Merge pull request #162 from YunoHost-Apps/testing

Apply example_ynh

README.md

@@ -52,9 +52,9 @@ Go to **cd /var/www/pleroma/pleroma**.
 ### Password reset
 
 **Run:** 
-    
+
     $ ( cd /var/www/pleroma/pleroma && sudo -u pleroma MIX_ENV=prod ./bin/pleroma_ctl user reset_password <NICKNAME> )
-    
+
 This will generate a **password reset link** that you can then send to the user.
 
 ### Moderators

conf/cache.conf

@@ -1,2 +1 @@
-proxy_cache_path /tmp/{APP}-media-cache levels=1:2 keys_zone={APP}_media_cache:10m max_size=__SIZE__
-                 inactive=720m use_temp_path=off;
+proxy_cache_path /tmp/__APP__-media-cache levels=1:2 keys_zone=__APP___media_cache:10m max_size=__SIZE__ inactive=720m use_temp_path=off;

conf/media.conf

@@ -1,7 +1,7 @@
  rewrite ^/proxy/(.*)/(.*)/.* /proxy/$1/$2 last;
 
  location ~ ^/(media|proxy) {
-        proxy_cache {APP}_media_cache;
+        proxy_cache __APP___media_cache;
         proxy_cache_key    $host$uri$is_args$args;
         proxy_http_version 1.1;
         proxy_cache_valid  200 206 301 304 1h;

conf/nginx.conf

@@ -1,42 +1,43 @@
-	location / {
-        # if you do not want remote frontends to be able to access your Pleroma backend
-        # server, remove these lines.
-        if ($scheme = http) {
-        rewrite ^ https://$server_name$request_uri? permanent;
-		}
+location / {
 
-        # Standard nginx configuration
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
-        proxy_set_header Host $http_host;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  # if you do not want remote frontends to be able to access your Pleroma backend
+  # server, remove these lines.
+  if ($scheme = http) {
+    rewrite ^ https://$server_name$request_uri? permanent;
+  }
 
-        proxy_pass http://localhost:__PORT__;
+  # Standard nginx configuration
+  proxy_http_version 1.1;
+  proxy_set_header Upgrade $http_upgrade;
+  proxy_set_header Connection "upgrade";
+  proxy_set_header Host $http_host;
+  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 
-        client_max_body_size 16m;
+  proxy_pass http://localhost:__PORT__;
 
-        more_set_headers "Access-Control-Allow-Origin : *";
-        more_set_headers "Access-Control-Allow-Methods : POST, PUT, DELETE, GET, PATCH, OPTIONS";
-        more_set_headers "Access-Control-Allow-Headers : Authorization, Content-Type, Idempotency-Key";
-        more_set_headers "Access-Control-Expose-Headers : Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id";
-        if ($request_method = OPTIONS) {
-            return 204;
-        }
-        # stop removing lines here.
+  client_max_body_size 50M;
 
-        more_set_headers "X-XSS-Protection : 1; mode=block";
-        more_set_headers "X-Permitted-Cross-Domain-Policies : none";
-        more_set_headers "X-Frame-Options : DENY";
-        more_set_headers "X-Content-Type-Options : nosniff";
-        more_set_headers "Referrer-Policy : same-origin";
-        more_set_headers "X-Download-Options : noopen";
-        # more_set_headers "Content-Security-Policy : default-src 'none'; base-uri 'self'; form-action *; frame-ancestors 'none'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self'; connect-src 'self' wss://__DOMAIN__; upgrade-insecure-requests;";
-        
-        # Uncomment this only after you get HTTPS working.
-        # more_set_headers "Strict-Transport-Security : max-age=31536000; includeSubDomains";
+  more_set_headers "Access-Control-Allow-Origin : *";
+  more_set_headers "Access-Control-Allow-Methods : POST, PUT, DELETE, GET, PATCH, OPTIONS";
+  more_set_headers "Access-Control-Allow-Headers : Authorization, Content-Type, Idempotency-Key";
+  more_set_headers "Access-Control-Expose-Headers : Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id";
+  if ($request_method = OPTIONS) {
+    return 204;
+  }
+  # stop removing lines here.
+
+  more_set_headers "X-XSS-Protection : 1; mode=block";
+  more_set_headers "X-Permitted-Cross-Domain-Policies : none";
+  more_set_headers "X-Frame-Options : DENY";
+  more_set_headers "X-Content-Type-Options : nosniff";
+  more_set_headers "Referrer-Policy : same-origin";
+  more_set_headers "X-Download-Options : noopen";
+  # more_set_headers "Content-Security-Policy : default-src 'none'; base-uri 'self'; form-action *; frame-ancestors 'none'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self'; connect-src 'self' wss://__DOMAIN__; upgrade-insecure-requests;";
+
+  # Uncomment this only after you get HTTPS working.
+  # more_set_headers "Strict-Transport-Security : max-age=31536000; includeSubDomains";
 
 
-        # Include SSOWAT user panel.
-        include conf.d/yunohost_panel.conf.inc;
-    }
+  # Include SSOWAT user panel.
+  include conf.d/yunohost_panel.conf.inc;
+}

manifest.json

@@ -18,7 +18,7 @@
             "name": "yalh76"
         }],
     "requirements": {
-        "yunohost": ">= 4.1.3"
+        "yunohost": ">= 4.1.7.3"
     },
     "multi_instance": false,
     "services": [

scripts/backup

@@ -57,18 +57,20 @@ fi
 
 #=================================================
 # SPECIFIC BACKUP
-#=================================================
-# BACKUP CONFIG FILE
-#=================================================
-
-ynh_backup --src_path="/etc/$app/config.exs"
-
 #=================================================
 # BACKUP SYSTEMD
 #=================================================
 
 ynh_backup --src_path="/etc/systemd/system/$app.service"
 
+#=================================================
+# BACKUP VARIOUS FILES
+#=================================================
+
+ynh_backup --src_path="/etc/$app/config.exs"
+
+ynh_backup --src_path="$datadir" --is_big
+
 #=================================================
 # BACKUP THE POSTGRESQL DATABASE
 #=================================================
@@ -76,13 +78,6 @@ ynh_print_info --message="Backing up the PostgreSQL database..."
 
 ynh_psql_dump_db --database="$db_name" > db.sql
 
-#=================================================
-# BACKUP THE DATA DIRECTORY
-#=================================================
-ynh_print_info --message="Backing up data directory..."
-
-ynh_backup --src_path="$datadir" --is_big
-
 #=================================================
 # END OF SCRIPT
 #=================================================

scripts/install

@@ -23,7 +23,6 @@ ynh_abort_if_errors
 #=================================================
 # RETRIEVE ARGUMENTS FROM THE MANIFEST
 #=================================================
-ynh_script_progression --message="Retrieving arguments from the manifest..."
 
 domain=$YNH_APP_ARG_DOMAIN
 path_url="/"
@@ -40,7 +39,7 @@ admin_email=$(ynh_user_get_info --username=$admin --key="mail")
 
 ## Bypass package_checker name not compatible with pleroma
 if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then
-    admin="test"
+	admin="test"
 fi
 
 app=$YNH_APP_INSTANCE_NAME
@@ -127,11 +126,9 @@ ynh_add_nginx_config
 
 if [ $cache -eq 1 ]
 then
-	cp -rf "../conf/cache.conf" "/etc/nginx/conf.d/$app-cache.conf"
-	ynh_replace_string --match_string="{APP}" --replace_string="$app" --target_file="/etc/nginx/conf.d/$app-cache.conf"
-	ynh_replace_string --match_string="__SIZE__" --replace_string="$size" --target_file="/etc/nginx/conf.d/$app-cache.conf"
-	ynh_store_file_checksum --file="/etc/nginx/conf.d/$app-cache.conf"
-	ynh_replace_string --match_string="{APP}" --replace_string="$app" --target_file="../conf/media.conf"
+	ynh_add_config --template="../conf/cache.conf" --destination="/etc/nginx/conf.d/$app-cache.conf"
+
+	ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/media.conf"
 	ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="../conf/media.conf"
 	cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf
 	ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
@@ -193,28 +190,28 @@ ynh_script_progression --message="Making setup..."
 chown -R "$app":"$app" "$final_path"
 
 pushd $final_path/$app
-    #Generate instance
-    su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl instance gen --force \
-    --output $config \
-    --output-psql /tmp/setup_db.psql \
-    --domain $domain \
-    --instance-name \"$name\" \
-    --admin-email $admin_email \
-    --notify-email $admin_email \
-    --dbhost localhost \
-    --dbname $db_name \
-    --dbuser $db_user \
-    --dbpass $db_pwd \
-    --rum N \
-    --indexable Y \
-    --db-configurable Y \
-    --uploads-dir $datadir/uploads \
-    --static-dir $datadir/static \
-    --listen-ip 127.0.0.1 \
-    --listen-port $port \
-    --strip-uploads Y \
-    --anonymize-uploads Y \
-    --dedupe-uploads Y"
+	#Generate instance
+	su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl instance gen --force \
+	--output $config \
+	--output-psql /tmp/setup_db.psql \
+	--domain $domain \
+	--instance-name \"$name\" \
+	--admin-email $admin_email \
+	--notify-email $admin_email \
+	--dbhost localhost \
+	--dbname $db_name \
+	--dbuser $db_user \
+	--dbpass $db_pwd \
+	--rum N \
+	--indexable Y \
+	--db-configurable Y \
+	--uploads-dir $datadir/uploads \
+	--static-dir $datadir/static \
+	--listen-ip 127.0.0.1 \
+	--listen-port $port \
+	--strip-uploads Y \
+	--anonymize-uploads Y \
+	--dedupe-uploads Y"
 popd
 
 cat "../conf/ldap.exs" >> "$config"
@@ -222,14 +219,13 @@ cat "../conf/ldap.exs" >> "$config"
 ynh_replace_string --match_string="config :pleroma, configurable_from_database: false" --replace_string="config :pleroma, configurable_from_database: true" --target_file="$config"
 
 pushd $final_path/$app
+	su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate"
 
-    su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate"
+	ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Started $app"
+	sleep 60
 
-    ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Started $app"
-    sleep 60
-
-    # Add user
-    su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl user new $admin $admin_email --password $password --moderator --admin -y"
+	# Add user
+	su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl user new $admin $admin_email --password $password --moderator --admin -y"
 popd
 
 #=================================================
@@ -270,6 +266,8 @@ then
 	ynh_permission_update --permission="main" --add="visitors"
 fi
 
+ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
+
 #=================================================
 # RELOAD NGINX
 #=================================================

scripts/upgrade

@@ -51,15 +51,21 @@ if ynh_legacy_permissions_exists; then
 
 	ynh_app_setting_delete --app=$app --key=is_public
 fi
+
+# Create a permission if needed
+if ! ynh_permission_exists --permission="api"; then
+	ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
+fi
+
 #Switch variables name
 psql_db=$(ynh_app_setting_get --app=$app --key=psql_db)
 
 if [ -n "$psql_db" ]
 then
-    db_name=$(ynh_app_setting_get --app=$app --key=psql_db)
-    db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
-    ynh_app_setting_set --app=$app --key=db_name --value=$db_name
-    ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
+	db_name=$(ynh_app_setting_get --app=$app --key=psql_db)
+	db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
+	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
+	ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
 	ynh_app_setting_delete --app=$app --key=psql_db
 	ynh_app_setting_delete --app=$app --key=psqlpwd
 fi
@@ -194,11 +200,9 @@ ynh_add_nginx_config
 ynh_secure_remove --file="/etc/nginx/conf.d/$app-cache.conf"
 if [ $cache -eq 1 ]
 then
-	cp -rf "../conf/cache.conf" "/etc/nginx/conf.d/$app-cache.conf"
-	ynh_replace_string --match_string="{APP}" --replace_string="$app" --target_file="/etc/nginx/conf.d/$app-cache.conf"
-	ynh_replace_string --match_string="__SIZE__" --replace_string="$size" --target_file="/etc/nginx/conf.d/$app-cache.conf"
-	ynh_store_file_checksum --file="/etc/nginx/conf.d/$app-cache.conf"
-	ynh_replace_string --match_string="{APP}" --replace_string="$app" --target_file="../conf/media.conf"
+	ynh_add_config --template="../conf/cache.conf" --destination="/etc/nginx/conf.d/$app-cache.conf"
+
+	ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/media.conf"
 	ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="../conf/media.conf"
 	cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf
 	ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
@@ -239,7 +243,7 @@ ynh_script_progression --message="Making upgrade..."
 chown -R "$app":"$app" "$final_path"
 
 pushd $final_path/$app
-    su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate"
+	su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate"
 popd
 
 #=================================================