Merge branch 'testing'

.gitignore

@@ -1 +1,2 @@
 *.sw*
+.vagrant

README.md

@@ -16,6 +16,7 @@ A [Restic](https://restic.net/) package for YunoHost (heavily inspired by [the B
 
 Restic is a backup tool that can make local and remote backups.
 This package uses restic to make backups to a sftp server.
+The package does not handle local backups yet but you can work around that by using the local sftp server as target server (see my comment [here](https://forum.yunohost.org/t/sauvegarde-yunohost-avec-restic/10275/33)).
 
 ## Usage
 

Vagrantfile

@@ -0,0 +1,13 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant.configure("2") do |config|
+  config.vm.box = "generic/debian10"
+  config.vm.provision "ansible" do |ansible|
+    ansible.playbook = "playbook.yml"
+  end
+  config.vm.provider :libvirt do |libvirt|
+    libvirt.memory = 3072
+  end
+  config.vm.synced_folder ".", "/restic_ynh"
+end

check-yunohost-package.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+vagrant up
+vagrant ssh -c "/package_check/package_check.sh /restic_ynh"
+vagrant halt

conf/backup_method.j2

@@ -5,17 +5,17 @@ set -e
 ###
 # Fetch information from YNH settings
 ###
-RESTIC_SERVER=$(yunohost app setting restic server)
+RESTIC_SERVER=$(yunohost app setting {{ app }} server)
-RESTIC_SERVER_PORT=$(yunohost app setting restic port)
+RESTIC_SERVER_PORT=$(yunohost app setting {{ app }} port)
-RESTIC_SERVER_USER=$(yunohost app setting restic ssh_user)
+RESTIC_SERVER_USER=$(yunohost app setting {{ app }} ssh_user)
-RESTIC_PATH=$(yunohost app setting restic backup_path)
+RESTIC_PATH=$(yunohost app setting {{ app }} backup_path)
 
-RESTIC_PASSWORD="$(yunohost app setting restic passphrase)"
+RESTIC_PASSWORD="$(yunohost app setting {{ app }} passphrase)"
 RESTIC_REPOSITORY_BASE=sftp://$RESTIC_SERVER_USER@$RESTIC_SERVER:$RESTIC_SERVER_PORT/$RESTIC_PATH/
 
-RESTIC_COMMAND=/usr/local/bin/restic
+RESTIC_COMMAND=/usr/local/bin/{{ app }}
-LOGFILE=/var/log/restic_backup.log
+LOGFILE=/var/log/restic_backup_{{ app }}.log
-ERRFILE=/var/log/restic_backup.err
+ERRFILE=/var/log/restic_backup_{{ app }}.err
 
 do_need_mount() {
     work_dir="$1"

conf/check-restic.j2

@@ -20,13 +20,13 @@ CHECK_READ_DATA=${1:-0}
 # Check system part conf
 conf=$(yunohost app setting {{ app }} conf)
 if [ $conf -eq 1 ];then
-  {{final_path}}/check_method auto_conf ${CHECK_READ_DATA}
+  {{final_path}}/check_method_{{ app }} auto_conf ${CHECK_READ_DATA}
 fi
 
 # Check system data
 data=$(yunohost app setting {{ app }} data)
 if [ $data -eq 1 ];then
-  {{final_path}}/check_method auto_data ${CHECK_READ_DATA}
+  {{final_path}}/check_method_{{ app }} auto_data ${CHECK_READ_DATA}
 fi
 
 # Check all apps independently
@@ -40,7 +40,7 @@ for app in $(ls /etc/yunohost/apps/*/scripts/backup | cut -d / -f 5); do
     fi
   done
   if [ "$check_app" == "true" ];then
-    {{final_path}}/check_method auto_${app} ${CHECK_READ_DATA}
+    {{final_path}}/check_method_{{ app }} auto_${app} ${CHECK_READ_DATA}
   fi
 done
 rm "$LOCK_FILE"

conf/check_method.j2

@@ -2,15 +2,15 @@
 
 set -e
 
-RESTIC_SERVER=$(yunohost app setting restic server)
+RESTIC_SERVER=$(yunohost app setting {{ app }} server)
-RESTIC_SERVER_PORT=$(yunohost app setting restic port)
+RESTIC_SERVER_PORT=$(yunohost app setting {{ app }} port)
-RESTIC_SERVER_USER=$(yunohost app setting restic ssh_user)
+RESTIC_SERVER_USER=$(yunohost app setting {{ app }} ssh_user)
-RESTIC_PATH=$(yunohost app setting restic backup_path)
+RESTIC_PATH=$(yunohost app setting {{ app }} backup_path)
 
-RESTIC_PASSWORD="$(yunohost app setting restic passphrase)"
+RESTIC_PASSWORD="$(yunohost app setting {{ app }} passphrase)"
 RESTIC_REPOSITORY_BASE=sftp://$RESTIC_SERVER_USER@$RESTIC_SERVER:$RESTIC_SERVER_PORT/$RESTIC_PATH/
 
-RESTIC_COMMAND=/usr/local/bin/restic
+RESTIC_COMMAND=/usr/local/bin/{{ app }}
 
 do_check() {
 
@@ -18,8 +18,8 @@ do_check() {
     local check_read_data="$2"
     export RESTIC_PASSWORD
     export RESTIC_REPOSITORY=${RESTIC_REPOSITORY_BASE}/$name
-    LOGFILE=/var/log/restic_check.log
+    LOGFILE=/var/log/restic_check_{{ app }}.log
-    ERRFILE=/var/log/restic_check.err
+    ERRFILE=/var/log/restic_check_{{ app }}.err
     current_date=$(date +"%d_%m_%y_%H:%M")
     echo -e "\n==============\n${current_date}\n==============\n" | tee -a ${LOGFILE} | tee -a ${ERRFILE}
     if [ "$check_read_data" -eq "1" ];then

conf/systemd.service

@@ -5,7 +5,7 @@ After=network.target
 [Service]
 Type=oneshot
 ExecStart=/usr/local/bin/backup-with-__APP__
-ExecStartPost=/opt/yunohost/__APP__/restic_log
+ExecStartPost=/opt/yunohost/__APP__/restic_log___APP__
 User=root
 Group=root
 

manifest.json

@@ -6,7 +6,7 @@
     "en": "Backup your server with restic.",
     "fr": "Sauvegardez votre serveur avec restic."
   },
-  "version": "0.12.0~ynh1",
+  "version": "0.12.0~ynh2",
   "url": "https://restic.net/",
   "license": "BSD-2-Clause",
   "maintainer": {

playbook.yml

@@ -0,0 +1,117 @@
+---
+- name: upgrade
+  hosts: all
+  become: true
+  vars:
+    ansible_python_interpreter: python3
+  tasks:
+    - name: set timezone
+      community.general.timezone:
+        name: Europe/Paris
+    - name: upgrade
+      apt:
+        upgrade: true
+        update_cache: true
+    - name: stat reboot-required file
+      stat:
+        path: /var/run/reboot-required
+      register: _reboot_required_stat
+    - name: debug _reboot_required_stat
+      debug:
+        var: _reboot_required_stat
+    - name: reboot if required
+      reboot:
+      when: _reboot_required_stat.stat.exists
+- name: get package checker
+  hosts: all
+  become: true
+  vars:
+    ansible_python_interpreter: python3
+  tasks:
+    - name: install git
+      apt:
+        name: git
+        state: present
+    - name: clone package checker
+      git:
+        repo: 'https://github.com/YunoHost/package_check.git'
+        dest: /package_check
+    - name: set vagrant as package check owner
+      file:
+        path: /package_check
+        owner: vagrant
+        group: vagrant
+- name: install package checker requirements
+  hosts: all
+  become: true
+  vars:
+    ansible_python_interpreter: python3
+  tasks:
+    - name: install test env required apt packages
+      apt:
+        name:
+          - git
+          - snapd
+        state: present
+    - name: install snap core package
+      community.general.snap:
+        name:
+          - core
+    - name: install snap lxd package
+      community.general.snap:
+        name:
+          - lxd
+    - name: make vagrant user member of lxd group
+      user:
+        name: vagrant
+        groups: lxd
+        append: true
+    - name: add lxc and lxd to /usr/local/bin
+      file:
+        dest: /usr/local/bin/{{ item }}
+        src: /snap/bin/{{ item }}
+        state: link
+      loop:
+        - lxc
+        - lxd
+    - name: install test script required apt packages
+      apt:
+        name:
+          - python3-pexpect
+          - python3-pip
+          - lynx
+          - jq
+    - name: create ansible local facts directory
+      file:
+        path: /etc/ansible/facts.d
+        state: directory
+    - name: debug local facts
+      debug:
+        var: ansible_local
+    - name: initialize lxd
+      command: lxd init --auto
+      notify:
+        - update local facts
+      when: >
+        'provision' not in ansible_local
+        or 'lxd' not in ansible_local['provision']
+        or 'initialized' not in ansible_local['provision']['lxd']
+        or not ansible_local['provision']['lxd']['initialized']
+    - name: list lxc remotes
+      become_user: vagrant
+      command: lxc remote list
+      changed_when: "'yunohost' not in _lxc_remote_list.stdout"
+      register: _lxc_remote_list
+      notify:
+        - add lxc yunohost remote
+  handlers:
+    - name: update local facts
+      copy:
+        dest: /etc/ansible/facts.d/provision.fact
+        content: |
+          [lxd]
+          initialized=true
+    - name: add lxc yunohost remote
+      become_user: vagrant
+      command: lxc remote add yunohost https://devbaseimgs.yunohost.org --public --accept-certificate
+      changed_when: true

scripts/_common.sh

@@ -32,8 +32,8 @@ install_restic () {
   sum=$(sha256sum /tmp/restic.bz2 | awk '{print $1}')
   if [ "$sum" == "$expected_sum" ];then
     pkill restic || true
-    bunzip2 /tmp/restic.bz2 -f -c > /usr/local/bin/restic
+    bunzip2 /tmp/restic.bz2 -f -c > /usr/local/bin/${app}
-    chmod +x /usr/local/bin/restic
+    chmod +x /usr/local/bin/${app}
   else
     ynh_die --message="\nDownloaded file does not match expected sha256 sum, aborting"
   fi

scripts/install

@@ -48,14 +48,14 @@ mkdir -p /usr/share/yunohost/backup_method
 #=================================================
 ynh_script_progression --message="Setting up backup methods"
 ynh_configure backup_method "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
-ynh_configure check_method "${final_path}/check_method"
+ynh_configure check_method "${final_path}/check_method_${app}"
 
 #=================================================
 # SETUP LOG SCRIPT
 #=================================================
 ynh_script_progression --message="Setting up log script"
-ynh_configure restic_log "${final_path}/restic_log"
+ynh_configure restic_log "${final_path}/restic_log_${app}"
-chmod u+x "${final_path}/restic_log"
+chmod u+x "${final_path}/restic_log_${app}"
 
 #=================================================
 # CONFIGURE CRON
@@ -65,19 +65,19 @@ ynh_configure backup-with-restic "/usr/local/bin/backup-with-${app}"
 ynh_configure check-restic "${final_path}/check-${app}"
 chmod u+x "/usr/local/bin/backup-with-${app}"
 chmod u+x "${final_path}/check-${app}"
-chmod u+x "${final_path}/check_method"
+chmod u+x "${final_path}/check_method_${app}"
 ynh_add_systemd_config --service=${app} --template=systemd.service
 ynh_add_systemd_config --service=${app}_check --template=systemd_check.service
 ynh_add_systemd_config --service=${app}_check_read_data --template=systemd_check_read_data.service
 ynh_configure systemd.timer "/etc/systemd/system/${app}.timer"
 ynh_configure systemd_check.timer "/etc/systemd/system/${app}_check.timer"
 ynh_configure systemd_check_read_data.timer "/etc/systemd/system/${app}_check_read_data.timer"
-systemctl disable ${app}.service
+systemctl disable --quiet ${app}.service
-systemctl disable ${app}_check.service
+systemctl disable --quiet ${app}_check.service
-systemctl disable ${app}_check_read_data.service
+systemctl disable --quiet ${app}_check_read_data.service
-systemctl enable ${app}.timer
+systemctl enable --quiet ${app}.timer
-systemctl enable ${app}_check.timer
+systemctl enable --quiet ${app}_check.timer
-systemctl enable ${app}_check_read_data.timer
+systemctl enable --quiet ${app}_check_read_data.timer
 systemctl start ${app}.timer
 systemctl start ${app}_check.timer
 systemctl start ${app}_check_read_data.timer
@@ -92,8 +92,9 @@ test -f $private_key || ssh-keygen -q -t ed25519 -N "" -f $private_key
 #=================================================
 # GENERATE SSH CONFIG
 #=================================================
-ynh_script_progression --message="Generating ssh config for ${server}"
+ynh_script_progression --message="Generating ssh config for ${app} server ${server}"
-grep -q "${server}" /root/.ssh/config 2>/dev/null || cat << EOCONF >> ~/.ssh/config
+grep -q "${app}" /root/.ssh/config 2>/dev/null || cat << EOCONF >> ~/.ssh/config
+# begin $app ssh config
 Host ${server}
   Hostname ${server}
   Port ${port}
@@ -101,6 +102,7 @@ Host ${server}
   IdentityFile ${private_key}
   StrictHostKeyChecking no
   UserKnownHostsFile /dev/null
+# end $app ssh config
 EOCONF
 
 #=================================================
@@ -119,7 +121,7 @@ ynh_print_OFF
 message="You should now allow the following public key for user ${ssh_user} on server ${server}:
 $(cat ${private_key}.pub)
 
-Do so by running this command on ${server} with user ${ssh_user}:
+Do so by running those commands on ${server} with user ${ssh_user}:
 
 mkdir ~/.ssh 2>/dev/null
 touch ~/.ssh/authorized_keys
@@ -130,7 +132,7 @@ EOPKEY
 
 $(if [ "$backup_path" != "./" ];then echo "Also make sure ${backup_path} exists and is writable by ${ssh_user}";fi)
 
-If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/restic_ynh"
+If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/restic_ynh"
 
 ynh_send_readme_to_admin "$message" "root"
 ynh_print_ON

scripts/remove

@@ -27,7 +27,7 @@ ynh_remove_app_dependencies
 #=================================================
 ynh_script_progression --message="Removing files" --weight=2
 systemctl stop ${app}.timer
-systemctl disable ${app}.timer
+systemctl --quiet disable ${app}.timer
 ynh_remove_systemd_config --service=${app}
 ynh_remove_systemd_config --service=${app}_check
 ynh_remove_systemd_config --service=${app}_check_read_data
@@ -36,7 +36,7 @@ ynh_secure_remove "/etc/systemd/system/${app}_check.timer"
 ynh_secure_remove "/etc/systemd/system/${app}_check_read_data.timer"
 ynh_secure_remove "/usr/local/bin/backup-with-${app}"
 ynh_secure_remove "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
-ynh_secure_remove "${final_path}/check_method"
+ynh_secure_remove "${final_path}/check_method_${app}"
 ynh_secure_remove "${final_path}/check-${app}"
 ynh_secure_remove "${final_path}"
 
@@ -44,4 +44,4 @@ ynh_secure_remove "${final_path}"
 # REMOVE SSH CONFIG
 #=================================================
 ynh_script_progression --message="Removing ssh config" --last
-sed -e "/Host ${server}/,+6d" /root/.ssh/config -i || true
+sed -e "/begin ${app}/,/end ${app}/{/.*/d}" /root/.ssh/config -i || true

scripts/restore

@@ -41,10 +41,9 @@ mkdir -p /usr/share/yunohost/backup_method
 ynh_restore
 
 #=================================================
-# ADVERTISE SERVICE IN ADMIN PANEL
+# ENABLE TIMER
 #=================================================
-yunohost service add $app
+systemctl --quiet enable $app.timer
-systemctl enable $app.timer
 systemctl start $app.timer
 #yunohost service add $app.timer
 #yunohost service enable $app.timer
@@ -53,5 +52,5 @@ systemctl start $app.timer
 #=================================================
 # RESTORE SYSTEMD
 #=================================================
-systemctl enable $app.service
+systemctl --quiet enable $app.service
 

scripts/upgrade

@@ -48,9 +48,9 @@ ynh_clean_setup () {
 ynh_abort_if_errors
 
 
-if grep "restic.timer" /etc/yunohost/services.yml > /dev/null ; then
+if grep "${app}.timer" /etc/yunohost/services.yml > /dev/null ; then
     yunohost service remove $app.timer
-    systemctl enable $app.timer
+    systemctl --quiet enable $app.timer
     systemctl start $app.timer
 fi
 
@@ -72,14 +72,14 @@ mkdir -p /usr/share/yunohost/backup_method
 #=================================================
 ynh_script_progression --message="Setting up backup methods"
 ynh_configure backup_method "/etc/yunohost/hooks.d/backup_method/05-${app}_app"
-ynh_configure check_method "${final_path}/check_method"
+ynh_configure check_method "${final_path}/check_method_${app}"
 
 #=================================================
 # SETUP LOG SCRIPT
 #=================================================
 ynh_script_progression --message="Setting up log script"
-ynh_configure restic_log "${final_path}/restic_log"
+ynh_configure restic_log "${final_path}/restic_log_${app}"
-chmod u+x "${final_path}/restic_log"
+chmod u+x "${final_path}/restic_log_${app}"
 
 #=================================================
 # CONFIGURE CRON
@@ -89,21 +89,50 @@ ynh_configure backup-with-restic "/usr/local/bin/backup-with-${app}"
 ynh_configure check-restic "${final_path}/check-${app}"
 chmod u+x "/usr/local/bin/backup-with-${app}"
 chmod u+x "${final_path}/check-${app}"
-chmod u+x "${final_path}/check_method"
+chmod u+x "${final_path}/check_method_${app}"
 ynh_add_systemd_config --service=${app} --template=systemd.service
 ynh_add_systemd_config --service=${app}_check --template=systemd_check.service
 ynh_add_systemd_config --service=${app}_check_read_data --template=systemd_check_read_data.service
 ynh_configure systemd.timer "/etc/systemd/system/${app}.timer"
 ynh_configure systemd_check.timer "/etc/systemd/system/${app}_check.timer"
 ynh_configure systemd_check_read_data.timer "/etc/systemd/system/${app}_check_read_data.timer"
-systemctl disable ${app}.service
+systemctl --quiet disable ${app}.service
-systemctl disable ${app}_check.service
+systemctl --quiet disable ${app}_check.service
-systemctl disable ${app}_check_read_data.service
+systemctl --quiet disable ${app}_check_read_data.service
-systemctl enable ${app}.timer
+systemctl --quiet enable ${app}.timer
-systemctl enable ${app}_check.timer
+systemctl --quiet enable ${app}_check.timer
-systemctl enable ${app}_check_read_data.timer
+systemctl --quiet enable ${app}_check_read_data.timer
 systemctl start ${app}.timer
 systemctl start ${app}_check.timer
 systemctl start ${app}_check_read_data.timer
 
 ynh_script_progression --message="End of upgrade process" --last
+
+#=================================================
+# UPGRADE SSH CONFIG
+#=================================================
+
+# old versions did not have delimiters in /root/.ssh/config
+# making removal in multi-instance cases break the remaining
+# instances.
+# So we need to add the delimiters if they are missing
+set +o errexit
+set +o nounset
+private_key="/root/.ssh/id_${app}_ed25519"
+grep -q "begin ${app}" /root/.ssh/config
+missing_delimiters="$?"
+if [ "$missing_delimiters" -eq 1 ];then
+  # did not find delimiters so removing old configuration
+  sed -e "/Host ${server}/,+6d" /root/.ssh/config -i || true
+  cat << EOCONF >> ~/.ssh/config
+# begin $app ssh config
+Host ${server}
+  Hostname ${server}
+  Port ${port}
+  User ${ssh_user}
+  IdentityFile ${private_key}
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+# end $app ssh config
+EOCONF
+fi