From 26fe5423f814450e5392ed5acde4fcb93ebd34f2 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Sat, 12 May 2018 13:44:46 +0200 Subject: [PATCH] Upgrade helpers --- check_process | 2 +- manifest.json | 4 +- scripts/_common.sh | 172 +++++++++++++++++++++++++++++++++++++++++---- scripts/install | 2 +- 4 files changed, 163 insertions(+), 17 deletions(-) diff --git a/check_process b/check_process index 37eeef5..b263d1a 100644 --- a/check_process +++ b/check_process @@ -11,7 +11,7 @@ is_public=1 (PUBLIC|public=1|private=0) password="pass" ; Checks - pkg_linter=0 + pkg_linter=1 setup_sub_dir=1 setup_root=0 setup_nourl=0 diff --git a/manifest.json b/manifest.json index 476231d..34f2d5c 100644 --- a/manifest.json +++ b/manifest.json @@ -3,7 +3,7 @@ "id": "pagure", "packaging_format": 1, "requirements": { - "yunohost": ">= 3.0.0" + "yunohost": ">= 3.0.0~beta1.2" }, "description": { "en": "Pagure is a git-centered forge, python based using pygit2." @@ -15,7 +15,7 @@ "name": "Jean-Baptiste Holcroft", "email": "jean-baptiste@holcroft.fr" }, - "multi_instance": true, + "multi_instance": false, "services": [ "nginx" ], diff --git a/scripts/_common.sh b/scripts/_common.sh index 157262c..4311a51 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -31,9 +31,12 @@ ynh_check_global_uwsgi_config () { # this helper : # # __APP__ by $app +# __PATH__ by $path_url # __FINALPATH__ by $final_path # # usage: ynh_add_systemd_config +# +# to interact with your service: `systemctl uwsgi-app@app` ynh_add_uwsgi_service () { ynh_check_global_uwsgi_config @@ -49,6 +52,9 @@ ynh_add_uwsgi_service () { if test -n "${final_path:-}"; then ynh_replace_string "__FINALPATH__" "$final_path" "$finaluwsgiini" fi + if test -n "${path_url:-}"; then + ynh_replace_string "__PATH__" "$path_url" "$finaluwsgiini" + fi if test -n "${app:-}"; then ynh_replace_string "__APP__" "$app" "$finaluwsgiini" fi @@ -74,9 +80,24 @@ ynh_remove_uwsgi_service () { yunohost service remove "uwsgi-app@$app.socket" ynh_secure_remove "$finaluwsgiini" + ynh_secure_remove "/var/run/uwsgi/$app.socket" + ynh_secure_remove "/var/log/uwsgi/app/$app" fi } + +#================================================= +# +# POSTGRES HELPERS +# +# Point of contact : Jean-Baptiste Holcroft +#================================================= + +# Create a master password and set up global settings +# Please always call this script in install and restore scripts +# +# usage: ynh_psql_test_if_first_run + ynh_psql_test_if_first_run() { if [ -f /etc/yunohost/psql ]; then @@ -97,14 +118,19 @@ ynh_psql_test_if_first_run() { fi systemctl start postgresql - su --command="psql -c\"ALTER user postgres WITH PASSWORD '${pgsql}'\"" postgres - # we can't use peer since YunoHost create users with nologin + sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres + + # force all user to connect to local database using passwords + # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF + # Note: we can't use peer since YunoHost create users with nologin + # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user sed -i '/local\s*all\s*all\s*peer/i \ local all all password' "$pg_hba" systemctl enable postgresql systemctl reload postgresql fi } + # Open a connection as a user # # example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;" @@ -118,7 +144,7 @@ ynh_psql_connect_as() { user="$1" pwd="$2" db="$3" - su --command="PGUSER=\"${user}\" PGPASSWORD=\"${pwd}\" psql \"${db}\"" postgres + sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db" } # # Execute a command as root user @@ -128,7 +154,7 @@ ynh_psql_connect_as() { # | arg: db - the database to connect to ynh_psql_execute_as_root () { sql="$1" - su --command="psql" postgres <<< "$sql" + sudo --login --user=postgres psql <<< "$sql" } # Execute a command from a file as root user @@ -139,7 +165,7 @@ ynh_psql_execute_as_root () { ynh_psql_execute_file_as_root() { file="$1" db="$2" - su -c "psql $db" postgres < "$file" + sudo --login --user=postgres psql "$db" < "$file" } # Create a database, an user and its password. Then store the password in the app's config @@ -153,7 +179,6 @@ ynh_psql_execute_file_as_root() { # | arg: pwd - Password of the database. If not given, a password will be generated ynh_psql_setup_db () { db_user="$1" - app="$1" db_name="$2" new_db_pwd=$(ynh_string_random) # Generate a random password # If $3 is not given, use new_db_pwd instead for db_pwd. @@ -162,7 +187,7 @@ ynh_psql_setup_db () { ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config } -# Create a database and grant optionnaly privilegies to a user +# Create a database and grant privilegies to a user # # usage: ynh_psql_create_db db [user [pwd]] # | arg: db - the database name to create @@ -173,7 +198,7 @@ ynh_psql_create_db() { user="$2" pwd="$3" ynh_psql_create_user "$user" "$pwd" - su --command="createdb --owner=\"${user}\" \"${db}\"" postgres + sudo --login --user=postgres createdb --owner="$user" "$db" } # Drop a database @@ -184,8 +209,8 @@ ynh_psql_create_db() { ynh_psql_remove_db() { db="$1" user="$2" - su --command="dropdb \"${db}\"" postgres - ynh_psql_drop_user "${user}" + sudo --login --user=postgres dropdb "$db" + ynh_psql_drop_user "$user" } # Dump a database @@ -197,7 +222,7 @@ ynh_psql_remove_db() { # | ret: the psqldump output ynh_psql_dump_db() { db="$1" - su --command="pg_dump \"${db}\"" postgres + sudo --login --user=postgres pg_dump "$db" } @@ -208,7 +233,7 @@ ynh_psql_dump_db() { ynh_psql_create_user() { user="$1" pwd="$2" - su --command="psql -c\"CREATE USER ${user} WITH PASSWORD '${pwd}'\"" postgres + sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd'" postgres } # Drop a user @@ -217,5 +242,126 @@ ynh_psql_create_user() { # | arg: user - the user name to drop ynh_psql_drop_user() { user="$1" - su --command="dropuser \"${user}\"" postgres + sudo --login --user=postgres dropuser "$user" } + +# LOCAL ADDITION: +# save file locally if not in the cache +# +# Download, check integrity, uncompress and patch the source from app.src +# +# The file conf/app.src need to contains: +# +# SOURCE_URL=Address to download the app archive +# SOURCE_SUM=Control sum +# # (Optional) Program to check the integrity (sha256sum, md5sum...) +# # default: sha256 +# SOURCE_SUM_PRG=sha256 +# # (Optional) Archive format +# # default: tar.gz +# SOURCE_FORMAT=tar.gz +# # (Optional) Put false if sources are directly in the archive root +# # default: true +# SOURCE_IN_SUBDIR=false +# # (Optionnal) Name of the local archive (offline setup support) +# # default: ${src_id}.${src_format} +# SOURCE_FILENAME=example.tar.gz +# +# Details: +# This helper downloads sources from SOURCE_URL if there is no local source +# archive in /opt/yunohost-apps-src/APP_ID/SOURCE_FILENAME +# +# Next, it checks the integrity with "SOURCE_SUM_PRG -c --status" command. +# +# If it's ok, the source archive will be uncompressed in $dest_dir. If the +# SOURCE_IN_SUBDIR is true, the first level directory of the archive will be +# removed. +# +# Finally, patches named sources/patches/${src_id}-*.patch and extra files in +# sources/extra_files/$src_id will be applied to dest_dir +# +# +# usage: ynh_setup_source dest_dir [source_id] +# | arg: dest_dir - Directory where to setup sources +# | arg: source_id - Name of the app, if the package contains more than one app +ynh_setup_source_local () { + local dest_dir=$1 + local src_id=${2:-app} # If the argument is not given, source_id equals "app" + + # Load value from configuration file (see above for a small doc about this file + # format) + local src_url=$(grep 'SOURCE_URL=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) + local src_sum=$(grep 'SOURCE_SUM=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) + local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) + local src_format=$(grep 'SOURCE_FORMAT=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) + local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) + local src_filename=$(grep 'SOURCE_FILENAME=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) + + # Default value + src_sumprg=${src_sumprg:-sha256sum} + src_in_subdir=${src_in_subdir:-true} + src_format=${src_format:-tar.gz} + src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]') + if [ "$src_filename" = "" ] ; then + src_filename="${src_id}.${src_format}" + fi + local local_src="/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}/${src_filename}" + + # if cache file exists and the checksum isn't good, download it again + # if not, just download the file + + if test -e "$local_src" + then + echo "${src_sum} ${local_src}" | ${src_sumprg} -c --status \ + || wget -nv -O $local_src $src_url + else + mkdir -p "/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}" + wget -nv -O $local_src $src_url + fi + cp $local_src $src_filename + + # Check the control sum + echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \ + || ynh_die "Corrupt source" + + # Extract source into the app dir + mkdir -p "$dest_dir" + if [ "$src_format" = "zip" ] + then + # Zip format + # Using of a temp directory, because unzip doesn't manage --strip-components + if $src_in_subdir ; then + local tmp_dir=$(mktemp -d) + unzip -quo $src_filename -d "$tmp_dir" + cp -a $tmp_dir/*/. "$dest_dir" + ynh_secure_remove "$tmp_dir" + else + unzip -quo $src_filename -d "$dest_dir" + fi + else + local strip="" + if $src_in_subdir ; then + strip="--strip-components 1" + fi + if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then + tar -xf $src_filename -C "$dest_dir" $strip + else + ynh_die "Archive format unrecognized." + fi + fi + + # Apply patches + if (( $(find $YNH_CWD/../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then + local old_dir=$(pwd) + (cd "$dest_dir" \ + && for p in $YNH_CWD/../sources/patches/${src_id}-*.patch; do \ + patch -p1 < $p; done) \ + || ynh_die "Unable to apply patches" + cd $old_dir + fi + + # Add supplementary files + if test -e "$YNH_CWD/../sources/extra_files/${src_id}"; then + cp -a $YNH_CWD/../sources/extra_files/$src_id/. "$dest_dir" + fi +} \ No newline at end of file diff --git a/scripts/install b/scripts/install index 25af729..630eea9 100755 --- a/scripts/install +++ b/scripts/install @@ -139,7 +139,7 @@ ynh_add_uwsgi_service # Get Pagure source #================================================= -ynh_setup_source "${final_path}" +ynh_setup_source_local "${final_path}" ln -s "${final_path}/pagure-3.13.2" "${final_path}/pagure" #=================================================