From 6da29483baabaa2c7f73295fe2123ae60caad22d Mon Sep 17 00:00:00 2001 From: Jibec Date: Fri, 10 Apr 2020 00:06:24 +0200 Subject: [PATCH] mumble-web integration follow-up include nginx, mumble-web port, systemd, create a dedicated user, display script progression --- check_process | 20 +++++---- conf/app.src | 6 +++ conf/mumble-web.service | 6 +-- conf/nginx.conf | 18 +++++++++ manifest.json | 24 ++++++++++- scripts/_common.sh | 15 +++++++ scripts/backup | 33 ++++++++++++--- scripts/install | 89 ++++++++++++++++++++++++++++++++++++----- scripts/remove | 19 +++++++++ scripts/restore | 74 ++++++++++++++++++++++++++-------- scripts/upgrade | 79 ++++++++++++++++++++++++++++++++++-- 11 files changed, 333 insertions(+), 50 deletions(-) create mode 100644 conf/app.src create mode 100644 conf/nginx.conf diff --git a/check_process b/check_process index aacfa4f..4c647b2 100644 --- a/check_process +++ b/check_process @@ -2,23 +2,21 @@ auto_remove=1 ; Manifest domain="domain.tld" (DOMAIN) + path="/path" (PATH) + is_public=1 (PUBLIC|public=1|private=0) welcometext="Welcome to my mumble server" registername="Root" mumbleweb=1 ; Checks pkg_linter=1 - setup_sub_dir=0 - setup_root=0 + setup_sub_dir=1 + setup_root=1 setup_nourl=1 - setup_private=0 - setup_public=0 - upgrade=0 - # latest published in community.json - backup_restore=0 - multi_instance=0 - wrong_user=0 - wrong_path=0 - incorrect_path=0 + setup_private=1 + setup_public=1 + upgrade=1 + backup_restore=1 + multi_instance=1 port_already_use=0 ;;; Levels Level 1=auto diff --git a/conf/app.src b/conf/app.src new file mode 100644 index 0000000..2a3a3b9 --- /dev/null +++ b/conf/app.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/Johni0702/mumble-web/archive/8f97d6326cfdafd89995d91b039a568c3a479276.tar.gz +SOURCE_SUM=8e54bba1259472e2f50b72dceae8e2a1637293bf3682c3fddefb2a94630bddeb +SOURCE_SUM_PRG=sha256sum +ARCH_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/conf/mumble-web.service b/conf/mumble-web.service index 5e8797f..5a8b688 100644 --- a/conf/mumble-web.service +++ b/conf/mumble-web.service @@ -1,15 +1,15 @@ [Unit] -Description=Mumble web interface +Description=Mumble web interface (app: __APP__) Documentation=https://github.com/johni0702/mumble-web Requires=network.target mumble-server.service After=network.target mumble-server.service [Service] Type=simple -User=www-data +User=__APP__ Environment="PATH=__ENV_PATH__" Environment=NODE_ENV=production -ExecStart=/usr/bin/websockify --web=/usr/lib/node_modules/mumble-web/dist --ssl-target localhost:64737 localhost:64738 +ExecStart=/usr/bin/websockify --web=__FINALPATH__/dist/ --ssl-target localhost:__PORT_WEB__ localhost:__PORT__ [Install] WantedBy=multi-user.target diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..15a0a34 --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,18 @@ +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { + + # Path to source + alias __FINALPATH__/dist/ ; + + # Force usage of https + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } +} + +location __PATH__/demo/ { + proxy_pass http://localhost:__PORT_WEB__; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; +} diff --git a/manifest.json b/manifest.json index bab7187..f3eef60 100644 --- a/manifest.json +++ b/manifest.json @@ -13,7 +13,7 @@ "email": "jean-baptiste@holcroft.fr" }, "requirements": { - "yunohost": ">= 3.4.0" + "yunohost": ">= 3.7.0" }, "version": "1.2.8~ynh7", "multi_instance": true, @@ -29,8 +29,29 @@ }, "example": "domain.org" }, + { + "name": "path", + "type": "path", + "ask": { + "en": "Choose a path for mumble web" + }, + "example": "/web", + "default": "/web" + }, + { + "name": "is_public", + "type": "boolean", + "ask": { + "en": "Is it a public application?" + }, + "help": { + "en": "Set to no to limit access to logged YunoHost users." + }, + "default": true + }, { "name": "welcometext", + "type": "string", "ask": { "en": "Choose a welcome text for your server", "fr": "Choisissez un message de bienvenue pour le serveur" @@ -40,6 +61,7 @@ }, { "name": "registername", + "type": "string", "ask": { "en": "Choose a name for the root channel (your mumble server name)", "fr": "Entrez un nom pour le channel racine (le nom de votre serveur mumble)" diff --git a/scripts/_common.sh b/scripts/_common.sh index fba63ec..8ba3361 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,5 +1,7 @@ #!/bin/bash +pkg_dependencies="mumble-server mailutils websockify" + # Send an email to inform the administrator # # usage: ynh_send_readme_to_admin app_message [recipients] @@ -61,3 +63,16 @@ $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')" echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients" } + +# Execute a command as another user +# usage: ynh_exec_as USER COMMAND [ARG ...] +ynh_exec_as() { + local USER=$1 + shift 1 + + if [[ $USER = $(whoami) ]]; then + eval "$@" + else + sudo -u "$USER" "$@" + fi +} diff --git a/scripts/backup b/scripts/backup index bf8bc99..51b9076 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,12 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -if [ ! -e _common.sh ]; then - # Get the _common.sh file if it's not in the current directory - cp ../settings/scripts/_common.sh ./_common.sh - chmod a+rx _common.sh -fi -source _common.sh +source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= @@ -29,17 +24,43 @@ ynh_abort_if_errors app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get $app final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) #================================================= # STANDARD BACKUP STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name="$app" --action="stop" +ynh_systemd_action --service_name="$app-web" --action="stop" + #================================================= # BACKUP THE APP MAIN DIR #================================================= +ynh_script_progression --message="Backing up the main app directory..." --time --weight=1 ynh_backup "$final_path" +#================================================= +# BACKUP THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Backing up nginx web server configuration..." --time --weight=1 + +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# SPECIFIC BACKUP #================================================= # BACKUP SYSTEMD #================================================= ynh_backup "/etc/systemd/system/$app.service" +ynh_backup "/etc/systemd/system/$app-web.service" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --time --last diff --git a/scripts/install b/scripts/install index 42e9e4d..4c5efa4 100644 --- a/scripts/install +++ b/scripts/install @@ -24,11 +24,13 @@ ynh_abort_if_errors # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN +path=$YNH_APP_ARG_PATH app=$YNH_APP_INSTANCE_NAME welcometext=$YNH_APP_ARG_WELCOMETEXT registerName=$YNH_APP_ARG_REGISTERNAME instance_id=$YNH_APP_INSTANCE_NUMBER mumbleweb=$YNH_APP_ARG_MUMBLEWEB +is_public=$YNH_APP_ARG_IS_PUBLIC server_password=$(ynh_string_random) su_passwd=$(ynh_string_random) @@ -53,6 +55,7 @@ ynh_app_setting_set "$app" welcometext "$welcometext" ynh_app_setting_set "$app" registerName "$registerName" ynh_app_setting_set "$app" instance_id "$instance_id" ynh_app_setting_set "$app" mumbleweb "$mumbleweb" +ynh_app_setting_set "$app" is_public "$is_public" #================================================= # STANDARD MODIFICATIONS @@ -66,35 +69,61 @@ ynh_app_setting_set "$app" port "$port" # Open port in firewall yunohost firewall allow Both "$port" +if [ "$mumbleweb" -eq 1 ] ; then + port_web=$(ynh_find_port 64738) + ynh_app_setting_set "$app" port_web "$port_web" +fi + #================================================= # INSTALL DEPENDENCIES #================================================= # Install Mumble Debian package via apt -ynh_install_app_dependencies mumble-server mailutils websockify +ynh_install_app_dependencies $pkg_dependencies -ynh_install_nodejs --nodejs_version="10" +if [ "$mumbleweb" -eq 1 ] ; then + ynh_install_nodejs --nodejs_version="10" +fi #================================================= # INSTALL Mumble-web #================================================= + +ynh_app_setting_set "$app" final_path "$final_path" +mkdir -p "$final_path" + + if [ "$mumbleweb" -eq 1 ] ; then - ynh_use_nodejs - ( - npm install mumble-web@0.5.1 - ) + ynh_setup_source --dest_dir="$final_path" fi + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring nginx web server..." --time --weight=1 + +### `ynh_add_nginx_config` will use the file conf/nginx.conf + +# Create a dedicated nginx config + +ynh_add_nginx_config "port_web" + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=3 + +# Create a dedicated system user +ynh_system_user_create --username="$app" --home_dir="$final_path" + #================================================= # SPECIFIC SETUP #================================================= # mumble server conf.ini #================================================= -mkdir -p "$final_path" -ynh_app_setting_set "$app" final_path "$final_path" - # Configuring with given settings mumble_conf="$final_path/mumble-server.ini" @@ -110,13 +139,27 @@ ynh_replace_string "__DOMAIN__" "$domain" "$mumble_conf" ynh_store_file_checksum "$mumble_conf" +if [ "$mumbleweb" -eq 1 ] ; then + ynh_use_nodejs + ( + cd "$final_path" + chown -R "$app": "$final_path" + ynh_exec_as "$app" PATH="$nodejs_path:$PATH" "$nodejs_path/npm" install --save --loglevel warn + ynh_exec_as "$app" PATH="$nodejs_path:$PATH" "$nodejs_path/npm" run build + ls -lah + ) +fi + #================================================= # SETUP SYSTEMD #================================================= # Create a dedicated systemd config ynh_add_systemd_config -ynh_add_systemd_config mumble-web + +if [ "$mumbleweb" -eq 1 ] ; then + ynh_add_systemd_config "$app-web" mumble-web.service +fi #================================================= # GENERIC FINALIZATION @@ -155,6 +198,25 @@ yunohost service add "$app" -l "/var/log/mumble-server/$app.log" systemctl restart "$app" +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 + +# Make app public if necessary +if [ "$is_public" -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set --app="$app" --key=unprotected_uris --value="/" +fi + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + #================================================= # SEND README TO ADMIN #================================================= @@ -175,3 +237,10 @@ Are you facing an issue, want to improve this app or say thank you? Please open a new issue in this project: https://github.com/YunoHost-Apps/mumbleserver_ynh " ynh_send_readme_to_admin "$message" + + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Installation of $app completed" --time --last diff --git a/scripts/remove b/scripts/remove index 362ef6d..234499b 100644 --- a/scripts/remove +++ b/scripts/remove @@ -16,6 +16,7 @@ source /usr/share/yunohost/helpers app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get "$app" domain) +path=$(ynh_app_setting_get "$app" path) port=$(ynh_app_setting_get "$app" port) final_path=$(ynh_app_setting_get "$app" final_path) @@ -59,6 +60,14 @@ ynh_remove_nodejs # Remove the app directory securely ynh_secure_remove "$final_path" +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Removing nginx web server configuration..." --time --weight=1 + +# Remove the dedicated nginx config +ynh_remove_nginx_config + #================================================= # CLOSE A PORT #================================================= @@ -76,3 +85,13 @@ fi #================================================= ynh_secure_remove "/var/log/mumble-server/$app.log" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= +ynh_script_progression --message="Removing the dedicated system user..." --time --weight=1 + +# Delete a system user +ynh_system_user_delete --username="$app" diff --git a/scripts/restore b/scripts/restore index 414c8c6..96572b9 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,12 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -if [ ! -e _common.sh ]; then - # Get the _common.sh file if it's not in the current directory - cp ../settings/scripts/_common.sh ./_common.sh - chmod a+rx _common.sh -fi -source _common.sh +source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= @@ -27,31 +22,43 @@ ynh_abort_if_errors app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get "$app" final_path) +domain=$(ynh_app_setting_get --app="$app" --key=domain) +path_url=$(ynh_app_setting_get --app="$app" --key=path) +final_path=$(ynh_app_setting_get --app"$app" --key=final_path) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= -test ! -d "$final_path" \ - || ynh_die "There is already a directory: $final_path " +ynh_script_progression --message="Validating restoration parameters..." --time --weight=1 + +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}${path_url}" +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + #================================================= # RESTORE THE APP MAIN DIR #================================================= +ynh_script_progression --message="Restoring the app main directory..." --time --weight=1 ynh_restore_file "$final_path" #================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES +# RECREATE THE DEDICATED USER #================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1 -# Define and install dependencies -ynh_install_app_dependencies mumble-server mailutils +# Create the dedicated user (if not existing) +ynh_system_user_create --username="$app" #================================================= # RESTORE USER RIGHTS @@ -61,6 +68,16 @@ ynh_install_app_dependencies mumble-server mailutils chmod -R 770 "$final_path" chown -R :mumble-server "$final_path" +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + #================================================= # Add user to ssl-cert so it can read certificates #================================================= @@ -84,8 +101,33 @@ yunohost service add "$app" -l "/var/log/mumble-server/$app.log" #================================================= # RESTORE SYSTEMD #================================================= +ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1 -ynh_restore_file "/etc/systemd/system/$app.service" +ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable "$app.service" -systemctl restart "$app" +ynh_restore_file --origin_path="/etc/systemd/system/$app-web.service" +systemctl enable "$app-web.service" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name="$app" --action="start" +ynh_systemd_action --service_name="$app-web" --action="start" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Restoration completed for $app" --time --last diff --git a/scripts/upgrade b/scripts/upgrade index 5256c6a..46fef48 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -15,12 +15,15 @@ source /usr/share/yunohost/helpers app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get "$app" domain) +path_url=$(ynh_app_setting_get --app="$app" --key=path) +is_public=$(ynh_app_setting_get --app="$app" --key=is_public) no_sso=$(ynh_app_setting_get "$app" no_sso) server_password=$(ynh_app_setting_get "$app" server_password) su_passwd=$(ynh_app_setting_get "$app" su_passwd) welcometext=$(ynh_app_setting_get "$app" welcometext) registerName=$(ynh_app_setting_get "$app" registerName) port=$(ynh_app_setting_get "$app" port) +port_web=$(ynh_app_setting_get "$app" port_web) final_path=$(ynh_app_setting_get "$app" final_path) instance_id=$(ynh_app_setting_get "$app" instance_id) mumbleweb=$(ynh_app_setting_get "$app" mumbleweb) @@ -109,15 +112,49 @@ ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS #================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 -# source and user are provided by debian's package, no web interface +ynh_systemd_action --service_name="$app" --action="stop" +ynh_systemd_action --service_name="$app-web" --action="stop" + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +if [ "$mumbleweb" -eq 1 ] ; then +then + ynh_script_progression --message="Upgrading source files..." --time --weight=1 + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" +fi + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading nginx web server configuration..." --time --weight=1 + +# Create a dedicated nginx config +ynh_add_nginx_config "port_web" #================================================= # INSTALL DEPENDENCIES #================================================= +ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 # Install Mumble Debian package via apt -ynh_install_app_dependencies mumble-server mailutils websockify +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username="$app" + #================================================= # SPECIFIC UPGRADE @@ -144,13 +181,30 @@ ynh_replace_string "__DOMAIN__" "$domain" "$mumble_conf" ynh_store_file_checksum "$mumble_conf" +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Upgrading SSOwat configuration..." --time --weight=1 + +# Make app public if necessary +if [ "$is_public" -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway + ynh_app_setting_set --app="$app" --key=unprotected_uris --value="/" +fi + #================================================= # SETUP SYSTEMD #================================================= +ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1 # Create a dedicated systemd config ynh_add_systemd_config +if [ "$mumbleweb" -eq 1 ] ; then + ynh_add_systemd_config "$app-web" mumble-web.service +fi + #================================================= # GENERIC FINALIZATION #================================================= @@ -186,7 +240,20 @@ systemctl disable mumble-server # Add Mumble as a YunoHost service yunohost service add "$app" -l "/var/log/mumble-server/$app.log" -systemctl restart "$app" +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name="$app" --action="start" +ynh_systemd_action --service_name="$app-web" --action="start" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload #================================================= # SEND README TO ADMIN @@ -210,3 +277,9 @@ Are you facing an issue, want to improve this app or say thank you? Please open a new issue in this project: https://github.com/YunoHost-Apps/mumbleserver_ynh " ynh_send_readme_to_admin "$message" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" --time --last