From 58450942ac8d4f9f225947d5ef92abf00242a2bf Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Wed, 27 Sep 2023 20:24:29 +0000 Subject: [PATCH 01/18] Auto-update README --- README.md | 3 ++- README_fr.md | 15 ++++++++------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 1f139fa..c5fd43a 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,8 @@ It shall NOT be edited by hand. # Pepettes for YunoHost -[![Integration level](https://dash.yunohost.org/integration/pepettes.svg)](https://dash.yunohost.org/appci/app/pepettes) ![Working status](https://ci-apps.yunohost.org/ci/badges/pepettes.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/pepettes.maintain.svg) +[![Integration level](https://dash.yunohost.org/integration/pepettes.svg)](https://dash.yunohost.org/appci/app/pepettes) ![Working status](https://ci-apps.yunohost.org/ci/badges/pepettes.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/pepettes.maintain.svg) + [![Install Pepettes with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pepettes) *[Lire ce readme en français.](./README_fr.md)* diff --git a/README_fr.md b/README_fr.md index 2f14d75..26dc11e 100644 --- a/README_fr.md +++ b/README_fr.md @@ -5,15 +5,16 @@ It shall NOT be edited by hand. # Pepettes pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/pepettes.svg)](https://dash.yunohost.org/appci/app/pepettes) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/pepettes.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/pepettes.maintain.svg) +[![Niveau d’intégration](https://dash.yunohost.org/integration/pepettes.svg)](https://dash.yunohost.org/appci/app/pepettes) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/pepettes.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/pepettes.maintain.svg) + [![Installer Pepettes avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pepettes) *[Read this readme in english.](./README.md)* -> *Ce package vous permet d'installer Pepettes rapidement et simplement sur un serveur YunoHost. -Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* +> *Ce package vous permet d’installer Pepettes rapidement et simplement sur un serveur YunoHost. +Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l’installer et en profiter.* -## Vue d'ensemble +## Vue d’ensemble Un simple formulaire de don avec stripe @@ -26,8 +27,8 @@ This app may be configured through the `settings.py` after installation. ## Documentations et ressources -* Documentation officielle de l'admin : -* Dépôt de code officiel de l'app : +* Documentation officielle de l’admin : +* Dépôt de code officiel de l’app : * Documentation YunoHost pour cette app : * Signaler un bug : @@ -43,4 +44,4 @@ ou sudo yunohost app upgrade pepettes -u https://github.com/YunoHost-Apps/pepettes_ynh/tree/testing --debug ``` -**Plus d'infos sur le packaging d'applications :** +**Plus d’infos sur le packaging d’applications :** \ No newline at end of file From faf57ba7a2faea93887403b66f557d749fdb0a42 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 27 Sep 2023 22:24:30 +0200 Subject: [PATCH 02/18] v2 --- conf/app.src | 7 ---- conf/gunicorn.py | 8 ++-- conf/nginx.conf | 4 +- conf/systemd.service | 6 +-- manifest.toml | 96 ++++++++++++++++++++++++++++++++++++++++++++ scripts/_common.sh | 2 +- scripts/backup | 14 +++---- scripts/change_url | 94 ++++++++++++++++++++++--------------------- scripts/install | 90 ++++++++++++++++++++--------------------- scripts/remove | 22 +++++----- scripts/restore | 48 +++++++++++----------- scripts/upgrade | 76 +++++++++++++++++------------------ 12 files changed, 279 insertions(+), 188 deletions(-) delete mode 100644 conf/app.src create mode 100644 manifest.toml diff --git a/conf/app.src b/conf/app.src deleted file mode 100644 index cbe8f65..0000000 --- a/conf/app.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://github.com/YunoHost/pepettes/archive/v1.0.1.tar.gz -SOURCE_SUM=9792ed5589d4a55bd619edc7aa61a1a78f34c5a4e7095b2292ac09b66c8b9a58 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/gunicorn.py b/conf/gunicorn.py index db092a2..5e8d545 100644 --- a/conf/gunicorn.py +++ b/conf/gunicorn.py @@ -1,9 +1,9 @@ -command = '__FINALPATH__/venv/bin/gunicorn' -pythonpath = '__FINALPATH__' +command = '__INSTALL_DIR__/venv/bin/gunicorn' +pythonpath = '__INSTALL_DIR__' workers = 4 user = '__APP__' -bind = 'unix:__FINALPATH__/sock' -pid = '__FINALPATH__/__APP__-pid' +bind = 'unix:__INSTALL_DIR__/sock' +pid = '__INSTALL_DIR__/__APP__-pid' errorlog = '/var/log/__APP__/error.log' accesslog = '/var/log/__APP__/access.log' access_log_format = '%({X-Real-IP}i)s %({X-Forwarded-For}i)s %(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"' diff --git a/conf/nginx.conf b/conf/nginx.conf index af7ee6c..3e8c90c 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -7,12 +7,12 @@ location __PATH__/ { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://unix:__FINALPATH__/sock; + proxy_pass http://unix:__INSTALL_DIR__/sock; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; } location __PATH__/css { - alias __FINALPATH__/assets/css; + alias __INSTALL_DIR__/assets/css; } diff --git a/conf/systemd.service b/conf/systemd.service index c25b84f..12aeccc 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -3,11 +3,11 @@ Description=__APP__ Daemon After=network.target [Service] -PIDFile=__FINALPATH__/__APP__-pid +PIDFile=__INSTALL_DIR__/__APP__-pid User=__APP__ Group=__APP__ -WorkingDirectory=__FINALPATH__ -ExecStart=__FINALPATH__/venv/bin/gunicorn -c __FINALPATH__/gunicorn.py wsgi:app --pid __FINALPATH__/__APP__-pid +WorkingDirectory=__INSTALL_DIR__ +ExecStart=__INSTALL_DIR__/venv/bin/gunicorn -c __INSTALL_DIR__/gunicorn.py wsgi:app --pid __INSTALL_DIR__/__APP__-pid ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s TERM $MAINPID PrivateTmp=true diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..a032427 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,96 @@ +packaging_format = 2 + +id = "pepettes" +name = "Pepettes" +description.en = "A simple donation form with stripe" +description.fr = "Un simple formulaire de don avec stripe" + +version = "1.0.1~ynh3" + +maintainers = ["ljf"] + +[upstream] +license = "MIT" +demo = "https://donate.yunohost.org" +admindoc = "https://github.com/YunoHost/pepettes/blob/main/README.md" +code = "https://github.com/YunoHost/pepettes/" +website = "https://github.com/YunoHost/pepettes/" +cpe = "???" # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number) +fund = "???" # FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin. + +[integration] +yunohost = ">= 4.1.3" +architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"] +multi_instance = true +ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials. +sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal. +disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... +ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... + +[install] + [install.domain] + # this is a generic question - ask strings are automatically handled by Yunohost's core + type = "domain" + full_domain = true + + [install.init_main_permission] + type = "group" + default = "visitors" + + [install.project_name] + ask.en = "What's the name of the project which will received donation ?" + ask.fr = "Quel est le nom du projet qui va recevoir les dons ?" + type = "string" + default = "" + + [install.contact_url] + ask.en = "Indicate a link to contact you to ask for stopping recuring payment" + ask.fr = "Indiquez un lien pour vous contacter pour arréter les paiements récurrents" + type = "string" + default = "" + + [install.logo] + ask.en = "A link to the logo of your project" + ask.fr = "Un lien vers le logo de votre projet" + type = "string" + default = "" + + [install.favicon] + ask.en = "A link to the favicon of your project" + ask.fr = "Un lien vers la favicon de votre projet" + type = "string" + default = "" + + [install.publishable_key] + ask.en = "Indicate here the stripe publishable key" + ask.fr = "Indiquez ici la clé publique stripe" + type = "string" + default = "" + + [install.secret_key] + ask.en = "Indicate here the stripe secret key" + ask.fr = "Indiquez ici la clé secrète stripe" + type = "string" + default = "" + + [install.prices] + ask.en = "Indicates here the prices ID of donation products you created in stripe interfaces" + ask.fr = "Indiquez ici les ID de prix des produits de don stripe que vous avez créé dans l'interface stripe" + help.en = "Go on https://dashboard.stripe.com/products to create those donation products" + help.fr = "Allez sur https://dashboard.stripe.com/products pour créer ces produits de dons" + type = "string" + default = "one_time/EUR/price_1IKuPV,recuring/EUR/price_1IKuPV" + +[resources] + [resources.sources.main] + url = "https://github.com/YunoHost/pepettes/archive/v1.0.1.tar.gz" + sha256 = "9792ed5589d4a55bd619edc7aa61a1a78f34c5a4e7095b2292ac09b66c8b9a58" + + + [resources.system_user] + + [resources.install_dir] + + [resources.permissions] + main.url = "/" diff --git a/scripts/_common.sh b/scripts/_common.sh index bc48e71..009af3d 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="python3-venv python3-dev python3-pip" +#REMOVEME? pkg_dependencies="python3-venv python3-dev python3-pip" #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index 3beb939..3aa53f8 100755 --- a/scripts/backup +++ b/scripts/backup @@ -14,21 +14,21 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { true } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_print_info --message="Loading installation settings..." +#REMOVEME? ynh_print_info --message="Loading installation settings..." -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -39,7 +39,7 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/change_url b/scripts/change_url index e49ddfb..c84486a 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -13,65 +13,65 @@ source /usr/share/yunohost/helpers # RETRIEVE ARGUMENTS #================================================= -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH +#REMOVEME? old_domain=$YNH_APP_OLD_DOMAIN +#REMOVEME? old_path=$YNH_APP_OLD_PATH -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH +#REMOVEME? new_domain=$YNH_APP_NEW_DOMAIN +#REMOVEME? new_path=$YNH_APP_NEW_PATH -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1 -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) +#REMOVEME? # Needed for helper "ynh_add_nginx_config" +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -project_name=$(ynh_app_setting_get --app=$app --key=project_name) -contact_url=$(ynh_app_setting_get --app=$app --key=contact_url) -logo=$(ynh_app_setting_get --app=$app --key=logo) -favicon=$(ynh_app_setting_get --app=$app --key=favicon) -publishable_key=$(ynh_app_setting_get --app=$app --key=publishable_key) -secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) -prices=$(ynh_app_setting_get --app=$app --key=prices) -secret=$(ynh_app_setting_get --app=$app --key=secret) -csrf_key=$(ynh_app_setting_get --app=$app --key=csrf_key) -port=$(ynh_app_setting_get --app=$app --key=port) +#REMOVEME? project_name=$(ynh_app_setting_get --app=$app --key=project_name) +#REMOVEME? contact_url=$(ynh_app_setting_get --app=$app --key=contact_url) +#REMOVEME? logo=$(ynh_app_setting_get --app=$app --key=logo) +#REMOVEME? favicon=$(ynh_app_setting_get --app=$app --key=favicon) +#REMOVEME? publishable_key=$(ynh_app_setting_get --app=$app --key=publishable_key) +#REMOVEME? secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) +#REMOVEME? prices=$(ynh_app_setting_get --app=$app --key=prices) +#REMOVEME? secret=$(ynh_app_setting_get --app=$app --key=secret) +#REMOVEME? csrf_key=$(ynh_app_setting_get --app=$app --key=csrf_key) +#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) domain=$new_domain #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 +#REMOVEME? ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 # Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { +#REMOVEME? ynh_backup_before_upgrade +#REMOVEME? ynh_clean_setup () { # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +#REMOVEME? ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" # Restore it if the upgrade fails - ynh_restore_upgradebackup +#REMOVEME? ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # CHECK WHICH PARTS SHOULD BE CHANGED #================================================= -change_domain=0 -if [ "$old_domain" != "$new_domain" ] +#REMOVEME? change_domain=0 +#REMOVEME? if [ "$old_domain" != "$new_domain" ] then - change_domain=1 + #REMOVEME? change_domain=1 fi -change_path=0 -if [ "$old_path" != "$new_path" ] +#REMOVEME? change_path=0 +#REMOVEME? if [ "$old_path" != "$new_path" ] then - change_path=1 + #REMOVEME? change_path=1 fi #================================================= @@ -88,28 +88,30 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --li #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf +ynh_change_url_nginx_config + +#REMOVEME? nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf # Change the path in the NGINX config file if [ $change_path -eq 1 ] then # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" +#REMOVEME? ynh_backup_if_checksum_is_different --file="$nginx_conf_path" # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" +#REMOVEME? domain="$old_domain" +#REMOVEME? path="$new_path" # Create a dedicated NGINX config - ynh_add_nginx_config +#REMOVEME? ynh_add_nginx_config fi # Change the domain for NGINX if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf +#REMOVEME? ynh_delete_file_checksum --file="$nginx_conf_path" +#REMOVEME? mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +#REMOVEME? ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi #================================================= @@ -119,21 +121,21 @@ fi #================================================= ynh_script_progression --message="Updating a configuration file..." -ynh_add_config --template="../conf/gunicorn.py" --destination="$final_path/gunicorn.py" -ynh_add_config --template="../conf/settings.py" --destination="$final_path/settings.py" +ynh_add_config --template="../conf/gunicorn.py" --destination="$install_dir/gunicorn.py" +ynh_add_config --template="../conf/settings.py" --destination="$install_dir/settings.py" for price in $(echo $prices | sed "s/,/ /"); do frequency=$(echo $price | cut -d/ -f1) currency=$(echo $price | cut -d/ -f2) price_id=$(echo $price | cut -d/ -f3) - echo "DONATION['$frequency']['$currency'] = '$price_id'" >> "$final_path/settings.py" + echo "DONATION['$frequency']['$currency'] = '$price_id'" >> "$install_dir/settings.py" done -ynh_store_file_checksum --file="$final_path/settings.py" +ynh_store_file_checksum --file="$install_dir/settings.py" # Set permissions to app files -chown -R $app:www-data $final_path -chmod o=--- $final_path +chown -R $app:www-data $install_dir +chmod o=--- $install_dir #================================================= # GENERIC FINALISATION @@ -148,9 +150,9 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_systemd_action --service_name=nginx --action=reload +#REMOVEME? #REMOVEME? ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index 337a4a8..ef4b349 100755 --- a/scripts/install +++ b/scripts/install @@ -13,49 +13,49 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { true } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -domain=$YNH_APP_ARG_DOMAIN -path_url="/" -is_public=$YNH_APP_ARG_IS_PUBLIC -project_name=$YNH_APP_ARG_PROJECT_NAME -contact_url=$YNH_APP_ARG_CONTACT_URL -logo=$YNH_APP_ARG_LOGO -favicon=$YNH_APP_ARG_FAVICON -publishable_key=$YNH_APP_ARG_PUBLISHABLE_KEY -secret_key=$YNH_APP_ARG_SECRET_KEY -prices=$YNH_APP_ARG_PRICES +#REMOVEME? domain=$YNH_APP_ARG_DOMAIN +path="/" +#REMOVEME? is_public=$YNH_APP_ARG_IS_PUBLIC +#REMOVEME? project_name=$YNH_APP_ARG_PROJECT_NAME +#REMOVEME? contact_url=$YNH_APP_ARG_CONTACT_URL +#REMOVEME? logo=$YNH_APP_ARG_LOGO +#REMOVEME? favicon=$YNH_APP_ARG_FAVICON +#REMOVEME? publishable_key=$YNH_APP_ARG_PUBLISHABLE_KEY +#REMOVEME? secret_key=$YNH_APP_ARG_SECRET_KEY +#REMOVEME? prices=$YNH_APP_ARG_PRICES secret=$(ynh_string_random --length=50) csrf_key=$(ynh_string_random --length=50) -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=1 +#REMOVEME? ynh_script_progression --message="Validating installation parameters..." --weight=1 -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" +#REMOVEME? install_dir=/var/www/$app +#REMOVEME? test ! -e "$install_dir" || ynh_die --message="This path already contains a folder" # Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url +#REMOVEME? ynh_webpath_register --app=$app --domain=$domain --path=$path #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -ynh_script_progression --message="Storing installation settings..." --weight=1 +#REMOVEME? ynh_script_progression --message="Storing installation settings..." --weight=1 -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url +#REMOVEME? ynh_app_setting_set --app=$app --key=domain --value=$domain +#REMOVEME? ynh_app_setting_set --app=$app --key=path --value=$path ynh_app_setting_set --app=$app --key=project_name --value=$project_name ynh_app_setting_set --app=$app --key=contact_url --value=$contact_url ynh_app_setting_set --app=$app --key=logo --value=$logo @@ -71,39 +71,39 @@ ynh_app_setting_set --app=$app --key=csrf_key --value=$csrf_key #================================================= # FIND AND OPEN A PORT #================================================= -ynh_script_progression --message="Finding an available port..." --weight=1 +#REMOVEME? ynh_script_progression --message="Finding an available port..." --weight=1 # Find an available port -port=$(ynh_find_port --port=8102) -ynh_app_setting_set --app=$app --key=port --value=$port +#REMOVEME? port=$(ynh_find_port --port=8102) +#REMOVEME? ynh_app_setting_set --app=$app --key=port --value=$port #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --weight=1 +#REMOVEME? ynh_script_progression --message="Installing dependencies..." --weight=1 -ynh_install_app_dependencies $pkg_dependencies +#REMOVEME? ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 +#REMOVEME? ynh_script_progression --message="Configuring system user..." --weight=1 # Create a system user -ynh_system_user_create --username=$app --home_dir=$final_path +#REMOVEME? ynh_system_user_create --username=$app --home_dir=$install_dir #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 -ynh_app_setting_set --app=$app --key=final_path --value=$final_path +#REMOVEME? ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # NGINX CONFIGURATION @@ -118,9 +118,9 @@ ynh_add_nginx_config #================================================= # INSTALL PYTHON DEPENDENCIES #================================================= -ynh_script_progression --message="Installing Python dependencies..." +#REMOVEME? ynh_script_progression --message="Installing Python dependencies..." -pushd $final_path +pushd $install_dir python3 -m venv venv venv/bin/pip install --upgrade pip venv/bin/pip install -r requirements.txt @@ -141,17 +141,17 @@ popd #================================================= ynh_script_progression --message="Adding a configuration file..." -ynh_add_config --template="../conf/gunicorn.py" --destination="$final_path/gunicorn.py" -ynh_add_config --template="../conf/settings.py" --destination="$final_path/settings.py" +ynh_add_config --template="../conf/gunicorn.py" --destination="$install_dir/gunicorn.py" +ynh_add_config --template="../conf/settings.py" --destination="$install_dir/settings.py" for price in $(echo $prices | sed "s/,/ /"); do frequency=$(echo $price | cut -d/ -f1) currency=$(echo $price | cut -d/ -f2) price_id=$(echo $price | cut -d/ -f3) - echo "DONATION['$frequency']['$currency'] = '$price_id'" >> "$final_path/settings.py" + echo "DONATION['$frequency']['$currency'] = '$price_id'" >> "$install_dir/settings.py" done -ynh_store_file_checksum --file="$final_path/settings.py" +ynh_store_file_checksum --file="$install_dir/settings.py" #================================================= # SETUP SYSTEMD @@ -169,8 +169,8 @@ ynh_add_systemd_config ynh_script_progression --message="Securing files and directories..." # Set permissions to app files -chown -R $app:www-data $final_path -chmod o=--- $final_path +chown -R $app:www-data $install_dir +chmod o=--- $install_dir #================================================= # INTEGRATE SERVICE IN YUNOHOST @@ -190,23 +190,23 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 +#REMOVEME? ynh_script_progression --message="Configuring permissions..." --weight=1 # Make app public if necessary -if [ $is_public -eq 1 ] +#REMOVEME? if [ $is_public -eq 1 ] then # Everyone can access the app. # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" +#REMOVEME? ynh_permission_update --permission="main" --add="visitors" fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_systemd_action --service_name=nginx --action=reload +#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index b492b54..f2716b2 100755 --- a/scripts/remove +++ b/scripts/remove @@ -12,13 +12,13 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1 -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) #================================================= # STANDARD REMOVE @@ -44,18 +44,18 @@ ynh_remove_systemd_config #================================================= # REMOVE DEPENDENCIES #================================================= -ynh_script_progression --message="Removing dependencies..." --weight=1 +#REMOVEME? ynh_script_progression --message="Removing dependencies..." --weight=1 # Remove metapackage and its dependencies -ynh_remove_app_dependencies +#REMOVEME? ynh_remove_app_dependencies #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing app main directory..." --weight=1 +#REMOVEME? ynh_script_progression --message="Removing app main directory..." --weight=1 # Remove the app directory securely -ynh_secure_remove --file="$final_path" +#REMOVEME? ynh_secure_remove --file="$install_dir" #================================================= # REMOVE NGINX CONFIGURATION @@ -80,10 +80,10 @@ ynh_secure_remove --file="/var/log/$app" #================================================= # REMOVE DEDICATED USER #================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 +#REMOVEME? ynh_script_progression --message="Removing the dedicated system user..." --weight=1 # Delete a system user -ynh_system_user_delete --username=$app +#REMOVEME? ynh_system_user_delete --username=$app #================================================= # END OF SCRIPT diff --git a/scripts/restore b/scripts/restore index cc35ab0..57cea02 100755 --- a/scripts/restore +++ b/scripts/restore @@ -14,32 +14,32 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { true } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1 -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 +#REMOVEME? ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " +#REMOVEME? ynh_webpath_available --domain=$domain --path=$path \ + || ynh_die --message="Path not available: ${domain}${path}" +#REMOVEME? test ! -d $install_dir \ + || ynh_die --message="There is already a directory: $install_dir " #================================================= # STANDARD RESTORATION STEPS @@ -53,38 +53,38 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RECREATE THE DEDICATED USER #================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 +#REMOVEME? ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +#REMOVEME? ynh_system_user_create --username=$app --home_dir=$install_dir #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=1 +#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." --weight=1 # Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies +#REMOVEME? ynh_install_app_dependencies $pkg_dependencies #================================================= # INSTALL PYTHON DEPENDENCIES #================================================= -ynh_script_progression --message="Installing Python dependencies..." +#REMOVEME? ynh_script_progression --message="Installing Python dependencies..." -pushd $final_path +pushd $install_dir python3 -m venv venv venv/bin/pip install --upgrade pip venv/bin/pip install -r requirements.txt @@ -100,8 +100,8 @@ popd ynh_script_progression --message="Restoring user rights..." # Restore permissions on app files -chown -R $app:www-data $final_path -chmod o=--- $final_path +chown -R $app:www-data $install_dir +chmod o=--- $install_dir #================================================= # RESTORE SYSTEMD diff --git a/scripts/upgrade b/scripts/upgrade index 7b88a17..2af92ff 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -12,24 +12,24 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1 -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) -project_name=$(ynh_app_setting_get --app=$app --key=project_name) -contact_url=$(ynh_app_setting_get --app=$app --key=contact_url) -logo=$(ynh_app_setting_get --app=$app --key=logo) -favicon=$(ynh_app_setting_get --app=$app --key=favicon) -publishable_key=$(ynh_app_setting_get --app=$app --key=publishable_key) -secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) -prices=$(ynh_app_setting_get --app=$app --key=prices) -secret=$(ynh_app_setting_get --app=$app --key=secret) -csrf_key=$(ynh_app_setting_get --app=$app --key=csrf_key) +#REMOVEME? project_name=$(ynh_app_setting_get --app=$app --key=project_name) +#REMOVEME? contact_url=$(ynh_app_setting_get --app=$app --key=contact_url) +#REMOVEME? logo=$(ynh_app_setting_get --app=$app --key=logo) +#REMOVEME? favicon=$(ynh_app_setting_get --app=$app --key=favicon) +#REMOVEME? publishable_key=$(ynh_app_setting_get --app=$app --key=publishable_key) +#REMOVEME? secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) +#REMOVEME? prices=$(ynh_app_setting_get --app=$app --key=prices) +#REMOVEME? secret=$(ynh_app_setting_get --app=$app --key=secret) +#REMOVEME? csrf_key=$(ynh_app_setting_get --app=$app --key=csrf_key) #================================================= # CHECK VERSION @@ -41,16 +41,16 @@ upgrade_type=$(ynh_check_app_version_changed) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 +#REMOVEME? ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 # Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { +#REMOVEME? ynh_backup_before_upgrade +#REMOVEME? ynh_clean_setup () { # Restore it if the upgrade fails - ynh_restore_upgradebackup +#REMOVEME? ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS @@ -64,10 +64,10 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --li #================================================= # CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 +#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +#REMOVEME? ynh_system_user_create --username=$app --home_dir=$install_dir #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -78,12 +78,12 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_setup_source --dest_dir="$install_dir" fi -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # NGINX CONFIGURATION @@ -96,18 +96,18 @@ ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=1 +#REMOVEME? ynh_script_progression --message="Upgrading dependencies..." --weight=1 -ynh_install_app_dependencies $pkg_dependencies +#REMOVEME? ynh_install_app_dependencies $pkg_dependencies #================================================= # SPECIFIC UPGRADE #================================================= # UPGRADE PYTHON DEPENDENCIES #================================================= -ynh_script_progression --message="Installing Python dependencies..." +#REMOVEME? ynh_script_progression --message="Installing Python dependencies..." -pushd $final_path +pushd $install_dir python3 -m venv venv venv/bin/pip install --upgrade pip venv/bin/pip install -r requirements.txt @@ -128,17 +128,17 @@ popd #================================================= ynh_script_progression --message="Updating a configuration file..." -ynh_add_config --template="../conf/gunicorn.py" --destination="$final_path/gunicorn.py" -ynh_add_config --template="../conf/settings.py" --destination="$final_path/settings.py" +ynh_add_config --template="../conf/gunicorn.py" --destination="$install_dir/gunicorn.py" +ynh_add_config --template="../conf/settings.py" --destination="$install_dir/settings.py" for price in $(echo $prices | sed "s/,/ /"); do frequency=$(echo $price | cut -d/ -f1) currency=$(echo $price | cut -d/ -f2) price_id=$(echo $price | cut -d/ -f3) - echo "DONATION['$frequency']['$currency'] = '$price_id'" >> "$final_path/settings.py" + echo "DONATION['$frequency']['$currency'] = '$price_id'" >> "$install_dir/settings.py" done -ynh_store_file_checksum --file="$final_path/settings.py" +ynh_store_file_checksum --file="$install_dir/settings.py" #================================================= # SETUP SYSTEMD @@ -156,8 +156,8 @@ ynh_add_systemd_config ynh_script_progression --message="Securing files and directories..." # Set permissions on app files -chown -R $app:www-data $final_path -chmod o=--- $final_path +chown -R $app:www-data $install_dir +chmod o=--- $install_dir #================================================= # INTEGRATE SERVICE IN YUNOHOST @@ -176,9 +176,9 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_systemd_action --service_name=nginx --action=reload +#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT From f34d958734c9d1a31007559054c6034c67bc2017 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 27 Sep 2023 22:33:52 +0200 Subject: [PATCH 03/18] v2 --- conf/nginx.conf | 4 +- doc/{DISCLAIMER.md => ADMIN.md} | 0 doc/DESCRIPTION.md | 1 + manifest.json | 114 -------------------------------- manifest.toml | 23 +++---- scripts/_common.sh | 3 - scripts/backup | 21 ------ scripts/change_url | 96 --------------------------- scripts/install | 88 +----------------------- scripts/remove | 54 --------------- scripts/restore | 73 +------------------- scripts/upgrade | 60 ----------------- tests.toml | 21 ++++++ 13 files changed, 38 insertions(+), 520 deletions(-) rename doc/{DISCLAIMER.md => ADMIN.md} (100%) create mode 100644 doc/DESCRIPTION.md delete mode 100644 manifest.json create mode 100644 tests.toml diff --git a/conf/nginx.conf b/conf/nginx.conf index 3e8c90c..bf2929a 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,8 +1,6 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } + proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md similarity index 100% rename from doc/DISCLAIMER.md rename to doc/ADMIN.md diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..803b2c1 --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1 @@ +A simple donation form with stripe \ No newline at end of file diff --git a/manifest.json b/manifest.json deleted file mode 100644 index c5a5dd2..0000000 --- a/manifest.json +++ /dev/null @@ -1,114 +0,0 @@ -{ - "name": "Pepettes", - "id": "pepettes", - "packaging_format": 1, - "description": { - "en": "A simple donation form with stripe", - "fr": "Un simple formulaire de don avec stripe" - }, - "version": "1.0.1~ynh3", - "url": "https://github.com/YunoHost/pepettes/", - "upstream": { - "license": "MIT", - "demo": "https://donate.yunohost.org", - "admindoc": "https://github.com/YunoHost/pepettes/blob/main/README.md", - "code": "https://github.com/YunoHost/pepettes/" - }, - "license": "MIT", - "maintainer": { - "name": "ljf", - "email": "ljf+pepettes@reflexlibre.net", - "url": "http://reflexlibre.net" - }, - "requirements": { - "yunohost": ">= 4.1.3" - }, - "multi_instance": true, - "services": [ - "nginx" - ], - "arguments": { - "install" : [ - { - "name": "domain", - "type": "domain", - "example": "example.com" - }, - { - "name": "is_public", - "type": "boolean", - "default": true - }, - { - "name": "project_name", - "type": "string", - "ask": { - "en": "What's the name of the project which will received donation ?", - "fr": "Quel est le nom du projet qui va recevoir les dons ?" - }, - "default": "" - }, - { - "name": "contact_url", - "type": "string", - "ask": { - "en": "Indicate a link to contact you to ask for stopping recuring payment", - "fr": "Indiquez un lien pour vous contacter pour arréter les paiements récurrents" - }, - "default": "" - }, - { - "name": "logo", - "type": "string", - "ask": { - "en": "A link to the logo of your project", - "fr": "Un lien vers le logo de votre projet" - }, - "default": "" - }, - { - "name": "favicon", - "type": "string", - "ask": { - "en": "A link to the favicon of your project", - "fr": "Un lien vers la favicon de votre projet" - }, - "default": "" - }, - { - "name": "publishable_key", - "type": "string", - "ask": { - "en": "Indicate here the stripe publishable key", - "fr": "Indiquez ici la clé publique stripe" - }, - "default": "" - }, - { - "name": "secret_key", - "type": "string", - "ask": { - "en": "Indicate here the stripe secret key", - "fr": "Indiquez ici la clé secrète stripe" - }, - "default": "" - }, - { - "name": "prices", - "type": "string", - "ask": { - "en": "Indicates here the prices ID of donation products you created in stripe interfaces", - "fr": "Indiquez ici les ID de prix des produits de don stripe que vous avez créé dans l'interface stripe" - }, - "default": "one_time/EUR/price_1IKuPV,recuring/EUR/price_1IKuPV", - "help": { - "en": "Go on https://dashboard.stripe.com/products to create those donation products", - "fr": "Allez sur https://dashboard.stripe.com/products pour créer ces produits de dons" - } - } - - - - ] - } -} diff --git a/manifest.toml b/manifest.toml index a032427..b1cae31 100644 --- a/manifest.toml +++ b/manifest.toml @@ -14,25 +14,20 @@ license = "MIT" demo = "https://donate.yunohost.org" admindoc = "https://github.com/YunoHost/pepettes/blob/main/README.md" code = "https://github.com/YunoHost/pepettes/" -website = "https://github.com/YunoHost/pepettes/" -cpe = "???" # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number) -fund = "???" # FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin. [integration] -yunohost = ">= 4.1.3" -architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"] +yunohost = ">= 11.2" +architectures = "all" multi_instance = true -ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials. -sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal. -disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... -ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... -ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +ldap = false +sso = false +disk = "50M" +ram.build = "50M" +ram.runtime = "50M" [install] [install.domain] - # this is a generic question - ask strings are automatically handled by Yunohost's core type = "domain" - full_domain = true [install.init_main_permission] type = "group" @@ -87,6 +82,7 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen url = "https://github.com/YunoHost/pepettes/archive/v1.0.1.tar.gz" sha256 = "9792ed5589d4a55bd619edc7aa61a1a78f34c5a4e7095b2292ac09b66c8b9a58" + [resources.ports] [resources.system_user] @@ -94,3 +90,6 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen [resources.permissions] main.url = "/" + + [resources.apt] + packages = "python3-venv, python3-dev, python3-pip" diff --git a/scripts/_common.sh b/scripts/_common.sh index 009af3d..944a65e 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,9 +4,6 @@ # COMMON VARIABLES #================================================= -# dependencies used by the app -#REMOVEME? pkg_dependencies="python3-venv python3-dev python3-pip" - #================================================= # PERSONAL HELPERS #================================================= diff --git a/scripts/backup b/scripts/backup index 3aa53f8..7189d8c 100755 --- a/scripts/backup +++ b/scripts/backup @@ -10,26 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -#REMOVEME? ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_print_info --message="Loading installation settings..." - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -47,7 +27,6 @@ ynh_backup --src_path="$install_dir" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # SPECIFIC BACKUP #================================================= diff --git a/scripts/change_url b/scripts/change_url index c84486a..67e0fe3 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -9,71 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -#REMOVEME? old_domain=$YNH_APP_OLD_DOMAIN -#REMOVEME? old_path=$YNH_APP_OLD_PATH - -#REMOVEME? new_domain=$YNH_APP_NEW_DOMAIN -#REMOVEME? new_path=$YNH_APP_NEW_PATH - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1 - -#REMOVEME? # Needed for helper "ynh_add_nginx_config" -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) - -#REMOVEME? project_name=$(ynh_app_setting_get --app=$app --key=project_name) -#REMOVEME? contact_url=$(ynh_app_setting_get --app=$app --key=contact_url) -#REMOVEME? logo=$(ynh_app_setting_get --app=$app --key=logo) -#REMOVEME? favicon=$(ynh_app_setting_get --app=$app --key=favicon) -#REMOVEME? publishable_key=$(ynh_app_setting_get --app=$app --key=publishable_key) -#REMOVEME? secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) -#REMOVEME? prices=$(ynh_app_setting_get --app=$app --key=prices) -#REMOVEME? secret=$(ynh_app_setting_get --app=$app --key=secret) -#REMOVEME? csrf_key=$(ynh_app_setting_get --app=$app --key=csrf_key) -#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) -domain=$new_domain - -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -#REMOVEME? ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 - -# Backup the current version of the app -#REMOVEME? ynh_backup_before_upgrade -#REMOVEME? ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. -#REMOVEME? ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails -#REMOVEME? ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -#REMOVEME? change_domain=0 -#REMOVEME? if [ "$old_domain" != "$new_domain" ] -then - #REMOVEME? change_domain=1 -fi - -#REMOVEME? change_path=0 -#REMOVEME? if [ "$old_path" != "$new_path" ] -then - #REMOVEME? change_path=1 -fi - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -90,30 +25,6 @@ ynh_script_progression --message="Updating NGINX web server configuration..." -- ynh_change_url_nginx_config -#REMOVEME? nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified -#REMOVEME? ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper -#REMOVEME? domain="$old_domain" -#REMOVEME? path="$new_path" - # Create a dedicated NGINX config -#REMOVEME? ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location -#REMOVEME? ynh_delete_file_checksum --file="$nginx_conf_path" -#REMOVEME? mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location -#REMOVEME? ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi - #================================================= # SPECIFIC MODIFICATIONS #================================================= @@ -147,13 +58,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started" -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -#REMOVEME? #REMOVEME? ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index ef4b349..755f82a 100755 --- a/scripts/install +++ b/scripts/install @@ -9,53 +9,18 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -#REMOVEME? ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -#REMOVEME? domain=$YNH_APP_ARG_DOMAIN -path="/" -#REMOVEME? is_public=$YNH_APP_ARG_IS_PUBLIC -#REMOVEME? project_name=$YNH_APP_ARG_PROJECT_NAME -#REMOVEME? contact_url=$YNH_APP_ARG_CONTACT_URL -#REMOVEME? logo=$YNH_APP_ARG_LOGO -#REMOVEME? favicon=$YNH_APP_ARG_FAVICON -#REMOVEME? publishable_key=$YNH_APP_ARG_PUBLISHABLE_KEY -#REMOVEME? secret_key=$YNH_APP_ARG_SECRET_KEY -#REMOVEME? prices=$YNH_APP_ARG_PRICES secret=$(ynh_string_random --length=50) csrf_key=$(ynh_string_random --length=50) -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -#REMOVEME? ynh_script_progression --message="Validating installation parameters..." --weight=1 - -#REMOVEME? install_dir=/var/www/$app -#REMOVEME? test ! -e "$install_dir" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -#REMOVEME? ynh_webpath_register --app=$app --domain=$domain --path=$path - #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -#REMOVEME? ynh_script_progression --message="Storing installation settings..." --weight=1 +ynh_script_progression --message="Storing installation settings..." --weight=1 -#REMOVEME? ynh_app_setting_set --app=$app --key=domain --value=$domain -#REMOVEME? ynh_app_setting_set --app=$app --key=path --value=$path ynh_app_setting_set --app=$app --key=project_name --value=$project_name ynh_app_setting_set --app=$app --key=contact_url --value=$contact_url ynh_app_setting_set --app=$app --key=logo --value=$logo @@ -66,42 +31,14 @@ ynh_app_setting_set --app=$app --key=prices --value=$prices ynh_app_setting_set --app=$app --key=secret --value=$secret ynh_app_setting_set --app=$app --key=csrf_key --value=$csrf_key -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -#REMOVEME? ynh_script_progression --message="Finding an available port..." --weight=1 - -# Find an available port -#REMOVEME? port=$(ynh_find_port --port=8102) -#REMOVEME? ynh_app_setting_set --app=$app --key=port --value=$port - -#================================================= -# INSTALL DEPENDENCIES -#================================================= -#REMOVEME? ynh_script_progression --message="Installing dependencies..." --weight=1 - -#REMOVEME? ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# CREATE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -#REMOVEME? ynh_system_user_create --username=$app --home_dir=$install_dir - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 -#REMOVEME? ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" -chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" @@ -118,7 +55,7 @@ ynh_add_nginx_config #================================================= # INSTALL PYTHON DEPENDENCIES #================================================= -#REMOVEME? ynh_script_progression --message="Installing Python dependencies..." +ynh_script_progression --message="Installing Python dependencies..." pushd $install_dir python3 -m venv venv @@ -187,27 +124,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started" -#================================================= -# SETUP SSOWAT -#================================================= -#REMOVEME? ynh_script_progression --message="Configuring permissions..." --weight=1 - -# Make app public if necessary -#REMOVEME? if [ $is_public -eq 1 ] -then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. -#REMOVEME? ynh_permission_update --permission="main" --add="visitors" -fi - - -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index f2716b2..727a2ce 100755 --- a/scripts/remove +++ b/scripts/remove @@ -9,17 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1 - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) - #================================================= # STANDARD REMOVE #================================================= @@ -33,58 +22,15 @@ then yunohost service remove $app fi -#================================================= -# STOP AND REMOVE SERVICE -#================================================= -ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 - # Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= -#REMOVEME? ynh_script_progression --message="Removing dependencies..." --weight=1 - -# Remove metapackage and its dependencies -#REMOVEME? ynh_remove_app_dependencies - -#================================================= -# REMOVE APP MAIN DIR -#================================================= -#REMOVEME? ynh_script_progression --message="Removing app main directory..." --weight=1 - -# Remove the app directory securely -#REMOVEME? ynh_secure_remove --file="$install_dir" - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 - # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= -ynh_script_progression --message="Removing various files..." - # Remove the log files ynh_secure_remove --file="/var/log/$app" -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Removing the dedicated system user..." --weight=1 - -# Delete a system user -#REMOVEME? ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 57cea02..fef2db8 100755 --- a/scripts/restore +++ b/scripts/restore @@ -10,54 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -#REMOVEME? ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1 - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -#REMOVEME? ynh_script_progression --message="Validating restoration parameters..." --weight=1 - -#REMOVEME? ynh_webpath_available --domain=$domain --path=$path \ - || ynh_die --message="Path not available: ${domain}${path}" -#REMOVEME? test ! -d $install_dir \ - || ynh_die --message="There is already a directory: $install_dir " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -#REMOVEME? ynh_system_user_create --username=$app --home_dir=$install_dir - #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -65,20 +17,9 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$install_dir" -chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." --weight=1 - -# Define and install dependencies -#REMOVEME? ynh_install_app_dependencies $pkg_dependencies - #================================================= # INSTALL PYTHON DEPENDENCIES #================================================= @@ -108,14 +49,11 @@ chmod o=--- $install_dir #================================================= ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - yunohost service add $app --description="A simple donation form" #================================================= @@ -125,13 +63,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started" -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 2af92ff..31e388f 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,49 +9,12 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1 - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) - -#REMOVEME? project_name=$(ynh_app_setting_get --app=$app --key=project_name) -#REMOVEME? contact_url=$(ynh_app_setting_get --app=$app --key=contact_url) -#REMOVEME? logo=$(ynh_app_setting_get --app=$app --key=logo) -#REMOVEME? favicon=$(ynh_app_setting_get --app=$app --key=favicon) -#REMOVEME? publishable_key=$(ynh_app_setting_get --app=$app --key=publishable_key) -#REMOVEME? secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) -#REMOVEME? prices=$(ynh_app_setting_get --app=$app --key=prices) -#REMOVEME? secret=$(ynh_app_setting_get --app=$app --key=secret) -#REMOVEME? csrf_key=$(ynh_app_setting_get --app=$app --key=csrf_key) - #================================================= # CHECK VERSION #================================================= -ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -#REMOVEME? ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -#REMOVEME? ynh_backup_before_upgrade -#REMOVEME? ynh_clean_setup () { - # Restore it if the upgrade fails -#REMOVEME? ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -61,14 +24,6 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped" -#================================================= -# CREATE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -#REMOVEME? ynh_system_user_create --username=$app --home_dir=$install_dir - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -81,7 +36,6 @@ then ynh_setup_source --dest_dir="$install_dir" fi -chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" @@ -93,13 +47,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -#REMOVEME? ynh_script_progression --message="Upgrading dependencies..." --weight=1 - -#REMOVEME? ynh_install_app_dependencies $pkg_dependencies - #================================================= # SPECIFIC UPGRADE #================================================= @@ -173,13 +120,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started" -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..3fd9b8c --- /dev/null +++ b/tests.toml @@ -0,0 +1,21 @@ +test_format = 1.0 + +[default] + + # ------------------------------- + # Default args to use for install + # ------------------------------- + + args.project_name="YunoHost" + args.contact_url="https://forum.yunohost.org/t/donate-to-yunohost/9211" + args.logo="https://yunohost.org/user/images/logo.png" + args.favicon="https://yunohost.org/user/themes/yunohost-docs/images/favicon.png" + args.publishable_key="pk_test_gOgGjacs9YfvDJY03BRZ576O" + args.secret_key="sk_test_aaaaaaaaaaaaaaaaa" + args.prices="one_time/EUR/price_1IKuPV,recuring/EUR/price_1IKuPV" + + # ------------------------------- + # Commits to test upgrade from + # ------------------------------- + + test_upgrade_from.5cc2d3ffd6529cc7356ff93af92dbb6785c3ab9a.name = "Upgrade from 1.0.1~ynh1" From 4fc7836fe063b75eae7943e088747cda29d57d31 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Wed, 27 Sep 2023 20:33:56 +0000 Subject: [PATCH 04/18] Auto-update README --- README.md | 4 ---- README_fr.md | 6 +----- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/README.md b/README.md index c5fd43a..8351426 100644 --- a/README.md +++ b/README.md @@ -21,10 +21,6 @@ A simple donation form with stripe **Shipped version:** 1.0.1~ynh3 **Demo:** https://donate.yunohost.org -## Disclaimers / important information - -This app may be configured through the `settings.py` after installation. - ## Documentation and resources * Official admin documentation: diff --git a/README_fr.md b/README_fr.md index 26dc11e..8e2cfdb 100644 --- a/README_fr.md +++ b/README_fr.md @@ -16,15 +16,11 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po ## Vue d’ensemble -Un simple formulaire de don avec stripe +A simple donation form with stripe **Version incluse :** 1.0.1~ynh3 **Démo :** https://donate.yunohost.org -## Avertissements / informations importantes - -This app may be configured through the `settings.py` after installation. - ## Documentations et ressources * Documentation officielle de l’admin : From 88335c488d47c33f6b555ca05fbf58271a72b5fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 27 Sep 2023 22:35:56 +0200 Subject: [PATCH 05/18] v2 --- check_process | 32 -------------------------------- scripts/install | 20 +++++--------------- scripts/upgrade | 22 ++++++---------------- 3 files changed, 11 insertions(+), 63 deletions(-) delete mode 100644 check_process diff --git a/check_process b/check_process deleted file mode 100644 index 23091f6..0000000 --- a/check_process +++ /dev/null @@ -1,32 +0,0 @@ -;; Test complet - ; Manifest - domain="domain.tld" - path="/path" - is_public=1 - project_name="YunoHost" - contact_url="https://forum.yunohost.org/t/donate-to-yunohost/9211" - logo="https://yunohost.org/user/images/logo.png" - favicon="https://yunohost.org/user/themes/yunohost-docs/images/favicon.png" - publishable_key="pk_test_gOgGjacs9YfvDJY03BRZ576O" - secret_key="sk_test_aaaaaaaaaaaaaaaaa" - prices="one_time/EUR/price_1IKuPV,recuring/EUR/price_1IKuPV" - ; Checks - pkg_linter=1 - setup_sub_dir=0 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - # 1.0.1~ynh1 - upgrade=1 from_commit=5cc2d3ffd6529cc7356ff93af92dbb6785c3ab9a - backup_restore=1 - multi_instance=1 - port_already_use=0 - change_url=1 -;;; Options -Email= -Notification=none -;;; Upgrade options - ; commit=5cc2d3ffd6529cc7356ff93af92dbb6785c3ab9a - name=1.0.1~ynh1 diff --git a/scripts/install b/scripts/install index 755f82a..71e5f14 100755 --- a/scripts/install +++ b/scripts/install @@ -42,14 +42,6 @@ ynh_setup_source --dest_dir="$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=1 - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # SPECIFIC SETUP #================================================= @@ -95,9 +87,14 @@ ynh_store_file_checksum --file="$install_dir/settings.py" #================================================= ynh_script_progression --message="Configuring a systemd service..." --weight=1 +# Create a dedicated NGINX config +ynh_add_nginx_config + # Create a dedicated systemd config ynh_add_systemd_config +yunohost service add $app --description="A simple donation form" + #================================================= # GENERIC FINALIZATION #================================================= @@ -109,13 +106,6 @@ ynh_script_progression --message="Securing files and directories..." chown -R $app:www-data $install_dir chmod o=--- $install_dir -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app --description="A simple donation form" - #================================================= # START SYSTEMD SERVICE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 31e388f..789f894 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -39,20 +39,12 @@ fi chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # SPECIFIC UPGRADE #================================================= # UPGRADE PYTHON DEPENDENCIES #================================================= -#REMOVEME? ynh_script_progression --message="Installing Python dependencies..." +ynh_script_progression --message="Installing Python dependencies..." pushd $install_dir python3 -m venv venv @@ -92,9 +84,14 @@ ynh_store_file_checksum --file="$install_dir/settings.py" #================================================= ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 +# Create a dedicated NGINX config +ynh_add_nginx_config + # Create a dedicated systemd config ynh_add_systemd_config +yunohost service add $app --description="A simple donation form" + #================================================= # GENERIC FINALIZATION #================================================= @@ -106,13 +103,6 @@ ynh_script_progression --message="Securing files and directories..." chown -R $app:www-data $install_dir chmod o=--- $install_dir -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app --description="A simple donation form" - #================================================= # START SYSTEMD SERVICE #================================================= From 6b54d6c25b8eac763bf7de613c7589c9a0e216f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 27 Sep 2023 22:40:16 +0200 Subject: [PATCH 06/18] Update nginx.conf --- conf/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index bf2929a..1876b1e 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -10,7 +10,7 @@ location __PATH__/ { # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; } -location __PATH__/css { +location __PATH__/css/ { alias __INSTALL_DIR__/assets/css; } From c7ac1ed2b1a384e13850c563ec635e1c811b3873 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 27 Sep 2023 22:41:00 +0200 Subject: [PATCH 07/18] Update manifest.toml --- manifest.toml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifest.toml b/manifest.toml index b1cae31..60cff15 100644 --- a/manifest.toml +++ b/manifest.toml @@ -2,10 +2,10 @@ packaging_format = 2 id = "pepettes" name = "Pepettes" -description.en = "A simple donation form with stripe" -description.fr = "Un simple formulaire de don avec stripe" +description.en = "Simple donation form with stripe" +description.fr = "Simple formulaire de don avec stripe" -version = "1.0.1~ynh3" +version = "1.0.1~ynh4" maintainers = ["ljf"] From b619a15128b37ba9a6e4283c14ec9d0c1111b735 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Wed, 27 Sep 2023 20:41:04 +0000 Subject: [PATCH 08/18] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8351426..d503003 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in A simple donation form with stripe -**Shipped version:** 1.0.1~ynh3 +**Shipped version:** 1.0.1~ynh4 **Demo:** https://donate.yunohost.org ## Documentation and resources diff --git a/README_fr.md b/README_fr.md index 8e2cfdb..6dd6a21 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po A simple donation form with stripe -**Version incluse :** 1.0.1~ynh3 +**Version incluse :** 1.0.1~ynh4 **Démo :** https://donate.yunohost.org ## Documentations et ressources From 3d7a57c6945c2d94581f67846026d309af8443f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 27 Sep 2023 22:43:58 +0200 Subject: [PATCH 09/18] cleaning --- manifest.toml | 2 +- scripts/install | 1 + scripts/restore | 1 + scripts/upgrade | 1 + 4 files changed, 4 insertions(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 60cff15..7db9b96 100644 --- a/manifest.toml +++ b/manifest.toml @@ -34,7 +34,7 @@ ram.runtime = "50M" default = "visitors" [install.project_name] - ask.en = "What's the name of the project which will received donation ?" + ask.en = "What's the name of the project which will received donation?" ask.fr = "Quel est le nom du projet qui va recevoir les dons ?" type = "string" default = "" diff --git a/scripts/install b/scripts/install index 71e5f14..3973afa 100755 --- a/scripts/install +++ b/scripts/install @@ -54,6 +54,7 @@ pushd $install_dir venv/bin/pip install --upgrade pip venv/bin/pip install -r requirements.txt venv/bin/pip install gunicorn + venv/bin/pybabel compile -d locales/ mkdir -p /var/log/$app chown -R $app:www-data /var/log/$app chmod o-rwx /var/log/$app diff --git a/scripts/restore b/scripts/restore index fef2db8..e3cbf6c 100755 --- a/scripts/restore +++ b/scripts/restore @@ -30,6 +30,7 @@ pushd $install_dir venv/bin/pip install --upgrade pip venv/bin/pip install -r requirements.txt venv/bin/pip install gunicorn + venv/bin/pybabel compile -d locales/ mkdir -p /var/log/$app chown -R $app:www-data /var/log/$app chmod o-rwx /var/log/$app diff --git a/scripts/upgrade b/scripts/upgrade index 789f894..3e3ee38 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -51,6 +51,7 @@ pushd $install_dir venv/bin/pip install --upgrade pip venv/bin/pip install -r requirements.txt venv/bin/pip install gunicorn + venv/bin/pybabel compile -d locales/ mkdir -p /var/log/$app chown -R $app:www-data /var/log/$app chmod o-rwx /var/log/$app From 0794dfab91acc1993c3355898feda125e640d619 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 27 Sep 2023 22:44:16 +0200 Subject: [PATCH 10/18] Update manifest.toml --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 7db9b96..aef4f98 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Pepettes" description.en = "Simple donation form with stripe" description.fr = "Simple formulaire de don avec stripe" -version = "1.0.1~ynh4" +version = "1.0.1~ynh5" maintainers = ["ljf"] From 6a62d6035524175cd27a27c523792ffdefdcd77f Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Wed, 27 Sep 2023 20:44:20 +0000 Subject: [PATCH 11/18] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d503003..ef02a30 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in A simple donation form with stripe -**Shipped version:** 1.0.1~ynh4 +**Shipped version:** 1.0.1~ynh5 **Demo:** https://donate.yunohost.org ## Documentation and resources diff --git a/README_fr.md b/README_fr.md index 6dd6a21..2dd2f5c 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po A simple donation form with stripe -**Version incluse :** 1.0.1~ynh4 +**Version incluse :** 1.0.1~ynh5 **Démo :** https://donate.yunohost.org ## Documentations et ressources From 78964b9beeeb72dc37df97f2d75668e0d22212e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 27 Sep 2023 22:45:16 +0200 Subject: [PATCH 12/18] Update systemd.service --- conf/systemd.service | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/conf/systemd.service b/conf/systemd.service index 12aeccc..d6ee611 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -12,5 +12,39 @@ ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s TERM $MAINPID PrivateTmp=true +# Sandboxing options to harden security +# Depending on specificities of your service/app, you may need to tweak these +# .. but this should be a good baseline +# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK +RestrictNamespaces=yes +RestrictRealtime=yes +DevicePolicy=closed +ProtectClock=yes +ProtectHostname=yes +ProtectProc=invisible +ProtectSystem=full +ProtectControlGroups=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +LockPersonality=yes +SystemCallArchitectures=native +SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged + +# Denying access to capabilities that should not be relevant for webapps +# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html +CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD +CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE +CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT +CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK +CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM +CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG +CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE +CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW +CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG + [Install] WantedBy=multi-user.target From c0b1c4fb11e28897a74f104a0408544a024dac68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 27 Sep 2023 22:54:02 +0200 Subject: [PATCH 13/18] Update ADMIN.md --- doc/ADMIN.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/ADMIN.md b/doc/ADMIN.md index 54cd697..ce70fda 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -1 +1 @@ -This app may be configured through the `settings.py` after installation. +This app may be configured through the `__INSTALL_DIR__/settings.py` after installation. From 499c338ba2fc9695fb3ced8cc7c640eb6f953107 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 29 Sep 2023 15:57:52 +0200 Subject: [PATCH 14/18] cleaning --- scripts/install | 15 ++++----------- scripts/remove | 5 +++-- scripts/restore | 12 +++++++----- scripts/upgrade | 8 ++++---- 4 files changed, 18 insertions(+), 22 deletions(-) diff --git a/scripts/install b/scripts/install index 3973afa..a6cdd43 100755 --- a/scripts/install +++ b/scripts/install @@ -21,13 +21,6 @@ csrf_key=$(ynh_string_random --length=50) #================================================= ynh_script_progression --message="Storing installation settings..." --weight=1 -ynh_app_setting_set --app=$app --key=project_name --value=$project_name -ynh_app_setting_set --app=$app --key=contact_url --value=$contact_url -ynh_app_setting_set --app=$app --key=logo --value=$logo -ynh_app_setting_set --app=$app --key=favicon --value=$favicon -ynh_app_setting_set --app=$app --key=publishable_key --value=$publishable_key -ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key -ynh_app_setting_set --app=$app --key=prices --value=$prices ynh_app_setting_set --app=$app --key=secret --value=$secret ynh_app_setting_set --app=$app --key=csrf_key --value=$csrf_key @@ -47,7 +40,7 @@ chown -R $app:www-data "$install_dir" #================================================= # INSTALL PYTHON DEPENDENCIES #================================================= -ynh_script_progression --message="Installing Python dependencies..." +ynh_script_progression --message="Installing Python dependencies..." --weight=1 pushd $install_dir python3 -m venv venv @@ -69,7 +62,7 @@ popd #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." +ynh_script_progression --message="Adding a configuration file..." --weight=1 ynh_add_config --template="../conf/gunicorn.py" --destination="$install_dir/gunicorn.py" ynh_add_config --template="../conf/settings.py" --destination="$install_dir/settings.py" @@ -94,14 +87,14 @@ ynh_add_nginx_config # Create a dedicated systemd config ynh_add_systemd_config -yunohost service add $app --description="A simple donation form" +yunohost service add $app --description="Simple donation form" --log="/var/log/$app/$app.log" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= -ynh_script_progression --message="Securing files and directories..." +ynh_script_progression --message="Securing files and directories..." --weight=1 # Set permissions to app files chown -R $app:www-data $install_dir diff --git a/scripts/remove b/scripts/remove index 727a2ce..fdec394 100755 --- a/scripts/remove +++ b/scripts/remove @@ -10,10 +10,11 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# STANDARD REMOVE +# REMOVE SYSTEM CONFIGURATIONS #================================================= -# REMOVE SERVICE INTEGRATION IN YUNOHOST +# REMOVE SYSTEMD SERVICE #================================================= +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null diff --git a/scripts/restore b/scripts/restore index e3cbf6c..598a32c 100755 --- a/scripts/restore +++ b/scripts/restore @@ -23,7 +23,7 @@ chown -R $app:www-data "$install_dir" #================================================= # INSTALL PYTHON DEPENDENCIES #================================================= -#REMOVEME? ynh_script_progression --message="Installing Python dependencies..." +ynh_script_progression --message="Installing Python dependencies..." --weight=1 pushd $install_dir python3 -m venv venv @@ -39,7 +39,7 @@ popd #================================================= # RESTORE USER RIGHTS #================================================= -ynh_script_progression --message="Restoring user rights..." +ynh_script_progression --message="Restoring user rights..." --weight=1 # Restore permissions on app files chown -R $app:www-data $install_dir @@ -55,12 +55,14 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -yunohost service add $app --description="A simple donation form" +yunohost service add $app --description="Simple donation form" --log="/var/log/$app/$app.log" #================================================= -# START SYSTEMD SERVICE +# GENERIC FINALIZATION #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 +# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE +#================================================= +ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Started" diff --git a/scripts/upgrade b/scripts/upgrade index 3e3ee38..d723313 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -44,7 +44,7 @@ chown -R $app:www-data "$install_dir" #================================================= # UPGRADE PYTHON DEPENDENCIES #================================================= -ynh_script_progression --message="Installing Python dependencies..." +ynh_script_progression --message="Installing Python dependencies..." --weight=1 pushd $install_dir python3 -m venv venv @@ -66,7 +66,7 @@ popd #================================================= # UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Updating a configuration file..." +ynh_script_progression --message="Updating a configuration file..." --weight=1 ynh_add_config --template="../conf/gunicorn.py" --destination="$install_dir/gunicorn.py" ynh_add_config --template="../conf/settings.py" --destination="$install_dir/settings.py" @@ -91,14 +91,14 @@ ynh_add_nginx_config # Create a dedicated systemd config ynh_add_systemd_config -yunohost service add $app --description="A simple donation form" +yunohost service add $app --description="Simple donation form" --log="/var/log/$app/$app.log" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= -ynh_script_progression --message="Securing files and directories..." +ynh_script_progression --message="Securing files and directories..." --weight=1 # Set permissions on app files chown -R $app:www-data $install_dir From 91d2b94c928686dfa00facb50d21f70124290e50 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 29 Sep 2023 13:57:56 +0000 Subject: [PATCH 15/18] Auto-update README --- README.md | 1 - README_fr.md | 1 - 2 files changed, 2 deletions(-) diff --git a/README.md b/README.md index ef02a30..ccf7820 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,6 @@ A simple donation form with stripe * Official admin documentation: * Upstream app code repository: -* YunoHost documentation for this app: * Report a bug: ## Developer info diff --git a/README_fr.md b/README_fr.md index 2dd2f5c..7216a3c 100644 --- a/README_fr.md +++ b/README_fr.md @@ -25,7 +25,6 @@ A simple donation form with stripe * Documentation officielle de l’admin : * Dépôt de code officiel de l’app : -* Documentation YunoHost pour cette app : * Signaler un bug : ## Informations pour les développeurs From 2a8c39ae62404f43ebaa15918b1a90cd62bcf80b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 29 Sep 2023 16:27:45 +0200 Subject: [PATCH 16/18] Update install --- scripts/install | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scripts/install b/scripts/install index a6cdd43..de83166 100755 --- a/scripts/install +++ b/scripts/install @@ -21,6 +21,13 @@ csrf_key=$(ynh_string_random --length=50) #================================================= ynh_script_progression --message="Storing installation settings..." --weight=1 +ynh_app_setting_set --app=$app --key=project_name --value=$project_name +ynh_app_setting_set --app=$app --key=contact_url --value=$contact_url +ynh_app_setting_set --app=$app --key=logo --value=$logo +ynh_app_setting_set --app=$app --key=favicon --value=$favicon +ynh_app_setting_set --app=$app --key=publishable_key --value=$publishable_key +ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key +ynh_app_setting_set --app=$app --key=prices --value=$prices ynh_app_setting_set --app=$app --key=secret --value=$secret ynh_app_setting_set --app=$app --key=csrf_key --value=$csrf_key From b5bb06f1aca79a2c22da394e6f7742d42e59d704 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 29 Sep 2023 16:38:50 +0200 Subject: [PATCH 17/18] Update systemd.service --- conf/systemd.service | 34 ---------------------------------- 1 file changed, 34 deletions(-) diff --git a/conf/systemd.service b/conf/systemd.service index d6ee611..12aeccc 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -12,39 +12,5 @@ ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s TERM $MAINPID PrivateTmp=true -# Sandboxing options to harden security -# Depending on specificities of your service/app, you may need to tweak these -# .. but this should be a good baseline -# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html -NoNewPrivileges=yes -PrivateTmp=yes -PrivateDevices=yes -RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK -RestrictNamespaces=yes -RestrictRealtime=yes -DevicePolicy=closed -ProtectClock=yes -ProtectHostname=yes -ProtectProc=invisible -ProtectSystem=full -ProtectControlGroups=yes -ProtectKernelModules=yes -ProtectKernelTunables=yes -LockPersonality=yes -SystemCallArchitectures=native -SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged - -# Denying access to capabilities that should not be relevant for webapps -# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html -CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD -CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE -CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT -CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK -CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM -CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG -CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE -CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW -CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG - [Install] WantedBy=multi-user.target From 04baeb5c786d60eddbcfcaf2ea84997e5f1090ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 29 Sep 2023 16:48:12 +0200 Subject: [PATCH 18/18] Update install --- scripts/install | 7 ------- 1 file changed, 7 deletions(-) diff --git a/scripts/install b/scripts/install index de83166..a6cdd43 100755 --- a/scripts/install +++ b/scripts/install @@ -21,13 +21,6 @@ csrf_key=$(ynh_string_random --length=50) #================================================= ynh_script_progression --message="Storing installation settings..." --weight=1 -ynh_app_setting_set --app=$app --key=project_name --value=$project_name -ynh_app_setting_set --app=$app --key=contact_url --value=$contact_url -ynh_app_setting_set --app=$app --key=logo --value=$logo -ynh_app_setting_set --app=$app --key=favicon --value=$favicon -ynh_app_setting_set --app=$app --key=publishable_key --value=$publishable_key -ynh_app_setting_set --app=$app --key=secret_key --value=$secret_key -ynh_app_setting_set --app=$app --key=prices --value=$prices ynh_app_setting_set --app=$app --key=secret --value=$secret ynh_app_setting_set --app=$app --key=csrf_key --value=$csrf_key