YunoHost-Apps/pleroma_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/pleroma_ynh.git synced 2024-09-03 20:15:59 +02:00
Code Issues Activity Actions

Merge pull request #162 from YunoHost-Apps/testing

Browse source 
Apply example_ynh
This commit is contained in:
yalh76 2021-03-04 23:07:07 +01:00 committed by GitHub
commit 63723f18af
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 96 additions and 99 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
conf/cache.conf
View file

@ -1,2 +1 @@
proxy_cache_path /tmp/{APP}-media-cache levels=1:2 keys_zone={APP}_media_cache:10m max_size=__SIZE__ proxy_cache_path /tmp/__APP__-media-cache levels=1:2 keys_zone=__APP___media_cache:10m max_size=__SIZE__ inactive=720m use_temp_path=off;
inactive=720m use_temp_path=off;

2
conf/media.conf
View file

@ -1,7 +1,7 @@
rewrite ^/proxy/(.*)/(.*)/.* /proxy/$1/$2 last; rewrite ^/proxy/(.*)/(.*)/.* /proxy/$1/$2 last;
location ~ ^/(media|proxy) { location ~ ^/(media|proxy) {
proxy_cache {APP}_media_cache; proxy_cache __APP___media_cache;
proxy_cache_key $host$uri$is_args$args; proxy_cache_key $host$uri$is_args$args;
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_cache_valid 200 206 301 304 1h; proxy_cache_valid 200 206 301 304 1h;

69
conf/nginx.conf
View file

@ -1,42 +1,43 @@
location / { location / {
# if you do not want remote frontends to be able to access your Pleroma backend
# server, remove these lines.
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
# Standard nginx configuration # if you do not want remote frontends to be able to access your Pleroma backend
proxy_http_version 1.1; # server, remove these lines.
proxy_set_header Upgrade $http_upgrade; if ($scheme = http) {
proxy_set_header Connection "upgrade"; rewrite ^ https://$server_name$request_uri? permanent;
proxy_set_header Host $http_host; }
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:__PORT__; # Standard nginx configuration
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 16m; proxy_pass http://localhost:__PORT__;
more_set_headers "Access-Control-Allow-Origin : *"; client_max_body_size 50M;
more_set_headers "Access-Control-Allow-Methods : POST, PUT, DELETE, GET, PATCH, OPTIONS";
more_set_headers "Access-Control-Allow-Headers : Authorization, Content-Type, Idempotency-Key";
more_set_headers "Access-Control-Expose-Headers : Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id";
if ($request_method = OPTIONS) {
return 204;
}
# stop removing lines here.
more_set_headers "X-XSS-Protection : 1; mode=block"; more_set_headers "Access-Control-Allow-Origin : *";
more_set_headers "X-Permitted-Cross-Domain-Policies : none"; more_set_headers "Access-Control-Allow-Methods : POST, PUT, DELETE, GET, PATCH, OPTIONS";
more_set_headers "X-Frame-Options : DENY"; more_set_headers "Access-Control-Allow-Headers : Authorization, Content-Type, Idempotency-Key";
more_set_headers "X-Content-Type-Options : nosniff"; more_set_headers "Access-Control-Expose-Headers : Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id";
more_set_headers "Referrer-Policy : same-origin"; if ($request_method = OPTIONS) {
more_set_headers "X-Download-Options : noopen"; return 204;
# more_set_headers "Content-Security-Policy : default-src 'none'; base-uri 'self'; form-action *; frame-ancestors 'none'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self'; connect-src 'self' wss://__DOMAIN__; upgrade-insecure-requests;"; }
# stop removing lines here.
# Uncomment this only after you get HTTPS working. more_set_headers "X-XSS-Protection : 1; mode=block";
# more_set_headers "Strict-Transport-Security : max-age=31536000; includeSubDomains"; more_set_headers "X-Permitted-Cross-Domain-Policies : none";
more_set_headers "X-Frame-Options : DENY";
more_set_headers "X-Content-Type-Options : nosniff";
more_set_headers "Referrer-Policy : same-origin";
more_set_headers "X-Download-Options : noopen";
# more_set_headers "Content-Security-Policy : default-src 'none'; base-uri 'self'; form-action *; frame-ancestors 'none'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self'; connect-src 'self' wss://__DOMAIN__; upgrade-insecure-requests;";
# Uncomment this only after you get HTTPS working.
# more_set_headers "Strict-Transport-Security : max-age=31536000; includeSubDomains";
# Include SSOWAT user panel. # Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc; include conf.d/yunohost_panel.conf.inc;
} }

2
manifest.json
View file

@ -18,7 +18,7 @@
"name": "yalh76" "name": "yalh76"
}], }],
"requirements": { "requirements": {
"yunohost": ">= 4.1.3" "yunohost": ">= 4.1.7.3"
}, },
"multi_instance": false, "multi_instance": false,
"services": [ "services": [

21
scripts/backup
View file

@ -57,18 +57,20 @@ fi
#================================================= #=================================================
# SPECIFIC BACKUP # SPECIFIC BACKUP
#=================================================
# BACKUP CONFIG FILE
#=================================================
ynh_backup --src_path="/etc/$app/config.exs"
#================================================= #=================================================
# BACKUP SYSTEMD # BACKUP SYSTEMD
#================================================= #=================================================
ynh_backup --src_path="/etc/systemd/system/$app.service" ynh_backup --src_path="/etc/systemd/system/$app.service"
#=================================================
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="/etc/$app/config.exs"
ynh_backup --src_path="$datadir" --is_big
#================================================= #=================================================
# BACKUP THE POSTGRESQL DATABASE # BACKUP THE POSTGRESQL DATABASE
#================================================= #=================================================
@ -76,13 +78,6 @@ ynh_print_info --message="Backing up the PostgreSQL database..."
ynh_psql_dump_db --database="$db_name" > db.sql ynh_psql_dump_db --database="$db_name" > db.sql
#=================================================
# BACKUP THE DATA DIRECTORY
#=================================================
ynh_print_info --message="Backing up data directory..."
ynh_backup --src_path="$datadir" --is_big
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

68
scripts/install
View file

@ -23,7 +23,6 @@ ynh_abort_if_errors
#================================================= #=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST # RETRIEVE ARGUMENTS FROM THE MANIFEST
#================================================= #=================================================
ynh_script_progression --message="Retrieving arguments from the manifest..."
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url="/" path_url="/"
@ -40,7 +39,7 @@ admin_email=$(ynh_user_get_info --username=$admin --key="mail")
## Bypass package_checker name not compatible with pleroma ## Bypass package_checker name not compatible with pleroma
if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then
admin="test" admin="test"
fi fi
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -127,11 +126,9 @@ ynh_add_nginx_config
if [ $cache -eq 1 ] if [ $cache -eq 1 ]
then then
cp -rf "../conf/cache.conf" "/etc/nginx/conf.d/$app-cache.conf" ynh_add_config --template="../conf/cache.conf" --destination="/etc/nginx/conf.d/$app-cache.conf"
ynh_replace_string --match_string="{APP}" --replace_string="$app" --target_file="/etc/nginx/conf.d/$app-cache.conf"
ynh_replace_string --match_string="__SIZE__" --replace_string="$size" --target_file="/etc/nginx/conf.d/$app-cache.conf" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/media.conf"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$app-cache.conf"
ynh_replace_string --match_string="{APP}" --replace_string="$app" --target_file="../conf/media.conf"
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="../conf/media.conf" ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="../conf/media.conf"
cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf
ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
@ -193,28 +190,28 @@ ynh_script_progression --message="Making setup..."
chown -R "$app":"$app" "$final_path" chown -R "$app":"$app" "$final_path"
pushd $final_path/$app pushd $final_path/$app
#Generate instance #Generate instance
su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl instance gen --force \ su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl instance gen --force \
--output $config \ --output $config \
--output-psql /tmp/setup_db.psql \ --output-psql /tmp/setup_db.psql \
--domain $domain \ --domain $domain \
--instance-name \"$name\" \ --instance-name \"$name\" \
--admin-email $admin_email \ --admin-email $admin_email \
--notify-email $admin_email \ --notify-email $admin_email \
--dbhost localhost \ --dbhost localhost \
--dbname $db_name \ --dbname $db_name \
--dbuser $db_user \ --dbuser $db_user \
--dbpass $db_pwd \ --dbpass $db_pwd \
--rum N \ --rum N \
--indexable Y \ --indexable Y \
--db-configurable Y \ --db-configurable Y \
--uploads-dir $datadir/uploads \ --uploads-dir $datadir/uploads \
--static-dir $datadir/static \ --static-dir $datadir/static \
--listen-ip 127.0.0.1 \ --listen-ip 127.0.0.1 \
--listen-port $port \ --listen-port $port \
--strip-uploads Y \ --strip-uploads Y \
--anonymize-uploads Y \ --anonymize-uploads Y \
--dedupe-uploads Y" --dedupe-uploads Y"
popd popd
cat "../conf/ldap.exs" >> "$config" cat "../conf/ldap.exs" >> "$config"
@ -222,14 +219,13 @@ cat "../conf/ldap.exs" >> "$config"
ynh_replace_string --match_string="config :pleroma, configurable_from_database: false" --replace_string="config :pleroma, configurable_from_database: true" --target_file="$config" ynh_replace_string --match_string="config :pleroma, configurable_from_database: false" --replace_string="config :pleroma, configurable_from_database: true" --target_file="$config"
pushd $final_path/$app pushd $final_path/$app
su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate"
su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate" ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Started $app"
sleep 60
ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Started $app" # Add user
sleep 60 su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl user new $admin $admin_email --password $password --moderator --admin -y"
# Add user
su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl user new $admin $admin_email --password $password --moderator --admin -y"
popd popd
#================================================= #=================================================
@ -270,6 +266,8 @@ then
ynh_permission_update --permission="main" --add="visitors" ynh_permission_update --permission="main" --add="visitors"
fi fi
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================

24
scripts/upgrade
View file

@ -51,15 +51,21 @@ if ynh_legacy_permissions_exists; then
ynh_app_setting_delete --app=$app --key=is_public ynh_app_setting_delete --app=$app --key=is_public
fi fi
# Create a permission if needed
if ! ynh_permission_exists --permission="api"; then
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
fi
#Switch variables name #Switch variables name
psql_db=$(ynh_app_setting_get --app=$app --key=psql_db) psql_db=$(ynh_app_setting_get --app=$app --key=psql_db)
if [ -n "$psql_db" ] if [ -n "$psql_db" ]
then then
db_name=$(ynh_app_setting_get --app=$app --key=psql_db) db_name=$(ynh_app_setting_get --app=$app --key=psql_db)
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
ynh_app_setting_delete --app=$app --key=psql_db ynh_app_setting_delete --app=$app --key=psql_db
ynh_app_setting_delete --app=$app --key=psqlpwd ynh_app_setting_delete --app=$app --key=psqlpwd
fi fi
@ -194,11 +200,9 @@ ynh_add_nginx_config
ynh_secure_remove --file="/etc/nginx/conf.d/$app-cache.conf" ynh_secure_remove --file="/etc/nginx/conf.d/$app-cache.conf"
if [ $cache -eq 1 ] if [ $cache -eq 1 ]
then then
cp -rf "../conf/cache.conf" "/etc/nginx/conf.d/$app-cache.conf" ynh_add_config --template="../conf/cache.conf" --destination="/etc/nginx/conf.d/$app-cache.conf"
ynh_replace_string --match_string="{APP}" --replace_string="$app" --target_file="/etc/nginx/conf.d/$app-cache.conf"
ynh_replace_string --match_string="__SIZE__" --replace_string="$size" --target_file="/etc/nginx/conf.d/$app-cache.conf" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/media.conf"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$app-cache.conf"
ynh_replace_string --match_string="{APP}" --replace_string="$app" --target_file="../conf/media.conf"
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="../conf/media.conf" ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="../conf/media.conf"
cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf
ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
@ -239,7 +243,7 @@ ynh_script_progression --message="Making upgrade..."
chown -R "$app":"$app" "$final_path" chown -R "$app":"$app" "$final_path"
pushd $final_path/$app pushd $final_path/$app
su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate" su "$app" -s $SHELL -lc "$final_path/$app/bin/pleroma_ctl migrate"
popd popd
#================================================= #=================================================