of the swap. - # And set a acceptable size from the request - if [ $usable_space -ge $swap_max_size ] - then - local swap_size=$swap_max_size - elif [ $usable_space -ge $(( $swap_max_size / 2 )) ] - then - local swap_size=$(( $swap_max_size / 2 )) - elif [ $usable_space -ge $(( $swap_max_size / 3 )) ] - then - local swap_size=$(( $swap_max_size / 3 )) - elif [ $usable_space -ge $(( $swap_max_size / 4 )) ] - then - local swap_size=$(( $swap_max_size / 4 )) - else - echo "Not enough space left for a swap file" >&2 - local swap_size=0 - fi - - # If there's enough space for a swap, and no existing swap here - if [ $swap_size -ne 0 ] && [ ! -e /swap_$app ] - then - # Preallocate space for the swap file, fallocate may sometime not be used, use dd instead in this case - if ! fallocate -l ${swap_size}K /swap_$app - then - dd if=/dev/zero of=/swap_$app bs=1024 count=${swap_size} - fi - chmod 0600 /swap_$app - # Create the swap - mkswap /swap_$app - # And activate it - swapon /swap_$app - # Then add an entry in fstab to load this swap at each boot. - echo -e "/swap_$app swap swap defaults 0 0 #Swap added by $app" >> /etc/fstab - fi -} - -ynh_del_swap () { - # If there a swap at this place - if [ -e /swap_$app ] - then - # Clean the fstab - sed -i "/#Swap added by $app/d" /etc/fstab - # Desactive the swap file - swapoff /swap_$app - # And remove it - rm /swap_$app - fi -} - -# Check if the device of the main mountpoint "/" is an SD card -# -# [internal] -# -# return 0 if it's an SD card, else 1 -ynh_is_main_device_a_sd_card () { - local main_device=$(lsblk --output PKNAME --noheadings $(findmnt / --nofsroot --uniq --output source --noheadings --first-only)) - - if echo $main_device | grep --quiet "mmc" && [ $(tail -n1 /sys/block/$main_device/queue/rotational) == "0" ] - then - return 0 - else - return 1 - fi -} diff --git a/scripts/backup b/scripts/backup index a64c9b1..9315100 100755 --- a/scripts/backup +++ b/scripts/backup @@ -55,6 +55,12 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/systemd/system/$app.service" +#================================================= +# BACKUP LOGROTATE +#================================================= + +ynh_backup --src_path="/etc/logrotate.d/$app" + #================================================= # BACKUP THE POSTGRESQL DATABASE #================================================= diff --git a/scripts/install b/scripts/install index 4877950..7b4982c 100755 --- a/scripts/install +++ b/scripts/install @@ -79,6 +79,7 @@ ynh_script_progression --message="Creating a PostgreSQL database..." --weight=2 # Create postgresql database db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_psql_test_if_first_run ynh_psql_setup_db --db_user=$db_name --db_name=$db_name @@ -89,7 +90,7 @@ ynh_psql_setup_db --db_user=$db_name --db_name=$db_name ynh_script_progression --message="Configuring system user..." --weight=2 # Create a system user -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -100,6 +101,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -119,6 +124,7 @@ ynh_add_systemd_config #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= +ynh_script_progression --message="Adding a configuration file..." --weight=1 ynh_add_config --template="../conf/default.yml" --destination="$final_path/.config/default.yml" @@ -130,18 +136,16 @@ ynh_script_progression --message="Installing Misskey..." --weight=15 pushd "$final_path" ynh_exec_warn_less yarn add ts-node webpack ynh_exec_warn_less yarn build - #ynh_exec_warn_less NODE_ENV=production yarn build ynh_exec_warn_less yarn run init popd #================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES +# SETUP LOGROTATE #================================================= +ynh_script_progression --message="Configuring log rotation..." --weight=1 -# Set permissions to app files -chown -R $app: $final_path +# Use logrotate to manage application logfile(s) +ynh_use_logrotate #================================================= # INTEGRATE SERVICE IN YUNOHOST diff --git a/scripts/remove b/scripts/remove index dcac200..dadc5b9 100755 --- a/scripts/remove +++ b/scripts/remove @@ -77,6 +77,14 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- # Remove the dedicated nginx config ynh_remove_nginx_config +#================================================= +# REMOVE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Removing logrotate configuration..." --weight=1 + +# Remove the app-specific logrotate config +ynh_remove_logrotate + #================================================= # SPECIFIC REMOVE #================================================= diff --git a/scripts/restore b/scripts/restore index 36d0cf8..2e6e8df 100755 --- a/scripts/restore +++ b/scripts/restore @@ -50,13 +50,6 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring the app main directory..." --weight=1 - -ynh_restore_file --origin_path="$final_path" - #================================================= # RECREATE THE DEDICATED USER #================================================= @@ -66,11 +59,15 @@ ynh_script_progression --message="Recreating the dedicated system user..." --wei ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# RESTORE USER RIGHTS +# RESTORE THE APP MAIN DIR #================================================= +ynh_script_progression --message="Restoring the app main directory..." --weight=1 -# Restore permissions on app files -chown -R $app: $final_path +ynh_restore_file --origin_path="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # SPECIFIC RESTORATION @@ -117,6 +114,13 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action=start --log_path="systemd" --line_match="All workers started" +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 + +ynh_restore_file --origin_path="/etc/logrotate.d/$app" + #================================================= # RELOAD NGINX AND PHP-FPM #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 64b85f7..b5d8149 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -82,7 +82,7 @@ ynh_systemd_action --service_name=$app --action=stop --log_path=systemd --line_m ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -96,6 +96,10 @@ then ynh_setup_source --dest_dir="$final_path" --keep="$final_path/.config/default.yml" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -122,7 +126,7 @@ ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ st pushd "$final_path" ynh_exec_warn_less yarn install - ynh_exec_warn_less NODE_ENV=production yarn build + ynh_exec_warn_less yarn build ynh_exec_warn_less yarn migrate popd @@ -135,13 +139,12 @@ ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 ynh_add_systemd_config #================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES +# SETUP LOGROTATE #================================================= +ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1 -# Set permissions on app files -chown -R $app: $final_path +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append #================================================= # INTEGRATE SERVICE IN YUNOHOST