YunoHost-Apps/pgadmin_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/pgadmin_ynh.git synced 2024-09-03 19:56:38 +02:00
Code Issues Activity Actions

Merge pull request #37 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Josue-T 2024-04-10 00:12:03 +02:00 committed by GitHub
commit eb8cca8e26
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
34 changed files with 969 additions and 406 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.gitignore vendored Normal file
View file

@ -0,0 +1,10 @@
# From kateproject
.kateproject
.kateproject.d
.directory
*swp
auto_update_config.sh
auto_update/Synapse_build_*.log
auto_update/synapse_build_temp.log

2
ALL_README.md
View file

@ -1,6 +1,6 @@
# All available README files by language # All available README files by language
- [Read the README in English](README.md) - [Read the README in English](README.md)
- [Irakurri README euskaraz](README_eu.md)
- [Lire le README en français](README_fr.md) - [Lire le README en français](README_fr.md)
- [Le o README en galego](README_gl.md) - [Le o README en galego](README_gl.md)
- [Leggi il “README” in italiano](README_it.md)

4
README.md
View file

@ -9,7 +9,7 @@ It shall NOT be edited by hand.
[![Install pgAdmin4 with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pgadmin) [![Install pgAdmin4 with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pgadmin)
*[Read this README is other languages.](./ALL_README.md)* *[Read this README in other languages.](./ALL_README.md)*
> *This package allows you to install pgAdmin4 quickly and simply on a YunoHost server.* > *This package allows you to install pgAdmin4 quickly and simply on a YunoHost server.*
> *If you don't have YunoHost, please consult [the guide](https://yunohost.org/install) to learn how to install it.* > *If you don't have YunoHost, please consult [the guide](https://yunohost.org/install) to learn how to install it.*
@ -19,7 +19,7 @@ It shall NOT be edited by hand.
pgAdmin is a feature rich Open Source administration and development platform for PostgreSQL. pgAdmin is a feature rich Open Source administration and development platform for PostgreSQL.
**Shipped version:** 8.2~ynh2 **Shipped version:** 8.5~ynh1
## Screenshots ## Screenshots

47
README_eu.md Normal file
View file

@ -0,0 +1,47 @@
<!--
Ohart ongi: README hau automatikoki sortu da <https://github.com/YunoHost/apps/tree/master/tools/readme_generator>ri esker
EZ editatu eskuz.
-->
# pgAdmin4 YunoHost-erako
[![Integrazio maila](https://dash.yunohost.org/integration/pgadmin.svg)](https://dash.yunohost.org/appci/app/pgadmin) ![Funtzionamendu egoera](https://ci-apps.yunohost.org/ci/badges/pgadmin.status.svg) ![Mantentze egoera](https://ci-apps.yunohost.org/ci/badges/pgadmin.maintain.svg)
[![Instalatu pgAdmin4 YunoHost-ekin](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pgadmin)
*[Irakurri README hau beste hizkuntzatan.](./ALL_README.md)*
> *Pakete honek pgAdmin4 YunoHost zerbitzari batean azkar eta zailtasunik gabe instalatzea ahalbidetzen dizu.*
> *YunoHost ez baduzu, kontsultatu [gida](https://yunohost.org/install) nola instalatu ikasteko.*
## Aurreikuspena
pgAdmin is a feature rich Open Source administration and development platform for PostgreSQL.
**Paketatutako bertsioa:** 8.5~ynh1
## Pantaila-argazkiak
![pgAdmin4(r)en pantaila-argazkia](./doc/screenshots/pgadmin4-welcome-light.png)
## Dokumentazioa eta baliabideak
- Aplikazioaren webgune ofiziala: <https://www.pgadmin.org>
- Administratzaileen dokumentazio ofiziala: <https://www.pgadmin.org/docs>
- YunoHost Denda: <https://apps.yunohost.org/app/pgadmin>
- Eman errore baten berri: <https://github.com/YunoHost-Apps/pgadmin_ynh/issues>
## Garatzaileentzako informazioa
Bidali `pull request`a [`testing` abarrera](https://github.com/YunoHost-Apps/pgadmin_ynh/tree/testing).
`testing` abarra probatzeko, ondorengoa egin:
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/pgadmin_ynh/tree/testing --debug
edo
sudo yunohost app upgrade pgadmin -u https://github.com/YunoHost-Apps/pgadmin_ynh/tree/testing --debug
```
**Informazio gehiago aplikazioaren paketatzeari buruz:** <https://yunohost.org/packaging_apps>

2
README_fr.md
View file

@ -19,7 +19,7 @@ Il NE doit PAS être modifié à la main.
pgAdmin is a feature rich Open Source administration and development platform for PostgreSQL. pgAdmin is a feature rich Open Source administration and development platform for PostgreSQL.
**Version incluse:** 8.2~ynh2 **Version incluse:** 8.5~ynh1
## Captures décran ## Captures décran

2
README_gl.md
View file

@ -19,7 +19,7 @@ NON debe editarse manualmente.
pgAdmin is a feature rich Open Source administration and development platform for PostgreSQL. pgAdmin is a feature rich Open Source administration and development platform for PostgreSQL.
**Versión proporcionada:** 8.2~ynh2 **Versión proporcionada:** 8.5~ynh1
## Capturas de pantalla ## Capturas de pantalla

47
README_it.md
View file

@ -1,47 +0,0 @@
<!--
N.B.: Questo README è stato automaticamente generato da <https://github.com/YunoHost/apps/tree/master/tools/readme_generator>
NON DEVE essere modificato manualmente.
-->
# pgAdmin4 per YunoHost
[![Livello di integrazione](https://dash.yunohost.org/integration/pgadmin.svg)](https://dash.yunohost.org/appci/app/pgadmin) ![Stato di funzionamento](https://ci-apps.yunohost.org/ci/badges/pgadmin.status.svg) ![Stato di manutenzione](https://ci-apps.yunohost.org/ci/badges/pgadmin.maintain.svg)
[![Installa pgAdmin4 con YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pgadmin)
*[Leggi questo README in altre lingue.](./ALL_README.md)*
> *Questo pacchetto ti permette di installare pgAdmin4 su un server YunoHost in modo semplice e veloce.*
> *Se non hai YunoHost, consulta [la guida](https://yunohost.org/install) per imparare a installarlo.*
## Panoramica
pgAdmin is a feature rich Open Source administration and development platform for PostgreSQL.
**Versione pubblicata:** 8.2~ynh2
## Screenshot
![Screenshot di pgAdmin4](./doc/screenshots/pgadmin4-welcome-light.png)
## Documentazione e risorse
- Sito web ufficiale dellapp: <https://www.pgadmin.org>
- Documentazione ufficiale per gli amministratori: <https://www.pgadmin.org/docs>
- Store di YunoHost: <https://apps.yunohost.org/app/pgadmin>
- Segnala un problema: <https://github.com/YunoHost-Apps/pgadmin_ynh/issues>
## Informazioni per sviluppatori
Si prega di inviare la tua pull request alla [branch di `testing`](https://github.com/YunoHost-Apps/pgadmin_ynh/tree/testing).
Per provare la branch di `testing`, si prega di procedere in questo modo:
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/pgadmin_ynh/tree/testing --debug
o
sudo yunohost app upgrade pgadmin -u https://github.com/YunoHost-Apps/pgadmin_ynh/tree/testing --debug
```
**Maggiori informazioni riguardo il pacchetto di questapp:** <https://yunohost.org/packaging_apps>

176
auto_update/auto_update.sh Normal file
View file

@ -0,0 +1,176 @@
#!/bin/bash
set -eu
readonly app_name=pgadmin
source auto_update_config.sh
readonly debian_version_name_1=bullseye
readonly debian_version_name_2=bookworm
get_from_manifest() {
result=$(python3 <<EOL
import toml
import json
with open("../manifest.toml", "r") as f:
file_content = f.read()
loaded_toml = toml.loads(file_content)
json_str = json.dumps(loaded_toml)
print(json_str)
EOL
)
echo $result | jq -r "$1"
}
check_app_version() {
local regex='https://www.postgresql.org/ftp/pgadmin/pgadmin4/v([[:digit:]]+\.[[:digit:]]+)/pip'
local request_result=$(curl https://www.pgadmin.org/download/pgadmin-4-python/ | egrep -m1 -o "$regex")
if [[ "$request_result" =~ $regex ]]; then
app_remote_version=${BASH_REMATCH[1]}
else
echo "Can't get pgadmin version"
exit 1
fi
## Check if new build is needed
if [[ "$app_version" != "$app_remote_version" ]]
then
app_version="$app_remote_version"
return 0
else
return 1
fi
}
upgrade_app() {
(
set -eu
# Define output file name
# arm build: ${result_prefix_name_deb_1}-bin1_armv7l.tar.gz
# arm build checksum: ${result_prefix_name_deb_1}-bin1_armv7l-sha256.txt
# requirement.txt: ${result_prefix_name_deb_1}-build1_requirement.txt
readonly result_prefix_name_deb_1="${app_name}_${app_version}-$debian_version_name_1"
readonly result_prefix_name_deb_2="${app_name}_${app_version}-$debian_version_name_2"
# Build armv7 build
build_cmd_deb_1 $app_version $result_prefix_name_deb_1
build_cmd_deb_2 $app_version $result_prefix_name_deb_2
push_armv7_build
# Update python requirement
cp "$build_result_path_deb_1/${result_prefix_name_deb_1}"-build1_requirement.txt ../conf/requirement_"$debian_version_name_1".txt
cp "$build_result_path_deb_2/${result_prefix_name_deb_2}"-build1_requirement.txt ../conf/requirement_"$debian_version_name_2".txt
# Update manifest
sed -r -i 's|version = "[[:alnum:].]{3,10}~ynh[[:alnum:].]{1,2}"|version = "'${app_version}'~ynh1"|' ../manifest.toml
# Update this link
sed -r -i "s|armhf.url\s*=(.*)/releases/download/v[[:alnum:].]{3,10}/${app_name}_[[:alnum:].]{3,10}-$debian_version_name_1-bin[[:digit:]]_armv7l.tar.gz|armhf.url =\1/releases/download/v${app_version}/${app_name}_${app_version}-$debian_version_name_1-bin1_armv7l.tar.gz|" ../manifest.toml
sed -r -i "s|armhf.url\s*=(.*)/releases/download/v[[:alnum:].]{3,10}/${app_name}_[[:alnum:].]{3,10}-$debian_version_name_2-bin[[:digit:]]_armv7l.tar.gz|armhf.url =\1/releases/download/v${app_version}/${app_name}_${app_version}-$debian_version_name_2-bin1_armv7l.tar.gz|" ../manifest.toml
# Update checksum
sha256sum_arm_archive_deb_1=$(cat $build_result_path_deb_1/${result_prefix_name_deb_1}-bin1_armv7l-sha256.txt)
sha256sum_arm_archive_deb_2=$(cat $build_result_path_deb_2/${result_prefix_name_deb_2}-bin1_armv7l-sha256.txt)
prev_sha256sum_arm_archive_deb_1=$(get_from_manifest ".resources.sources.${app_name}_prebuilt_armv7_$debian_version_name_1.armhf.sha256")
prev_sha256sum_arm_archive_deb_2=$(get_from_manifest ".resources.sources.${app_name}_prebuilt_armv7_$debian_version_name_2.armhf.sha256")
sed -r -i "s|$prev_sha256sum_arm_archive_deb_1|$sha256sum_arm_archive_deb_1|" ../manifest.toml
sed -r -i "s|$prev_sha256sum_arm_archive_deb_2|$sha256sum_arm_archive_deb_2|" ../manifest.toml
git commit -a -m "Upgrade $app_name to $app_version"
git push gitea auto_update:auto_update
) 2>&1 | tee "${app_name}_build_temp.log"
return ${PIPESTATUS[0]}
}
push_armv7_build() {
## Make a draft release json with a markdown body
local release='"tag_name": "v'$app_version'", "target_commitish": "master", "name": "v'$app_version'", '
local body="$app_name prebuilt bin for ${app_name}_ynh\\n=========\\nPlease refer to main PgAdmin project for the change : https://www.pgadmin.org/download/pgadmin-4-source-code\\n\\nSha256sum for $debian_version_name_1 : $(cat $build_result_path_deb_1/${result_prefix_name_deb_1}-bin1_armv7l-sha256.txt)\\nSha256sum for $debian_version_name_2 : $(cat $build_result_path_deb_2/${result_prefix_name_deb_2}-bin1_armv7l-sha256.txt)"
release+='"body": "'$body'",'
release+='"draft": true, "prerelease": false'
release='{'$release'}'
local url="https://api.github.com/repos/$owner/$repo/releases"
local succ=$(curl -H "Authorization: token $perstok" --data "$release" $url)
## In case of success, we upload a file
local upload_generic=$(echo "$succ" | grep upload_url)
if [[ $? -eq 0 ]]; then
echo "Release created."
else
echo "Error creating release!"
return 1
fi
local upload_prefix
local upload_file
local upload_ok
local download
for archive_name in $build_result_path_deb_1/${result_prefix_name_deb_1}-bin1_armv7l.tar.gz \
$build_result_path_deb_2/${result_prefix_name_deb_2}-bin1_armv7l.tar.gz
do
# $upload_generic is like:
# "upload_url": "https://uploads.github.com/repos/:owner/:repo/releases/:ID/assets{?name,label}",
upload_prefix=$(echo $upload_generic | cut -d "\"" -f4 | cut -d "{" -f1)
upload_file="$upload_prefix?name=${archive_name##*/}"
echo "Start uploading file"
i=0
upload_ok=false
while [ $i -le 4 ]; do
i=$((i+1))
# Download file
set +e
succ=$(curl -H "Authorization: token $perstok" \
-H "Content-Type: $(file -b --mime-type $archive_name)" \
-H "Accept: application/vnd.github.v3+json" \
--data-binary @$archive_name $upload_file)
res=$?
set -e
if [ $res -ne 0 ]; then
echo "Curl upload failled"
continue
fi
echo "Upload done, check result"
set +eu
download=$(echo "$succ" | egrep -o "browser_download_url.+?")
res=$?
if [ $res -ne 0 ] || [ -z "$download" ]; then
set -eu
echo "Result upload error"
continue
fi
set -eu
echo "$download" | cut -d: -f2,3 | cut -d\" -f2
echo "Upload OK"
upload_ok=true
break
done
if ! $upload_ok; then
echo "Upload completely failed, exit"
return 1
fi
done
}
app_version=$(get_from_manifest ".version" | cut -d'~' -f1)
if check_app_version
then
set +eu
upgrade_app
res=$?
set -eu
if [ $res -eq 0 ]; then
result="Success"
else
result="Failed"
fi
msg="Build: $app_name version $app_version\n"
msg+="$(cat ${app_name}_build_temp.log)"
echo -e "$msg" | mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "Autoupgrade $app_name : $result" "$notify_email"
fi

24
auto_update/auto_update_config_example.sh Normal file
View file

@ -0,0 +1,24 @@
build_cmd_deb_1() {
pushd ~
sudo /root/build_pgadmin_bin.sh $1 $2 --chroot-yes
popd
sudo chown app_upgrader ~/$2*
}
build_cmd_deb_2() {
local target_dir=~
sudo chroot /mnt/bookworm_build /root/build_pgadmin_bin.sh $1 $2 --chroot-yes
sudo mv -t $target_dir /mnt/bookworm_build/$2*
sudo chown app_upgrader $target_dir/$2*
}
build_result_path_deb_1=~
build_result_path_deb_2=~
notify_email="hello@world.tld"
# For github arm release
owner="YunoHost-Apps"
repo="pgadmin_python_build"
perstok="kkk"

126
conf/config_local.py
View file

@ -1,5 +1,127 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
DESKTOP_USER = '__APP__@__DOMAIN__' import builtins
import logging
import os
import sys
##########################################################################
# Server settings
##########################################################################
SERVER_MODE = True
DATA_DIR = '__DATA_DIR__'
REGISTRY_CONFIG_FILE = '__INSTALL_DIR__/postgres-reg.ini'
##########################################################################
# Log settings
##########################################################################
# Debug mode?
DEBUG = False
# Application log level - one of:
# CRITICAL 50
# ERROR 40
# WARNING 30
# SQL 25
# INFO 20
# DEBUG 10
# NOTSET 0
CONSOLE_LOG_LEVEL = logging.WARNING
FILE_LOG_LEVEL = logging.WARNING
# Log format.
CONSOLE_LOG_FORMAT = '%(asctime)s: %(levelname)s\t%(name)s:\t%(message)s'
FILE_LOG_FORMAT = '%(asctime)s: %(levelname)s\t%(name)s:\t%(message)s'
# Log file name
LOG_FILE = '/var/log/__APP__/pgadmin4.log'
# Log rotation setting
# Log file will be rotated considering values for LOG_ROTATION_SIZE
# & LOG_ROTATION_AGE. Rotated file will be named in format
# - LOG_FILE.Y-m-d_H-M-S
LOG_ROTATION_SIZE = 10 # In MBs
LOG_ROTATION_AGE = 1440 # In minutes
LOG_ROTATION_MAX_LOG_FILES = 90 # Maximum number of backups to retain
##########################################################################
# Mail server settings
##########################################################################
# These settings are used when running in web server mode for confirming
# and resetting passwords etc.
# See: http://pythonhosted.org/Flask-Mail/ for more info
MAIL_SERVER = '__DOMAIN__'
MAIL_PORT = 587
MAIL_USE_SSL = True
MAIL_USE_TLS = False
MAIL_USERNAME = '__APP__'
MAIL_PASSWORD = '__MAIL_PWD__'
MAIL_DEBUG = False
# Flask-Security overrides Flask-Mail's MAIL_DEFAULT_SENDER setting, so
# that should be set as such:
SECURITY_EMAIL_SENDER = '__APP__@__DOMAIN__'
##########################################################################
# Master password is used to encrypt/decrypt saved server passwords
# Applicable for desktop mode only
##########################################################################
MASTER_PASSWORD_REQUIRED = True
##########################################################################
# pgAdmin encrypts the database connection and ssh tunnel password using a
# master password or pgAdmin login password (for other authentication sources)
# before storing it in the pgAdmin configuration database.
#
# Below setting is used to allow the user to specify the path to a script
# or program that will return an encryption key which will be used to
# encrypt the passwords. This setting is used only in server mode when
# auth sources are oauth, Kerberos, and webserver.
#
# You can pass the current username as an argument to the external script
# by specifying %u in config value.
# E.g. - MASTER_PASSWORD_HOOK = '<PATH>/passwdgen_script.sh %u'
##########################################################################
MASTER_PASSWORD_HOOK = 'cat __DATA_DIR__/master_pwd'
##########################################################################
# External Authentication Sources
##########################################################################
# Default setting is internal
# External Supported Sources: ldap, kerberos, oauth2
# Multiple authentication can be achieved by setting this parameter to
# ['ldap', 'internal'] or ['oauth2', 'internal'] or
# ['webserver', 'internal'] etc.
# pgAdmin will authenticate the user with ldap/oauth2 whatever first in the
# list, in case of failure the second authentication option will be considered.
AUTHENTICATION_SOURCES = ['webserver']
##########################################################################
# Webserver Configuration
##########################################################################
WEBSERVER_AUTO_CREATE_USER = True
# REMOTE_USER variable will be used to check the environment variable
# is set or not first, if not available,
# request header will be checked for the same.
# Possible values: REMOTE_USER, HTTP_X_FORWARDED_USER, X-Forwarded-User
WEBSERVER_REMOTE_USER = 'REMOTE_USER'
##########################################################################
# PSQL tool settings
##########################################################################
# This will enable PSQL tool in pgAdmin when running in server mode.
# PSQL is always enabled in Desktop mode, however in server mode it is
# disabled by default because users can run arbitrary commands on the
# server through it.
ENABLE_PSQL = True
DATA_DIR = '__INSTALL_DIR__/data'

11
conf/nginx.conf
View file

@ -1,9 +1,8 @@
location __PATH__ { #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
include uwsgi_params; location __PATH__/ {
uwsgi_pass unix:///run/__NAME__/app.socket; include proxy_params;
proxy_pass http://unix:/run/__APP__/app.socket;
uwsgi_read_timeout 180; #sub_path_only proxy_set_header X-Script-Name __PATH__;
uwsgi_send_timeout 180;
# Include SSOWAT user panel. # Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc; include conf.d/yunohost_panel.conf.inc;

46
conf/pgadmin.service Normal file
View file

@ -0,0 +1,46 @@
[Unit]
Description=PgAdmin service
After=network.target
[Service]
Type=simple
User=__APP__
WorkingDirectory=__INSTALL_DIR__
RuntimeDirectory=__APP__
# Note don't increase workers > 1 as it don't work
ExecStart=__INSTALL_DIR__/venv/bin/gunicorn --bind unix:/run/__APP__/app.socket --workers=1 --threads=4 --chdir __INSTALL_DIR__/venv/lib/python__PYTHON_VERSION__/site-packages/pgadmin4 pgAdmin4:app
Restart=always
RestartSec=3
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

6
conf/postgres-reg.ini Normal file
View file

@ -0,0 +1,6 @@
[PostgreSQL/__POSTGRESQL_VERSION__]
DataDirectory=/var/lib/postgresql/__POSTGRESQL_VERSION__/main/
Description=Yunohost Server
Port=5432
Superuser=__DB_USER__
Password=__DB_PWD__

118
conf/requirement_bookworm.txt Normal file
View file

@ -0,0 +1,118 @@
alembic==1.13.1
Authlib==1.2.1
azure-common==1.1.28
azure-core==1.30.1
azure-identity==1.15.0
azure-mgmt-core==1.4.0
azure-mgmt-rdbms==10.1.0
azure-mgmt-resource==23.0.1
azure-mgmt-subscription==3.1.1
Babel==2.14.0
bcrypt==4.0.1
bidict==0.23.1
blinker==1.7.0
boto3==1.33.13
botocore==1.33.13
Brotli==1.1.0
cachetools==5.3.3
certifi==2024.2.2
cffi==1.16.0
charset-normalizer==3.3.2
click==8.1.7
colorama==0.4.6
cryptography==42.0.5
dnspython==2.6.1
email_validator==2.1.1
eventlet==0.34.2
Flask==2.3.3
flask-babel==4.0.0
Flask-Compress==1.14
Flask-Gravatar==0.5.0
Flask-Login==0.6.3
Flask-Mail==0.9.1
Flask-Migrate==4.0.7
Flask-Paranoid==0.3.0
Flask-Principal==0.4.0
Flask-Security-Too==5.3.3
Flask-SocketIO==5.3.6
Flask-SQLAlchemy==3.1.1
Flask-WTF==1.2.1
google-api-core==2.18.0
google-api-python-client==2.125.0
google-auth==2.29.0
google-auth-httplib2==0.2.0
google-auth-oauthlib==1.1.0
googleapis-common-protos==1.63.0
greenlet==3.0.3
gunicorn==21.2.0
h11==0.14.0
httpagentparser==1.9.5
httplib2==0.22.0
idna==3.6
importlib_metadata==7.1.0
importlib_resources==6.4.0
isodate==0.6.1
itsdangerous==2.1.2
jaraco.classes==3.4.0
jeepney==0.8.0
Jinja2==3.1.3
jmespath==1.0.1
jsonformatter==0.3.2
keyring==24.3.1
ldap3==2.9.1
Mako==1.3.2
markdown-it-py==3.0.0
MarkupSafe==2.1.5
mdurl==0.1.2
more-itertools==10.2.0
msal==1.28.0
msal-extensions==1.1.0
msrest==0.7.1
oauthlib==3.2.2
packaging==24.0
paramiko==3.4.0
passlib==1.7.4
pgadmin4==8.5
portalocker==2.8.2
proto-plus==1.23.0
protobuf==4.25.3
psutil==5.9.8
psycopg==3.1.12
psycopg-c==3.1.12
pyasn1==0.6.0
pyasn1_modules==0.4.0
pycparser==2.22
Pygments==2.17.2
PyJWT==2.8.0
PyNaCl==1.5.0
pyotp==2.9.0
pyparsing==3.1.2
pypng==0.20220715.0
python-dateutil==2.9.0.post0
python-engineio==4.9.0
python-socketio==5.11.2
pytz==2023.4
qrcode==7.4.2
requests==2.31.0
requests-oauthlib==2.0.0
rich==13.7.1
rsa==4.9
s3transfer==0.8.2
SecretStorage==3.3.3
shellingham==1.5.4
simple-websocket==1.0.0
six==1.16.0
speaklater3==1.4
SQLAlchemy==2.0.29
sqlparse==0.4.4
sshtunnel==0.4.0
typer==0.9.4
typing_extensions==4.10.0
ua-parser==0.18.0
uritemplate==4.1.1
urllib3==1.26.18
user-agents==2.2.0
Werkzeug==2.3.8
wsproto==1.2.0
WTForms==3.1.2
zipp==3.18.1

118
conf/requirement_bullseye.txt Normal file
View file

@ -0,0 +1,118 @@
alembic==1.13.1
Authlib==1.2.1
azure-common==1.1.28
azure-core==1.30.1
azure-identity==1.15.0
azure-mgmt-core==1.4.0
azure-mgmt-rdbms==10.1.0
azure-mgmt-resource==23.0.1
azure-mgmt-subscription==3.1.1
Babel==2.14.0
bcrypt==4.0.1
bidict==0.23.1
blinker==1.7.0
boto3==1.33.13
botocore==1.33.13
Brotli==1.1.0
cachetools==5.3.3
certifi==2024.2.2
cffi==1.16.0
charset-normalizer==3.3.2
click==8.1.7
colorama==0.4.6
cryptography==42.0.5
dnspython==2.6.1
email_validator==2.1.1
eventlet==0.34.2
Flask==2.3.3
flask-babel==4.0.0
Flask-Compress==1.14
Flask-Gravatar==0.5.0
Flask-Login==0.6.3
Flask-Mail==0.9.1
Flask-Migrate==4.0.7
Flask-Paranoid==0.3.0
Flask-Principal==0.4.0
Flask-Security-Too==5.3.3
Flask-SocketIO==5.3.6
Flask-SQLAlchemy==3.1.1
Flask-WTF==1.2.1
google-api-core==2.18.0
google-api-python-client==2.125.0
google-auth==2.29.0
google-auth-httplib2==0.2.0
google-auth-oauthlib==1.1.0
googleapis-common-protos==1.63.0
greenlet==1.1.2
gunicorn==21.2.0
h11==0.14.0
httpagentparser==1.9.5
httplib2==0.22.0
idna==3.6
importlib_metadata==7.1.0
importlib_resources==6.4.0
isodate==0.6.1
itsdangerous==2.1.2
jaraco.classes==3.4.0
jeepney==0.8.0
Jinja2==3.1.3
jmespath==1.0.1
jsonformatter==0.3.2
keyring==24.3.1
ldap3==2.9.1
Mako==1.3.2
markdown-it-py==3.0.0
MarkupSafe==2.1.5
mdurl==0.1.2
more-itertools==10.2.0
msal==1.28.0
msal-extensions==1.1.0
msrest==0.7.1
oauthlib==3.2.2
packaging==24.0
paramiko==3.4.0
passlib==1.7.4
pgadmin4==8.5
portalocker==2.8.2
proto-plus==1.23.0
protobuf==4.25.3
psutil==5.9.8
psycopg==3.1.12
psycopg-c==3.1.12
pyasn1==0.6.0
pyasn1_modules==0.4.0
pycparser==2.22
Pygments==2.17.2
PyJWT==2.8.0
PyNaCl==1.5.0
pyotp==2.9.0
pyparsing==3.1.2
pypng==0.20220715.0
python-dateutil==2.9.0.post0
python-engineio==4.9.0
python-socketio==5.11.2
pytz==2023.4
qrcode==7.4.2
requests==2.31.0
requests-oauthlib==2.0.0
rich==13.7.1
rsa==4.9
s3transfer==0.8.2
SecretStorage==3.3.3
shellingham==1.5.4
simple-websocket==1.0.0
six==1.16.0
speaklater3==1.4
SQLAlchemy==2.0.29
sqlparse==0.4.4
sshtunnel==0.4.0
typer==0.9.4
typing_extensions==4.10.0
ua-parser==0.18.0
uritemplate==4.1.1
urllib3==1.26.18
user-agents==2.2.0
Werkzeug==2.3.8
wsproto==1.2.0
WTForms==3.1.2
zipp==3.18.1

18
conf/server.json
View file

@ -1,18 +0,0 @@
{
"Servers": {
"1": {
"Name": "YunoHost Server",
"Group": "Servers",
"Host": "localhost",
"Port": 5432,
"MaintenanceDB": "postgres",
"Username": "__DB_USER__",
"Shared": false,
"KerberosAuthentication": false,
"ConnectionParameters": {
"sslmode": "prefer",
"connect_timeout": 10
}
}
}
}

20
conf/setup.exp
View file

@ -1,20 +0,0 @@
#!/usr/bin/expect
set timeout 20
set cmd [lindex $argv 0]
set arguments [lrange $argv 1 end]
spawn $cmd {*}$arguments
expect "Email address:"
send "__EMAIL__\r";
expect "Password:"
send {__PASSWORD__};
send "\r";
expect "Retype password:"
send {__PASSWORD__};
send "\r";
interact

27
conf/uwsgi.ini
View file

@ -1,27 +0,0 @@
[uwsgi]
# Who will run the code
uid = __APP__
gid = __APP__
# Number of workers
workers = 1
# The right granted on the created socket
chmod-socket = 666
# Plugin to use and interpretor config
single-interpreter = true
master = true
plugin = python3
# Manage the subpath
manage-script-name = true
mount = __PATH__=pgAdmin4.py
# Virtualenv and python path
virtualenv = __INSTALL_DIR__/venv
pythonpath = __INSTALL_DIR__/venv
chdir = __INSTALL_DIR__/venv/lib/python__PYTHON_VERSION__/site-packages/pgadmin4
# The variable holding flask application
callable = app

4
doc/ADMIN.md
View file

@ -1,4 +0,0 @@
The Postgresql admin user credentials:
Username: __DB_USER__
Password: __DB_PWD__

5
doc/POST_INSTALL.md
View file

@ -1,5 +0,0 @@
You can connect to pgAdmin with your email and the password you provided at installation time.
You will need to provide the Postgresql admin password once, so here it is: `__DB_PWD__`.
pgAdmin will then store it encrypted, so you won't need anymore.

5
doc/POST_UPGRADE.d/7.7~ynh2.md
View file

@ -1,5 +0,0 @@
This upgrade fixes authentication with PostgreSQL.
You might need to re-enter in pgAdmin the Postgresql admin password: `__DB_PWD__`.
You can log into pgAdmin with your email and the password you provided during installation.

32
manifest.toml
View file

@ -7,7 +7,7 @@ name = "pgAdmin4"
description.en = "Manage PostgreSQL databases over the web" description.en = "Manage PostgreSQL databases over the web"
description.fr = "Application web de gestion des bases de données PostgreSQL" description.fr = "Application web de gestion des bases de données PostgreSQL"
version = "8.2~ynh2" version = "8.5~ynh1"
maintainers = ["Josué Tille"] maintainers = ["Josué Tille"]
@ -20,9 +20,9 @@ cpe = "cpe:2.3:a:pgadmin:pgadmin"
[integration] [integration]
yunohost = ">= 11.0.11" yunohost = ">= 11.0.11"
architectures = "all" architectures = "all"
multi_instance = false multi_instance = true
ldap = false ldap = true
sso = false sso = true
disk = "700M" disk = "700M"
ram.build = "300M" ram.build = "300M"
ram.runtime = "200M" ram.runtime = "200M"
@ -39,16 +39,25 @@ ram.runtime = "200M"
type = "group" type = "group"
default = "admins" default = "admins"
[install.admin]
type = "user"
[install.password]
type = "password"
[resources] [resources]
[resources.sources.pgadmin_prebuilt_armv7_bookworm]
prefetch = false
armhf.url = "https://github.com/YunoHost-Apps/pgadmin_python_build/releases/download/v8.5/pgadmin_8.5-bookworm-bin1_armv7l.tar.gz"
armhf.sha256 = "55bce68b2dca172311acc9f9d1c8837d53af72b69a2e37dc9da9c374129b2fe8"
[resources.sources.pgadmin_prebuilt_armv7_bullseye]
prefetch = false
armhf.url = "https://github.com/YunoHost-Apps/pgadmin_python_build/releases/download/v8.5/pgadmin_8.5-bullseye-bin1_armv7l.tar.gz"
armhf.sha256 = "4f67b54a306220621f76a488e18b5c1a04379ee3914fbd91830378bcf8896363"
[resources.system_user] [resources.system_user]
allow_email = true
home = "/opt/yunohost/__APP__"
[resources.install_dir] [resources.install_dir]
dir = "/opt/yunohost/__APP__"
[resources.data_dir]
[resources.permissions] [resources.permissions]
main.url = "/" main.url = "/"
@ -60,9 +69,6 @@ ram.runtime = "200M"
"python3-dev", "python3-dev",
"python3-venv", "python3-venv",
"postgresql", "postgresql",
"uwsgi",
"uwsgi-plugin-python3",
"expect",
"libpq-dev", "libpq-dev",
"libkrb5-dev", "libkrb5-dev",
] ]

72
scripts/_common.sh
View file

@ -5,26 +5,72 @@
#================================================= #=================================================
python_version="$(python3 -V | cut -d' ' -f2 | cut -d. -f1-2)" python_version="$(python3 -V | cut -d' ' -f2 | cut -d. -f1-2)"
postgresql_version="$(psql -V | cut -d' ' -f3 | cut -d. -f1)"
#================================================= #=================================================
# DEFINE ALL COMMON FONCTIONS # DEFINE ALL COMMON FONCTIONS
#================================================= #=================================================
ynh_install_venv() { install_source() {
if [ -f "$install_dir/venv/bin/python" ]; then # Clean venv is it was on python with an old version in case major upgrade of debian
ynh_exec_as "$app" python3 -m venv "$install_dir/venv" --upgrade if [ ! -e $install_dir/venv/lib/python$python_version ] || ! grep -qF "$install_dir/venv/bin/python" "$install_dir"/venv/bin/pip; then
else ynh_secure_remove --file=$install_dir/venv/bin
ynh_exec_as "$app" python3 -m venv "$install_dir/venv" ynh_secure_remove --file=$install_dir/venv/lib
ynh_secure_remove --file=$install_dir/venv/lib64
ynh_secure_remove --file=$install_dir/venv/include
ynh_secure_remove --file=$install_dir/venv/share
ynh_secure_remove --file=$install_dir/venv/pyvenv.cfg
fi fi
ynh_use_venv
ynh_exec_as "$app" "$venvpy" -m pip install --upgrade --no-cache-dir pip wheel if uname -m | grep -q arm
} then
ynh_use_venv() { # Clean old file, sometime it could make some big issues if we don't do this !!
venvpy="$install_dir/venv/bin/python3" ynh_secure_remove --file=$install_dir/venv/bin
ynh_secure_remove --file=$install_dir/venv/lib
ynh_secure_remove --file=$install_dir/venv/include
ynh_secure_remove --file=$install_dir/venv/share
ynh_setup_source --dest_dir $install_dir/venv/ --source_id "pgadmin_prebuilt_armv7_$(lsb_release --codename --short)"
else
# Install virtualenv if it don't exist
test -e $install_dir/venv/bin/python3 || python3 -m venv $install_dir/venv
# Install pgadmin in virtualenv
pip=$install_dir/venv/bin/pip
$pip install --upgrade pip wheel
$pip install --upgrade -r "$YNH_APP_BASEDIR"/conf/requirement_$(lsb_release --codename --short).txt
fi
# Apply patchs if needed
# Note that we put patch into scripts dir because /source are not stored and can't be used on restore
if ! grep -F -q '# BEGIN Yunohost Patch' $install_dir/venv/lib/python$python_version/site-packages/pgadmin4/migrations/versions/fdc58d9bd449_.py; then
pushd $install_dir/venv/lib/python$python_version/site-packages/pgadmin4
patch -p1 < "$YNH_APP_BASEDIR"/scripts/patch/avoid_create_user_on_setup_db.patch
popd
fi
if ! grep -F -q '# BEGIN Yunohost Patch' $install_dir/venv/lib/python$python_version/site-packages/pgadmin4/pgadmin/__init__.py; then
pushd $install_dir/venv/lib/python$python_version/site-packages/pgadmin4
patch -p1 < "$YNH_APP_BASEDIR"/scripts/patch/fix_add_local_db.patch
popd
fi
if ! grep -F -q '# BEGIN Yunohost Patch' $install_dir/venv/lib/python$python_version/site-packages/pgadmin4/pgadmin/authenticate/webserver.py; then
pushd $install_dir/venv/lib/python$python_version/site-packages/pgadmin4
patch -p1 < "$YNH_APP_BASEDIR"/scripts/patch/change_default_webserver_new_user_role_to_admin.patch
popd
fi
} }
_install_pgadmin_pip() { set_permission() {
version=$(ynh_app_upstream_version) # Set permission
ynh_exec_as "$app" "$venvpy" -m pip install --upgrade "pgadmin4==$version" chown $app:$app -R $install_dir
chmod u+rw,o= -R $install_dir
chown $app:$app -R $data_dir
chmod u+rw,o= -R $data_dir
chown $app:$app -R /var/log/$app
chmod u=rwX,g=rX,o= -R /var/log/$app
# Criticals files
chown $app:root $data_dir/master_pwd
chmod u=r,g=,o= $data_dir/master_pwd
chown $app:root $install_dir/postgres-reg.ini
chmod u=r,g=,o= $install_dir/postgres-reg.ini
} }

16
scripts/backup
View file

@ -22,24 +22,24 @@ ynh_print_info --message="Declaring files to be backed up..."
ynh_backup --src_path="$install_dir" ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP DATA
#=================================================
ynh_backup --src_path="$data_dir" --is_big=1
#================================================= #=================================================
# SYSTEM CONFIGURATION # SYSTEM CONFIGURATION
#================================================= #=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup --src_path=/etc/systemd/system/$app.service
ynh_backup --src_path="/etc/logrotate.d/$app"
ynh_backup --src_path="/etc/uwsgi/apps-available/$app.ini"
#================================================= #=================================================
# BACKUP VARIOUS FILES # BACKUP VARIOUS FILES
#================================================= #=================================================
# Backup hashed password ynh_backup --src_path="/var/log/$app"
ynh_psql_execute_as_root --sql="SELECT rolpassword FROM pg_authid WHERE rolname='$app';" | head -3 | tail -1 > hashed_password.txt
ynh_backup --src_path="/var/log/pgadmin"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

10
scripts/change_url
View file

@ -18,7 +18,7 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name="uwsgi-app@$app.service" --action="stop" --log_path="/var/log/uwsgi/$app/$app.log" ynh_systemd_action --service_name="$app.service" --action="stop" --log_path="/var/log/$app/$app.log"
#================================================= #=================================================
# MODIFY URL IN NGINX CONF # MODIFY URL IN NGINX CONF
@ -30,12 +30,8 @@ ynh_change_url_nginx_config
#================================================= #=================================================
# SPECIFIC MODIFICATIONS # SPECIFIC MODIFICATIONS
#================================================= #=================================================
# UPDATE CONFIGURATION
#=================================================
ynh_script_progression --message="Updating configuration..." --weight=1
# Update UWSGI Config set_permission
ynh_add_uwsgi_service "python_version"
#================================================= #=================================================
# GENERIC FINALISATION # GENERIC FINALISATION
@ -45,7 +41,7 @@ ynh_add_uwsgi_service "python_version"
ynh_script_progression --message="Starting a systemd service..." --weight=3 ynh_script_progression --message="Starting a systemd service..." --weight=3
# Start a systemd service # Start a systemd service
ynh_systemd_action --service_name="uwsgi-app@$app.service" --action="restart" --line_match="WSGI app 0 \(mountpoint='[/[:alnum:]_-]*'\) ready in [[:digit:]]* seconds on interpreter" --log_path="/var/log/uwsgi/$app/$app.log" ynh_systemd_action --service_name="$app.service" --action="restart" --line_match "Listening at: unix:/run/$app/app.socket" --log_path systemd
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

145
scripts/experimental_helper.sh
View file

@ -1,145 +0,0 @@
#=================================================
# UWSGI HELPERS
#=================================================
# Check if system wide templates are available and correcly configured
#
# usage: ynh_check_global_uwsgi_config
ynh_check_global_uwsgi_config () {
uwsgi --version || ynh_die --message="You need to add uwsgi (and appropriate plugin) as a dependency"
cat > /etc/systemd/system/uwsgi-app@.service <<EOF
Description=%i uWSGI app
After=syslog.target
[Service]
RuntimeDirectory=%i
ExecStart=/usr/bin/uwsgi \
--ini /etc/uwsgi/apps-available/%i.ini \
--socket /run/%i/app.socket \
--logto /var/log/uwsgi/%i/%i.log
User=%i
Group=www-data
Restart=always
RestartSec=10
KillSignal=SIGQUIT
Type=notify
StandardError=syslog
NotifyAccess=all
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
}
# Create a dedicated uwsgi ini file to use with generic uwsgi service
#
# This will use a template in ../conf/uwsgi.ini
# and will replace the following keywords with
# global variables that should be defined before calling
# this helper :
#
# __APP__ by $app
# __PATH__ by $path_url
# __FINALPATH__ by $install_dir
#
# And dynamic variables (from the last example) :
# __PATH_2__ by $path_2
# __PORT_2__ by $port_2
#
# To be able to customise the settings of the systemd unit you can override the rules with the file "conf/uwsgi-app@override.service".
# This file will be automatically placed on the good place
#
# Note that the service need to be started manually at the end of the installation.
# Generally you can start the service with this command:
# ynh_systemd_action --service_name "uwsgi-app@$app.service" --line_match "WSGI app 0 \(mountpoint='[/[:alnum:]_-]*'\) ready in [[:digit:]]* seconds on interpreter" --log_path "/var/log/uwsgi/$app/$app.log"
#
# usage: ynh_add_uwsgi_service
#
# to interact with your service: `systemctl <action> uwsgi-app@app`
ynh_add_uwsgi_service () {
ynh_check_global_uwsgi_config
local others_var=${1:-}
local finaluwsgiini="/etc/uwsgi/apps-available/$app.ini"
# www-data group is needed since it is this nginx who will start the service
usermod --append --groups www-data "$app" || ynh_die --message="It wasn't possible to add user $app to group www-data"
ynh_backup_if_checksum_is_different --file="$finaluwsgiini"
cp ../conf/uwsgi.ini "$finaluwsgiini"
# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
# Substitute in a nginx config file only if the variable is not empty
if test -n "${install_dir:-}"; then
ynh_replace_string --match_string="__INSTALL_DIR__" --replace_string="$install_dir" --target_file="$finaluwsgiini"
fi
if test -n "${path_url:-}"; then
ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$finaluwsgiini"
fi
if test -n "${app:-}"; then
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$finaluwsgiini"
fi
# Replace all other variable given as arguments
for var_to_replace in $others_var
do
# ${var_to_replace^^} make the content of the variable on upper-cases
# ${!var_to_replace} get the content of the variable named $var_to_replace
ynh_replace_string --match_string="__${var_to_replace^^}__" --replace_string="${!var_to_replace}" --target_file="$finaluwsgiini"
done
ynh_store_file_checksum --file="$finaluwsgiini"
chown $app:root "$finaluwsgiini"
# make sure the folder for logs exists and set authorizations
mkdir -p /var/log/uwsgi/$app
chown $app:root /var/log/uwsgi/$app
chmod -R u=rwX,g=rX,o= /var/log/uwsgi/$app
# Setup specific Systemd rules if necessary
test -e ../conf/uwsgi-app@override.service && \
mkdir /etc/systemd/system/uwsgi-app@$app.service.d && \
cp ../conf/uwsgi-app@override.service /etc/systemd/system/uwsgi-app@$app.service.d/override.conf
systemctl daemon-reload
systemctl enable "uwsgi-app@$app.service"
# Add as a service
yunohost service add "uwsgi-app@$app" --log "/var/log/uwsgi/$app/$app.log" --description="UWSGI service for $app"
}
# Remove the dedicated uwsgi ini file
#
# usage: ynh_remove_uwsgi_service
ynh_remove_uwsgi_service () {
local finaluwsgiini="/etc/uwsgi/apps-available/$app.ini"
if [ -e "$finaluwsgiini" ]; then
yunohost service remove "uwsgi-app@$app"
systemctl stop "uwsgi-app@$app.service"
systemctl disable "uwsgi-app@$app.service"
ynh_secure_remove --file="$finaluwsgiini"
ynh_secure_remove --file="/var/log/uwsgi/$app"
ynh_secure_remove --file="/etc/systemd/system/uwsgi-app@$app.service.d"
fi
}
ynh_restore_uwsgi_service () {
ynh_check_global_uwsgi_config
systemctl enable "uwsgi-app@$app" --quiet
# make sure the folder for logs exists and set authorizations
mkdir -p /var/log/uwsgi/$app
chown $app:root /var/log/uwsgi/$app
chmod -R u=rwX,g=rX,o= /var/log/uwsgi/$app
yunohost service add "uwsgi-app@$app" --log "/var/log/uwsgi/$app/$app.log" --description="UWSGI service for $app"
}
#=================================================
# OTHERS HELPERS
#=================================================

54
scripts/install
View file

@ -10,13 +10,6 @@ source experimental_helper.sh
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# INITIALIZE AND STORE SETTINGS
#=================================================
# Used in expect script
email=$(ynh_user_get_info --username $admin --key 'mail')
#================================================= #=================================================
# Postgresql superuser # Postgresql superuser
#================================================= #=================================================
@ -24,19 +17,24 @@ ynh_script_progression --message="Configuring Postgresql superuser..." --weight
ynh_psql_execute_as_root --sql "ALTER USER $db_user WITH SUPERUSER CREATEDB CREATEROLE REPLICATION" ynh_psql_execute_as_root --sql "ALTER USER $db_user WITH SUPERUSER CREATEDB CREATEROLE REPLICATION"
ynh_script_progression --message='Creating base directory...'
if [ -n "$(ls -A $data_dir)" ]; then
old_data_dir_path="${data_dir}_$(date '+%Y%m%d.%H%M%S')"
ynh_print_warn "Data directory was not empty. Data was moved to $old_data_dir_path"
mkdir -p $old_data_dir_path
mv -t "$old_data_dir_path" "$data_dir"/*
fi
mkdir -p /var/log/$app
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Setting up source files..." --weight=5 ynh_script_progression --message="Setting up source files..." --weight=5
ynh_install_venv
_install_pgadmin_pip install_source
mkdir -p "$install_dir/data"
chown -R "$app:root" "$install_dir"
mkdir -p /var/log/pgadmin
chown -R "$app:root" /var/log/pgadmin
#================================================= #=================================================
# ADD A CONFIGURATION # ADD A CONFIGURATION
@ -44,17 +42,11 @@ chown -R "$app:root" /var/log/pgadmin
ynh_script_progression --message="Configuring pgAdmin..." --weight=1 ynh_script_progression --message="Configuring pgAdmin..." --weight=1
ynh_add_config --template="config_local.py" --destination="$install_dir/venv/lib/python$python_version/site-packages/pgadmin4/config_local.py" ynh_add_config --template="config_local.py" --destination="$install_dir/venv/lib/python$python_version/site-packages/pgadmin4/config_local.py"
chown -R "$app:root" "$install_dir" ynh_add_config --template=postgres-reg.ini --destination="$install_dir"/postgres-reg.ini
ynh_string_random --length=60 > "$data_dir"/master_pwd
set_permission
ynh_add_config --template="setup.exp" --destination="$install_dir/setup.exp" $install_dir/venv/bin/python3 "$install_dir/venv/lib/python$python_version/site-packages/pgadmin4/setup.py" setup-db
chmod +x "$install_dir/setup.exp"
ynh_exec_as "$app" "$install_dir/setup.exp" "$install_dir/venv/bin/python3" "$install_dir/venv/lib/python$python_version/site-packages/pgadmin4/setup.py" setup-db
ynh_add_config --template="server.json" --destination="$install_dir/server.json"
ynh_exec_as "$app" "$install_dir/venv/bin/python3" "$install_dir/venv/lib/python$python_version/site-packages/pgadmin4/setup.py" load-servers --user "$email" "$install_dir/server.json"
# looks like we need to run one command as pgadmin to get access to the dbs ?
ynh_psql_connect_as --user="$db_user" --password="$db_pwd" <<< '\list' >/dev/null
#================================================= #=================================================
# SYSTEM CONFIGURATION # SYSTEM CONFIGURATION
@ -64,18 +56,20 @@ ynh_script_progression --message="Adding system configurations related to $app..
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
# Config uwsgi # Add systemd config
ynh_add_uwsgi_service "python_version" ynh_add_systemd_config --service=$app --template=pgadmin.service
ynh_use_logrotate --logfile="/var/log/pgadmin" yunohost service add $app --log "/var/log/$app/$app.log" --description 'PgAdmin application'
chown -R "$app:root" /var/log/pgadmin
ynh_use_logrotate --logfile="/var/log/$app"
set_permission
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3 ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name "uwsgi-app@$app.service" --action="restart" --line_match "WSGI app 0 \(mountpoint='[/[:alnum:]_-]*'\) ready in [[:digit:]]* seconds on interpreter" --log_path "/var/log/uwsgi/$app/$app.log" ynh_systemd_action --service_name "$app.service" --action="restart" --line_match "Listening at: unix:/run/$app/app.socket" --log_path systemd
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

41
scripts/patch/avoid_create_user_on_setup_db.patch Normal file
View file

@ -0,0 +1,41 @@
diff --git a/migrations/versions/fdc58d9bd449_.py b/migrations/versions/fdc58d9bd449_.py
index 3a9991a5c..27fe21692 100644
--- a/migrations/versions/fdc58d9bd449_.py
+++ b/migrations/versions/fdc58d9bd449_.py
@@ -35,7 +35,8 @@ depends_on = None
def upgrade():
# ### commands auto generated by Alembic - please adjust! ###
- email, password = user_info()
+ # BEGIN Yunohost Patch
+ # END Yunohost Patch
version_table = op.create_table(
'version', sa.Column('name', sa.String(length=32), nullable=False),
@@ -122,11 +123,8 @@ def upgrade():
setattr(config, 'SECURITY_PASSWORD_SALT', current_salt)
setattr(config, 'SECRET_KEY', secret_key)
- password = hash_password(password)
-
- op.bulk_insert(user_table,
- [{'email': email, 'password': password,
- 'active': 1, 'confirmed_at': None}])
+ # BEGIN Yunohost Patch
+ # END Yunohost Patch
op.bulk_insert(version_table,
[{'name': 'ConfigDB', 'value': 2}])
@@ -135,11 +133,8 @@ def upgrade():
[{'name': 'Administrators',
'description': 'pgAdmin Administrators Role'}])
- op.bulk_insert(roles_users_table,
- [{'user_id': 1, 'role_id': 1}])
-
- op.bulk_insert(server_group_table,
- [{'user_id': 1, 'name': 'Servers'}])
+ # BEGIN Yunohost Patch
+ # END Yunohost Patch
# ### end Alembic commands ###

15
scripts/patch/change_default_webserver_new_user_role_to_admin.patch Normal file
View file

@ -0,0 +1,15 @@
diff --git a/pgadmin/authenticate/webserver.py b/pgadmin/authenticate/webserver.py
index 5a9e4533c..9693593dc 100644
--- a/pgadmin/authenticate/webserver.py
+++ b/pgadmin/authenticate/webserver.py
@@ -121,7 +121,9 @@ class WebserverAuthentication(BaseAuthentication):
return create_user({
'username': username,
'email': useremail,
- 'role': 2,
+ # BEGIN Yunohost Patch
+ 'role': 1,
+ # END Yunohost Patch
'active': True,
'auth_source': WEBSERVER
})

64
scripts/patch/fix_add_local_db.patch Normal file
View file

@ -0,0 +1,64 @@
diff --git a/pgadmin/__init__.py b/pgadmin/__init__.py
index c20016bbc..42ccfd874 100644
--- a/pgadmin/__init__.py
+++ b/pgadmin/__init__.py
@@ -586,10 +586,22 @@ def create_app(app_name=None):
servergroup = servergroups.first()
servergroup_id = servergroup.id
+ # BEGIN Yunohost Patch
+ from pgadmin.utils.master_password import get_crypt_key
+ from pgadmin.utils.exception import CryptKeyMissing
+ from pgadmin.utils.crypto import encrypt
+
+ crypt_key_present, crypt_key = get_crypt_key()
+ if not crypt_key_present:
+ raise CryptKeyMissing
+ # END Yunohost Patch
+
'''Add a server to the config database'''
+ # BEGIN Yunohost Patch
def add_server(user_id, servergroup_id, name, superuser, port,
- discovery_id, comment):
+ discovery_id, comment, password):
+ # END Yunohost Patch
# Create a server object if needed, and store it.
servers = Server.query.filter_by(
user_id=user_id,
@@ -609,7 +621,11 @@ def create_app(app_name=None):
connection_params={'sslmode': 'prefer',
'connect_timeout': 10},
comment=comment,
- discovery_id=discovery_id)
+ # BEGIN Yunohost Patch
+ discovery_id=discovery_id,
+ password=encrypt(password, crypt_key),
+ save_password=1)
+ # END Yunohost Patch
db.session.add(svr)
db.session.commit()
@@ -676,7 +692,7 @@ def create_app(app_name=None):
registry = ConfigParser()
try:
- registry.read('/etc/postgres-reg.ini')
+ registry.read(config.REGISTRY_CONFIG_FILE)
sections = registry.sections()
# Loop the sections, and get the data from any that are PG or PPAS
@@ -703,9 +719,12 @@ def create_app(app_name=None):
svr_comment = gettext("Auto-detected {0} installation "
"with the data directory at {1}"
).format(description, data_directory)
+ # BEGIN Yunohost Patch
+ password = registry.get(section, 'Password')
add_server(user_id, servergroup_id, svr_name,
svr_superuser, svr_port, svr_discovery_id,
- svr_comment)
+ svr_comment, password)
+ # END Yunohost Patch
except Exception as e:
print(str(e))

10
scripts/remove
View file

@ -16,10 +16,9 @@ source /usr/share/yunohost/helpers
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
# Stop service # Stop service
ynh_systemd_action --service_name "uwsgi-app@$app.service" --action stop ynh_systemd_action --service_name "$app.service" --action stop
ynh_remove_systemd_config --service=$app
# Remove uwsgi config yunohost service remove $app
ynh_remove_uwsgi_service
# Remove the app-specific logrotate config # Remove the app-specific logrotate config
ynh_remove_logrotate ynh_remove_logrotate
@ -37,9 +36,6 @@ ynh_script_progression --message="Removing various files..." --weight=1
# Remove the log files # Remove the log files
ynh_secure_remove --file="/var/log/$app" ynh_secure_remove --file="/var/log/$app"
# Remove the log files
ynh_secure_remove --file="/var/log/uwsgi/$app"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

40
scripts/restore
View file

@ -19,54 +19,38 @@ ynh_script_progression --message="Restoring the Postgresql superuser..." --weigh
ynh_psql_execute_as_root --sql "ALTER USER $app WITH SUPERUSER CREATEDB CREATEROLE REPLICATION" ynh_psql_execute_as_root --sql "ALTER USER $app WITH SUPERUSER CREATEDB CREATEROLE REPLICATION"
#================================================= #=================================================
# RESTORE THE APP MAIN DIR # RESTORE ALL CONFIG AND DATA
#================================================= #=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_restore_file --origin_path="$install_dir" ynh_script_progression --message="Restoring directory and configuration..." --weight=10
ynh_restore
chown -R "$app:root" "$install_dir"
#================================================= #=================================================
# REINSTALL DEPENDENCIES # REINSTALL DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Updating python virtualenv..." --weight=5 ynh_script_progression --message="Updating python virtualenv..." --weight=5
ynh_install_venv install_source
#================================================= #=================================================
# RESTORE SYSTEM CONFIGURATIONS # RESTORE SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 ynh_script_progression --message="Enable systemd services" --weight=2
ynh_restore_file --origin_path="/etc/logrotate.d/$app" # systemctl daemon-reload
systemctl enable $app.service --quiet
yunohost service add $app --log "/var/log/$app/$app.log" --description 'PgAdmin application'
ynh_restore_file --origin_path="/etc/uwsgi/apps-available/$app.ini" set_permission
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE VARIOUS FILES
#=================================================
ynh_script_progression --message="Restoring various files..." --weight=1
ynh_restore_file --origin_path="/var/log/$app/"
chmod -R 750 /var/log/pgadmin
chown -R "$app:root" /var/log/pgadmin
# Restore systemd configuration
ynh_script_progression --message="Reconfiguring application..." --weight=1
ynh_restore_uwsgi_service
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE # RELOAD NGINX AND THE APP SERVICE
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
ynh_systemd_action --service_name "uwsgi-app@$app.service" --action="restart" --line_match "WSGI app 0 \(mountpoint='[/[:alnum:]_-]*'\) ready in [[:digit:]]* seconds on interpreter" --log_path "/var/log/uwsgi/$app/$app.log" ynh_systemd_action --service_name "$app.service" --action="restart" --line_match "Listening at: unix:/run/$app/app.socket" --log_path systemd
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload

43
scripts/upgrade
View file

@ -19,6 +19,13 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=1
if [ -f "/etc/uwsgi/apps-available/$app.ini" ]; then if [ -f "/etc/uwsgi/apps-available/$app.ini" ]; then
ynh_systemd_action --service_name "uwsgi-app@$app.service" --action stop ynh_systemd_action --service_name "uwsgi-app@$app.service" --action stop
systemctl disable "uwsgi-app@$app.service" --quiet
yunohost service remove "uwsgi-app@$app" || true
ynh_secure_remove --file="/etc/uwsgi/apps-available/$app.ini"
ynh_secure_remove --file="/etc/systemd/system/uwsgi-app@$app.service.d"
else
ynh_systemd_action --service_name "$app.service" --action stop
fi fi
#================================================= #=================================================
@ -26,18 +33,25 @@ fi
#================================================= #=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=2 ynh_script_progression --message="Ensuring downward compatibility..." --weight=2
# Set the proper home directory
usermod -d "$install_dir" "$app"
# Clean old uwsgi config # Clean old uwsgi config
ynh_secure_remove /etc/uwsgi/apps-enabled/pgadmin.ini ynh_secure_remove /etc/uwsgi/apps-enabled/pgadmin.ini
# Migrate data path
if [ -d "/var/lib/pgadmin" ]; then if [ -d "/var/lib/pgadmin" ]; then
if [ ! -d "$install_dir/data" ]; then if [ ! -d "$install_dir/data" ]; then
mv "/var/lib/pgadmin" "$install_dir/data" mv -t "$data_dir" /var/lib/pgadmin/*
fi fi
ynh_secure_remove "/var/lib/pgadmin" ynh_secure_remove "/var/lib/pgadmin"
fi fi
if [ -d "$install_dir/data" ]; then
if [ ! -d "$install_dir/data" ]; then
mv -t "$data_dir" "$install_dir"/data/*
fi
ynh_secure_remove "$install_dir/data"
fi
if [ ! -e $data_dir/master_pwd ]; then
ynh_string_random --length=60 > $data_dir/master_pwd
fi
#================================================= #=================================================
# Postgresql superuser # Postgresql superuser
@ -51,11 +65,7 @@ ynh_psql_execute_as_root --sql "ALTER USER $app WITH PASSWORD '$db_pwd' SUPERUSE
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Upgrading source files..." --weight=6 ynh_script_progression --message="Upgrading source files..." --weight=6
ynh_install_venv install_source
_install_pgadmin_pip
chown -R "$app:root" "$install_dir"
#================================================= #=================================================
# UPDATE A CONFIG FILE # UPDATE A CONFIG FILE
@ -64,7 +74,7 @@ ynh_script_progression --message="Updating a configuration file..." --weight=1
# CONFIGURE PGADMIN # CONFIGURE PGADMIN
ynh_add_config --template="config_local.py" --destination="$install_dir/venv/lib/python$python_version/site-packages/pgadmin4/config_local.py" ynh_add_config --template="config_local.py" --destination="$install_dir/venv/lib/python$python_version/site-packages/pgadmin4/config_local.py"
chown -R "$app:root" "$install_dir" ynh_add_config --template=postgres-reg.ini --destination="$install_dir"/postgres-reg.ini
#================================================= #=================================================
# REAPPLY SYSTEM CONFIGURATIONS # REAPPLY SYSTEM CONFIGURATIONS
@ -74,19 +84,22 @@ ynh_script_progression --message="Upgrading system configurations related to $ap
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
# Config uwsgi # Add systemd config
ynh_add_uwsgi_service "python_version" ynh_add_systemd_config --service=$app --template=pgadmin.service
yunohost service add $app --log "/var/log/$app/$app.log" --description 'PgAdmin application'
# Use logrotate to manage app-specific logfile(s) # Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --logfile /var/log/pgadmin --nonappend ynh_use_logrotate --logfile /var/log/$app --nonappend
chown -R "$app:root" /var/log/pgadmin
set_permission
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3 ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name "uwsgi-app@$app.service" --action="restart" --line_match "WSGI app 0 \(mountpoint='[/[:alnum:]_-]*'\) ready in [[:digit:]]* seconds on interpreter" --log_path "/var/log/uwsgi/$app/$app.log" ynh_systemd_action --service_name "$app.service" --action="restart" --line_match "Listening at: unix:/run/$app/app.socket" --log_path systemd
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

15
tests.toml
View file

@ -4,5 +4,18 @@ test_format = 1.0
[default] [default]
test_upgrade_from.da90e7957a1a365f3c840df02c41cd14592030db.name = "Last packaging v1 version"
# -------------------------------
# Args for install from previous versions
# -------------------------------
args.admin = "package_checker"
args.password = "Sup3rS3cr3t"
# -------------------------------
# Commits to test upgrade from
# -------------------------------
test_upgrade_from.067601ed5bb19dde70f74a1fa1f6230a30efe6b5.name = "7.2~ynh1" test_upgrade_from.067601ed5bb19dde70f74a1fa1f6230a30efe6b5.name = "7.2~ynh1"
test_upgrade_from.da90e7957a1a365f3c840df02c41cd14592030db.name = "Last packaging v1 version"
test_upgrade_from.55a5fd67889da37d03a5d4614168db76a8817cdb.name = "Pre improvements"