diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100755 index 00000000..525ef97f --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,130 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +# Remove this exit command when you are ready to run this Action +#exit 1 + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) +echo "${#assets[@]} available asset(s)" + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Here we use the $assets variable to get the resources published in the upstream release. +# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. + +# Let's loop over the array of assets URLs +for asset_url in ${assets[@]}; do + +echo "Handling asset at $asset_url" + +# Assign the asset to a source file in conf/ directory +# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) +# Leave $src empty to ignore the asset +case $asset_url in + v"*".tar.gz) v0.11.1.tar.gz + src="app" + ;; +esac + +# If $src is not empty, let's process the asset +if [ ! -z "$src" ]; then + +# Create the temporary directory +tempdir="$(mktemp -d)" + +# Download sources and calculate checksum +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" +checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + +# Rewrite source file +cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=$extension +SOURCE_IN_SUBDIR=true +SOURCE_EXTRACT=true +EOT +echo "... conf/$src.src updated" + +else +echo "... asset ignored" +fi + +done + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/conf/.env b/conf/.env index a07a2c96..96261964 100644 --- a/conf/.env +++ b/conf/.env @@ -76,7 +76,7 @@ REDIS_SCHEME=tcp REDIS_HOST=127.0.0.1 REDIS_PASSWORD=null REDIS_PORT=6379 -REDIS_DATABASE=0 +REDIS_DATABASE=__REDIS_DB__ ## EXPERIMENTS EXP_LC=false diff --git a/conf/app.src b/conf/app.src index f8f993c3..282dda7c 100644 --- a/conf/app.src +++ b/conf/app.src @@ -3,5 +3,4 @@ SOURCE_SUM=132dfceac3c0ea27dd54198d145d2d84f1714b4aa333c8b6f5141d259a77e9cb OURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= SOURCE_EXTRACT=true diff --git a/conf/cron b/conf/cron index ef2291cc..659c3411 100644 --- a/conf/cron +++ b/conf/cron @@ -1 +1 @@ -* * * * * cd __FINALPATH__/ && php__PHPVERSION__ artisan schedule:run >> /dev/null 2>&1 +* * * * * /usr/bin/php__PHPVERSION__ __FINALPATH__/artisan schedule:run >> /dev/null 2>&1 diff --git a/conf/nginx.conf b/conf/nginx.conf index c6642884..c4d374a4 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -3,11 +3,6 @@ location __PATH__/ { # Path to source alias __FINALPATH__/public/ ; - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - index index.php; # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file diff --git a/config_panel.toml b/config_panel.toml new file mode 100644 index 00000000..56354d61 --- /dev/null +++ b/config_panel.toml @@ -0,0 +1,25 @@ +version = "1.0" + +[main] +name = "Pixelfed configuration" + + [main.php_fpm_config] + name = "PHP-FPM configuration" + + [main.php_fpm_config.fpm_footprint] + ask = "Memory footprint of the service?" + choices = ["low", "medium", "high", "specific"] + default = "low" + help = "low <= 20Mb per pool. medium between 20Mb and 40Mb per pool. high > 40Mb per pool.
Use specific to set a value with the following option." + + [main.php_fpm_config.free_footprint] + ask = "Memory footprint of the service?" + type = "number" + default = "0" + help = "Free field to specify exactly the footprint in Mb if you don't want to use one of the three previous values." + + [main.php_fpm_config.fpm_usage] + ask = "Expected usage of the service?" + choices = ["low", "medium", "high"] + default = "low" + help = "low: Personal usage, behind the SSO. No RAM footprint when not used, but the impact on the processor can be high if many users are using the service.
medium: Low usage, few people or/and publicly accessible. Low RAM footprint, medium processor footprint when used.
high: High usage, frequently visited website. High RAM footprint, but lower on processor usage and quickly responding." diff --git a/manifest.json b/manifest.json index 947659d1..593daa7d 100644 --- a/manifest.json +++ b/manifest.json @@ -30,7 +30,7 @@ } ], "requirements": { - "yunohost": ">= 4.2.0" + "yunohost": ">= 4.3.0" }, "multi_instance": true, "services": [ @@ -41,8 +41,7 @@ "install" : [ { "name": "domain", - "type": "domain", - "example": "example.com" + "type": "domain" }, { "name": "is_public", diff --git a/scripts/_common.sh b/scripts/_common.sh index 1289da95..5ffdb6ac 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,14 +4,11 @@ # COMMON VARIABLES #================================================= -# dependencies used by the app -pkg_dependencies="postgresql redis-server libgd3 jpegoptim optipng pngquant ffmpeg imagemagick supervisor" - YNH_PHP_VERSION="7.3" YNH_COMPOSER_VERSION="2.1.5" -extra_php_dependencies="php${YNH_PHP_VERSION}-bcmath php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-ctype php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-exif php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-iconv php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-redis php${YNH_PHP_VERSION}-tokenizer php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-pdo php${YNH_PHP_VERSION}-pgsql php${YNH_PHP_VERSION}-fileinfo php${YNH_PHP_VERSION}-imagick" +pkg_dependencies="postgresql libgd3 jpegoptim optipng pngquant ffmpeg imagemagick supervisor php${YNH_PHP_VERSION}-bcmath php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-ctype php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-exif php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-iconv php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-redis php${YNH_PHP_VERSION}-tokenizer php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-pdo php${YNH_PHP_VERSION}-pgsql php${YNH_PHP_VERSION}-fileinfo php${YNH_PHP_VERSION}-imagick" #================================================= # PERSONAL HELPERS @@ -22,5 +19,43 @@ extra_php_dependencies="php${YNH_PHP_VERSION}-bcmath php${YNH_PHP_VERSION}-cli p #================================================= #================================================= -# FUTURE OFFICIAL HELPERS +# REDIS HELPERS #================================================= + +# get the first available redis database +# +# usage: ynh_redis_get_free_db +# | returns: the database number to use +ynh_redis_get_free_db() { + local result max db + result="$(redis-cli INFO keyspace)" + + # get the num + max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") + + db=0 + # default Debian setting is 15 databases + for i in $(seq 0 "$max") + do + if ! echo "$result" | grep -q "db$i" + then + db=$i + break 1 + fi + db=-1 + done + + test "$db" -eq -1 && ynh_die --message="No available Redis databases..." + + echo "$db" +} + +# Create a master password and set up global settings +# Please always call this script in install and restore scripts +# +# usage: ynh_redis_remove_db database +# | arg: database - the database to erase +ynh_redis_remove_db() { + local db=$1 + redis-cli -n "$db" flushall +} diff --git a/scripts/config b/scripts/config new file mode 100644 index 00000000..3440bd2f --- /dev/null +++ b/scripts/config @@ -0,0 +1,95 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) + +#================================================= +# SPECIFIC GETTERS FOR TOML SHORT KEY +#================================================= + +get__fpm_footprint() { + # Free footprint value for php-fpm + # Check if current_fpm_footprint is an integer + if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null + then + echo "specific" + else + echo "$current_fpm_footprint" + fi +} + +get__free_footprint() { + # Free footprint value for php-fpm + # Check if current_fpm_footprint is an integer + if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null + then + # If current_fpm_footprint is an integer, that's a numeric value for the footprint + echo "$current_fpm_footprint" + else + echo "0" + fi +} + +#================================================= +# SPECIFIC SETTERS FOR TOML SHORT KEYS +#================================================= + +set__fpm_footprint() { + if [ "$fpm_footprint" != "specific" ] + then + ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_footprint" + fi +} + +set__free_footprint() { + if [ "$fpm_footprint" = "specific" ] + then + ynh_app_setting_set --app=$app --key=fpm_footprint --value="$free_footprint" + fi +} + +#================================================= +# GENERIC FINALIZATION +#================================================= + +ynh_app_config_validate() { + _ynh_app_config_validate + + if [ "${changed[fpm_usage]}" == "true" ] || [ "${changed[fpm_footprint]}" == "true" ] || [ "${changed[free_footprint]}" == "true" ]; then + # If fpm_footprint is set to 'specific', use $free_footprint value. + if [ "$fpm_footprint" = "specific" ] + then + fpm_footprint=$free_footprint + fi + + if [ "$fpm_footprint" == "0" ] + then + ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below." + + exit 0 + fi + fi +} + +ynh_app_config_apply() { + _ynh_app_config_apply + + ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint +} + +ynh_app_config_run $1 diff --git a/scripts/install b/scripts/install index e74f5336..abef4803 100644 --- a/scripts/install +++ b/scripts/install @@ -85,6 +85,14 @@ ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd # Initialize database and store postgres password for upgrade ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +#================================================= +# CONFIGURE REDIS DATABASE +#================================================= + +# Configure redis +redis_db=$(ynh_redis_get_free_db) +ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -112,7 +120,7 @@ ynh_add_nginx_config ynh_script_progression --message="Configuring PHP-FPM..." # Create a dedicated PHP-FPM config -ynh_add_fpm_config --usage=low --footprint=low --package="$extra_php_dependencies" +ynh_add_fpm_config --usage=low --footprint=low phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= diff --git a/scripts/remove b/scripts/remove index 4328b8df..75f33c32 100644 --- a/scripts/remove +++ b/scripts/remove @@ -52,12 +52,11 @@ ynh_script_progression --message="Removing the PostgreSQL database..." ynh_psql_remove_db --db_user=$db_user --db_name=$db_name #================================================= -# REMOVE DEPENDENCIES +# REMOVE THE REDIS DATABASE #================================================= -ynh_script_progression --message="Removing dependencies..." +ynh_script_progression --message="Removing the Redis database..." -# Remove metapackage and its dependencies -ynh_remove_app_dependencies +ynh_redis_remove_db "$redis_db" #================================================= # REMOVE APP MAIN DIR @@ -83,6 +82,14 @@ ynh_script_progression --message="Removing PHP-FPM configuration..." # Remove the dedicated PHP-FPM config ynh_remove_fpm_config +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_script_progression --message="Removing dependencies..." + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies + #================================================= # REMOVE LOGROTATE CONFIGURATION #================================================= diff --git a/scripts/restore b/scripts/restore index e6e7b2c2..aae4d665 100644 --- a/scripts/restore +++ b/scripts/restore @@ -35,13 +35,15 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) +fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) + #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= ynh_script_progression --message="Validating restoration parameters..." -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS @@ -79,8 +81,7 @@ ynh_script_progression --message="Restoring PHP-FPM configuration..." ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" # Recreate a dedicated php-fpm config -ynh_add_fpm_config --usage=low --footprint=low --package="$extra_php_dependencies" -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$phpversion #================================================= # SPECIFIC RESTORATION diff --git a/scripts/upgrade b/scripts/upgrade index c6992002..0ee3e030 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -26,6 +26,10 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) app_key=$(ynh_app_setting_get --app=$app --key=app_key) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) + +fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) +fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) #================================================= # CHECK VERSION @@ -49,23 +53,23 @@ ynh_clean_setup () { # Exit if an error occurs during the execution of the script ynh_abort_if_errors -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." - -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - #================================================= # ENSURE UPGRADE COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring upgrade compatibility..." +# If fpm_footprint doesn't exist, create it +if [ -z "$fpm_footprint" ]; then + fpm_footprint=low + ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint +fi + +# If fpm_usage doesn't exist, create it +if [ -z "$fpm_usage" ]; then + fpm_usage=low + ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage +fi + # If app_key doesn't exist, retrieve it if [ -z "$app_key" ]; then ynh_script_progression --message="Retrieving app_key..." @@ -115,6 +119,13 @@ if dpkg --compare-versions "0.10.9~ynh3" gt "$(ynh_read_manifest --manifest="/et yunohost service add "supervisor" --description="Supervisor daemon for $app" --log="/var/log/$app/${app}-horizon.log" fi +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -169,8 +180,7 @@ ynh_install_app_dependencies $pkg_dependencies ynh_script_progression --message="Upgrading PHP-FPM configuration..." # Create a dedicated PHP-FPM config -ynh_add_fpm_config --usage=low --footprint=low --package="$extra_php_dependencies" -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint #================================================= # SPECIFIC UPGRADE