diff --git a/conf/config.json b/conf/config.json index a316b24..a7fb25b 100644 --- a/conf/config.json +++ b/conf/config.json @@ -31,7 +31,8 @@ "verify_peer": false, "verify_peer_name": false } - } + }, + "trusted_proxies": [ "127.0.0.1", "::1" ] }, "apps": { "user_ldap": { diff --git a/conf/nginx.conf b/conf/nginx.conf index f2baa60..9aac4df 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -165,6 +165,8 @@ location ^~ __PATH__/ { try_files $uri / __PATH__/index.php$request_uri; } + include conf.d/__DOMAIN__.d/__APP__.d/*.conf; + # show YunoHost panel access include conf.d/yunohost_panel.conf.inc; } diff --git a/conf/notify_push.conf b/conf/notify_push.conf new file mode 100644 index 0000000..f2fb052 --- /dev/null +++ b/conf/notify_push.conf @@ -0,0 +1,8 @@ +location ^~ __PATH__/push/ { + proxy_pass http://unix:/var/run/__APP__/notify-push.sock:/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +} \ No newline at end of file diff --git a/conf/systemd.service b/conf/systemd.service new file mode 100644 index 0000000..855a294 --- /dev/null +++ b/conf/systemd.service @@ -0,0 +1,13 @@ +[Unit] +Description = Push daemon for Nextcloud clients + +[Service] +Environment=SOCKET_PATH=/var/run/__APP__/notify-push.sock +Environment=ALLOW_SELF_SIGNED=true +ExecStart=__INSTALL_DIR__/apps/notify_push/bin/__ARCH__/notify_push __INSTALL_DIR__/config/config.php +Type=notify +User=__APP__ +Group=__APP__ + +[Install] +WantedBy = multi-user.target \ No newline at end of file diff --git a/conf/watcher.path b/conf/watcher.path new file mode 100644 index 0000000..67a5298 --- /dev/null +++ b/conf/watcher.path @@ -0,0 +1,11 @@ +[Unit] +Description=Restart Push daemon for Nextcloud clients when it receives updates +Documentation=https://github.com/nextcloud/notify_push +PartOf=__APP__-notify-push-watcher.service + +[Path] +PathModified=/var/www/nextcloud/apps/notify_push/bin/__ARCH__/notify_push +Unit=__APP__-notify-push-watcher.service + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/conf/watcher.service b/conf/watcher.service new file mode 100644 index 0000000..e2d9cfd --- /dev/null +++ b/conf/watcher.service @@ -0,0 +1,15 @@ +[Unit] +Description=Restart Push daemon for Nextcloud clients when it receives updates +Documentation=https://github.com/nextcloud/notify_push +#Requires=__APP__-notify-push.service +After=__APP__-notify-push.service +StartLimitIntervalSec=10 +StartLimitBurst=5 + +[Service] +Type=oneshot +ExecStartPre=/usr/bin/chmod u+x __INSTALL_DIR__/apps/notify_push/bin/__ARCH__/notify_push +ExecStart=/usr/bin/systemctl restart __APP__-notify-push.service + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/config_panel.toml b/config_panel.toml index e5e88ae..b583fb4 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -9,7 +9,7 @@ name = "Nextcloud configuration" [main.maintenance.maintenance_mode] ask = "Enable maintenance mode" type = "boolean" - default = "0" + default = false [main.maintenance.set_permissions_button] ask.en = "Set permissions for all data (Can take up to several hours if users have a lot of data)" @@ -22,8 +22,14 @@ name = "Nextcloud configuration" [main.addressbook.system_addressbook_exposed] ask = "Should there be a system address book listing all users, accessible by all users?" type = "boolean" - yes = "yes" - no = "no" + + [main.notify_push] + name = "Notify Push configuration" + + [main.notify_push.enable_notify_push] + ask.en = "Configure the High Performance Backend?" + ask.fr = "Configurer le Backend Hautes Performances ?" + type = "boolean" [main.php_fpm_config] name = "PHP-FPM configuration" diff --git a/doc/ADMIN.md b/doc/ADMIN.md index 8d401d2..9b19c1b 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -12,6 +12,10 @@ Alternatively, you may open a 'Nextcloud shell' with `sudo yunohost app shell __ ONLYOFFICE is an online rich text document editor which can be integrated in Nextcloud +#### High Performance Backend + +High Performance Backend is an application on Nextcloud that should speed up the instance, more information here: https://github.com/nextcloud/notify_push#about + #### With YunoHost App (ARM64 support, better performance) For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install the [OnlyOffice YunoHost app](https://apps.yunohost.org/app/onlyoffice) and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) diff --git a/doc/ADMIN_fr.md b/doc/ADMIN_fr.md index 06b76b1..5b52928 100644 --- a/doc/ADMIN_fr.md +++ b/doc/ADMIN_fr.md @@ -12,6 +12,10 @@ Ou bien, vous pouvez ouvrir un "shell Nextcloud" avec `sudo yunohost app shell _ ONLYOFFICE est un éditeur de texte enrichi en ligne qui peut s'intégrer dans Nextcloud +#### Backend Hautes Performances + +Le backend Hautes Performances est une application sur Nextcloud qui devrait accélérer l'instance, plus d'informations ici : https://github.com/nextcloud/notify_push#about + #### Avec l'application YunoHost (support ARM64, meilleures performances) Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'[app YunoHost OnlyOffice](https://apps.yunohost.org/app/onlyoffice), puis connectez-la à Nextcloud : voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) diff --git a/manifest.toml b/manifest.toml index b3e7d35..92ed534 100644 --- a/manifest.toml +++ b/manifest.toml @@ -60,6 +60,12 @@ ram.runtime = "512M" type = "boolean" default = true + [install.enable_notify_push] + ask.en = "Configure the High Performance Backend?" + ask.fr = "Configurer le Backend Hautes Performances ?" + type = "boolean" + default = false + [resources] [resources.sources] diff --git a/scripts/backup b/scripts/backup index 995b795..02d8210 100755 --- a/scripts/backup +++ b/scripts/backup @@ -27,7 +27,14 @@ ynh_backup --src_path="$install_dir" ynh_backup --src_path="$data_dir" --is_big #================================================= -# SYSTEM CONFIGURATION +# BACKUP THE NGINX CONFIGURATION +#================================================= + +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.d" + +#================================================= +# BACKUP THE PHP-FPM CONFIGURATION #================================================= # Backup the PHP-FPM configuration @@ -58,6 +65,17 @@ ynh_print_info --message="Backing up the PostgreSQL database..." ynh_psql_dump_db --database="$db_name" > db.sql +#================================================= +# BACKUP THE NOTIFY_PUSH APP +#================================================= + +if [ $enable_notify_push -eq 1 ] +then + ynh_backup --src_path="/etc/systemd/system/${app}-notify-push.service" + ynh_backup --src_path="/etc/systemd/system/${app}-notify-push-watcher.service" + ynh_backup --src_path="/etc/systemd/system/${app}-notify-push-watcher.path" +fi + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/change_url b/scripts/change_url index 3606d8d..326594f 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -50,16 +50,62 @@ then # Reload PHP-FPM, necessary for force Nextcloud to re-read config.php, cf opcache.revalidate_freq ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload + + mv /etc/nginx/conf.d/$old_domain.d/$app.d /etc/nginx/conf.d/$new_domain.d/$app.d fi #================================================= -# SETUP SSOWAT +# CONFIGURE NOTIFY_PUSH APP #================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 + +if [ $enable_notify_push -eq 1 ] +then + domain="$new_domain" + path_url="$new_path" + + ynh_add_config --template="notify_push.conf" --destination="/etc/nginx/conf.d/$domain.d/$app.d/notify_push.conf" + + ynh_systemd_action --service_name=nginx --action=reload + + case $YNH_ARCH in + amd64) arch="x86_64";; + arm64) arch="aarch64";; + armel|armhf) arch="armv7";; + esac + + ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path" + ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service" + systemctl enable --now ${app}-notify-push-watcher.path + ynh_add_systemd_config --service="${app}-notify-push" + + count=0 + while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]] + do + sleep 1 + count=$((count + 1)) + done + + ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd" --action=restart + + exec_occ config:app:set notify_push base_endpoint --value https://$domain${path_url%/}/push + + if ! exec_occ notify_push:self-test; then + ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green." + fi +fi + +#================================================= +# GENERIC FINALISATION +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." # Temporary fix for the API permission (workaround for https://github.com/YunoHost/issues/issues/2294 ) ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls +ynh_systemd_action --service_name=nginx --action=reload + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/config b/scripts/config index e231009..189c448 100644 --- a/scripts/config +++ b/scripts/config @@ -18,6 +18,11 @@ ynh_abort_if_errors phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) +exec_occ() { + (cd "$install_dir" && ynh_exec_as "$app" \ + php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") +} + #================================================= # SPECIFIC GETTERS FOR TOML SHORT KEY #================================================= @@ -39,8 +44,7 @@ get__maintenance_mode() { } get__system_addressbook_exposed() { - echo $(cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed) + echo $(exec_occ config:app:get dav system_addressbook_exposed) } get__fpm_footprint() { @@ -73,24 +77,88 @@ get__fpm_free_footprint() { set__maintenance_mode() { if [ "$maintenance_mode" -eq "0" ]; then # If maintenance_mode was set to 0, disable maintenance mode - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off) + exec_occ maintenance:mode --off ynh_print_info "Maintenance mode disabled" elif [ "$maintenance_mode" -eq "1" ]; then # If maintenance_mode was set to 1, enable maintenance mode - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on) + exec_occ maintenance:mode --on ynh_print_info "Maintenance mode enabled" fi ynh_app_setting_set --app=$app --key=maintenance_mode --value="$maintenance_mode" } set__system_addressbook_exposed() { - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed") + exec_occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed" ynh_print_info "System addressbook is exposed: $system_addressbook_exposed" } + +set__enable_notify_push() { + if [ "$enable_notify_push" -eq "0" ]; then + nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d" + ynh_secure_remove --file="$nginx_extra_conf_dir/notify_push.conf" + ynh_systemd_action --service_name="nginx" --action=reload + + # If notify_push is enabled, disable it + if exec_occ app:list | awk '/Enabled/{f=1;next} f' | grep -q -w notify_push; then + exec_occ app:disable notify_push + fi + + ynh_remove_systemd_config --service="${app}-notify-push" + systemctl disable --now "${app}-notify-push-watcher.path" + ynh_secure_remove --file="/etc/systemd/system/${app}-notify-push-watcher.path" + ynh_remove_systemd_config --service="${app}-notify-push-watcher" + + ynh_print_info "Notify push disabled" + elif [ "$enable_notify_push" -eq "1" ]; then + nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d" + mkdir -p "$nginx_extra_conf_dir" + + ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf" + + ynh_systemd_action --service_name="nginx" --action=reload + + # If notify_push is disabled, reenable it + if exec_occ app:list | awk '/Disabled/{f=1;next} f' | grep -q -w notify_push; then + exec_occ app:enable notify_push + # If notify_push is not installed, install it + elif ! exec_occ app:list | awk '/Enabled/{f=1;next} /Disabled/{f=0} f' | grep -q -w notify_push; then + exec_occ app:install notify_push + fi + exec_occ config:app:set notify_push base_endpoint --value https://$domain${path_url%/}/push + + mkdir -p /var/run/$app/ + chown $app: /var/run/$app/ + + case $YNH_ARCH in + amd64) arch="x86_64";; + arm64) arch="aarch64";; + armel|armhf) arch="armv7";; + esac + + ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path" + ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service" + systemctl enable --now ${app}-notify-push-watcher.path + ynh_add_systemd_config --service="${app}-notify-push" + + count=0 + while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]] + do + sleep 1 + count=$((count + 1)) + done + + ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart + ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd" + + if ! exec_occ notify_push:self-test; then + ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green." + fi + ynh_print_info "Notify push enabled" + fi + ynh_app_setting_set --app=$app --key=enable_notify_push --value="$enable_notify_push" +} + set__fpm_footprint() { if [ "$fpm_footprint" != "specific" ] then diff --git a/scripts/install b/scripts/install index e334886..5927297 100755 --- a/scripts/install +++ b/scripts/install @@ -40,6 +40,14 @@ then sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" fi +nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d" +mkdir -p "$nginx_extra_conf_dir" + +if [ $enable_notify_push -eq 1 ] +then + ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf" +fi + # Create a dedicated NGINX config ynh_add_nginx_config @@ -187,6 +195,30 @@ exec_occ config:app:set dav system_addressbook_exposed --value="$system_addressb # Calculate and store the config file checksum into the app settings ynh_store_file_checksum --file="$install_dir/config/config.php" +#================================================= +# CONFIGURE NOTIFY_PUSH APP +#================================================= + +if [ $enable_notify_push -eq 1 ] +then + exec_occ app:install notify_push + exec_occ config:app:set notify_push base_endpoint --value https://$domain${path_url%/}/push + + mkdir -p /var/run/$app/ + chown $app: /var/run/$app/ + + case $YNH_ARCH in + amd64) arch="x86_64";; + arm64) arch="aarch64";; + armel|armhf) arch="armv7";; + esac + + ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path" + ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service" + systemctl enable --now ${app}-notify-push-watcher.path + ynh_add_systemd_config --service="${app}-notify-push" +fi + #================================================= # ADD A CRON JOB #================================================= @@ -255,6 +287,27 @@ ynh_script_progression --message="Configuring Fail2Ban..." --weight=8 # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 +#================================================= +# CHECK IF NOTIFY_PUSH WORKS +#================================================= + +if [ $enable_notify_push -eq 1 ] +then + count=0 + while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]] + do + sleep 1 + count=$((count + 1)) + done + + ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart + ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd" + + if ! exec_occ notify_push:self-test; then + ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green." + fi +fi + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index a0f4ba6..d03050c 100755 --- a/scripts/remove +++ b/scripts/remove @@ -12,6 +12,7 @@ ynh_script_progression --message="Removing system configurations related to $app # Remove the dedicated NGINX config ynh_remove_nginx_config +ynh_secure_remove --file="/etc/nginx/conf.d/$domain.d/$app.d" # Remove the dedicated PHP-FPM config ynh_remove_fpm_config @@ -22,6 +23,13 @@ ynh_remove_logrotate # Remove the dedicated Fail2Ban config ynh_remove_fail2ban_config +# Remove notify push +ynh_remove_systemd_config --service="${app}-notify-push" +ynh_exec_warn_less systemctl disable --now ${app}-notify-push-watcher.path +ynh_secure_remove --file="/etc/systemd/system/${app}-notify-push-watcher.path" +ynh_remove_systemd_config --service="${app}-notify-push-watcher" +ynh_secure_remove --file="/var/run/$app" + # Remove a cron file # TODO: Ensure that cron job is not running (How !?) ynh_secure_remove --file="/etc/cron.d/$app" diff --git a/scripts/restore b/scripts/restore index 89916f2..fcf8fe2 100755 --- a/scripts/restore +++ b/scripts/restore @@ -35,6 +35,7 @@ ynh_add_fpm_config #================================================= ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.d" # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" @@ -122,6 +123,24 @@ fi ynh_systemd_action --action=restart --service_name=fail2ban +#================================================= +# RESTORE THE NOTIFY_PUSH APP +#================================================= + +if [ $enable_notify_push -eq 1 ] +then + mkdir -p /var/run/$app/ + chown $app: /var/run/$app/ + + ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push.service" + ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push-watcher.service" + ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push-watcher.path" + + systemctl enable --now "${app}-notify-push-watcher.service" --quiet + systemctl enable --now "${app}-notify-push-watcher.path" --quiet + systemctl enable --now "${app}-notify-push.service" --quiet +fi + #================================================= # GENERIC FINALIZATION #================================================= @@ -131,6 +150,32 @@ ynh_script_progression --message="Reloading NGINX web server..." --weight=3 ynh_systemd_action --service_name=nginx --action=reload +#================================================= +# CHECK IF NOTIFY_PUSH WORKS +#================================================= + +exec_occ() { + (cd "$install_dir" && ynh_exec_as "$app" \ + php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") +} + +if [ $enable_notify_push -eq 1 ] +then + count=0 + while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]] + do + sleep 1 + count=$((count + 1)) + done + + ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart + ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd" --action=restart + + if ! exec_occ notify_push:self-test; then + ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green." + fi +fi + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index bc75eb4..0703de3 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -24,6 +24,11 @@ elif [ "${system_addressbook_exposed,,}" = "no" ]; then system_addressbook_exposed=0 fi +if [ -z ${enable_notify_push:-} ]; then + ynh_app_setting_set --app=$app --key=enable_notify_push --value=0 + enable_notify_push=0 +fi + # Remove the option backup_core_only if it's in the settings.yml file ynh_app_setting_delete --app=$app --key=backup_core_only @@ -390,9 +395,49 @@ then sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" fi +# Create a dedicated NGINX config +nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d" +mkdir -p "$nginx_extra_conf_dir" + +if [ $enable_notify_push -eq 1 ] +then + ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf" +fi + # Create a dedicated NGINX config ynh_add_nginx_config +#================================================= +# CONFIGURE NOTIFY_PUSH APP +#================================================= + +if [ $enable_notify_push -eq 1 ] +then + # If notify_push is disabled, reenable it + if exec_occ app:list | awk '/Disabled/{f=1;next} f' | grep -q -w notify_push; then + exec_occ app:enable notify_push + # If notify_push is not installed, install it + elif ! exec_occ app:list | awk '/Enabled/{f=1;next} /Disabled/{f=0} f' | grep -q -w notify_push; then + exec_occ app:install notify_push + fi + exec_occ config:app:set notify_push base_endpoint --value https://$domain${path_url%/}/push + + mkdir -p /var/run/$app/ + chown $app: /var/run/$app/ + + case $YNH_ARCH in + amd64) arch="x86_64";; + arm64) arch="aarch64";; + armel|armhf) arch="armv7";; + esac + + ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path" + ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service" + systemctl enable --now ${app}-notify-push-watcher.path + ynh_add_systemd_config --service="${app}-notify-push" +fi + + #================================================= # CRON JOB #================================================= @@ -417,6 +462,27 @@ ynh_use_logrotate --non-append # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 +#================================================= +# CHECK IF NOTIFY_PUSH WORKS +#================================================= + +if [ $enable_notify_push -eq 1 ] +then + count=0 + while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]] + do + sleep 1 + count=$((count + 1)) + done + + ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart + ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd" --action=restart + + if ! exec_occ notify_push:self-test; then + ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green." + fi +fi + #================================================= # END OF SCRIPT #================================================= diff --git a/tests.toml b/tests.toml index cdd5e77..a7671f2 100644 --- a/tests.toml +++ b/tests.toml @@ -2,6 +2,8 @@ test_format = 1.0 [default] + args.enable_notify_push = "0" + # ------------------------------- # Commits to test upgrade from # ------------------------------- @@ -11,3 +13,10 @@ test_format = 1.0 test_upgrade_from.9c6d1eea.name = "Upgrade from 27.1.4" test_upgrade_from.e9f82ab7.name = "Upgrade from 28.0.6" test_upgrade_from.e9f82ab7.args.system_addressbook_exposed = "yes" + +[notify_push_test] + + args.enable_notify_push = "1" + test_upgrade_from.e9f82ab7.name = "Upgrade from 28.0.6" + test_upgrade_from.e9f82ab7.args.system_addressbook_exposed = "yes" +