Merge pull request #2 from Jibec/master

Improvments (remove passwords and tiny improvments)

README.md

@@ -4,23 +4,19 @@
 ## Installation
  1. Require dedicated domain like **peertube.domain.tld**.
  1. No LDAP support (blocked until upstream implements it)
- 1. No Multi-instance
  1. No url change possible
  1. Peertube is under development stage, **don't use it for production**
  1. Take notice that this YunoHost package *claims* the following features:
    - [x] Install
    - [x] Remove
-   - [ ] Upgrade
-   - [ ] Backup
-   - [ ] Restore
+   - [x] Upgrade
+   - [x] Backup
+   - [x] Restore
 
  1. **Install the app by following command:**
 
          $ sudo yunohost app install https://github.com/YunoHost-Apps/peertube_ynh
  1. **root** is the admin username and the admin email is the email address given at the time of installation.
- 1. **After installation change the password by this command:**
-
-         $ cd /var/www/peertube && NODE_ENV=production npm run reset-password -- -u root
 
     <h1 align="center">
       PeerTube
@@ -51,12 +47,8 @@ Thanks to [WebTorrent](https://github.com/feross/webtorrent), we can make P2P (t
 
 ### Dependencies
 
-  * **NodeJS >= 6.x**
-  * **npm >= 3.x**
-  * yarn
-  * OpenSSL (cli)
-  * PostgreSQL
-  * FFmpeg
+  * NodeJS, PostgreSQL
+  * It adds jessie-backports for ffmpeg
 
 ## LICENSE
 

check_process

@@ -16,7 +16,7 @@
 		setup_nourl=0
 		setup_private=1
 		setup_public=1
-		upgrade=0
+		upgrade=1
 		backup_restore=1
 		multi_instance=1
 		incorrect_path=0
@@ -26,8 +26,8 @@
 	Level 1=auto
 	Level 2=auto
 	Level 3=auto
-# Level 4:
-	Level 4=0
+# Level 4: not supported by upstream
+	Level 4=N/A
 # Level 5:
 	Level 5=auto
 	Level 6=auto

manifest.json

@@ -36,15 +36,6 @@
                 },
                 "example": "johndoe@example.com"
             },
-            {
-                "name": "pass",
-                "type": "password",
-                "ask": {
-                    "en": "Enter password of this administrator(username:root).Should be greater then 6 character",
-                    "fr": "Ajouter le mot de passe pour cette administrateur ≥ 6 charactères"
-                },
-                "example": "battery horse staple nenuphar"
-            },
             {
                 "name": "port",
                 "ask": {

scripts/_common.sh

@@ -11,3 +11,52 @@ ynh_delete_file_checksum () {
 	local checksum_setting_name=checksum_${1//[\/ ]/_}	# Replace all '/' and ' ' by '_'
 	ynh_app_setting_delete $app $checksum_setting_name
 }
+
+# Send an email to inform the administrator
+#
+# usage: ynh_send_readme_to_admin app_message [recipients]
+# | arg: app_message - The message to send to the administrator.
+# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
+#	example: "root admin@domain"
+#	If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
+#	example: "root admin@domain user1 user2"
+ynh_send_readme_to_admin() {
+	local app_message="${1:-...No specific information...}"
+	local recipients="${2:-root}"
+
+	# Retrieve the email of users
+	find_mails () {
+		local list_mails="$1"
+		local mail
+		local recipients=" "
+		# Read each mail in argument
+		for mail in $list_mails
+		do
+			# Keep root or a real email address as it is
+			if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
+			then
+				recipients="$recipients $mail"
+			else
+				# But replace an user name without a domain after by its email
+				if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
+				then
+					recipients="$recipients $mail"
+				fi
+			fi
+		done
+		echo "$recipients"
+	}
+	recipients=$(find_mails "$recipients")
+
+	local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
+
+	local mail_message="This is an automated message from your beloved YunoHost server.
+Specific information for the application $app.
+$app_message
+---
+Automatic diagnosis data from YunoHost
+$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
+
+	# Send the email to the recipients
+	echo "$mail_message" | mail -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
+}

scripts/backup

@@ -46,7 +46,7 @@ ynh_backup "$final_path"
 
 # Copy the data directory
 
-ynh_backup /home/yunohost.app/${app}
+ynh_backup "/home/yunohost.app/${app}"
 
 
 #=================================================

scripts/install

@@ -30,7 +30,7 @@ ynh_abort_if_errors
 domain=$YNH_APP_ARG_DOMAIN
 path_url="/"
 admin_email=$YNH_APP_ARG_EMAIL
-admin_pass=$YNH_APP_ARG_PASS
+admin_pass=$(ynh_string_random 24)
 port=$YNH_APP_ARG_PORT
 is_public=$YNH_APP_ARG_IS_PUBLIC
 
@@ -55,23 +55,18 @@ final_path=/var/www/$app
 test ! -e "$final_path" || ynh_die "This path already contains a folder"
 
 # Check web path availability
-ynh_webpath_available $domain $path_url
+ynh_webpath_available "$domain" "$path_url"
 # Register (book) web path
-ynh_webpath_register $app $domain $path_url
-
-# Check password strength
-[[ ${#admin_pass} -gt 6 ]] || ynh_die \
-"The password is too weak, it must be longer than 6 characters"
-
+ynh_webpath_register "$app" "$domain" "$path_url"
 
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
 
-ynh_app_setting_set $app domain $domain
-ynh_app_setting_set $app admin_email $admin_email
-ynh_app_setting_set $app admin_pass $admin_pass
-ynh_app_setting_set $app is_public $is_public
+ynh_app_setting_set "$app" domain "$domain"
+ynh_app_setting_set "$app" admin_email "$admin_email"
+ynh_app_setting_set "$app" admin_pass "$admin_pass"
+ynh_app_setting_set "$app" is_public "$is_public"
 
 #=================================================
 # STANDARD MODIFICATIONS
@@ -80,10 +75,10 @@ ynh_app_setting_set $app is_public $is_public
 #=================================================
 
 # Find a free port
-ynh_find_port $port
+ynh_find_port "$port"
 # Open this port
-yunohost firewall allow Both $port 2>&1
-ynh_app_setting_set $app port $port
+yunohost firewall allow Both "$port" 2>&1
+ynh_app_setting_set "$app" port "$port"
 
 #=================================================
 # CREATE THE DATA DIRECTORY
@@ -101,10 +96,10 @@ mkdir -p "$datadir"
 # install yarn
 wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb
 echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die
-sudo dpkg -i yarn_1.5.1_all.deb
+dpkg -i yarn_1.5.1_all.deb
 
 # add backports (required to install ffmpeg)
-echo "deb http://httpredir.debian.org/debian jessie-backports main" | sudo tee /etc/apt/sources.list.d/jessie-backports.list
+echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
 ynh_package_update
 
 # install postgresql, ffmpeg, redis
@@ -120,36 +115,36 @@ ynh_install_nodejs 8
 # Create postgresql database
 db_name="peertube_${app}"
 db_pwd=$(ynh_string_random 30)
-ynh_app_setting_set $app psql_db $db_name
-ynh_app_setting_set $app psqlpwd $db_pwd
+ynh_app_setting_set "$app" psql_db "$db_name"
+ynh_app_setting_set "$app" psqlpwd "$db_pwd"
 ynh_psql_test_if_first_run
-ynh_psql_create_user $app $db_pwd
+ynh_psql_create_user "$app" "$db_pwd"
 ynh_psql_execute_as_root \
-"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;"
+"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER "$app";"
 
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 
 # Create a system user
-ynh_system_user_create $app
+ynh_system_user_create "$app"
 
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK PEERTUBE SOURCE
 #=================================================
 
-ynh_app_setting_set $app final_path $final_path
+ynh_app_setting_set "$app" final_path "$final_path"
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source "$final_path"
-cp ../conf/production.yaml $final_path/config/production.yaml
-(cd $final_path && yarn install --production --pure-lockfile)
+cp ../conf/production.yaml "$final_path/config/production.yaml"
+(cd "$final_path" && yarn install --production --pure-lockfile)
 
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
 
 # Create a dedicated nginx config
-sudo mkdir -p "/etc/nginx/conf.d/${domain}.d"
+mkdir -p "/etc/nginx/conf.d/${domain}.d"
 ynh_add_nginx_config
 
 #=================================================
@@ -157,7 +152,7 @@ ynh_add_nginx_config
 #=================================================
 
 # Set right permissions for curl install
-chown -R $app:$app "$final_path" "$datadir"
+chown -R "$app" "$datadir"
 
 # Reload Nginx
 systemctl reload nginx
@@ -195,15 +190,15 @@ ynh_use_logrotate
 # SETUP SSOWAT
 #=================================================
 
-if [ $is_public -eq 0 ]
+if [ "$is_public" -eq 0 ]
 then	# Remove the public access
-	ynh_app_setting_delete $app skipped_uris
+	ynh_app_setting_delete "$app" skipped_uris
 fi
 # Make app public if necessary
-if [ $is_public -eq 1 ]
+if [ "$is_public" -eq 1 ]
 then
 	# unprotected_uris allows SSO credentials to be passed anyway.
-	ynh_app_setting_set $app unprotected_uris "/"
+	ynh_app_setting_set "$app" unprotected_uris "/"
 fi
 
 #=================================================
@@ -212,17 +207,31 @@ fi
 
 # Create a dedicated systemd config
 ynh_add_systemd_config
-sudo systemctl start $app
+systemctl start "$app"
 
 #=================================================
 # CHANGE PEERTUBE ADMIN PASSWORD AFTER INITIAL GEN
 #=================================================
 
 # we need to wait for the service to init peertube's database
-(cd /var/www/$app && sleep 15 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/$app/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root")
+(cd "/var/www/$app" && sleep 15 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/$app/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root")
 
 #=================================================
 # RELOAD NGINX
 #=================================================
 
 systemctl reload nginx
+
+#=================================================
+# SEND A README FOR THE ADMIN
+#=================================================
+
+message="PeerTube was successfully installed :)
+
+Please open "https://$domain$path_url"
+
+Here is the admin password: "$admin_pass"
+
+If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/peertube_ynh"
+
+ynh_send_readme_to_admin "$message"

scripts/remove

@@ -20,10 +20,10 @@ source /usr/share/yunohost/helpers
 
 app=$YNH_APP_INSTANCE_NAME
 
-domain=$(ynh_app_setting_get $app domain)
-port=$(ynh_app_setting_get $app port)
-db_name=$(ynh_app_setting_get $app psql_db)
-final_path=$(ynh_app_setting_get $app final_path)
+domain=$(ynh_app_setting_get "$app" domain)
+port=$(ynh_app_setting_get "$app" port)
+db_name=$(ynh_app_setting_get "$app" psql_db)
+final_path=$(ynh_app_setting_get "$app" final_path)
 
 #=================================================
 # STANDARD REMOVE
@@ -38,10 +38,10 @@ ynh_remove_systemd_config
 # REMOVE SERVICE FROM ADMIN PANEL
 #=================================================
 
-if yunohost service status | grep -q $app
+if yunohost service status | grep -q "$app"
 then
 	echo "Remove $app service"
-	yunohost service remove $app
+	yunohost service remove "$app"
 fi
 
 #=================================================
@@ -57,7 +57,7 @@ ynh_remove_nodejs
 #=================================================
 
 # Remove a database if it exists, along with the associated user
-ynh_psql_remove_db $db_name $app
+ynh_psql_remove_db "$db_name" "$app"
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
@@ -88,7 +88,7 @@ ynh_secure_remove /var/log/"$app"
 if yunohost firewall list | grep -q "\- $port$"
 then
 	echo "Close port $port"
-	yunohost firewall disallow Both $port 2>&1
+	yunohost firewall disallow Both "$port" 2>&1
 fi
 
 #=================================================
@@ -102,4 +102,4 @@ fi
 #=================================================
 
 # Delete a system user
-ynh_system_user_delete $app
+ynh_system_user_delete "$app"

scripts/restore

@@ -31,21 +31,21 @@ ynh_abort_if_errors
 
 app=$YNH_APP_INSTANCE_NAME
 
-domain=$(ynh_app_setting_get $app domain)
+domain=$(ynh_app_setting_get "$app" domain)
 path_url="/"
-final_path=$(ynh_app_setting_get $app final_path)
-port=$(ynh_app_setting_get $app port)
-db_name=$(ynh_app_setting_get $app psql_db)
-db_pwd=$(ynh_app_setting_get $app psqlpwd)
+final_path=$(ynh_app_setting_get "$app" final_path)
+port=$(ynh_app_setting_get "$app" port)
+db_name=$(ynh_app_setting_get "$app" psql_db)
+db_pwd=$(ynh_app_setting_get "$app" psqlpwd)
 
 
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
 #=================================================
 
-ynh_webpath_available $domain $path_url \
+ynh_webpath_available "$domain" "$path_url" \
 	|| ynh_die "Path not available: ${domain}${path_url}"
-test ! -d $final_path \
+test ! -d "$final_path" \
 	|| ynh_die "There is already a directory: $final_path "
 	
 ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
@@ -55,10 +55,10 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 
 # Find a free port
-ynh_find_port $port
+ynh_find_port "$port"
 # Open this port
-yunohost firewall allow Both $port 2>&1
-ynh_app_setting_set $app port $port
+yunohost firewall allow Both "$port" 2>&1
+ynh_app_setting_set "$app" port "$port"
 
 
 #=================================================
@@ -73,12 +73,12 @@ ynh_restore_file "/home/yunohost.app/${app}"
 #=================================================
 
 # Create the dedicated user (if not existing)
-ynh_system_user_create $app
+ynh_system_user_create "$app"
 
 
 # Set right permissions for curl install
 datadir="/home/yunohost.app/${app}/storage"
-chown -R $app:$app "$final_path" "$datadir"
+chown -R "$app" "$datadir"
 
 #=================================================
 # RESTORE THE PostgreSQL DATABASE
@@ -88,8 +88,6 @@ ynh_psql_test_if_first_run
 ynh_psql_setup_db "$app" "$db_name" "$db_pwd"
 ynh_psql_execute_file_as_root ./db.sql "$db_name"
 
-
-
 #=================================================
 # SPECIFIC RESTORATION
 #=================================================
@@ -99,10 +97,10 @@ ynh_psql_execute_file_as_root ./db.sql "$db_name"
 # install yarn
 wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb
 echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die
-sudo dpkg -i yarn_1.5.1_all.deb
+dpkg -i yarn_1.5.1_all.deb
 
 # add backports (required to install ffmpeg)
-echo "deb http://httpredir.debian.org/debian jessie-backports main" | sudo tee /etc/apt/sources.list.d/jessie-backports.list
+echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
 ynh_package_update
 
 # Define and install dependencies
@@ -116,7 +114,7 @@ ynh_install_nodejs 8
 #=================================================
 
 ynh_restore_file "/etc/systemd/system/$app.service"
-systemctl enable $app.service
+systemctl enable "$app.service"
 
 #=================================================
 # RESTORE THE LOGROTATE CONFIGURATION
@@ -127,6 +125,6 @@ ynh_restore_file "/etc/logrotate.d/$app"
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
-(cd $final_path && yarn install --production --pure-lockfile)
+(cd "$final_path" && yarn install --production --pure-lockfile)
 systemctl reload nginx
-service  $app restart
+service  "$app" restart

scripts/upgrade

@@ -17,15 +17,15 @@ source /usr/share/yunohost/helpers
 
 app=$YNH_APP_INSTANCE_NAME
 
-domain=$(ynh_app_setting_get $app domain)
+domain=$(ynh_app_setting_get "$app" domain)
 path_url="/"
-is_public=$(ynh_app_setting_get $app is_public)
-admin_email=$(ynh_app_setting_get $app admin_email)
-admin_pass=$(ynh_app_setting_get $app admin_pass)
-final_path=$(ynh_app_setting_get $app final_path)
-port=$(ynh_app_setting_get $app port)
-db_name=$(ynh_app_setting_get $app psql_db)
-db_pwd=$(ynh_app_setting_get $app psqlpwd)
+is_public=$(ynh_app_setting_get "$app" is_public)
+admin_email=$(ynh_app_setting_get "$app" admin_email)
+admin_pass=$(ynh_app_setting_get "$app" admin_pass)
+final_path=$(ynh_app_setting_get "$app" final_path)
+port=$(ynh_app_setting_get "$app" port)
+db_name=$(ynh_app_setting_get "$app" psql_db)
+db_pwd=$(ynh_app_setting_get "$app" psqlpwd)
 
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
@@ -33,13 +33,26 @@ db_pwd=$(ynh_app_setting_get $app psqlpwd)
 
 # Fix is_public as a boolean value
 if [ "$is_public" = "Yes" ]; then
-	ynh_app_setting_set $app is_public 1
+	ynh_app_setting_set "$app" is_public 1
 	is_public=1
 elif [ "$is_public" = "No" ]; then
-	ynh_app_setting_set $app is_public 0
+	ynh_app_setting_set "$app" is_public 0
 	is_public=0
 fi
 
+#=================================================
+# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
+#=================================================
+
+# Backup the current version of the app
+ynh_backup_before_upgrade
+ynh_clean_setup () {
+	# restore it if the upgrade fails
+	ynh_restore_upgradebackup
+}
+# Exit if an error occurs during the execution of the script
+ynh_abort_if_errors
+
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
@@ -53,26 +66,26 @@ datadir="/home/yunohost.app/${app}/storage"
 mkdir -p "$datadir"
 
 # Open this port
-yunohost firewall allow Both $port 2>&1
+yunohost firewall allow Both "$port" 2>&1
 
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 
 # Create a system user
-ynh_system_user_create $app
+ynh_system_user_create "$app"
 
 #=================================================
 # CHECK THE PATH
 #=================================================
 
 # Normalize the URL path syntax
-path_url=$(ynh_normalize_url_path $path_url)
+path_url=$(ynh_normalize_url_path "$path_url")
 
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source "$final_path"
-cp ../conf/production.yaml $final_path/config/production.yaml
-(cd $final_path && yarn install --production --pure-lockfile)
+cp ../conf/production.yaml "$final_path/config/production.yaml"
+(cd "$final_path" && yarn install --production --pure-lockfile)
 
 
 #=================================================
@@ -82,8 +95,8 @@ cp ../conf/production.yaml $final_path/config/production.yaml
 # Create a dedicated nginx config
 ynh_add_nginx_config
 
-
-chown -R $app:$app "$final_path" "$datadir"
+chown -R root:root   "$final_path"
+chown -R "$app" "$datadir"
 
 # Reload Nginx
 systemctl reload nginx
@@ -119,7 +132,7 @@ ynh_add_systemd_config
 
 
 # Set right permissions for curl installation
-chown -R $app:$app "$final_path" "$datadir"
+chown -R "$app":$app "$final_path" "$datadir"
 
 
 #=================================================
@@ -128,13 +141,13 @@ chown -R $app:$app "$final_path" "$datadir"
 
 if [ $is_public -eq 0 ]
 then	# Remove the public access
-	ynh_app_setting_delete $app skipped_uris
+	ynh_app_setting_delete "$app" skipped_uris
 fi
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
 	# unprotected_uris allows SSO credentials to be passed anyway
-	ynh_app_setting_set $app unprotected_uris "/"
+	ynh_app_setting_set "$app" unprotected_uris "/"
 fi
 
 #=================================================