update nginx conf, add new services

2024-09-03 19:55:57 +02:00 · 2024-08-02 15:28:33 +02:00 · 2024-08-02 15:28:33 +02:00 · 972005d328
commit 972005d328
parent a08e70e21f
12 changed files with 94 additions and 71 deletions
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -165,6 +165,8 @@ location ^~ __PATH__/ {
    try_files $uri / __PATH__/index.php$request_uri;
  }

+  include conf.d/__DOMAIN__.d/__APP__.d/*.conf;
+
  # show YunoHost panel access
  include conf.d/yunohost_panel.conf.inc;
 }
--- a/conf/notify_push.conf
+++ b/conf/notify_push.conf
@ -0,0 +1,8 @@
+location ^~ __PATH__/push/ {
+   proxy_pass http://unix:__INSTALL_DIR__/notify-push.sock;                                                                                                                                                       
+   proxy_http_version 1.1;                                                                                                                                                                                           
+   proxy_set_header Upgrade $http_upgrade;                                                                                                                                                                           
+   proxy_set_header Connection "Upgrade";                                                                                                                                                                            
+   proxy_set_header Host $host;                                                                                                                                                                                      
+   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                                                                                                                                                      
+}
--- a/conf/systemd.service
+++ b/conf/systemd.service
@ -2,10 +2,10 @@
 Description = Push daemon for Nextcloud clients

 [Service]
-Environment=SOCKET_PATH=__FINAL_PATH__/notify-push.sock
-Environment=NEXTCLOUD_URL=https://__DOMAIN____PATH__
+Environment=SOCKET_PATH=__INSTALL_DIR__/notify-push.sock
 Environment=ALLOW_SELF_SIGNED=true
-ExecStart=__FINAL_PATH__/apps/notify_push/bin/x86_64/notify_push __FINAL_PATH__/config/config.php
+ExecStart=__INSTALL_DIR__/apps/notify_push/bin/__ARCH__/notify_push __INSTALL_DIR__/config/config.php
+Type=notify
 User=__APP__
 Group=__APP__

--- a/conf/watcher.path
+++ b/conf/watcher.path
@ -0,0 +1,11 @@
+[Unit]
+Description=Restart Push daemon for Nextcloud clients when it receives updates
+Documentation=https://github.com/nextcloud/notify_push
+PartOf=__APP__-notify-push-watcher.service
+
+[Path]
+PathModified=/var/www/nextcloud/apps/notify_push/bin/__ARCH__/notify_push
+Unit=__APP__-notify-push-watcher.
+
+[Install]
+WantedBy=multi-user.target
--- a/conf/watcher.service
+++ b/conf/watcher.service
@ -0,0 +1,15 @@
+[Unit]
+Description=Restart Push daemon for Nextcloud clients when it receives updates
+Documentation=https://github.com/nextcloud/notify_push
+#Requires=__APP__-notify-push.service
+After=__APP__-notify-push.service
+StartLimitIntervalSec=10
+StartLimitBurst=5
+
+[Service]
+Type=oneshot
+ExecStartPre=/usr/bin/chmod +x __INSTALL_DIR__/apps/notify_push/bin/__ARCH__/notify_push
+ExecStart=/usr/bin/systemctl restart __APP__-notify-push.service
+
+[Install]
+WantedBy=multi-user.target
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -54,29 +54,6 @@ is_url_handled() {
    fi
 }

-# Adapted from nginx helpers
-ynh_add_nginx_notify_push_config() {
-    local saved_app=${app}
-    app="${app}_notify_push.conf"
-    ynh_add_nginx_config
-    app=${saved_app}
-}
-
-ynh_remove_nginx_notify_push_config() {
-    local saved_app=${app}
-    app="${app}_notify_push.conf"
-    ynh_remove_nginx_config
-    app=${saved_app}
-}
-
-
-ynh_change_url_nginx_notify_push_config() {
-    local saved_app=${app}
-    app="${app}_notify_push.conf"
-    ynh_change_url_nginx_config
-    app=${saved_app}
-}
-
 #=================================================
 # FUTURE OFFICIAL HELPERS
 #=================================================
--- a/scripts/backup
+++ b/scripts/backup
@ -32,7 +32,7 @@ ynh_backup --src_path="$data_dir" --is_big
 #=================================================

 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
-ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/${app}_notify_push.conf"
+ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.d"

 #=================================================
 # BACKUP THE PHP-FPM CONFIGURATION
@ -78,9 +78,11 @@ ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.s
 # BACKUP THE NOTIFY_PUSH APP
 #=================================================

-if [ $use_notify_push -eq 1 ]
+if [ $enable_notify_push -eq 1 ]
 then
    ynh_backup --src_path="/etc/systemd/system/${app}-notify-push.service"
+    ynh_backup --src_path="/etc/systemd/system/${app}-notify-push-watcher.service"
+    ynh_backup --src_path="/etc/systemd/system/${app}-notify-push-watcher.path"
 fi

 #=================================================
--- a/scripts/change_url
+++ b/scripts/change_url
@ -29,8 +29,6 @@ fi

 ynh_change_url_nginx_config

-ynh_change_url_nginx_notify_push_config
-
 #=================================================
 # SPECIFIC MODIFICATIONS
 #=================================================
@ -52,6 +50,8 @@ then

    # Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq
    ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload
+
+    mv /etc/nginx/conf.d/$old_domain.d/$app.d /etc/nginx/conf.d/$new_domain.d/$app.d
 fi

 #=================================================
@ -62,11 +62,20 @@ if [ $enable_notify_push -eq 1 ]
 then
    domain="$new_domain"
    path_url="$new_path"
-    exec_occ config:app:set notify_push base_endpoint --value https://$domain$path_url/push
+
+    ynh_add_config --template="notify_push.conf" --destination="/etc/nginx/conf.d/$domain.d/$app.d/notify_push.conf"
+
+    ynh_systemd_action --service_name=nginx --action=reload

    ynh_add_systemd_config --service="${app}-notify-push"

    ynh_systemd_action --service_name="${app}-notify-push" --action=restart
+
+    exec_occ config:app:set notify_push base_endpoint --value https://$domain$path_url/push
+
+    if ! exec_occ notify_push:self-test; then
+        ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart $app-notify-push.service\", and run \"sudo -u $app php${phpversion} $final_path/occ notify_push:self-test\" to verify that everything is green."
+    fi
 fi

 #=================================================
--- a/scripts/install
+++ b/scripts/install
@ -49,14 +49,17 @@ then
    sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
 fi

-if [ $enable_notify_push -eq 1 ]
-then
-    ynh_add_nginx_notify_push_config
-fi
+nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d"
+mkdir -p "$nginx_extra_conf_dir"

 # Create a dedicated NGINX config
 ynh_add_nginx_config

+if [ $enable_notify_push -eq 1 ]
+then
+    ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf"
+fi
+
 #=================================================
 # INSTALL NEXTCLOUD
 #=================================================
@ -246,6 +249,8 @@ then
    chown $app: /var/run/$app/

    ynh_add_systemd_config --service="${app}-notify-push"
+    ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service"
+    ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path"
 fi

 #=================================================
@ -264,10 +269,6 @@ find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
 chmod 600 "$install_dir/config/config.php"
 chmod 755 /home/yunohost.app
 chmod 750 $install_dir
-if [ $enable_notify_push -eq 1 ]
-then
-    chmod 740 $final_path/apps/notify_push/bin/x86_64/notify_push
-fi

 #=================================================
 # SETUP LOGROTATE
@ -291,6 +292,7 @@ ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*

 if [ $enable_notify_push -eq 1 ]
 then
+    ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart
    ynh_systemd_action --service_name="${app}-notify-push" --action=restart

    if ! exec_occ notify_push:self-test; then
--- a/scripts/remove
+++ b/scripts/remove
@ -12,7 +12,7 @@ ynh_script_progression --message="Removing system configurations related to $app

 # Remove the dedicated NGINX config
 ynh_remove_nginx_config
-ynh_remove_nginx_notify_push_config
+ynh_secure_remove --file="/etc/nginx/conf.d/$domain.d/$app.d"

 # Remove the dedicated PHP-FPM config
 ynh_remove_fpm_config
--- a/scripts/restore
+++ b/scripts/restore
@ -36,7 +36,7 @@ ynh_add_fpm_config
 #=================================================

 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
-ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/${app}_notify_push.conf"
+ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.d"

 # Check if .well-known is available for this domain
 if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
@ -75,21 +75,6 @@ ynh_script_progression --message="Restoring data directory..." --weight=2
 # Use --not_mandatory for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup.
 ynh_restore_file --origin_path="$data_dir" --not_mandatory

-#=================================================
-# RESTORE THE NOTIFY_PUSH APP
-#=================================================
-
-if [ $enable_notify_push -eq 1 ]
-then
-    mkdir -p /var/run/$app/
-    chown $app: /var/run/$app/
-
-    ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push.service"
-
-    systemctl enable "${app}-notify-push".service --quiet
-    ynh_systemd_action --service_name="${app}-notify-push" --action=restart
-fi
-
 #=================================================
 # RESTORE USER RIGHTS
 #=================================================
@ -105,11 +90,6 @@ chmod 600 "$install_dir/config/config.php"
 chmod 755 /home/yunohost.app
 chmod 750 $install_dir

-if [ $enable_notify_push -eq 1 ]
-then
-    chmod 740 $final_path/apps/notify_push/bin/x86_64/notify_push
-fi
-
 # Iterate over users to extend their home folder permissions - for the external
 # storage plugin usage - and create relevant Nextcloud directories
 for u in $(ynh_user_list); do
@ -144,6 +124,23 @@ fi

 ynh_systemd_action --action=restart --service_name=fail2ban

+#=================================================
+# RESTORE THE NOTIFY_PUSH APP
+#=================================================
+
+if [ $enable_notify_push -eq 1 ]
+then
+    mkdir -p /var/run/$app/
+    chown $app: /var/run/$app/
+
+    ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push.service"
+    ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push-watcher.service"
+    ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push-watcher.path"
+
+    systemctl enable "${app}-notify-push".service --quiet
+    systemctl enable "${app}-notify-push-watcher".service --quiet
+fi
+
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
@ -164,8 +161,9 @@ exec_occ() {

 if [ $enable_notify_push -eq 1 ]
 then
+    ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart
    ynh_systemd_action --service_name="${app}-notify-push" --action=restart
-
+    
    if ! exec_occ notify_push:self-test; then
        ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart $app-notify-push.service\", and run \"sudo -u $app php${phpversion} $final_path/occ notify_push:self-test\" to verify that everything is green."
    fi
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -331,11 +331,6 @@ chmod 600 "$install_dir/config/config.php"
 chmod 755 /home/yunohost.app
 chmod 750 $install_dir

-if [ $enable_notify_push -eq 1 ]
-then
-    chmod 740 $final_path/apps/notify_push/bin/x86_64/notify_push
-fi
-
 #=================================================
 # REGEN SYSTEM CONFIGURATIONS
 #=================================================
@ -371,12 +366,15 @@ then
 fi

 # Create a dedicated NGINX config
-ynh_add_nginx_config
+nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d"
+mkdir -p "$nginx_extra_conf_dir"

+# Create a dedicated NGINX config
+ynh_add_nginx_config

 if [ $enable_notify_push -eq 1 ]
 then
-    ynh_add_nginx_notify_push_config
+    ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf"
 fi

 #=================================================
@ -408,8 +406,8 @@ then
    chown $app: /var/run/$app/

    ynh_add_systemd_config --service="${app}-notify-push"
-
-    ynh_systemd_action --service_name="${app}-notify-push" --action=restart
+    ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service"
+    ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path"
 fi

 #=================================================
@ -431,6 +429,7 @@ ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*

 if [ $use_notify_push -eq 1 ]
 then
+    ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart
    ynh_systemd_action --service_name="${app}-notify-push" --action=restart

    if ! exec_occ notify_push:self-test; then