diff --git a/README.md b/README.md index e1387d0..32f517a 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,22 @@ -# redmine_ynh -Redmine for YunoHost +# Redmine app for YunoHost + +# NOT WORK IS IN DEV + +- [Yunohost project](https://yunohost.org) +- [Redmine website](https://www.redmine.org/) + +![](https://dudodiprj2sv7.cloudfront.net/product-logos/ck/rN/L1BJGTE8HK3O-180x180.PNG) + + +[![Install Redmine with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=redmine) + +### Installing guide + + 1. App can be installed by YunoHost **admin web-interface** or by **running following command**: + + $ sudo yunohost app install https://github.com/YunoHost-Apps/redmine_ynh + + +### Upgrade this package: + + $ sudo yunohost app upgrade redmine -u https://github.com/YunoHost-Apps/redmine_ynh diff --git a/check_process b/check_process new file mode 100644 index 0000000..0cbeae3 --- /dev/null +++ b/check_process @@ -0,0 +1,42 @@ +# See here for more informations +# https://github.com/YunoHost/package_check#syntax-check_process-file + +# Move this file from check_process.default to check_process when you have filled it. + +;; Test complet + ; Manifest + domain="domain.tld" (DOMAIN) + path="/" (PATH) + is_public=1 (PUBLIC|public=1|private=0) +# password="pass" +# nextclouddomain="domain.tld" + port="9980" (PORT) + ; Checks + pkg_linter=1 + setup_sub_dir=0 + setup_root=1 + setup_nourl=0 + setup_private=0 + setup_public=1 + upgrade=1 + backup_restore=1 + multi_instance=1 + incorrect_path=1 + port_already_use=0 + change_url=0 +;;; Levels + Level 1=auto + Level 2=auto + Level 3=auto +# Level 4: + Level 4=1 (This app supports the Nextcloud LDAP auth) +# Level 5: + Level 5=auto + Level 6=auto + Level 7=auto + Level 8=0 + Level 9=0 + Level 10=0 +;;; Options +Email= +Notification=none diff --git a/conf/back.src b/conf/back.src new file mode 100644 index 0000000..8132242 --- /dev/null +++ b/conf/back.src @@ -0,0 +1,7 @@ +SOURCE_URL=https://github.com/YunoHost-Apps/pia_ynh/releases/download/2.0.0/pia-back-community.tar.gz +SOURCE_SUM=e5210d1c3171b67f5bbc7919f2725c94c25c78464e7baba88541d70c5102bd7ed36dfac4f8d51d97e8132a58955044d63533ee094255d1088aef425acccb43b8 +SOURCE_SUM_PRG=sha512sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_EXTRACT=true +SOURCE_FILENAME=pia-back.tar.gz diff --git a/conf/database.example.yml b/conf/database.example.yml new file mode 100644 index 0000000..7e213b2 --- /dev/null +++ b/conf/database.example.yml @@ -0,0 +1,9 @@ +production: + adapter: postgresql + host: localhost + encoding: unicode + database: yunobase + pool: 5 + username: yunouser + password: yunopass + template: template0 diff --git a/conf/front.src b/conf/front.src new file mode 100644 index 0000000..a1bb441 --- /dev/null +++ b/conf/front.src @@ -0,0 +1,7 @@ +SOURCE_URL=https://github.com/YunoHost-Apps/pia_ynh/releases/download/2.0.0/pia-prod-community.tar.gz +SOURCE_SUM=56dffc972cd274578a9b57290351f81a212e2f19231ea7de371aebe8aecdc28b95dc48d3cd6885c7fe6385bb8b3f93836e7ce7bb494366adc96c09409e20a072 +SOURCE_SUM_PRG=sha512sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_EXTRACT=true +SOURCE_FILENAME=pia-front.tar.gz diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..ce0d015 --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,33 @@ +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { + + # Path to source + alias __FINALPATH__/ ; + + # Force usage of https + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; +} + index index.html; + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; +} + +location /pia-back/ { + +# Path to source +# alias /opt/pia-back/ ; + + proxy_pass http://127.0.0.1:3000/; + proxy_redirect off; + proxy_set_header Host $host/pia-back; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; +} + diff --git a/conf/nginx.conf.old b/conf/nginx.conf.old new file mode 100644 index 0000000..bca1110 --- /dev/null +++ b/conf/nginx.conf.old @@ -0,0 +1,32 @@ +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { + + # Path to source + alias __FINALPATH__/ ; + + # Force usage of https + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; +} + index index.html; + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; +} + +location /pia-back/ { + +# Path to source + alias /opt/pia-back/ ; + + proxy_pass http://127.0.0.1:3000; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; +} diff --git a/conf/pias_controller.rb b/conf/pias_controller.rb new file mode 100644 index 0000000..84df5d4 --- /dev/null +++ b/conf/pias_controller.rb @@ -0,0 +1,114 @@ +class PiasController < ApplicationController + before_action :set_pia, only: %i[show update destroy duplicate] + before_action :set_serializer, only: %i[index show] + + # GET /pias + def index + sorting = sorting_params + sorting = nil unless Pia.attribute_names.include?(sorting[:column]) + sorting[:direction] = 'asc' if sorting && sorting[:direction] != 'desc' + @pias = Pia.all + @pias = @pias.order("#{sorting[:column]} #{sorting[:direction]}") if sorting.present? + + render json: @pias, each_serializer: @index_serializer + end + + # GET /pias/example + def example + pia = Pia.find_by(is_example: 1) + render json: pia, serializer: @index_serializer + end + + # GET /pias/1 + def show + render json: @pia, serializer: @index_serializer + end + + # POST /pias + def create + pia_parameters = pia_params + #pia_parameters[:structure_data] = JSON.parse(pia_parameters[:structure_data]) if pia_parameters[:structure_data] + @pia = Pia.new(pia_parameters) + + if @pia.save + render json: @pia, status: :created + else + render json: @pia.errors, status: :unprocessable_entity + end + end + + # PATCH/PUT /pias/1 + def update + pia_parameters = pia_params + #pia_parameters[:structure_data] = JSON.parse(pia_parameters[:structure_data]) if pia_parameters[:structure_data] + + if @pia.update(pia_parameters) + render json: @pia + else + render json: @pia.errors, status: :unprocessable_entity + end + end + + # DELETE /pias/1 + def destroy + @pia.destroy + end + + def duplicate + @clone = @pia.duplicate + + render json: @clone + end + + def import + @import_params = import_params + import_data_io = @import_params[:data] + json_str = import_data_io.read + Pia.import(json_str) + end + + private + + def import_params + params.fetch(:import, {}).permit(:data) + end + + # Set seralizer for pias index + def set_serializer + @index_serializer = params[:export].present? ? ExportPiaSerializer : PiaSerializer + end + + # Use callbacks to share common setup or constraints between actions. + def set_pia + @pia = Pia.find(params[:id]) + end + + # Only allow trusted sorting parameters + def sorting_params + params.fetch(:sort, {}).permit(:column, :direction) + end + + # Only allow a trusted parameter "white list" through. + def pia_params + params.fetch(:pia, {}).permit(:status, + :name, + :author_name, + :evaluator_name, + :validator_name, + :dpo_status, + :dpo_opinion, + :dpos_names, + :people_names, + :concerned_people_opinion, + :concerned_people_status, + :concerned_people_searched_content, + :concerned_people_searched_opinion, + :rejection_reason, + :applied_adjustments, + :is_example, + :structure_id, + :structure_name, + :structure_sector_name, + :structure_data) + end +end diff --git a/conf/systemd.service b/conf/systemd.service new file mode 100644 index 0000000..2e68919 --- /dev/null +++ b/conf/systemd.service @@ -0,0 +1,18 @@ +[Unit] +Description=Pia Backend +Requires=network.target +Requires=postgresql.service + +[Service] +Type=simple +User=root +Group=users +WorkingDirectory=/opt/pia-back +Environment=RAILS_SERVE_STATIC_FILES=true +ExecStart=/bin/bash -c "/opt/pia-back/bin/rails s -e production -b 127.0.0.1 -p 3000" +TimeoutSec=30 +RestartSec=15s +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/conf/systemd.service.old b/conf/systemd.service.old new file mode 100644 index 0000000..b7aaee7 --- /dev/null +++ b/conf/systemd.service.old @@ -0,0 +1,18 @@ +[Unit] +Description=Pia Backend +Requires=network.target +Requires=postgresql.service + +[Service] +Type=simple +User=root +Group=users +WorkingDirectory=/opt/pia-back +Environment=RAILS_ENV=production +ExecStart=/bin/bash -c "/opt/pia-back/bin/rails s -b 127.0.0.1 -p 3000" +TimeoutSec=30 +RestartSec=15s +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/manifest.json b/manifest.json new file mode 100644 index 0000000..dc1ceae --- /dev/null +++ b/manifest.json @@ -0,0 +1,58 @@ +{ + "name": "PIA", + "id": "pia", + "packaging_format": 1, + "description": { + "en": "PIA package for YunoHost.", + "fr": "PIA pour YunoHost." + }, + "version": "2.0", + "url": "https://github.com/LINCnil/pia", + "license": "free", + "maintainer": { + "name": "liberodark", + "email": "liberodark@gmail.com" + }, + "requirements": { + "yunohost": ">= 2.7.2" + }, + "multi_instance": false, + "services": [ + "nginx", + "php5-fpm", + "mysql" + ], + "arguments": { + "install": [{ + "name": "domain", + "type": "domain", + "ask": { + "en": "Choose a domain name for PIA", + "fr": "Choisissez un nom de domaine pour PIA" + }, + "example": "example.com" + }, + + { + "name": "path", + "type": "path", + "ask": { + "en": "Choose a path for PIA /pia is accepted", + "fr": "Choisissez un chemin pour PIA /pia est accepté" + }, + "example": "/pia", + "default": "/pia" + }, + + { + "name": "is_public", + "type": "boolean", + "ask": { + "en": "Is it a public site ?", + "fr": "Est-ce un site public ?" + }, + "default": "true" + } + ] + } +} diff --git a/scripts/_common.sh b/scripts/_common.sh new file mode 100644 index 0000000..0f53f77 --- /dev/null +++ b/scripts/_common.sh @@ -0,0 +1,112 @@ +#!/bin/bash + +# ============================================================================= +# YUNOHOST 2.7 FORTHCOMING HELPERS +# ============================================================================= + +# Create a dedicated nginx config +# +# usage: ynh_add_nginx_config +ynh_add_nginx_config () { + finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_backup_if_checksum_is_different "$finalnginxconf" + sudo cp ../conf/nginx.conf "$finalnginxconf" + + # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. + # Substitute in a nginx config file only if the variable is not empty + if test -n "${path_url:-}"; then + ynh_replace_string "__PATH__" "$path_url" "$finalnginxconf" + fi + if test -n "${domain:-}"; then + ynh_replace_string "__DOMAIN__" "$domain" "$finalnginxconf" + fi + if test -n "${port:-}"; then + ynh_replace_string "__PORT__" "$port" "$finalnginxconf" + fi + if test -n "${app:-}"; then + ynh_replace_string "__NAME__" "$app" "$finalnginxconf" + fi + if test -n "${final_path:-}"; then + ynh_replace_string "__FINALPATH__" "$final_path" "$finalnginxconf" + fi + ynh_store_file_checksum "$finalnginxconf" + + sudo systemctl reload nginx +} + +# Remove the dedicated nginx config +# +# usage: ynh_remove_nginx_config +ynh_remove_nginx_config () { + ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf" + sudo systemctl reload nginx +} + +# Create a dedicated php-fpm config +# +# usage: ynh_add_fpm_config +ynh_add_fpm_config () { + finalphpconf="/etc/php5/fpm/pool.d/$app.conf" + ynh_backup_if_checksum_is_different "$finalphpconf" + sudo cp ../conf/php-fpm.conf "$finalphpconf" + ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf" + ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf" + ynh_replace_string "__USER__" "$app" "$finalphpconf" + sudo chown root: "$finalphpconf" + ynh_store_file_checksum "$finalphpconf" + + if [ -e "../conf/php-fpm.ini" ] + then + finalphpini="/etc/php5/fpm/conf.d/20-$app.ini" + ynh_backup_if_checksum_is_different "$finalphpini" + sudo cp ../conf/php-fpm.ini "$finalphpini" + sudo chown root: "$finalphpini" + ynh_store_file_checksum "$finalphpini" + fi + + sudo systemctl reload php5-fpm +} + +# Remove the dedicated php-fpm config +# +# usage: ynh_remove_fpm_config +ynh_remove_fpm_config () { + ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf" + ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini" 2>&1 + sudo systemctl reload php5-fpm +} + +# Create a dedicated systemd config +# +# usage: ynh_add_systemd_config +ynh_add_systemd_config () { + finalsystemdconf="/etc/systemd/system/$app.service" + ynh_backup_if_checksum_is_different "$finalsystemdconf" + sudo cp ../conf/systemd.service "$finalsystemdconf" + + # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. + # Substitute in a nginx config file only if the variable is not empty + if test -n "${final_path:-}"; then + ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf" + fi + if test -n "${app:-}"; then + ynh_replace_string "__APP__" "$app" "$finalsystemdconf" + fi + ynh_store_file_checksum "$finalsystemdconf" + + sudo chown root: "$finalsystemdconf" + sudo systemctl enable $app + sudo systemctl daemon-reload +} + +# Remove the dedicated systemd config +# +# usage: ynh_remove_systemd_config +ynh_remove_systemd_config () { + finalsystemdconf="/etc/systemd/system/$app.service" + if [ -e "$finalsystemdconf" ]; then + sudo systemctl stop $app + sudo systemctl disable $app + ynh_secure_remove "$finalsystemdconf" + fi +} diff --git a/scripts/backup b/scripts/backup new file mode 100644 index 0000000..af8ccd9 --- /dev/null +++ b/scripts/backup @@ -0,0 +1,33 @@ +#!/bin/bash + +# Exit on command errors and treat unset variables as an error +set -eu + +# See comments in install script +app=$YNH_APP_INSTANCE_NAME + +# Source YunoHost helpers +source /usr/share/yunohost/helpers + +# Backup sources & data +# Note: the last argument is where to save this path, see the restore script. +ynh_backup "/var/www/${app}" "sources" + +### MySQL (remove if not used) ### +# If a MySQL database is used: +# # Dump the database +# dbname=$app +# dbuser=$app +# dbpass=$(ynh_app_setting_get "$app" mysqlpwd) +# mysqldump -u "$dbuser" -p"$dbpass" --no-create-db "$dbname" > ./dump.sql +### MySQL end ### + +# Copy NGINX configuration +domain=$(ynh_app_setting_get "$app" domain) +ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf" + +### PHP (remove if not used) ### +# If a dedicated php-fpm process is used: +# # Copy PHP-FPM pool configuration +# ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf" +### PHP end ### diff --git a/scripts/install b/scripts/install new file mode 100644 index 0000000..1e73eeb --- /dev/null +++ b/scripts/install @@ -0,0 +1,240 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + ### Remove this function if there's nothing to clean before calling the remove script. + true +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= + +# Retrieve arguments +domain=$YNH_APP_ARG_DOMAIN +path_url=$YNH_APP_ARG_PATH +is_public=$YNH_APP_ARG_IS_PUBLIC + +### If it's a multi-instance app, meaning it can be installed several times independently +### The id of the app as stated in the manifest is available as $YNH_APP_ID +### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) +### The app instance name is available as $YNH_APP_INSTANCE_NAME +### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample +### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 +### - ynhexample__{N} for the subsequent installations, with N=3,4, ... +### The app instance name is probably what interests you most, since this is +### guaranteed to be unique. This is a good unique identifier to define installation path, +### db names, ... +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= + +### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". +### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app" +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die "This path already contains a folder" + +back_path=/opt/pia-back +test ! -e "$back_path" || ynh_die "This path already contains a folder" + +# Normalize the url path syntax +path_url=$(ynh_normalize_url_path $path_url) + +# Check web path availability +ynh_webpath_available $domain $path_url +# Register (book) web path +ynh_webpath_register $app $domain $path_url + +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= + +ynh_app_setting_set $app domain $domain +ynh_app_setting_set $app path $path_url +ynh_app_setting_set $app is_public $is_public + +#================================================= +# FIND AND OPEN A PORT +#================================================= +#ynh_print_info "Open port..." + +### Use these lines if you have to open a port for the application +### `ynh_find_port` will find the first available port starting from the given port. +### If you're not using these lines: +### - Remove the section "CLOSE A PORT" in the remove script + +# Find a free port +#port=$(ynh_find_port 3000) +# Open this port +#yunohost firewall allow --no-upnp TCP $port 2>&1 +#ynh_app_setting_set $app port $port + +#================================================= +# INSTALL DEPENDENCIES +#================================================= + +ynh_print_info "Installing dependencies..." + +### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. +### Those deb packages will be installed as dependencies of this package. +### If you're not using this helper: +### - Remove the section "REMOVE DEPENDENCIES" in the remove script +### - As well as the section "REINSTALL DEPENDENCIES" in the restore script +### - And the section "UPGRADE DEPENDENCIES" in the upgrade script + +ynh_install_app_dependencies postgresql ruby-dev zlib1g-dev libpq-dev + +ynh_print_info "Installing Rails & Bunlder..." + +gem install rails:5.0.6 bundler:2.0.1 +#gem install rails bundler + +#================================================= +# CREATE A POSTGRESQL DATABASE +#================================================= +ynh_print_info "Creating a PostgreSQL database..." + +### Use these lines if you need a database for the application. +### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. +### The password will be stored as 'mysqlpwd' into the app settings, +### and will be available as $db_pwd +### If you're not using these lines: +### - Remove the section "BACKUP THE POSTGRESQL DATABASE" in the backup script +### - Remove also the section "REMOVE THE POSTGRESQL DATABASE" in the remove script +### - As well as the section "RESTORE THE POSTGRESQL DATABASE" in the restore script + +db_name=$(ynh_sanitize_dbid $app) +db_pwd=$(ynh_string_random 8) +ynh_app_setting_set $app db_name $db_name +ynh_app_setting_set $app db_pwd $db_pwd +ynh_psql_test_if_first_run +ynh_psql_create_db $db_name $db_name $db_pwd + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_print_info "Create dedicated user..." + +# Create a system user +ynh_system_user_create $app + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_print_info "Installing PIA Back End..." + +ynh_app_setting_set $app final_path $final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$back_path" "back" + +#================================================= +# MODIFY A CONFIG FILE +#================================================= +ynh_print_info "Install PIA Back End Conffiguration..." + +rm /opt/pia-back/config/database.example.yml +cp -a ../conf/database.example.yml /opt/pia-back/config/database.yml +cp -a ../conf/pias_controller.rb /opt/pia-back/app/controllers/pias_controller.rb + +ynh_replace_string "2.5.3" "2.3.3" "/opt/pia-back/Gemfile" +ynh_replace_string "yunouser" "$db_name" "/opt/pia-back/config/database.yml" +ynh_replace_string "yunopass" "$db_pwd" "/opt/pia-back/config/database.yml" +ynh_replace_string "yunobase" "$db_name" "/opt/pia-back/config/database.yml" + +#================================================= +# COMPILE PIA BACK +#================================================= +ynh_print_info "Compile PIA Back End..." + +pushd /opt/pia-back/ +bundle install +mv config/application.example.yml config/application.yml +key=$(RAILS_ENV=production bin/rake secret) +ynh_replace_string "__SECRET_KEY_HERE__" "$key" "/opt/pia-back/config/application.yml" +#RAILS_ENV=production bin/rake db:create +RAILS_ENV=production bin/rake db:migrate +popd + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_print_info "Installing PIA Front End..." + +ynh_app_setting_set $app final_path $final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$final_path" "front" + +#================================================= +# SETUP SYSTEMD +#================================================= + +ynh_add_systemd_config +systemctl enable $app.service + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Create a dedicated nginx config +ynh_add_nginx_config + +#================================================= +# MODIFY A CONFIG FILE +#================================================= +#cp -a ../conf/onlyoffice-documentserver.conf /etc/onlyoffice/documentserver/nginx/onlyoffice-documentserver.conf +#ynh_replace_string "__NEXTCLOUDDOMAIN__" "$nextcloud_domain" "/etc/loolwsd/loolwsd.xml" +#ynh_replace_string "__PASSWORD__" "$password" "/etc/loolwsd/loolwsd.xml" + +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= + +### `ynh_store_file_checksum` is used to store the checksum of a file. +### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, +### you can make a backup of this file before modifying it again if the admin had modified it. + +# Calculate and store the config file checksum into the app settings +#ynh_store_file_checksum "/etc/onlyoffice/documentserver/nginx/onlyoffice-documentserver.conf" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +### For security reason, any app should set the permissions to root: before anything else. +### Then, if write authorization is needed, any access should be given only to directories +### that really need such authorization. + +# Set permissions to app files +chown -R $app:$app $final_path + +#================================================= +# SETUP SSOWAT +#================================================= + +# If app is public, add url to SSOWat conf as skipped_uris +if [ $is_public -eq 1 ]; then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set "$app" unprotected_uris "/" +fi + +# Reload services +systemctl start $app.service +systemctl reload nginx diff --git a/scripts/remove b/scripts/remove new file mode 100644 index 0000000..09d0e7d --- /dev/null +++ b/scripts/remove @@ -0,0 +1,135 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_print_info "Loading installation settings..." + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get $app domain) +port=$(ynh_app_setting_get $app port) +db_name=$(ynh_app_setting_get $app db_name) +db_user=$db_name +final_path=$(ynh_app_setting_get $app final_path) +back_path=/opt/pia-back + +#================================================= +# STANDARD REMOVE +#================================================= +# REMOVE SERVICE FROM ADMIN PANEL +#================================================= + +# Remove a service from the admin panel, added by `yunohost service add` +if yunohost service status $app >/dev/null 2>&1 +then + ynh_print_info "Removing $app service" + yunohost service remove $app +fi + +#================================================= +# STOP AND REMOVE SERVICE +#================================================= +ynh_print_info "Stopping and removing the systemd service" + +# Remove the dedicated systemd config +ynh_remove_systemd_config + +#================================================= +# REMOVE THE POSTGRESQL DATABASE +#================================================= +ynh_print_info "Removing the PostgreSQL database" + +# Remove a database if it exists, along with the associated user +ynh_psql_remove_db $db_name $db_name + +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_print_info "Removing dependencies" + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies + +#================================================= +# REMOVE APP MAIN DIR +#================================================= +ynh_print_info "Removing app main directory" + +# Remove the app directory securely +ynh_secure_remove "$final_path" +ynh_secure_remove "$back_path" + +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= +ynh_print_info "Removing nginx web server configuration" + +# Remove the dedicated nginx config +ynh_remove_nginx_config + +#================================================= +# REMOVE PHP-FPM CONFIGURATION +#================================================= +#ynh_print_info "Removing php-fpm configuration" + +# Remove the dedicated php-fpm config +#ynh_remove_fpm_config + +#================================================= +# REMOVE LOGROTATE CONFIGURATION +#================================================= +ynh_print_info "Removing logrotate configuration" + +# Remove the app-specific logrotate config +ynh_remove_logrotate + +#================================================= +# CLOSE A PORT +#================================================= + +if yunohost firewall list | grep -q "\- $port$" +then + ynh_print_info "Closing port $port" + ynh_exec_warn_less yunohost firewall disallow TCP $port +fi + +#================================================= +# SPECIFIC REMOVE +#================================================= +# REMOVE THE CRON FILE +#================================================= + +# Remove a cron file +ynh_secure_remove "/etc/cron.d/$app" + +# Remove a directory securely +ynh_secure_remove "/etc/$app/" + +# Remove the log files +ynh_secure_remove "/var/log/$app/" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= +ynh_print_info "Removing the dedicated system user" + +# Delete a system user +ynh_system_user_delete $app + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore new file mode 100644 index 0000000..93169e9 --- /dev/null +++ b/scripts/restore @@ -0,0 +1,52 @@ +#!/bin/bash + +# Note: each files and directories you've saved using the ynh_backup helper +# will be located in the current directory, regarding the last argument. + +# Exit on command errors and treat unset variables as an error +set -eu + +# See comments in install script +app=$YNH_APP_INSTANCE_NAME + +# Source YunoHost helpers +source /usr/share/yunohost/helpers + +# Retrieve old app settings +domain=$(ynh_app_setting_get "$app" domain) +path_url=$(ynh_app_setting_get "$app" path_url) + +# Check domain/path availability +sudo yunohost app checkurl "${domain}${path_url}" -a "$app" \ + || ynh_die "Path not available: ${domain}${path_url}" + +# Restore sources & data +src_path="/var/www/${app}" +sudo cp -a ./sources "$src_path" + +# Restore permissions to app files +# you may need to make some file and/or directory writeable by www-data (nginx user) +sudo chown -R root: "$src_path" + +### MySQL (remove if not used) ### +# If a MySQL database is used: +# # Create and restore the database +# dbname=$app +# dbuser=$app +# dbpass=$(ynh_app_setting_get "$app" mysqlpwd) +# ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" +# ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./dump.sql +### MySQL end ### + +# Restore NGINX configuration +sudo cp -a ./nginx.conf "/etc/nginx/conf.d/${domain}.d/${app}.conf" + +### PHP (remove if not used) ### +# If a dedicated php-fpm process is used: +# # Copy PHP-FPM pool configuration and reload the service +# sudo cp -a ./php-fpm.conf "/etc/php5/fpm/pool.d/${app}.conf" +# sudo service php5-fpm reload +### PHP end ### + +# Restart webserver +sudo service nginx reload diff --git a/scripts/upgrade b/scripts/upgrade new file mode 100644 index 0000000..ae91b74 --- /dev/null +++ b/scripts/upgrade @@ -0,0 +1,83 @@ +#!/bin/bash + +# Exit on command errors and treat unset variables as an error +set -eu + +# See comments in install script +app=$YNH_APP_INSTANCE_NAME +final_path=/opt/yunohost/$app +back_path=/opt/pia-back + +# Source YunoHost helpers +source /usr/share/yunohost/helpers + +# Stop pia service +systemctl stop $app + +#================================================= +# SAVE CONFIGRATION +#================================================= +ynh_print_info "Save PIA Back Conf..." + +cp -a /opt/pia-back/config/application.yml /opt/pia-back/config/application.yml.save +cp -a /opt/pia-back/config/database.yml /opt/pia-back/config/database.yml.save +cp -a /opt/pia-back/app/controllers/pias_controller.rb /opt/pia-back/app/controllers/pias_controller.rb.save +cp -a /opt/pia-back/Gemfile /opt/pia-back/Gemfile.save + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_print_info "Installing PIA Back End..." + +ynh_app_setting_set $app final_path $final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$back_path" "back" + +#============================================== +# UPGRADE DB +#============================================== + +pushd /opt/pia-back/ +bundle install +mv -f /opt/pia-back/config/application.yml.save /opt/pia-back/config/application.yml +mv -f /opt/pia-back/config/database.yml.save /opt/pia-back/config/database.yml +mv -f /opt/pia-back/app/controllers/pias_controller.rb.save /opt/pia-back/app/controllers/pias_controller.rb +mv -f /opt/pia-back/Gemfile.save /opt/pia-back/Gemfile +RAILS_ENV=production bin/rake db:migrate +popd + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_print_info "Installing PIA Front End..." + +ynh_app_setting_set $app final_path $final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$final_path" "front" + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Create a dedicated nginx config +#ynh_add_nginx_config + + +#================================================= +# UPGRADE CONFIG +#================================================= +#cp -a ../conf/loolwsd.xml /etc/loolwsd +#ynh_replace_string "__NEXTCLOUDDOMAIN__" "$nextcloud_domain" "/etc/loolwsd/loolwsd.xml" +#ynh_replace_string "__PASSWORD__" "$password" "/etc/loolwsd/loolwsd.xml" +#systemctl restart loolwsd + + + +# If app is public, add url to SSOWat conf as skipped_uris +#if [[ $is_public -eq 1 ]]; then + # See install script +# ynh_app_setting_set "$app" unprotected_uris "/" +#fi + +# Start pia service +systemctl start $app