1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/paperless-ngx_ynh.git synced 2024-09-03 19:56:33 +02:00

Update to 1.9.2

This commit is contained in:
Fabian Wilkens 2022-12-30 12:24:18 +01:00
parent a76e15bd52
commit 51b5dcb2bb
No known key found for this signature in database
GPG key ID: 23DFA025BB4E9FAB
17 changed files with 423 additions and 199 deletions

View file

@ -13,7 +13,7 @@
setup_root=1 setup_root=1
setup_nourl=0 setup_nourl=0
setup_private=1 setup_private=1
setup_public=0 setup_public=1
upgrade=1 upgrade=1
upgrade=0 from_commit=CommitHash upgrade=0 from_commit=CommitHash
backup_restore=1 backup_restore=1

View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/paperless-ngx/paperless-ngx/releases/download/ngx-1.6.0/paperless-ngx-1.6.0.tar.xz SOURCE_URL=https://github.com/paperless-ngx/paperless-ngx/releases/download/v1.9.2/paperless-ngx-v1.9.2.tar.xz
SOURCE_SUM=f4971abf258382fb171a8d11f4c6181ca03b42334deb6d9305a04ea8f8eab91e SOURCE_SUM=7da7e355745fcc5ac837323f22f7e6d556386297a61e41f04e104fe785e85cce
SOURCE_SUM_PRG=sha256sum SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true

View file

@ -13,6 +13,8 @@ location __PATH__/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Host $server_name;
client_max_body_size 25M;
# Include SSOWAT user panel. # Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc; include conf.d/yunohost_panel.conf.inc;
} }

View file

@ -3,11 +3,11 @@
# Debug. Only enable this for development. # Debug. Only enable this for development.
#PAPERLESS_DEBUG=false PAPERLESS_DEBUG=false
# Required services # Required services
PAPERLESS_REDIS=redis://localhost:6379 PAPERLESS_REDIS=redis://localhost:6379/__REDIS_DB__
PAPERLESS_DBHOST=localhost PAPERLESS_DBHOST=localhost
PAPERLESS_DBPORT=5432 PAPERLESS_DBPORT=5432
@ -18,15 +18,17 @@ PAPERLESS_DBPASS=__DB_PWD__
# Paths and folders # Paths and folders
PAPERLESS_CONSUMPTION_DIR=__DATA_DIR__/consume PAPERLESS_SCRATCH_DIR=/tmp/__APP__
PAPERLESS_DATA_DIR=__DATA_DIR__/data PAPERLESS_CONSUMPTION_DIR=__DATADIR__/consume
PAPERLESS_DATA_DIR=__DATADIR__/data
#PAPERLESS_TRASH_DIR= #PAPERLESS_TRASH_DIR=
PAPERLESS_MEDIA_ROOT=__DATA_DIR__/media PAPERLESS_MEDIA_ROOT=__DATADIR__/media
#PAPERLESS_STATICDIR=../static #PAPERLESS_STATICDIR=../static
#PAPERLESS_FILENAME_FORMAT= #PAPERLESS_FILENAME_FORMAT=
# Security and hosting # Security and hosting
PAPERLESS_URL=https://__DOMAIN__
PAPERLESS_SECRET_KEY=__PAPERLESS_SECRET_KEY__ PAPERLESS_SECRET_KEY=__PAPERLESS_SECRET_KEY__
PAPERLESS_ALLOWED_HOSTS=__DOMAIN__ PAPERLESS_ALLOWED_HOSTS=__DOMAIN__
PAPERLESS_CORS_ALLOWED_HOSTS=https://__DOMAIN__ PAPERLESS_CORS_ALLOWED_HOSTS=https://__DOMAIN__
@ -38,7 +40,7 @@ PAPERLESS_CORS_ALLOWED_HOSTS=https://__DOMAIN__
# OCR settings # OCR settings
PAPERLESS_OCR_LANGUAGE=eng+fra PAPERLESS_OCR_LANGUAGE=eng
#PAPERLESS_OCR_MODE=skip #PAPERLESS_OCR_MODE=skip
#PAPERLESS_OCR_OUTPUT_TYPE=pdfa #PAPERLESS_OCR_OUTPUT_TYPE=pdfa
#PAPERLESS_OCR_PAGES=1 #PAPERLESS_OCR_PAGES=1
@ -84,4 +86,3 @@ PAPERLESS_CONSUMER_IGNORE_PATTERNS=[".DS_STORE/*", "._*", ".stfolder/*", ".*"]
# YunoHost tweaks # YunoHost tweaks
PAPERLESS_LOGOUT_REDIRECT_URL=https://__MAIN_DOMAIN__/yunohost/sso/?action=logout PAPERLESS_LOGOUT_REDIRECT_URL=https://__MAIN_DOMAIN__/yunohost/sso/?action=logout
PAPERLESS_PORT=__PORT__

View file

@ -0,0 +1,45 @@
[Unit]
Description=Paperless qcluster
After=network.target
Wants=network.target
Requires=redis.service
[Service]
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/src/
ExecStart=__FINALPATH__/venv/bin/python manage.py qcluster
StandardOutput=append:/var/log/__APP__/__APP__.log
StandardError=inherit
# Sandboxing options to harden security
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

View file

@ -1,19 +1,19 @@
[Unit] [Unit]
Description=Scan, index and archive all your physical documents Description=Paperless webserver
After=network.target After=network.target
Wants=network.target
Requires=redis.service
[Service] [Service]
Type=simple Type=simple
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
WorkingDirectory=__FINALPATH__/ WorkingDirectory=__FINALPATH__/src/
ExecStart=__FINALPATH__/venv/bin/python3 manage.py runserver ExecStart=__FINALPATH__/venv/bin/uvicorn --port=__PORT__ --log-level=warning paperless.asgi:application
StandardOutput=append:/var/log/__APP__/__APP__.log StandardOutput=append:/var/log/__APP__/__APP__.log
StandardError=inherit StandardError=inherit
# Sandboxing options to harden security # Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes NoNewPrivileges=yes
PrivateTmp=yes PrivateTmp=yes

View file

@ -1,2 +1,13 @@
* This app require a dedicated domain. * This app require a dedicated domain.
* There no LDAP or SSO. ⚠️ The admin user will recieve a mail after the installation. * There is no LDAP or SSO support.
* Paperless is performing OCR on documents and images. English is installed by default. More languages can be installed:
* Display a list of all Tesseract language packs `apt-cache search tesseract-ocr`
* Install additional language packs
* Example for french `sudo apt-get install tesseract-ocr-fra`
* Example for german `sudo apt-get install tesseract-ocr-deu`
* Modify config to add new languages
* Open config-panel: https://my-domain.tld/yunohost/admin/#/apps/$app_id/config-panel
* You can combine multiple languages like this:
* One language: eng
* Two languages: eng+fra

Binary file not shown.

Before

Width:  |  Height:  |  Size: 680 KiB

After

Width:  |  Height:  |  Size: 491 KiB

View file

@ -6,7 +6,7 @@
"en": "Scan, index and archive all your physical documents", "en": "Scan, index and archive all your physical documents",
"fr": "Scannez, triez et archivez tous vos documents papiers" "fr": "Scannez, triez et archivez tous vos documents papiers"
}, },
"version": "1.6~ynh1", "version": "1.9.2~ynh1",
"url": "https://paperless-ngx.com", "url": "https://paperless-ngx.com",
"upstream": { "upstream": {
"license": "GPL-3.0-or-later", "license": "GPL-3.0-or-later",
@ -21,7 +21,7 @@
"name": "Tagada" "name": "Tagada"
}, },
"requirements": { "requirements": {
"yunohost": ">= 4.3.0" "yunohost": ">= 11.0.0"
}, },
"multi_instance": true, "multi_instance": true,
"services": [ "services": [
@ -38,6 +38,26 @@
{ {
"name": "admin", "name": "admin",
"type": "user" "type": "user"
},
{
"name": "admin_pw",
"type": "password",
"ask": {
"en": "Please chose a password for admin user."
}
},
{
"name": "is_public",
"type": "boolean",
"default": false
},
{
"name": "is_public_api",
"type": "boolean",
"default": false,
"ask": {
"en": "Should Paperless-ngx be accessible for apps."
}
} }
] ]
} }

View file

@ -5,7 +5,8 @@
#================================================= #=================================================
# dependencies used by the app # dependencies used by the app
pkg_dependencies="redis-tools redis-server postgresql postgresql-contrib python3 python3-pip python3-dev python3-venv imagemagick fonts-liberation optipng gnupg libpq-dev libmagic-dev mime-support" #pkg_dependencies="redis-tools redis-server postgresql postgresql-contrib python3 python3-pip python3-dev python3-venv imagemagick fonts-liberation optipng gnupg libpq-dev libmagic-dev mime-support"
pkg_dependencies="build-essential postgresql postgresql-contrib python3 python3-pip python3-dev python3-venv imagemagick fonts-liberation optipng gnupg libpq-dev libmagic-dev mime-support libzbar0 poppler-utils default-libmysqlclient-dev"
ocr_pkg_dependencies="unpaper ghostscript icc-profiles-free qpdf liblept5 libxml2 pngquant zlib1g tesseract-ocr" ocr_pkg_dependencies="unpaper ghostscript icc-profiles-free qpdf liblept5 libxml2 pngquant zlib1g tesseract-ocr"
raspberry_pkg_dependencies="libatlas-base-dev libxslt1-dev" raspberry_pkg_dependencies="libatlas-base-dev libxslt1-dev"

View file

@ -31,7 +31,6 @@ app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
datadir=$(ynh_app_setting_get --app=$app --key=datadir) datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#================================================= #=================================================
@ -66,8 +65,8 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
# BACKUP FAIL2BAN CONFIGURATION # BACKUP FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" #ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" #ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#================================================= #=================================================
# SPECIFIC BACKUP # SPECIFIC BACKUP
@ -82,12 +81,13 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
#================================================= #=================================================
ynh_backup --src_path="/etc/systemd/system/$app.service" ynh_backup --src_path="/etc/systemd/system/$app.service"
ynh_backup --src_path="/etc/systemd/system/$app-qcluster.service"
#================================================= #=================================================
# BACKUP VARIOUS FILES # BACKUP VARIOUS FILES
#================================================= #=================================================
ynh_backup --src_path="/etc/$app/" #ynh_backup --src_path="/etc/$app/"
#================================================= #=================================================
# BACKUP THE MYSQL DATABASE # BACKUP THE MYSQL DATABASE

View file

@ -24,16 +24,22 @@ app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." --time --weight=1 ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config" # Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
port=$(ynh_app_setting_get --app=$app --key=port) port=$(ynh_app_setting_get --app=$app --key=port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
paperless_secret_key=$(ynh_app_setting_get --app=$app --key=paperless_secret_key)
#================================================= #=================================================
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --time --weight=1 ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
@ -68,14 +74,15 @@ fi
#================================================= #=================================================
# STOP SYSTEMD SERVICE # STOP SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name="$app-qcluster" --action="stop" --log_path="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# MODIFY URL IN NGINX CONF # MODIFY URL IN NGINX CONF
#================================================= #=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --time --weight=1 ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
@ -104,22 +111,32 @@ fi
#================================================= #=================================================
# SPECIFIC MODIFICATIONS # SPECIFIC MODIFICATIONS
#================================================= #=================================================
# ... # MODIFY A CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Modifying a configuration file..." --weight=1
domain="$new_domain"
path_url="$new_path"
ynh_add_config --template="paperless.conf.example" --destination="$final_path/paperless.conf"
chmod 400 "$final_path/paperless.conf"
chown $app:$app "$final_path/paperless.conf"
#================================================= #=================================================
# GENERIC FINALISATION # GENERIC FINALISATION
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --time --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name="$app-qcluster" --action="start" --log_path="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
@ -127,4 +144,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Change of URL completed for $app" --time --last ynh_script_progression --message="Change of URL completed for $app" --last

View file

@ -7,6 +7,7 @@
#================================================= #=================================================
source _common.sh source _common.sh
source ynh_redis
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
@ -26,25 +27,18 @@ ynh_abort_if_errors
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url="/" path_url="/"
is_public=$YNH_APP_ARG_IS_PUBLIC
is_public_api=$YNH_APP_ARG_IS_PUBLIC_API
admin=$YNH_APP_ARG_ADMIN admin=$YNH_APP_ARG_ADMIN
admin_pw=$YNH_APP_ARG_ADMIN_PW
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#================================================= #=================================================
### About --weight and --time ynh_script_progression --message="Validating installation parameters..." --weight=1
### ynh_script_progression will show to your final users the progression of each scripts.
### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script.
### --time is a packager option, it will show you the execution time since the previous call.
### This option should be removed before releasing your app.
### Use the execution time, given by --time, to estimate the weight of a step.
### A common way to do it is to set a weight equal to the execution time in second +1.
### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call.
ynh_script_progression --message="Validating installation parameters..." --time --weight=1
### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app"
final_path=/opt/yunohost/$app final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder" test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
@ -54,7 +48,7 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#================================================= #=================================================
# STORE SETTINGS FROM MANIFEST # STORE SETTINGS FROM MANIFEST
#================================================= #=================================================
ynh_script_progression --message="Storing installation settings..." --time --weight=1 ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=path --value=$path_url
@ -65,7 +59,7 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin
#================================================= #=================================================
# FIND AND OPEN A PORT # FIND AND OPEN A PORT
#================================================= #=================================================
ynh_script_progression --message="Finding an available port..." --time --weight=1 ynh_script_progression --message="Finding an available port..." --weight=1
# Find an available port # Find an available port
port=$(ynh_find_port --port=8095) port=$(ynh_find_port --port=8095)
@ -74,16 +68,16 @@ ynh_app_setting_set --app=$app --key=port --value=$port
#================================================= #=================================================
# INSTALL DEPENDENCIES # INSTALL DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Installing dependencies..." --time --weight=1 ynh_script_progression --message="Installing dependencies..." --weight=1
# FIXME: Only on a Raspberry Pi (armv6 v7?) # FIXME: Only on a Raspberry Pi (armv6 v7?)
# ynh_add_app_dependencies $raspberry_pkg_dependencies # ynh_add_app_dependencies $raspberry_pkg_dependencies
ynh_install_app_dependencies $pkg_dependencies $ocr_pkg_dependencies ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $ocr_pkg_dependencies
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Configuring system user..." --time --weight=1 ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user # Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path" ynh_system_user_create --username=$app --home_dir="$final_path"
@ -91,17 +85,18 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
#================================================= #=================================================
# CREATE A POSTGRESQL DATABASE # CREATE A POSTGRESQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Creating a PostgreSQL database..." --time --weight=1 ynh_script_progression --message="Creating a PostgreSQL database..." --weight=1
db_name=$(ynh_sanitize_dbid --db_name=$app) db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Setting up source files..." --time --weight=1 ynh_script_progression --message="Setting up source files..." --weight=1
ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_app_setting_set --app=$app --key=final_path --value=$final_path
@ -114,9 +109,7 @@ chown -R $app:$app "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring NGINX web server..." --time --weight=1 ynh_script_progression --message="Configuring NGINX web server..." --weight=1
### `ynh_add_nginx_config` will use the file conf/nginx.conf
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
@ -130,19 +123,26 @@ ynh_script_progression --message="Installing Python dependencies..."
pushd $final_path pushd $final_path
python3 -m venv venv python3 -m venv venv
venv/bin/pip install --upgrade pip chown -R "$app:" "$final_path"
venv/bin/pip install -r requirements.txt (
source "$final_path/venv/bin/activate"
ynh_exec_as $app $final_path/venv/bin/pip3 install --upgrade pip setuptools wheel
ynh_exec_as $app $final_path/venv/bin/pip3 install -r "$final_path/requirements.txt"
deactivate
)
popd popd
#================================================= #=================================================
# CREATE DATA DIRECTORY # CREATE DATA DIRECTORY
#================================================= #=================================================
ynh_script_progression --message="Creating a data directory..." --time --weight=1 ynh_script_progression --message="Creating a data directory..." --weight=1
datadir=/home/yunohost.app/$app datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir/{consume,data,media} mkdir -p "$datadir/consume"
mkdir -p "$datadir/data"
mkdir -p "$datadir/media"
chmod 750 "$datadir" chmod 750 "$datadir"
chmod -R o-rwx "$datadir" chmod -R o-rwx "$datadir"
@ -151,49 +151,61 @@ chown -R $app:www-data "$datadir"
#================================================= #=================================================
# ADD A CONFIGURATION # ADD A CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Adding a configuration file..." --time --weight=1 ynh_script_progression --message="Adding a configuration file..." --weight=1
redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db
paperless_secret_key=$(ynh_string_random) paperless_secret_key=$(ynh_string_random)
ynh_app_setting_set --app=$app --key=paperless_secret_key ynh_app_setting_set --app=$app --key=paperless_secret_key --value=$paperless_secret_key
ynh_add_config --template="paperless.conf.example" --destination="$final_path/paperless.conf" ynh_add_config --template="paperless.conf.example" --destination="$final_path/paperless.conf"
chmod 400 "$final_path/paperless.conf" chmod 400 "$final_path/paperless.conf"
chown $app:$app "$final_path/paperless.conf" chown $app:$app "$final_path/paperless.conf"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --time --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config
#================================================= #=================================================
# SETUP THE DATABASE # SETUP THE DATABASE
#================================================= #=================================================
ynh_script_progression --message="Setting up the database..." --time --weight=1 ynh_script_progression --message="Setting up the database..." --weight=1
pushd $final_path pushd "$final_path/src"
ynh_exec_as $app python3 manage.py migrate (
source "$final_path/venv/bin/activate"
ynh_exec_as $app $final_path/venv/bin/python manage.py migrate
deactivate
)
popd popd
#================================================= #=================================================
# CREATE THE ADMIN USER # CREATE THE ADMIN USER
#================================================= #=================================================
ynh_script_progression --message="Creating the admin user..." --time --weight=1 ynh_script_progression --message="Creating the admin user..." --weight=1
pushd $final_path pushd "$final_path/src"
(
source "$final_path/venv/bin/activate"
email=$(ynh_user_get_info $admin 'mail') email=$(ynh_user_get_info $admin 'mail')
ynh_exec_as $app python3 manage.py createsuperuser --noinput --username "$admin" --email "$email" ynh_exec_as $app env "DJANGO_SUPERUSER_PASSWORD=$admin_pw" $final_path/venv/bin/python3 manage.py createsuperuser --noinput --username "$admin" --email "$email"
deactivate
)
popd popd
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config --service="$app" --template="systemd.service"
ynh_add_systemd_config --service="$app-qcluster" --template="systemd-qcluster.service"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# SETUP LOGROTATE # SETUP LOGROTATE
#================================================= #=================================================
ynh_script_progression --message="Configuring log rotation..." --time --weight=1 ynh_script_progression --message="Configuring log rotation..." --weight=1
# Use logrotate to manage application logfile(s) # Use logrotate to manage application logfile(s)
ynh_use_logrotate ynh_use_logrotate
@ -201,39 +213,50 @@ ynh_use_logrotate
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --log="/var/log/$app/$app.log" yunohost service add "$app" --log="/var/log/$app/$app.log"
yunohost service add "$app-qcluster" --log="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --time --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name="$app-qcluster" --action="start" --log_path="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# SETUP FAIL2BAN # SETUP FAIL2BAN
#================================================= #=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --time --weight=1 #ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
# Create a dedicated Fail2Ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" #ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
# FIXME fail2ban # FIXME fail2ban
# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5 # ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
#================================================= #=================================================
#ynh_script_progression --message="Configuring permissions..." --time --weight=1 ynh_script_progression --message="Configuring permissions..." --weight=1
# .main already exist so nothing to do here... # Make app public if necessary
if [ $is_public -eq 1 ]
then
ynh_permission_update --permission="main" --add="visitors"
fi
ynh_permission_create --permission="api" --url="/api" --allowed="all_users" --auth_header="false" --label="$app API" --show_tile="false" --protected="false"
if [ $is_public_api -eq 1 ]
then
ynh_permission_update --permission="api" --add="visitors"
fi
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
@ -241,4 +264,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Installation of $app completed" --time --last ynh_script_progression --message="Installation of $app completed" --last

View file

@ -7,12 +7,13 @@
#================================================= #=================================================
source _common.sh source _common.sh
source ynh_redis
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." --time --weight=1 ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -22,6 +23,7 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name db_user=$db_name
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir) datadir=$(ynh_app_setting_get --app=$app --key=datadir)
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
#================================================= #=================================================
# STANDARD REMOVE # STANDARD REMOVE
@ -32,22 +34,24 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir)
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null if ynh_exec_warn_less yunohost service status $app >/dev/null
then then
ynh_script_progression --message="Removing $app service integration..." --time --weight=1 ynh_script_progression --message="Removing $app service integration..." --weight=1
yunohost service remove $app yunohost service remove "$app"
yunohost service remove "$app-qcluster"
fi fi
#================================================= #=================================================
# STOP AND REMOVE SERVICE # STOP AND REMOVE SERVICE
#================================================= #=================================================
ynh_script_progression --message="Stopping and removing the systemd service..." --time --weight=1 ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
# Remove the dedicated systemd config # Remove the dedicated systemd config
ynh_remove_systemd_config ynh_remove_systemd_config --service="$app"
ynh_remove_systemd_config --service="$app-cluster"
#================================================= #=================================================
# REMOVE LOGROTATE CONFIGURATION # REMOVE LOGROTATE CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1 ynh_script_progression --message="Removing logrotate configuration..." --weight=1
# Remove the app-specific logrotate config # Remove the app-specific logrotate config
ynh_remove_logrotate ynh_remove_logrotate
@ -55,7 +59,7 @@ ynh_remove_logrotate
#================================================= #=================================================
# REMOVE THE POSTGRESQL DATABASE # REMOVE THE POSTGRESQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Removing the PostgreSQL database..." --time --weight=1 ynh_script_progression --message="Removing the PostgreSQL database..." --weight=1
# Remove a database if it exists, along with the associated user # Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
@ -63,7 +67,7 @@ ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
#================================================= #=================================================
# REMOVE APP MAIN DIR # REMOVE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Removing app main directory..." --time --weight=1 ynh_script_progression --message="Removing app main directory..." --weight=1
# Remove the app directory securely # Remove the app directory securely
ynh_secure_remove --file="$final_path" ynh_secure_remove --file="$final_path"
@ -75,14 +79,14 @@ ynh_secure_remove --file="$final_path"
# Remove the data directory if --purge option is used # Remove the data directory if --purge option is used
if [ "${YNH_APP_PURGE:-0}" -eq 1 ] if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then then
ynh_script_progression --message="Removing app data directory..." --time --weight=1 ynh_script_progression --message="Removing app data directory..." --weight=1
ynh_secure_remove --file="$datadir" ynh_secure_remove --file="$datadir"
fi fi
#================================================= #=================================================
# REMOVE NGINX CONFIGURATION # REMOVE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing NGINX web server configuration..." --time --weight=1 ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
# Remove the dedicated NGINX config # Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_remove_nginx_config
@ -90,28 +94,29 @@ ynh_remove_nginx_config
#================================================= #=================================================
# REMOVE DEPENDENCIES # REMOVE DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Removing dependencies..." --time --weight=1 ynh_script_progression --message="Removing dependencies..." --weight=1
# Remove metapackage and its dependencies # Remove metapackage and its dependencies
ynh_redis_remove_db "$redis_db"
ynh_remove_app_dependencies ynh_remove_app_dependencies
#================================================= #=================================================
# REMOVE FAIL2BAN CONFIGURATION # REMOVE FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing Fail2Ban configuration..." --time --weight=1 #ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1
# Remove the dedicated Fail2Ban config # Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config #ynh_remove_fail2ban_config
#================================================= #=================================================
# SPECIFIC REMOVE # SPECIFIC REMOVE
#================================================= #=================================================
# REMOVE VARIOUS FILES # REMOVE VARIOUS FILES
#================================================= #=================================================
ynh_script_progression --message="Removing various files..." --time --weight=1 ynh_script_progression --message="Removing various files..." --weight=1
# Remove a directory securely # Remove a directory securely
ynh_secure_remove --file="/etc/$app" #ynh_secure_remove --file="/etc/$app"
# Remove the log files # Remove the log files
ynh_secure_remove --file="/var/log/$app" ynh_secure_remove --file="/var/log/$app"
@ -121,7 +126,7 @@ ynh_secure_remove --file="/var/log/$app"
#================================================= #=================================================
# REMOVE DEDICATED USER # REMOVE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Removing the dedicated system user..." --time --weight=1 ynh_script_progression --message="Removing the dedicated system user..." --weight=1
# Delete a system user # Delete a system user
ynh_system_user_delete --username=$app ynh_system_user_delete --username=$app
@ -130,4 +135,4 @@ ynh_system_user_delete --username=$app
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Removal of $app completed" --time --last ynh_script_progression --message="Removal of $app completed" --last

View file

@ -8,6 +8,7 @@
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh source ../settings/scripts/_common.sh
source ../settings/scripts/ynh_redis
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
@ -24,7 +25,7 @@ ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." --time --weight=1 ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -34,29 +35,27 @@ admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
datadir=$(ynh_app_setting_get --app=$app --key=datadir) datadir=$(ynh_app_setting_get --app=$app --key=datadir)
paperless_secret_key=$(ynh_app_setting_get --app=$app --key=paperless_secret_key)
redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db
#================================================= #=================================================
# CHECK IF THE APP CAN BE RESTORED # CHECK IF THE APP CAN BE RESTORED
#================================================= #=================================================
ynh_script_progression --message="Validating restoration parameters..." --time --weight=1 ynh_script_progression --message="Validating restoration parameters..." --weight=1
test ! -d $final_path \ test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path " || ynh_die --message="There is already a directory: $final_path "
#================================================= #=================================================
# STANDARD RESTORATION STEPS # STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." --time --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RECREATE THE DEDICATED USER # RECREATE THE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1 ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create the dedicated user (if not existing) # Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path" ynh_system_user_create --username=$app --home_dir="$final_path"
@ -64,103 +63,145 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
#================================================= #=================================================
# RESTORE THE APP MAIN DIR # RESTORE THE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Restoring the app main directory..." --time --weight=1 ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_restore_file --origin_path="$final_path" ynh_restore_file --origin_path="$final_path"
chmod 750 "$final_path" chmod 750 "$final_path"
chmod -R o-rwx "$final_path" chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path" chown -R $app:$app "$final_path"
#================================================= #=================================================
# RESTORE THE DATA DIRECTORY # RESTORE THE DATA DIRECTORY
#================================================= #=================================================
ynh_script_progression --message="Restoring the data directory..." --time --weight=1 ynh_script_progression --message="Restoring the data directory..." --weight=1
ynh_restore_file --origin_path="$datadir" --not_mandatory ynh_restore_file --origin_path="$datadir" --not_mandatory
mkdir -p $datadir/{consume,data,media} mkdir -p "$datadir/consume"
mkdir -p "$datadir/data"
mkdir -p "$datadir/media"
chmod 750 "$datadir" chmod 750 "$datadir"
chmod -R o-rwx "$datadir" chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir" chown -R $app:$app "$datadir"
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1
ynh_add_config --template="../settings/conf/paperless.conf.example" --destination="$final_path/paperless.conf"
chmod 400 "$final_path/paperless.conf"
chown $app:$app "$final_path/paperless.conf"
#================================================= #=================================================
# RESTORE FAIL2BAN CONFIGURATION # RESTORE FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --time --weight=1 #ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" #ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" #ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban #ynh_systemd_action --action=restart --service_name=fail2ban
#================================================= #=================================================
# SPECIFIC RESTORATION # SPECIFIC RESTORATION
#================================================= #=================================================
# REINSTALL DEPENDENCIES # REINSTALL DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1 ynh_script_progression --message="Reinstalling dependencies..." --weight=1
# Define and install dependencies # Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $ocr_pkg_dependencies
#=================================================
# INSTALL PYTHON DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing Python dependencies..."
pushd $final_path
ynh_secure_remove --file="$final_path/venv"
python3 -m venv venv
chown -R "$app:" "$final_path"
(
source "$final_path/venv/bin/activate"
ynh_exec_as $app $final_path/venv/bin/pip3 install --upgrade pip setuptools wheel
ynh_exec_as $app $final_path/venv/bin/pip3 install -r "$final_path/requirements.txt"
deactivate
)
popd
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RESTORE THE POSTGRESQL DATABASE # RESTORE THE POSTGRESQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Restoring the PostgresSQL database..." --time --weight=1 ynh_script_progression --message="Restoring the PostgresSQL database..." --weight=1
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
#================================================= #=================================================
# RESTORE VARIOUS FILES # RESTORE VARIOUS FILES
#================================================= #=================================================
ynh_script_progression --message="Restoring various files..." --time --weight=1 #ynh_script_progression --message="Restoring various files..." --weight=1
ynh_restore_file --origin_path="/etc/$app/" #ynh_restore_file --origin_path="/etc/$app/"
#================================================= #=================================================
# RESTORE SYSTEMD # RESTORE SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1 ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
ynh_restore_file --origin_path="/etc/systemd/system/$app.service" ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet ynh_restore_file --origin_path="/etc/systemd/system/$app-qcluster.service"
systemctl enable "$app.service" --quiet
systemctl enable "$app-qcluster.service" --quiet
#================================================= #=================================================
# RESTORE THE LOGROTATE CONFIGURATION # RESTORE THE LOGROTATE CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the logrotate configuration..." --time --weight=1 ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
mkdir -p "/var/log/$app"
chown -R $app: "/var/log/$app"
ynh_restore_file --origin_path="/etc/logrotate.d/$app" ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --log="/var/log/$app/$app.log" yunohost service add "$app" --log="/var/log/$app/$app.log"
yunohost service add "$app-qcluster" --log="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --time --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name="$app-qcluster" --action="start" --log_path="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# RELOAD NGINX AND PHP-FPM # RELOAD NGINX AND PHP-FPM
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --time --weight=1 ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Restoration completed for $app" --time --last ynh_script_progression --message="Restoration completed for $app" --last

View file

@ -7,40 +7,37 @@
#================================================= #=================================================
source _common.sh source _common.sh
source ynh_redis
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." --time --weight=1 ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path) path_url=$(ynh_app_setting_get --app=$app --key=path)
port=$(ynh_app_setting_get --app=$app --key=port)
admin=$(ynh_app_setting_get --app=$app --key=admin) admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name db_user=$db_name
datadir=$(ynh_app_setting_get --app=$app --key=datadir) db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
paperless_secret_key=$(ynh_app_setting_get --app=app --key=paperless_secret_key) redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
paperless_secret_key=$(ynh_app_setting_get --app=$app --key=paperless_secret_key)
#================================================= #=================================================
# CHECK VERSION # CHECK VERSION
#================================================= #=================================================
### This helper will compare the version of the currently installed app and the version of the upstream package.
### $upgrade_type can have 2 different values
### - UPGRADE_APP if the upstream app version has changed
### - UPGRADE_PACKAGE if only the YunoHost package has changed
### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
upgrade_type=$(ynh_check_app_version_changed) upgrade_type=$(ynh_check_app_version_changed)
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1 ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
@ -56,14 +53,15 @@ ynh_abort_if_errors
#================================================= #=================================================
# STOP SYSTEMD SERVICE # STOP SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name="$app-qcluster" --action="stop" --log_path="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# #
# N.B. : the followings setting migrations snippets are provided as *EXAMPLES* # N.B. : the followings setting migrations snippets are provided as *EXAMPLES*
@ -83,10 +81,30 @@ ynh_script_progression --message="Ensuring downward compatibility..." --time --w
# ynh_app_setting_set --app=$app --key=final_path --value=$final_path # ynh_app_setting_set --app=$app --key=final_path --value=$final_path
#fi #fi
### If nobody installed your app before 4.1,
### then you may safely remove these lines
# Cleaning legacy permissions
#if ynh_legacy_permissions_exists; then
# ynh_legacy_permissions_delete_all
#
# ynh_app_setting_delete --app=$app --key=is_public
#fi
#
#if ! ynh_permission_exists --permission="admin"; then
# # Create the required permissions
# ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
#fi
#
## Create a permission if needed
#if ! ynh_permission_exists --permission="api"; then
# ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
#fi
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
# Create a dedicated user (if not existing) # Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path" ynh_system_user_create --username=$app --home_dir="$final_path"
@ -97,30 +115,29 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
if [ "$upgrade_type" == "UPGRADE_APP" ] if [ "$upgrade_type" == "UPGRADE_APP" ]
then then
ynh_script_progression --message="Upgrading source files..." --time --weight=1 ynh_script_progression --message="Upgrading source files..." --weight=1
# Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" --keep="paperless.conf"
ynh_setup_source --dest_dir="$final_path"
fi fi
chmod 750 "$final_path" chmod 750 "$final_path"
chmod -R o-rwx "$final_path" chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path" chown -R $app:$app "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#================================================= #=================================================
# UPGRADE DEPENDENCIES # UPGRADE DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_install_app_dependencies $pkg_dependencies ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $ocr_pkg_dependencies
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#================================================= #=================================================
# SPECIFIC UPGRADE # SPECIFIC UPGRADE
@ -131,84 +148,86 @@ ynh_script_progression --message="Installing Python dependencies..."
pushd $final_path pushd $final_path
python3 -m venv venv python3 -m venv venv
venv/bin/pip install --upgrade pip chown -R "$app:" "$final_path"
venv/bin/pip install -r requirements.txt (
source "$final_path/venv/bin/activate"
ynh_exec_as $app $final_path/venv/bin/pip3 install --upgrade pip setuptools wheel
ynh_exec_as $app $final_path/venv/bin/pip3 install -r "$final_path/requirements.txt"
deactivate
)
popd popd
#================================================= #=================================================
# UPDATE A CONFIG FILE # UPDATE A CONFIG FILE
#================================================= #=================================================
ynh_script_progression --message="Updating a configuration file..." --time --weight=1 ynh_script_progression --message="Updating a configuration file..." --weight=1
ynh_add_config --template="paperless.conf.example" --destination="$final_path/paperless.conf"
ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file" chmod 400 "$final_path/paperless.conf"
chown $app:$app "$final_path/paperless.conf"
# FIXME: this should be handled by the core in the future
# You may need to use chmod 600 instead of 400,
# for example if the app is expected to be able to modify its own config
chmod 400 "$final_path/some_config_file"
chown $app:$app "$final_path/some_config_file"
### For more complex cases where you want to replace stuff using regexes,
### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
### When doing so, you also need to manually call ynh_store_file_checksum
###
### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
### ynh_store_file_checksum --file="$final_path/some_config_file"
#================================================= #=================================================
# SETUP THE DATABASE # SETUP THE DATABASE
#================================================= #=================================================
ynh_script_progression --message="Setting up the database..." --time --weight=1 ynh_script_progression --message="Setting up the database..." --weight=1
pushd $final_path pushd "$final_path/src"
ynh_exec_as $app python3 manage.py migrate (
source "$final_path/venv/bin/activate"
ynh_exec_as $app $final_path/venv/bin/python manage.py migrate
deactivate
)
popd popd
#================================================= #=================================================
# SETUP SYSTEMD # SETUP SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1 ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config ynh_add_systemd_config --service="$app" --template="systemd.service"
ynh_add_systemd_config --service="$app-qcluster" --template="systemd-qcluster.service"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# SETUP LOGROTATE # SETUP LOGROTATE
#================================================= #=================================================
ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1 ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
# Use logrotate to manage app-specific logfile(s) # Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append ynh_use_logrotate --logfile="/var/log/$app/$app.log"
ynh_use_logrotate --logfile="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --log="/var/log/$app/$app.log" yunohost service add "$app" --log="/var/log/$app/$app.log"
yunohost service add "$app-qcluster" --log="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --time --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name="$app-qcluster" --action="start" --log_path="/var/log/$app/$app-qcluster.log"
#================================================= #=================================================
# UPGRADE FAIL2BAN # UPGRADE FAIL2BAN
#================================================= #=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..." --time --weight=1 #ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
# Create a dedicated Fail2Ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" #ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
@ -216,4 +235,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Upgrade of $app completed" --time --last ynh_script_progression --message="Upgrade of $app completed" --last

39
scripts/ynh_redis Normal file
View file

@ -0,0 +1,39 @@
#!/bin/bash
# get the first available redis database
#
# usage: ynh_redis_get_free_db
# | returns: the database number to use
ynh_redis_get_free_db() {
local result max db
result=$(redis-cli INFO keyspace)
# get the num
max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+")
db=0
# default Debian setting is 15 databases
for i in $(seq 0 "$max")
do
if ! echo "$result" | grep -q "db$i"
then
db=$i
break 1
fi
db=-1
done
test "$db" -eq -1 && ynh_die --message="No available Redis databases..."
echo "$db"
}
# Create a master password and set up global settings
# Please always call this script in install and restore scripts
#
# usage: ynh_redis_remove_db database
# | arg: database - the database to erase
ynh_redis_remove_db() {
local db=$1
redis-cli -n "$db" flushall
}