mirror of
https://github.com/YunoHost-Apps/mopidy_ynh.git
synced 2024-09-03 19:46:21 +02:00
[fix] Clean code, logrotate, conf nginx + more secure
This commit is contained in:
magikcypress
parent
ee213db7e1
commit
f89bd9ff69
7 changed files with 84 additions and 19 deletions
0
conf/Tryad_Beauty.mp3
Executable file → Normal file
0
conf/Tryad_Beauty.mp3
Executable file → Normal file
|
|
@ -1,8 +1,9 @@
|
|||
location __PATHTOCHANGE__ {
|
||||
alias __FINALPATH__;
|
||||
# index index.html
|
||||
|
||||
rewrite ^ http://__DOMAINNAME__:6680/musicbox_webclient permanent;
|
||||
proxy_pass http://127.0.0.1:6680/mopidy;
|
||||
proxy_redirect off;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
#--PRIVATE--# Include SSOWAT user panel.
|
||||
#--PRIVATE--include conf.d/yunohost_panel.conf.inc;
|
||||
|
|
|
|||
|
|
@ -116,3 +116,67 @@ SECURE_REMOVE () { # Suppression de dossier avec vérification des variable
|
|||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Remove fake package and its dependencies
|
||||
#
|
||||
# Dependencies will removed only if no other package need them.
|
||||
#
|
||||
# usage: ynh_remove_app_dependencies
|
||||
ynh_remove_app_dependencies () {
|
||||
dep_app=${app/_/-} # Replace all '_' by '-'
|
||||
ynh_package_autoremove ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used.
|
||||
}
|
||||
|
||||
# Use logrotate to manage the logfile
|
||||
#
|
||||
# usage: ynh_use_logrotate [logfile]
|
||||
# | arg: logfile - absolute path of logfile
|
||||
#
|
||||
# If no argument provided, a standard directory will be use. /var/log/${app}
|
||||
# You can provide a path with the directory only or with the logfile.
|
||||
# /parentdir/logdir/
|
||||
# /parentdir/logdir/logfile.log
|
||||
#
|
||||
# It's possible to use this helper several times, each config will added to same logrotate config file.
|
||||
ynh_use_logrotate () {
|
||||
if [ -n "$1" ]; then
|
||||
if [ "$(echo ${1##*.})" == "log" ]; then # Keep only the extension to check if it's a logfile
|
||||
logfile=$1 # In this case, focus logrotate on the logfile
|
||||
else
|
||||
logfile=$1/.log # Else, uses the directory and all logfile into it.
|
||||
fi
|
||||
else
|
||||
logfile="/var/log/${app}/.log" # Without argument, use a defaut directory in /var/log
|
||||
fi
|
||||
cat > ./${app}-logrotate << EOF # Build a config file for logrotate
|
||||
$logfile {
|
||||
# Rotate if the logfile exceeds 100Mo
|
||||
size 100M
|
||||
# Keep 12 old log maximum
|
||||
rotate 12
|
||||
# Compress the logs with gzip
|
||||
compress
|
||||
# Compress the log at the next cycle. So keep always 2 non compressed logs
|
||||
delaycompress
|
||||
# Copy and truncate the log to allow to continue write on it. Instead of move the log.
|
||||
copytruncate
|
||||
# Do not do an error if the log is missing
|
||||
missingok
|
||||
# Not rotate if the log is empty
|
||||
notifempty
|
||||
# Keep old logs in the same dir
|
||||
noolddir
|
||||
}
|
||||
EOF
|
||||
sudo mkdir -p $(dirname "$logfile") # Create the log directory, if not exist
|
||||
cat ${app}-logrotate | sudo tee -a /etc/logrotate.d/$app > /dev/null # Append this config to the others for this app. If a config file already exist
|
||||
}
|
||||
|
||||
# Remove the app's logrotate config.
|
||||
#
|
||||
# usage: ynh_remove_logrotate
|
||||
ynh_remove_logrotate () {
|
||||
if [ -e "/etc/logrotate.d/$app" ]; then
|
||||
sudo rm "/etc/logrotate.d/$app"
|
||||
fi
|
||||
}
|
||||
|
|
@ -136,18 +136,17 @@ sudo git clone https://github.com/pimusicbox/mopidy-musicbox-webclient
|
|||
cd mopidy-musicbox-webclient
|
||||
sudo python setup.py install
|
||||
|
||||
# Allow port
|
||||
sudo yunohost firewall allow TCP 6600
|
||||
sudo yunohost firewall allow TCP 6680
|
||||
|
||||
# Access public for curl
|
||||
ynh_app_setting_set $app unprotected_uris "/"
|
||||
|
||||
# Reload Nginx and regenerate SSOwat conf
|
||||
sudo service nginx reload
|
||||
# Reload Nginx
|
||||
sudo systemctl reload nginx
|
||||
|
||||
# Add Mopidy into YunoHost services
|
||||
sudo yunohost service add mopidy --log "/var/log/mopidy/mopidy.log"
|
||||
|
||||
# Add logrotate
|
||||
ynh_use_logrotate
|
||||
|
||||
# Reload SSOwat configuration
|
||||
sudo yunohost app ssowatconf
|
||||
|
|
@ -40,13 +40,15 @@ SECURE_REMOVE '/tmp/$app-musicbox-webclient'
|
|||
SECURE_REMOVE '/var/www/$app'
|
||||
sudo rm -fr '/usr/local/lib/python2.7/dist-packages/Mopidy_MusicBox_Webclient-2.3.0-py2.7.egg'
|
||||
|
||||
# disallow firewall port
|
||||
sudo yunohost firewall disallow TCP 6600
|
||||
sudo yunohost firewall disallow TCP 6680
|
||||
|
||||
REMOVE_NGINX_CONF # Suppression de la configuration nginx
|
||||
|
||||
# remove logrotate
|
||||
ynh_remove_logrotate
|
||||
|
||||
# Régénère la configuration de SSOwat
|
||||
sudo yunohost app ssowatconf
|
||||
|
||||
# reload nginx
|
||||
sudo systemctl reload nginx
|
||||
|
||||
echo -e "\e[0m" # Restore normal color
|
||||
|
|
@ -55,5 +55,4 @@ sudo service mopidy restart
|
|||
sudo yunohost service add mopidy --log "/var/log/mopidy/mopidy.log"
|
||||
|
||||
# Reload services
|
||||
sudo service php5-fpm reload || true
|
||||
sudo service nginx reload || true
|
||||
sudo systemctl reload nginx
|
||||
|
|
@ -30,4 +30,4 @@ sed -i "s@__FINALPATH__@$final_path/@g" ../conf/nginx.conf*
|
|||
sed -i "s@__DOMAINNAME__@$domain/@g" ../conf/nginx.conf*
|
||||
|
||||
# Reload Nginx
|
||||
sudo service nginx reload
|
||||
sudo systemctl reload nginx
|
||||
Loading…
Add table
Reference in a new issue