1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/peertube_ynh.git synced 2024-09-03 19:56:29 +02:00

Revert "Merge pull request #391 from YunoHost-Apps/testing"

This reverts commit 2114cc9d67, reversing
changes made to 8a8d9be6a0.
This commit is contained in:
Éric Gaspar 2023-12-29 16:41:43 +01:00
parent 2114cc9d67
commit d5d2f8bd3b
32 changed files with 1456 additions and 423 deletions

133
.github/workflows/updater.sh vendored Normal file
View file

@ -0,0 +1,133 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
# Remove this exit command when you are ready to run this Action
#exit 1
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
# Later down the script, we assume the version has only digits and dots
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1}
fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
echo "${#assets[@]} available asset(s)"
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Here we use the $assets variable to get the resources published in the upstream release.
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
# Let's loop over the array of assets URLs
for asset_url in ${assets[@]}; do
echo "Handling asset at $asset_url"
# Assign the asset to a source file in conf/ directory
# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
# Leave $src empty to ignore the asset
case $asset_url in
*".tar.xz")
src="app"
;;
*)
src=""
;;
esac
# If $src is not empty, let's process the asset
if [ ! -z "$src" ]; then
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.xz ]]; then
extension=tar.xz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
SOURCE_EXTRACT=true
EOT
echo "... conf/$src.src updated"
else
echo "... asset ignored"
fi
done
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

50
.github/workflows/updater.yml vendored Normal file
View file

@ -0,0 +1,50 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Run the updater script
/bin/bash .github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
base: testing
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
draft: false

View file

@ -16,10 +16,10 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
## Overview
PeerTube is a decentralized and federated video hosting software. To publish videos, the user must register with a host (called an instance). Each host has its own conditions of use (storage space per user, moderation rules, themes, etc.). Thanks to WebTorrent, if several people view the same video, fragments of it are exchanged between people so as not to overload the instance. Decentralized: Each instance can follow one or more other PeerTube instances in order to allow its users to view their videos. Federated: Via the ActivityPub protocol, Peertube can interact with other software that is part of the Fediverse, such as Mastodon for example.
Federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser, using <a href="https://github.com/feross/webtorrent">WebTorrent</a>.
**Shipped version:** 6.0.2~ynh1
**Shipped version:** 5.2.1~ynh1
**Demo:** http://peertube.cpy.re
@ -27,6 +27,31 @@ PeerTube is a decentralized and federated video hosting software. To publish vid
![Screenshot of PeerTube](./doc/screenshots/screenshot1.jpg)
## Disclaimers / important information
### IMPORTANT POINT TO READ BEFORE INSTALLING
* Require **dedicated domain** like **peertube.domain.tld**.
* Admin username is: **root**.
* **Admin password and LDAP configuration** will be sent to the email address given at the time of the installation.
* URL can not be changed once selected. Choose the domain wisely.
* You need more then **1 GB** of RAM. If you don't have it, please create a **swap memory**.
$ dd if=/dev/zero of=/swapfile bs=1024 count=1048576
$ mkswap /swapfile
$ swapon /swapfile
$ echo "/swapfile swap swap defaults 0 0" >> /etc/fstab
* This app is **multi-instance** (you can have more then one PeerTube instance running on a YunoHost server)
* **If you are hosted on OVH virtual machine or experiencing `gyp ERR! configure error`, please switch to [ovh_fix](https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix)**
* HTTP auth is not supported
* Do not modify the `/var/www/<app>/conf/production.yaml` file, because it will be overridden in the next upgrade. Please instead either change them though the web interface or create a `/var/www/<app>/conf/local.yaml` file, assign it the same owner, group and rights than for `conf/production.yaml` and fill there your specific settings.
* Note: when the same option have different values in `production.yaml` and `local.yaml` files, only the value in `local.yaml` is taken into account.
### PLUGINS
* LDAP auth is supported, LDAP configuration will be sent to the email address given at the time of the installation.
* PeerTube plugin livechat is installed with Prosody. To enable, just select «Prosody server controlled by Peertube» as chat mode in the plugin configutation of the PeerTube admin page
* During install, because of Prosody, Metronome is disabled
## Documentation and resources
* Official app website: <https://joinpeertube.org/fr>

View file

@ -16,10 +16,10 @@ Si vous navez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po
## Vue densemble
PeerTube est un logiciel décentralisé et fédéré dhébergement de vidéos. Pour publier des vidéos, lutilisateur doit sinscrire chez un hébergeur (nommé instance). Chaque hébergeur possède ses conditions dutilisation (espace de stockage par utilisateur, règles de modération, thématiques, etc.). Grâce à WebTorrent, si plusieurs personnes consultent une même vidéo, des fragments de celle-ci sont échangés entre les personnes afin de ne pas surcharger linstance. Décentralisé : Chaque instance peut suivre une ou plusieurs autres instances PeerTube afin de permettre à ses utilisateurs de visionner les vidéos de celles-ci. Fédéré : Via le protocole ActivityPub, Peertube peut interagir avec dautres logiciels qui font partie du Fediverse, comme Mastodon par exemple.
Plateforme de streaming vidéo fédérée (ActivityPub) utilisant P2P (BitTorrent) directement dans le navigateur Web, en utilisant <a href="https://github.com/feross/webtorrent"> WebTorrent </a>
**Version incluse :** 6.0.2~ynh1
**Version incluse :** 5.2.1~ynh1
**Démo :** http://peertube.cpy.re
@ -27,6 +27,32 @@ PeerTube est un logiciel décentralisé et fédéré dhébergement de vidéos
![Capture décran de PeerTube](./doc/screenshots/screenshot1.jpg)
## Avertissements / informations importantes
### Points importants à lire avant l'installation
* Nécessite un **domaine dédié** comme **peertube.domain.tld**.
* Le nom d'utilisateur de l'administrateur est: **root**.
* **Le mot de passe administrateur et la configuration LDAP** seront envoyés à l'adresse email indiquée au moment de l'installation.
* L'URL ne peut pas être modifiée une fois sélectionnée. Choisissez judicieusement le domaine.
* Vous avez besoin de plus de **1 Go** de RAM. Si vous ne l'avez pas, veuillez créer une **mémoire swap**.
$ dd if=/dev/zero of=/swapfile bs=1024 count=1048576
$ mkswap /swapfile
$ swapon /swapfile
$ echo "/swapfile swap swap defaults 0 0" >> /etc/fstab
* Cette application est **multi-instance** (vous pouvez avoir plus d'une instance PeerTube en cours d'exécution sur un serveur YunoHost)
* **Si vous êtes hébergé sur une machine virtuelle OVH ou rencontrez `gyp ERR! configure error`, veuillez passer à [ovh_fix](https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix)**
* L'authentification HTTP n'est pas supportée
* Ne modifiez pas le fichier `/var/www/<app>/conf/production.yaml`, car il sera remplacé à la prochaine mise à jour. À la place, veuillez modifier la configuration via l'interface web ou créer et remplir le fichier `/var/www/<app>/conf/local.yaml`, assignez-lui les mêmes propriétaire, groupe et droits que pour `conf/production.yaml` et y remplir vos options spécifiques.
* Note: si la même option contient différentes valeurs dans les fichiers `conf/production.yaml` et `conf/local.yaml`, seule la valeur dans `conf/local.yaml` sera prise en compte.
#### PLUGINS
* L'authentification LDAP est prise en charge, les instructions de configuration sont envoyées à l'adresse email indiquée au moment de l'installation
* Le plugin PeerTube livechat est installé ainsi que Prosody. pour l'activer, sélectionner «Prosody server controlled by Peertube» dans le paramétre chat mode du plugin dans la page d'administration de PeerTube.
* Pendant l'installation, à cause de Prosody, Metronome est désactivé.
## Documentations et ressources
* Site officiel de lapp : <https://joinpeertube.org/fr>

66
check_process Normal file
View file

@ -0,0 +1,66 @@
;; Test complet
; Manifest
domain="domain.tld"
is_public=1
admin="john"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
# 3.2.1~ynh1
# upgrade=1 from_commit=f4b43fd85ad3a169d27c53865a13548e44f17ebf
# 3.2.1~ynh3
#upgrade=1 from_commit=7a621c48f6bdd10334f2d0c06f787fe468788f62
# 3.2.1~ynh4
upgrade=1 from_commit=08bf3fce3ad99e27e7f7d251838a9f9c63243e44
# 3.3.0~ynh1
#upgrade=1 from_commit=c43548f6e0a0e5d172360945f6941255537ec18c
# 3.3.0~ynh2
#upgrade=1 from_commit=6010986d58ef0caa8428e3d6e3ff3fd512401a53
# 3.3.0~ynh2
#upgrade=1 from_commit=f3bb02002c8fa28748744302475139b6fcf7c651
# 3.3.0~ynh3
#upgrade=1 from_commit=ed59a268e93910f8b35b0f87399f91b8cad9ede0
# 3.3.0~ynh4
#upgrade=1 from_commit=509ba9051facf65329dde20919a3254dcaf3f910
# 3.4.0~ynh1
#upgrade=1 from_commit=83a06ca4c96ccd941b49647b3698db2c6b771b79
# 3.4.1~ynh1
#upgrade=1 from_commit=96f010a9f72fed48660b3f962124b553397b283b
# 3.4.1~ynh2
#upgrade=1 from_commit=0b6823def8230b3af7f9b484c526a49c3a640c4d
# 3.4.1~ynh3
upgrade=1 from_commit=0f77bb6e7441698b762bde38698c510dc0a4438e
# 4.0.0~ynh1
#upgrade=1 from_commit=602bf56af8582a38c7ee055f60e782e2da0efddc
# 4.0.0~ynh1
#upgrade=1 from_commit=7c2bb0bb6a91b6b957b734f684aa3d64da892f4c
# 4.0.0~ynh1
#upgrade=1 from_commit=9bdfda10d83519064adeb275f6aed1660bf24b88
# 4.0.0~ynh2
#upgrade=1 from_commit=16bc11e945c2b1a962a5deace7c0f27b8d5a5112
# 4.0.0~ynh2
#upgrade=1 from_commit=6995b27972e27c6cf8ee3e1f23a2de5cc8c8e8ee
# 4.1.0~ynh1
#upgrade=1 from_commit=d5aa8c2194297b332d26e68b5e9e8ada17377742
# 4.1.1~ynh1
#upgrade=1 from_commit=24c8333d70312e9dcf8d278e64787ca561a10b2e
# 4.2.0~ynh1
#upgrade=1 from_commit=ddb937ecab9454e8dd0b07627a02bad27c9f6556
# 4.2.1~ynh1
#upgrade=1 from_commit=5a488aebc53dafa5c431580ca4437eed0ad7da1e
# 4.2.2~ynh1
upgrade=1 from_commit=9bf92ff65db0dcb188834738f180dbfa34ebef09
# 5.2.0~ynh1
upgrade=1 from_commit=fbf90aa8845edfb8bc1f75e335ea706203fe77e7
backup_restore=1
multi_instance=0
port_already_use=0
change_url=0
;;; Options
Email=
Notification=none

6
conf/app.src Normal file
View file

@ -0,0 +1,6 @@
SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v5.2.1/peertube-v5.2.1.tar.xz
SOURCE_SUM=27d577ab63d29be865934088d1831373a71433c78443a4441fb3ac416995817c
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.xz
SOURCE_IN_SUBDIR=true
SOURCE_EXTRACT=true

View file

@ -0,0 +1,2 @@
{
}

17
conf/msg_install Normal file
View file

@ -0,0 +1,17 @@
__APP__ was successfully installed :)
Please open your __APP__ domain: https://__DOMAIN____PATH_URL__
The admin username is: root
The admin password is: __ADMIN_PASS__
To make PeerTube Live available, you also need to make the TCP port __RTMP_PORT__ available from internet (For example, opening the port on your ISP box if it's not automatically done).
To enable LDAP authentication open https://__DOMAIN____PATH_URL__admin/plugins/show/peertube-plugin-auth-ldap
Complete with the following informations :
- URL: ldap://127.0.0.1
- Insecure TLS : checked
- Search base : ou=users,dc=yunohost,dc=org
All YunoHost users will be allowed to login as peertube user.
If you are facing any problem or want to improve this app, please open a new issue here: https://github.com/YunoHost-Apps/peertube_ynh

15
conf/msg_remove Normal file
View file

@ -0,0 +1,15 @@
__APP__ was successfully removed :)
The domain https://__DOMAIN____PATH_URL__ is free for other apps to be installed on it.
You should close the PeerTube Live TCP port __RTMP_PORT__ available from internet (For example, closing the port on your ISP box if it's not automatically done).
But a futher action is required from your side to completely remove the __APP__ data folder. If you have backup and plan to restore this app in the future DON'T RUN THIS COMMAND.
And if you are going to migrate to othe server you will have to move __DATADIR__ to your new server.
You need to run this command to remove the data (warning all your videos will be removed):
rm -R __DATADIR__ -f
If you facing any problem or want to improve this app, please open a new issue here: https://github.com/YunoHost-Apps/peertube_ynh

View file

@ -96,11 +96,11 @@ location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ {
# For extra performance please refer to https://github.com/denji/nginx-tuning
##
root __DATA_DIR__storage/;
root __DATADIR__;
# Enable compression for JS/CSS/HTML, for improved client load times.
# It might be nice to compress JSON/XML as returned by the API, but
# leaving that out to protect against potential BREACH attack.
# gzip on;
gzip_vary on;
gzip_types # text/html is always compressed by HttpGzipModule
@ -134,14 +134,14 @@ tcp_nodelay on; # don't buffer data sent, good for small data burs
location ~ ^/client/(assets/images/(icons/icon-36x36\.png|icons/icon-48x48\.png|icons/icon-72x72\.png|icons/icon-96x96\.png|icons/icon-144x144\.png|icons/icon-192x192\.png|icons/icon-512x512\.png|logo\.svg|favicon\.png|default-playlist\.jpg|default-avatar-account\.png|default-avatar-account-48x48\.png|default-avatar-video-channel\.png|default-avatar-video-channel-48x48\.png))$ {
more_set_headers "Cache-Control : public, max-age=31536000, immutable"; # Cache 1 year
try_files __DATA_DIR__storage/client-overrides/$1 __INSTALL_DIR__/client/dist/$1 @api;
try_files __DATADIR__/client-overrides/$1 __FINALPATH__/client/dist/$1 @api;
}
# Bypass PeerTube for performance reasons. Optional.
location ~ ^/client/(.*\.(js|css|png|svg|woff2|otf|ttf|woff|eot))$ {
more_set_headers "Cache-Control : public, max-age=31536000, immutable"; # Cache 1 year
alias __INSTALL_DIR__/client/dist/$1;
alias __FINALPATH__/client/dist/$1;
}
# Bypass PeerTube for performance reasons. Optional.
@ -163,7 +163,7 @@ location ~ ^/static/(thumbnails|avatars)/ {
rewrite ^/static/(.*)$ /$1 break;
root __DATA_DIR__storage/;
root __DATADIR__;
try_files $uri @api;
}
@ -220,7 +220,7 @@ location ~ ^/static/(webseed|web-videos|redundancy|streaming-playlists)/ {
rewrite ^/static/webseed/(.*)$ /web-videos/$1 break;
rewrite ^/static/(.*)$ /$1 break;
root __DATA_DIR__storage/;
root __DATADIR__;
try_files $uri @api;
}

View file

@ -1,5 +1,5 @@
listen:
hostname: '127.0.0.1'
hostname: 'localhost'
port: __PORT__
# Correspond to your reverse proxy server_name/listen configuration (i.e., your public PeerTube instance URL)
@ -13,6 +13,7 @@ secrets:
# Generate one using `openssl rand -hex 32`
peertube: '__SECRETS_PEERTUBE__'
rates_limit:
api:
# 50 attempts in 10 seconds
@ -34,31 +35,6 @@ rates_limit:
# 10 attempts in 10 min
window: 10 minutes
max: 10
plugins:
# 500 attempts in 10 seconds (we also serve plugin static files)
window: 10 seconds
max: 500
well_known:
# 200 attempts in 10 seconds
window: 10 seconds
max: 200
feeds:
# 50 attempts in 10 seconds
window: 10 seconds
max: 50
activity_pub:
# 500 attempts in 10 seconds (we can have many AP requests)
window: 10 seconds
max: 500
client: # HTML files generated by PeerTube
# 500 attempts in 10 seconds (to not break crawlers)
window: 10 seconds
max: 500
oauth2:
token_lifetime:
access_token: '1 day'
refresh_token: '2 weeks'
# Proxies to trust to get real client IP
# If you run PeerTube just behind a local proxy (nginx), keep 'loopback'
@ -71,7 +47,7 @@ database:
hostname: 'localhost'
port: 5432
ssl: false
suffix: '__DB_SUFFIX__'
suffix: '___APP__'
username: '__DB_USER__'
password: '__DB_PWD__'
pool:
@ -94,8 +70,8 @@ smtp:
sendmail: null
hostname: 'localhost'
port: 25 # If you use StartTLS: 587
username: __APP__
password: __MAIL_PWD__
username: null
password: null
tls: false # If you use StartTLS: false
disable_starttls: true
ca_file: null # Used for self signed certificates
@ -137,22 +113,20 @@ defaults:
# From the project root directory
storage:
tmp: '__DATA_DIR__/storage/tmp/' # Use to download data (imports etc), store uploaded files before processing...
tmp_persistent: '__DATA_DIR__//storage/tmp-persistent/' # As tmp but the directory is not cleaned up between PeerTube restarts
bin: '__DATA_DIR__/storage/bin/'
avatars: '__DATA_DIR__/storage/avatars/'
web_videos: '__DATA_DIR__/storage/videos/'
streaming_playlists: '__DATA_DIR__/storage/streaming-playlists/'
redundancy: '__DATA_DIR__/storage/redundancy/'
tmp: '__DATADIR__/tmp/' # Use to download data (imports etc), store uploaded files before processing...
bin: '__DATADIR__/bin/'
avatars: '__DATADIR__/avatars/'
videos: '__DATADIR__/videos/'
streaming_playlists: '__DATADIR__/streaming-playlists/'
redundancy: '__DATADIR__/redundancy/'
logs: '/var/log/__APP__/'
previews: '__DATA_DIR__/storage/previews/'
thumbnails: '__DATA_DIR__/storage/thumbnails/'
storyboards: '__DATA_DIR__/storage/storyboards/'
torrents: '__DATA_DIR__/storage/torrents/'
captions: '__DATA_DIR__/storage/captions/'
cache: '__DATA_DIR__/storage/cache/'
plugins: '__DATA_DIR__/storage/plugins/'
well_known: '__DATA_DIR__/storage/well-known/'
previews: '__DATADIR__/previews/'
thumbnails: '__DATADIR__/thumbnails/'
torrents: '__DATADIR__/torrents/'
captions: '__DATADIR__/captions/'
cache: '__DATADIR__/cache/'
plugins: '__DATADIR__/plugins/'
well_known: '__DATADIR__/well-known/'
# Overridable client files in client/dist/assets/images:
# - logo.svg
# - favicon.png
@ -163,7 +137,7 @@ storage:
# Could contain for example assets/images/favicon.png
# If the file exists, peertube will serve it
# If not, peertube will fallback to the default file
client_overrides: '__DATA_DIR__/storage/client-overrides/'
client_overrides: '__DATADIR__/client-overrides/'
static_files:
# Require and check user authentication when accessing private files (internal/private video files)
@ -210,9 +184,9 @@ object_storage:
# Useful when you want to use a CDN/external proxy
base_url: '' # Example: 'https://mirror.example.com'
# Same settings but for web videos
web_videos:
bucket_name: 'web-videos'
# Same settings but for webtorrent videos
videos:
bucket_name: 'videos'
prefix: ''
base_url: ''
@ -229,31 +203,23 @@ log:
log_ping_requests: true
log_tracker_unknown_infohash: true
# If you have many concurrent requests, you can disable HTTP requests logging to reduce PeerTube CPU load
log_http_requests: true
prettify_sql: false
# Accept warn/error logs coming from the client
accept_client_log: true
# Support of Open Telemetry metrics and tracing
# For more information: https://docs.joinpeertube.org/maintain/observability
# For more information: https://docs.joinpeertube.org/maintain-observability
open_telemetry:
metrics:
enabled: false
http_request_duration:
# You can disable HTTP request duration metric that can have a high tag cardinality
enabled: true
# Create a prometheus exporter server on this port so prometheus server can scrape PeerTube metrics
prometheus_exporter:
hostname: '127.0.0.1'
port: 9091
tracing:
# If tracing is enabled, you must provide --experimental-loader=@opentelemetry/instrumentation/hook.mjs flag to the node binary
enabled: false
# Send traces to a Jaeger compatible endpoint
@ -262,14 +228,12 @@ open_telemetry:
trending:
videos:
interval_days: 7 # Compute trending videos for the last x days for 'most-viewed' algorithm
interval_days: 7 # Compute trending videos for the last x days
algorithms:
enabled:
- 'hot' # Adaptation of Reddit's 'Hot' algorithm
- 'most-viewed' # Number of views in the last x days
- 'most-liked' # Global views since the upload of the video
- 'hot' # adaptation of Reddit's 'Hot' algorithm
- 'most-viewed' # default, used initially by PeerTube as the trending page
- 'most-liked'
default: 'most-viewed'
# Cache remote videos on your server, to help other instances to broadcast the video
@ -314,11 +278,6 @@ security:
frameguard:
enabled: true
# Set x-powered-by HTTP header to "PeerTube"
# Can help remote software to know this is a PeerTube instance
powered_by_header:
enabled: true
tracker:
# If you disable the tracker, you disable the P2P on your PeerTube instance
enabled: true
@ -367,9 +326,6 @@ plugins:
url: 'https://packages.joinpeertube.org'
federation:
# Some federated software such as Mastodon may require an HTTP signature to access content
sign_federated_fetches: true
videos:
federate_unlisted: false
@ -400,20 +356,6 @@ feeds:
# Default number of comments displayed in feeds
count: 20
remote_runners:
# Consider jobs that are processed by a remote runner as stalled after this period of time without any update
stalled_jobs:
live: '30 seconds'
vod: '2 minutes'
thumbnails:
# When automatically generating a thumbnail from the video
generation_from_video:
# How many frames to analyze at the middle of the video to select the most appropriate one
# Increasing this value will increase CPU and memory usage when generating the thumbnail, especially for high video resolution
# Minimum value is 2
frames_to_analyze: 50
###############################################################################
#
# From this point, almost all following keys can be overridden by the web interface
@ -433,8 +375,6 @@ cache:
size: 500 # Max number of video captions/subtitles you want to cache
torrents:
size: 500 # Max number of video torrents you want to cache
storyboards:
size: 500 # Max number of video storyboards you want to cache
admin:
# Used to generate the root user at first startup
@ -446,31 +386,20 @@ contact_form:
signup:
enabled: false
limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited
minimum_age: 16 # Used to configure the signup form
# Users fill a form to register so moderators can accept/reject the registration
requires_approval: true
requires_email_verification: false
filters:
cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist
whitelist: []
blacklist: []
user:
history:
videos:
# Enable or disable video history by default for new users.
enabled: true
# Default value of maximum video bytes the user can upload (does not take into account transcoded files)
# Byte format is supported ("1GB" etc)
# -1 == unlimited
video_quota: -1
video_quota_daily: -1
default_channel_name: 'Main $1 channel' # The placeholder $1 is used to represent the user's username
video_channels:
max_per_user: 20 # Allows each user to create up to 20 video channels.
@ -487,18 +416,12 @@ transcoding:
# If a user uploads an audio file, PeerTube will create a video by merging the preview file and the audio file
allow_audio_files: true
# Enable remote runners to transcode your videos
# If enabled, your instance won't transcode the videos itself
# At least 1 remote runner must be configured to transcode your videos
remote_runners:
enabled: false
# Amount of threads used by ffmpeg for 1 local transcoding job
# Amount of threads used by ffmpeg for 1 transcoding job
threads: 1
# Amount of local transcoding jobs to execute in parallel
# Amount of transcoding jobs to execute in parallel
concurrency: 1
# Choose the local transcoding profile
# Choose the transcoding profile
# New profiles can be added by plugins
# Available in core PeerTube: 'default'
profile: 'default'
@ -517,18 +440,18 @@ transcoding:
# Transcode and keep original resolution, even if it's above your maximum enabled resolution
always_transcode_original_resolution: true
# Generate videos in a web compatible format
# Generate videos in a WebTorrent format (what we do since the first PeerTube release)
# If you also enabled the hls format, it will multiply videos storage by 2
# If disabled, breaks federation with PeerTube instances < 2.1
web_videos:
webtorrent:
enabled: false
# /!\ Requires ffmpeg >= 4.1
# Generate HLS playlists and fragmented MP4 files. Better playback than with Web Videos:
# Generate HLS playlists and fragmented MP4 files. Better playback than with WebTorrent:
# * Resolution change is smoother
# * Faster playback in particular with long videos
# * More stable playback (less bugs/infinite loading)
# If you also enabled the web videos format, it will multiply videos storage by 2
# If you also enabled the webtorrent format, it will multiply videos storage by 2
hls:
enabled: true
@ -593,17 +516,9 @@ live:
# Allow to transcode the live streaming in multiple live resolutions
transcoding:
enabled: true
# Enable remote runners to transcode your videos
# If enabled, your instance won't transcode the videos itself
# At least 1 remote runner must be configured to transcode your videos
remote_runners:
enabled: false
# Amount of threads used by ffmpeg per live when using local transcoding
threads: 2
# Choose the local transcoding profile
# Choose the transcoding profile
# New profiles can be added by plugins
# Available in core PeerTube: 'default'
profile: 'default'
@ -626,17 +541,6 @@ video_studio:
# If enabled, users can create transcoding tasks as they wish
enabled: false
# Enable remote runners to transcode studio tasks
# If enabled, your instance won't transcode the videos itself
# At least 1 remote runner must be configured to transcode your videos
remote_runners:
enabled: false
video_file:
update:
# Add ability for users to replace the video file of an existing video
enabled: false
import:
# Add ability for your users to import remote videos (from YouTube, torrent...)
videos:
@ -649,7 +553,7 @@ import:
# Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
http:
# We recommend to use a HTTP proxy if you enable HTTP import to prevent private URL access from this server
# See https://docs.joinpeertube.org/maintain/configuration#security for more information
# See https://docs.joinpeertube.org/maintain-configuration?id=security for more information
enabled: false
youtube_dl_release:
@ -673,10 +577,10 @@ import:
# Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
torrent:
# We recommend to only enable magnet URI/torrent import if you trust your users
# See https://docs.joinpeertube.org/maintain/configuration#security for more information
# See https://docs.joinpeertube.org/maintain-configuration?id=security for more information
enabled: false
# Add ability for your users to synchronize their channels with external channels, playlists, etc
# Add ability for your users to synchronize their channels with external channels, playlists, etc.
video_channel_synchronization:
enabled: false
@ -773,9 +677,8 @@ instance:
Disallow:
# /.well-known/security.txt rules. This endpoint is cached, so you may have to wait a few hours before viewing your changes
# To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string
securitytxt: |
Contact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md
Expires: 2025-12-31T11:00:00.000Z'
securitytxt:
'# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:'
services:
# Cards configuration to format video in Twitter

View file

@ -4,13 +4,13 @@ After=network.target postgresql.service redis-server.service
[Service]
Type=simple
Environment=NODE_ENV=production
Environment=NODE_CONFIG_DIR=__FINALPATH__/config
Environment="__YNH_NODE_LOAD_PATH__"
User=__APP__
Group=__APP__
Environment=NODE_ENV=production
Environment=NODE_CONFIG_DIR=__INSTALL_DIR__/config
Environment="__YNH_NODE_LOAD_PATH__"
ExecStart=__YNH_NODE__ __INSTALL_DIR__/dist/server
WorkingDirectory=__INSTALL_DIR__/
ExecStart=__YNH_NODE__ __FINALPATH__/dist/server
WorkingDirectory=__FINALPATH__/
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=__APP__

View file

@ -1 +0,0 @@
* Do not modify the `__INSTALL_DIR__/conf/production.yaml` file, because it will be overridden in the next upgrade. Please instead either change them though the web interface, which stores specific local settings in a separate configuration file.

View file

@ -1 +0,0 @@
* Ne modifiez pas les paramètres dans le fichier `__INSTALL_DIR__/conf/production.yaml`, car il sera remplacé lors de la prochaine mise à niveau. Veuillez plutôt modifier la configuration via l'interface Web, qui stocke les paramètres locaux spécifiques dans un fichier de configuration distinct.

View file

@ -1 +1 @@
PeerTube is a decentralized and federated video hosting software. To publish videos, the user must register with a host (called an instance). Each host has its own conditions of use (storage space per user, moderation rules, themes, etc.). Thanks to WebTorrent, if several people view the same video, fragments of it are exchanged between people so as not to overload the instance. Decentralized: Each instance can follow one or more other PeerTube instances in order to allow its users to view their videos. Federated: Via the ActivityPub protocol, Peertube can interact with other software that is part of the Fediverse, such as Mastodon for example.
Federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser, using <a href="https://github.com/feross/webtorrent">WebTorrent</a>.

View file

@ -1 +1 @@
PeerTube est un logiciel décentralisé et fédéré dhébergement de vidéos. Pour publier des vidéos, lutilisateur doit sinscrire chez un hébergeur (nommé instance). Chaque hébergeur possède ses conditions dutilisation (espace de stockage par utilisateur, règles de modération, thématiques, etc.). Grâce à WebTorrent, si plusieurs personnes consultent une même vidéo, des fragments de celle-ci sont échangés entre les personnes afin de ne pas surcharger linstance. Décentralisé : Chaque instance peut suivre une ou plusieurs autres instances PeerTube afin de permettre à ses utilisateurs de visionner les vidéos de celles-ci. Fédéré : Via le protocole ActivityPub, Peertube peut interagir avec dautres logiciels qui font partie du Fediverse, comme Mastodon par exemple.
Plateforme de streaming vidéo fédérée (ActivityPub) utilisant P2P (BitTorrent) directement dans le navigateur Web, en utilisant <a href="https://github.com/feross/webtorrent"> WebTorrent </a>

22
doc/DISCLAIMER.md Normal file
View file

@ -0,0 +1,22 @@
### IMPORTANT POINT TO READ BEFORE INSTALLING
* Require **dedicated domain** like **peertube.domain.tld**.
* Admin username is: **root**.
* **Admin password and LDAP configuration** will be sent to the email address given at the time of the installation.
* URL can not be changed once selected. Choose the domain wisely.
* You need more then **1 GB** of RAM. If you don't have it, please create a **swap memory**.
$ dd if=/dev/zero of=/swapfile bs=1024 count=1048576
$ mkswap /swapfile
$ swapon /swapfile
$ echo "/swapfile swap swap defaults 0 0" >> /etc/fstab
* This app is **multi-instance** (you can have more then one PeerTube instance running on a YunoHost server)
* **If you are hosted on OVH virtual machine or experiencing `gyp ERR! configure error`, please switch to [ovh_fix](https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix)**
* HTTP auth is not supported
* Do not modify the `/var/www/<app>/conf/production.yaml` file, because it will be overridden in the next upgrade. Please instead either change them though the web interface or create a `/var/www/<app>/conf/local.yaml` file, assign it the same owner, group and rights than for `conf/production.yaml` and fill there your specific settings.
* Note: when the same option have different values in `production.yaml` and `local.yaml` files, only the value in `local.yaml` is taken into account.
### PLUGINS
* LDAP auth is supported, LDAP configuration will be sent to the email address given at the time of the installation.
* PeerTube plugin livechat is installed with Prosody. To enable, just select «Prosody server controlled by Peertube» as chat mode in the plugin configutation of the PeerTube admin page
* During install, because of Prosody, Metronome is disabled

23
doc/DISCLAIMER_fr.md Normal file
View file

@ -0,0 +1,23 @@
### Points importants à lire avant l'installation
* Nécessite un **domaine dédié** comme **peertube.domain.tld**.
* Le nom d'utilisateur de l'administrateur est: **root**.
* **Le mot de passe administrateur et la configuration LDAP** seront envoyés à l'adresse email indiquée au moment de l'installation.
* L'URL ne peut pas être modifiée une fois sélectionnée. Choisissez judicieusement le domaine.
* Vous avez besoin de plus de **1 Go** de RAM. Si vous ne l'avez pas, veuillez créer une **mémoire swap**.
$ dd if=/dev/zero of=/swapfile bs=1024 count=1048576
$ mkswap /swapfile
$ swapon /swapfile
$ echo "/swapfile swap swap defaults 0 0" >> /etc/fstab
* Cette application est **multi-instance** (vous pouvez avoir plus d'une instance PeerTube en cours d'exécution sur un serveur YunoHost)
* **Si vous êtes hébergé sur une machine virtuelle OVH ou rencontrez `gyp ERR! configure error`, veuillez passer à [ovh_fix](https://github.com/YunoHost-Apps/peertube_ynh/tree/ovh_fix)**
* L'authentification HTTP n'est pas supportée
* Ne modifiez pas le fichier `/var/www/<app>/conf/production.yaml`, car il sera remplacé à la prochaine mise à jour. À la place, veuillez modifier la configuration via l'interface web ou créer et remplir le fichier `/var/www/<app>/conf/local.yaml`, assignez-lui les mêmes propriétaire, groupe et droits que pour `conf/production.yaml` et y remplir vos options spécifiques.
* Note: si la même option contient différentes valeurs dans les fichiers `conf/production.yaml` et `conf/local.yaml`, seule la valeur dans `conf/local.yaml` sera prise en compte.
#### PLUGINS
* L'authentification LDAP est prise en charge, les instructions de configuration sont envoyées à l'adresse email indiquée au moment de l'installation
* Le plugin PeerTube livechat est installé ainsi que Prosody. pour l'activer, sélectionner «Prosody server controlled by Peertube» dans le paramétre chat mode du plugin dans la page d'administration de PeerTube.
* Pendant l'installation, à cause de Prosody, Metronome est désactivé.

View file

@ -1,12 +0,0 @@
- __APP__ can now be accessed at [https://__DOMAIN____PATH__](https://__DOMAIN____PATH__)
- The admin username is: root
- The admin password is: __ADMIN_PASS__
To make PeerTube Live available, you also need to make the TCP port __PORT_RTMP__ available from internet (For example, opening the port on your ISP box if it's not automatically done).
To enable LDAP authentication, you should open [https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap](https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap) and complete with the following informations :
- URL: `ldap://127.0.0.1`
- Insecure TLS: `checked`
- Search base: `ou=users,dc=yunohost,dc=org`
All YunoHost users will be allowed to login as PeerTube user.

View file

@ -1,12 +0,0 @@
- __APP__ est désormais accessible sur [https://__DOMAIN____PATH__](https://__DOMAIN____PATH__)
- Le nom d'utilisateur administrateur est : root
- Le mot de passe administrateur est : __ADMIN_PASS__
Pour rendre PeerTube Live disponible, vous devez également rendre le port TCP __PORT_RTMP__ disponible depuis internet (par exemple, ouvrir le port sur votre box FAI si ce n'est pas fait automatiquement).
Pour activer l'authentification LDAP, vous devez ouvrir [https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap](https://__DOMAIN____PATH__admin/plugins/show/peertube-plugin-auth-ldap) et compléter avec le informations suivantes :
-URL : `ldap://127.0.0.1`
- TLS non sécurisé : "vérifié"
- Base de recherche : `ou=users,dc=yunohost,dc=org`
Tous les utilisateurs de YunoHost seront autorisés à se connecter en tant qu'utilisateur PeerTube.

46
manifest.json Normal file
View file

@ -0,0 +1,46 @@
{
"name": "PeerTube",
"id": "peertube",
"packaging_format": 1,
"description": {
"en": "Federated video streaming platform using P2P directly in the web browser",
"fr": "Plateforme fédéralisé de diffusion vidéo par P2P directement dans le navigateur"
},
"version": "5.2.1~ynh1",
"url": "https://github.com/Chocobozzz/PeerTube",
"upstream": {
"license": "AGPL-3.0-only",
"website": "https://joinpeertube.org/fr",
"demo": "http://peertube.cpy.re",
"admindoc": "https://docs.joinpeertube.org",
"code": "https://github.com/Chocobozzz/PeerTube"
},
"license": "AGPL-3.0-only",
"maintainer": {
"name": "yalh76"
},
"requirements": {
"yunohost": ">= 11.0.0"
},
"multi_instance": false,
"services": [
"nginx"
],
"arguments": {
"install": [
{
"name": "domain",
"type": "domain"
},
{
"name": "is_public",
"type": "boolean",
"default": true
},
{
"name": "admin",
"type": "user"
}
]
}
}

View file

@ -1,78 +0,0 @@
packaging_format = 2
id = "peertube"
name = "PeerTube"
description.en = "Federated video streaming platform using P2P directly in the web browser"
description.fr = "Plateforme fédéralisé de diffusion vidéo par P2P directement dans le navigateur"
version = "6.0.2~ynh1"
maintainers = ["yalh76"]
[upstream]
license = "AGPL-3.0-only"
website = "https://joinpeertube.org/fr"
demo = "http://peertube.cpy.re"
admindoc = "https://docs.joinpeertube.org"
code = "https://github.com/Chocobozzz/PeerTube"
[integration]
yunohost = ">= 11.2"
architectures = "all"
multi_instance = false
ldap = true
sso = false
disk = "50M"
ram.build = "1G"
ram.runtime = "1G"
[install]
[install.domain]
type = "domain"
[install.init_main_permission]
type = "group"
default = "visitors"
[install.admin]
type = "user"
[resources]
[resources.sources.main]
url = "https://github.com/Chocobozzz/PeerTube/releases/download/v6.0.2/peertube-v6.0.2.tar.xz"
sha256 = "9313591f911f3951ec15a9d1102b8aa4158d4cf5af74e9f0e71c0ee4e4dca2a2"
autoupdate.strategy = "latest_github_tag"
[resources.ports]
main.default = 8095
rtmp.default = 1935
rtmp.exposed = "TCP"
[resources.system_user]
allow_email = true
[resources.install_dir]
[resources.data_dir]
subdirs = ["storage"]
[resources.permissions]
main.url = "/"
api.url = "/api"
api.allowed = "visitors"
api.auth_header = false
api.show_tile = false
api.protected = true
[resources.apt]
packages = "ffmpeg, postgresql, postgresql-contrib, openssl, g++, mailutils, apt-transport-https"
extras.yarn.repo = "deb https://dl.yarnpkg.com/debian/ stable main"
extras.yarn.key = "https://dl.yarnpkg.com/debian/pubkey.gpg"
extras.yarn.packages = "yarn"
[resources.database]
type = "postgresql"

View file

@ -4,9 +4,10 @@
# COMMON VARIABLES
#=================================================
nodejs_version=20
# Obtain the (empty string), __2, __3, cf the DB suffix in production.yaml...
db_suffix="$(echo $app | sed 's/peertube//g')"
# dependencies used by the app
pkg_dependencies="ffmpeg postgresql postgresql-contrib openssl g++ mailutils apt-transport-https"
nodejs_version=16
#=================================================
# PERSONAL HELPERS
@ -16,45 +17,6 @@ db_suffix="$(echo $app | sed 's/peertube//g')"
# EXPERIMENTAL HELPERS
#=================================================
# get the first available redis database
#
# usage: ynh_redis_get_free_db
# | returns: the database number to use
ynh_redis_get_free_db() {
local result max db
result=$(redis-cli INFO keyspace)
# get the num
max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+")
db=0
# default Debian setting is 15 databases
for i in $(seq 0 "$max")
do
if ! echo "$result" | grep -q "db$i"
then
db=$i
break 1
fi
db=-1
done
test "$db" -eq -1 && ynh_die --message="No available Redis databases..."
echo "$db"
}
# Create a master password and set up global settings
# Please always call this script in install and restore scripts
#
# usage: ynh_redis_remove_db database
# | arg: database - the database to erase
ynh_redis_remove_db() {
local db=$1
redis-cli -n "$db" flushall
}
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

View file

@ -10,6 +10,28 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@ -19,13 +41,13 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$install_dir"
ynh_backup --src_path="$final_path"
#=================================================
# BACKUP THE DATA DIR
#=================================================
ynh_backup --src_path="$data_dir" --is_big
ynh_backup --src_path="$datadir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION

View file

@ -7,91 +7,250 @@
#=================================================
source _common.sh
source ynh_redis
source ynh_send_readme_to_admin__2
source ynh_apps
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url="/"
is_public=$YNH_APP_ARG_IS_PUBLIC
admin=$YNH_APP_ARG_ADMIN
app=$YNH_APP_INSTANCE_NAME
admin_mail=$(ynh_user_get_info --username=$admin --key="mail")
admin_pass=$(ynh_string_random --length=24)
ynh_app_setting_set --app=$app --key=admin_pass --value=$admin_pass
secrets_peertube=$(ynh_string_random --length=24)
# Define app's data directory
datadir="/home/yunohost.app/${app}/storage"
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube
redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db"
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..."
# Find an available port
port=$(ynh_find_port --port=8095)
ynh_app_setting_set --app=$app --key=port --value=$port
# PeerTube Live port
rtmp_port=1935
ynh_port_available --port=$rtmp_port || ynh_die --message="Port $rtmp_port is needs to be available for this app"
ynh_app_setting_set --app=$app --key=rtmp_port --value=$rtmp_port
# Open the port
ynh_script_progression --message="Configuring firewall..."
ynh_exec_warn_less yunohost firewall allow TCP $rtmp_port
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing nodejs..."
ynh_script_progression --message="Installing dependencies..."
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# CREATE A POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Initializing postgresql modules..."
ynh_script_progression --message="Creating a PostgreSQL database..."
db_name="peertube_${app}"
db_user=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS unaccent;" --database=$db_name
ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name
#=================================================
# CONFIGURE REDIS
#=================================================
redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..."
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"
ynh_setup_source --dest_dir="$final_path"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..."
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#=================================================
# BUILD YARN DEPENDENCIES
#=================================================
ynh_script_progression --message="Building Yarn dependencies..."
pushd "$install_dir"
pushd "$final_path"
ynh_use_nodejs
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn config set network-timeout 300000
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn install --production --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn cache clean
popd
#=================================================
# NGINX CONFIGURATION
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding system configurations..."
ynh_script_progression --message="Adding a configuration file..."
# Create a dedicated NGINX config
ynh_add_nginx_config
ynh_add_config --template="../conf/production.yaml" --destination="$final_path/config/production.yaml"
chmod 400 "$final_path/config/production.yaml"
chown $app:$app "$final_path/config/production.yaml"
ynh_add_config --template="../conf/local-production.json" --destination="$final_path/config/local-production.json"
chmod 600 "$final_path/config/local-production.json"
chown $app:$app "$final_path/config/local-production.json"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..."
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..."
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on localhost"
#=================================================
# INSTALL LDAP PLUGIN
#=================================================
ynh_script_progression --message="Installing LDAP plugin..."
pushd "$final_path"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-auth-ldap
popd
#=================================================
# INSTALL PEERTUBE LIVECHAT PLUGIN
#=================================================
ynh_script_progression --message="Installing PeerTube livechat plugin..."
pushd "$final_path"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-livechat
popd
#=================================================
# CHANGE PEERTUBE ADMIN PASSWORD
#=================================================
ynh_script_progression --message="Changing PeerTube admin password..."
pushd "$final_path"
echo $admin_pass | ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run reset-password -- -u root
popd
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..."
# Stop a systemd service
ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..."
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
yunohost service add $app --description="Federated video streaming platform" --log="/var/log/$app/$app.log" --needs_exposed_ports $port_rtmp
#=================================================
# ADD A CONFIGURATION
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Adding peertube configuration file..."
ynh_script_progression --message="Integrating service in YunoHost..."
ynh_add_config --template="production.yaml" --destination="$install_dir/config/production.yaml"
chmod 400 "$install_dir/config/production.yaml"
chown $app:$app "$install_dir/config/production.yaml"
# Initialize local setting conf file
echo '{}' > "$install_dir/config/local-production.json"
chmod 600 "$install_dir/config/local-production.json"
chown $app:$app "$install_dir/config/local-production.json"
yunohost service add $app --description="$app daemon for Peertube" --log="/var/log/$app/$app.log" --needs_exposed_ports $rtmp_port
#=================================================
# START SYSTEMD SERVICE
@ -99,18 +258,36 @@ chown $app:$app "$install_dir/config/local-production.json"
ynh_script_progression --message="Starting a systemd service..."
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1"
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started"
#=================================================
# INSTALL LDAP PLUGIN
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Installing $app plugin and password..."
ynh_script_progression --message="Configuring permissions..."
pushd "$install_dir"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-auth-ldap
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-livechat
echo "$admin_pass" | ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run reset-password -- -u root
popd
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
ynh_script_progression --message="Sending a readme for the admin..."
ynh_send_readme_to_admin --app_message="../conf/msg_install" --recipients=$admin_mail --type='install'
#=================================================
# END OF SCRIPT

View file

@ -1,8 +1,43 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source ynh_redis
source ynh_send_readme_to_admin__2
source ynh_apps
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
rtmp_port=$(ynh_app_setting_get --app=$app --key=rtmp_port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
path_url=$(ynh_app_setting_get --app=$app --key=path)
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
admin_mail=$(ynh_user_get_info --username=$admin --key="mail")
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#=================================================
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null
then
@ -10,25 +45,110 @@ then
yunohost service remove $app
fi
ynh_script_progression --message="Removing system configurations related to $app..."
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_script_progression --message="Stopping and removing the systemd service..."
# Remove the dedicated systemd config
ynh_remove_systemd_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..."
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Removing the PostgreSQL database..."
# Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE THE REDIS DATABASE
#=================================================
ynh_script_progression --message="Removing the redis database..."
ynh_redis_remove_db "$redis_db"
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..."
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE DATA DIR
#=================================================
# Remove the data directory if --purge option is used
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then
ynh_script_progression --message="Removing app data directory..."
ynh_secure_remove --file="$datadir"
fi
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..."
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..."
# Remove metapackage and its dependencies
ynh_remove_nodejs
ynh_remove_app_dependencies
#=================================================
# CLOSE A PORT
#=================================================
if yunohost firewall list | grep -q "\- $rtmp_port$"
then
ynh_script_progression --message="Closing port $rtmp_port..."
ynh_exec_warn_less yunohost firewall disallow TCP $rtmp_port
fi
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE VARIOUS FILES
#=================================================
ynh_script_progression --message="Removing various files..."
# Remove the log files
ynh_secure_remove --file="/var/log/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..."
# Delete a system user
ynh_system_user_delete --username=$app
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
ynh_script_progression --message="Sending a readme for the admin..."
ynh_send_readme_to_admin --app_message="../conf/msg_remove" --recipients=$admin_mail --type='remove'
#=================================================
# END OF SCRIPT
#=================================================

View file

@ -8,33 +8,76 @@
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source ../settings/scripts/ynh_apps
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
rtmp_port=$(ynh_app_setting_get --app=$app --key=rtmp_port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..."
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..."
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file --origin_path="$install_dir"
ynh_restore_file --origin_path="$final_path"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring the data directory..."
ynh_restore_file --origin_path="$data_dir" --not_mandatory
ynh_restore_file --origin_path="$datadir" --not_mandatory
chown -R $app:www-data "$data_dir"
mkdir -p $datadir
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PostgreSQL database..."
ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#=================================================
# SPECIFIC RESTORATION
@ -43,27 +86,72 @@ ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./d
#=================================================
ynh_script_progression --message="Reinstalling dependencies..."
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
ynh_script_progression --message="Reinstalling system configurations..."
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PostgreSQL database..."
ynh_psql_test_if_first_run
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name
#=================================================
# OPEN A PORT
#=================================================
ynh_script_progression --message="Configuring firewall..."
# Open the port
ynh_exec_warn_less yunohost firewall allow TCP $rtmp_port
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..."
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..."
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
yunohost service add $app --description="Federated video streaming platform" --log="/var/log/$app/$app.log" --needs_exposed_ports $port_rtmp
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app --description="$app daemon for Peertube" --log="/var/log/$app/$app.log" --needs_exposed_ports $rtmp_port
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1"
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload

View file

@ -7,15 +7,62 @@
#=================================================
source _common.sh
source ynh_redis
source ynh_apps
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
rtmp_port=$(ynh_app_setting_get --app=$app --key=rtmp_port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
admin_mail=$(ynh_user_get_info --username=$admin --key="mail")
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
secrets_peertube=$(ynh_app_setting_get --app=$app --key=secrets_peertube)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..."
ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
@ -24,50 +71,95 @@ ynh_script_progression --message="Ensuring downward compatibility..."
ynh_app_setting_delete --app=$app --key=admin_pass
ynh_app_setting_delete --app=$app --key=admin_mail
# If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
db_name="peertube_${app}"
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
fi
# If db_user doesn't exist, create it
if [ -z "$db_user" ]; then
db_user=$app
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
fi
# If db_pwd doesn't exist, create it
if [ -z "$db_pwd" ]; then
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
fi
# If redis_db doesn't exist, create it
if [ -z "${redis_db:-}" ]; then
if [ -z "$redis_db" ]; then
redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db"
fi
if [ -z "${secrets_peertube:-}" ]; then
ynh_print_info --message="Generating and storing PeerTube secrets..."
secrets_peertube=$(ynh_string_random --length=24)
ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube
if [ -z "$datadir" ];
then
datadir="/home/yunohost.app/${app}/storage"
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
fi
# Close a port
if yunohost firewall list | grep -q "\- $port$"
then
ynh_script_progression --message="Closing port $port"
ynh_exec_warn_less yunohost firewall disallow TCP $port
fi
# Add PostgreSQL extension for v1.0.0-beta.10.pre.1
ynh_exec_warn_less ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS unaccent;" --database=$db_name
ynh_exec_warn_less ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name
ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS unaccent;" --database=$db_name
ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name
# Remove repository
ynh_secure_remove --file="/etc/apt/sources.list.d/yarn.list"
# Remove hook
if [[ -e "/usr/share/yunohost/hooks/conf_regen/15-nginx_$app" ]]
# Remove not needed checksum
ynh_delete_file_checksum --file="../conf/msg_install"
if [ -z "$rtmp_port" ];
then
rtmp_port=1935
ynh_port_available --port=$rtmp_port || ynh_die --message="Port $rtmp_port is needs to be available for this app"
ynh_app_setting_set --app=$app --key=rtmp_port --value=$rtmp_port
# Open the port
ynh_script_progression --message="Configuring firewall..."
ynh_exec_warn_less yunohost firewall allow TCP $rtmp_port
fi
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
# Create a permission if needed
if ! ynh_permission_exists --permission="api"; then
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
fi
# Remove hook
ynh_secure_remove --file="/usr/share/yunohost/hooks/conf_regen/15-nginx_$app"
yunohost tools regen-conf nginx
fi
# Remove old log file
ynh_secure_remove --file="$data_dir/logs"
ynh_secure_remove --file="$datadir/logs"
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
# Remove Prosody
ynh_remove_apps
#=================================================
# STOP SYSTEMD SERVICE
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Stopping a systemd service..."
ynh_script_progression --message="Making sure dedicated system user exists..."
ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped"
# In the past, the db was called peertube_peertube >_>
if [[ "${db_name:-}" == "peertube_peertube" ]]
then
ynh_print_info --message="Renaming database..."
ynh_psql_execute_as_root --sql="ALTER DATABASE $db_name RENAME TO $app;"
db_name="$app"
ynh_app_setting_set --app="$app" --key=db_name --value="$db_name"
fi
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
@ -78,44 +170,61 @@ then
ynh_script_progression --message="Upgrading source files..."
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --full_replace=1 --dest_dir="$install_dir" \
ynh_setup_source --full_replace=1 --dest_dir="$final_path" \
--keep="config/production.yaml config/local-production.json config/local.yaml"
fi
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..."
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
ynh_script_progression --message="Upgrading system configurations..."
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated NGINX config
ynh_add_nginx_config
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..."
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
mkdir -p $datadir
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
yunohost service add $app --description="Federated video streaming platform" --log="/var/log/$app/$app.log" --needs_exposed_ports $port_rtmp
#=================================================
# Generate secrets if they don't exist
#=================================================
if [ -z "$secrets_peertube" ]; then
ynh_print_info --message="Generating and storing PeerTube secrets..."
secrets_peertube=$(ynh_string_random --length=24)
ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube
fi
#=================================================
# BUILD YARN DEPENDENCIES
#=================================================
ynh_script_progression --message="Building Yarn dependencies..."
pushd "$install_dir"
pushd "$final_path"
ynh_use_nodejs
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn config set network-timeout 300000
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn install --production --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn cache clean
popd
@ -123,23 +232,52 @@ popd
#=================================================
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating configuration file..."
ynh_script_progression --message="Updating a config file..."
ynh_add_config --template="production.yaml" --destination="$install_dir/config/production.yaml"
chmod 400 "$install_dir/config/production.yaml"
chown $app:$app "$install_dir/config/production.yaml"
ynh_add_config --template="../conf/production.yaml" --destination="$final_path/config/production.yaml"
chmod 600 "$install_dir/config/local-production.json"
chown $app:$app "$install_dir/config/local-production.json"
chmod 400 "$final_path/config/production.yaml"
chown $app:$app "$final_path/config/production.yaml"
ynh_backup_if_checksum_is_different --file="$final_path/config/local-production.json"
chmod 600 "$final_path/config/local-production.json"
chown $app:$app "$final_path/config/local-production.json"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..."
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..."
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started"
#=================================================
# INSTALL LDAP PLUGIN
#=================================================
ynh_script_progression --message="Installing $app plugin..."
ynh_script_progression --message="Installing LDAP plugin..."
pushd "$install_dir"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-auth-ldap
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-livechat
pushd "$final_path"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-auth-ldap
popd
#=================================================
# INSTALL PEERTUBE LIVECHAT PLUGIN
#=================================================
ynh_script_progression --message="Installing PeerTube livechat plugin..."
pushd "$final_path"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_npm run plugin:install -- --npm-name peertube-plugin-livechat
popd
#=================================================
@ -148,24 +286,57 @@ popd
if ynh_compare_current_package_version --comparison lt --version 4.0.0~ynh1; then
ynh_script_progression --message="Running Peertube 4.0.0 migration script..."
pushd "$install_dir"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_node dist/scripts/migrations/peertube-4.0.js
pushd "$final_path"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_node dist/scripts/migrations/peertube-4.0.js
popd
fi
if ynh_compare_current_package_version --comparison lt --version 4.2.0~ynh1; then
ynh_script_progression --message="Running Peertube 4.2.0 migration script..."
pushd "$install_dir"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$install_dir/config" NODE_ENV=production $ynh_node dist/scripts/migrations/peertube-4.2.js
pushd "$final_path"
ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production $ynh_node dist/scripts/migrations/peertube-4.2.js
popd
fi
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..."
# Stop a systemd service
ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..."
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app --description="$app daemon for Peertube" --log="/var/log/$app/$app.log" --needs_exposed_ports $rtmp_port
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting systemd service..."
ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="HTTP server listening on 127.0.0.1"
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT

110
scripts/ynh_apps Normal file
View file

@ -0,0 +1,110 @@
#!/bin/bash
# Install others YunoHost apps
#
# usage: ynh_install_apps --apps="appfoo?domain=domain.foo&path=/foo appbar?domain=domain.bar&path=/bar&admin=USER&language=fr&is_public=1&pass?word=pass&port=666"
# | arg: -a, --apps= - apps to install
#
# Requires YunoHost version *.*.* or higher.
ynh_install_apps() {
# Declare an array to define the options of this helper.
local legacy_args=a
local -A args_array=([a]=apps=)
local apps
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
# Split the list of apps in an array
local apps_list=($(echo $apps | tr " " "\n"))
local apps_dependencies=""
# For each app
for one_app_and_its_args in "${apps_list[@]}"
do
# Retrieve the name of the app (part before ?)
local one_app=$(cut -d "?" -f1 <<< "$one_app_and_its_args")
[ -z "$one_app" ] && ynh_die --message="You didn't provided a YunoHost app to install"
yunohost tools update apps
# Installing or upgrading the app depending if it's installed or not
if ! yunohost app list --output-as json --quiet | jq -e --arg id $one_app '.apps[] | select(.id == $id)' >/dev/null
then
# Retrieve the arguments of the app (part after ?)
local one_argument=$(cut -d "?" -f2- <<< "$one_app_and_its_args")
[ ! -z "$one_argument" ] && one_argument="--args $one_argument"
# Install the app with its arguments
yunohost app install $one_app $one_argument
else
# Upgrade the app
yunohost app upgrade $one_app
fi
if [ ! -z "$apps_dependencies" ]
then
apps_dependencies="$apps_dependencies, $one_app"
else
apps_dependencies="$one_app"
fi
done
ynh_app_setting_set --app=$app --key=apps_dependencies --value="$apps_dependencies"
}
# Remove other YunoHost apps
#
# Other YunoHost apps will be removed only if no other apps need them.
#
# usage: ynh_remove_apps
#
# Requires YunoHost version *.*.* or higher.
ynh_remove_apps() {
# Retrieve the apps dependencies of the app
local apps_dependencies=$(ynh_app_setting_get --app=$app --key=apps_dependencies)
ynh_app_setting_delete --app=$app --key=apps_dependencies
if [ ! -z "$apps_dependencies" ]
then
# Split the list of apps dependencies in an array
local apps_dependencies_list=($(echo $apps_dependencies | tr ", " "\n"))
# For each apps dependencies
for one_app in "${apps_dependencies_list[@]}"
do
# Retrieve the list of installed apps
local installed_apps_list=$(yunohost app list --output-as json --quiet | jq -r .apps[].id)
local required_by=""
local installed_app_required_by=""
# For each other installed app
for one_installed_app in $installed_apps_list
do
# Retrieve the other apps dependencies
one_installed_apps_dependencies=$(ynh_app_setting_get --app=$one_installed_app --key=apps_dependencies)
if [ ! -z "$one_installed_apps_dependencies" ]
then
one_installed_apps_dependencies_list=($(echo $one_installed_apps_dependencies | tr ", " "\n"))
# For each dependency of the other apps
for one_installed_app_dependency in "${one_installed_apps_dependencies_list[@]}"
do
if [[ $one_installed_app_dependency == $one_app ]]; then
required_by="$required_by $one_installed_app"
fi
done
fi
done
# If $one_app is no more required
if [[ -z "$required_by" ]]
then
# Remove $one_app
ynh_print_info --message="Removing of $one_app"
yunohost app remove $one_app --purge
else
ynh_print_info --message="$one_app was not removed because it's still required by${required_by}"
fi
done
fi
}

39
scripts/ynh_redis Normal file
View file

@ -0,0 +1,39 @@
#!/bin/bash
# get the first available redis database
#
# usage: ynh_redis_get_free_db
# | returns: the database number to use
ynh_redis_get_free_db() {
local result max db
result=$(redis-cli INFO keyspace)
# get the num
max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+")
db=0
# default Debian setting is 15 databases
for i in $(seq 0 "$max")
do
if ! echo "$result" | grep -q "db$i"
then
db=$i
break 1
fi
db=-1
done
test "$db" -eq -1 && ynh_die --message="No available Redis databases..."
echo "$db"
}
# Create a master password and set up global settings
# Please always call this script in install and restore scripts
#
# usage: ynh_redis_remove_db database
# | arg: database - the database to erase
ynh_redis_remove_db() {
local db=$1
redis-cli -n "$db" flushall
}

View file

@ -0,0 +1,129 @@
#!/bin/bash
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin --app_message=app_message [--recipients=recipients] [--type=type]
# | arg: -m --app_message= - The file with the content to send to the administrator.
# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
# | arg: -t, --type= - Type of mail, could be 'backup', 'change_url', 'install', 'remove', 'restore', 'upgrade'
#
# Requires YunoHost version 4.1.0 or higher.
ynh_send_readme_to_admin() {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [m]=app_message= [r]=recipients= [t]=type= )
local app_message
local recipients
local type
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
app_message="${app_message:-}"
recipients="${recipients:-root}"
type="${type:-install}"
# Get the value of admin_mail_html
admin_mail_html=$(ynh_app_setting_get $app admin_mail_html)
admin_mail_html="${admin_mail_html:-0}"
# Retrieve the email of users
find_mails () {
local list_mails="$1"
local mail
local recipients=" "
# Read each mail in argument
for mail in $list_mails
do
# Keep root or a real email address as it is
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
then
recipients="$recipients $mail"
else
# But replace an user name without a domain after by its email
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
then
recipients="$recipients $mail"
fi
fi
done
echo "$recipients"
}
recipients=$(find_mails "$recipients")
# Subject base
local mail_subject="☁️🆈🅽🅷☁️: \`$app\`"
# Adapt the subject according to the type of mail required.
if [ "$type" = "backup" ]; then
mail_subject="$mail_subject has just been backup."
elif [ "$type" = "change_url" ]; then
mail_subject="$mail_subject has just been moved to a new URL!"
elif [ "$type" = "remove" ]; then
mail_subject="$mail_subject has just been removed!"
elif [ "$type" = "restore" ]; then
mail_subject="$mail_subject has just been restored!"
elif [ "$type" = "upgrade" ]; then
mail_subject="$mail_subject has just been upgraded!"
else # install
mail_subject="$mail_subject has just been installed!"
fi
ynh_add_config --template="$app_message" --destination="../conf/msg__to_send"
ynh_delete_file_checksum --file="../conf/msg__to_send"
local mail_message="This is an automated message from your beloved YunoHost server.
Specific information for the application $app.
$(cat "../conf/msg__to_send")"
# Store the message into a file for further modifications.
echo "$mail_message" > mail_to_send
# If a html email is required. Apply html tags to the message.
if [ "$admin_mail_html" -eq 1 ]
then
# Insert 'br' tags at each ending of lines.
ynh_replace_string "$" "<br>" mail_to_send
# Insert starting HTML tags
sed --in-place '1s@^@<!DOCTYPE html>\n<html>\n<head></head>\n<body>\n@' mail_to_send
# Keep tabulations
ynh_replace_string " " "\&#160;\&#160;" mail_to_send
ynh_replace_string "\t" "\&#160;\&#160;" mail_to_send
# Insert url links tags
ynh_replace_string "__URL_TAG1__\(.*\)__URL_TAG2__\(.*\)__URL_TAG3__" "<a href=\"\2\">\1</a>" mail_to_send
# Insert finishing HTML tags
echo -e "\n</body>\n</html>" >> mail_to_send
# Otherwise, remove tags to keep a plain text.
else
# Remove URL tags
ynh_replace_string "__URL_TAG[1,3]__" "" mail_to_send
ynh_replace_string "__URL_TAG2__" ": " mail_to_send
fi
# Define binary to use for mail command
if [ -e /usr/bin/bsd-mailx ]
then
local mail_bin=/usr/bin/bsd-mailx
else
local mail_bin=/usr/bin/mail.mailutils
fi
if [ "$admin_mail_html" -eq 1 ]
then
content_type="text/html"
else
content_type="text/plain"
fi
# Send the email to the recipients
cat mail_to_send | $mail_bin -a "Content-Type: $content_type; charset=UTF-8" -s "$mail_subject" "$recipients"
}

View file

@ -1,15 +0,0 @@
test_format = 1.0
[default]
# ------------
# Tests to run
# ------------
exclude = ["change_url"]
# -------------------------------
# Commits to test upgrade from
# -------------------------------
test_upgrade_from.8a8d9be.name = "5.2.1"