From d43cc8bfc541b604330d394050679358e4d8b032 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Wed, 23 Dec 2020 11:49:59 +0100 Subject: [PATCH] Fix --- manifest.json | 4 +- scripts/_common.sh | 152 +++++++++++++++++++++++++++++++++++++++++++++ scripts/install | 77 ++++++++++++----------- scripts/restore | 1 + scripts/upgrade | 24 +------ 5 files changed, 197 insertions(+), 61 deletions(-) diff --git a/manifest.json b/manifest.json index 9b8128d..351cf70 100644 --- a/manifest.json +++ b/manifest.json @@ -30,7 +30,6 @@ }, "example": "example.com" }, - { "name": "path", "type": "path", @@ -40,8 +39,7 @@ }, "example": "/red", "default": "/red" - }, - + }, { "name": "is_public", "type": "boolean", diff --git a/scripts/_common.sh b/scripts/_common.sh index 453f6b0..13fd13e 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -7,6 +7,10 @@ # dependencies used by the app pkg_dependencies="postgresql ruby-dev zlib1g-dev libpq-dev" +RUBY_VERSION="2.6.6" + +BUNDLER_VERSION="2.2.3" + #================================================= # PERSONAL HELPERS #================================================= @@ -18,3 +22,151 @@ pkg_dependencies="postgresql ruby-dev zlib1g-dev libpq-dev" #================================================= # FUTURE OFFICIAL HELPERS #================================================= + + +#!/bin/bash + +# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args + +rbenv_install_dir="/opt/rbenv" +# RBENV_ROOT is the directory of rbenv, it needs to be loaded as a environment variable. +export RBENV_ROOT="$rbenv_install_dir" + +# Install ruby version management +# +# [internal] +# +# usage: ynh_install_rbenv +ynh_install_rbenv () { + echo "Installation of rbenv - ruby version management" >&2 + # Build an app.src for rbenv + mkdir -p "../conf" + echo "SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.2.tar.gz +SOURCE_SUM=80ad89ffe04c0b481503bd375f05c212bbc7d44ef5f5e649e0acdf25eba86736" > "../conf/rbenv.src" + # Download and extract rbenv + ynh_setup_source "$rbenv_install_dir" rbenv + + # Build an app.src for ruby-build + mkdir -p "../conf" + echo "SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20201221.tar.gz +SOURCE_SUM=a1b71724f325e4003ea37fa618f7e0e8b334e77ffaf8ec1352931e123c9f2d3a" > "../conf/ruby-build.src" + # Download and extract ruby-build + ynh_setup_source "$rbenv_install_dir/plugins/ruby-build" ruby-build + + (cd $rbenv_install_dir + ./src/configure && make -C src) + +# Create shims directory if needed +if [ ! -d $rbenv_install_dir/shims ] ; then + mkdir $rbenv_install_dir/shims +fi +} + +# Install a specific version of ruby +# +# ynh_install_ruby will install the version of ruby provided as argument by using rbenv. +# +# rbenv (ruby version management) stores the target ruby version in a .ruby_version file created in the target folder (using rbenv local ) +# It then uses that information for every ruby user that uses rbenv provided ruby command +# +# This helper creates a /etc/profile.d/rbenv.sh that configures PATH environment for rbenv +# for every LOGIN user, hence your user must have a defined shell (as opposed to /usr/sbin/nologin) +# +# Don't forget to execute ruby-dependent command in a login environment +# (e.g. sudo --login option) +# When not possible (e.g. in systemd service definition), please use direct path +# to rbenv shims (e.g. $RBENV_ROOT/shims/bundle) +# +# usage: ynh_install_ruby ruby_version user +# | arg: -v, --ruby_version= - Version of ruby to install. +# If possible, prefer to use major version number (e.g. 8 instead of 8.10.0). +# The crontab will handle the update of minor versions when needed. +ynh_install_ruby () { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [v]=ruby_version= ) + # Use rbenv, https://github.com/rbenv/rbenv to manage the ruby versions + local ruby_version + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + # Create $rbenv_install_dir + mkdir -p "$rbenv_install_dir/plugins/ruby-build" + + # Load rbenv path in PATH + CLEAR_PATH="$rbenv_install_dir/bin:$PATH" + + # Remove /usr/local/bin in PATH in case of ruby prior installation + PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@') + + # Move an existing ruby binary, to avoid to block rbenv + test -x /usr/bin/ruby && mv /usr/bin/ruby /usr/bin/ruby_rbenv + + # If rbenv is not previously setup, install it + if ! type rbenv > /dev/null 2>&1 + then + ynh_install_rbenv + elif dpkg --compare-versions "$($rbenv_install_dir/bin/rbenv --version | cut -d" " -f2)" lt "1.1.2" + then + ynh_install_rbenv + elif dpkg --compare-versions "$($rbenv_install_dir/plugins/ruby-build/bin/ruby-build --version | cut -d" " -f2)" lt "20200520" + then + ynh_install_rbenv + fi + + # Restore /usr/local/bin in PATH (if needed) + PATH=$CLEAR_PATH + + # And replace the old ruby binary + test -x /usr/bin/ruby_rbenv && mv /usr/bin/ruby_rbenv /usr/bin/ruby + + # Install the requested version of ruby + CONFIGURE_OPTS="--disable-install-doc --with-jemalloc" MAKE_OPTS="-j2" rbenv install --skip-existing $ruby_version + + # Store the ID of this app and the version of ruby requested for it + echo "$YNH_APP_ID:$ruby_version" | tee --append "$rbenv_install_dir/ynh_app_version" + + # Store ruby_version into the config of this app + ynh_app_setting_set $app ruby_version $ruby_version + + # Set environment for ruby users + echo "#rbenv +export RBENV_ROOT=$rbenv_install_dir +export PATH=\"$rbenv_install_dir/bin:$PATH\" +eval \"\$(rbenv init -)\" +#rbenv" > /etc/profile.d/rbenv.sh + + # Load the right environment for the Installation + eval "$(rbenv init -)" + + (cd $final_path + rbenv local $ruby_version) +} + +# Remove the version of ruby used by the app. +# +# This helper will check if another app uses the same version of ruby, +# if not, this version of ruby will be removed. +# If no other app uses ruby, rbenv will be also removed. +# +# usage: ynh_remove_ruby +ynh_remove_ruby () { + ruby_version=$(ynh_app_setting_get $app ruby_version) + + # Remove the line for this app + sed --in-place "/$YNH_APP_ID:$ruby_version/d" "$rbenv_install_dir/ynh_app_version" + + # If no other app uses this version of ruby, remove it. + if ! grep --quiet "$ruby_version" "$rbenv_install_dir/ynh_app_version" + then + $rbenv_install_dir/bin/rbenv uninstall --force $ruby_version + fi + + # Remove rbenv environment configuration + rm /etc/profile.d/rbenv.sh + + # If no other app uses rbenv, remove rbenv and dedicated group + if [ ! -s "$rbenv_install_dir/ynh_app_version" ] + then + ynh_secure_remove "$rbenv_install_dir" + fi +} \ No newline at end of file diff --git a/scripts/install b/scripts/install index 9510a90..c6407c4 100644 --- a/scripts/install +++ b/scripts/install @@ -34,53 +34,52 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= +ynh_script_progression --message="Validating installation parameters..." --time --weight=1 +### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". +### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app" final_path=/opt/$app -test ! -e "$final_path" || ynh_die "This path already contains a folder" +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" -# Normalize the url path syntax -path_url=$(ynh_normalize_url_path $path_url) - -# Check web path availability -ynh_webpath_available $domain $path_url # Register (book) web path -ynh_webpath_register $app $domain $path_url +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= +ynh_script_progression --message="Storing installation settings..." --time --weight=1 -ynh_app_setting_set $app domain $domain -ynh_app_setting_set $app path $path_url -ynh_app_setting_set $app is_public $is_public +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=is_public --value=$is_public #================================================= # FIND AND OPEN A PORT #================================================= -#ynh_print_info "Open port..." +ynh_script_progression --message="Configuring firewall..." --time --weight=1 -### Use these lines if you have to open a port for the application -### `ynh_find_port` will find the first available port starting from the given port. -### If you're not using these lines: -### - Remove the section "CLOSE A PORT" in the remove script - -# Find a free port -port=$(ynh_find_port 3000) - -# Open this port -#yunohost firewall allow --no-upnp TCP $port 2>&1 -ynh_app_setting_set $app port $port +# Find an available port +port=$(ynh_find_port --port=3000) +ynh_app_setting_set --app=$app --key=port --value=$port #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_print_info "Installing dependencies..." +ynh_script_progression --message="Installing dependencies..." --time --weight=1 ynh_install_app_dependencies $pkg_dependencies -ynh_print_info "Installing Rails & Bunlder..." +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing Rails & Bunlder..." --time --weight=1 -gem install rails:5.2.2 bundler:2.0.1 +ynh_install_ruby --ruby_version=$RUBY_VERSION + +gem install bundler + +bundle install --without development test +bundle exec rake generate_secret_token #================================================= # CREATE A POSTGRESQL DATABASE @@ -172,23 +171,29 @@ ynh_add_nginx_config # SECURE FILES AND DIRECTORIES #================================================= -### For security reason, any app should set the permissions to root: before anything else. -### Then, if write authorization is needed, any access should be given only to directories -### that really need such authorization. - # Set permissions to app files chown -R $app:$app $final_path #================================================= # SETUP SSOWAT #================================================= +ynh_script_progression --message="Configuring SSOwat..." --weight=1 -# If app is public, add url to SSOWat conf as skipped_uris -if [ $is_public -eq 1 ]; then - # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set "$app" unprotected_uris "/" +# Make app public if necessary or protect it +if [ $is_public -eq 1 ] +then + ynh_permission_update --permission "main" --add "visitors" fi -# Reload services -systemctl start $app.service -systemctl reload nginx +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Installation of $app completed" --time --last diff --git a/scripts/restore b/scripts/restore index aea3a09..d2b695e 100644 --- a/scripts/restore +++ b/scripts/restore @@ -52,6 +52,7 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= + var_root=/home/yunohost.app/$app ynh_restore_file "$final_path" ynh_restore_file "$var_root" diff --git a/scripts/upgrade b/scripts/upgrade index c4b6b05..ea2b02d 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -87,9 +87,9 @@ ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= -#ynh_print_info "Upgrading dependencies..." +ynh_print_info "Upgrading dependencies..." -#ynh_install_app_dependencies $pkg_dependencies +ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER @@ -99,14 +99,6 @@ ynh_print_info "Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create $app -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -#ynh_print_info "Upgrading php-fpm configuration..." - -# Create a dedicated php-fpm config -#ynh_add_fpm_config - #================================================= # SPECIFIC UPGRADE #================================================= @@ -146,18 +138,6 @@ ynh_add_systemd_config # Set permissions on app files chown -R $app:$app $final_path -#================================================= -# SETUP SSOWAT -#================================================= -ynh_print_info "Upgrading SSOwat configuration..." - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - # unprotected_uris allows SSO credentials to be passed anyway - ynh_app_setting_set $app unprotected_uris "/" -fi - #================================================= # RELOAD NGINX #=================================================