From 634d1a1d9ab47ac407af4e4aa2fd677aadb1fc80 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Mon, 18 Jul 2022 19:46:10 +0200 Subject: [PATCH] apply last example_ynh --- check_process | 21 ++-------- conf/cache.conf | 1 + conf/media.conf | 24 +++++------ conf/systemd.service | 8 ++-- doc/DISCLAIMER.md | 12 +----- manifest.json | 13 +++--- scripts/backup | 2 +- scripts/change_url | 7 +--- scripts/install | 43 ++++++++++---------- scripts/restore | 36 +++++++---------- scripts/upgrade | 94 +++++++++++++++++++++++++------------------- 11 files changed, 121 insertions(+), 140 deletions(-) diff --git a/check_process b/check_process index a3fe026..24b4651 100644 --- a/check_process +++ b/check_process @@ -1,8 +1,8 @@ ;; Test complet ; Manifest domain="domain.tld" - admin="john" is_public=1 + admin="john" password="1Strong-Password" name="My_Pleroma" registration=0 @@ -35,20 +35,5 @@ port_already_use=0 change_url=1 ;;; Options -Email=anmol@datamol.org;yalh@yahoo.com -Notification=yes -;;; Upgrade options - ; commit=059ddc457aabe6962f5960612ed2dc1db53daeeb - name=2.2.0~ynh1 - ; commit=63723f18af5b035a41e967078cc3128423b1f9ae - name=2.2.2~ynh1 - ; commit=9f5c0970d2bf8bb6111785184b1d3762228b04ec - name=2.3.0~ynh1 - ; commit=4757df265b0c3e8d1fc5280190ccfe5705dcb691 - name=2.3.0~ynh2 - ; commit=28ed2fd7ab7b5e55154991c990d8e780560a56db - name=2.3.0~ynh3 - ; commit=2c4a57afdc92a6428ccfea3ccb74c7e33dc9b9ff - name=2.4.0~ynh1 - ; commit=e6d9935af254018baf326281662c55407170694d - name=2.4.1~ynh1 +Email= +Notification=none diff --git a/conf/cache.conf b/conf/cache.conf index c9471b4..c2da95d 100644 --- a/conf/cache.conf +++ b/conf/cache.conf @@ -1 +1,2 @@ proxy_cache_path /tmp/__APP__-media-cache levels=1:2 keys_zone=__APP___media_cache:10m max_size=__SIZE__ inactive=720m use_temp_path=off; + diff --git a/conf/media.conf b/conf/media.conf index d13940b..b208519 100644 --- a/conf/media.conf +++ b/conf/media.conf @@ -1,14 +1,14 @@ - rewrite ^/proxy/(.*)/(.*)/.* /proxy/$1/$2 last; +rewrite ^/proxy/(.*)/(.*)/.* /proxy/$1/$2 last; - location ~ ^/(media|proxy) { - proxy_cache __APP___media_cache; - proxy_cache_key $host$uri$is_args$args; - proxy_http_version 1.1; - proxy_cache_valid 200 206 301 304 1h; - proxy_cache_lock on; - proxy_ignore_client_abort on; - proxy_buffering on; - chunked_transfer_encoding on; +location ~ ^/(media|proxy) { + proxy_cache __APP___media_cache; + proxy_cache_key $host$uri$is_args$args; + proxy_http_version 1.1; + proxy_cache_valid 200 206 301 304 1h; + proxy_cache_lock on; + proxy_ignore_client_abort on; + proxy_buffering on; + chunked_transfer_encoding on; - proxy_pass http://localhost:__PORT__; - } + proxy_pass http://localhost:__PORT__; +} diff --git a/conf/systemd.service b/conf/systemd.service index 7bc1c47..587b174 100755 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -15,12 +15,12 @@ Environment="MIX_ENV=prod" ; Make sure that all paths fit your installation. ; Path to the home directory of the user running the Pleroma service. -Environment="HOME=__FINALPATH__/__APP__" +Environment="HOME=__FINALPATH__/live/" ; Path to the folder containing the Pleroma installation. -WorkingDirectory=__FINALPATH__/__APP__ +WorkingDirectory=__FINALPATH__/live/ ; Path to the Pleroma binary. -ExecStart=__FINALPATH__/__APP__/bin/pleroma start -ExecStop=__FINALPATH__/__APP__/bin/pleroma stop +ExecStart=__FINALPATH__/live/bin/pleroma start +ExecStop=__FINALPATH__/live/bin/pleroma stop ; Some security directives. ; Use private /tmp and /var/tmp folders inside a new file system namespace, which are discarded after the process stops. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index 24a6030..ae7254e 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -1,19 +1,9 @@ -* Any known limitations, constrains or stuff not working, such as (but not limited to): +## Limitations * **Pleroma** require a dedicated **root domain**, eg. pleroma.domain.tld * **Pleroma** require a valid **certificate** installed on the domain. Yunohost can **install Letsencrypt certificate** on the domain from **admin web-interface** or through **command-line**. * This package is currently set to **single-instance** that means you can run a **single Pleroma instance** on a **single server**. * The admin **password** entered when installing must **not** contain **special characters**. (See [issue #132](https://github.com/YunoHost-Apps/pleroma_ynh/issues/132)) - * requiring a full dedicated domain ? - * architectures not supported ? * LDAP supported but HTTP auth not. - * the app requires an important amount of RAM / disk / .. to install or to work properly - * etc... - -* Other infos that people should be aware of, such as: - * any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...) - * how to configure / administrate the application if it ain't obvious - * upgrade process / specificities / things to be aware of ? - * security considerations ? ## Admin Tasks Go to **cd /var/www/pleroma/pleroma**. diff --git a/manifest.json b/manifest.json index 39c88d3..9791a4d 100644 --- a/manifest.json +++ b/manifest.json @@ -32,24 +32,23 @@ "nginx" ], "arguments": { - "install" : [ + "install": [ { "name": "domain", "type": "domain" }, - { - "name": "admin", - "type": "user" - }, { "name": "is_public", "type": "boolean", "default": true }, + { + "name": "admin", + "type": "user" + }, { "name": "password", - "type": "password", - "example": "Choose a password" + "type": "password" }, { "name": "name", diff --git a/scripts/backup b/scripts/backup index 7496400..3093dda 100755 --- a/scripts/backup +++ b/scripts/backup @@ -15,7 +15,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ynh_clean_check_starting + true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors diff --git a/scripts/change_url b/scripts/change_url index 0cea45f..8142f54 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -43,6 +43,7 @@ ynh_script_progression --message="Backing up the app before changing its URL (ma # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_clean_check_starting # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" @@ -128,11 +129,7 @@ ynh_store_file_checksum --file="$config" ynh_script_progression --message="Starting a systemd service..." # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Started $app" - -if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - sleep 60 -fi +ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Access Pleroma.Web.Endpoint" #================================================= # RELOAD NGINX diff --git a/scripts/install b/scripts/install index 576bc11..40f9d53 100755 --- a/scripts/install +++ b/scripts/install @@ -25,8 +25,8 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" -admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC +admin=$YNH_APP_ARG_ADMIN password=$YNH_APP_ARG_PASSWORD name="${YNH_APP_ARG_NAME// /_}" registration=$YNH_APP_ARG_REGISTRATION @@ -103,11 +103,9 @@ ynh_script_progression --message="Creating a PostgreSQL database..." db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name -db_pwd=$(ynh_string_random --length=30) ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd ynh_psql_test_if_first_run -ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_psql_setup_db --db_user=$db_user --db_name=$db_name ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS unaccent;" --database=$db_name ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS citext;" --database=$db_name @@ -120,8 +118,7 @@ ynh_script_progression --message="Setting up source files..." ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -architecture=$YNH_ARCH -ynh_setup_source --dest_dir="$final_path/$app" --source_id=$architecture +ynh_setup_source --dest_dir="$final_path/live" --source_id=$YNH_ARCH chmod 750 "$final_path" chmod -R o-rwx "$final_path" @@ -132,19 +129,16 @@ chown -R $app:$app "$final_path" #================================================= ynh_script_progression --message="Configuring NGINX web server..." -# Create a dedicated NGINX config -ynh_add_nginx_config - if [ $cache -eq 1 ] then ynh_add_config --template="../conf/cache.conf" --destination="/etc/nginx/conf.d/$app-cache.conf" - ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/media.conf" - ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="../conf/media.conf" - cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf - ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" + cat ../conf/media.conf >> ../conf/nginx.conf fi +# Create a dedicated NGINX config +ynh_add_nginx_config + #================================================= # SPECIFIC SETUP #================================================= @@ -187,9 +181,9 @@ ynh_add_systemd_config #================================================= ynh_script_progression --message="Making setup..." -pushd $final_path/$app +pushd $final_path/live #Generate instance - su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl instance gen --force \ + ynh_exec_warn_less ynh_exec_as $app -s $SHELL -lc "$final_path/live/bin/pleroma_ctl instance gen --force \ --output $config \ --output-psql /tmp/setup_db.psql \ --domain $domain \ @@ -216,14 +210,15 @@ cat "../conf/ldap.exs" >> "$config" ynh_replace_string --match_string="config :pleroma, configurable_from_database: false" --replace_string="config :pleroma, configurable_from_database: true" --target_file="$config" -pushd $final_path/$app - su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate" +pushd $final_path/live + ynh_exec_warn_less ynh_exec_as $app -s $SHELL -lc "$final_path/live/bin/pleroma_ctl migrate" - ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Started $app" - sleep 60 + ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Access Pleroma.Web.Endpoint" # Add user - su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl user new $admin $admin_email --password $password --moderator --admin -y" + ynh_exec_warn_less ynh_exec_as $app -s $SHELL -lc "$final_path/live/bin/pleroma_ctl user new $admin $admin_email --password $password --moderator --admin -y" + + ynh_systemd_action --service_name=$app --action="stop" --log_path=systemd popd # Calculate and store the config file checksum into the app settings @@ -241,6 +236,14 @@ ynh_script_progression --message="Integrating service in YunoHost..." yunohost service add $app --description="$app daemon for Pleroma" +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." + +# Start a systemd service +ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Access Pleroma.Web.Endpoint" + #================================================= # SETUP SSOWAT #================================================= diff --git a/scripts/restore b/scripts/restore index 82a9cc8..512f513 100755 --- a/scripts/restore +++ b/scripts/restore @@ -32,7 +32,6 @@ path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name -db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) port=$(ynh_app_setting_get --app=$app --key=port) cache=$(ynh_app_setting_get --app=$app --key=cache) datadir=$(ynh_app_setting_get --app=$app --key=datadir) @@ -42,32 +41,18 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= ynh_script_progression --message="Validating restoration parameters..." -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -if [ $cache -eq 1 ] -then - ynh_restore_file --origin_path="/etc/nginx/conf.d/$app-cache.conf" -fi - #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # RESTORE THE APP MAIN DIR @@ -87,7 +72,6 @@ ynh_script_progression --message="Restoring the data directory..." ynh_restore_file --origin_path="$datadir" --not_mandatory -# Create app folders mkdir -p $datadir mkdir -p "$datadir/uploads/" mkdir -p "$datadir/static/" @@ -107,11 +91,24 @@ ynh_script_progression --message="Reinstalling dependencies..." # Define and install dependencies ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +if [ $cache -eq 1 ] +then + ynh_restore_file --origin_path="/etc/nginx/conf.d/$app-cache.conf" +fi + #================================================= # RESTORE THE POSTGRESQL DATABASE #================================================= ynh_script_progression --message="Restoring the PostgreSQL database..." +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) ynh_psql_test_if_first_run ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS unaccent;" --database=$db_name @@ -150,10 +147,7 @@ yunohost service add $app --description="$app daemon for Pleroma" #================================================= ynh_script_progression --message="Starting a systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Started $app" -if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - sleep 60 -fi +ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Access Pleroma.Web.Endpoint" #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index 9d71355..83babbd 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -22,12 +22,12 @@ path_url=$(ynh_app_setting_get --app=$app --key=path) admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) admin_email=$(ynh_app_setting_get --app=$app --key=admin_email) random_key=$(ynh_app_setting_get --app=$app --key=random_key) name=$(ynh_app_setting_get --app=$app --key=name) port=$(ynh_app_setting_get --app=$app --key=port) -db_user=$(ynh_app_setting_get --app=$app --key=db_user) -db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) cache=$(ynh_app_setting_get --app=$app --key=cache) size=$(ynh_app_setting_get --app=$app --key=size) registration=$(ynh_app_setting_get --app=$app --key=registration) @@ -96,20 +96,34 @@ if ! ynh_permission_exists --permission="api"; then ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" fi -#Switch variables name +# If db_name doesn't exist, create it +if [ -z "$db_name" ]; then + db_name=$(ynh_sanitize_dbid --db_name=$app) + ynh_app_setting_set --app=$app --key=db_name --value=$db_name +fi + +# If db_user doesn't exist, create it +if [ -z "$db_user" ]; then + db_user=$db_name +fi + +# If db_pwd doesn't exist, create it +if [ -z "$db_pwd" ]; then + db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) + ynh_app_setting_set --app=$app --key=psqlpwd --value=$db_pwd +fi + +# Switch variables name psql_db=$(ynh_app_setting_get --app=$app --key=psql_db) if [ -n "$psql_db" ] then db_name=$(ynh_app_setting_get --app=$app --key=psql_db) - db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) ynh_app_setting_set --app=$app --key=db_name --value=$db_name - ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd ynh_app_setting_delete --app=$app --key=psql_db - ynh_app_setting_delete --app=$app --key=psqlpwd fi -#Close a port +# Close a port if yunohost firewall list | grep -q "\- $port$" then ynh_script_progression --message="Closing port $port..." @@ -120,13 +134,18 @@ fi ynh_secure_remove --file="/etc/apt/sources.list.d/erlang-solutions.list" apt-key del A14F4FCA +# Switch to $final_path/live +if [ ! -d "$final_path/live" ]; then + mv $final_path/$app $final_path/live +fi + #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # UPGRADE TO OTP RELEASE @@ -148,24 +167,24 @@ if ynh_version_gt "1.1.1~ynh1" "${previous_version}" ; then # Give permission to the datadir chown -R "$app":"$app" "$datadir" - rsync -a "$final_path/$app/uploads/" "$datadir/uploads/" - if [ -d "$final_path/$app/instance/static/" ]; then - rsync -a "$final_path/$app/instance/static/" "$datadir/static/" + rsync -a "$final_path/live/uploads/" "$datadir/uploads/" + if [ -d "$final_path/live/instance/static/" ]; then + rsync -a "$final_path/live/instance/static/" "$datadir/static/" fi - rsync -a "$final_path/$app/priv/static/emoji/" "$datadir/static/emoji/" + rsync -a "$final_path/live/priv/static/emoji/" "$datadir/static/emoji/" mkdir -p /etc/$app chown -R $app /etc/$app config="/etc/$app/config.exs" - mv $final_path/$app/config/prod.secret.exs $config + mv $final_path/live/config/prod.secret.exs $config ynh_replace_string --match_string="use Mix.Config" --replace_string="import Config" --target_file="$config" echo "config :pleroma, :instance, static_dir: \"/home/yunohost.app/$app/static\"" >> $config echo "config :pleroma, Pleroma.Uploaders.Local, uploads: \"/home/yunohost.app/$app/uploads\"" >> $config ynh_backup_if_checksum_is_different --file="$config" - ynh_secure_remove --file="$final_path/$app" + ynh_secure_remove --file="$final_path/live" fi if ynh_version_gt "2.0.5~ynh1" "${previous_version}" ; then @@ -182,34 +201,15 @@ if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." + ynh_secure_remove --file="$final_path/live" # Download, check integrity, uncompress and patch the source from app.src - architecture=$YNH_ARCH - ynh_setup_source --dest_dir="$final_path/$app" --source_id=$architecture + ynh_setup_source --dest_dir="$final_path/live" --source_id=$YNH_ARCH fi chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:$app "$final_path" -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." - -# Create a dedicated NGINX config -ynh_add_nginx_config - -ynh_secure_remove --file="/etc/nginx/conf.d/$app-cache.conf" -if [ $cache -eq 1 ] -then - ynh_add_config --template="../conf/cache.conf" --destination="/etc/nginx/conf.d/$app-cache.conf" - - ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/media.conf" - ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="../conf/media.conf" - cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf - ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" -fi - #================================================= # UPGRADE DEPENDENCIES #================================================= @@ -217,6 +217,21 @@ ynh_script_progression --message="Upgrading dependencies..." ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." + +if [ $cache -eq 1 ] +then + ynh_add_config --template="../conf/cache.conf" --destination="/etc/nginx/conf.d/$app-cache.conf" + + cat ../conf/media.conf >> ../conf/nginx.conf +fi + +# Create a dedicated NGINX config +ynh_add_nginx_config + #================================================= # SPECIFIC UPGRADE #================================================= @@ -224,8 +239,8 @@ ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies #================================================= ynh_script_progression --message="Making upgrade..." -pushd $final_path/$app - su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate" +pushd $final_path/live + ynh_exec_warn_less ynh_exec_as $app -s $SHELL -lc "$final_path/live/bin/pleroma_ctl migrate" popd #================================================= @@ -262,10 +277,7 @@ yunohost service add $app --description="$app daemon for Pleroma" #================================================= ynh_script_progression --message="Starting a systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Started $app" -if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - sleep 60 -fi +ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Access Pleroma.Web.Endpoint" #================================================= # RELOAD NGINX