YunoHost-Apps/mopidy_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mopidy_ynh.git synced 2024-09-03 19:46:21 +02:00
Code Issues Activity Actions

[fix] Clean code, logrotate, conf nginx + more secure

Browse source
This commit is contained in:
magikcypress 2017-04-16 23:13:13 +02:00
parent ee213db7e1
commit f89bd9ff69
7 changed files with 84 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
conf/Tryad_Beauty.mp3 Executable file → Normal file
View file

11
conf/nginx.conf
View file

@ -1,9 +1,10 @@
location __PATHTOCHANGE__ { location __PATHTOCHANGE__ {
alias __FINALPATH__;
# index index.html
rewrite ^ http://__DOMAINNAME__:6680/musicbox_webclient permanent; proxy_pass http://127.0.0.1:6680/mopidy;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#--PRIVATE--# Include SSOWAT user panel. #--PRIVATE--# Include SSOWAT user panel.
#--PRIVATE--include conf.d/yunohost_panel.conf.inc; #--PRIVATE--include conf.d/yunohost_panel.conf.inc;
} }

64
scripts/.fonctions
View file

@ -116,3 +116,67 @@ SECURE_REMOVE () { # Suppression de dossier avec vérification des variable
return 1 return 1
fi fi
} }
# Remove fake package and its dependencies
#
# Dependencies will removed only if no other package need them.
#
# usage: ynh_remove_app_dependencies
ynh_remove_app_dependencies () {
dep_app=${app/_/-} # Replace all '_' by '-'
ynh_package_autoremove ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used.
}
# Use logrotate to manage the logfile
#
# usage: ynh_use_logrotate [logfile]
# | arg: logfile - absolute path of logfile
#
# If no argument provided, a standard directory will be use. /var/log/${app}
# You can provide a path with the directory only or with the logfile.
# /parentdir/logdir/
# /parentdir/logdir/logfile.log
#
# It's possible to use this helper several times, each config will added to same logrotate config file.
ynh_use_logrotate () {
if [ -n "$1" ]; then
if [ "$(echo ${1##*.})" == "log" ]; then # Keep only the extension to check if it's a logfile
logfile=$1 # In this case, focus logrotate on the logfile
else
logfile=$1/.log # Else, uses the directory and all logfile into it.
fi
else
logfile="/var/log/${app}/.log" # Without argument, use a defaut directory in /var/log
fi
cat > ./${app}-logrotate << EOF # Build a config file for logrotate
$logfile {
# Rotate if the logfile exceeds 100Mo
size 100M
# Keep 12 old log maximum
rotate 12
# Compress the logs with gzip
compress
# Compress the log at the next cycle. So keep always 2 non compressed logs
delaycompress
# Copy and truncate the log to allow to continue write on it. Instead of move the log.
copytruncate
# Do not do an error if the log is missing
missingok
# Not rotate if the log is empty
notifempty
# Keep old logs in the same dir
noolddir
}
EOF
sudo mkdir -p $(dirname "$logfile") # Create the log directory, if not exist
cat ${app}-logrotate | sudo tee -a /etc/logrotate.d/$app > /dev/null # Append this config to the others for this app. If a config file already exist
}
# Remove the app's logrotate config.
#
# usage: ynh_remove_logrotate
ynh_remove_logrotate () {
if [ -e "/etc/logrotate.d/$app" ]; then
sudo rm "/etc/logrotate.d/$app"
fi
}

11
scripts/install
View file

@ -136,18 +136,17 @@ sudo git clone https://github.com/pimusicbox/mopidy-musicbox-webclient
cd mopidy-musicbox-webclient cd mopidy-musicbox-webclient
sudo python setup.py install sudo python setup.py install
# Allow port
sudo yunohost firewall allow TCP 6600
sudo yunohost firewall allow TCP 6680
# Access public for curl # Access public for curl
ynh_app_setting_set $app unprotected_uris "/" ynh_app_setting_set $app unprotected_uris "/"
# Reload Nginx and regenerate SSOwat conf # Reload Nginx
sudo service nginx reload sudo systemctl reload nginx
# Add Mopidy into YunoHost services # Add Mopidy into YunoHost services
sudo yunohost service add mopidy --log "/var/log/mopidy/mopidy.log" sudo yunohost service add mopidy --log "/var/log/mopidy/mopidy.log"
# Add logrotate
ynh_use_logrotate
# Reload SSOwat configuration # Reload SSOwat configuration
sudo yunohost app ssowatconf sudo yunohost app ssowatconf

10
scripts/remove
View file

@ -40,13 +40,15 @@ SECURE_REMOVE '/tmp/$app-musicbox-webclient'
SECURE_REMOVE '/var/www/$app' SECURE_REMOVE '/var/www/$app'
sudo rm -fr '/usr/local/lib/python2.7/dist-packages/Mopidy_MusicBox_Webclient-2.3.0-py2.7.egg' sudo rm -fr '/usr/local/lib/python2.7/dist-packages/Mopidy_MusicBox_Webclient-2.3.0-py2.7.egg'
# disallow firewall port
sudo yunohost firewall disallow TCP 6600
sudo yunohost firewall disallow TCP 6680
REMOVE_NGINX_CONF # Suppression de la configuration nginx REMOVE_NGINX_CONF # Suppression de la configuration nginx
# remove logrotate
ynh_remove_logrotate
# Régénère la configuration de SSOwat # Régénère la configuration de SSOwat
sudo yunohost app ssowatconf sudo yunohost app ssowatconf
# reload nginx
sudo systemctl reload nginx
echo -e "\e[0m" # Restore normal color echo -e "\e[0m" # Restore normal color

3
scripts/restore
View file

@ -55,5 +55,4 @@ sudo service mopidy restart
sudo yunohost service add mopidy --log "/var/log/mopidy/mopidy.log" sudo yunohost service add mopidy --log "/var/log/mopidy/mopidy.log"
# Reload services # Reload services
sudo service php5-fpm reload || true sudo systemctl reload nginx
sudo service nginx reload || true

2
scripts/upgrade
View file

@ -30,4 +30,4 @@ sed -i "s@__FINALPATH__@$final_path/@g" ../conf/nginx.conf*
sed -i "s@__DOMAINNAME__@$domain/@g" ../conf/nginx.conf* sed -i "s@__DOMAINNAME__@$domain/@g" ../conf/nginx.conf*
# Reload Nginx # Reload Nginx
sudo service nginx reload sudo systemctl reload nginx