From 8c050212539e5321d60b525c445fbc2fb706b9dc Mon Sep 17 00:00:00 2001 From: orhtej2 <2871798+orhtej2@users.noreply.github.com> Date: Sun, 4 Feb 2024 19:52:13 +0100 Subject: [PATCH] Initial packaging from Yologen --- conf/nginx.conf | 30 +++----- conf/systemd.service | 13 ++-- manifest.toml | 123 ++++++++---------------------- scripts/_common.sh | 26 +++---- scripts/backup | 51 ++----------- scripts/change_url | 23 ++---- scripts/install | 174 ++++++++----------------------------------- scripts/remove | 39 +++------- scripts/restore | 51 ++++--------- scripts/upgrade | 92 +++++------------------ 10 files changed, 139 insertions(+), 483 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 1e6eee0..7a94b04 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,28 +1,16 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - # Path to source - alias __INSTALL_DIR__/; + client_max_body_size 10M; -### Example PHP configuration (remove it if not used) - index index.php; + proxy_pass http://127.0.0.1:__PORT__; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; - # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file - # client_max_body_size 50M; + # preserve client IP + proxy_set_header X-Forwarded-For $remote_addr; - try_files $uri $uri/ index.php; - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; - - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $request_filename; - } -### End of PHP configuration part - - # Include SSOWAT user panel. + # Include SSOWAT user panel's shortcut tile. include conf.d/yunohost_panel.conf.inc; -} +} \ No newline at end of file diff --git a/conf/systemd.service b/conf/systemd.service index 97d2900..26bc490 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,19 +1,22 @@ [Unit] -Description=Small description of the service +Description=Service for Penpot (__APP__) After=network.target [Service] Type=simple User=__APP__ Group=__APP__ + WorkingDirectory=__INSTALL_DIR__/ -ExecStart=__INSTALL_DIR__/script +ExecStart= StandardOutput=append:/var/log/__APP__/__APP__.log StandardError=inherit +Restart=on-failure +RestartSec=10 -### Depending on specificities of your service/app, you may need to tweak these -### .. but this should be a good baseline # Sandboxing options to harden security +# Depending on specificities of your service/app, you may need to tweak these +# .. but this should be a good baseline # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html NoNewPrivileges=yes PrivateTmp=yes @@ -46,4 +49,4 @@ CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG [Install] -WantedBy=multi-user.target +WantedBy=multi-user.target \ No newline at end of file diff --git a/manifest.toml b/manifest.toml index dd9ddc2..fa6c556 100644 --- a/manifest.toml +++ b/manifest.toml @@ -1,135 +1,74 @@ -#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json - packaging_format = 2 -id = "example" -name = "Example app" -description.en = "Explain in *a few (10~15) words* the purpose of the app or what it actually does (it is meant to give a rough idea to users browsing a catalog of 100+ apps)" -description.fr = "Expliquez en *quelques* (10~15) mots l'utilité de l'app ou ce qu'elle fait (l'objectif est de donner une idée grossière pour des utilisateurs qui naviguent dans un catalogue de 100+ apps)" +id = "penpot" +name = "Penpot" -version = "1.0~ynh1" +description.en = "Penpot - The Open-Source design & prototyping platform " +description.fr = "Penpot - The Open-Source design & prototyping platform " -maintainers = ["johndoe"] +version = "1.19.2~ynh1" + +maintainers = ["orhtej2"] [upstream] -# NB: Only the "license" key is mandatory. Remove entries for which there's no relevant data -license = "free" -website = "https://example.com" -demo = "https://demo.example.com" -admindoc = "https://yunohost.org/packaging_apps" -userdoc = "https://yunohost.org/apps" -code = "https://some.forge.com/example/example" -# FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is -# sort of a standard id for applications defined by the NIST. In particular, YunoHost may use this is in the future -# to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: -# https://nvd.nist.gov/products/cpe/search. -# For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number) -cpe = "???" +license = "MPL-2.0" +website = "https://penpot.app/" -# FIXME: optional but recommended (or remove if irrelevant / not applicable). -# This is meant to be an URL where people can financially support this app, especially when its development is based -# on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin. -fund = "???" +admindoc = "https://help.penpot.app/technical-guide/" +userdoc = "https://help.penpot.app/user-guide/" +code = "https://github.com/penpot/penpot" [integration] -yunohost = ">= 11.2" -# FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"] -architectures = "all" -multi_instance = true - -# FIXME: replace with true, false, or "not_relevant". -# Not to confuse with the "sso" key: the "ldap" key corresponds to wether or not a user *can* login on the app using -# its YunoHost credentials. -ldap = "?" - -# FIXME: replace with true, false, or "not_relevant". -# Not to confuse with the "ldap" key: the "sso" key corresponds to wether or not a user is *automatically logged-in* -# on the app when logged-in on the YunoHost portal. -sso = "?" - -# FIXME: replace with an **estimate** minimum disk and RAM requirements. e.g. 20M, 400M, 1G... +yunohost = '>= 11.2' +architectures = "amd64" # TODO : handle the "all" option (no ["all"]) +multi_instance = true ldap = "false" # TODO : fixme, use actual booleans + handle the "not_relevant" value +sso = "true" +# FIXME: replace with an **estimate** minimum disk and RAM requirements. e.g. 20M, 400M, 1G... You may have have a look at CI results disk = "50M" ram.build = "50M" ram.runtime = "50M" [install] + [install.domain] - # this is a generic question - ask strings are automatically handled by YunoHost's core type = "domain" [install.path] - # this is a generic question - ask strings are automatically handled by YunoHost's core type = "path" default = "/example" [install.init_main_permission] - # this is a generic question - ask strings are automatically handled by YunoHost's core - # This won't be saved as setting and will instead be used to initialize the SSOwat permission type = "group" default = "visitors" - [install.language] - ask.en = "Choose the application language" - ask.fr = "Choisissez la langue de l'application" - type = "select" - choices = ["fr", "en"] - default = "fr" - - [install.admin] - # this is a generic question - ask strings are automatically handled by YunoHost's core - type = "user" - - [install.password] - # this is a generic question - ask strings are automatically handled by YunoHost's core - # Note that user-provided passwords questions are not automatically saved as setting - help.en = "Use the help field to add an information for the admin about this question." - help.fr = "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question." - type = "password" - [resources] - # See the packaging documentation for the full set - # of explanation regarding the behavior and properties for each of those [resources.sources] - [resources.sources.main] - # This will pre-fetch the asset which can then be deployed during the install/upgrade scripts with : - # ynh_setup_source --dest_dir="$install_dir" - # You can also define other assets than "main" and add --source_id="foobar" in the previous command - url = "https://github.com/foo/bar/archive/refs/tags/v1.2.3.tar.gz" - sha256 = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" + [resources.sources.main] + # This will pre-fetch the asset which can then be deployed during the install/upgrade scripts with : + # ynh_setup_source --dest_dir="$install_dir" + # You can also define other assets than "main" and add --source_id="foobar" in the previous command + url = "https://github.com/penpot/penpot/archive/refs/tags/1.19.2.tar.gz" + sha256 = "14de5b71f13f0fd542234f16fa5a307fbee7088bdfa343a53ff923b3f95f4edb" - # These infos are used by https://github.com/YunoHost/apps/blob/master/tools/autoupdate_app_sources/autoupdate_app_sources.py - # to auto-update the previous asset urls and sha256sum + manifest version - # assuming the upstream's code repo is on github and relies on tags or releases - # See the 'sources' resource documentation for more details + # These infos are used by https://github.com/YunoHost/apps/blob/master/tools/autoupdate_app_sources/autoupdate_app_sources.py + # to auto-update the previous asset urls and sha256sum + manifest version + # assuming the upstream's code repo is on github and relies on tags or releases + # See the 'sources' resource documentation for more details - # autoupdate.strategy = "latest_github_tag" + autoupdate.strategy = "latest_github_tag" [resources.system_user] - # This will provision/deprovision a unix system user [resources.install_dir] - # This will create/remove the install dir as /var/www/$app - # and store the corresponding setting $install_dir [resources.data_dir] - # This will create/remove the data dir as /home/yunohost.app/$app - # and store the corresponding setting $data_dir [resources.permissions] - # This will configure SSOwat permission for $domain/$path/ - # The initial allowed group of user is configured via the init_main_permission question (public=visitors, private=all_users) main.url = "/" [resources.ports] - # This will pick a random port for reverse-proxying and store it as the $port setting - [resources.apt] - # This will automatically install/uninstall the following apt packages - # and implicitly define the $phpversion setting as 8.0 (if phpX.Y-foobar dependencies are listed) - packages = "mariadb-server, deb1, deb2, php8.0-foo, php8.0-bar" - - [resources.database] - # This will automatically provision/deprovison a MySQL DB and store the corresponding credentials in settings $db_user, $db_name, $db_pwd - type = "mysql" + packages = "postgresql redis postgresql "[resources.database] + type = "postgresql" \ No newline at end of file diff --git a/scripts/_common.sh b/scripts/_common.sh index ad30906..c8eee12 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,17 +1,9 @@ -#!/bin/bash - -#================================================= -# COMMON VARIABLES -#================================================= - -#================================================= -# PERSONAL HELPERS -#================================================= - -#================================================= -# EXPERIMENTAL HELPERS -#================================================= - -#================================================= -# FUTURE OFFICIAL HELPERS -#================================================= +#!/bin/bash + +#================================================= +# COMMON VARIABLES +#================================================= + +#================================================= +# PERSONAL HELPERS +#================================================= diff --git a/scripts/backup b/scripts/backup index a675fe7..647e6aa 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,4 +1,5 @@ #!/bin/bash +#### App file generated with YoloGen, the YunoHost app generator, version . #================================================= # GENERIC START @@ -15,68 +16,26 @@ source /usr/share/yunohost/helpers #================================================= ynh_print_info --message="Declaring files to be backed up..." -### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs -### to be backuped and not an actual copy of any file. The actual backup that -### creates and fills the archive with the files happens in the core after this -### script is called. Hence ynh_backups calls take basically 0 seconds to run. - -#================================================= -# BACKUP THE APP MAIN DIR -#================================================= - ynh_backup --src_path="$install_dir" -#================================================= -# BACKUP THE DATA DIR -#================================================= - -### Only relevant if there is a "data_dir" resource for this app ynh_backup --src_path="$data_dir" --is_big -#================================================= -# SYSTEM CONFIGURATION -#================================================= - -# Backup the PHP-FPM configuration -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -# Backup the nginx configuration ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -# Backup the systemd service unit -ynh_backup --src_path="/etc/systemd/system/$app.service" - -# Backup the logrotate configuration ynh_backup --src_path="/etc/logrotate.d/$app" -# Backup the Fail2Ban config -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" +ynh_backup --src_path="/etc/systemd/system/$app.service" #================================================= -# BACKUP VARIOUS FILES +# BACKUP THE DATABASE #================================================= - -ynh_backup --src_path="/etc/cron.d/$app" - -ynh_backup --src_path="/etc/$app/" - -### For apps with huge logs, you might want to pass --is_big, -### and in restore script, mkdir and pass --not_mandatory to ynh_restore_file. -ynh_backup --src_path="/var/log/$app/" - -#================================================= -# BACKUP THE MYSQL DATABASE -#================================================= -ynh_print_info --message="Backing up the MySQL database..." +ynh_print_info --message="Backing up the postgresql database..." ### (However, things like MySQL dumps *do* take some time to run, though the ### copy of the generated dump to the archive still happens later) -ynh_mysql_dump_db --database="$db_name" > db.sql - #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." \ No newline at end of file diff --git a/scripts/change_url b/scripts/change_url index b2c6c33..1998d1e 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,9 +1,5 @@ #!/bin/bash -## this script is only run if actual change to domain/path is detected, if you're here either $domain or $path changed -## new location is available via $domain and $path (or $new_domain and $new_path variables if you want to be explicit) -## old values are available via, you guessed it, $old_domain and $old_path - #================================================= # GENERIC STARTING #================================================= @@ -13,21 +9,18 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD MODIFICATIONS #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 +ynh_script_progression --message="Stopping a systemd service..." -ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 +ynh_script_progression --message="Updating NGINX web server configuration..." -# this will most likely adjust NGINX config correctly ynh_change_url_nginx_config #================================================= @@ -36,19 +29,15 @@ ynh_change_url_nginx_config # ... #================================================= -## do any changes to files that reference specific installation domain/path, i.e. regenerate configs etc - -#================================================= -# GENERIC FINALISATION #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 +ynh_script_progression --message="Starting a systemd service..." -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --last +ynh_script_progression --message="Change of URL completed for $app" --last \ No newline at end of file diff --git a/scripts/install b/scripts/install index 923f4d6..c083c9b 100644 --- a/scripts/install +++ b/scripts/install @@ -5,199 +5,87 @@ #================================================= # IMPORT GENERIC HELPERS #================================================= - source _common.sh source /usr/share/yunohost/helpers -### Install parameters are automatically saved as settings -### -### Settings are automatically loaded as bash variables -### in every app script context, therefore typically these will exist: -### - $domain -### - $path -### - $language -### ... etc -### -### Resources defined in the manifest are provisioned prior to this script -### and corresponding settings are also available, such as: -### - $install_dir -### - $port -### - $db_name -### ... -### -### $app is the app id (i.e. 'example' for first install, -### or 'example__2', '__3', ... for multi-instance installs) - #================================================= -# INITIALIZE AND STORE SETTINGS +# INSTALL DEPENDENCIES #================================================= -# If you need to, you can define custom settings -# (or remove this section entirely if not relevant for you) -foo="bar" -ynh_app_setting_set --app=$app --key=foo --value=$foo +ynh_script_progression --message="Installing NodeJS..." --weight=10 + +# Install Nodejs +ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version +ynh_use_nodejs #================================================= # APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --weight=1 +ynh_script_progression --message="Setting up source files..." -### `ynh_setup_source` is used to install an app from a zip or tar.gz file, -### downloaded from an upstream source, like a git repository. -### `ynh_setup_source` use the file manifest.toml - -# Download, check integrity, uncompress and patch the source from manifest.toml ynh_setup_source --dest_dir="$install_dir" -### $install_dir will automatically be initialized with some decent -### permission by default ... however, you may need to recursively reapply -### ownership to all files such as after the ynh_setup_source step -chown -R "$app:www-data" "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 - -### `ynh_add_fpm_config` is used to set up a PHP config. -### You can remove it if your app doesn't use PHP. -### `ynh_add_fpm_config` will use the files conf/extra_php-fpm.conf -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script -### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script -### with the reload at the end of the script. -### - And the section "PHP-FPM CONFIGURATION" in the upgrade script - -# Create a PHP-FPM config (with conf/extra_php-fpm.conf being appended to it) -ynh_add_fpm_config +ynh_script_progression --message="Adding system configurations related to $app..." # Create a dedicated NGINX config using the conf/nginx.conf template ynh_add_nginx_config -### `ynh_systemd_config` is used to configure a systemd script for an app. -### It can be used for apps that use sysvinit (with adaptation) or systemd. -### Have a look at the app to be sure this app needs a systemd script. -### `ynh_systemd_config` will use the file conf/systemd.service -### If you're not using these lines: -### - You can remove those files in conf/. -### - Remove the section "BACKUP SYSTEMD" in the backup script -### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script -### - As well as the section "RESTORE SYSTEMD" in the restore script -### - And the section "SETUP SYSTEMD" in the upgrade script - # Create a dedicated systemd config ynh_add_systemd_config -### `yunohost service add` integrates a service in YunoHost. It then gets -### displayed in the admin interface and through the others `yunohost service` commands. -### (N.B.: this line only makes sense if the app adds a service to the system!) -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script -### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script -### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script - -### Additional options starting with 3.8: -### -### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed -### which will then be checked by YunoHost's diagnosis system -### (N.B. DO NOT USE THIS if the port is only internal!!!) -### -### --test_status "some command" a custom command to check the status of the service -### (only relevant if 'systemctl status' doesn't do a good job) -### -### --test_conf "some command" some command similar to "nginx -t" that validates the conf of the service -### -### Re-calling 'yunohost service add' during the upgrade script is the right way -### to proceed if you later realize that you need to enable some flags that -### weren't enabled on old installs (be careful it'll override the existing -### service though so you should re-provide all relevant flags when doing so) -yunohost service add "$app" --description="A short description of the app" --log="/var/log/$app/$app.log" - -### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. -### Use this helper only if there is effectively a log file for this app. -### If you're not using this helper: -### - Remove the section "BACKUP LOGROTATE" in the backup script -### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script -### - And the section "SETUP LOGROTATE" in the upgrade script +yunohost service add $app --log="/var/log/$app/$app.log" # Use logrotate to manage application logfile(s) ynh_use_logrotate -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - #================================================= # APP INITIAL CONFIGURATION #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 +ynh_script_progression --message="Adding app's configuration file..." -### You can add specific configuration files. -### -### Typically, put your template conf file in ../conf/your_config_file -### The template may contain strings such as __FOO__ or __FOO_BAR__, -### which will automatically be replaced by the values of $foo and $foo_bar -### -### ynh_add_config will also keep track of the config file's checksum, -### which later during upgrade may allow to automatically backup the config file -### if it's found that the file was manually modified -### -### Check the documentation of `ynh_add_config` for more info. - -ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file" +ynh_add_config --template="" --destination="$install_dir/" # FIXME: this should be handled by the core in the future -### You may need to use chmod 600 instead of 400, -### for example if the app is expected to be able to modify its own config -chmod 400 "$install_dir/some_config_file" -chown "$app:$app" "$install_dir/some_config_file" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file" -### ynh_store_file_checksum --file="$install_dir/some_config_file" +# You may need to use chmod 600 instead of 400, +# for example if the app is expected to be able to modify its own config +chmod 400 "$install_dir/" +chown $app:$app "$install_dir/" #================================================= -# SETUP APPLICATION WITH CURL +# INSTALL APP #================================================= +ynh_script_progression --message="Installing app..." --weight=5 -### Use these lines only if the app installation needs to be finalized through -### web forms. We generally don't want to ask the final user, -### so we're going to use curl to automatically fill the fields and submit the -### forms. - -# Installation with curl -ynh_script_progression --message="Finalizing installation..." --weight=1 -ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" +pushd $install_dir +ynh_exec_as $app $ynh_node_load_PATH yarn install --production --pure-lockfile +ynh_exec_as $app $ynh_node_load_PATH yarn build +popd #================================================= -# GENERIC FINALIZATION +# FINALIZE APP INSTALL WITH CURL +#================================================= + +# REMOVEME? ynh_script_progression --message="Finalizing installation..." +# REMOVEME? ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" + #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 - -### `ynh_systemd_action` is used to start a systemd service for an app. -### Only needed if you have configure a systemd service -### If you're not using these lines: -### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script -### - As well as the section "START SYSTEMD SERVICE" in the restore script -### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script -### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script +ynh_script_progression --message="Starting app's systemd service..." # Start a systemd service -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last +ynh_script_progression --message="Installation of $app completed" --last \ No newline at end of file diff --git a/scripts/remove b/scripts/remove index 9369d1b..f311a1d 100644 --- a/scripts/remove +++ b/scripts/remove @@ -5,56 +5,35 @@ #================================================= # IMPORT GENERIC HELPERS #================================================= - source _common.sh source /usr/share/yunohost/helpers -### Settings are automatically loaded as bash variables -### in every app script context, therefore typically these will exist: -### - $domain -### - $path -### - $language -### - $install_dir -### - $port -### ... - -### For remove operations : -### - the core will deprovision every resource defined in the manifest **after** this script is ran -### this includes removing the install directory, and data directory (if --purge was used) - #================================================= # REMOVE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 - -### This should be a symetric version of what happens in the install script +# REMOVE SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Removing system configurations related to $app..." # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status "$app" >/dev/null; then - ynh_script_progression --message="Removing $app service integration..." --weight=1 - yunohost service remove "$app" +if ynh_exec_warn_less yunohost service status $app >/dev/null +then + ynh_script_progression --message="Removing $app service integration..." + yunohost service remove $app fi -ynh_remove_fail2ban_config - -ynh_remove_logrotate - ynh_remove_systemd_config ynh_remove_nginx_config -ynh_remove_fpm_config +ynh_remove_logrotate # Remove other various files specific to the app... such as : -ynh_secure_remove --file="/etc/cron.d/$app" - -ynh_secure_remove --file="/etc/$app" - ynh_secure_remove --file="/var/log/$app" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last +ynh_script_progression --message="Removal of $app completed" --last \ No newline at end of file diff --git a/scripts/restore b/scripts/restore index 29e7bca..c956cda 100644 --- a/scripts/restore +++ b/scripts/restore @@ -17,10 +17,7 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$install_dir" -### $install_dir will automatically be initialized with some decent -### permissions by default ... however, you may need to recursively reapply -### ownership to all files such as after the ynh_setup_source step -chown -R "$app:www-data" "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY @@ -29,64 +26,42 @@ ynh_script_progression --message="Restoring the data directory..." --weight=1 ynh_restore_file --origin_path="$data_dir" --not_mandatory -### (Same as for install dir) -chown -R "$app:www-data" "$data_dir" +# (Same as for install dir) +chown -R $app:www-data "$data_dir" #================================================= # RESTORE THE MYSQL DATABASE #================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=1 -ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql +ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=1 + +ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= # RESTORE SYSTEM CONFIGURATIONS #================================================= ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 -### This should be a symetric version of what happens in the install script - -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +# This should be a symetric version of what happens in the install script ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/systemd/system/$app.service" -systemctl enable "$app.service" --quiet +systemctl enable $app.service --quiet -yunohost service add "$app" --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --log="/var/log/$app/$app.log" ynh_restore_file --origin_path="/etc/logrotate.d/$app" -ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban +# Other various files... -#================================================= -# RESTORE VARIOUS FILES -#================================================= - -ynh_restore_file --origin_path="/etc/cron.d/$app" -ynh_restore_file --origin_path="/etc/$app/" - -### For apps with huge logs, you might want to not backup logs every time: -### The mkdir call is just here in case the log directory was not backed up. -### mkdir -p "/var/log/$app" -### chown $app:www-data "/var/log/$app" -### ynh_restore_file --src_path="/var/log/$app/" --not_mandatory -### -### For other apps, the simple way is better: -ynh_restore_file --origin_path="/var/log/$app/" - -#================================================= -# GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 -### Typically you only have either $app or php-fpm but not both at the same time... -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" -ynh_systemd_action --service_name="php$phpversion-fpm" --action=reload +# Typically you only have either $app or php-fpm but not both at the same time... +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name=nginx --action=reload @@ -94,4 +69,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --last +ynh_script_progression --message="Restoration completed for $app" --last \ No newline at end of file diff --git a/scripts/upgrade b/scripts/upgrade index 51c54db..da31a99 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,55 +9,20 @@ source _common.sh source /usr/share/yunohost/helpers -### Settings are automatically loaded as bash variables -### in every app script context, therefore typically these will exist: -### - $domain -### - $path -### - $language -### - $install_dir -### - $port -### ... - -### In the context of upgrade, -### - resources are automatically provisioned / updated / deleted (depending on existing resources) -### - a safety backup is automatically created by the core and will be restored if the upgrade fails - -### This variable describes which upgrade type is occurring, allowing the script to handle different modes: -### - UPGRADE_PACKAGE if only the YunoHost package has changed -### - UPGRADE_APP if the upstream app version has changed -### If your package needs to handle other things, like same-version upgrades or downgrades, please -### check out the $YNH_APP_UPGRADE_TYPE variable that can contain DOWNGRADE and UPGRADE_SAME too. -# upgrade_type=$(ynh_check_app_version_changed) +upgrade_type=$(ynh_check_app_version_changed) #================================================= # STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -#ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 - -### N.B. : the following setting migration snippets are provided as *EXAMPLES* -### of what you may want to do in some cases (e.g. a setting was not defined on -### some legacy installs and you therefore want to initiaze stuff during upgrade) - -# If db_name doesn't exist, create it -# if [ -z "$db_name" ]; then -# db_name=$(ynh_sanitize_dbid --db_name=$app) -# ynh_app_setting_set --app=$app --key=db_name --value=$db_name -# fi - -# If install_dir doesn't exist, create it -# if [ -z "$install_dir" ]; then -# install_dir=/var/www/$app -# ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir -# fi #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 +ynh_script_progression --message="Stopping a systemd service..." -ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" #================================================= # "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD...) @@ -65,71 +30,50 @@ ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$a # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Upgrading source files..." --weight=1 +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." -# Download, check integrity, uncompress and patch the source from manifest.toml -ynh_setup_source --dest_dir="$install_dir" + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$install_dir" +fi -### $install_dir will automatically be initialized with some decent -### permissions by default ... however, you may need to recursively reapply -### ownership to all files such as after the ynh_setup_source step -chown -R "$app:www-data" "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # REAPPLY SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 - -### This should be a literal copypaste of what happened in the install's "System configuration" section - -ynh_add_fpm_config +ynh_script_progression --message="Upgrading system configurations related to $app..." ynh_add_nginx_config ynh_add_systemd_config -yunohost service add "$app" --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --log="/var/log/$app/$app.log" ynh_use_logrotate --non-append -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - #================================================= # RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...) #================================================= # UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 +ynh_script_progression --message="Updating a configuration file..." -### Same as during install -### -### The file will automatically be backed-up if it's found to be manually modified (because -### ynh_add_config keeps track of the file's checksum) +ynh_add_config --template="" --destination="$install_dir/" -ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file" - -# FIXME: this should be handled by the core in the future -### You may need to use chmod 600 instead of 400, -### for example if the app is expected to be able to modify its own config chmod 400 "$install_dir/some_config_file" -chown "$app:$app" "$install_dir/some_config_file" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file" -### ynh_store_file_checksum --file="$install_dir/some_config_file" +chown $app:$app "$install_dir/some_config_file" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 +ynh_script_progression --message="Starting a systemd service..." -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last \ No newline at end of file