diff --git a/README.md b/README.md index 8afc36f..a4c43f8 100644 --- a/README.md +++ b/README.md @@ -69,8 +69,8 @@ Want to see in action? #### Supported architectures -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/peertube%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/peertube/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/peertube%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/peertube/) +* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/peertube.svg)](https://ci-apps.yunohost.org/ci/apps/peertube/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/peertube.svg)](https://ci-apps-arm.yunohost.org/ci/apps/peertube/) ## Links diff --git a/README_fr.md b/README_fr.md index f363581..70694f9 100644 --- a/README_fr.md +++ b/README_fr.md @@ -64,8 +64,8 @@ En regardant une vidéo, vous aidez l'hébergeur à la diffuser en devenant vous #### Architectures supportées -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/peertube%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/peertube/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/peertube%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/peertube/) +* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/peertube.svg)](https://ci-apps.yunohost.org/ci/apps/peertube/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/peertube.svg)](https://ci-apps-arm.yunohost.org/ci/apps/peertube/) ## Liens diff --git a/check_process b/check_process index b4f25f8..ce713f1 100644 --- a/check_process +++ b/check_process @@ -1,8 +1,3 @@ -# See here for more informations -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest domain="domain.tld" (DOMAIN) @@ -29,6 +24,8 @@ upgrade=1 from_commit=10d79175a8a45137d271931cbd6d14e927400729 # 3.0.1~ynh1 upgrade=1 from_commit=5a74f4033eafa657fcd32a9713cd77ba0f4f79c9 + # 3.1.0~ynh2 + upgrade=1 from_commit=1be4caaaf2787e614cd315ca8564573d4268032a backup_restore=1 multi_instance=0 port_already_use=0 @@ -49,4 +46,6 @@ Notification=yes name=2.4.0~ynh1 ; commit=5a74f4033eafa657fcd32a9713cd77ba0f4f79c9 name=3.0.1~ynh1 + ; commit=1be4caaaf2787e614cd315ca8564573d4268032a + name=3.1.0~ynh2 \ No newline at end of file diff --git a/manifest.json b/manifest.json index f7eb226..0fc6968 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Video streaming platform using P2P directly in the web browser, connected to a federated network", "fr": "Plateforme de diffusion vidéo par P2P directement dans le navigateur, et connectée à un réseau fédéralisé" }, - "version": "3.1.0~ynh2", + "version": "3.1.0~ynh3", "url": "https://github.com/Chocobozzz/PeerTube", "license": "AGPL-3.0-only", "maintainer": [ @@ -30,28 +30,16 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain name for PeerTube", - "fr": "Choisissez un nom de domaine pour PeerTube" - }, "example": "example.com" }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose an admin user", - "fr": "Choisissez l'administrateur" - }, "example": "johndoe" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Is it a public application?", - "fr": "Est-ce une application publique ?" - }, "default": true } ] diff --git a/scripts/_common.sh b/scripts/_common.sh index 1441eb6..d6aa49f 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -7,7 +7,7 @@ # dependencies used by the app pkg_dependencies="ffmpeg postgresql postgresql-contrib openssl g++ redis-server redis-tools mailutils apt-transport-https" -YNH_NODEJS_VERSION=14 +NODEJS_VERSION=14 #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index 8c58481..2fc99d4 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -63,13 +63,6 @@ ynh_backup --src_path="/etc/logrotate.d/$app" ynh_backup --src_path="/etc/systemd/system/$app.service" -#================================================= -# BACKUP THE POSTGRESQL DATABASE -#================================================= -ynh_print_info --message="Backing up the PostgreSQL database..." - -ynh_psql_dump_db --database="$db_name" > db.sql - #================================================= # BACKUP THE DATA DIRECTORY #================================================= @@ -77,6 +70,13 @@ ynh_print_info --message="Backing up data directory..." ynh_backup --src_path="$datadir" --is_big +#================================================= +# BACKUP THE POSTGRESQL DATABASE +#================================================= +ynh_print_info --message="Backing up the PostgreSQL database..." + +ynh_psql_dump_db --database="$db_name" > db.sql + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index a2b1c90..50849a3 100644 --- a/scripts/install +++ b/scripts/install @@ -82,7 +82,7 @@ ynh_exec_warn_less yunohost firewall allow TCP $rtmp_port ynh_script_progression --message="Installing dependencies..." # Install nodejs -ynh_install_nodejs --nodejs_version=$YNH_NODEJS_VERSION +ynh_install_nodejs --nodejs_version=$NODEJS_VERSION # Install dependencies ynh_install_app_dependencies $pkg_dependencies @@ -97,6 +97,14 @@ fi # Install Yarn ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # CREATE A POSTGRESQL DATABASE #================================================= @@ -122,22 +130,18 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config "datadir" -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app --home_dir=$final_path - #================================================= # SPECIFIC SETUP #================================================= @@ -148,30 +152,35 @@ ynh_script_progression --message="Creating the data directory..." # Create app folders mkdir -p "$datadir" -# Give permission to the datadir -chown -R $app:$app $datadir - -#================================================= -# MODIFY A CONFIG FILE -#================================================= -ynh_script_progression --message="Modifying a config file..." - -ynh_add_config --template="../conf/production.yaml" --destination="$final_path/config/production.yaml" - -ynh_add_config --template="../conf/local-production.json" --destination="$final_path/config/local-production.json" +chmod 750 "$datadir" +chmod -R o-rwx "$datadir" +chown -R $app:$app "$datadir" #================================================= # BUILD YARN DEPENDENCIES #================================================= ynh_script_progression --message="Building Yarn dependencies..." -chown -R "$app":"$app" $final_path - pushd "$final_path" ynh_use_nodejs ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn install --production --pure-lockfile popd +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a config file..." + +ynh_add_config --template="../conf/production.yaml" --destination="$final_path/config/production.yaml" + +chmod 400 "$final_path/config/production.yaml" +chown $app:$app "$final_path/config/production.yaml" + +ynh_add_config --template="../conf/local-production.json" --destination="$final_path/config/local-production.json" + +chmod 400 "$final_path/config/local-production.json" +chown $app:$app "$final_path/config/local-production.json" + #================================================= # SETUP SYSTEMD #================================================= @@ -216,17 +225,6 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" #================================================= # GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions to app files -chown -R $app:$app $final_path - -# Give permission to the datadir -chown -R $app:$app $datadir - #================================================= # SETUP LOGROTATE #================================================= @@ -240,7 +238,7 @@ ynh_use_logrotate --logfile="$datadir/logs/peertube.log" #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --description "$app daemon for Peertube" --log "$datadir/logs/peertube.log" --needs_exposed_ports $rtmp_port +yunohost service add $app --description="$app daemon for Peertube" --log="$datadir/logs/peertube.log" --needs_exposed_ports $rtmp_port #================================================= # START SYSTEMD SERVICE diff --git a/scripts/remove b/scripts/remove index 7950022..8149dd4 100644 --- a/scripts/remove +++ b/scripts/remove @@ -34,7 +34,7 @@ path_url=$(ynh_app_setting_get --app=$app --key=path) # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove the service from the list of services known by Yunohost (added from `yunohost service add`) +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null then ynh_script_progression --message="Removing $app service integration..." @@ -79,7 +79,7 @@ ynh_secure_remove --file="$final_path" #================================================= ynh_script_progression --message="Removing NGINX web server configuration..." -# Remove the dedicated nginx config +# Remove the dedicated NGINX config ynh_remove_nginx_config #================================================= diff --git a/scripts/restore b/scripts/restore index 033dc18..7f7fe79 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -23,7 +23,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -52,10 +52,18 @@ test ! -d $final_path \ #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the NGINX configuration..." +ynh_script_progression --message="Restoring the NGINX web server configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -63,21 +71,9 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path - -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." - -# Restore permissions on app files -chown -R $app:$app $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # SPECIFIC RESTORATION @@ -91,8 +87,17 @@ ynh_restore_file --origin_path="$datadir" --not_mandatory mkdir -p "$datadir" -# Give permission to the datadir -chown -R $app:$app $datadir +chmod 750 "$datadir" +chmod -R o-rwx "$datadir" +chown -R $app:$app "$datadir" + +#================================================= +# OPEN A PORT +#================================================= +ynh_script_progression --message="Configuring firewall..." + +# Open the port +ynh_exec_warn_less yunohost firewall allow TCP $rtmp_port #================================================= # REINSTALL DEPENDENCIES @@ -100,7 +105,7 @@ chown -R $app:$app $datadir ynh_script_progression --message="Reinstalling dependencies..." # Install nodejs -ynh_install_nodejs --nodejs_version=$YNH_NODEJS_VERSION +ynh_install_nodejs --nodejs_version=$NODEJS_VERSION # Install dependencies ynh_install_app_dependencies $pkg_dependencies @@ -124,14 +129,6 @@ ynh_psql_test_if_first_run ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name -#================================================= -# OPEN A PORT -#================================================= -ynh_script_progression --message="Configuring firewall..." - -# Open the port -ynh_exec_warn_less yunohost firewall allow TCP $rtmp_port - #================================================= # RESTORE SYSTEMD #================================================= @@ -145,7 +142,7 @@ systemctl enable $app.service --quiet #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --description "$app daemon for Peertube" --log "$datadir/logs/peertube.log" --needs_exposed_ports $rtmp_port +yunohost service add $app --description="$app daemon for Peertube" --log="$datadir/logs/peertube.log" --needs_exposed_ports $rtmp_port #================================================= # START SYSTEMD SERVICE diff --git a/scripts/upgrade b/scripts/upgrade index d960814..07f9da9 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -104,19 +104,11 @@ fi #================================================= ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." -# Inform the backup/restore process that it should not save the data directory -# Use only for the previous backup script that doesn't set 'is_big' -ynh_app_setting_set --app=$app --key=backup_core_only --value=1 - # Backup the current version of the app ynh_backup_before_upgrade - -# Remove the option backup_core_only after the backup. -ynh_app_setting_delete --app=$app --key=backup_core_only - ynh_clean_setup () { - # restore it if the upgrade fails ynh_clean_check_starting + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script @@ -131,6 +123,14 @@ ynh_script_progression --message="Stopping a systemd service..." ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -143,10 +143,10 @@ then tmpdir="$(mktemp -d)" # Backup the config file in the temp dir - cp -a "$final_path/config/production.yaml" "$tmpdir/production.yaml" + cp -af "$final_path/config/production.yaml" "$tmpdir/production.yaml" if [ -s "$final_path/config/local-production.json" ] then - cp -a "$final_path/config/local-production.json" "$tmpdir/local-production.json" + cp -af "$final_path/config/local-production.json" "$tmpdir/local-production.json" fi # Remove the app directory securely @@ -156,11 +156,11 @@ then ynh_setup_source --dest_dir="$final_path" #Copy the admin saved settings from tmp directory to final path - cp -a "$tmpdir/production.yaml" "$final_path/config/production.yaml" + cp -af "$tmpdir/production.yaml" "$final_path/config/production.yaml" if [ -s "$tmpdir/local-production.json" ] then - cp -a "$tmpdir/local-production.json" "$final_path/config/local-production.json" + cp -af "$tmpdir/local-production.json" "$final_path/config/local-production.json" else cp ../conf/local-production.json "$final_path/config/local-production.json" fi @@ -169,12 +169,16 @@ then ynh_secure_remove --file="$tmpdir" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Upgrading NGINX web server configuration..." -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config "datadir" #================================================= @@ -183,7 +187,7 @@ ynh_add_nginx_config "datadir" ynh_script_progression --message="Upgrading dependencies..." # Install nodejs -ynh_install_nodejs --nodejs_version=$YNH_NODEJS_VERSION +ynh_install_nodejs --nodejs_version=$NODEJS_VERSION # Install dependencies ynh_install_app_dependencies $pkg_dependencies @@ -202,14 +206,6 @@ ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ st ynh_secure_remove --file="/usr/share/yunohost/hooks/conf_regen/15-nginx_$app" yunohost tools regen-conf nginx -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # SPECIFIC UPGRADE #================================================= @@ -217,25 +213,27 @@ ynh_system_user_create --username=$app #================================================= ynh_script_progression --message="Creating the data directory..." -if [ ! -d "$datadir" ] -then - # Create app folders - mkdir -p "$datadir" -fi +# Create app folders +mkdir -p "$datadir" -# Give permission to the datadir -chown -R $app:$app $datadir +chmod 750 "$datadir" +chmod -R o-rwx "$datadir" +chown -R $app:$app "$datadir" #================================================= -# MODIFY A CONFIG FILE +# UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Modifying a config file..." +ynh_script_progression --message="Updating a config file..." ynh_add_config --template="../conf/production.yaml" --destination="$final_path/config/production.yaml" -local_config="$final_path/config/local-production.json" -ynh_backup_if_checksum_is_different --file="$local_config" -ynh_store_file_checksum --file="$local_config" +chmod 400 "$final_path/config/production.yaml" +chown $app:$app "$final_path/config/production.yaml" + +ynh_add_config --template="../conf/local-production.json" --destination="$final_path/config/local-production.json" + +chmod 400 "$final_path/config/local-production.json" +chown $app:$app "$final_path/config/local-production.json" #================================================= # BUILD YARN DEPENDENCIES @@ -268,17 +266,6 @@ ynh_add_systemd_config --others_var="ynh_node_load_PATH" #================================================= # GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions on app files -chown -R $app:$app $final_path - -# Give permission to the datadir -chown -R $app:$app $datadir - #================================================= # SETUP LOGROTATE #================================================= @@ -292,7 +279,7 @@ ynh_use_logrotate --non-append #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --description "$app daemon for Peertube" --log "$datadir/logs/peertube.log" --needs_exposed_ports $rtmp_port +yunohost service add $app --description="$app daemon for Peertube" --log="$datadir/logs/peertube.log" --needs_exposed_ports $rtmp_port #================================================= # START SYSTEMD SERVICE