YunoHost-Apps/nodered_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nodered_ynh.git synced 2024-09-03 19:46:25 +02:00
Code Issues Activity Actions

Merge pull request #34 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
tituspijean 2021-09-25 12:11:00 +02:00 committed by GitHub
commit ec380d3a79
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
19 changed files with 828 additions and 462 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

126
.github/workflows/updater.sh vendored Executable file
View file

@ -0,0 +1,126 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | .tag_name' | sort -V | tail -1)
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
echo "${#assets[@]} available asset(s)"
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Here we use the $assets variable to get the resources published in the upstream release.
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
# Let's loop over the array of assets URLs
for asset_url in ${assets[@]}; do
echo "Handling asset at $asset_url"
# Assign the asset to a source file in conf/ directory
# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
# Leave $src empty to ignore the asset
case $asset_url in
*"node-red-"*)
src="app"
;;
*)
src=""
;;
esac
# If $src is not empty, let's process the asset
if [ ! -z "$src" ]; then
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${DOWNLOAD_URL##*/}
curl --silent -4 -L $DOWNLOAD_URL -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$DOWNLOAD_URL
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
EOT
echo "... conf/$src.src updated"
else
echo "... asset ignored"
fi
done
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Install moreutils, needed for sponge
sudo apt-get install moreutils
# Replace new version in manifest
jq -s --indent 4 ".[] | .version = \"$VERSION~ynh1\"" manifest.json | sponge manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

48
.github/workflows/updater.yml vendored Normal file
View file

@ -0,0 +1,48 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Run the updater script
./.github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
draft: false

23
README.md
View file

@ -15,9 +15,19 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
## Overview ## Overview
Flow-based programming for the Internet of Things Node-RED is a programming tool for wiring together hardware devices, APIs and online services in new and interesting ways.
**Shipped version:** 1.3.5~ynh2 It provides a browser-based editor that makes it easy to wire together flows using the wide range of nodes in the palette that can be deployed to its runtime in a single-click.
### Features
- Browser-based flow editing
- On-click deployment of the flows
- Over 225,000 modules available
- Custom JavaScript functions can be written
**Shipped version:** 2.0.6~ynh1
@ -28,10 +38,11 @@ Flow-based programming for the Internet of Things
## Disclaimers / important information ## Disclaimers / important information
YunoHost's permissions system allows you to select which users can have access to Node-RED: YunoHost's permissions system allows you to select which users can have access to Node-RED:
* The `main` permission protects * `main` permission protects `/admin`, the flows editor. The administrator is chosen during installation ;
* `/path`, to access to the dashboard ; * `ui` permission protects `/ui`, the dashboard allowing visual interface for the flows. Public access is chosen during installation ;
* all `/path/<node>` endpoints defined in the HTTP nodes (with the exception of `/path/admin`). * `endpoints` permission protects `/`, for API-like endpoints. Public access is chosen during installation.
* Upon installation, the selected administrator will have the `admin` permission and access to the editor at `/path/admin`
If you have upgraded Node-RED beyond v2, check that these permissions suit you in your YunoHost admin panel.
## Documentation and resources ## Documentation and resources

25
README_fr.md
View file

@ -11,9 +11,19 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
## Vue d'ensemble ## Vue d'ensemble
Programmation par flux de données pour l'Internet des objets Node-RED est un outil de programmation pour connecter des appareils, API, et des services en ligne en de nouvelles et intéressantes façons.
**Version incluse :** 1.3.5~ynh2 Il propose un éditeur accessible dans le navigateur, qui facilite l'ébauche de flux qui connectent ensemble la grande variété de nœuds disponibles dans sa palette. Ces flux sont ensuite activables et déployables en un clic.
### Fonctionnalités
- Edition de flux dans le navigateur
- Déploiement des flux en un clic
- Plus de 225 000 modules disponibles
- Fonctions personnalisées en JavaScript
**Version incluse :** 2.0.6~ynh1
@ -23,11 +33,12 @@ Programmation par flux de données pour l'Internet des objets
## Avertissements / informations importantes ## Avertissements / informations importantes
Le système de permissions de YunoHost permet de paramétrer les accès à Node-RED. Par défaut, seul l'administrateur sélectionné lors de l'installation y a accès. Le système de permissions de YunoHost permet de paramétrer les accès à Node-RED :
* La permission `main` protège * la permission `main` protège `/admin`, l'éditeur de flux. L'administrateur est sélectionné pendant l'installation ;
* `/chemin`, pour accéder au tableau de bord ; * la permisison `ui` protège `/ui`, le tableau de bord permettant de donner une interface graphique aux flux. L'accès public est défini lors de l'installation ;
* toutes les routes `/path/<node>` définis par les *nodes* HTTP (à l'exception de `/chemin/admin`). * la permission `endpoints` protège `/`, pour notamment les points d'entrée de type API. L'accès public est défini lors de l'installation.
* L'utilisateur choisi comme admin à l'installation aura la permission `admin` et aura accès à l'éditeur à l'adresse `/chemin/admin`
Si vous avez mis à jour Node-RED au-delà de la version 2, vérifiez que ces permissions vous conviennent dans votre panneau d'administration de YunoHost.
## Documentations et ressources ## Documentations et ressources

27
check_process
View file

@ -1,36 +1,29 @@
# See here for more information
# https://github.com/YunoHost/package_check#syntax-check_process-file
# Move this file from check_process.default to check_process when you have filled it.
;; Test complet ;; Test complet
; Manifest ; Manifest
domain="domain.tld" (DOMAIN) domain="domain.tld"
path="/path" (PATH) path="/path"
admin="john" (USER) admin="john"
password="pass" is_public=1
port="666" (PORT)
; Checks ; Checks
pkg_linter=1 pkg_linter=1
setup_sub_dir=1 setup_sub_dir=1
setup_root=1 setup_root=1
setup_nourl=0 setup_nourl=0
setup_private=1 setup_private=1
setup_public=0 #Considering the sensitive actions this app can do, I prefer to have it private setup_public=1
upgrade=1 upgrade=1
upgrade=0 from_commit=567fc9435804add272fa4ae48a7cf1ec5f173d2d
upgrade=1 from_commit=453b13703bb418a7da33ed4f3e96a486b365d865 upgrade=1 from_commit=453b13703bb418a7da33ed4f3e96a486b365d865
upgrade=1 from_commit=2b01dad6ce2214a07f8b5dd63ee040c34268204c
backup_restore=1 backup_restore=1
multi_instance=1 multi_instance=1
port_already_use=1
change_url=1 change_url=1
;;; Options ;;; Options
Email= Email=
Notification=none Notification=none
;;; Upgrade options ;;; Upgrade options
; commit=CommitHash
name=Name and date of the commit.
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&password=pass&port=666&
; commit=453b13703bb418a7da33ed4f3e96a486b365d865 ; commit=453b13703bb418a7da33ed4f3e96a486b365d865
name=v1.2.9 2021-02-20 name=v1.2.9 2021-02-20
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&password=pass&port=666& manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1&
; commit=2b01dad6ce2214a07f8b5dd63ee040c34268204c
name=Merge pull request #26 from YunoHost-Apps/testing
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1&

4
conf/app.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/node-red/node-red/releases/download/1.3.5/node-red-1.3.5.zip SOURCE_URL=https://github.com/node-red/node-red/releases/download/2.0.6/node-red-2.0.6.zip
SOURCE_SUM=44cda9032f1658fb23a9927fe37f518b778433a3091b7dc5d78cda9250234720 SOURCE_SUM=ddeeb2afebef145715c94b1888b08ee1b69290bb5440b5318c2523bf3bd0f290
SOURCE_SUM_PRG=sha256sum SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true

68
conf/flows.json Normal file
View file

@ -0,0 +1,68 @@
[
{
"id": "bc116265cdf0e254",
"type": "tab",
"label": "Flow 1",
"disabled": false,
"info": ""
},
{
"id": "255633424e315905",
"type": "http in",
"z": "bc116265cdf0e254",
"name": "",
"url": "/",
"method": "get",
"upload": false,
"swaggerDoc": "",
"x": 130,
"y": 160,
"wires": [
[
"a2420c0d393687a4"
]
]
},
{
"id": "274b98239a2ae817",
"type": "http response",
"z": "bc116265cdf0e254",
"name": "",
"statusCode": "200",
"headers": {
"test": "test"
},
"x": 460,
"y": 160,
"wires": []
},
{
"id": "a2420c0d393687a4",
"type": "function",
"z": "bc116265cdf0e254",
"name": "Set answer's body",
"func": "msg.payload=\"Node-RED has been sucessfully installed!\";\n\nreturn msg;",
"outputs": 1,
"noerr": 0,
"initialize": "",
"finalize": "",
"libs": [],
"x": 290,
"y": 160,
"wires": [
[
"274b98239a2ae817"
]
]
},
{
"id": "cb54e0b32ffe6082",
"type": "comment",
"z": "bc116265cdf0e254",
"name": "Demo of HTTP node for Node-RED",
"info": "",
"x": 220,
"y": 120,
"wires": []
}
]

8
conf/nginx.conf
View file

@ -1,10 +1,13 @@
location ^~ __PATH__ { location ^~ __PATH__/ {
if ($scheme = http) { if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent; rewrite ^ https://$server_name$request_uri? permanent;
} }
proxy_pass http://localhost:__PORT____PATH__; rewrite ^__PATH__/admin$ https://$host__PATH__/admin/ permanent;
rewrite ^__PATH__/ui$ https://$host__PATH__/ui/ permanent;
proxy_pass http://localhost:__PORT__/;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_redirect http:// https://; proxy_redirect http:// https://;
proxy_http_version 1.1; proxy_http_version 1.1;
@ -15,4 +18,3 @@ location ^~ __PATH__ {
# Include SSOWAT user panel. # Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc; include conf.d/yunohost_panel.conf.inc;
} }

642
conf/settings.js
View file

@ -9,124 +9,70 @@
* *
* For more information about individual settings, refer to the documentation: * For more information about individual settings, refer to the documentation:
* https://nodered.org/docs/user-guide/runtime/configuration * https://nodered.org/docs/user-guide/runtime/configuration
*
* The settings are split into the following sections:
* - Flow File and User Directory Settings
* - Security
* - Server Settings
* - Runtime Settings
* - Editor Settings
* - Node Settings
*
**/ **/
module.exports = { module.exports = {
// the tcp port that the Node-RED web server is listening on
uiPort: process.env.PORT || 1880,
// By default, the Node-RED UI accepts connections on all IPv4 interfaces. /*******************************************************************************
// To listen on all IPv6 addresses, set uiHost to "::", * Flow File and User Directory Settings
// The following property can be used to listen on a specific interface. For * - flowFile
// example, the following would only allow connections from the local machine. * - credentialSecret
//uiHost: "127.0.0.1", * - flowFilePretty
* - userDir
* - nodesDir
******************************************************************************/
// Retry time in milliseconds for MQTT connections /** The file containing the flows. If not set, defaults to flows_<hostname>.json **/
mqttReconnectTime: 15000, flowFile: 'flows.json',
// Retry time in milliseconds for Serial port connections /** By default, credentials are encrypted in storage using a generated key. To
serialReconnectTime: 15000, * specify your own secret, set the following property.
* If you want to disable encryption of credentials, set this property to false.
// Retry time in milliseconds for TCP socket connections * Note: once you set this property, do not change it - doing so will prevent
//socketReconnectTime: 10000, * node-red from being able to decrypt your existing credentials and they will be
* lost.
// Timeout in milliseconds for TCP server socket connections */
// defaults to no timeout
//socketTimeout: 120000,
// Maximum number of messages to wait in queue while attempting to connect to TCP socket
// defaults to 1000
//tcpMsgQueueSize: 2000,
// Timeout in milliseconds for HTTP request connections
// defaults to 120 seconds
//httpRequestTimeout: 120000,
// Maximum buffer size for the exec node
// defaults to 10Mb
//execMaxBufferSize: 10000000,
// Timeout in milliseconds for inbound WebSocket connections that do not
// match any configured node.
// defaults to 5000
//inboundWebSocketTimeout: 5000
// The maximum length, in characters, of any message sent to the debug sidebar tab
debugMaxLength: 1000,
// The maximum number of messages nodes will buffer internally as part of their
// operation. This applies across a range of nodes that operate on message sequences.
// defaults to no limit. A value of 0 also means no limit is applied.
//nodeMessageBufferMaxLength: 0,
// To disable the option for using local files for storing keys and certificates in the TLS configuration
// node, set this to true
//tlsConfigDisableLocalFiles: true,
// Colourise the console output of the debug node
//debugUseColors: true,
// The file containing the flows. If not set, it defaults to flows_<hostname>.json
//flowFile: 'flows.json',
// To enabled pretty-printing of the flow within the flow file, set the following
// property to true:
//flowFilePretty: true,
// By default, credentials are encrypted in storage using a generated key. To
// specify your own secret, set the following property.
// If you want to disable encryption of credentials, set this property to false.
// Note: once you set this property, do not change it - doing so will prevent
// node-red from being able to decrypt your existing credentials and they will be
// lost.
//credentialSecret: "a-secret-key", //credentialSecret: "a-secret-key",
// By default, all user data is stored in a directory called `.node-red` under /** By default, the flow JSON will be formatted over multiple lines making
// the user's home directory. To use a different location, the following * it easier to compare changes when using version control.
// property can be used * To disable pretty-printing of the JSON set the following property to false.
//userDir: '/home/nol/.node-red/', */
flowFilePretty: true,
// Node-RED scans the `nodes` directory in the userDir to find local node files. /** By default, all user data is stored in a directory called `.node-red` under
// The following property can be used to specify an additional directory to scan. * the user's home directory. To use a different location, the following
//nodesDir: '/home/nol/.node-red/nodes', * property can be used
*/
userDir: '__FINALPATH__/data/',
// By default, the Node-RED UI is available at http://localhost:1880/ /** Node-RED scans the `nodes` directory in the userDir to find local node files.
// The following property can be used to specify a different root path. * The following property can be used to specify an additional directory to scan.
// If set to false, this is disabled. */
httpAdminRoot: '__ADMIN_URL__', nodesDir: '__FINALPATH__/data/nodes',
// Some nodes, such as HTTP In, can be used to listen for incoming http requests. /*******************************************************************************
// By default, these are served relative to '/'. The following property * Security
// can be used to specifiy a different root path. If set to false, this is * - adminAuth
// disabled. * - https
httpNodeRoot: '__NODES_URL__', * - httpsRefreshInterval
* - requireHttps
* - httpNodeAuth
* - httpStaticAuth
******************************************************************************/
// The following property can be used in place of 'httpAdminRoot' and 'httpNodeRoot', /** To password protect the Node-RED editor and admin API, the following
// to apply the same root to both parts. * property can be used. See http://nodered.org/docs/security.html for details.
//httpRoot: '/red', */
// When httpAdminRoot is used to move the UI to a different root path, the
// following property can be used to identify a directory of static content
// that should be served at http://localhost:1880/.
//httpStatic: '/home/nol/node-red-static/',
// The maximum size of HTTP request that will be accepted by the runtime api.
// Default: 5mb
//apiMaxLength: '5mb',
// If you installed the optional node-red-dashboard you can set it's path
// relative to httpRoot
// Other optional properties include
// readOnly:{boolean},
// middleware:{function or array}, (req,res,next) - http middleware
// ioMiddleware:{function or array}, (socket,next) - socket.io middleware
ui: { path: "/" },
// Securing Node-RED
// -----------------
// To password protect the Node-RED editor and admin API, the following
// property can be used. See http://nodered.org/docs/security.html for details.
//adminAuth: { //adminAuth: {
// type: "credentials", // type: "credentials",
// users: [{ // users: [{
@ -136,24 +82,20 @@ module.exports = {
// }] // }]
//}, //},
// To password protect the node-defined HTTP endpoints (httpNodeRoot), or /** The following property can be used to enable HTTPS
// the static content (httpStatic), the following properties can be used. * This property can be either an object, containing both a (private) key
// The pass field is a bcrypt hash of the password. * and a (public) certificate, or a function that returns such an object.
// See http://nodered.org/docs/security.html#generating-the-password-hash * See http://nodejs.org/api/https.html#https_https_createserver_options_requestlistener
//httpNodeAuth: {user:"user",pass:"$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN."}, * for details of its contents.
//httpStaticAuth: {user:"user",pass:"$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN."}, */
// The following property can be used to enable HTTPS /** Option 1: static object */
// See http://nodejs.org/api/https.html#https_https_createserver_options_requestlistener
// for details on its contents.
// This property can be either an object, containing both a (private) key and a (public) certificate,
// or a function that returns such an object:
//// https object:
//https: { //https: {
// key: require("fs").readFileSync('privkey.pem'), // key: require("fs").readFileSync('privkey.pem'),
// cert: require("fs").readFileSync('cert.pem') // cert: require("fs").readFileSync('cert.pem')
//}, //},
////https function:
/** Option 2: function that returns the HTTP configuration object */
// https: function() { // https: function() {
// // This function should return the options object, or a Promise // // This function should return the options object, or a Promise
// // that resolves to the options object // // that resolves to the options object
@ -163,54 +105,71 @@ module.exports = {
// } // }
// }, // },
// The following property can be used to refresh the https settings at a /** If the `https` setting is a function, the following setting can be used
// regular time interval in hours. * to set how often, in hours, the function will be called. That can be used
// This requires: * to refresh any certificates.
// - the `https` setting to be a function that can be called to get */
// the refreshed settings.
// - Node.js 11 or later.
//httpsRefreshInterval : 12, //httpsRefreshInterval : 12,
// The following property can be used to cause insecure HTTP connections to /** The following property can be used to cause insecure HTTP connections to
// be redirected to HTTPS. * be redirected to HTTPS.
*/
//requireHttps: true, //requireHttps: true,
// The following property can be used to disable the editor. The admin API /** To password protect the node-defined HTTP endpoints (httpNodeRoot),
// is not affected by this option. To disable both the editor and the admin * including node-red-dashboard, or the static content (httpStatic), the
// API, use either the httpRoot or httpAdminRoot properties * following properties can be used.
//disableEditor: false, * The `pass` field is a bcrypt hash of the password.
* See http://nodered.org/docs/security.html#generating-the-password-hash
*/
//httpNodeAuth: {user:"user",pass:"$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN."},
//httpStaticAuth: {user:"user",pass:"$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN."},
// The following property can be used to configure cross-origin resource sharing /*******************************************************************************
// in the HTTP nodes. * Server Settings
// See https://github.com/troygoode/node-cors#configuration-options for * - uiPort
// details on its contents. The following is a basic permissive set of options: * - uiHost
//httpNodeCors: { * - apiMaxLength
// origin: "*", * - httpServerOptions
// methods: "GET,PUT,POST,DELETE" * - httpAdminRoot
//}, * - httpAdminMiddleware
* - httpNodeRoot
* - httpNodeCors
* - httpNodeMiddleware
* - httpStatic
******************************************************************************/
// If you need to set an http proxy please set an environment variable /** the tcp port that the Node-RED web server is listening on */
// called http_proxy (or HTTP_PROXY) outside of Node-RED in the operating system. uiPort: process.env.PORT || 1880,
// For example - http_proxy=http://myproxy.com:8080
// (Setting it here will have no effect)
// You may also specify no_proxy (or NO_PROXY) to supply a comma separated
// list of domains to not proxy, eg - no_proxy=.acme.co,.acme.co.uk
// The following property can be used to add a custom middleware function /** By default, the Node-RED UI accepts connections on all IPv4 interfaces.
// in front of all http in nodes. This allows custom authentication to be * To listen on all IPv6 addresses, set uiHost to "::",
// applied to all http in nodes, or any other sort of common request processing. * The following property can be used to listen on a specific interface. For
// It can be a single function or an array of middleware functions. * example, the following would only allow connections from the local machine.
//httpNodeMiddleware: function(req,res,next) { */
// // Handle/reject the request, or pass it on to the http in node by calling next(); uiHost: "127.0.0.1",
// // Optionally skip our rawBodyParser by setting this to true;
// //req.skipRawBodyParser = true;
// next();
//},
/** The maximum size of HTTP request that will be accepted by the runtime api.
* Default: 5mb
*/
//apiMaxLength: '5mb',
// The following property can be used to add a custom middleware function /** The following property can be used to pass custom options to the Express.js
// in front of all admin http routes. For example, to set custom http * server used by Node-RED. For a full list of available options, refer
// headers. It can be a single function or an array of middleware functions. * to http://expressjs.com/en/api.html#app.settings.table
*/
//httpServerOptions: { },
/** By default, the Node-RED UI is available at http://localhost:1880/
* The following property can be used to specify a different root path.
* If set to false, this is disabled.
*/
httpAdminRoot: '/admin',
/** The following property can be used to add a custom middleware function
* in front of all admin http routes. For example, to set custom http
* headers. It can be a single function or an array of middleware functions.
*/
// httpAdminMiddleware: function(req,res,next) { // httpAdminMiddleware: function(req,res,next) {
// // Set the X-Frame-Options header to limit where the editor // // Set the X-Frame-Options header to limit where the editor
// // can be embedded // // can be embedded
@ -218,131 +177,310 @@ module.exports = {
// next(); // next();
// }, // },
// The following property can be used to pass custom options to the Express.js
// server used by Node-RED. For a full list of available options, refer
// to http://expressjs.com/en/api.html#app.settings.table
//httpServerOptions: { },
// The following property can be used to verify websocket connection attempts. /** Some nodes, such as HTTP In, can be used to listen for incoming http requests.
// This allows, for example, the HTTP request headers to be checked to ensure * By default, these are served relative to '/'. The following property
// they include valid authentication information. * can be used to specifiy a different root path. If set to false, this is
//webSocketNodeVerifyClient: function(info) { * disabled.
// // 'info' has three properties: */
// // - origin : the value in the Origin header httpNodeRoot: '/',
// // - req : the HTTP request
// // - secure : true if req.connection.authorized or req.connection.encrypted is set /** The following property can be used to configure cross-origin resource sharing
// // * in the HTTP nodes.
// // The function should return true if the connection should be accepted, false otherwise. * See https://github.com/troygoode/node-cors#configuration-options for
// // * details on its contents. The following is a basic permissive set of options:
// // Alternatively, if this function is defined to accept a second argument, callback, */
// // it can be used to verify the client asynchronously. //httpNodeCors: {
// // The callback takes three arguments: // origin: "*",
// // - result : boolean, whether to accept the connection or not // methods: "GET,PUT,POST,DELETE"
// // - code : if result is false, the HTTP error status to return
// // - reason: if result is false, the HTTP reason string to return
//}, //},
// The following property can be used to seed Global Context with predefined /** If you need to set an http proxy please set an environment variable
// values. This allows extra node modules to be made available with the * called http_proxy (or HTTP_PROXY) outside of Node-RED in the operating system.
// Function node. * For example - http_proxy=http://myproxy.com:8080
// For example, * (Setting it here will have no effect)
// functionGlobalContext: { os:require('os') } * You may also specify no_proxy (or NO_PROXY) to supply a comma separated
// can be accessed in a function block as: * list of domains to not proxy, eg - no_proxy=.acme.co,.acme.co.uk
// global.get("os") */
functionGlobalContext: {
// os:require('os'),
// jfive:require("johnny-five"),
// j5board:require("johnny-five").Board({repl:false})
},
// Allow the Function node to load additional npm modules /** The following property can be used to add a custom middleware function
functionExternalModules: false, * in front of all http in nodes. This allows custom authentication to be
* applied to all http in nodes, or any other sort of common request processing.
* It can be a single function or an array of middleware functions.
*/
//httpNodeMiddleware: function(req,res,next) {
// // Handle/reject the request, or pass it on to the http in node by calling next();
// // Optionally skip our rawBodyParser by setting this to true;
// //req.skipRawBodyParser = true;
// next();
//},
// `global.keys()` returns a list of all properties set in global context. /** When httpAdminRoot is used to move the UI to a different root path, the
// This allows them to be displayed in the Context Sidebar within the editor. * following property can be used to identify a directory of static content
// In some circumstances it is not desirable to expose them to the editor. The * that should be served at http://localhost:1880/.
// following property can be used to hide any property set in `functionGlobalContext` */
// from being list by `global.keys()`. //httpStatic: '/home/nol/node-red-static/',
// By default, the property is set to false to avoid accidental exposure of
// their values. Setting this to true will cause the keys to be listed.
exportGlobalContextKeys: false,
// Uncomment the following to run node-red in your preferred language: /*******************************************************************************
* Runtime Settings
* - lang
* - logging
* - contextStorage
* - exportGlobalContextKeys
* - externalModules
******************************************************************************/
/** Uncomment the following to run node-red in your preferred language.
* Available languages include: en-US (default), ja, de, zh-CN, zh-TW, ru, ko
* Some languages are more complete than others.
*/
// lang: "de", // lang: "de",
// Context Storage /** Configure the logging output */
// The following property can be used to enable context storage. The configuration logging: {
// provided here will enable file-based context that flushes to disk every 30 seconds. /** Only console logging is currently supported */
// Refer to the documentation for further options: https://nodered.org/docs/api/context/ console: {
// /** Level of logging to be recorded. Options are:
* fatal - only those errors which make the application unusable should be recorded
* error - record errors which are deemed fatal for a particular request + fatal errors
* warn - record problems which are non fatal + errors + fatal errors
* info - record information about the general running of the application + warn + error + fatal errors
* debug - record information which is more verbose than info + info + warn + error + fatal errors
* trace - record very detailed logging + debug + info + warn + error + fatal errors
* off - turn off all logging (doesn't affect metrics or audit)
*/
level: "info",
/** Whether or not to include metric events in the log output */
metrics: false,
/** Whether or not to include audit events in the log output */
audit: false
}
},
/** Context Storage
* The following property can be used to enable context storage. The configuration
* provided here will enable file-based context that flushes to disk every 30 seconds.
* Refer to the documentation for further options: https://nodered.org/docs/api/context/
*/
//contextStorage: { //contextStorage: {
// default: { // default: {
// module:"localfilesystem" // module:"localfilesystem"
// }, // },
//}, //},
// The following property can be used to order the categories in the editor /** `global.keys()` returns a list of all properties set in global context.
// palette. If a node's category is not in the list, the category will get * This allows them to be displayed in the Context Sidebar within the editor.
// added to the end of the palette. * In some circumstances it is not desirable to expose them to the editor. The
// If not set, the following default order is used: * following property can be used to hide any property set in `functionGlobalContext`
//paletteCategories: ['subflows', 'common', 'function', 'network', 'sequence', 'parser', 'storage'], * from being list by `global.keys()`.
* By default, the property is set to false to avoid accidental exposure of
* their values. Setting this to true will cause the keys to be listed.
*/
exportGlobalContextKeys: false,
// Configure the logging output /** Configure how the runtime will handle external npm modules.
logging: { * This covers:
// Only console logging is currently supported * - whether the editor will allow new node modules to be installed
console: { * - whether nodes, such as the Function node are allowed to have their
// Level of logging to be recorded. Options are: * own dynamically configured dependencies.
// fatal - only those errors which make the application unusable should be recorded * The allow/denyList options can be used to limit what modules the runtime
// error - record errors which are deemed fatal for a particular request + fatal errors * will install/load. It can use '*' as a wildcard that matches anything.
// warn - record problems which are non fatal + errors + fatal errors */
// info - record information about the general running of the application + warn + error + fatal errors
// debug - record information which is more verbose than info + info + warn + error + fatal errors
// trace - record very detailed logging + debug + info + warn + error + fatal errors
// off - turn off all logging (doesn't affect metrics or audit)
level: "info",
// Whether or not to include metric events in the log output
metrics: false,
// Whether or not to include audit events in the log output
audit: false
}
},
// Configure how the runtime will handle external npm modules.
// This covers:
// - whether the editor will allow new node modules to be installed
// - whether nodes, such as the Function node are allowed to have their
// own dynamically configured dependencies.
// The allow/denyList options can be used to limit what modules the runtime
// will install/load. It can use '*' as a wildcard that matches anything.
externalModules: { externalModules: {
// autoInstall: false, // Whether the runtime will attempt to automatically install missing modules // autoInstall: false, /** Whether the runtime will attempt to automatically install missing modules */
// autoInstallRetry: 30, // Interval, in seconds, between reinstall attempts // autoInstallRetry: 30, /** Interval, in seconds, between reinstall attempts */
// palette: { // Configuration for the Palette Manager // palette: { /** Configuration for the Palette Manager */
// allowInstall: true, // Enable the Palette Manager in the editor // allowInstall: true, /** Enable the Palette Manager in the editor */
// allowUpload: true, // Allow module tgz files to be uploaded and installed // allowUpload: true, /** Allow module tgz files to be uploaded and installed */
// allowList: [], // allowList: [],
// denyList: [] // denyList: []
// }, // },
// modules: { // Configuration for node-specified modules // modules: { /** Configuration for node-specified modules */
// allowInstall: true, // allowInstall: true,
// allowList: [], // allowList: [],
// denyList: [] // denyList: []
// } // }
}, },
// Customising the editor
/*******************************************************************************
* Editor Settings
* - disableEditor
* - editorTheme
******************************************************************************/
/** The following property can be used to disable the editor. The admin API
* is not affected by this option. To disable both the editor and the admin
* API, use either the httpRoot or httpAdminRoot properties
*/
//disableEditor: false,
/** Customising the editor
* See https://nodered.org/docs/user-guide/runtime/configuration#editor-themes
* for all available options.
*/
editorTheme: { editorTheme: {
/** The following property can be used to set a custom theme for the editor.
* See https://github.com/node-red-contrib-themes/theme-collection for
* a collection of themes to chose from.
*/
//theme: "",
palette: {
/** The following property can be used to order the categories in the editor
* palette. If a node's category is not in the list, the category will get
* added to the end of the palette.
* If not set, the following default order is used:
*/
//categories: ['subflows', 'common', 'function', 'network', 'sequence', 'parser', 'storage'],
},
projects: { projects: {
// To enable the Projects feature, set this value to true /** To enable the Projects feature, set this value to true */
enabled: false, enabled: false,
workflow: { workflow: {
// Set the default projects workflow mode. /** Set the default projects workflow mode.
// - manual - you must manually commit changes * - manual - you must manually commit changes
// - auto - changes are automatically committed * - auto - changes are automatically committed
// This can be overridden per-user from the 'Git config' * This can be overridden per-user from the 'Git config'
// section of 'User Settings' within the editor * section of 'User Settings' within the editor
*/
mode: "manual" mode: "manual"
} }
},
codeEditor: {
/** Select the text editor component used by the editor.
* Defaults to "ace", but can be set to "ace" or "monaco"
*/
lib: "ace",
options: {
/** The follow options only apply if the editor is set to "monaco"
*
* theme - must match the file name of a theme in
* packages/node_modules/@node-red/editor-client/src/vendor/monaco/dist/theme
* e.g. "tomorrow-night", "upstream-sunburst", "github", "my-theme"
*/
theme: "vs",
/** other overrides can be set e.g. fontSize, fontFamily, fontLigatures etc.
* for the full list, see https://microsoft.github.io/monaco-editor/api/interfaces/monaco.editor.istandaloneeditorconstructionoptions.html
*/
//fontSize: 14,
//fontFamily: "Cascadia Code, Fira Code, Consolas, 'Courier New', monospace",
//fontLigatures: true,
} }
} }
},
/*******************************************************************************
* Node Settings
* - fileWorkingDirectory
* - functionGlobalContext
* - functionExternalModules
* - nodeMessageBufferMaxLength
* - ui (for use with Node-RED Dashboard)
* - debugUseColors
* - debugMaxLength
* - execMaxBufferSize
* - httpRequestTimeout
* - mqttReconnectTime
* - serialReconnectTime
* - socketReconnectTime
* - socketTimeout
* - tcpMsgQueueSize
* - inboundWebSocketTimeout
* - tlsConfigDisableLocalFiles
* - webSocketNodeVerifyClient
******************************************************************************/
/** The working directory to handle relative file paths from within the File nodes
* defaults to the working directory of the Node-RED process.
*/
//fileWorkingDirectory: "",
/** Allow the Function node to load additional npm modules directly */
functionExternalModules: true,
/** The following property can be used to set predefined values in Global Context.
* This allows extra node modules to be made available with in Function node.
* For example, the following:
* functionGlobalContext: { os:require('os') }
* will allow the `os` module to be accessed in a Function node using:
* global.get("os")
*/
functionGlobalContext: {
// os:require('os'),
},
/** The maximum number of messages nodes will buffer internally as part of their
* operation. This applies across a range of nodes that operate on message sequences.
* defaults to no limit. A value of 0 also means no limit is applied.
*/
//nodeMessageBufferMaxLength: 0,
/** If you installed the optional node-red-dashboard you can set it's path
* relative to httpNodeRoot
* Other optional properties include
* readOnly:{boolean},
* middleware:{function or array}, (req,res,next) - http middleware
* ioMiddleware:{function or array}, (socket,next) - socket.io middleware
*/
ui: { path: "/ui" },
/** Colourise the console output of the debug node */
//debugUseColors: true,
/** The maximum length, in characters, of any message sent to the debug sidebar tab */
debugMaxLength: 1000,
/** Maximum buffer size for the exec node. Defaults to 10Mb */
//execMaxBufferSize: 10000000,
/** Timeout in milliseconds for HTTP request connections. Defaults to 120s */
//httpRequestTimeout: 120000,
/** Retry time in milliseconds for MQTT connections */
mqttReconnectTime: 15000,
/** Retry time in milliseconds for Serial port connections */
serialReconnectTime: 15000,
/** Retry time in milliseconds for TCP socket connections */
//socketReconnectTime: 10000,
/** Timeout in milliseconds for TCP server socket connections. Defaults to no timeout */
//socketTimeout: 120000,
/** Maximum number of messages to wait in queue while attempting to connect to TCP socket
* defaults to 1000
*/
//tcpMsgQueueSize: 2000,
/** Timeout in milliseconds for inbound WebSocket connections that do not
* match any configured node. Defaults to 5000
*/
//inboundWebSocketTimeout: 5000,
/** To disable the option for using local files for storing keys and
* certificates in the TLS configuration node, set this to true.
*/
//tlsConfigDisableLocalFiles: true,
/** The following property can be used to verify websocket connection attempts.
* This allows, for example, the HTTP request headers to be checked to ensure
* they include valid authentication information.
*/
//webSocketNodeVerifyClient: function(info) {
// /** 'info' has three properties:
// * - origin : the value in the Origin header
// * - req : the HTTP request
// * - secure : true if req.connection.authorized or req.connection.encrypted is set
// *
// * The function should return true if the connection should be accepted, false otherwise.
// *
// * Alternatively, if this function is defined to accept a second argument, callback,
// * it can be used to verify the client asynchronously.
// * The callback takes three arguments:
// * - result : boolean, whether to accept the connection or not
// * - code : if result is false, the HTTP error status to return
// * - reason: if result is false, the HTTP reason string to return
// */
//},
} }

10
doc/DESCRIPTION.md Normal file
View file

@ -0,0 +1,10 @@
Node-RED is a programming tool for wiring together hardware devices, APIs and online services in new and interesting ways.
It provides a browser-based editor that makes it easy to wire together flows using the wide range of nodes in the palette that can be deployed to its runtime in a single-click.
### Features
- Browser-based flow editing
- On-click deployment of the flows
- Over 225,000 modules available
- Custom JavaScript functions can be written

10
doc/DESCRIPTION_fr.md Normal file
View file

@ -0,0 +1,10 @@
Node-RED est un outil de programmation pour connecter des appareils, API, et des services en ligne en de nouvelles et intéressantes façons.
Il propose un éditeur accessible dans le navigateur, qui facilite l'ébauche de flux qui connectent ensemble la grande variété de nœuds disponibles dans sa palette. Ces flux sont ensuite activables et déployables en un clic.
### Fonctionnalités
- Edition de flux dans le navigateur
- Déploiement des flux en un clic
- Plus de 225 000 modules disponibles
- Fonctions personnalisées en JavaScript

9
doc/DISCLAIMER.md
View file

@ -1,5 +1,6 @@
YunoHost's permissions system allows you to select which users can have access to Node-RED: YunoHost's permissions system allows you to select which users can have access to Node-RED:
* The `main` permission protects * `main` permission protects `/admin`, the flows editor. The administrator is chosen during installation ;
* `/path`, to access to the dashboard ; * `ui` permission protects `/ui`, the dashboard allowing visual interface for the flows. Public access is chosen during installation ;
* all `/path/<node>` endpoints defined in the HTTP nodes (with the exception of `/path/admin`). * `endpoints` permission protects `/`, for API-like endpoints. Public access is chosen during installation.
* Upon installation, the selected administrator will have the `admin` permission and access to the editor at `/path/admin`
If you have upgraded Node-RED beyond v2, check that these permissions suit you in your YunoHost admin panel.

11
doc/DISCLAIMER_fr.md
View file

@ -1,5 +1,6 @@
Le système de permissions de YunoHost permet de paramétrer les accès à Node-RED. Par défaut, seul l'administrateur sélectionné lors de l'installation y a accès. Le système de permissions de YunoHost permet de paramétrer les accès à Node-RED :
* La permission `main` protège * la permission `main` protège `/admin`, l'éditeur de flux. L'administrateur est sélectionné pendant l'installation ;
* `/chemin`, pour accéder au tableau de bord ; * la permisison `ui` protège `/ui`, le tableau de bord permettant de donner une interface graphique aux flux. L'accès public est défini lors de l'installation ;
* toutes les routes `/path/<node>` définis par les *nodes* HTTP (à l'exception de `/chemin/admin`). * la permission `endpoints` protège `/`, pour notamment les points d'entrée de type API. L'accès public est défini lors de l'installation.
* L'utilisateur choisi comme admin à l'installation aura la permission `admin` et aura accès à l'éditeur à l'adresse `/chemin/admin`
Si vous avez mis à jour Node-RED au-delà de la version 2, vérifiez que ces permissions vous conviennent dans votre panneau d'administration de YunoHost.

16
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Flow-based programming for the Internet of Things", "en": "Flow-based programming for the Internet of Things",
"fr": "Programmation par flux de données pour l'Internet des objets" "fr": "Programmation par flux de données pour l'Internet des objets"
}, },
"version": "1.3.5~ynh2", "version": "2.0.6~ynh1",
"url": "https://nodered.org", "url": "https://nodered.org",
"upstream": { "upstream": {
"license": "Apache-2.0", "license": "Apache-2.0",
@ -20,7 +20,7 @@
"email": "tituspijean@outlook.com" "email": "tituspijean@outlook.com"
}, },
"requirements": { "requirements": {
"yunohost": ">= 4.1.7" "yunohost": ">= 4.2.0"
}, },
"multi_instance": true, "multi_instance": true,
"services": [ "services": [
@ -30,8 +30,7 @@
"install" : [ "install" : [
{ {
"name": "domain", "name": "domain",
"type": "domain", "type": "domain"
"example": "example.com"
}, },
{ {
"name": "path", "name": "path",
@ -41,16 +40,15 @@
}, },
{ {
"name": "admin", "name": "admin",
"type": "user", "type": "user"
"example": "johndoe"
}, },
{ {
"name": "is_public", "name": "is_public",
"type": "boolean", "type": "boolean",
"default": true, "default": false,
"help": { "help": {
"en": "Should the dashboard and the nodes endpoints be publicly accessible?", "en": "Should the dashboard and HTTP endpoints be publicly accessible?",
"fr": "Le tableau de bord et les routes des nodes doivent-ils être publiquement accessibles?" "fr": "Le tableau de bord et les points d'accès HTTP doivent-ils être publiquement accessibles ?"
} }
} }
] ]

13
scripts/_common.sh
View file

@ -17,16 +17,3 @@ nodejs_version=16
#================================================= #=================================================
# FUTURE OFFICIAL HELPERS # FUTURE OFFICIAL HELPERS
#================================================= #=================================================
# Execute a command as another user
# usage: exec_as USER COMMAND [ARG ...]
exec_as() {
local USER=$1
shift 1
if [[ $USER = $(whoami) ]]; then
eval "$@"
else
sudo -u "$USER" "$@"
fi
}

69
scripts/install
View file

@ -26,15 +26,6 @@ admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
if [[ $path_url = "/" ]]
then
nodes_url="/"
admin_url="/admin"
else
nodes_url="$path_url"
admin_url="$path_url/admin"
fi
#================================================= #=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#================================================= #=================================================
@ -74,7 +65,7 @@ ynh_install_nodejs --nodejs_version=$nodejs_version
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Setting up source files..." --weight=1 ynh_script_progression --message="Setting up source files..." --weight=2
ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
@ -91,20 +82,20 @@ ynh_system_user_create --username=$app --home_dir=$final_path
#================================================= #=================================================
# Install through npm # Install through npm
#================================================= #=================================================
ynh_script_progression --message="Installing Node-RED..." --weight=2 ynh_script_progression --message="Installing Node-RED..." --weight=5
ynh_use_nodejs ynh_use_nodejs
chown -R $app: "$final_path" chown -R $app: "$final_path"
pushd $final_path pushd $final_path
ynh_exec_warn_less exec_as $app $ynh_node_load_PATH $ynh_npm install --production ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH $ynh_npm install --production
ynh_exec_warn_less exec_as $app $ynh_node_load_PATH $ynh_npm install node-red-dashboard ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH $ynh_npm install node-red-dashboard
popd popd
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=30 ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
@ -117,29 +108,31 @@ ynh_add_nginx_config
mkdir -p $final_path/data mkdir -p $final_path/data
ynh_add_config --template="../conf/settings.js" --destination="$final_path/data/settings.js" ynh_add_config --template="../conf/settings.js" --destination="$final_path/data/settings.js"
#================================================= # Small hack to have the "/" path answer with a 200 code to satisfy the CI
# SETUP SYSTEMD if [[ "${PACKAGE_CHECK_EXEC:-}" = "1" ]] ; then
#================================================= ynh_add_config --template="../conf/flows.json" --destination="$final_path/data/flows.json"
ynh_script_progression --message="Configuring a systemd service..." --weight=3 fi
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#================================================= #=================================================
# SECURE FILES AND DIRECTORIES # SECURE FILES AND DIRECTORIES
#================================================= #=================================================
# Set permissions to app files
chmod 750 "$final_path" chmod 750 "$final_path"
chmod -R o-rwx "$final_path" chmod -R o-rwx "$final_path"
chown -R $app: "$final_path" chown -R $app: "$final_path"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config
#================================================= #=================================================
# SETUP LOGROTATE # SETUP LOGROTATE
#================================================= #=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=3 ynh_script_progression --message="Configuring log rotation..." --weight=1
# Use logrotate to manage application logfile(s) # Use logrotate to manage application logfile(s)
ynh_use_logrotate ynh_use_logrotate
@ -153,7 +146,7 @@ yunohost service add $app --description="Low-code programming for event-driven a
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=2 ynh_script_progression --message="Starting a systemd service..." --weight=3
# Start a systemd service # Start a systemd service
ynh_systemd_action --service_name=$app --action="start" ynh_systemd_action --service_name=$app --action="start"
@ -163,16 +156,28 @@ ynh_systemd_action --service_name=$app --action="start"
#================================================= #=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1 ynh_script_progression --message="Configuring permissions..." --weight=1
# Make the dashboard and nodes endpoints public if necessary # The "main" permission is automatically created before the install script.
# Here we use it for the endpoints root, they should be world-accessible by default
# Since it is meant for automated actions, we hide the tile from the SSO
ynh_permission_create --permission="endpoints" --url="/" --show_tile=false
# Create the dashboard UI permission
ynh_permission_create --permission="ui" --url="/ui" --show_tile=true
# Reuse the main permission for the admin
ynh_permission_url --permission="main" --url="/admin"
ynh_permission_update --permission="main" --add="$admin" --remove="all_users" --show_tile=true
# Make the dashboard public if necessary
if [ $is_public -eq 1 ] if [ $is_public -eq 1 ]
then then
# Everyone can access the app. ynh_permission_update --permission="ui" --add="visitors"
# The "main" permission is automatically created before the install script. ynh_permission_update --permission="endpoints" --add="visitors"
ynh_permission_update --permission="main" --add="visitors" else
ynh_permission_update --permission="ui" --add="$admin"
ynh_permission_update --permission="endpoints" --add="$admin"
fi fi
ynh_permission_create --permission="admin" --url="/admin" --allowed="$admin" --label="admin" --show_tile=true
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================

17
scripts/restore
View file

@ -32,8 +32,6 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#================================================= #=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=1 ynh_script_progression --message="Validating restoration parameters..." --weight=1
ynh_webpath_available --domain=$domain --path_url=$path_url \
|| ynh_die --message="Path not available: ${domain}${path_url}"
test ! -d $final_path \ test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path " || ynh_die --message="There is already a directory: $final_path "
@ -45,13 +43,6 @@ test ! -d $final_path \
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring Node-RED main directory..." --weight=10
ynh_restore_file --origin_path="$final_path"
#================================================= #=================================================
# RECREATE THE DEDICATED USER # RECREATE THE DEDICATED USER
#================================================= #=================================================
@ -61,10 +52,12 @@ ynh_script_progression --message="Recreating the dedicated system user..." --wei
ynh_system_user_create --username=$app --home_dir=$final_path ynh_system_user_create --username=$app --home_dir=$final_path
#================================================= #=================================================
# RESTORE USER RIGHTS # RESTORE THE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Restoring Node-RED main directory..." --weight=5
ynh_restore_file --origin_path="$final_path"
# Restore permissions on app files
chmod 750 "$final_path" chmod 750 "$final_path"
chmod -R o-rwx "$final_path" chmod -R o-rwx "$final_path"
chown -R $app: "$final_path" chown -R $app: "$final_path"
@ -98,7 +91,7 @@ yunohost service add $app --description="Low-code programming for event-driven a
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action="start" ynh_systemd_action --service_name=$app --action="start"

53
scripts/update_version.sh
View file

@ -1,53 +0,0 @@
#!/bin/bash
source /usr/share/yunohost/helpers
repo="node-red/node-red"
#=================================================
# META HELPER FOR PACKAGE RELEASES
#=================================================
# This script is meant to be manually run by the app packagers
# to automatically update the source files.
# Thanks @lukechild and @jbellocastro
# https://gist.github.com/lukechilds/a83e1d7127b78fef38c2914c4ececc3c
version=$(curl --silent "https://api.github.com/repos/$repo/releases/latest" | jq -r ".tag_name")
download_url=$(curl --silent "https://api.github.com/repos/$repo/releases/latest" | jq -r ".assets[0].browser_download_url")
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${download_url##*/}
curl --silent -4 -L $download_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
ynh_secure_remove $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
cat <<EOT > ../conf/app.src
SOURCE_URL=$download_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
EOT
sed -i "s#\*\*Shipped version:\*\*.*#\*\*Shipped version:\*\* ${version}#" ../README.md
sed -i "s#\*\*Version incluse :\*\*.*#\*\*Version incluse :\*\* ${version}#" ../README_fr.md
sed -i "s# \"version\": \".*# \"version\": \"${version}\~ynh1\",#" ../manifest.json
message="Upgrade to v$version"
if [ "$message" == "$(git show -s --format=%s)" ]; then
git commit ../README.md ../README_fr.md ../manifest.json ../conf/app.src --amend -m "$message"
else
git commit ../README.md ../README_fr.md ../manifest.json ../conf/app.src -m "$message"
fi

55
scripts/upgrade
View file

@ -21,15 +21,6 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port) port=$(ynh_app_setting_get --app=$app --key=port)
if [[ $path_url = "/" ]]
then
nodes_url="/"
admin_url="/admin"
else
nodes_url="$path_url"
admin_url="$path_url/admin"
fi
#================================================= #=================================================
# CHECK VERSION # CHECK VERSION
#================================================= #=================================================
@ -39,7 +30,7 @@ upgrade_type=$(ynh_check_app_version_changed)
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backing up Node-RED before upgrading (may take a while)..." --weight=1 ynh_script_progression --message="Backing up Node-RED before upgrading (may take a while)..." --weight=5
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
@ -68,9 +59,30 @@ if ynh_legacy_permissions_exists; then
ynh_app_setting_delete --app=$app --key=is_public ynh_app_setting_delete --app=$app --key=is_public
fi fi
if ! ynh_permission_exists --permission="admin"; then # After 1.3.5~ynh2, permissions have been reworked
# Create the required permissions if ynh_permission_exists --permission="admin"; then
ynh_permission_create --permission="admin" --url="/admin" --label="admin" --show_tile=true # Delete the admin permission
ynh_permission_delete --permission="admin"
# We use main as admin permission
ynh_permission_url --permission="main" --url="/admin"
# Create ui permission, for the dashboard
ynh_permission_create --permission="ui" --url="/ui" --show_tile=true
# Create endpoints permission
ynh_permission_create --permission="endpoints" --url="/" --show_tile=false
# Transfer the publicness of the app to ui and endpoints
if ynh_permission_has_user --permission=main --user=visitors; then
ynh_permission_update --permission="ui" --add="visitors"
ynh_permission_update --permission="endpoints" --add="visitors"
fi
# Remove visitor access to the admin panel
ynh_permission_update --permission="main" --remove="visitors"
fi
# Flows were stored in file named after the hostname.
# Not very portable. Let's fix that.
if [ ! -f "$final_path/data/flows.json" ]; then
mv "$final_path/data/flows_$(hostname)_cred.json" "$final_path/data/flows_cred.json"
mv "$final_path/data/flows_$(hostname).json" "$final_path/data/flows.json"
fi fi
#================================================= #=================================================
@ -81,7 +93,7 @@ fi
# allowing direct access to Node-RED... let's close it. # allowing direct access to Node-RED... let's close it.
if yunohost firewall list | grep -q "\- $port$" if yunohost firewall list | grep -q "\- $port$"
then then
ynh_script_progression --message="Closing port $port..." ynh_script_progression --message="Closing port $port..." --weight=1
ynh_exec_warn_less yunohost firewall disallow TCP $port ynh_exec_warn_less yunohost firewall disallow TCP $port
fi fi
@ -109,7 +121,7 @@ fi
if [ "$upgrade_type" == "UPGRADE_APP" ] if [ "$upgrade_type" == "UPGRADE_APP" ]
then then
ynh_script_progression --message="Upgrading source files..." --weight=1 ynh_script_progression --message="Upgrading source files..." --weight=2
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path" ynh_setup_source --dest_dir="$final_path"
@ -126,15 +138,15 @@ ynh_system_user_create --username=$app --home_dir=$final_path
#================================================= #=================================================
# Install through npm # Install through npm
#================================================= #=================================================
ynh_script_progression --message="Installing Node-RED..." --weight=30 ynh_script_progression --message="Installing Node-RED..." --weight=5
ynh_use_nodejs ynh_use_nodejs
chown -R $app: "$final_path" chown -R $app: "$final_path"
pushd $final_path pushd $final_path
ynh_exec_warn_less exec_as $app $ynh_node_load_PATH $ynh_npm install --production ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH $ynh_npm install --production
ynh_exec_warn_less exec_as $app $ynh_node_load_PATH $ynh_npm install node-red-dashboard ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH $ynh_npm install node-red-dashboard
popd popd
#================================================= #=================================================
@ -152,6 +164,11 @@ ynh_add_nginx_config
# Set up the settings file # Set up the settings file
ynh_add_config --template="../conf/settings.js" --destination="$final_path/data/settings.js" ynh_add_config --template="../conf/settings.js" --destination="$final_path/data/settings.js"
# Small hack to have the "/" path answer with a 200 code to satisfy the CI
if [[ "${PACKAGE_CHECK_EXEC:-}" = "1" ]] ; then
ynh_add_config --template="../conf/flows.json" --destination="$final_path/data/flows.json"
fi
#================================================= #=================================================
# SETUP LOGROTATE # SETUP LOGROTATE
#================================================= #=================================================
@ -188,7 +205,7 @@ yunohost service add $app --description="Low-code programming for event-driven a
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action="start" ynh_systemd_action --service_name=$app --action="start"