From d8f2df9a6f6973833a8ab98427b1a82040cd63d1 Mon Sep 17 00:00:00 2001 From: Limezy Date: Fri, 29 Sep 2023 17:24:16 +0700 Subject: [PATCH] With migration upgrade script --- conf/.env | 7 ------- conf/policy.json | 20 -------------------- manifest.json | 26 +------------------------- scripts/backup | 16 ++-------------- scripts/change_url | 4 ---- scripts/install | 38 -------------------------------------- scripts/remove | 14 +++----------- scripts/restore | 36 +++++------------------------------- scripts/upgrade | 35 ++++++++++++++++++++++------------- 9 files changed, 33 insertions(+), 163 deletions(-) delete mode 100644 conf/policy.json diff --git a/conf/.env b/conf/.env index 0bd8f14..729d350 100644 --- a/conf/.env +++ b/conf/.env @@ -31,13 +31,6 @@ PORT=__PORT__ # FILE_STORAGE=local FILE_STORAGE_UPLOAD_MAX_SIZE=26214400 -AWS_ACCESS_KEY_ID=__MINIO_ADMIN__ -AWS_SECRET_ACCESS_KEY=__MINIO_PASSWORD__ -AWS_REGION=fr-ynh-1 -AWS_S3_UPLOAD_BUCKET_URL=https://__MINIO_DOMAIN__ -AWS_S3_UPLOAD_BUCKET_NAME=outlinestorage -AWS_S3_FORCE_PATH_STYLE=true -AWS_S3_ACL=private # –––––––––––––– AUTHENTICATION –––––––––––––– diff --git a/conf/policy.json b/conf/policy.json deleted file mode 100644 index 7ffe219..0000000 --- a/conf/policy.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "AllowPublicRead", - "Effect": "Allow", - "Principal": { - "AWS": [ - "*" - ] - }, - "Action": [ - "s3:GetObject" - ], - "Resource": [ - "arn:aws:s3:::outlinestorage/public/*" - ] - } - ] -} \ No newline at end of file diff --git a/manifest.json b/manifest.json index e36db14..927aa34 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Wiki and knowledge base for teams", "fr": "Wiki et base de connaissances pour les équipes" }, - "version": "0.72.0.3.1~ynh1", + "version": "0.72.0.3.2~ynh1", "url": "www.getoutline.com", "upstream": { "license": "BUSL-1.1", @@ -64,30 +64,6 @@ "en": "Path for authentication URL. Please don't use 'auth' as it will break NGINX configuration.", "fr": "Chemin de l'URL d'authentification. Veuillez ne pas utiliser 'auth' car cela casserait la configuration NGINX." } - }, - { - "name": "minio_domain", - "type": "domain", - "ask": { - "en": "Domain for MinIO app, used for images and attachments storage. If not yet installed, it will automatically be. MinIO has to be installed at the root.", - "fr": "Domaine pour l'application MinIO, utilisé pour le stockage des images et des pièces jointes. S'il n'est pas encore installé, il le sera automatiquement. MinIO doit être installé à la racine." - } - }, - { - "name": "minio_admin", - "type": "user", - "ask": { - "en": "Administrator for MinIO app, used for images and attachments storage. Please note that if MinIO is already installed, that setting won't be used.", - "fr": "Administrateur pour l'application MinIO, utilisée pour le stockage des images et des pièces jointes. Veuillez noter que si MinIO est déjà installé, ce paramètre ne sera pas utilisé." - } - }, - { - "name": "minio_password", - "type": "password", - "ask": { - "en": "Password for MinIO administrator", - "fr": "Mot de passe pour l'administrateur MinIO" - } } ] } diff --git a/scripts/backup b/scripts/backup index 370370f..3aa800e 100755 --- a/scripts/backup +++ b/scripts/backup @@ -36,10 +36,6 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) language_key=$(ynh_app_setting_get --app=$app --key=language_key) secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) utils_secret=$(ynh_app_setting_get --app=$app --key=utils_secret) -minio_domain=$(ynh_app_setting_get --app=$app --key=minio_domain) -minio_admin=$(ynh_app_setting_get --app=$app --key=minio_admin) -minio_password=$(ynh_app_setting_get --app=$app --key=minio_password) -mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) dex_app=$(ynh_app_setting_get --app=$app --key=dex_app) dex_domain=$(ynh_app_setting_get --app=$app --key=dex_domain) dex_path=$(ynh_app_setting_get --app=$app --key=dex_path) @@ -61,18 +57,10 @@ ynh_print_info --message="Declaring files to be backed up..." ### script is called. Hence ynh_backups calls takes basically 0 seconds to run. #================================================= -# BACKUP MINIO +# BACKUP LOCAL STORAGE #================================================= -ynh_secure_remove --file="$mc_path/outlinestorage" -pushd "$mc_path" - ynh_exec_warn_less sudo -u minio mkdir outlinestorage - ynh_exec_warn_less sudo -u minio ./mc mirror --a minio/outlinestorage ./outlinestorage/ -popd - -ynh_secure_remove --file="$final_path/outlinestorage" -mv "$mc_path/outlinestorage" "$final_path/outlinestorage" -chown -R outline:www-data "$final_path/outlinestorage" +ynh_backup --src_path="/var/lib/outline" #================================================= # BACKUP THE APP MAIN DIR diff --git a/scripts/change_url b/scripts/change_url index 3be27d0..9ba9960 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -35,10 +35,6 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) language_key=$(ynh_app_setting_get --app=$app --key=language_key) secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) utils_secret=$(ynh_app_setting_get --app=$app --key=utils_secret) -minio_domain=$(ynh_app_setting_get --app=$app --key=minio_domain) -minio_admin=$(ynh_app_setting_get --app=$app --key=minio_admin) -minio_password=$(ynh_app_setting_get --app=$app --key=minio_password) -mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) dex_app=$(ynh_app_setting_get --app=$app --key=dex_app) dex_domain=$(ynh_app_setting_get --app=$app --key=dex_domain) dex_path=$(ynh_app_setting_get --app=$app --key=dex_path) diff --git a/scripts/install b/scripts/install index a1c54d5..30fc472 100755 --- a/scripts/install +++ b/scripts/install @@ -43,27 +43,6 @@ utils_secret=$(ynh_hex_32_random) app=$YNH_APP_INSTANCE_NAME -#================================================= -# CHECK IF MINIO IS INSTALLED, IF NOT INSTALL IT -#================================================= -ynh_script_progression --message="Installing MinIO if needed..." --weight=18 - -if ! yunohost app list | grep -q "id: minio"; then - echo "MinIO is not installed. Installing... " - yunohost tools update - if yunohost app list | grep -q "$YNH_APP_ARG_MINIO_DOMAIN"; then - ynh_die "The domain provided for MinIO is already used by another app. Please chose another one !" - fi - # FIXME hackish workaround to circumvent the linter - public=public - yunohost app install https://github.com/YunoHost-Apps/minio_ynh --force --args "domain=$YNH_APP_ARG_MINIO_DOMAIN&is_$public=true&admin=$YNH_APP_ARG_MINIO_ADMIN&password=$YNH_APP_ARG_MINIO_PASSWORD" -fi - -minio_domain=$(ynh_app_setting_get --app="minio" --key=domain) -minio_admin=$(ynh_app_setting_get --app="minio" --key=admin) -minio_password=$(ynh_app_setting_get --app="minio" --key=password) -mc_path=$(ynh_app_setting_get --app="minio" --key=mc_path) - #================================================= # INSTALL DEX APP FOR OAUTH2 / OIDC #================================================= @@ -117,10 +96,6 @@ ynh_app_setting_set --app=$app --key=language --value=$language ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key ynh_app_setting_set --app=$app --key=utils_secret --value=$utils_secret ynh_app_setting_set --app=$app --key=language_key --value=$language_key -ynh_app_setting_set --app=$app --key=minio_domain --value=$minio_domain -ynh_app_setting_set --app=$app --key=minio_admin --value=$minio_admin -ynh_app_setting_set --app=$app --key=minio_password --value=$minio_password -ynh_app_setting_set --app=$app --key=mc_path --value=$mc_path ynh_app_setting_set --app=$app --key=dex_app --value=$dex_app ynh_app_setting_set --app=$app --key=dex_domain --value=$dex_domain ynh_app_setting_set --app=$app --key=dex_path --value=$dex_path @@ -189,19 +164,6 @@ chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" -#================================================= -# SETUP MINIO BUCKET -#================================================= -ynh_script_progression --message="Setting up MinIO bucket for Outline..." --weight=1 - -ynh_add_config --template="../conf/policy.json" --destination="$mc_path/policy.json" -chown minio:www-data "$mc_path/policy.json" - -pushd "$mc_path" - ynh_exec_warn_less sudo -u minio ./mc mb minio/outlinestorage --region "fr-ynh-1" - ynh_exec_warn_less sudo -u minio ./mc anonymous set-json ./policy.json minio/outlinestorage -popd - #================================================= # SETUP LOCAL STORAGE #================================================= diff --git a/scripts/remove b/scripts/remove index 2baf0b1..6705a36 100755 --- a/scripts/remove +++ b/scripts/remove @@ -24,10 +24,6 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) language_key=$(ynh_app_setting_get --app=$app --key=language_key) secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) utils_secret=$(ynh_app_setting_get --app=$app --key=utils_secret) -minio_domain=$(ynh_app_setting_get --app=$app --key=minio_domain) -minio_admin=$(ynh_app_setting_get --app=$app --key=minio_admin) -minio_password=$(ynh_app_setting_get --app=$app --key=minio_password) -mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) dex_app=$(ynh_app_setting_get --app=$app --key=dex_app) dex_domain=$(ynh_app_setting_get --app=$app --key=dex_domain) dex_path=$(ynh_app_setting_get --app=$app --key=dex_path) @@ -100,14 +96,10 @@ ynh_script_progression --message="Removing Dex app used for Outline auth..." --w yunohost app remove $dex_app #================================================= -# REMOVE MINIO BUCKET +# REMOVE LOCAL STORAGE #================================================= -ynh_script_progression --message="Removing Outline MinIO bucket..." --weight=1 - -pushd "$mc_path" - ynh_exec_warn_less sudo -u minio ./mc rb minio/outlinestorage --force -popd -ynh_secure_remove --file="$mc_path/outlinestorage" +ynh_script_progression --message="Removing Outline local storage..." --weight=1 +ynh_secure_remove --file="/var/lib/outline" #================================================= # REMOVE NGINX CONFIGURATION diff --git a/scripts/restore b/scripts/restore index 815c140..eae6a2f 100755 --- a/scripts/restore +++ b/scripts/restore @@ -36,10 +36,6 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) language_key=$(ynh_app_setting_get --app=$app --key=language_key) secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) utils_secret=$(ynh_app_setting_get --app=$app --key=utils_secret) -minio_domain=$(ynh_app_setting_get --app=$app --key=minio_domain) -minio_admin=$(ynh_app_setting_get --app=$app --key=minio_admin) -minio_password=$(ynh_app_setting_get --app=$app --key=minio_password) -mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) dex_app=$(ynh_app_setting_get --app=$app --key=dex_app) dex_domain=$(ynh_app_setting_get --app=$app --key=dex_domain) dex_path=$(ynh_app_setting_get --app=$app --key=dex_path) @@ -72,22 +68,6 @@ if ! yunohost app list | grep -q "id: $dex_app"; then yunohost app install https://github.com/YunoHost-Apps/dex_ynh --force --args "domain=$dex_domain&path=$dex_path&OIDC_name=$oidc_name&OIDC_secret=$oidc_secret&OIDC_callback=$oidc_callback" fi -#================================================= -# CHECK IF MINIO IS INSTALLED, IF NOT INSTALL IT -#================================================= -ynh_script_progression --message="Installing MinIO if needed..." --weight=18 - -if ! yunohost app list | grep -q "id: minio"; then - echo "MinIO is not installed. Installing... " - yunohost tools update - if yunohost app list | grep -q "$minio_domain"; then - ynh_die "The domain provided for MinIO is already used by another app. Please chose another one !" - fi - # FIXME hackish workaround to circumvent the linter - public=public - yunohost app install https://github.com/YunoHost-Apps/minio_ynh --force --args "domain=$minio_domain&is_$public=true&admin=$minio_admin&password=$minio_password" -fi - #================================================= # STANDARD RESTORATION STEPS #================================================= @@ -117,21 +97,15 @@ chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" #================================================= -# RESTORE MINIO +# RESTORE LOCAL STORAGE #================================================= -mv "$final_path/outlinestorage" "$mc_path/outlinestorage" -chown -R minio:www-data "$mc_path/outlinestorage" +ynh_script_progression --message="Restoring the app local storage..." --weight=1 -ynh_add_config --template="../conf/policy.json" --destination="$mc_path/policy.json" -chown minio:www-data "$mc_path/policy.json" +ynh_restore_file --origin_path="/var/lib/outline" -pushd "$mc_path" - ynh_exec_warn_less sudo -u minio ./mc mb minio/outlinestorage --region "fr-ynh-1" - ynh_exec_warn_less sudo -u minio ./mc anonymous set-json ./policy.json minio/outlinestorage -popd - -ynh_secure_remove --file="$mc_path/outlinestorage" +chmod 400 "/var/lib/outline" +chown -R $app:www-data "/var/lib/outline" #================================================= # SPECIFIC RESTORATION diff --git a/scripts/upgrade b/scripts/upgrade index ab266fa..196a707 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -24,10 +24,6 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) language_key=$(ynh_app_setting_get --app=$app --key=language_key) secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) utils_secret=$(ynh_app_setting_get --app=$app --key=utils_secret) -minio_domain=$(ynh_app_setting_get --app=$app --key=minio_domain) -minio_admin=$(ynh_app_setting_get --app=$app --key=minio_admin) -minio_password=$(ynh_app_setting_get --app=$app --key=minio_password) -mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) dex_app=$(ynh_app_setting_get --app=$app --key=dex_app) dex_domain=$(ynh_app_setting_get --app=$app --key=dex_domain) dex_path=$(ynh_app_setting_get --app=$app --key=dex_path) @@ -95,17 +91,30 @@ chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" -#================================================= -# UPDATE MINIO BUCKET -#================================================= -ynh_script_progression --message="Updating outlinestorage MinIO bucket access policy..." --weight=1 +#======================================================= +# MIGRATE MINIO BUCKET IF UPGRADING FROM AN OLD VERSION +#======================================================= -ynh_add_config --template="../conf/policy.json" --destination="$mc_path/policy.json" -chown minio:www-data "$mc_path/policy.json" +if ynh_compare_current_package_version --comparison le --version 0.69.2.2~ynh1 +then + ynh_script_progression --message="Migrating MinIO data to local directory" + + minio_domain=$(ynh_app_setting_get --app=$app --key=minio_domain) + minio_admin=$(ynh_app_setting_get --app=$app --key=minio_admin) + minio_password=$(ynh_app_setting_get --app=$app --key=minio_password) + mc_path=$(ynh_app_setting_get --app=$app --key=mc_path) -pushd "$mc_path" - ynh_exec_warn_less sudo -u minio ./mc anonymous set-json ./policy.json minio/outlinestorage -popd + mkdir "/var/lib/$app" + chown -R minio:www-data "/var/lib/$app" + ynh_exec_warn_less sudo -u minio $mc_path/mc mirror --preserve "minio/outlinestorage" "/var/lib/$app" + + chown -R $app:www-data "/var/lib/$app" + ynh_script_progression --message="Data migration finished" + ynh_script_progression --message="Data bucket was kept for safety, just in case !" + ynh_script_progression --message="Don't forget to remove MinIO app if you don't use it !" +else + ynh_script_progression --message="No migration to be done" +fi #================================================= # NGINX CONFIGURATION