diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100644 index 0000000..2729a6b --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,55 @@ +--- +name: Bug report +about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently. + +--- + +**How to post a meaningful bug report** +1. *Read this whole template first.* +2. *Determine if you are on the right place:* + - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* + - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.* + - *When in doubt, post here and we will figure it out together.* +3. *Delete the italic comments as you write over them below, and remove this guide.* +--- + +### Describe the bug + +*A clear and concise description of what the bug is.* + +### Context + +- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...* +- YunoHost version: x.x.x +- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...* +- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes* + - If yes, please explain: +- Using, or trying to install package version/branch: +- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`* + +### Steps to reproduce + +- *If you performed a command from the CLI, the command itself is enough. For example:* + ```sh + sudo yunohost app install the_app + ``` +- *If you used the webadmin, please perform the equivalent command from the CLI first.* +- *If the error occurs in your browser, explain what you did:* + 1. *Go to '...'* + 2. *Click on '...'* + 3. *Scroll down to '...'* + 4. *See error* + +### Expected behavior + +*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.* + +### Logs + +*When an operation fails, YunoHost provides a simple way to share the logs.* +- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.* +- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.* + +*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)* + +*If applicable and useful, add screenshots to help explain your problem.* diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..ef70e18 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,16 @@ +## Problem + +- *Description of why you made this PR* + +## Solution + +- *And how do you fix that problem* + +## PR Status + +- [ ] Code finished and ready to be reviewed/tested +- [ ] The fix/enhancement were manually tested (if applicable) + +## Automatic tests + +Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization) diff --git a/README.md b/README.md index 262aa75..ef86a7d 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,48 @@ -# pagure_ynh -Pagure, a git centered forge for YunoHost + -Due to the usage of RemoteCollection, Pagure can't be use on Debian 8, please use Debian 9 branch of YunoHost: https://github.com/YunoHost/yunohost/tree/stretch +# Pagure for YunoHost -This package was only tested with package_check + VM, _do not try to install it on a production system_ without knowing what you do. +[![Integration level](https://dash.yunohost.org/integration/pagure.svg)](https://dash.yunohost.org/appci/app/pagure) ![](https://ci-apps.yunohost.org/ci/badges/pagure.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/pagure.maintain.svg) +[![Install Pagure with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pagure) + +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allows you to install Pagure quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* + +## Overview + +A git-centered forge, python based using pygit2. + +**Shipped version:** 5.13.3~ynh1 + +**Demo:** https://pagure.io + +## Disclaimers / important information + +* The admin you choose during the instllation has been added to the PAGURE_ADMIN_USERS +* After installation, you must create an account with the same username + +## Documentation and resources + +* Official app website: https://pagure.io/pagure +* Official admin documentation: https://docs.pagure.org/pagure/ +* Upstream app code repository: https://pagure.io/pagure +* YunoHost documentation for this app: https://yunohost.org/app_pagure +* Report a bug: https://github.com/YunoHost-Apps/pagure_ynh/issues + +## Developer info + +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/pagure_ynh/tree/testing). + +To try the testing branch, please proceed like that. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/pagure_ynh/tree/testing --debug +or +sudo yunohost app upgrade pagure -u https://github.com/YunoHost-Apps/pagure_ynh/tree/testing --debug +``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..7f6a908 --- /dev/null +++ b/README_fr.md @@ -0,0 +1,44 @@ +# Pagure pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/pagure.svg)](https://dash.yunohost.org/appci/app/pagure) ![](https://ci-apps.yunohost.org/ci/badges/pagure.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/pagure.maintain.svg) +[![Installer Pagure avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pagure) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer Pagure rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + + + +**Version incluse :** 5.13.3~ynh1 + +**Démo :** https://pagure.io + +## Avertissements / informations importantes + +* The admin you choose during the instllation has been added to the PAGURE_ADMIN_USERS +* After installation, you must create an account with the same username + +## Documentations et ressources + +* Site officiel de l'app : https://pagure.io/pagure +* Documentation officielle de l'admin : https://docs.pagure.org/pagure/ +* Dépôt de code officiel de l'app : https://pagure.io/pagure +* Documentation YunoHost pour cette app : https://yunohost.org/app_pagure +* Signaler un bug : https://github.com/YunoHost-Apps/pagure_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/pagure_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/pagure_ynh/tree/testing --debug +ou +sudo yunohost app upgrade pagure -u https://github.com/YunoHost-Apps/pagure_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/check_process b/check_process index b263d1a..72709b4 100644 --- a/check_process +++ b/check_process @@ -1,41 +1,22 @@ -# See here for more informations -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - admin="john" (USER) - is_public=1 (PUBLIC|public=1|private=0) - password="pass" + domain="domain.tld" + path="/path" + admin="john" + is_public=1 ; Checks pkg_linter=1 setup_sub_dir=1 - setup_root=0 + setup_root=1 setup_nourl=0 - setup_private=0 - setup_public=0 - upgrade=0 - backup_restore=0 - multi_instance=0 - incorrect_path=0 + setup_private=1 + setup_public=1 + upgrade=1 + #upgrade=1 from_commit=CommitHash + backup_restore=1 + multi_instance=1 port_already_use=0 - change_url=0 -;;; Levels - Level 1=auto - Level 2=auto - Level 3=auto -# Level 4: - Level 4=0 -# Level 5: - Level 5=auto - Level 6=auto - Level 7=auto - Level 8=0 - Level 9=0 - Level 10=0 + change_url=1 ;;; Options Email=jean-baptiste@holcroft.fr Notification=all diff --git a/conf/alembic.ini b/conf/alembic.ini new file mode 100644 index 0000000..518d2b8 --- /dev/null +++ b/conf/alembic.ini @@ -0,0 +1,60 @@ +# A generic, single database configuration. + +[alembic] +# path to migration scripts +script_location = __FINALPATH__/alembic + +# template used to generate migration files +# file_template = %%(rev)s_%%(slug)s + +# max length of characters to apply to the +# "slug" field +#truncate_slug_length = 40 + +# set to 'true' to run the environment during +# the 'revision' command, regardless of autogenerate +# revision_environment = false + +# set to 'true' to allow .pyc and .pyo files without +# a source .py file to be detected as revisions in the +# versions/ directory +# sourceless = false + +#sqlalchemy.url = driver://user:pass@localhost/dbname +sqlalchemy.url = postgresql://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__ + + +# Logging configuration +[loggers] +keys = root,sqlalchemy,alembic + +[handlers] +keys = console + +[formatters] +keys = generic + +[logger_root] +level = WARN +handlers = console +qualname = + +[logger_sqlalchemy] +level = WARN +handlers = +qualname = sqlalchemy.engine + +[logger_alembic] +level = INFO +handlers = +qualname = alembic + +[handler_console] +class = StreamHandler +args = (sys.stderr,) +level = NOTSET +formatter = generic + +[formatter_generic] +format = %(levelname)-5.5s [%(name)s] %(message)s +datefmt = %H:%M:%S diff --git a/conf/app.src b/conf/app.src index 55139f2..2ea1bd0 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,7 @@ -SOURCE_URL=https://releases.pagure.org/pagure/pagure-5.0.1.tar.gz -SOURCE_SUM=f80add9dd706e5b59f0b1f9cf44fe2820b5b2573aea390602c17cbd3a742da58 +SOURCE_URL=https://releases.pagure.org/pagure/pagure-5.13.3.tar.gz +SOURCE_SUM=f684d8193d4c4cf637b465c80cbfece6eb2b1646df3ec4f993adf75ea78d5a1a SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=false +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index 19d190f..52fc331 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,4 +1,4 @@ -location __PATH__ { +location __PATH__/ { #Source: https://docs.weblate.org/en/latest/admin/install.html#sample-configuration-for-nginx-and-uwsgi # Path to source alias __FINALPATH__/ ; @@ -6,7 +6,7 @@ location __PATH__ { include uwsgi_params; # Needed for long running operations in admin interface uwsgi_read_timeout 3600; - uwsgi_pass unix:///var/run/uwsgi/__NAME__.socket; + uwsgi_pass unix://__FINALPATH__/__NAME__.socket; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; diff --git a/conf/pagure.cfg.sample b/conf/pagure.cfg.sample index cd6cb82..e7e4597 100644 --- a/conf/pagure.cfg.sample +++ b/conf/pagure.cfg.sample @@ -20,7 +20,7 @@ SECRET_KEY='__SECRET_KEY__' ### url to the database server: #DB_URL=mysql://user:pass@host/db_name -DB_URL = 'postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__' +DB_URL = 'postgresql://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__' #DB_URL = 'sqlite:////var/tmp/pagure_dev.sqlite' ### Send FedMsg notifications of events in pagure @@ -32,13 +32,16 @@ ADMIN_GROUP = ['sysadmin-main'] ### Hard-coded list of global admins PAGURE_ADMIN_USERS = ['__ADMIN__'] +### Enables sending email using SMTP credentials. +EMAIL_SEND = True + ### The email address to which the flask.log will send the errors (tracebacks) EMAIL_ERROR = 'root@__DOMAIN__' ### SMTP settings SMTP_SERVER = 'localhost' -SMTP_PORT = 587 -SMTP_SSL = True +SMTP_PORT = 25 +SMTP_SSL = False #Specify both for enabling SMTP with auth SMTP_USERNAME = None @@ -55,16 +58,21 @@ SALT_EMAIL = '__SALT_EMAIL__' ## that are not covered by this list will not get sent. # ALLOWED_EMAIL_DOMAINS = [ 'localhost.localdomain', 'example.com' ] +### Disallow remote pull requests +## If set, remote pull requests will be disabled and not available +## anymore as a selection in the PR dropdown menus +DISABLE_REMOTE_PR = False + ### The URL at which the project is available. -APP_URL = 'https://__DOMAIN__/' +APP_URL = 'https://__DOMAIN____PATH__' ### The URL at which the documentation of projects will be available ## This should be in a different domain to avoid XSS issues since we want ## to allow raw html to be displayed (different domain, ie not a sub-domain). DOC_APP_URL = 'https://docs.__DOMAIN__' ### The URL to use to clone git repositories. -GIT_URL_SSH = 'ssh://git@__DOMAIN__/' -GIT_URL_GIT = 'git://__DOMAIN__/' +GIT_URL_SSH = 'ssh://git@__DOMAIN____PATH__' +GIT_URL_GIT = 'git://__DOMAIN____PATH__' ### Folder containing to the git repos GIT_FOLDER = os.path.join( @@ -233,3 +241,7 @@ REPOSPANNER_ADMIN_MIGRATION = False # 'push_cert': {'cert': '', # 'key': ''}} REPOSPANNER_REGIONS = {} + +# Path to the plugins configuration file that is used to load plugins. Please +# look at files/plugins.cfg.sample for a configuration example. +# PAGURE_PLUGINS_CONFIG = "/etc/pagure/plugins.cfg" diff --git a/conf/pagure.wsgi b/conf/pagure.wsgi index 13ae6c5..023ad9b 100644 --- a/conf/pagure.wsgi +++ b/conf/pagure.wsgi @@ -19,12 +19,12 @@ os.environ['TEMP'] = '/var/tmp/' # The following is only needed if you did not install pagure # as a python module (for example if you run it from a git clone). -import sys -sys.path.insert(0, '__FINALPATH__/pagure/') +#import sys +#sys.path.insert(0, '__FINALPATH__/') # The most important line to make the wsgi working from pagure.flask_app import create_app application = create_app() -application.debug = True +#application.debug = True diff --git a/conf/pagure_authorized_keys_worker.service b/conf/pagure_authorized_keys_worker.service new file mode 100644 index 0000000..55ee4c7 --- /dev/null +++ b/conf/pagure_authorized_keys_worker.service @@ -0,0 +1,16 @@ +[Unit] +Description=__APP__ service sending web-hook notifications +After=redis.target +Documentation=https://pagure.io/pagure + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/celery -A pagure.lib.tasks worker --loglevel=info -c 1 -Q authorized_keys_queue +Environment="PAGURE_CONFIG=__FINALPATH__/pagure.cfg" +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/conf/pagure_ci.service b/conf/pagure_ci.service new file mode 100644 index 0000000..efdacca --- /dev/null +++ b/conf/pagure_ci.service @@ -0,0 +1,16 @@ +[Unit] +Description=__APP__ service integrating CI services with pagure +After=redis.target +Documentation=https://pagure.io/pagure + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/celery -A pagure.lib.tasks_services worker --loglevel=info -Q pagure_ci +Environment="PAGURE_CONFIG=__FINALPATH__/pagure.cfg" +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/conf/pagure_ev_server.service b/conf/pagure_ev_server.service new file mode 100644 index 0000000..f031e7d --- /dev/null +++ b/conf/pagure_ev_server.service @@ -0,0 +1,15 @@ +[Unit] +Description=__APP__ EventSource server (Allowing live refresh of the pages supporting it) +After=redis.target +Documentation=https://pagure.io/pagure + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/python3 __FINALPATH__/pagure-ev/pagure_stream_server.py +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/conf/pagure_gitolite_worker.service b/conf/pagure_gitolite_worker.service new file mode 100644 index 0000000..84f5b6d --- /dev/null +++ b/conf/pagure_gitolite_worker.service @@ -0,0 +1,16 @@ +[Unit] +Description=__APP__ service sending web-hook notifications +After=redis.target +Documentation=https://pagure.io/pagure + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/celery -A pagure.lib.tasks worker --loglevel=info -c 1 -Q gitolite_queue +Environment="PAGURE_CONFIG=__FINALPATH__/pagure.cfg" +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/conf/pagure_loadjson.service b/conf/pagure_loadjson.service new file mode 100644 index 0000000..b7209a7 --- /dev/null +++ b/conf/pagure_loadjson.service @@ -0,0 +1,16 @@ +[Unit] +Description=__APP__ service loading JSON files into the DB +After=redis.target +Documentation=https://pagure.io/pagure + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/celery -A pagure.lib.tasks_services worker --loglevel=info -Q pagure_loadjson +Environment="PAGURE_CONFIG=__FINALPATH__/pagure.cfg" +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/conf/pagure_logcom.service b/conf/pagure_logcom.service new file mode 100644 index 0000000..2f3b102 --- /dev/null +++ b/conf/pagure_logcom.service @@ -0,0 +1,16 @@ +[Unit] +Description=__APP__ service logging commits into the database +After=redis.target +Documentation=https://pagure.io/pagure + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/celery -A pagure.lib.tasks_services worker --loglevel=info -Q pagure_logcom +Environment="PAGURE_CONFIG=__FINALPATH__/pagure.cfg" +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/conf/pagure_milters.service b/conf/pagure_milters.service new file mode 100644 index 0000000..d751e2f --- /dev/null +++ b/conf/pagure_milters.service @@ -0,0 +1,15 @@ +[Unit] +Description= SMTP filter (Milter) Daemon (talk to postfix over a socket) +After=postfix.target +Documentation=https://pagure.io/pagure + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/python3 __FINALPATH__/pagure-milters/comment_email_milter.py +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/conf/pagure_mirror.service b/conf/pagure_mirror.service new file mode 100644 index 0000000..332e738 --- /dev/null +++ b/conf/pagure_mirror.service @@ -0,0 +1,16 @@ +[Unit] +Description=__APP__ service mirroring projects outside of pagure that asked for it +After=redis.target +Documentation=https://pagure.io/pagure + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/celery -A pagure.lib.tasks_mirror worker --loglevel=info -Q pagure_mirror +Environment="PAGURE_CONFIG=__FINALPATH__/pagure.cfg" +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/conf/pagure_webhook.service b/conf/pagure_webhook.service new file mode 100644 index 0000000..3a678d3 --- /dev/null +++ b/conf/pagure_webhook.service @@ -0,0 +1,16 @@ +[Unit] +Description=__APP__ service sending web-hook notifications +After=redis.target +Documentation=https://pagure.io/pagure + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/celery -A pagure.lib.tasks_services worker --loglevel=info -Q pagure_webhook +Environment="PAGURE_CONFIG=__FINALPATH__/pagure.cfg" +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/conf/pagure-worker.service b/conf/pagure_worker.service similarity index 61% rename from conf/pagure-worker.service rename to conf/pagure_worker.service index 3e704eb..89159e3 100644 --- a/conf/pagure-worker.service +++ b/conf/pagure_worker.service @@ -1,13 +1,15 @@ [Unit] Description=__APP__ worker for backend git interaction After=redis.target +Documentation=https://pagure.io/pagure [Service] -ExecStart=/usr/bin/celery worker -A pagure.lib.tasks --loglevel=info -Environment="PAGURE_CONFIG=__FINALPATH__/pagure.cfg" Type=simple User=__APP__ Group=__APP__ +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/venv/bin/celery -A pagure.lib.tasks worker --loglevel=info +Environment="PAGURE_CONFIG=__FINALPATH__/pagure.cfg" Restart=on-failure [Install] diff --git a/conf/uwsgi-app@.service b/conf/uwsgi-app@.service deleted file mode 100644 index 8b316e2..0000000 --- a/conf/uwsgi-app@.service +++ /dev/null @@ -1,21 +0,0 @@ -[Unit] -Description=%i uWSGI app -After=syslog.target - -[Service] -ExecStart=/usr/bin/uwsgi \ - --ini /etc/uwsgi/apps-available/%i.ini \ - --socket /var/run/uwsgi/%i.socket \ - --chmod-socket=775 \ - --logto /var/log/uwsgi/app/%i \ - --processes 4 -User=%i -Group=www-data -Restart=on-failure -KillSignal=SIGQUIT -Type=notify -StandardError=syslog -NotifyAccess=all - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/conf/uwsgi.ini b/conf/uwsgi.ini index 7a0dc5d..776269c 100644 --- a/conf/uwsgi.ini +++ b/conf/uwsgi.ini @@ -1,19 +1,18 @@ [uwsgi] -plugins = python +uid = __APP__ +gid = __APP__ +plugins = python3 master = true protocol = uwsgi -socket = /var/run/uwsgi/__APP__.socket +socket = __FINALPATH__/__APP__.socket +chmod-socket = 660 virtualenv = __FINALPATH__/venv - -# http://uwsgi-docs.readthedocs.io/en/latest/Nginx.html#hosting-multiple-apps-in-the-same-process-aka-managing-script-name-and-path-info mount = __PATH__=__FINALPATH__/pagure.wsgi manage-script-name = true - -# Increase number of workers for heavily loaded sites -# Needed for background processing +# Python related settings +# the base directory (full path) +chdir = __FINALPATH__/ enable-threads = true -# Child processes do not need file descriptors close-on-exec = true -## processes = [number of processes] -processes = 5 +processes = 5 diff --git a/doc/.gitkeep b/doc/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..e69de29 diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..f3fce51 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,2 @@ +* The admin you choose during the instllation has been added to the PAGURE_ADMIN_USERS +* After installation, you must create an account with the same username diff --git a/doc/screenshots/.gitkeep b/doc/screenshots/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/manifest.json b/manifest.json index acf2ce4..d61a708 100644 --- a/manifest.json +++ b/manifest.json @@ -1,59 +1,52 @@ { - "name": "Pagure", - "id": "pagure", - "packaging_format": 1, - "requirements": { - "yunohost": ">= 3.2.0" - }, - "description": { - "en": "Pagure is a git-centered forge, python based using pygit2." - }, - "version": "5.0.1~ynh1", - "url": "https://pagure.io/pagure", - "license": "AGPL-3.0", - "maintainer": { - "name": "Jean-Baptiste Holcroft", - "email": "jean-baptiste@holcroft.fr" - }, - "multi_instance": false, - "services": [ - "nginx" - ], - "arguments": { - "install" : [ - { - "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain for Pagure:" - }, - "example": "domain.org" - }, - { - "name": "path", - "type": "path", - "ask": { - "en": "Choose a path for Pagure:" - }, - "example": "/pagure", - "default": "/pagure" - }, - { - "name": "is_public", - "type": "boolean", - "ask": { - "en": "Should Pagure be publicly accessible?" - }, - "default": "0" - }, - { - "name": "admin", - "type": "user", - "ask": { - "en": "Choose an admin user for Pagure" - }, - "example": "simon" - } - ] - } + "name": "Pagure", + "id": "pagure", + "packaging_format": 1, + "description": { + "en": "A git-centered forge, python based using pygit2." + }, + "version": "5.13.3~ynh1", + "url": "https://pagure.io/pagure", + "upstream": { + "license": "AGPL-3.0", + "website": "https://pagure.io/pagure", + "demo": "https://pagure.io", + "admindoc": "https://docs.pagure.org/pagure/", + "code": "https://pagure.io/pagure" + }, + "license": "AGPL-3.0", + "maintainer": { + "name": "Jean-Baptiste Holcroft", + "email": "jean-baptiste@holcroft.fr" + }, + "requirements": { + "yunohost": ">= 4.3.0" + }, + "multi_instance": true, + "services": [ + "nginx" + ], + "arguments": { + "install": [ + { + "name": "domain", + "type": "domain" + }, + { + "name": "path", + "type": "path", + "example": "/pagure", + "default": "/pagure" + }, + { + "name": "admin", + "type": "user" + }, + { + "name": "is_public", + "type": "boolean", + "default": true + } + ] + } } diff --git a/scripts/_common.sh b/scripts/_common.sh index 67bbba1..c5c1ed8 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,246 +1,21 @@ #!/bin/bash #================================================= -# -# Redis HELPERS -# -# Point of contact : Jean-Baptiste Holcroft +# COMMON VARIABLES #================================================= -# get the first available redis database -# -# usage: ynh_redis_get_free_db -# | returns: the database number to use -ynh_redis_get_free_db() { - local result max db - result=$(redis-cli INFO keyspace) +# dependencies used by the app +#pkg_dependencies="git python-dev libgit2-dev redis-server libjpeg-dev gcc libffi-dev virtualenv python-virtualenv python-cffi python-gdbm python-psycopg2 postgresql uwsgi uwsgi-plugin-python" +pkg_dependencies="git python3 python3-dev libgit2-dev redis-server libjpeg-dev gcc libffi-dev python3-venv python3-cffi python3-gdbm python3-psycopg2 libpq-dev postgresql" - # get the num - max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") +#================================================= +# PERSONAL HELPERS +#================================================= - db=0 - # default Debian setting is 15 databases - for i in $(seq 0 "$max") - do - if ! echo "$result" | grep -q "db$i" - then - db=$i - break 1 - db=-1 - fi - done +#================================================= +# EXPERIMENTAL HELPERS +#================================================= - test "$db" -eq -1 && ynh_die "No available Redis databases..." - - echo "$db" -} - -# Create a master password and set up global settings -# Please always call this script in install and restore scripts -# -# usage: ynh_redis_remove_db database -# | arg: database - the database to erase -ynh_redis_remove_db() { - local db=$1 - redis-cli -n "$db" flushall -} - -ynh_check_global_uwsgi_config () { - uwsgi --version || ynh_die "You need to add uwsgi (and appropriate plugin) as a dependency" - - cp ../conf/uwsgi-app@.service /etc/systemd/system/uwsgi-app@.service - - # make sure the folder for sockets exists and set authorizations - mkdir -p /var/run/uwsgi/ - chown root:www-data /var/run/uwsgi/ - chmod -R 775 /var/run/uwsgi/ - - # make sure the folder for logs exists and set authorizations - mkdir -p /var/log/uwsgi/app/ - chown root:www-data /var/log/uwsgi/app/ - chmod -R 775 /var/log/uwsgi/app/ -} - -# Create a dedicated uwsgi ini file to use with generic uwsgi service -# It will install generic uwsgi.socket and -# -# This will use a template in ../conf/uwsgi.ini -# and will replace the following keywords with -# global variables that should be defined before calling -# this helper : -# -# __APP__ by $app -# __PATH__ by $path_url -# __FINALPATH__ by $final_path -# -# usage: ynh_add_systemd_config -# -# to interact with your service: `systemctl uwsgi-app@app` -ynh_add_uwsgi_service () { - ynh_check_global_uwsgi_config - - # www-data group is needed since it is this nginx who will start the service - usermod --append --groups www-data "$app" || ynh_die "It wasn't possible to add user $app to group www-data" - - finaluwsgiini="/etc/uwsgi/apps-available/$app.ini" - ynh_backup_if_checksum_is_different "$finaluwsgiini" - cp ../conf/uwsgi.ini "$finaluwsgiini" - - # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. - # Substitute in a nginx config file only if the variable is not empty - if test -n "${final_path:-}"; then - ynh_replace_string "__FINALPATH__" "$final_path" "$finaluwsgiini" - fi - if test -n "${path_url:-}"; then - ynh_replace_string "__PATH__" "$path_url" "$finaluwsgiini" - fi - if test -n "${app:-}"; then - ynh_replace_string "__APP__" "$app" "$finaluwsgiini" - fi - ynh_store_file_checksum "$finaluwsgiini" - - chown root: "$finaluwsgiini" - - systemctl daemon-reload - systemctl enable "uwsgi-app@$app.service" - - # Add as a service - yunohost service add "uwsgi-app@$app.service" --log "/var/log/uwsgi/app/$app" -} - -# Remove the dedicated uwsgi ini file -# -# usage: ynh_remove_systemd_config -ynh_remove_uwsgi_service () { - finaluwsgiini="/etc/uwsgi/apps-available/$app.ini" - if [ -e "$finaluwsgiini" ]; then - systemctl stop "uwsgi-app@$app.service" - systemctl disable "uwsgi-app@$app.service" - yunohost service remove "uwsgi-app@$app.service" - - ynh_secure_remove "$finaluwsgiini" - ynh_secure_remove "/var/log/uwsgi/app/$app" - fi -} - - -# LOCAL ADDITION: -# save file locally if not in the cache -# -# Download, check integrity, uncompress and patch the source from app.src -# -# The file conf/app.src need to contains: -# -# SOURCE_URL=Address to download the app archive -# SOURCE_SUM=Control sum -# # (Optional) Program to check the integrity (sha256sum, md5sum...) -# # default: sha256 -# SOURCE_SUM_PRG=sha256 -# # (Optional) Archive format -# # default: tar.gz -# SOURCE_FORMAT=tar.gz -# # (Optional) Put false if sources are directly in the archive root -# # default: true -# SOURCE_IN_SUBDIR=false -# # (Optionnal) Name of the local archive (offline setup support) -# # default: ${src_id}.${src_format} -# SOURCE_FILENAME=example.tar.gz -# -# Details: -# This helper downloads sources from SOURCE_URL if there is no local source -# archive in /opt/yunohost-apps-src/APP_ID/SOURCE_FILENAME -# -# Next, it checks the integrity with "SOURCE_SUM_PRG -c --status" command. -# -# If it's ok, the source archive will be uncompressed in $dest_dir. If the -# SOURCE_IN_SUBDIR is true, the first level directory of the archive will be -# removed. -# -# Finally, patches named sources/patches/${src_id}-*.patch and extra files in -# sources/extra_files/$src_id will be applied to dest_dir -# -# -# usage: ynh_setup_source dest_dir [source_id] -# | arg: dest_dir - Directory where to setup sources -# | arg: source_id - Name of the app, if the package contains more than one app -ynh_setup_source_local () { - local dest_dir=$1 - local src_id=${2:-app} # If the argument is not given, source_id equals "app" - - # Load value from configuration file (see above for a small doc about this file - # format) - local src_url=$(grep 'SOURCE_URL=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_sum=$(grep 'SOURCE_SUM=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_format=$(grep 'SOURCE_FORMAT=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_filename=$(grep 'SOURCE_FILENAME=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - - # Default value - src_sumprg=${src_sumprg:-sha256sum} - src_in_subdir=${src_in_subdir:-true} - src_format=${src_format:-tar.gz} - src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]') - if [ "$src_filename" = "" ] ; then - src_filename="${src_id}.${src_format}" - fi - local local_src="/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}/${src_filename}" - - # if cache file exists and the checksum isn't good, download it again - # if not, just download the file - - if test -e "$local_src" - then - echo "${src_sum} ${local_src}" | ${src_sumprg} -c --status \ - || wget -nv -O $local_src $src_url - else - mkdir -p "/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}" - wget -nv -O $local_src $src_url - fi - cp $local_src $src_filename - - # Check the control sum - echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \ - || ynh_die "Corrupt source" - - # Extract source into the app dir - mkdir -p "$dest_dir" - if [ "$src_format" = "zip" ] - then - # Zip format - # Using of a temp directory, because unzip doesn't manage --strip-components - if $src_in_subdir ; then - local tmp_dir=$(mktemp -d) - unzip -quo $src_filename -d "$tmp_dir" - cp -a $tmp_dir/*/. "$dest_dir" - ynh_secure_remove "$tmp_dir" - else - unzip -quo $src_filename -d "$dest_dir" - fi - else - local strip="" - if $src_in_subdir ; then - strip="--strip-components 1" - fi - if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then - tar -xf $src_filename -C "$dest_dir" $strip - else - ynh_die "Archive format unrecognized." - fi - fi - - # Apply patches - if (( $(find $YNH_CWD/../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then - local old_dir=$(pwd) - (cd "$dest_dir" \ - && for p in $YNH_CWD/../sources/patches/${src_id}-*.patch; do \ - patch -p1 < $p; done) \ - || ynh_die "Unable to apply patches" - cd $old_dir - fi - - # Add supplementary files - if test -e "$YNH_CWD/../sources/extra_files/${src_id}"; then - cp -a $YNH_CWD/../sources/extra_files/$src_id/. "$dest_dir" - fi -} \ No newline at end of file +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= diff --git a/scripts/backup b/scripts/backup new file mode 100644 index 0000000..b4c2ad9 --- /dev/null +++ b/scripts/backup @@ -0,0 +1,79 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + true +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_print_info --message="Loading installation settings..." + +app=$YNH_APP_INSTANCE_NAME + +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) + +#================================================= +# DECLARE DATA AND CONF FILES TO BACKUP +#================================================= +ynh_print_info --message="Declaring files to be backed up..." + +#================================================= +# BACKUP THE APP MAIN DIR +#================================================= + +ynh_backup --src_path="$final_path" + +#================================================= +# BACKUP THE NGINX CONFIGURATION +#================================================= + +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# SPECIFIC BACKUP +#================================================= +# BACKUP SYSTEMD +#================================================= + +ynh_backup --src_path="/etc/systemd/system/${app}_authorized_keys_worker.service" +ynh_backup --src_path="/etc/systemd/system/${app}_ci.service" +#ynh_backup --src_path="/etc/systemd/system/${app}_ev_server.service" +ynh_backup --src_path="/etc/systemd/system/${app}_gitolite_worker.service" +ynh_backup --src_path="/etc/systemd/system/${app}_loadjson.service" +ynh_backup --src_path="/etc/systemd/system/${app}_logcom.service" +#ynh_backup --src_path="/etc/systemd/system/${app}_milters.service" +ynh_backup --src_path="/etc/systemd/system/${app}_mirror.service" +ynh_backup --src_path="/etc/systemd/system/${app}_webhook.service" +ynh_backup --src_path="/etc/systemd/system/${app}_worker.service" + +#================================================= +# BACKUP THE POSTGRESQL DATABASE +#================================================= +ynh_print_info --message="Backing up the PostgreSQL database..." + +ynh_psql_dump_db --database="$db_name" > db.sql + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..dbe8dd1 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,174 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source ynh_redis +source ynh_uwsgi_service__2 +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path=$YNH_APP_NEW_PATH + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +# Add settings here as needed by your application +admin=$(ynh_app_setting_get --app=$app --key=admin) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) +redis_db=$(ynh_app_setting_get --app=$app --key=redis_db) +secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) +salt_email=$(ynh_app_setting_get --app=$app --key=salt_email) + +#================================================= +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + ynh_clean_check_starting + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." + +ynh_systemd_action --service_name=${app}_authorized_keys_worker --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_ci --action="stop" --log_path="systemd" +#ynh_systemd_action --service_name=${app}_ev_server --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_gitolite_worker --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_loadjson --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_logcom --action="stop" --log_path="systemd" +#ynh_systemd_action --service_name=${app}_milters --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_mirror --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_webhook --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_worker --action="stop" --log_path="systemd" +ynh_systemd_action --service_name="uwsgi-app@$app.service" --action="stop" --log_path="systemd" + +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_script_progression --message="Updating NGINX web server configuration..." + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the NGINX config file +if [ $change_path -eq 1 ] +then + # Make a backup of the original NGINX config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Set global variables for NGINX helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated NGINX config + ynh_add_nginx_config +fi + +# Change the domain for NGINX +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating a configuration file..." + +domain=$new_domain +path_url=$new_path + +ynh_add_config --template="../conf/pagure.cfg.sample" --destination="$final_path/pagure.cfg" + +chmod 400 "$final_path/pagure.cfg" +chown $app:$app "$final_path/pagure.cfg" + +ynh_add_config --template="../conf/pagure.wsgi" --destination="$final_path/pagure.wsgi" +ynh_add_uwsgi_service --service="$app" --template="uwsgi.ini" + +#================================================= +# GENERIC FINALISATION +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." + +# Start a systemd service +ynh_systemd_action --service_name=${app}_authorized_keys_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_ci --action="start" --log_path="systemd" --line_match="ready" +#ynh_systemd_action --service_name=${app}_ev_server --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_gitolite_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_loadjson --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_logcom --action="start" --log_path="systemd" --line_match="ready" +#ynh_systemd_action --service_name=${app}_milters --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_mirror --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_webhook --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name="uwsgi-app@$app.service" --action="start" --log_path="systemd" --line_match="Started" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index b7f56af..f2eed4f 100755 --- a/scripts/install +++ b/scripts/install @@ -7,12 +7,17 @@ #================================================= source _common.sh +source ynh_redis +source ynh_uwsgi_service__2 source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -25,196 +30,203 @@ path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC -# This is a multi-instance app, meaning it can be installed several times independently -# The id of the app as stated in the manifest is available as $YNH_APP_ID -# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) -# The app instance name is available as $YNH_APP_INSTANCE_NAME -# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -# - ynhexample__{N} for the subsequent installations, with N=3,4, ... -# The app instance name is probably what you are interested the most, since this is -# guaranteed to be unique. This is a good unique identifier to define installation path, -# db names, ... app=$YNH_APP_INSTANCE_NAME -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= - -# Normalize the url path syntax -path_url=$(ynh_normalize_url_path "$path_url") - -# Check web path availability -ynh_webpath_available "$domain" "$path_url" -# Register (book) web path -ynh_webpath_register "$app" "$domain" "$path_url" - -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die "This path already contains a folder" - -mkdir -p "$final_path" - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= - -ynh_app_setting_set "$app" domain "$domain" -ynh_app_setting_set "$app" path "$path_url" -ynh_app_setting_set "$app" admin "$admin" -ynh_app_setting_set "$app" is_public "$is_public" -ynh_app_setting_set "$app" final_path "$final_path" - -#================================================= -# STANDARD MODIFICATIONS -#================================================= - -#================================================= -# INSTALL DEPENDENCIES -#================================================= - -ynh_install_app_dependencies git virtualenv python-virtualenv libgit2-dev \ - libjpeg-dev gcc libffi-dev python-dev python-cffi \ - python-gdbm python-psycopg2 \ - postgresql uwsgi uwsgi-plugin-python redis-server - -#================================================= -# CREATE A PostgreSQL DATABASE -#================================================= - -ynh_psql_test_if_first_run - -db_name=$(ynh_sanitize_dbid "$app") -db_pwd=$(ynh_string_random) -ynh_app_setting_set "$app" db_name "$db_name" - -# Initialize database and store postgres password for upgrade -ynh_psql_setup_db "$db_name" "$app" "$db_pwd" - -systemctl reload postgresql - -#================================================= -# NGINX CONFIGURATION -#================================================= - -# Create a dedicated nginx config -ynh_add_nginx_config - -#================================================= -# CREATE DEDICATED USER -#================================================= - -ynh_system_user_create "$app" "${final_path}" - -#================================================= -# SPECIFIC SETUP -#================================================= -# SETUP SYSTEMD -#================================================= - -# Create a dedicated systemd config -ynh_add_systemd_config "$app-worker" "pagure-worker.service" - -#================================================= -# setup pagure.cfg -#================================================= - secret_key=$(ynh_string_random) salt_email=$(ynh_string_random) +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= +ynh_script_progression --message="Validating installation parameters..." + +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" + +# Register (book) web path +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url + +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= +ynh_script_progression --message="Storing installation settings..." + +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key +ynh_app_setting_set --app=$app --key=salt_email --value=$salt_email + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + +#================================================= +# CREATE A POSTGRESQL DATABASE +#================================================= +ynh_script_progression --message="Creating a PostgreSQL database..." + +ynh_psql_test_if_first_run + +db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name +ynh_app_setting_set --app=$app --key=db_name --value=$db_name +ynh_psql_setup_db --db_user=$db_user --db_name=$db_name +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_script_progression --message="Setting up source files..." + +ynh_app_setting_set --app=$app --key=final_path --value=$final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." + +# Create a dedicated NGINX config +ynh_add_nginx_config + +#================================================= +# SPECIFIC SETUP +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a configuration file..." + redis_db=$(ynh_redis_get_free_db) -ynh_app_setting_set "$app" redis_db "$redis_db" +ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db -cp ../conf/pagure.cfg.sample "$final_path/pagure.cfg" -ynh_replace_string "__REDIS_DB__" "$redis_db" "$final_path/pagure.cfg" -ynh_replace_string "__SECRET_KEY__" "$secret_key" "$final_path/pagure.cfg" -ynh_replace_string "__DB_USER__" "$app" "$final_path/pagure.cfg" -ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/pagure.cfg" -ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/pagure.cfg" -ynh_replace_string "__DOMAIN__" "$domain" "$final_path/pagure.cfg" -ynh_replace_string "__SALT_EMAIL__" "$salt_email" "$final_path/pagure.cfg" -ynh_replace_string "__ADMIN__" "$admin" "$final_path/pagure.cfg" +ynh_add_config --template="../conf/pagure.cfg.sample" --destination="$final_path/pagure.cfg" + +chmod 400 "$final_path/pagure.cfg" +chown $app:$app "$final_path/pagure.cfg" #================================================= -# setup pagure.wsgi +# SETUP SYSTEMD #================================================= +ynh_script_progression --message="Configuring a systemd service..." -cp ../conf/pagure.wsgi "$final_path/pagure.wsgi" -ynh_replace_string "__FINALPATH__" "$final_path" "$final_path/pagure.wsgi" +# Create a dedicated systemd config +ynh_add_systemd_config --service="${app}_authorized_keys_worker" --template="pagure_authorized_keys_worker.service" +ynh_add_systemd_config --service="${app}_ci" --template="pagure_ci.service" +#ynh_add_systemd_config --service="${app}_ev_server" --template="pagure_ev_server.service" +ynh_add_systemd_config --service="${app}_gitolite_worker" --template="pagure_gitolite_worker.service" +ynh_add_systemd_config --service="${app}_loadjson" --template="pagure_loadjson.service" +ynh_add_systemd_config --service="${app}_logcom" --template="pagure_logcom.service" +#ynh_add_systemd_config --service="${app}_milters" --template="pagure_milters.service" +ynh_add_systemd_config --service="${app}_mirror" --template="pagure_mirror.service" +ynh_add_systemd_config --service="${app}_webhook" --template="pagure_webhook.service" +ynh_add_systemd_config --service="${app}_worker" --template="pagure_worker.service" + +ynh_add_config --template="../conf/pagure.wsgi" --destination="$final_path/pagure.wsgi" +ynh_add_uwsgi_service --service="$app" --template="uwsgi.ini" #================================================= -# setup uwsgi service +# BUILD APP #================================================= +ynh_script_progression --message="Building app..." -ynh_add_uwsgi_service - -#================================================= -# Get Pagure source -#================================================= - -ynh_setup_source_local "${final_path}" -ln -s "${final_path}/pagure-5.0.1" "${final_path}/pagure" - -#================================================= -# PIP INSTALLATION -#================================================= -virtualenv "${final_path}/venv" -#run source in a 'sub shell' -( - set +o nounset - source "${final_path}/venv/bin/activate" - set -o nounset +pushd "$final_path" + python3 -m venv venv + source ./venv/bin/activate + pip install --upgrade pip + pip install wheel pip install cffi - pip install pygit2==0.24 - pip install -r "${final_path}/pagure/requirements.txt" - pip install psycopg2-binary cryptography py-bcrypt python-fedora -) + pip install psycopg2 + pip install pyyaml + pip install pygit2==0.27 + pip install -r requirements.txt + mkdir -p "${final_path}"/lcl/{repos,remotes,attachments,releases} + ynh_add_config --template="../conf/alembic.ini" --destination="$final_path/alembic.ini" + PAGURE_CONFIG=${final_path}/pagure.cfg python createdb.py --initial alembic.ini 2>&1 +popd -#================================================= -# SPECIFIC SETUP Filling up the database -#========================================== +ynh_replace_string --match_string="validators.Required" --replace_string="validators.DataRequired" --target_file="$final_path/pagure/forms.py" -# Create the folder that will receive the projects, forks, docs, requests and tickets' git repo: -mkdir -p "${final_path}"/lcl/{repos,docs,forks,tickets,requests,remotes,attachments,releases} - -( - set +eu - source "${final_path}/venv/bin/activate" - cd "${final_path}/pagure" - PAGURE_CONFIG=${final_path}/pagure.cfg python createdb.py -) +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # GENERIC FINALIZATION #================================================= -# SECURE FILES AND DIRECTORIES +# INTEGRATE SERVICE IN YUNOHOST #================================================= +ynh_script_progression --message="Integrating service in YunoHost..." -# Set permissions to app files -chown -R "$app": "$final_path" +yunohost service add ${app}_authorized_keys_worker +yunohost service add ${app}_ci +#yunohost service add ${app}_ev_server +yunohost service add ${app}_gitolite_worker +yunohost service add ${app}_loadjson +yunohost service add ${app}_logcom +#yunohost service add ${app}_milters +yunohost service add ${app}_mirror +yunohost service add ${app}_webhook +yunohost service add ${app}_worker + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." + +# Start a systemd service +ynh_systemd_action --service_name=${app}_authorized_keys_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_ci --action="start" --log_path="systemd" --line_match="ready" +#ynh_systemd_action --service_name=${app}_ev_server --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_gitolite_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_loadjson --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_logcom --action="start" --log_path="systemd" --line_match="ready" +#ynh_systemd_action --service_name=${app}_milters --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_mirror --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_webhook --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name="uwsgi-app@$app.service" --action="start" --log_path="systemd" --line_match="Started" #================================================= # SETUP SSOWAT #================================================= +ynh_script_progression --message="Configuring permissions..." -if [ "$is_public" -eq 0 ] -then # Remove the public access - ynh_app_setting_delete "$app" skipped_uris -fi # Make app public if necessary -if [ "$is_public" -eq 1 ] +if [ $is_public -eq 1 ] then - # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set "$app" unprotected_uris "/" + # Everyone can access the app. + # The "main" permission is automatically created before the install script. + ynh_permission_update --permission="main" --add="visitors" fi -#================================================= -# START PAGURE -#================================================= - -systemctl start "uwsgi-app@$app.service" - #================================================= # RELOAD NGINX #================================================= +ynh_script_progression --message="Reloading NGINX web server..." -systemctl reload nginx +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index 1a71360..0e24eb8 100755 --- a/scripts/remove +++ b/scripts/remove @@ -7,79 +7,171 @@ #================================================= source _common.sh +source ynh_redis +source ynh_uwsgi_service__2 source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -db_name=$(ynh_app_setting_get "$app" db_name) -domain=$(ynh_app_setting_get "$app" domain) -redis_db=$(ynh_app_setting_get "$app" redis_db) +domain=$(ynh_app_setting_get --app=$app --key=domain) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +redis_db=$(ynh_app_setting_get --app=$app --key=redis_db) #================================================= # STANDARD REMOVE +#================================================= +# REMOVE SERVICE INTEGRATION IN YUNOHOST +#================================================= + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_authorized_keys_worker >/dev/null +then + ynh_script_progression --message="Removing ${app}_authorized_keys_worker service integration..." + yunohost service remove ${app}_authorized_keys_worker +fi + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_ci >/dev/null +then + ynh_script_progression --message="Removing ${app}_ci service integration..." + yunohost service remove ${app}_ci +fi + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_ev_server >/dev/null +then + ynh_script_progression --message="Removing ${app}_ev_server service integration..." + yunohost service remove ${app}_ev_server +fi + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_gitolite_worker >/dev/null +then + ynh_script_progression --message="Removing ${app}_gitolite_worker service integration..." + yunohost service remove ${app}_gitolite_worker +fi + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_loadjson >/dev/null +then + ynh_script_progression --message="Removing ${app}_loadjson service integration..." + yunohost service remove ${app}_loadjson +fi + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_logcom >/dev/null +then + ynh_script_progression --message="Removing ${app}_logcom service integration..." + yunohost service remove ${app}_logcom +fi + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_milters >/dev/null +then + ynh_script_progression --message="Removing ${app}_milters service integration..." + yunohost service remove ${app}_milters +fi + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_mirror >/dev/null +then + ynh_script_progression --message="Removing ${app}_mirror service integration..." + yunohost service remove ${app}_mirror +fi + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_webhook >/dev/null +then + ynh_script_progression --message="Removing ${app}_webhook service integration..." + yunohost service remove ${app}_webhook +fi + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status ${app}_worker >/dev/null +then + ynh_script_progression --message="Removing ${app}_worker service integration..." + yunohost service remove ${app}_worker +fi + #================================================= # STOP AND REMOVE SERVICE #================================================= +ynh_script_progression --message="Stopping and removing the systemd service..." # Remove the dedicated systemd config -ynh_remove_systemd_config "$app-worker" +ynh_remove_systemd_config --service="${app}_authorized_keys_worker" +ynh_remove_systemd_config --service="${app}_ci" +#ynh_remove_systemd_config --service="${app}_ev_server" +ynh_remove_systemd_config --service="${app}_gitolite_worker" +ynh_remove_systemd_config --service="${app}_loadjson" +ynh_remove_systemd_config --service="${app}_logcom" +#ynh_remove_systemd_config --service="${app}_milters" +ynh_remove_systemd_config --service="${app}_mirror" +ynh_remove_systemd_config --service="${app}_webhook" +ynh_remove_systemd_config --service="${app}_worker" + +ynh_remove_uwsgi_service --service="$app" #================================================= -# REMOVE uwsgi and systemd files -#================================================= - -ynh_remove_uwsgi_service - -#================================================= -# REMOVE THE PostgreSQL DATABASE +# REMOVE THE POSTGRESQL DATABASE #================================================= +ynh_script_progression --message="Removing the PostgreSQL database..." # Remove a database if it exists, along with the associated user -ynh_psql_remove_db "$db_name" "$app" +ynh_psql_remove_db --db_user=$db_user --db_name=$db_name #================================================= -# REMOVE THE Redis DATABASE +# REMOVE APP MAIN DIR #================================================= +ynh_script_progression --message="Removing app main directory..." -# Remove a database if it exists, along with the associated user -ynh_redis_remove_db "$redis_db" +# Remove the app directory securely +ynh_secure_remove --file="$final_path" + +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Removing NGINX web server configuration..." + +# Remove the dedicated NGINX config +ynh_remove_nginx_config #================================================= # REMOVE DEPENDENCIES #================================================= +ynh_script_progression --message="Removing dependencies..." # Remove metapackage and its dependencies ynh_remove_app_dependencies #================================================= -# REMOVE APP MAIN DIR +# SPECIFIC REMOVE #================================================= - -# Remove the app directory securely -ynh_secure_remove "/var/www/$app" - -#================================================= -# REMOVE NGINX CONFIGURATION +# REMOVE THE REDIS DATABASE #================================================= +ynh_script_progression --message="Removing the redis database..." -# Remove the dedicated nginx config -ynh_remove_nginx_config - -#================================================= -# REMOVE uwsgi and systemd files -#================================================= - -ynh_remove_uwsgi_service +ynh_redis_remove_db "$redis_db" #================================================= # GENERIC FINALIZATION #================================================= # REMOVE DEDICATED USER #================================================= +ynh_script_progression --message="Removing the dedicated system user..." # Delete a system user -ynh_system_user_delete "$app" +ynh_system_user_delete --username=$app + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Removal of $app completed" diff --git a/scripts/restore b/scripts/restore new file mode 100644 index 0000000..92f184e --- /dev/null +++ b/scripts/restore @@ -0,0 +1,169 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source ../settings/scripts/ynh_redis +source ../settings/scripts/ynh_uwsgi_service__2 +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + ynh_clean_check_starting +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name + +#================================================= +# CHECK IF THE APP CAN BE RESTORED +#================================================= +ynh_script_progression --message="Validating restoration parameters..." + +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " + +#================================================= +# STANDARD RESTORATION STEPS +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Restoring the app main directory..." + +ynh_restore_file --origin_path="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# RESTORE THE POSTGRESQL DATABASE +#================================================= +ynh_script_progression --message="Restoring the PostgreSQL database..." + +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) +ynh_psql_test_if_first_run +ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name + +#================================================= +# RESTORE SYSTEMD +#================================================= +ynh_script_progression --message="Restoring the systemd configuration..." + +ynh_restore_file --origin_path="/etc/systemd/system/${app}_authorized_keys_worker.service" +systemctl enable ${app}_authorized_keys_worker.service --quiet +ynh_restore_file --origin_path="/etc/systemd/system/${app}_ci.service" +systemctl enable ${app}_ci.service --quiet +#ynh_restore_file --origin_path="/etc/systemd/system/${app}_ev_server.service" +#systemctl enable ${app}_ev_server.service --quiet +ynh_restore_file --origin_path="/etc/systemd/system/${app}_gitolite_worker.service" +systemctl enable ${app}_gitolite_worker.service --quiet +ynh_restore_file --origin_path="/etc/systemd/system/${app}_loadjson.service" +systemctl enable ${app}_loadjson.service --quiet +ynh_restore_file --origin_path="/etc/systemd/system/${app}_logcom.service" +systemctl enable ${app}_logcom.service --quiet +#ynh_restore_file --origin_path="/etc/systemd/system/${app}_milters.service" +#systemctl enable ${app}_milters.service --quiet +ynh_restore_file --origin_path="/etc/systemd/system/${app}_mirror.service" +systemctl enable ${app}_mirror.service --quiet +ynh_restore_file --origin_path="/etc/systemd/system/${app}_webhook.service" +systemctl enable ${app}_webhook.service --quiet +ynh_restore_file --origin_path="/etc/systemd/system/${app}_worker.service" +systemctl enable ${app}_worker.service --quiet + +ynh_add_uwsgi_service --service="$app" --template="uwsgi.ini" + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." + +yunohost service add ${app}_authorized_keys_worker +yunohost service add ${app}_ci +#yunohost service add ${app}_ev_server +yunohost service add ${app}_gitolite_worker +yunohost service add ${app}_loadjson +yunohost service add ${app}_logcom +#yunohost service add ${app}_milters +yunohost service add ${app}_mirror +yunohost service add ${app}_webhook +yunohost service add ${app}_worker + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." + +# Start a systemd service +ynh_systemd_action --service_name=${app}_authorized_keys_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_ci --action="start" --log_path="systemd" --line_match="ready" +#ynh_systemd_action --service_name=${app}_ev_server --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_gitolite_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_loadjson --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_logcom --action="start" --log_path="systemd" --line_match="ready" +#ynh_systemd_action --service_name=${app}_milters --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_mirror --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_webhook --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name="uwsgi-app@$app.service" --action="start" --log_path="systemd" --line_match="Started" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade new file mode 100644 index 0000000..8005db4 --- /dev/null +++ b/scripts/upgrade @@ -0,0 +1,229 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source ynh_redis +source ynh_uwsgi_service__2 +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) +redis_db=$(ynh_app_setting_get --app=$app --key=redis_db) +secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) +salt_email=$(ynh_app_setting_get --app=$app --key=salt_email) + +#================================================= +# CHECK VERSION +#================================================= +ynh_script_progression --message="Checking version..." + +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + ynh_clean_check_starting + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." + +ynh_systemd_action --service_name=${app}_authorized_keys_worker --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_ci --action="stop" --log_path="systemd" +#ynh_systemd_action --service_name=${app}_ev_server --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_gitolite_worker --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_loadjson --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_logcom --action="stop" --log_path="systemd" +#ynh_systemd_action --service_name=${app}_milters --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_mirror --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_webhook --action="stop" --log_path="systemd" +ynh_systemd_action --service_name=${app}_worker --action="stop" --log_path="systemd" +ynh_systemd_action --service_name="uwsgi-app@$app.service" --action="stop" --log_path="systemd" + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." + +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" +fi + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." + +# Create a dedicated NGINX config +ynh_add_nginx_config + +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# SPECIFIC UPGRADE +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating a configuration file..." + +ynh_add_config --template="../conf/pagure.cfg.sample" --destination="$final_path/pagure.cfg" + +chmod 400 "$final_path/pagure.cfg" +chown $app:$app "$final_path/pagure.cfg" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Configuring a systemd service..." + +# Create a dedicated systemd config +ynh_add_systemd_config --service="${app}_authorized_keys_worker" --template="pagure_authorized_keys_worker.service" +ynh_add_systemd_config --service="${app}_ci" --template="pagure_ci.service" +#ynh_add_systemd_config --service="${app}_ev_server" --template="pagure_ev_server.service" +ynh_add_systemd_config --service="${app}_gitolite_worker" --template="pagure_gitolite_worker.service" +ynh_add_systemd_config --service="${app}_loadjson" --template="pagure_loadjson.service" +ynh_add_systemd_config --service="${app}_logcom" --template="pagure_logcom.service" +#ynh_add_systemd_config --service="${app}_milters" --template="pagure_milters.service" +ynh_add_systemd_config --service="${app}_mirror" --template="pagure_mirror.service" +ynh_add_systemd_config --service="${app}_webhook" --template="pagure_webhook.service" +ynh_add_systemd_config --service="${app}_worker" --template="pagure_worker.service" + +ynh_add_config --template="../conf/pagure.wsgi" --destination="$final_path/pagure.wsgi" +ynh_add_uwsgi_service --service="$app" --template="uwsgi.ini" + +#================================================= +# BUILD APP +#================================================= +ynh_script_progression --message="Building app..." + +pushd "$final_path" + ynh_secure_remove --file="${final_path}/venv" + python3 -m venv venv + source ./venv/bin/activate + pip install --upgrade pip + pip install wheel + pip install cffi + pip install psycopg2 + pip install pyyaml + pip install pygit2==0.27 + pip install -r requirements.txt + mkdir -p "${final_path}"/lcl/{repos,remotes,attachments,releases} + ynh_add_config --template="../conf/alembic.ini" --destination="$final_path/alembic.ini" + PAGURE_CONFIG=${final_path}/pagure.cfg alembic upgrade head 2>&1 +popd + +ynh_replace_string --match_string="validators.Required" --replace_string="validators.DataRequired" --target_file="$final_path/pagure/forms.py" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." + +yunohost service add ${app}_authorized_keys_worker +yunohost service add ${app}_ci +#yunohost service add ${app}_ev_server +yunohost service add ${app}_gitolite_worker +yunohost service add ${app}_loadjson +yunohost service add ${app}_logcom +#yunohost service add ${app}_milters +yunohost service add ${app}_mirror +yunohost service add ${app}_webhook +yunohost service add ${app}_worker + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." + +ynh_systemd_action --service_name=${app}_authorized_keys_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_ci --action="start" --log_path="systemd" --line_match="ready" +#ynh_systemd_action --service_name=${app}_ev_server --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_gitolite_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_loadjson --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_logcom --action="start" --log_path="systemd" --line_match="ready" +#ynh_systemd_action --service_name=${app}_milters --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_mirror --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_webhook --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name=${app}_worker --action="start" --log_path="systemd" --line_match="ready" +ynh_systemd_action --service_name="uwsgi-app@$app.service" --action="start" --log_path="systemd" --line_match="Started" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" diff --git a/scripts/ynh_redis b/scripts/ynh_redis new file mode 100644 index 0000000..9d6257d --- /dev/null +++ b/scripts/ynh_redis @@ -0,0 +1,39 @@ +#!/bin/bash + +# get the first available redis database +# +# usage: ynh_redis_get_free_db +# | returns: the database number to use +ynh_redis_get_free_db() { + local result max db + result=$(redis-cli INFO keyspace) + + # get the num + max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") + + db=0 + # default Debian setting is 15 databases + for i in $(seq 0 "$max") + do + if ! echo "$result" | grep -q "db$i" + then + db=$i + break 1 + fi + db=-1 + done + + test "$db" -eq -1 && ynh_die --message="No available Redis databases..." + + echo "$db" +} + +# Create a master password and set up global settings +# Please always call this script in install and restore scripts +# +# usage: ynh_redis_remove_db database +# | arg: database - the database to erase +ynh_redis_remove_db() { + local db=$1 + redis-cli -n "$db" flushall +} diff --git a/scripts/ynh_uwsgi_service__2 b/scripts/ynh_uwsgi_service__2 new file mode 100644 index 0000000..f1baf27 --- /dev/null +++ b/scripts/ynh_uwsgi_service__2 @@ -0,0 +1,131 @@ +#!/bin/bash + +pkg_dependencies="$pkg_dependencies uwsgi uwsgi-plugin-python3" + +# Check if system wide templates are available and correcly configured +# +# usage: ynh_check_global_uwsgi_config +ynh_check_global_uwsgi_config () { + uwsgi --version || ynh_die --message="You need to add uwsgi (and appropriate plugin) as a dependency" + + cat > /etc/systemd/system/uwsgi-app@.service < uwsgi-app@app` +ynh_add_uwsgi_service () { + # Declare an array to define the options of this helper. + local legacy_args=st + local -A args_array=([s]=service= [t]=template=) + local service + local template + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + service="${service:-$app}" + template="${template:-uwsgi.ini}" + + ynh_check_global_uwsgi_config + + # www-data group is needed since it is this nginx who will start the service + usermod --append --groups www-data "$service" || ynh_die --message="It wasn't possible to add user $service to group www-data" + + ynh_add_config --template="$YNH_APP_BASEDIR/conf/$template" --destination="/etc/uwsgi/apps-available/$service.ini" + + chown $service:root "/etc/uwsgi/apps-available/$service.ini" + + # make sure the folder for logs exists and set authorizations + mkdir -p /var/log/uwsgi/$service + chown $service:root /var/log/uwsgi/$service + chmod -R u=rwX,g=rX,o= /var/log/uwsgi/$service + + # Setup specific Systemd rules if necessary + test -e ../conf/uwsgi-app@override.service && \ + mkdir /etc/systemd/system/uwsgi-app@$service.service.d && \ + cp ../conf/uwsgi-app@override.service /etc/systemd/system/uwsgi-app@$service.service.d/override.conf + + systemctl enable "uwsgi-app@$service.service" --quiet + systemctl daemon-reload + + # Add as a service + yunohost service add "uwsgi-app@$service" --log "/var/log/uwsgi/$service/$service.log" +} + +# Remove the dedicated uwsgi ini file +# +# usage: ynh_remove_uwsgi_service [--service=service] +# | arg: -s, --service= - Service name (optionnal, $app by default) +# +ynh_remove_uwsgi_service () { + # Declare an array to define the options of this helper. + local legacy_args=s + local -A args_array=([s]=service=) + local service + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + local service="${service:-$app}" + + local finaluwsgiini="/etc/uwsgi/apps-available/$service.ini" + if [ -e "$finaluwsgiini" ]; then + yunohost service remove "uwsgi-app@$service" + systemctl stop "uwsgi-app@$service.service" + systemctl disable "uwsgi-app@$service.service" --quiet + ynh_secure_remove --file="$finaluwsgiini" + ynh_secure_remove --file="/var/log/uwsgi/$service" + ynh_secure_remove --file="/etc/systemd/system/uwsgi-app@$service.service.d" + fi +} + +# Restore the dedicated uwsgi config +# Should be used in restore script +# +# usage: ynh_restore_uwsgi_service [--service=service] +# | arg: -s, --service= - Service name (optionnal, $app by default) +ynh_restore_uwsgi_service () { + # Declare an array to define the options of this helper. + local legacy_args=s + local -A args_array=([s]=service=) + local service + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + service="${service:-$app}" + + ynh_check_global_uwsgi_config + systemctl enable "uwsgi-app@$service" --quiet + yunohost service add "uwsgi-app@$service" --log "/var/log/uwsgi/$service/$service.log" +}