diff --git a/conf/app.src b/conf/app.src index e2d098c..55139f2 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://releases.pagure.org/pagure/pagure-4.0.3.tar.gz -SOURCE_SUM=1f9ae7381893995e364c92ee17a4dfd428adf642ed7c1d61873e196fd6c76359 +SOURCE_URL=https://releases.pagure.org/pagure/pagure-5.0.1.tar.gz +SOURCE_SUM=f80add9dd706e5b59f0b1f9cf44fe2820b5b2573aea390602c17cbd3a742da58 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=false diff --git a/conf/pagure-worker.service b/conf/pagure-worker.service index f59f43e..3e704eb 100644 --- a/conf/pagure-worker.service +++ b/conf/pagure-worker.service @@ -11,4 +11,4 @@ Group=__APP__ Restart=on-failure [Install] -WantedBy=multi-user.target \ No newline at end of file +WantedBy=multi-user.target diff --git a/conf/pagure.cfg.sample b/conf/pagure.cfg.sample index 449ca5e..cd6cb82 100644 --- a/conf/pagure.cfg.sample +++ b/conf/pagure.cfg.sample @@ -12,6 +12,9 @@ ADMIN_SESSION_LIFETIME = timedelta(minutes=20) ENABLE_TICKETS = True ENABLE_DOCS = True +# Enables / Disables private projects +PRIVATE_PROJECTS = True + ### Secret key for the Flask application SECRET_KEY='__SECRET_KEY__' @@ -20,6 +23,9 @@ SECRET_KEY='__SECRET_KEY__' DB_URL = 'postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__' #DB_URL = 'sqlite:////var/tmp/pagure_dev.sqlite' +### Send FedMsg notifications of events in pagure +FEDMSG_NOTIFICATIONS = False + ### The FAS group in which the admin of pagure are ADMIN_GROUP = ['sysadmin-main'] @@ -43,6 +49,12 @@ FROM_EMAIL = 'pagure@__DOMAIN__' DOMAIN_EMAIL_NOTIFICATIONS = '__DOMAIN__' SALT_EMAIL = '__SALT_EMAIL__' +### Restrict outgoing emails to these domains: +## If set, adding emailaccounts that don't end with these domainnames +## will not be permitted. Mails to already existing emailaccounts +## that are not covered by this list will not get sent. +# ALLOWED_EMAIL_DOMAINS = [ 'localhost.localdomain', 'example.com' ] + ### The URL at which the project is available. APP_URL = 'https://__DOMAIN__/' ### The URL at which the documentation of projects will be available @@ -61,6 +73,12 @@ GIT_FOLDER = os.path.join( 'repos' ) +REPOSPANNER_PSEUDO_FOLDER = os.path.join( + os.path.abspath(os.path.dirname(__file__)), + '..', + 'pseudo' +) + ### Folder containing the clones for the remote pull-requests REMOTE_GIT_FOLDER = os.path.join( os.path.abspath(os.path.dirname(__file__)), @@ -160,9 +178,9 @@ REDIS_DB = __REDIS_DB__ # Authentication related configuration option ### Switch the authentication method -# Specify which authentication method to use, defaults to `fas` can be or -# `local` -# Default: ``fas``. +# Specify which authentication method to use. +# Available options: `fas`, `openid`, `oidc`, `local` +# Default: ``local``. PAGURE_AUTH = 'local' # When this is set to True, the session cookie will only be returned to the @@ -191,3 +209,27 @@ APPLICATION_ROOT = '/' # was running since before version 1.3 and if you care about backward # compatibility in your URLs. OLD_VIEW_COMMIT_ENABLED = False + +# repoSpanner integration settings +# https://repospanner.org/ +# Whether to create new repositories on repoSpanner by default. +# Either None or a region name. +REPOSPANNER_NEW_REPO = None +# Whether to allow admins to override region selection on creation. +REPOSPANNER_NEW_REPO_ADMIN_OVERRIDE = False +# Whether to create new forks on repoSpanner. +# Either None (no repoSpanner), True (same as origin project) or a region name. +REPOSPANNER_NEW_FORK = True +# Whether to allow an admin to manually migrate an individual project. +REPOSPANNER_ADMIN_MIGRATION = False +# The repoSpanner regions to be used in this Pagure instance. +# Example entry: +# 'default': {'url': 'https://nodea.regiona.repospanner.local:8444', +# 'repo_prefix': 'pagure/', +# 'hook': None, +# 'ca': '', +# 'admin_cert': {'cert': '', +# 'key': ''}, +# 'push_cert': {'cert': '', +# 'key': ''}} +REPOSPANNER_REGIONS = {} diff --git a/conf/uwsgi-app@.service b/conf/uwsgi-app@.service index 888994d..8b316e2 100644 --- a/conf/uwsgi-app@.service +++ b/conf/uwsgi-app@.service @@ -7,7 +7,8 @@ ExecStart=/usr/bin/uwsgi \ --ini /etc/uwsgi/apps-available/%i.ini \ --socket /var/run/uwsgi/%i.socket \ --chmod-socket=775 \ - --logto /var/log/uwsgi/app/%i + --logto /var/log/uwsgi/app/%i \ + --processes 4 User=%i Group=www-data Restart=on-failure diff --git a/manifest.json b/manifest.json index 49adc51..acf2ce4 100644 --- a/manifest.json +++ b/manifest.json @@ -3,12 +3,12 @@ "id": "pagure", "packaging_format": 1, "requirements": { - "yunohost": ">= 3.0.0~beta1.2" + "yunohost": ">= 3.2.0" }, "description": { "en": "Pagure is a git-centered forge, python based using pygit2." }, - "version": "4.0.3~ynh1", + "version": "5.0.1~ynh1", "url": "https://pagure.io/pagure", "license": "AGPL-3.0", "maintainer": { diff --git a/scripts/_common.sh b/scripts/_common.sh index ae2949f..67bbba1 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -123,164 +123,6 @@ ynh_remove_uwsgi_service () { fi } -#================================================= -# -# POSTGRES HELPERS -# -# Point of contact : Jean-Baptiste Holcroft -#================================================= - -# Create a master password and set up global settings -# Please always call this script in install and restore scripts -# -# usage: ynh_psql_test_if_first_run - -ynh_psql_test_if_first_run() { - if [ -f /etc/yunohost/psql ]; - then - echo "PostgreSQL is already installed, no need to create master password" - else - pgsql=$(ynh_string_random) - pg_hba="" - echo "$pgsql" >> /etc/yunohost/psql - - if [ -e /etc/postgresql/9.4/ ] - then - pg_hba=/etc/postgresql/9.4/main/pg_hba.conf - elif [ -e /etc/postgresql/9.6/ ] - then - pg_hba=/etc/postgresql/9.6/main/pg_hba.conf - else - ynh_die "postgresql shoud be 9.4 or 9.6" - fi - - systemctl start postgresql - sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres - - # force all user to connect to local database using passwords - # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF - # Note: we can't use peer since YunoHost create users with nologin - # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user - sed -i '/local\s*all\s*all\s*peer/i \ - local all all password' "$pg_hba" - systemctl enable postgresql - systemctl reload postgresql - fi -} - -# Open a connection as a user -# -# example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;" -# example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql -# -# usage: ynh_psql_connect_as user pwd [db] -# | arg: user - the user name to connect as -# | arg: pwd - the user password -# | arg: db - the database to connect to -ynh_psql_connect_as() { - user="$1" - pwd="$2" - db="$3" - sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db" -} - -# # Execute a command as root user -# -# usage: ynh_psql_execute_as_root sql [db] -# | arg: sql - the SQL command to execute -# | arg: db - the database to connect to -ynh_psql_execute_as_root () { - sql="$1" - sudo --login --user=postgres psql <<< "$sql" -} - -# Execute a command from a file as root user -# -# usage: ynh_psql_execute_file_as_root file [db] -# | arg: file - the file containing SQL commands -# | arg: db - the database to connect to -ynh_psql_execute_file_as_root() { - file="$1" - db="$2" - sudo --login --user=postgres psql "$db" < "$file" -} - -# Create a database, an user and its password. Then store the password in the app's config -# -# After executing this helper, the password of the created database will be available in $db_pwd -# It will also be stored as "psqlpwd" into the app settings. -# -# usage: ynh_psql_setup_db user name [pwd] -# | arg: user - Owner of the database -# | arg: name - Name of the database -# | arg: pwd - Password of the database. If not given, a password will be generated -ynh_psql_setup_db () { - db_user="$1" - db_name="$2" - new_db_pwd=$(ynh_string_random) # Generate a random password - # If $3 is not given, use new_db_pwd instead for db_pwd. - db_pwd="${3:-$new_db_pwd}" - ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database - ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config -} - -# Create a database and grant privilegies to a user -# -# usage: ynh_psql_create_db db [user [pwd]] -# | arg: db - the database name to create -# | arg: user - the user to grant privilegies -# | arg: pwd - the user password -ynh_psql_create_db() { - db="$1" - user="$2" - pwd="$3" - ynh_psql_create_user "$user" "$pwd" - sudo --login --user=postgres createdb --owner="$user" "$db" -} - -# Drop a database -# -# usage: ynh_psql_drop_db db -# | arg: db - the database name to drop -# | arg: user - the user to drop -ynh_psql_remove_db() { - db="$1" - user="$2" - sudo --login --user=postgres dropdb "$db" - ynh_psql_drop_user "$user" -} - -# Dump a database -# -# example: ynh_psql_dump_db 'roundcube' > ./dump.sql -# -# usage: ynh_psql_dump_db db -# | arg: db - the database name to dump -# | ret: the psqldump output -ynh_psql_dump_db() { - db="$1" - sudo --login --user=postgres pg_dump "$db" -} - - -# Create a user -# -# usage: ynh_psql_create_user user pwd [host] -# | arg: user - the user name to create -ynh_psql_create_user() { - user="$1" - pwd="$2" - sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd'" postgres -} - -# Drop a user -# -# usage: ynh_psql_drop_user user -# | arg: user - the user name to drop -ynh_psql_drop_user() { - user="$1" - sudo --login --user=postgres dropuser "$user" -} # LOCAL ADDITION: # save file locally if not in the cache diff --git a/scripts/install b/scripts/install index 0627461..b7f56af 100755 --- a/scripts/install +++ b/scripts/install @@ -5,7 +5,7 @@ #================================================= # IMPORT GENERIC HELPERS #================================================= -set -eu + source _common.sh source /usr/share/yunohost/helpers @@ -84,10 +84,11 @@ ynh_install_app_dependencies git virtualenv python-virtualenv libgit2-dev \ ynh_psql_test_if_first_run db_name=$(ynh_sanitize_dbid "$app") +db_pwd=$(ynh_string_random) ynh_app_setting_set "$app" db_name "$db_name" # Initialize database and store postgres password for upgrade -ynh_psql_setup_db "$db_name" "$app" +ynh_psql_setup_db "$db_name" "$app" "$db_pwd" systemctl reload postgresql @@ -151,7 +152,7 @@ ynh_add_uwsgi_service #================================================= ynh_setup_source_local "${final_path}" -ln -s "${final_path}/pagure-4.0.3" "${final_path}/pagure" +ln -s "${final_path}/pagure-5.0.1" "${final_path}/pagure" #================================================= # PIP INSTALLATION diff --git a/scripts/remove b/scripts/remove index d19575b..1a71360 100755 --- a/scripts/remove +++ b/scripts/remove @@ -5,7 +5,7 @@ #================================================= # IMPORT GENERIC HELPERS #================================================= -set -u + source _common.sh source /usr/share/yunohost/helpers