diff --git a/README.md b/README.md index d76dcc2..af5b558 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in A decentralized and federated platform to organize events -**Shipped version:** 1.2.2~ynh1 +**Shipped version:** 1.2.3~ynh1 **Demo:** https://demo.mobilizon.org diff --git a/README_fr.md b/README_fr.md index 2dc558d..a5ae8fc 100644 --- a/README_fr.md +++ b/README_fr.md @@ -13,7 +13,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour Une plateforme décentralisée et fédérée pour organiser des événements -**Version incluse :** 1.2.2~ynh1 +**Version incluse :** 1.2.3~ynh1 **Démo :** https://demo.mobilizon.org diff --git a/check_process b/check_process index 54cb10e..3786210 100644 --- a/check_process +++ b/check_process @@ -18,6 +18,8 @@ # upgrade=1 from_commit=87d34001dd0b77aed4fa7be2911bc04f58b069ee # 1.1.4~ynh1 upgrade=1 from_commit=215b20b0d35178a2c3405a7e3239eba81e22c060 + # 1.2.2~ynh1 + upgrade=1 from_commit=b63c7833f80de56bbc4a255ddda3b865a5637afc backup_restore=1 multi_instance=1 port_already_use=0 @@ -30,3 +32,5 @@ Notification=all name=1.1.3~ynh1 ; commit=215b20b0d35178a2c3405a7e3239eba81e22c060 name=1.1.4~ynh1 + ; commit=b63c7833f80de56bbc4a255ddda3b865a5637afc + name=1.2.2~ynh1 diff --git a/conf/app.src b/conf/app.src index fde5e5b..77d6c31 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://framagit.org/framasoft/mobilizon/-/archive/1.2.2/mobilizon-1.2.2.tar.gz -SOURCE_SUM=6cdeb3f0a45eff8b340ca66df6c1820c4ce8f31b3247adcb2581eb89ad70c017 +SOURCE_URL=https://framagit.org/framasoft/mobilizon/-/archive/1.2.3/mobilizon-1.2.3.tar.gz +SOURCE_SUM=4025bf5cee811987b0bf55b1dac88621544d3d2bcd1b02100049e9f63bafb8ad SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=mobilizon-1.2.2.tar.gz +SOURCE_FILENAME=mobilizon-1.2.3.tar.gz SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index e0eeb1e..4a49b26 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,43 +1,57 @@ -location __PATH__/ { +#gzip on; +gzip_disable "msie6"; +gzip_vary on; +gzip_proxied any; +gzip_comp_level 6; +gzip_buffers 16 8k; +gzip_http_version 1.1; +gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml; + +# the nginx default is 1m, not enough for large media uploads +client_max_body_size 50M; + +proxy_http_version 1.1; +proxy_set_header Upgrade $http_upgrade; +proxy_set_header Connection "upgrade"; +proxy_set_header Host $http_host; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-Proto $scheme; + +location / { # Force usage of https if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } - # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file - client_max_body_size 50M; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://localhost:__PORT__; - location ~* \.(css|js)$ { - root __FINALPATH__/mobilizon/priv/static; - etag off; - access_log off; - more_set_headers "Cache-Control: public, max-age=31536000, immutable"; - } - - location ~ ^/(media|proxy) { - etag off; - access_log off; - more_set_headers "Cache-Control: public, max-age=31536000, immutable"; - proxy_pass http://localhost:__PORT__; - } - - error_page 500 501 502 503 504 @error; - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; + # include conf.d/yunohost_panel.conf.inc; } +# Let's Encrypt keeps its files here +location ^~ '/.well-known/acme-challenge' { + root /var/www/certbot; + default_type "text/plain"; +} + +location ~ ^/(js|css) { + root __FINALPATH__/live/priv/static; + etag off; + access_log off; + more_set_headers "Cache-Control: public, max-age=31536000, immutable"; +} + +location ~ ^/(media|proxy) { + etag off; + access_log off; + more_set_headers "Cache-Control: public, max-age=31536000, immutable"; + proxy_pass http://localhost:__PORT__; +} + +error_page 500 501 502 503 504 @error; location @error { - root __FINALPATH__/mobilizon/priv/errors; + root __FINALPATH__/live/priv/errors; try_files /error.html 502; } diff --git a/conf/systemd.service b/conf/systemd.service index b93a07e..e4c6deb 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -4,7 +4,7 @@ After=network.target postgresql.service [Service] User=__APP__ -WorkingDirectory=__FINALPATH__/__APP__/ +WorkingDirectory=__FINALPATH__/live/ ExecStart=/usr/bin/env mix phx.server ExecReload=/bin/kill $MAINPID KillMode=process diff --git a/manifest.json b/manifest.json index 063f2d5..b1a2c81 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "A decentralized and federated platform to organize events", "fr": "Une plateforme décentralisée et fédérée pour organiser des événements" }, - "version": "1.2.2~ynh1", + "version": "1.2.3~ynh1", "url": "https://joinmobilizon.org/", "upstream": { "license": "AGPL-3.0-or-later", diff --git a/scripts/_common.sh b/scripts/_common.sh index 835a497..9c7a7b7 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -7,7 +7,6 @@ # dependencies used by the app pkg_dependencies="build-essential inotify-tools postgresql postgresql-client postgresql-contrib postgis postgresql-postgis-scripts git curl unzip gnupg openssl make gcc libc-dev argon2 imagemagick webp gifsicle jpegoptim optipng pngquant cmake" extra_pkg_dependencies="elixir esl-erlang" -extra_debian_pkg_dependencies="elixir erlang-dev erlang-nox" NODEJS_VERSION=14 diff --git a/scripts/change_url b/scripts/change_url index 16d28d7..00f22f0 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -113,7 +113,7 @@ fi #================================================= ynh_script_progression --message="Modifying a config file..." -config="$final_path/$app/config/runtime.exs" +config="$final_path/live/config/runtime.exs" ynh_backup_if_checksum_is_different --file="$config" ynh_replace_string --match_string="$old_domain" --replace_string="$new_domain" --target_file="$config" diff --git a/scripts/install b/scripts/install index 7e698da..369b635 100644 --- a/scripts/install +++ b/scripts/install @@ -122,7 +122,7 @@ ynh_script_progression --message="Setting up source files..." ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path/$app" +ynh_setup_source --dest_dir="$final_path/live" chmod 750 "$final_path" chmod -R o-rwx "$final_path" @@ -158,9 +158,9 @@ chown -R $app:$app "$datadir" #================================================= ynh_script_progression --message="Installing dependencies and building app..." --weight=5 -config="$final_path/$app/config/runtime.exs" +config="$final_path/live/config/runtime.exs" -pushd $final_path/$app/js +pushd $final_path/live/js ynh_use_nodejs ynh_script_progression --message="Installing NodeJS dependencies (this is going to take a while...)" sudo -u $app env PATH=$PATH yarn install @@ -168,10 +168,10 @@ pushd $final_path/$app/js sudo -u $app env PATH=$PATH NODE_BUILD_MEMORY=1024 yarn run build popd -ynh_secure_remove --file="$final_path/$app/js" +ynh_secure_remove --file="$final_path/live/js" ynh_script_progression --message="Building Elixir application (this is going to take a while...)" -pushd $final_path/$app +pushd $final_path/live sudo -u "$app" MIX_ENV=prod mix local.hex --force sudo -u "$app" MIX_ENV=prod mix local.rebar --force ynh_exec_warn_less sudo -u "$app" MIX_ENV=prod mix deps.get @@ -188,7 +188,7 @@ chmod 750 "$datadir" chmod -R o-rwx "$datadir" chown -R $app:$app "$datadir" -pushd $final_path/$app +pushd $final_path/live chmod o-rwx $config ynh_replace_string --match_string="__YNH_USER__" --replace_string="${app}_notifs" --target_file="$config" ynh_replace_string --match_string="__YNH_USER_PASSWORD__" --replace_string="${ynh_user_password}" --target_file="$config" @@ -247,6 +247,8 @@ then ynh_permission_update --permission="main" --add="visitors" fi +ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" + #================================================= # RELOAD NGINX #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index d419703..919d092 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -49,7 +49,6 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - read -p "key" ynh_clean_check_starting # Restore it if the upgrade fails ynh_restore_upgradebackup @@ -78,9 +77,14 @@ if ynh_legacy_permissions_exists; then ynh_app_setting_delete --app=$app --key=is_public fi -if ! ynh_permission_exists --permission="admin"; then +if ynh_permission_exists --permission="admin"; then # Create the required permissions - ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin + ynh_permission_delete --permission="admin" +fi + +# Create a permission if needed +if ! ynh_permission_exists --permission="api"; then + ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" fi ynh_secure_remove --file="$final_path/$app/priv/data/GeoLite2-City.mmdb" @@ -157,6 +161,13 @@ if [ ! -f "$final_path/$app/config/runtime.exs" ]; then ynh_store_file_checksum --file="$final_path/$app/config/runtime.exs" fi +if ynh_version_gt "1.2.3~ynh1" "${previous_version}" ; then + ynh_script_progression --message="Upgrade to 1.2.3~ynh1..." + ynh_delete_file_checksum --file="$final_path/$app/config/runtime.exs" + mv "$final_path/$app/" "$final_path/live/" + ynh_store_file_checksum --file="$final_path/live/config/runtime.exs" +fi + #================================================= # CREATE DEDICATED USER #================================================= @@ -177,16 +188,16 @@ then tmpdir="$(mktemp -d)" # Backup the config file in the temp dir - cp -af "$final_path/$app/config/runtime.exs" "$tmpdir/runtime.exs" + cp -af "$final_path/live/config/runtime.exs" "$tmpdir/runtime.exs" # Remove the app directory securely - ynh_secure_remove --file="$final_path/$app" + ynh_secure_remove --file="$final_path/live" # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path/$app" + ynh_setup_source --dest_dir="$final_path/live" # Restore the config file - cp -af "$tmpdir/runtime.exs" "$final_path/$app/config/runtime.exs" + cp -af "$tmpdir/runtime.exs" "$final_path/live/config/runtime.exs" # Remove the tmp directory securely ynh_secure_remove --file="$tmpdir" @@ -234,7 +245,7 @@ ynh_script_progression --message="Create datadir folder..." mkdir -p $datadir mkdir -p "$datadir/uploads/" -config="$final_path/$app/config/runtime.exs" +config="$final_path/live/config/runtime.exs" ynh_backup_if_checksum_is_different --file="$config" @@ -248,7 +259,7 @@ chown -R $app:$app "$datadir" # MAKE SETUP #================================================= -pushd $final_path/$app/js +pushd $final_path/live/js ynh_use_nodejs ynh_script_progression --message="Installing NodeJS dependencies (this is going to take a while...)" sudo -u $app env PATH=$PATH yarn install @@ -257,10 +268,10 @@ pushd $final_path/$app/js sudo -u $app env PATH=$PATH yarn cache clean --all popd -ynh_secure_remove --file="$final_path/$app/js" +ynh_secure_remove --file="$final_path/live/js" ynh_script_progression --message="Building Elixir application (this is going to take a while...)" -pushd $final_path/$app +pushd $final_path/live sudo -u "$app" MIX_ENV=prod mix local.hex --force sudo -u "$app" MIX_ENV=prod mix local.rebar --force ynh_exec_warn_less sudo -u "$app" MIX_ENV=prod mix deps.get @@ -276,7 +287,7 @@ ynh_secure_remove --file="$final_path/.cache" if ynh_version_gt "1.0.3~ynh1" "${previous_version}" ; then ynh_script_progression --message="Mobilizon v1.0.3: Refresh remote profiles to save avatars locally" - pushd $final_path/$app + pushd $final_path/live sudo -u "$app" MIX_ENV=prod mix mobilizon.actors.refresh --all popd fi @@ -286,7 +297,7 @@ fi #================================================= ynh_script_progression --message="Updating a configuration file..." -config="$final_path/$app/config/runtime.exs" +config="$final_path/live/config/runtime.exs" ynh_backup_if_checksum_is_different --file="$config" ynh_store_file_checksum --file="$config"