From 972005d328d7580798a0029b2afb38f91350ac05 Mon Sep 17 00:00:00 2001 From: Kayou Date: Fri, 2 Aug 2024 15:28:33 +0200 Subject: [PATCH] update nginx conf, add new services --- conf/nginx.conf | 2 ++ conf/notify_push.conf | 8 ++++++++ conf/systemd.service | 6 +++--- conf/watcher.path | 11 +++++++++++ conf/watcher.service | 15 +++++++++++++++ scripts/_common.sh | 23 ----------------------- scripts/backup | 6 ++++-- scripts/change_url | 15 ++++++++++++--- scripts/install | 18 ++++++++++-------- scripts/remove | 2 +- scripts/restore | 42 ++++++++++++++++++++---------------------- scripts/upgrade | 17 ++++++++--------- 12 files changed, 94 insertions(+), 71 deletions(-) create mode 100644 conf/notify_push.conf create mode 100644 conf/watcher.path create mode 100644 conf/watcher.service diff --git a/conf/nginx.conf b/conf/nginx.conf index 5a4f22a..aabd447 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -165,6 +165,8 @@ location ^~ __PATH__/ { try_files $uri / __PATH__/index.php$request_uri; } + include conf.d/__DOMAIN__.d/__APP__.d/*.conf; + # show YunoHost panel access include conf.d/yunohost_panel.conf.inc; } diff --git a/conf/notify_push.conf b/conf/notify_push.conf new file mode 100644 index 0000000..449a07c --- /dev/null +++ b/conf/notify_push.conf @@ -0,0 +1,8 @@ +location ^~ __PATH__/push/ { + proxy_pass http://unix:__INSTALL_DIR__/notify-push.sock; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +} \ No newline at end of file diff --git a/conf/systemd.service b/conf/systemd.service index 3392f20..792d800 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -2,10 +2,10 @@ Description = Push daemon for Nextcloud clients [Service] -Environment=SOCKET_PATH=__FINAL_PATH__/notify-push.sock -Environment=NEXTCLOUD_URL=https://__DOMAIN____PATH__ +Environment=SOCKET_PATH=__INSTALL_DIR__/notify-push.sock Environment=ALLOW_SELF_SIGNED=true -ExecStart=__FINAL_PATH__/apps/notify_push/bin/x86_64/notify_push __FINAL_PATH__/config/config.php +ExecStart=__INSTALL_DIR__/apps/notify_push/bin/__ARCH__/notify_push __INSTALL_DIR__/config/config.php +Type=notify User=__APP__ Group=__APP__ diff --git a/conf/watcher.path b/conf/watcher.path new file mode 100644 index 0000000..c4507e3 --- /dev/null +++ b/conf/watcher.path @@ -0,0 +1,11 @@ +[Unit] +Description=Restart Push daemon for Nextcloud clients when it receives updates +Documentation=https://github.com/nextcloud/notify_push +PartOf=__APP__-notify-push-watcher.service + +[Path] +PathModified=/var/www/nextcloud/apps/notify_push/bin/__ARCH__/notify_push +Unit=__APP__-notify-push-watcher. + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/conf/watcher.service b/conf/watcher.service new file mode 100644 index 0000000..7538525 --- /dev/null +++ b/conf/watcher.service @@ -0,0 +1,15 @@ +[Unit] +Description=Restart Push daemon for Nextcloud clients when it receives updates +Documentation=https://github.com/nextcloud/notify_push +#Requires=__APP__-notify-push.service +After=__APP__-notify-push.service +StartLimitIntervalSec=10 +StartLimitBurst=5 + +[Service] +Type=oneshot +ExecStartPre=/usr/bin/chmod +x __INSTALL_DIR__/apps/notify_push/bin/__ARCH__/notify_push +ExecStart=/usr/bin/systemctl restart __APP__-notify-push.service + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/scripts/_common.sh b/scripts/_common.sh index df6b014..19c1859 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -54,29 +54,6 @@ is_url_handled() { fi } -# Adapted from nginx helpers -ynh_add_nginx_notify_push_config() { - local saved_app=${app} - app="${app}_notify_push.conf" - ynh_add_nginx_config - app=${saved_app} -} - -ynh_remove_nginx_notify_push_config() { - local saved_app=${app} - app="${app}_notify_push.conf" - ynh_remove_nginx_config - app=${saved_app} -} - - -ynh_change_url_nginx_notify_push_config() { - local saved_app=${app} - app="${app}_notify_push.conf" - ynh_change_url_nginx_config - app=${saved_app} -} - #================================================= # FUTURE OFFICIAL HELPERS #================================================= diff --git a/scripts/backup b/scripts/backup index 96685d0..d37ea65 100755 --- a/scripts/backup +++ b/scripts/backup @@ -32,7 +32,7 @@ ynh_backup --src_path="$data_dir" --is_big #================================================= ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/${app}_notify_push.conf" +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.d" #================================================= # BACKUP THE PHP-FPM CONFIGURATION @@ -78,9 +78,11 @@ ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.s # BACKUP THE NOTIFY_PUSH APP #================================================= -if [ $use_notify_push -eq 1 ] +if [ $enable_notify_push -eq 1 ] then ynh_backup --src_path="/etc/systemd/system/${app}-notify-push.service" + ynh_backup --src_path="/etc/systemd/system/${app}-notify-push-watcher.service" + ynh_backup --src_path="/etc/systemd/system/${app}-notify-push-watcher.path" fi #================================================= diff --git a/scripts/change_url b/scripts/change_url index 2c6f9c4..76cb493 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -29,8 +29,6 @@ fi ynh_change_url_nginx_config -ynh_change_url_nginx_notify_push_config - #================================================= # SPECIFIC MODIFICATIONS #================================================= @@ -52,6 +50,8 @@ then # Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload + + mv /etc/nginx/conf.d/$old_domain.d/$app.d /etc/nginx/conf.d/$new_domain.d/$app.d fi #================================================= @@ -62,11 +62,20 @@ if [ $enable_notify_push -eq 1 ] then domain="$new_domain" path_url="$new_path" - exec_occ config:app:set notify_push base_endpoint --value https://$domain$path_url/push + + ynh_add_config --template="notify_push.conf" --destination="/etc/nginx/conf.d/$domain.d/$app.d/notify_push.conf" + + ynh_systemd_action --service_name=nginx --action=reload ynh_add_systemd_config --service="${app}-notify-push" ynh_systemd_action --service_name="${app}-notify-push" --action=restart + + exec_occ config:app:set notify_push base_endpoint --value https://$domain$path_url/push + + if ! exec_occ notify_push:self-test; then + ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart $app-notify-push.service\", and run \"sudo -u $app php${phpversion} $final_path/occ notify_push:self-test\" to verify that everything is green." + fi fi #================================================= diff --git a/scripts/install b/scripts/install index b742c5b..7dda92a 100755 --- a/scripts/install +++ b/scripts/install @@ -49,14 +49,17 @@ then sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" fi -if [ $enable_notify_push -eq 1 ] -then - ynh_add_nginx_notify_push_config -fi +nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d" +mkdir -p "$nginx_extra_conf_dir" # Create a dedicated NGINX config ynh_add_nginx_config +if [ $enable_notify_push -eq 1 ] +then + ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf" +fi + #================================================= # INSTALL NEXTCLOUD #================================================= @@ -246,6 +249,8 @@ then chown $app: /var/run/$app/ ynh_add_systemd_config --service="${app}-notify-push" + ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service" + ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path" fi #================================================= @@ -264,10 +269,6 @@ find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 chmod 600 "$install_dir/config/config.php" chmod 755 /home/yunohost.app chmod 750 $install_dir -if [ $enable_notify_push -eq 1 ] -then - chmod 740 $final_path/apps/notify_push/bin/x86_64/notify_push -fi #================================================= # SETUP LOGROTATE @@ -291,6 +292,7 @@ ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.* if [ $enable_notify_push -eq 1 ] then + ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart ynh_systemd_action --service_name="${app}-notify-push" --action=restart if ! exec_occ notify_push:self-test; then diff --git a/scripts/remove b/scripts/remove index b7fb0bc..69ed529 100755 --- a/scripts/remove +++ b/scripts/remove @@ -12,7 +12,7 @@ ynh_script_progression --message="Removing system configurations related to $app # Remove the dedicated NGINX config ynh_remove_nginx_config -ynh_remove_nginx_notify_push_config +ynh_secure_remove --file="/etc/nginx/conf.d/$domain.d/$app.d" # Remove the dedicated PHP-FPM config ynh_remove_fpm_config diff --git a/scripts/restore b/scripts/restore index 7288ca6..d747c18 100755 --- a/scripts/restore +++ b/scripts/restore @@ -36,7 +36,7 @@ ynh_add_fpm_config #================================================= ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/${app}_notify_push.conf" +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.d" # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" @@ -75,21 +75,6 @@ ynh_script_progression --message="Restoring data directory..." --weight=2 # Use --not_mandatory for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup. ynh_restore_file --origin_path="$data_dir" --not_mandatory -#================================================= -# RESTORE THE NOTIFY_PUSH APP -#================================================= - -if [ $enable_notify_push -eq 1 ] -then - mkdir -p /var/run/$app/ - chown $app: /var/run/$app/ - - ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push.service" - - systemctl enable "${app}-notify-push".service --quiet - ynh_systemd_action --service_name="${app}-notify-push" --action=restart -fi - #================================================= # RESTORE USER RIGHTS #================================================= @@ -105,11 +90,6 @@ chmod 600 "$install_dir/config/config.php" chmod 755 /home/yunohost.app chmod 750 $install_dir -if [ $enable_notify_push -eq 1 ] -then - chmod 740 $final_path/apps/notify_push/bin/x86_64/notify_push -fi - # Iterate over users to extend their home folder permissions - for the external # storage plugin usage - and create relevant Nextcloud directories for u in $(ynh_user_list); do @@ -144,6 +124,23 @@ fi ynh_systemd_action --action=restart --service_name=fail2ban +#================================================= +# RESTORE THE NOTIFY_PUSH APP +#================================================= + +if [ $enable_notify_push -eq 1 ] +then + mkdir -p /var/run/$app/ + chown $app: /var/run/$app/ + + ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push.service" + ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push-watcher.service" + ynh_restore_file --origin_path="/etc/systemd/system/${app}-notify-push-watcher.path" + + systemctl enable "${app}-notify-push".service --quiet + systemctl enable "${app}-notify-push-watcher".service --quiet +fi + #================================================= # GENERIC FINALIZATION #================================================= @@ -164,8 +161,9 @@ exec_occ() { if [ $enable_notify_push -eq 1 ] then + ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart ynh_systemd_action --service_name="${app}-notify-push" --action=restart - + if ! exec_occ notify_push:self-test; then ynh_print_warn --message="The High Performance Backend service is still not working properly. Please log in with a user to your NextCloud instance, restart the High Performance Backend service with \"systemctl restart $app-notify-push.service\", and run \"sudo -u $app php${phpversion} $final_path/occ notify_push:self-test\" to verify that everything is green." fi diff --git a/scripts/upgrade b/scripts/upgrade index aa9fb9b..cf7df03 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -331,11 +331,6 @@ chmod 600 "$install_dir/config/config.php" chmod 755 /home/yunohost.app chmod 750 $install_dir -if [ $enable_notify_push -eq 1 ] -then - chmod 740 $final_path/apps/notify_push/bin/x86_64/notify_push -fi - #================================================= # REGEN SYSTEM CONFIGURATIONS #================================================= @@ -371,12 +366,15 @@ then fi # Create a dedicated NGINX config -ynh_add_nginx_config +nginx_extra_conf_dir="/etc/nginx/conf.d/$domain.d/$app.d" +mkdir -p "$nginx_extra_conf_dir" +# Create a dedicated NGINX config +ynh_add_nginx_config if [ $enable_notify_push -eq 1 ] then - ynh_add_nginx_notify_push_config + ynh_add_config --template="notify_push.conf" --destination="$nginx_extra_conf_dir/notify_push.conf" fi #================================================= @@ -408,8 +406,8 @@ then chown $app: /var/run/$app/ ynh_add_systemd_config --service="${app}-notify-push" - - ynh_systemd_action --service_name="${app}-notify-push" --action=restart + ynh_add_systemd_config --service="${app}-notify-push-watcher" --template="watcher.service" + ynh_add_config --template="watcher.path" --destination="/etc/systemd/system/${app}-notify-push-watcher.path" fi #================================================= @@ -431,6 +429,7 @@ ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.* if [ $use_notify_push -eq 1 ] then + ynh_systemd_action --service_name="${app}-notify-push-watcher" --action=restart ynh_systemd_action --service_name="${app}-notify-push" --action=restart if ! exec_occ notify_push:self-test; then