mirror of
https://github.com/YunoHost-Apps/paperless-ngx_ynh.git
synced 2024-09-03 19:56:33 +02:00
Update to 1.9.2
This commit is contained in:
parent
a76e15bd52
commit
51b5dcb2bb
17 changed files with 423 additions and 199 deletions
|
@ -13,7 +13,7 @@
|
||||||
setup_root=1
|
setup_root=1
|
||||||
setup_nourl=0
|
setup_nourl=0
|
||||||
setup_private=1
|
setup_private=1
|
||||||
setup_public=0
|
setup_public=1
|
||||||
upgrade=1
|
upgrade=1
|
||||||
upgrade=0 from_commit=CommitHash
|
upgrade=0 from_commit=CommitHash
|
||||||
backup_restore=1
|
backup_restore=1
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
SOURCE_URL=https://github.com/paperless-ngx/paperless-ngx/releases/download/ngx-1.6.0/paperless-ngx-1.6.0.tar.xz
|
SOURCE_URL=https://github.com/paperless-ngx/paperless-ngx/releases/download/v1.9.2/paperless-ngx-v1.9.2.tar.xz
|
||||||
SOURCE_SUM=f4971abf258382fb171a8d11f4c6181ca03b42334deb6d9305a04ea8f8eab91e
|
SOURCE_SUM=7da7e355745fcc5ac837323f22f7e6d556386297a61e41f04e104fe785e85cce
|
||||||
SOURCE_SUM_PRG=sha256sum
|
SOURCE_SUM_PRG=sha256sum
|
||||||
SOURCE_FORMAT=tar.gz
|
SOURCE_FORMAT=tar.gz
|
||||||
SOURCE_IN_SUBDIR=true
|
SOURCE_IN_SUBDIR=true
|
||||||
|
|
|
@ -13,6 +13,8 @@ location __PATH__/ {
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
proxy_set_header X-Forwarded-Host $server_name;
|
proxy_set_header X-Forwarded-Host $server_name;
|
||||||
|
|
||||||
|
client_max_body_size 25M;
|
||||||
|
|
||||||
# Include SSOWAT user panel.
|
# Include SSOWAT user panel.
|
||||||
include conf.d/yunohost_panel.conf.inc;
|
include conf.d/yunohost_panel.conf.inc;
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,11 +3,11 @@
|
||||||
|
|
||||||
# Debug. Only enable this for development.
|
# Debug. Only enable this for development.
|
||||||
|
|
||||||
#PAPERLESS_DEBUG=false
|
PAPERLESS_DEBUG=false
|
||||||
|
|
||||||
# Required services
|
# Required services
|
||||||
|
|
||||||
PAPERLESS_REDIS=redis://localhost:6379
|
PAPERLESS_REDIS=redis://localhost:6379/__REDIS_DB__
|
||||||
|
|
||||||
PAPERLESS_DBHOST=localhost
|
PAPERLESS_DBHOST=localhost
|
||||||
PAPERLESS_DBPORT=5432
|
PAPERLESS_DBPORT=5432
|
||||||
|
@ -18,15 +18,17 @@ PAPERLESS_DBPASS=__DB_PWD__
|
||||||
|
|
||||||
# Paths and folders
|
# Paths and folders
|
||||||
|
|
||||||
PAPERLESS_CONSUMPTION_DIR=__DATA_DIR__/consume
|
PAPERLESS_SCRATCH_DIR=/tmp/__APP__
|
||||||
PAPERLESS_DATA_DIR=__DATA_DIR__/data
|
PAPERLESS_CONSUMPTION_DIR=__DATADIR__/consume
|
||||||
|
PAPERLESS_DATA_DIR=__DATADIR__/data
|
||||||
#PAPERLESS_TRASH_DIR=
|
#PAPERLESS_TRASH_DIR=
|
||||||
PAPERLESS_MEDIA_ROOT=__DATA_DIR__/media
|
PAPERLESS_MEDIA_ROOT=__DATADIR__/media
|
||||||
#PAPERLESS_STATICDIR=../static
|
#PAPERLESS_STATICDIR=../static
|
||||||
#PAPERLESS_FILENAME_FORMAT=
|
#PAPERLESS_FILENAME_FORMAT=
|
||||||
|
|
||||||
# Security and hosting
|
# Security and hosting
|
||||||
|
|
||||||
|
PAPERLESS_URL=https://__DOMAIN__
|
||||||
PAPERLESS_SECRET_KEY=__PAPERLESS_SECRET_KEY__
|
PAPERLESS_SECRET_KEY=__PAPERLESS_SECRET_KEY__
|
||||||
PAPERLESS_ALLOWED_HOSTS=__DOMAIN__
|
PAPERLESS_ALLOWED_HOSTS=__DOMAIN__
|
||||||
PAPERLESS_CORS_ALLOWED_HOSTS=https://__DOMAIN__
|
PAPERLESS_CORS_ALLOWED_HOSTS=https://__DOMAIN__
|
||||||
|
@ -38,7 +40,7 @@ PAPERLESS_CORS_ALLOWED_HOSTS=https://__DOMAIN__
|
||||||
|
|
||||||
# OCR settings
|
# OCR settings
|
||||||
|
|
||||||
PAPERLESS_OCR_LANGUAGE=eng+fra
|
PAPERLESS_OCR_LANGUAGE=eng
|
||||||
#PAPERLESS_OCR_MODE=skip
|
#PAPERLESS_OCR_MODE=skip
|
||||||
#PAPERLESS_OCR_OUTPUT_TYPE=pdfa
|
#PAPERLESS_OCR_OUTPUT_TYPE=pdfa
|
||||||
#PAPERLESS_OCR_PAGES=1
|
#PAPERLESS_OCR_PAGES=1
|
||||||
|
@ -84,4 +86,3 @@ PAPERLESS_CONSUMER_IGNORE_PATTERNS=[".DS_STORE/*", "._*", ".stfolder/*", ".*"]
|
||||||
# YunoHost tweaks
|
# YunoHost tweaks
|
||||||
|
|
||||||
PAPERLESS_LOGOUT_REDIRECT_URL=https://__MAIN_DOMAIN__/yunohost/sso/?action=logout
|
PAPERLESS_LOGOUT_REDIRECT_URL=https://__MAIN_DOMAIN__/yunohost/sso/?action=logout
|
||||||
PAPERLESS_PORT=__PORT__
|
|
||||||
|
|
45
conf/systemd-qcluster.service
Normal file
45
conf/systemd-qcluster.service
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Paperless qcluster
|
||||||
|
After=network.target
|
||||||
|
Wants=network.target
|
||||||
|
Requires=redis.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
User=__APP__
|
||||||
|
Group=__APP__
|
||||||
|
WorkingDirectory=__FINALPATH__/src/
|
||||||
|
ExecStart=__FINALPATH__/venv/bin/python manage.py qcluster
|
||||||
|
StandardOutput=append:/var/log/__APP__/__APP__.log
|
||||||
|
StandardError=inherit
|
||||||
|
|
||||||
|
# Sandboxing options to harden security
|
||||||
|
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||||
|
NoNewPrivileges=yes
|
||||||
|
PrivateTmp=yes
|
||||||
|
PrivateDevices=yes
|
||||||
|
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
||||||
|
RestrictNamespaces=yes
|
||||||
|
RestrictRealtime=yes
|
||||||
|
DevicePolicy=closed
|
||||||
|
ProtectSystem=full
|
||||||
|
ProtectControlGroups=yes
|
||||||
|
ProtectKernelModules=yes
|
||||||
|
ProtectKernelTunables=yes
|
||||||
|
LockPersonality=yes
|
||||||
|
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
|
||||||
|
|
||||||
|
# Denying access to capabilities that should not be relevant for webapps
|
||||||
|
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
|
||||||
|
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
|
||||||
|
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
|
||||||
|
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
|
||||||
|
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||||
|
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||||
|
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
|
@ -1,19 +1,19 @@
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Scan, index and archive all your physical documents
|
Description=Paperless webserver
|
||||||
After=network.target
|
After=network.target
|
||||||
|
Wants=network.target
|
||||||
|
Requires=redis.service
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
User=__APP__
|
User=__APP__
|
||||||
Group=__APP__
|
Group=__APP__
|
||||||
WorkingDirectory=__FINALPATH__/
|
WorkingDirectory=__FINALPATH__/src/
|
||||||
ExecStart=__FINALPATH__/venv/bin/python3 manage.py runserver
|
ExecStart=__FINALPATH__/venv/bin/uvicorn --port=__PORT__ --log-level=warning paperless.asgi:application
|
||||||
StandardOutput=append:/var/log/__APP__/__APP__.log
|
StandardOutput=append:/var/log/__APP__/__APP__.log
|
||||||
StandardError=inherit
|
StandardError=inherit
|
||||||
|
|
||||||
# Sandboxing options to harden security
|
# Sandboxing options to harden security
|
||||||
# Depending on specificities of your service/app, you may need to tweak these
|
|
||||||
# .. but this should be a good baseline
|
|
||||||
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||||
NoNewPrivileges=yes
|
NoNewPrivileges=yes
|
||||||
PrivateTmp=yes
|
PrivateTmp=yes
|
||||||
|
|
|
@ -1,2 +1,13 @@
|
||||||
* This app require a dedicated domain.
|
* This app require a dedicated domain.
|
||||||
* There no LDAP or SSO. ⚠️ The admin user will recieve a mail after the installation.
|
* There is no LDAP or SSO support.
|
||||||
|
|
||||||
|
* Paperless is performing OCR on documents and images. English is installed by default. More languages can be installed:
|
||||||
|
* Display a list of all Tesseract language packs `apt-cache search tesseract-ocr`
|
||||||
|
* Install additional language packs
|
||||||
|
* Example for french `sudo apt-get install tesseract-ocr-fra`
|
||||||
|
* Example for german `sudo apt-get install tesseract-ocr-deu`
|
||||||
|
* Modify config to add new languages
|
||||||
|
* Open config-panel: https://my-domain.tld/yunohost/admin/#/apps/$app_id/config-panel
|
||||||
|
* You can combine multiple languages like this:
|
||||||
|
* One language: eng
|
||||||
|
* Two languages: eng+fra
|
||||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 680 KiB After Width: | Height: | Size: 491 KiB |
|
@ -6,7 +6,7 @@
|
||||||
"en": "Scan, index and archive all your physical documents",
|
"en": "Scan, index and archive all your physical documents",
|
||||||
"fr": "Scannez, triez et archivez tous vos documents papiers"
|
"fr": "Scannez, triez et archivez tous vos documents papiers"
|
||||||
},
|
},
|
||||||
"version": "1.6~ynh1",
|
"version": "1.9.2~ynh1",
|
||||||
"url": "https://paperless-ngx.com",
|
"url": "https://paperless-ngx.com",
|
||||||
"upstream": {
|
"upstream": {
|
||||||
"license": "GPL-3.0-or-later",
|
"license": "GPL-3.0-or-later",
|
||||||
|
@ -21,7 +21,7 @@
|
||||||
"name": "Tagada"
|
"name": "Tagada"
|
||||||
},
|
},
|
||||||
"requirements": {
|
"requirements": {
|
||||||
"yunohost": ">= 4.3.0"
|
"yunohost": ">= 11.0.0"
|
||||||
},
|
},
|
||||||
"multi_instance": true,
|
"multi_instance": true,
|
||||||
"services": [
|
"services": [
|
||||||
|
@ -38,6 +38,26 @@
|
||||||
{
|
{
|
||||||
"name": "admin",
|
"name": "admin",
|
||||||
"type": "user"
|
"type": "user"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "admin_pw",
|
||||||
|
"type": "password",
|
||||||
|
"ask": {
|
||||||
|
"en": "Please chose a password for admin user."
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "is_public",
|
||||||
|
"type": "boolean",
|
||||||
|
"default": false
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "is_public_api",
|
||||||
|
"type": "boolean",
|
||||||
|
"default": false,
|
||||||
|
"ask": {
|
||||||
|
"en": "Should Paperless-ngx be accessible for apps."
|
||||||
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,7 +5,8 @@
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
# dependencies used by the app
|
# dependencies used by the app
|
||||||
pkg_dependencies="redis-tools redis-server postgresql postgresql-contrib python3 python3-pip python3-dev python3-venv imagemagick fonts-liberation optipng gnupg libpq-dev libmagic-dev mime-support"
|
#pkg_dependencies="redis-tools redis-server postgresql postgresql-contrib python3 python3-pip python3-dev python3-venv imagemagick fonts-liberation optipng gnupg libpq-dev libmagic-dev mime-support"
|
||||||
|
pkg_dependencies="build-essential postgresql postgresql-contrib python3 python3-pip python3-dev python3-venv imagemagick fonts-liberation optipng gnupg libpq-dev libmagic-dev mime-support libzbar0 poppler-utils default-libmysqlclient-dev"
|
||||||
ocr_pkg_dependencies="unpaper ghostscript icc-profiles-free qpdf liblept5 libxml2 pngquant zlib1g tesseract-ocr"
|
ocr_pkg_dependencies="unpaper ghostscript icc-profiles-free qpdf liblept5 libxml2 pngquant zlib1g tesseract-ocr"
|
||||||
raspberry_pkg_dependencies="libatlas-base-dev libxslt1-dev"
|
raspberry_pkg_dependencies="libatlas-base-dev libxslt1-dev"
|
||||||
|
|
||||||
|
|
|
@ -31,7 +31,6 @@ app=$YNH_APP_INSTANCE_NAME
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||||
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
|
|
||||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -66,8 +65,8 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
# BACKUP FAIL2BAN CONFIGURATION
|
# BACKUP FAIL2BAN CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
|
#ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
|
||||||
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
|
#ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC BACKUP
|
# SPECIFIC BACKUP
|
||||||
|
@ -82,12 +81,13 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_backup --src_path="/etc/systemd/system/$app.service"
|
ynh_backup --src_path="/etc/systemd/system/$app.service"
|
||||||
|
ynh_backup --src_path="/etc/systemd/system/$app-qcluster.service"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP VARIOUS FILES
|
# BACKUP VARIOUS FILES
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_backup --src_path="/etc/$app/"
|
#ynh_backup --src_path="/etc/$app/"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP THE MYSQL DATABASE
|
# BACKUP THE MYSQL DATABASE
|
||||||
|
|
|
@ -24,16 +24,22 @@ app=$YNH_APP_INSTANCE_NAME
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
|
|
||||||
# Needed for helper "ynh_add_nginx_config"
|
# Needed for helper "ynh_add_nginx_config"
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||||
|
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||||
|
db_user=$db_name
|
||||||
|
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
|
||||||
|
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
|
||||||
|
paperless_secret_key=$(ynh_app_setting_get --app=$app --key=paperless_secret_key)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
|
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --time --weight=1
|
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
|
||||||
|
|
||||||
# Backup the current version of the app
|
# Backup the current version of the app
|
||||||
ynh_backup_before_upgrade
|
ynh_backup_before_upgrade
|
||||||
|
@ -68,14 +74,15 @@ fi
|
||||||
#=================================================
|
#=================================================
|
||||||
# STOP SYSTEMD SERVICE
|
# STOP SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
|
ynh_script_progression --message="Stopping a systemd service..." --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log"
|
||||||
|
ynh_systemd_action --service_name="$app-qcluster" --action="stop" --log_path="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# MODIFY URL IN NGINX CONF
|
# MODIFY URL IN NGINX CONF
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Updating NGINX web server configuration..." --time --weight=1
|
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
|
||||||
|
|
||||||
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||||
|
|
||||||
|
@ -104,22 +111,32 @@ fi
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC MODIFICATIONS
|
# SPECIFIC MODIFICATIONS
|
||||||
#=================================================
|
#=================================================
|
||||||
# ...
|
# MODIFY A CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Modifying a configuration file..." --weight=1
|
||||||
|
|
||||||
|
domain="$new_domain"
|
||||||
|
path_url="$new_path"
|
||||||
|
|
||||||
|
ynh_add_config --template="paperless.conf.example" --destination="$final_path/paperless.conf"
|
||||||
|
|
||||||
|
chmod 400 "$final_path/paperless.conf"
|
||||||
|
chown $app:$app "$final_path/paperless.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALISATION
|
# GENERIC FINALISATION
|
||||||
#=================================================
|
#=================================================
|
||||||
# START SYSTEMD SERVICE
|
# START SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
|
ynh_systemd_action --service_name="$app-qcluster" --action="start" --log_path="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
@ -127,4 +144,4 @@ ynh_systemd_action --service_name=nginx --action=reload
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Change of URL completed for $app" --time --last
|
ynh_script_progression --message="Change of URL completed for $app" --last
|
||||||
|
|
129
scripts/install
129
scripts/install
|
@ -7,6 +7,7 @@
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
source _common.sh
|
source _common.sh
|
||||||
|
source ynh_redis
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -26,25 +27,18 @@ ynh_abort_if_errors
|
||||||
|
|
||||||
domain=$YNH_APP_ARG_DOMAIN
|
domain=$YNH_APP_ARG_DOMAIN
|
||||||
path_url="/"
|
path_url="/"
|
||||||
|
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||||
|
is_public_api=$YNH_APP_ARG_IS_PUBLIC_API
|
||||||
admin=$YNH_APP_ARG_ADMIN
|
admin=$YNH_APP_ARG_ADMIN
|
||||||
|
admin_pw=$YNH_APP_ARG_ADMIN_PW
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||||
#=================================================
|
#=================================================
|
||||||
### About --weight and --time
|
ynh_script_progression --message="Validating installation parameters..." --weight=1
|
||||||
### ynh_script_progression will show to your final users the progression of each scripts.
|
|
||||||
### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script.
|
|
||||||
### --time is a packager option, it will show you the execution time since the previous call.
|
|
||||||
### This option should be removed before releasing your app.
|
|
||||||
### Use the execution time, given by --time, to estimate the weight of a step.
|
|
||||||
### A common way to do it is to set a weight equal to the execution time in second +1.
|
|
||||||
### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call.
|
|
||||||
ynh_script_progression --message="Validating installation parameters..." --time --weight=1
|
|
||||||
|
|
||||||
### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
|
|
||||||
### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app"
|
|
||||||
final_path=/opt/yunohost/$app
|
final_path=/opt/yunohost/$app
|
||||||
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
||||||
|
|
||||||
|
@ -54,7 +48,7 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
||||||
#=================================================
|
#=================================================
|
||||||
# STORE SETTINGS FROM MANIFEST
|
# STORE SETTINGS FROM MANIFEST
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Storing installation settings..." --time --weight=1
|
ynh_script_progression --message="Storing installation settings..." --weight=1
|
||||||
|
|
||||||
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
||||||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
||||||
|
@ -65,7 +59,7 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||||
#=================================================
|
#=================================================
|
||||||
# FIND AND OPEN A PORT
|
# FIND AND OPEN A PORT
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Finding an available port..." --time --weight=1
|
ynh_script_progression --message="Finding an available port..." --weight=1
|
||||||
|
|
||||||
# Find an available port
|
# Find an available port
|
||||||
port=$(ynh_find_port --port=8095)
|
port=$(ynh_find_port --port=8095)
|
||||||
|
@ -74,16 +68,16 @@ ynh_app_setting_set --app=$app --key=port --value=$port
|
||||||
#=================================================
|
#=================================================
|
||||||
# INSTALL DEPENDENCIES
|
# INSTALL DEPENDENCIES
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Installing dependencies..." --time --weight=1
|
ynh_script_progression --message="Installing dependencies..." --weight=1
|
||||||
|
|
||||||
# FIXME: Only on a Raspberry Pi (armv6 v7?)
|
# FIXME: Only on a Raspberry Pi (armv6 v7?)
|
||||||
# ynh_add_app_dependencies $raspberry_pkg_dependencies
|
# ynh_add_app_dependencies $raspberry_pkg_dependencies
|
||||||
ynh_install_app_dependencies $pkg_dependencies $ocr_pkg_dependencies
|
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $ocr_pkg_dependencies
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE DEDICATED USER
|
# CREATE DEDICATED USER
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring system user..." --time --weight=1
|
ynh_script_progression --message="Configuring system user..." --weight=1
|
||||||
|
|
||||||
# Create a system user
|
# Create a system user
|
||||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||||
|
@ -91,17 +85,18 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE A POSTGRESQL DATABASE
|
# CREATE A POSTGRESQL DATABASE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Creating a PostgreSQL database..." --time --weight=1
|
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=1
|
||||||
|
|
||||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
||||||
db_user=$db_name
|
db_user=$db_name
|
||||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||||
|
|
||||||
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
|
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Setting up source files..." --time --weight=1
|
ynh_script_progression --message="Setting up source files..." --weight=1
|
||||||
|
|
||||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||||
|
|
||||||
|
@ -114,9 +109,7 @@ chown -R $app:$app "$final_path"
|
||||||
#=================================================
|
#=================================================
|
||||||
# NGINX CONFIGURATION
|
# NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring NGINX web server..." --time --weight=1
|
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
|
||||||
|
|
||||||
### `ynh_add_nginx_config` will use the file conf/nginx.conf
|
|
||||||
|
|
||||||
# Create a dedicated NGINX config
|
# Create a dedicated NGINX config
|
||||||
ynh_add_nginx_config
|
ynh_add_nginx_config
|
||||||
|
@ -130,19 +123,26 @@ ynh_script_progression --message="Installing Python dependencies..."
|
||||||
|
|
||||||
pushd $final_path
|
pushd $final_path
|
||||||
python3 -m venv venv
|
python3 -m venv venv
|
||||||
venv/bin/pip install --upgrade pip
|
chown -R "$app:" "$final_path"
|
||||||
venv/bin/pip install -r requirements.txt
|
(
|
||||||
|
source "$final_path/venv/bin/activate"
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip3 install --upgrade pip setuptools wheel
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip3 install -r "$final_path/requirements.txt"
|
||||||
|
deactivate
|
||||||
|
)
|
||||||
popd
|
popd
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE DATA DIRECTORY
|
# CREATE DATA DIRECTORY
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Creating a data directory..." --time --weight=1
|
ynh_script_progression --message="Creating a data directory..." --weight=1
|
||||||
|
|
||||||
datadir=/home/yunohost.app/$app
|
datadir=/home/yunohost.app/$app
|
||||||
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
|
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
|
||||||
|
|
||||||
mkdir -p $datadir/{consume,data,media}
|
mkdir -p "$datadir/consume"
|
||||||
|
mkdir -p "$datadir/data"
|
||||||
|
mkdir -p "$datadir/media"
|
||||||
|
|
||||||
chmod 750 "$datadir"
|
chmod 750 "$datadir"
|
||||||
chmod -R o-rwx "$datadir"
|
chmod -R o-rwx "$datadir"
|
||||||
|
@ -151,49 +151,61 @@ chown -R $app:www-data "$datadir"
|
||||||
#=================================================
|
#=================================================
|
||||||
# ADD A CONFIGURATION
|
# ADD A CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Adding a configuration file..." --time --weight=1
|
ynh_script_progression --message="Adding a configuration file..." --weight=1
|
||||||
|
|
||||||
|
redis_db=$(ynh_redis_get_free_db)
|
||||||
|
ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db
|
||||||
|
|
||||||
paperless_secret_key=$(ynh_string_random)
|
paperless_secret_key=$(ynh_string_random)
|
||||||
ynh_app_setting_set --app=$app --key=paperless_secret_key
|
ynh_app_setting_set --app=$app --key=paperless_secret_key --value=$paperless_secret_key
|
||||||
|
|
||||||
ynh_add_config --template="paperless.conf.example" --destination="$final_path/paperless.conf"
|
ynh_add_config --template="paperless.conf.example" --destination="$final_path/paperless.conf"
|
||||||
|
|
||||||
chmod 400 "$final_path/paperless.conf"
|
chmod 400 "$final_path/paperless.conf"
|
||||||
chown $app:$app "$final_path/paperless.conf"
|
chown $app:$app "$final_path/paperless.conf"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SETUP SYSTEMD
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring a systemd service..." --time --weight=1
|
|
||||||
|
|
||||||
# Create a dedicated systemd config
|
|
||||||
ynh_add_systemd_config
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP THE DATABASE
|
# SETUP THE DATABASE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Setting up the database..." --time --weight=1
|
ynh_script_progression --message="Setting up the database..." --weight=1
|
||||||
|
|
||||||
pushd $final_path
|
pushd "$final_path/src"
|
||||||
ynh_exec_as $app python3 manage.py migrate
|
(
|
||||||
|
source "$final_path/venv/bin/activate"
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/python manage.py migrate
|
||||||
|
deactivate
|
||||||
|
)
|
||||||
popd
|
popd
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE THE ADMIN USER
|
# CREATE THE ADMIN USER
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Creating the admin user..." --time --weight=1
|
ynh_script_progression --message="Creating the admin user..." --weight=1
|
||||||
|
|
||||||
pushd $final_path
|
pushd "$final_path/src"
|
||||||
|
(
|
||||||
|
source "$final_path/venv/bin/activate"
|
||||||
email=$(ynh_user_get_info $admin 'mail')
|
email=$(ynh_user_get_info $admin 'mail')
|
||||||
ynh_exec_as $app python3 manage.py createsuperuser --noinput --username "$admin" --email "$email"
|
ynh_exec_as $app env "DJANGO_SUPERUSER_PASSWORD=$admin_pw" $final_path/venv/bin/python3 manage.py createsuperuser --noinput --username "$admin" --email "$email"
|
||||||
|
deactivate
|
||||||
|
)
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SETUP SYSTEMD
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring a systemd service..." --weight=1
|
||||||
|
|
||||||
|
# Create a dedicated systemd config
|
||||||
|
ynh_add_systemd_config --service="$app" --template="systemd.service"
|
||||||
|
ynh_add_systemd_config --service="$app-qcluster" --template="systemd-qcluster.service"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP LOGROTATE
|
# SETUP LOGROTATE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring log rotation..." --time --weight=1
|
ynh_script_progression --message="Configuring log rotation..." --weight=1
|
||||||
|
|
||||||
# Use logrotate to manage application logfile(s)
|
# Use logrotate to manage application logfile(s)
|
||||||
ynh_use_logrotate
|
ynh_use_logrotate
|
||||||
|
@ -201,39 +213,50 @@ ynh_use_logrotate
|
||||||
#=================================================
|
#=================================================
|
||||||
# INTEGRATE SERVICE IN YUNOHOST
|
# INTEGRATE SERVICE IN YUNOHOST
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
|
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
|
||||||
|
|
||||||
yunohost service add $app --log="/var/log/$app/$app.log"
|
yunohost service add "$app" --log="/var/log/$app/$app.log"
|
||||||
|
yunohost service add "$app-qcluster" --log="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# START SYSTEMD SERVICE
|
# START SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
||||||
|
|
||||||
# Start a systemd service
|
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name="$app-qcluster" --action="start" --log_path="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP FAIL2BAN
|
# SETUP FAIL2BAN
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring Fail2Ban..." --time --weight=1
|
#ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
|
||||||
|
|
||||||
# Create a dedicated Fail2Ban config
|
# Create a dedicated Fail2Ban config
|
||||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
|
#ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
|
||||||
# FIXME fail2ban
|
# FIXME fail2ban
|
||||||
# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
|
# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP SSOWAT
|
# SETUP SSOWAT
|
||||||
#=================================================
|
#=================================================
|
||||||
#ynh_script_progression --message="Configuring permissions..." --time --weight=1
|
ynh_script_progression --message="Configuring permissions..." --weight=1
|
||||||
|
|
||||||
# .main already exist so nothing to do here...
|
# Make app public if necessary
|
||||||
|
if [ $is_public -eq 1 ]
|
||||||
|
then
|
||||||
|
ynh_permission_update --permission="main" --add="visitors"
|
||||||
|
fi
|
||||||
|
|
||||||
|
ynh_permission_create --permission="api" --url="/api" --allowed="all_users" --auth_header="false" --label="$app API" --show_tile="false" --protected="false"
|
||||||
|
if [ $is_public_api -eq 1 ]
|
||||||
|
then
|
||||||
|
ynh_permission_update --permission="api" --add="visitors"
|
||||||
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
@ -241,4 +264,4 @@ ynh_systemd_action --service_name=nginx --action=reload
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Installation of $app completed" --time --last
|
ynh_script_progression --message="Installation of $app completed" --last
|
||||||
|
|
|
@ -7,12 +7,13 @@
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
source _common.sh
|
source _common.sh
|
||||||
|
source ynh_redis
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
@ -22,6 +23,7 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||||
db_user=$db_name
|
db_user=$db_name
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
|
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD REMOVE
|
# STANDARD REMOVE
|
||||||
|
@ -32,22 +34,24 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
|
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
|
||||||
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
||||||
then
|
then
|
||||||
ynh_script_progression --message="Removing $app service integration..." --time --weight=1
|
ynh_script_progression --message="Removing $app service integration..." --weight=1
|
||||||
yunohost service remove $app
|
yunohost service remove "$app"
|
||||||
|
yunohost service remove "$app-qcluster"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STOP AND REMOVE SERVICE
|
# STOP AND REMOVE SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Stopping and removing the systemd service..." --time --weight=1
|
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
|
||||||
|
|
||||||
# Remove the dedicated systemd config
|
# Remove the dedicated systemd config
|
||||||
ynh_remove_systemd_config
|
ynh_remove_systemd_config --service="$app"
|
||||||
|
ynh_remove_systemd_config --service="$app-cluster"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE LOGROTATE CONFIGURATION
|
# REMOVE LOGROTATE CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1
|
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
|
||||||
|
|
||||||
# Remove the app-specific logrotate config
|
# Remove the app-specific logrotate config
|
||||||
ynh_remove_logrotate
|
ynh_remove_logrotate
|
||||||
|
@ -55,7 +59,7 @@ ynh_remove_logrotate
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE THE POSTGRESQL DATABASE
|
# REMOVE THE POSTGRESQL DATABASE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing the PostgreSQL database..." --time --weight=1
|
ynh_script_progression --message="Removing the PostgreSQL database..." --weight=1
|
||||||
|
|
||||||
# Remove a database if it exists, along with the associated user
|
# Remove a database if it exists, along with the associated user
|
||||||
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
|
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
|
||||||
|
@ -63,7 +67,7 @@ ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE APP MAIN DIR
|
# REMOVE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing app main directory..." --time --weight=1
|
ynh_script_progression --message="Removing app main directory..." --weight=1
|
||||||
|
|
||||||
# Remove the app directory securely
|
# Remove the app directory securely
|
||||||
ynh_secure_remove --file="$final_path"
|
ynh_secure_remove --file="$final_path"
|
||||||
|
@ -75,14 +79,14 @@ ynh_secure_remove --file="$final_path"
|
||||||
# Remove the data directory if --purge option is used
|
# Remove the data directory if --purge option is used
|
||||||
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
|
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
|
||||||
then
|
then
|
||||||
ynh_script_progression --message="Removing app data directory..." --time --weight=1
|
ynh_script_progression --message="Removing app data directory..." --weight=1
|
||||||
ynh_secure_remove --file="$datadir"
|
ynh_secure_remove --file="$datadir"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE NGINX CONFIGURATION
|
# REMOVE NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing NGINX web server configuration..." --time --weight=1
|
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
|
||||||
|
|
||||||
# Remove the dedicated NGINX config
|
# Remove the dedicated NGINX config
|
||||||
ynh_remove_nginx_config
|
ynh_remove_nginx_config
|
||||||
|
@ -90,28 +94,29 @@ ynh_remove_nginx_config
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE DEPENDENCIES
|
# REMOVE DEPENDENCIES
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing dependencies..." --time --weight=1
|
ynh_script_progression --message="Removing dependencies..." --weight=1
|
||||||
|
|
||||||
# Remove metapackage and its dependencies
|
# Remove metapackage and its dependencies
|
||||||
|
ynh_redis_remove_db "$redis_db"
|
||||||
ynh_remove_app_dependencies
|
ynh_remove_app_dependencies
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE FAIL2BAN CONFIGURATION
|
# REMOVE FAIL2BAN CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing Fail2Ban configuration..." --time --weight=1
|
#ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1
|
||||||
|
|
||||||
# Remove the dedicated Fail2Ban config
|
# Remove the dedicated Fail2Ban config
|
||||||
ynh_remove_fail2ban_config
|
#ynh_remove_fail2ban_config
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC REMOVE
|
# SPECIFIC REMOVE
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE VARIOUS FILES
|
# REMOVE VARIOUS FILES
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing various files..." --time --weight=1
|
ynh_script_progression --message="Removing various files..." --weight=1
|
||||||
|
|
||||||
# Remove a directory securely
|
# Remove a directory securely
|
||||||
ynh_secure_remove --file="/etc/$app"
|
#ynh_secure_remove --file="/etc/$app"
|
||||||
|
|
||||||
# Remove the log files
|
# Remove the log files
|
||||||
ynh_secure_remove --file="/var/log/$app"
|
ynh_secure_remove --file="/var/log/$app"
|
||||||
|
@ -121,7 +126,7 @@ ynh_secure_remove --file="/var/log/$app"
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE DEDICATED USER
|
# REMOVE DEDICATED USER
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing the dedicated system user..." --time --weight=1
|
ynh_script_progression --message="Removing the dedicated system user..." --weight=1
|
||||||
|
|
||||||
# Delete a system user
|
# Delete a system user
|
||||||
ynh_system_user_delete --username=$app
|
ynh_system_user_delete --username=$app
|
||||||
|
@ -130,4 +135,4 @@ ynh_system_user_delete --username=$app
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Removal of $app completed" --time --last
|
ynh_script_progression --message="Removal of $app completed" --last
|
||||||
|
|
111
scripts/restore
111
scripts/restore
|
@ -8,6 +8,7 @@
|
||||||
|
|
||||||
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
|
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
|
||||||
source ../settings/scripts/_common.sh
|
source ../settings/scripts/_common.sh
|
||||||
|
source ../settings/scripts/ynh_redis
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -24,7 +25,7 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
@ -34,29 +35,27 @@ admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||||
db_user=$db_name
|
db_user=$db_name
|
||||||
|
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
|
||||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
|
paperless_secret_key=$(ynh_app_setting_get --app=$app --key=paperless_secret_key)
|
||||||
|
|
||||||
|
redis_db=$(ynh_redis_get_free_db)
|
||||||
|
ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK IF THE APP CAN BE RESTORED
|
# CHECK IF THE APP CAN BE RESTORED
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Validating restoration parameters..." --time --weight=1
|
ynh_script_progression --message="Validating restoration parameters..." --weight=1
|
||||||
|
|
||||||
test ! -d $final_path \
|
test ! -d $final_path \
|
||||||
|| ynh_die --message="There is already a directory: $final_path "
|
|| ynh_die --message="There is already a directory: $final_path "
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD RESTORATION STEPS
|
# STANDARD RESTORATION STEPS
|
||||||
#=================================================
|
|
||||||
# RESTORE THE NGINX CONFIGURATION
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Restoring the NGINX web server configuration..." --time --weight=1
|
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RECREATE THE DEDICATED USER
|
# RECREATE THE DEDICATED USER
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1
|
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
|
||||||
|
|
||||||
# Create the dedicated user (if not existing)
|
# Create the dedicated user (if not existing)
|
||||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||||
|
@ -64,103 +63,145 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE APP MAIN DIR
|
# RESTORE THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the app main directory..." --time --weight=1
|
ynh_script_progression --message="Restoring the app main directory..." --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="$final_path"
|
ynh_restore_file --origin_path="$final_path"
|
||||||
|
|
||||||
chmod 750 "$final_path"
|
chmod 750 "$final_path"
|
||||||
chmod -R o-rwx "$final_path"
|
chmod -R o-rwx "$final_path"
|
||||||
chown -R $app:www-data "$final_path"
|
chown -R $app:$app "$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE DATA DIRECTORY
|
# RESTORE THE DATA DIRECTORY
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the data directory..." --time --weight=1
|
ynh_script_progression --message="Restoring the data directory..." --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="$datadir" --not_mandatory
|
ynh_restore_file --origin_path="$datadir" --not_mandatory
|
||||||
|
|
||||||
mkdir -p $datadir/{consume,data,media}
|
mkdir -p "$datadir/consume"
|
||||||
|
mkdir -p "$datadir/data"
|
||||||
|
mkdir -p "$datadir/media"
|
||||||
|
|
||||||
chmod 750 "$datadir"
|
chmod 750 "$datadir"
|
||||||
chmod -R o-rwx "$datadir"
|
chmod -R o-rwx "$datadir"
|
||||||
chown -R $app:www-data "$datadir"
|
chown -R $app:$app "$datadir"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# ADD A CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Adding a configuration file..." --weight=1
|
||||||
|
|
||||||
|
ynh_add_config --template="../settings/conf/paperless.conf.example" --destination="$final_path/paperless.conf"
|
||||||
|
|
||||||
|
chmod 400 "$final_path/paperless.conf"
|
||||||
|
chown $app:$app "$final_path/paperless.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE FAIL2BAN CONFIGURATION
|
# RESTORE FAIL2BAN CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --time --weight=1
|
#ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
|
#ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
|
||||||
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
|
#ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
|
||||||
ynh_systemd_action --action=restart --service_name=fail2ban
|
#ynh_systemd_action --action=restart --service_name=fail2ban
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC RESTORATION
|
# SPECIFIC RESTORATION
|
||||||
#=================================================
|
#=================================================
|
||||||
# REINSTALL DEPENDENCIES
|
# REINSTALL DEPENDENCIES
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1
|
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
|
||||||
|
|
||||||
# Define and install dependencies
|
# Define and install dependencies
|
||||||
ynh_install_app_dependencies $pkg_dependencies
|
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $ocr_pkg_dependencies
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# INSTALL PYTHON DEPENDENCIES
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Installing Python dependencies..."
|
||||||
|
|
||||||
|
pushd $final_path
|
||||||
|
ynh_secure_remove --file="$final_path/venv"
|
||||||
|
python3 -m venv venv
|
||||||
|
chown -R "$app:" "$final_path"
|
||||||
|
(
|
||||||
|
source "$final_path/venv/bin/activate"
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip3 install --upgrade pip setuptools wheel
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip3 install -r "$final_path/requirements.txt"
|
||||||
|
deactivate
|
||||||
|
)
|
||||||
|
popd
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RESTORE THE NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
|
||||||
|
|
||||||
|
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE POSTGRESQL DATABASE
|
# RESTORE THE POSTGRESQL DATABASE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the PostgresSQL database..." --time --weight=1
|
ynh_script_progression --message="Restoring the PostgresSQL database..." --weight=1
|
||||||
|
|
||||||
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
|
||||||
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
|
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
|
||||||
ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
|
ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE VARIOUS FILES
|
# RESTORE VARIOUS FILES
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring various files..." --time --weight=1
|
#ynh_script_progression --message="Restoring various files..." --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/$app/"
|
#ynh_restore_file --origin_path="/etc/$app/"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE SYSTEMD
|
# RESTORE SYSTEMD
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1
|
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
|
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
|
||||||
systemctl enable $app.service --quiet
|
ynh_restore_file --origin_path="/etc/systemd/system/$app-qcluster.service"
|
||||||
|
systemctl enable "$app.service" --quiet
|
||||||
|
systemctl enable "$app-qcluster.service" --quiet
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE LOGROTATE CONFIGURATION
|
# RESTORE THE LOGROTATE CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the logrotate configuration..." --time --weight=1
|
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
|
||||||
|
|
||||||
|
mkdir -p "/var/log/$app"
|
||||||
|
chown -R $app: "/var/log/$app"
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
|
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INTEGRATE SERVICE IN YUNOHOST
|
# INTEGRATE SERVICE IN YUNOHOST
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
|
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
|
||||||
|
|
||||||
yunohost service add $app --log="/var/log/$app/$app.log"
|
yunohost service add "$app" --log="/var/log/$app/$app.log"
|
||||||
|
yunohost service add "$app-qcluster" --log="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# START SYSTEMD SERVICE
|
# START SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
|
ynh_systemd_action --service_name="$app-qcluster" --action="start" --log_path="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX AND PHP-FPM
|
# RELOAD NGINX AND PHP-FPM
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --time --weight=1
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Restoration completed for $app" --time --last
|
ynh_script_progression --message="Restoration completed for $app" --last
|
||||||
|
|
141
scripts/upgrade
141
scripts/upgrade
|
@ -7,40 +7,37 @@
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
source _common.sh
|
source _common.sh
|
||||||
|
source ynh_redis
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||||
|
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||||
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||||
db_user=$db_name
|
db_user=$db_name
|
||||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
|
||||||
paperless_secret_key=$(ynh_app_setting_get --app=app --key=paperless_secret_key)
|
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
|
||||||
|
paperless_secret_key=$(ynh_app_setting_get --app=$app --key=paperless_secret_key)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK VERSION
|
# CHECK VERSION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
### This helper will compare the version of the currently installed app and the version of the upstream package.
|
|
||||||
### $upgrade_type can have 2 different values
|
|
||||||
### - UPGRADE_APP if the upstream app version has changed
|
|
||||||
### - UPGRADE_PACKAGE if only the YunoHost package has changed
|
|
||||||
### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
|
|
||||||
### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
|
|
||||||
upgrade_type=$(ynh_check_app_version_changed)
|
upgrade_type=$(ynh_check_app_version_changed)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
|
||||||
|
|
||||||
# Backup the current version of the app
|
# Backup the current version of the app
|
||||||
ynh_backup_before_upgrade
|
ynh_backup_before_upgrade
|
||||||
|
@ -56,14 +53,15 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
# STOP SYSTEMD SERVICE
|
# STOP SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
|
ynh_script_progression --message="Stopping a systemd service..." --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log"
|
||||||
|
ynh_systemd_action --service_name="$app-qcluster" --action="stop" --log_path="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# ENSURE DOWNWARD COMPATIBILITY
|
# ENSURE DOWNWARD COMPATIBILITY
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1
|
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
|
||||||
|
|
||||||
#
|
#
|
||||||
# N.B. : the followings setting migrations snippets are provided as *EXAMPLES*
|
# N.B. : the followings setting migrations snippets are provided as *EXAMPLES*
|
||||||
|
@ -83,10 +81,30 @@ ynh_script_progression --message="Ensuring downward compatibility..." --time --w
|
||||||
# ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
# ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||||
#fi
|
#fi
|
||||||
|
|
||||||
|
### If nobody installed your app before 4.1,
|
||||||
|
### then you may safely remove these lines
|
||||||
|
|
||||||
|
# Cleaning legacy permissions
|
||||||
|
#if ynh_legacy_permissions_exists; then
|
||||||
|
# ynh_legacy_permissions_delete_all
|
||||||
|
#
|
||||||
|
# ynh_app_setting_delete --app=$app --key=is_public
|
||||||
|
#fi
|
||||||
|
#
|
||||||
|
#if ! ynh_permission_exists --permission="admin"; then
|
||||||
|
# # Create the required permissions
|
||||||
|
# ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
|
||||||
|
#fi
|
||||||
|
#
|
||||||
|
## Create a permission if needed
|
||||||
|
#if ! ynh_permission_exists --permission="api"; then
|
||||||
|
# ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
|
||||||
|
#fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE DEDICATED USER
|
# CREATE DEDICATED USER
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1
|
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
|
||||||
|
|
||||||
# Create a dedicated user (if not existing)
|
# Create a dedicated user (if not existing)
|
||||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||||
|
@ -97,30 +115,29 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||||
|
|
||||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||||
then
|
then
|
||||||
ynh_script_progression --message="Upgrading source files..." --time --weight=1
|
ynh_script_progression --message="Upgrading source files..." --weight=1
|
||||||
|
|
||||||
# Download, check integrity, uncompress and patch the source from app.src
|
ynh_setup_source --dest_dir="$final_path" --keep="paperless.conf"
|
||||||
ynh_setup_source --dest_dir="$final_path"
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
chmod 750 "$final_path"
|
chmod 750 "$final_path"
|
||||||
chmod -R o-rwx "$final_path"
|
chmod -R o-rwx "$final_path"
|
||||||
chown -R $app:www-data "$final_path"
|
chown -R $app:$app "$final_path"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# NGINX CONFIGURATION
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1
|
|
||||||
|
|
||||||
# Create a dedicated NGINX config
|
|
||||||
ynh_add_nginx_config
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# UPGRADE DEPENDENCIES
|
# UPGRADE DEPENDENCIES
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Upgrading dependencies..." --time --weight=1
|
ynh_script_progression --message="Upgrading dependencies..." --weight=1
|
||||||
|
|
||||||
ynh_install_app_dependencies $pkg_dependencies
|
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $ocr_pkg_dependencies
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
|
||||||
|
|
||||||
|
# Create a dedicated NGINX config
|
||||||
|
ynh_add_nginx_config
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC UPGRADE
|
# SPECIFIC UPGRADE
|
||||||
|
@ -131,84 +148,86 @@ ynh_script_progression --message="Installing Python dependencies..."
|
||||||
|
|
||||||
pushd $final_path
|
pushd $final_path
|
||||||
python3 -m venv venv
|
python3 -m venv venv
|
||||||
venv/bin/pip install --upgrade pip
|
chown -R "$app:" "$final_path"
|
||||||
venv/bin/pip install -r requirements.txt
|
(
|
||||||
|
source "$final_path/venv/bin/activate"
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip3 install --upgrade pip setuptools wheel
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip3 install -r "$final_path/requirements.txt"
|
||||||
|
deactivate
|
||||||
|
)
|
||||||
popd
|
popd
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# UPDATE A CONFIG FILE
|
# UPDATE A CONFIG FILE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Updating a configuration file..." --time --weight=1
|
ynh_script_progression --message="Updating a configuration file..." --weight=1
|
||||||
|
|
||||||
|
ynh_add_config --template="paperless.conf.example" --destination="$final_path/paperless.conf"
|
||||||
|
|
||||||
ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
|
chmod 400 "$final_path/paperless.conf"
|
||||||
|
chown $app:$app "$final_path/paperless.conf"
|
||||||
# FIXME: this should be handled by the core in the future
|
|
||||||
# You may need to use chmod 600 instead of 400,
|
|
||||||
# for example if the app is expected to be able to modify its own config
|
|
||||||
chmod 400 "$final_path/some_config_file"
|
|
||||||
chown $app:$app "$final_path/some_config_file"
|
|
||||||
|
|
||||||
### For more complex cases where you want to replace stuff using regexes,
|
|
||||||
### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
|
|
||||||
### When doing so, you also need to manually call ynh_store_file_checksum
|
|
||||||
###
|
|
||||||
### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
|
|
||||||
### ynh_store_file_checksum --file="$final_path/some_config_file"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP THE DATABASE
|
# SETUP THE DATABASE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Setting up the database..." --time --weight=1
|
ynh_script_progression --message="Setting up the database..." --weight=1
|
||||||
|
|
||||||
pushd $final_path
|
pushd "$final_path/src"
|
||||||
ynh_exec_as $app python3 manage.py migrate
|
(
|
||||||
|
source "$final_path/venv/bin/activate"
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/python manage.py migrate
|
||||||
|
deactivate
|
||||||
|
)
|
||||||
popd
|
popd
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP SYSTEMD
|
# SETUP SYSTEMD
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1
|
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
|
||||||
|
|
||||||
# Create a dedicated systemd config
|
# Create a dedicated systemd config
|
||||||
ynh_add_systemd_config
|
ynh_add_systemd_config --service="$app" --template="systemd.service"
|
||||||
|
ynh_add_systemd_config --service="$app-qcluster" --template="systemd-qcluster.service"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP LOGROTATE
|
# SETUP LOGROTATE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1
|
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
|
||||||
|
|
||||||
# Use logrotate to manage app-specific logfile(s)
|
# Use logrotate to manage app-specific logfile(s)
|
||||||
ynh_use_logrotate --non-append
|
ynh_use_logrotate --logfile="/var/log/$app/$app.log"
|
||||||
|
ynh_use_logrotate --logfile="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INTEGRATE SERVICE IN YUNOHOST
|
# INTEGRATE SERVICE IN YUNOHOST
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
|
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
|
||||||
|
|
||||||
yunohost service add $app --log="/var/log/$app/$app.log"
|
yunohost service add "$app" --log="/var/log/$app/$app.log"
|
||||||
|
yunohost service add "$app-qcluster" --log="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# START SYSTEMD SERVICE
|
# START SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
|
ynh_systemd_action --service_name="$app-qcluster" --action="start" --log_path="/var/log/$app/$app-qcluster.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# UPGRADE FAIL2BAN
|
# UPGRADE FAIL2BAN
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reconfiguring Fail2Ban..." --time --weight=1
|
#ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
|
||||||
|
|
||||||
# Create a dedicated Fail2Ban config
|
# Create a dedicated Fail2Ban config
|
||||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
|
#ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
@ -216,4 +235,4 @@ ynh_systemd_action --service_name=nginx --action=reload
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Upgrade of $app completed" --time --last
|
ynh_script_progression --message="Upgrade of $app completed" --last
|
||||||
|
|
39
scripts/ynh_redis
Normal file
39
scripts/ynh_redis
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# get the first available redis database
|
||||||
|
#
|
||||||
|
# usage: ynh_redis_get_free_db
|
||||||
|
# | returns: the database number to use
|
||||||
|
ynh_redis_get_free_db() {
|
||||||
|
local result max db
|
||||||
|
result=$(redis-cli INFO keyspace)
|
||||||
|
|
||||||
|
# get the num
|
||||||
|
max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+")
|
||||||
|
|
||||||
|
db=0
|
||||||
|
# default Debian setting is 15 databases
|
||||||
|
for i in $(seq 0 "$max")
|
||||||
|
do
|
||||||
|
if ! echo "$result" | grep -q "db$i"
|
||||||
|
then
|
||||||
|
db=$i
|
||||||
|
break 1
|
||||||
|
fi
|
||||||
|
db=-1
|
||||||
|
done
|
||||||
|
|
||||||
|
test "$db" -eq -1 && ynh_die --message="No available Redis databases..."
|
||||||
|
|
||||||
|
echo "$db"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Create a master password and set up global settings
|
||||||
|
# Please always call this script in install and restore scripts
|
||||||
|
#
|
||||||
|
# usage: ynh_redis_remove_db database
|
||||||
|
# | arg: database - the database to erase
|
||||||
|
ynh_redis_remove_db() {
|
||||||
|
local db=$1
|
||||||
|
redis-cli -n "$db" flushall
|
||||||
|
}
|
Loading…
Reference in a new issue