YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

Merge branch 'testing' into curl-tests

Browse source
This commit is contained in:
Alexandre Aubin 2024-08-29 14:27:00 +02:00 committed by GitHub
commit 4553fd15e7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
18 changed files with 400 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
conf/config.json
View file

@ -30,7 +30,8 @@
"verify_peer": false, "verify_peer": false,
"verify_peer_name": false "verify_peer_name": false
} }
} },
"trusted_proxies": [ "127.0.0.1", "::1" ]
}, },
"apps": { "apps": {
"user_ldap": { "user_ldap": {

2
conf/nginx.conf
View file

@ -165,6 +165,8 @@ location ^~ __PATH__/ {
try_files $uri / __PATH__/index.php$request_uri; try_files $uri / __PATH__/index.php$request_uri;
} }
include conf.d/__DOMAIN__.d/__APP__.d/*.conf;
# show YunoHost panel access # show YunoHost panel access
include conf.d/yunohost_panel.conf.inc; include conf.d/yunohost_panel.conf.inc;
} }

8
conf/notify_push.conf Normal file
View file

@ -0,0 +1,8 @@
location ^~ __PATH__/push/ {
proxy_pass http://unix:/var/run/__APP__/notify-push.sock:/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

13
conf/systemd.service Normal file
View file

@ -0,0 +1,13 @@
[Unit]
Description = Push daemon for Nextcloud clients
[Service]
Environment=SOCKET_PATH=/var/run/__APP__/notify-push.sock
Environment=ALLOW_SELF_SIGNED=true
ExecStart=__INSTALL_DIR__/apps/notify_push/bin/__ARCH__/notify_push __INSTALL_DIR__/config/config.php
Type=notify
User=__APP__
Group=__APP__
[Install]
WantedBy = multi-user.target

11
conf/watcher.path Normal file
View file

@ -0,0 +1,11 @@
[Unit]
Description=Restart Push daemon for Nextcloud clients when it receives updates
Documentation=https://github.com/nextcloud/notify_push
PartOf=__APP__-notify-push-watcher.service
[Path]
PathModified=/var/www/nextcloud/apps/notify_push/bin/__ARCH__/notify_push
Unit=__APP__-notify-push-watcher.service
[Install]
WantedBy=multi-user.target

15
conf/watcher.service Normal file
View file

@ -0,0 +1,15 @@
[Unit]
Description=Restart Push daemon for Nextcloud clients when it receives updates
Documentation=https://github.com/nextcloud/notify_push
#Requires=__APP__-notify-push.service
After=__APP__-notify-push.service
StartLimitIntervalSec=10
StartLimitBurst=5
[Service]
Type=oneshot
ExecStartPre=/usr/bin/chmod u+x __INSTALL_DIR__/apps/notify_push/bin/__ARCH__/notify_push
ExecStart=/usr/bin/systemctl restart __APP__-notify-push.service
[Install]
WantedBy=multi-user.target

12
config_panel.toml
View file

@ -9,7 +9,7 @@ name = "Nextcloud configuration"
[main.maintenance.maintenance_mode] [main.maintenance.maintenance_mode]
ask = "Enable maintenance mode" ask = "Enable maintenance mode"
type = "boolean" type = "boolean"
default = "0" default = false
[main.maintenance.set_permissions_button] [main.maintenance.set_permissions_button]
ask.en = "Set permissions for all data (Can take up to several hours if users have a lot of data)" ask.en = "Set permissions for all data (Can take up to several hours if users have a lot of data)"
@ -22,8 +22,14 @@ name = "Nextcloud configuration"
[main.addressbook.system_addressbook_exposed] [main.addressbook.system_addressbook_exposed]
ask = "Should there be a system address book listing all users, accessible by all users?" ask = "Should there be a system address book listing all users, accessible by all users?"
type = "boolean" type = "boolean"
yes = "yes"
no = "no" [main.notify_push]
name = "Notify Push configuration"
[main.notify_push.enable_notify_push]
ask.en = "Configure the High Performance Backend?"
ask.fr = "Configurer le Backend Hautes Performances ?"
type = "boolean"
[main.php_fpm_config] [main.php_fpm_config]
name = "PHP-FPM configuration" name = "PHP-FPM configuration"

4
doc/ADMIN.md
View file

@ -12,6 +12,10 @@ Alternatively, you may open a 'Nextcloud shell' with `sudo yunohost app shell __
ONLYOFFICE is an online rich text document editor which can be integrated in Nextcloud ONLYOFFICE is an online rich text document editor which can be integrated in Nextcloud
#### High Performance Backend
High Performance Backend is an application on Nextcloud that should speed up the instance, more information here: https://github.com/nextcloud/notify_push#about
#### With YunoHost App (ARM64 support, better performance) #### With YunoHost App (ARM64 support, better performance)
For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install the [OnlyOffice YunoHost app](https://apps.yunohost.org/app/onlyoffice) and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install the [OnlyOffice YunoHost app](https://apps.yunohost.org/app/onlyoffice) and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)

4
doc/ADMIN_fr.md
View file

@ -12,6 +12,10 @@ Ou bien, vous pouvez ouvrir un "shell Nextcloud" avec `sudo yunohost app shell _
ONLYOFFICE est un éditeur de texte enrichi en ligne qui peut s'intégrer dans Nextcloud ONLYOFFICE est un éditeur de texte enrichi en ligne qui peut s'intégrer dans Nextcloud
#### Backend Hautes Performances
Le backend Hautes Performances est une application sur Nextcloud qui devrait accélérer l'instance, plus d'informations ici : https://github.com/nextcloud/notify_push#about
#### Avec l'application YunoHost (support ARM64, meilleures performances) #### Avec l'application YunoHost (support ARM64, meilleures performances)
Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'[app YunoHost OnlyOffice](https://apps.yunohost.org/app/onlyoffice), puis connectez-la à Nextcloud : voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'[app YunoHost OnlyOffice](https://apps.yunohost.org/app/onlyoffice), puis connectez-la à Nextcloud : voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)

6
manifest.toml
View file

@ -60,6 +60,12 @@ ram.runtime = "512M"
type = "boolean" type = "boolean"
default = true default = true
[install.enable_notify_push]
ask.en = "Configure the High Performance Backend?"
ask.fr = "Configurer le Backend Hautes Performances ?"
type = "boolean"
default = false
[resources] [resources]
[resources.sources] [resources.sources]

20
scripts/backup
View file

@ -28,7 +28,14 @@ ynh_backup --src_path="$install_dir"
ynh_backup --src_path="$data_dir" --is_big ynh_backup --src_path="$data_dir" --is_big
#================================================= #=================================================
# SYSTEM CONFIGURATION # BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.d"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#================================================= #=================================================
# Backup the PHP-FPM configuration # Backup the PHP-FPM configuration
@ -59,6 +66,17 @@ ynh_print_info --message="Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql
#=================================================
# BACKUP THE NOTIFY_PUSH APP
#=================================================
if [ $enable_notify_push -eq 1 ]
then
ynh_backup --src_path="/etc/systemd/system/${app}-notify-push.service"
ynh_backup --src_path="/etc/systemd/system/${app}-notify-push-watcher.service"
ynh_backup --src_path="/etc/systemd/system/${app}-notify-push-watcher.path"
fi
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

50
scripts/change_url
View file

@ -50,16 +50,62 @@ then
# Reload PHP-FPM, necessary for force Nextcloud to re-read config.php, cf opcache.revalidate_freq # Reload PHP-FPM, necessary for force Nextcloud to re-read config.php, cf opcache.revalidate_freq
ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload
mv /etc/nginx/conf.d/$old_domain.d/$app.d /etc/nginx/conf.d/$new_domain.d/$app.d
fi fi
#================================================= #=================================================
# SETUP SSOWAT # CONFIGURE NOTIFY_PUSH APP
#================================================= #=================================================
ynh_script_progression --message="Configuring permissions..."
if [ $enable_notify_push -eq 1 ]
then
domain="$new_domain"
path_url="$new_path"
ynh_add_config --template="notify_push.conf" --destination="/etc/nginx/conf.d/$domain.d/$app.d/notify_push.conf"
ynh_systemd_action --service_name=nginx --action=reload
case $YNH_ARCH in
amd64) arch="x86_64";;
arm64) arch="aarch64";;
armel|armhf) arch="armv7";;
esac
ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path"
ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service"
systemctl enable --now ${app}-notify-push-watcher.path
ynh_add_systemd_config --service="${app}-notify-push"
count=0
while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]]
do
sleep 1
count=$((count + 1))
done
ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd" --action=restart
exec_occ config:app:set notify_push base_endpoint --value https://$domain${path_url%/}/push
if ! exec_occ notify_push:self-test; then
ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green."
fi
fi
#=================================================
# GENERIC FINALISATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
# Temporary fix for the API permission (workaround for https://github.com/YunoHost/issues/issues/2294 ) # Temporary fix for the API permission (workaround for https://github.com/YunoHost/issues/issues/2294 )
ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls
ynh_systemd_action --service_name=nginx --action=reload
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

84
scripts/config
View file

@ -18,6 +18,11 @@ ynh_abort_if_errors
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
exec_occ() {
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
}
#================================================= #=================================================
# SPECIFIC GETTERS FOR TOML SHORT KEY # SPECIFIC GETTERS FOR TOML SHORT KEY
#================================================= #=================================================
@ -39,8 +44,7 @@ get__maintenance_mode() {
} }
get__system_addressbook_exposed() { get__system_addressbook_exposed() {
echo $(cd "$install_dir" && ynh_exec_as "$app" \ echo $(exec_occ config:app:get dav system_addressbook_exposed)
php${phpversion} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed)
} }
get__fpm_footprint() { get__fpm_footprint() {
@ -73,24 +77,88 @@ get__fpm_free_footprint() {
set__maintenance_mode() { set__maintenance_mode() {
if [ "$maintenance_mode" -eq "0" ]; then if [ "$maintenance_mode" -eq "0" ]; then
# If maintenance_mode was set to 0, disable maintenance mode # If maintenance_mode was set to 0, disable maintenance mode
(cd "$install_dir" && ynh_exec_as "$app" \ exec_occ maintenance:mode --off
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off)
ynh_print_info "Maintenance mode disabled" ynh_print_info "Maintenance mode disabled"
elif [ "$maintenance_mode" -eq "1" ]; then elif [ "$maintenance_mode" -eq "1" ]; then
# If maintenance_mode was set to 1, enable maintenance mode # If maintenance_mode was set to 1, enable maintenance mode
(cd "$install_dir" && ynh_exec_as "$app" \ exec_occ maintenance:mode --on
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on)
ynh_print_info "Maintenance mode enabled" ynh_print_info "Maintenance mode enabled"
fi fi
ynh_app_setting_set --app=$app --key=maintenance_mode --value="$maintenance_mode" ynh_app_setting_set --app=$app --key=maintenance_mode --value="$maintenance_mode"
} }
set__system_addressbook_exposed() { set__system_addressbook_exposed() {
(cd "$install_dir" && ynh_exec_as "$app" \ exec_occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed"
php${phpversion} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed")
ynh_print_info "System addressbook is exposed: $system_addressbook_exposed" ynh_print_info "System addressbook is exposed: $system_addressbook_exposed"
} }
set__enable_notify_push() {
if [ "$enable_notify_push" -eq "0" ]; then
nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d"
ynh_secure_remove --file="$nginx_extra_conf_dir/notify_push.conf"
ynh_systemd_action --service_name="nginx" --action=reload
# If notify_push is enabled, disable it
if exec_occ app:list | awk '/Enabled/{f=1;next} f' | grep -q -w notify_push; then
exec_occ app:disable notify_push
fi
ynh_remove_systemd_config --service="${app}-notify-push"
systemctl disable --now "${app}-notify-push-watcher.path"
ynh_secure_remove --file="/etc/systemd/system/${app}-notify-push-watcher.path"
ynh_remove_systemd_config --service="${app}-notify-push-watcher"
ynh_print_info "Notify push disabled"
elif [ "$enable_notify_push" -eq "1" ]; then
nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d"
mkdir -p "$nginx_extra_conf_dir"
ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf"
ynh_systemd_action --service_name="nginx" --action=reload
# If notify_push is disabled, reenable it
if exec_occ app:list | awk '/Disabled/{f=1;next} f' | grep -q -w notify_push; then
exec_occ app:enable notify_push
# If notify_push is not installed, install it
elif ! exec_occ app:list | awk '/Enabled/{f=1;next} /Disabled/{f=0} f' | grep -q -w notify_push; then
exec_occ app:install notify_push
fi
exec_occ config:app:set notify_push base_endpoint --value https://$domain${path_url%/}/push
mkdir -p /var/run/$app/
chown $app: /var/run/$app/
case $YNH_ARCH in
amd64) arch="x86_64";;
arm64) arch="aarch64";;
armel|armhf) arch="armv7";;
esac
ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path"
ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service"
systemctl enable --now ${app}-notify-push-watcher.path
ynh_add_systemd_config --service="${app}-notify-push"
count=0
while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]]
do
sleep 1
count=$((count + 1))
done
ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart
ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd"
if ! exec_occ notify_push:self-test; then
ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green."
fi
ynh_print_info "Notify push enabled"
fi
ynh_app_setting_set --app=$app --key=enable_notify_push --value="$enable_notify_push"
}
set__fpm_footprint() { set__fpm_footprint() {
if [ "$fpm_footprint" != "specific" ] if [ "$fpm_footprint" != "specific" ]
then then

53
scripts/install
View file

@ -49,6 +49,14 @@ then
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi fi
nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d"
mkdir -p "$nginx_extra_conf_dir"
if [ $enable_notify_push -eq 1 ]
then
ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf"
fi
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
@ -195,6 +203,30 @@ exec_occ config:app:set dav system_addressbook_exposed --value="$system_addressb
# Calculate and store the config file checksum into the app settings # Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$install_dir/config/config.php" ynh_store_file_checksum --file="$install_dir/config/config.php"
#=================================================
# CONFIGURE NOTIFY_PUSH APP
#=================================================
if [ $enable_notify_push -eq 1 ]
then
exec_occ app:install notify_push
exec_occ config:app:set notify_push base_endpoint --value https://$domain${path_url%/}/push
mkdir -p /var/run/$app/
chown $app: /var/run/$app/
case $YNH_ARCH in
amd64) arch="x86_64";;
arm64) arch="aarch64";;
armel|armhf) arch="armv7";;
esac
ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path"
ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service"
systemctl enable --now ${app}-notify-push-watcher.path
ynh_add_systemd_config --service="${app}-notify-push"
fi
#================================================= #=================================================
# ADD A CRON JOB # ADD A CRON JOB
#================================================= #=================================================
@ -261,6 +293,27 @@ ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
# Create a dedicated Fail2Ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5 ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
#=================================================
# CHECK IF NOTIFY_PUSH WORKS
#=================================================
if [ $enable_notify_push -eq 1 ]
then
count=0
while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]]
do
sleep 1
count=$((count + 1))
done
ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart
ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd"
if ! exec_occ notify_push:self-test; then
ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green."
fi
fi
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

14
scripts/remove
View file

@ -12,6 +12,7 @@ ynh_script_progression --message="Removing system configurations related to $app
# Remove the dedicated NGINX config # Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_remove_nginx_config
ynh_secure_remove --file="/etc/nginx/conf.d/$domain.d/$app.d"
# Remove the dedicated PHP-FPM config # Remove the dedicated PHP-FPM config
ynh_remove_fpm_config ynh_remove_fpm_config
@ -22,15 +23,22 @@ ynh_remove_logrotate
# Remove the dedicated Fail2Ban config # Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config ynh_remove_fail2ban_config
# Remove notify push
ynh_remove_systemd_config --service="${app}-notify-push"
ynh_exec_warn_less systemctl disable --now ${app}-notify-push-watcher.path
ynh_secure_remove --file="/etc/systemd/system/${app}-notify-push-watcher.path"
ynh_remove_systemd_config --service="${app}-notify-push-watcher"
ynh_secure_remove --file="/var/run/$app"
# Remove a cron file # Remove a cron file
# TODO: Ensure that cron job is not running (How !?) # TODO: Ensure that cron job is not running (How !?)
ynh_secure_remove --file="/etc/cron.d/$app" ynh_secure_remove --file="/etc/cron.d/$app"
# Cleaning ACL in home directories # Cleaning ACL in home directories
for i in $(ls /home); do for path in /home/*; do
# Clean ACL in every directories in /home, except those which start with 'yunohost.' # Clean ACL in every directories in /home, except those which start with 'yunohost.'
[[ ! $i == yunohost.* ]] \ [[ ! $path == /home/yunohost.* ]] \
&& setfacl --remove g:$app:rwx 2>&1 && setfacl --remove g:$app -- "$path" 2>&1
done done
#================================================= #=================================================

45
scripts/restore
View file

@ -36,6 +36,7 @@ ynh_add_fpm_config
#================================================= #=================================================
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.d"
# Check if .well-known is available for this domain # Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
@ -123,6 +124,24 @@ fi
ynh_systemd_action --action=restart --service_name=fail2ban ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# RESTORE THE NOTIFY_PUSH APP
#=================================================
if [ $enable_notify_push -eq 1 ]
then
mkdir -p /var/run/$app/
chown $app: /var/run/$app/
ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push.service"
ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push-watcher.service"
ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push-watcher.path"
systemctl enable --now "${app}-notify-push-watcher.service" --quiet
systemctl enable --now "${app}-notify-push-watcher.path" --quiet
systemctl enable --now "${app}-notify-push.service" --quiet
fi
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
@ -132,6 +151,32 @@ ynh_script_progression --message="Reloading NGINX web server..." --weight=3
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# CHECK IF NOTIFY_PUSH WORKS
#=================================================
exec_occ() {
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
}
if [ $enable_notify_push -eq 1 ]
then
count=0
while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]]
do
sleep 1
count=$((count + 1))
done
ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart
ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd" --action=restart
if ! exec_occ notify_push:self-test; then
ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green."
fi
fi
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

66
scripts/upgrade
View file

@ -24,6 +24,11 @@ elif [ "${system_addressbook_exposed,,}" = "no" ]; then
system_addressbook_exposed=0 system_addressbook_exposed=0
fi fi
if [ -z ${enable_notify_push:-} ]; then
ynh_app_setting_set --app=$app --key=enable_notify_push --value=0
enable_notify_push=0
fi
# Remove the option backup_core_only if it's in the settings.yml file # Remove the option backup_core_only if it's in the settings.yml file
ynh_app_setting_delete --app=$app --key=backup_core_only ynh_app_setting_delete --app=$app --key=backup_core_only
@ -365,9 +370,49 @@ then
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi fi
# Create a dedicated NGINX config
nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d"
mkdir -p "$nginx_extra_conf_dir"
if [ $enable_notify_push -eq 1 ]
then
ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf"
fi
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
#=================================================
# CONFIGURE NOTIFY_PUSH APP
#=================================================
if [ $enable_notify_push -eq 1 ]
then
# If notify_push is disabled, reenable it
if exec_occ app:list | awk '/Disabled/{f=1;next} f' | grep -q -w notify_push; then
exec_occ app:enable notify_push
# If notify_push is not installed, install it
elif ! exec_occ app:list | awk '/Enabled/{f=1;next} /Disabled/{f=0} f' | grep -q -w notify_push; then
exec_occ app:install notify_push
fi
exec_occ config:app:set notify_push base_endpoint --value https://$domain${path_url%/}/push
mkdir -p /var/run/$app/
chown $app: /var/run/$app/
case $YNH_ARCH in
amd64) arch="x86_64";;
arm64) arch="aarch64";;
armel|armhf) arch="armv7";;
esac
ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path"
ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service"
systemctl enable --now ${app}-notify-push-watcher.path
ynh_add_systemd_config --service="${app}-notify-push"
fi
#================================================= #=================================================
# CRON JOB # CRON JOB
#================================================= #=================================================
@ -392,6 +437,27 @@ ynh_use_logrotate --non-append
# Create a dedicated Fail2Ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5 ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
#=================================================
# CHECK IF NOTIFY_PUSH WORKS
#=================================================
if [ $enable_notify_push -eq 1 ]
then
count=0
while ! ynh_exec_as "$app" php${phpversion} --define apc.enable_cli=1 $install_dir/cron.php && [[ $count -lt 30 ]]
do
sleep 1
count=$((count + 1))
done
ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart
ynh_systemd_action --service_name="${app}-notify-push" --action=restart --line_match="Push daemon for Nextcloud clients." --log_path="systemd" --action=restart
if ! exec_occ notify_push:self-test; then
ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart ${app}-notify-push.service\", and run \"sudo -u $app php${phpversion} $install_dir/occ notify_push:self-test\" to verify that everything is green."
fi
fi
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

8
tests.toml
View file

@ -2,6 +2,8 @@ test_format = 1.0
[default] [default]
args.enable_notify_push = "0"
# ------------------------------- # -------------------------------
# Commits to test upgrade from # Commits to test upgrade from
# ------------------------------- # -------------------------------
@ -34,3 +36,9 @@ test_format = 1.0
caldav.path = "/.well-known/caldav" caldav.path = "/.well-known/caldav"
caldav.logged_on_sso = true caldav.logged_on_sso = true
caldav.expect_content = "This is the WebDAV interface." caldav.expect_content = "This is the WebDAV interface."
[notify_push_test]
args.enable_notify_push = "1"
test_upgrade_from.e9f82ab7.name = "Upgrade from 28.0.6"
test_upgrade_from.e9f82ab7.args.system_addressbook_exposed = "yes"