diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100644 index 0000000..2729a6b --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,55 @@ +--- +name: Bug report +about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently. + +--- + +**How to post a meaningful bug report** +1. *Read this whole template first.* +2. *Determine if you are on the right place:* + - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* + - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.* + - *When in doubt, post here and we will figure it out together.* +3. *Delete the italic comments as you write over them below, and remove this guide.* +--- + +### Describe the bug + +*A clear and concise description of what the bug is.* + +### Context + +- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...* +- YunoHost version: x.x.x +- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...* +- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes* + - If yes, please explain: +- Using, or trying to install package version/branch: +- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`* + +### Steps to reproduce + +- *If you performed a command from the CLI, the command itself is enough. For example:* + ```sh + sudo yunohost app install the_app + ``` +- *If you used the webadmin, please perform the equivalent command from the CLI first.* +- *If the error occurs in your browser, explain what you did:* + 1. *Go to '...'* + 2. *Click on '...'* + 3. *Scroll down to '...'* + 4. *See error* + +### Expected behavior + +*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.* + +### Logs + +*When an operation fails, YunoHost provides a simple way to share the logs.* +- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.* +- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.* + +*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)* + +*If applicable and useful, add screenshots to help explain your problem.* diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..ef70e18 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,16 @@ +## Problem + +- *Description of why you made this PR* + +## Solution + +- *And how do you fix that problem* + +## PR Status + +- [ ] Code finished and ready to be reviewed/tested +- [ ] The fix/enhancement were manually tested (if applicable) + +## Automatic tests + +Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization) diff --git a/README.md b/README.md index 8818b1f..1bfe75e 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,31 @@ -# Redirect App + + +# Redirect for YunoHost + +[![Integration level](https://dash.yunohost.org/integration/redirect.svg)](https://dash.yunohost.org/appci/app/redirect) ![](https://ci-apps.yunohost.org/ci/badges/redirect.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/redirect.maintain.svg) +[![Install Redirect with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=redirect) + +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allows you to install Redirect quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* + +## Overview + +Create a redirection or a proxy to another path. + +**Shipped version:** 1.0.0~ynh5 + + + +## Disclaimers / important information **Add a link on your user panel redirecting to another page or app, which can be protected behind your panel for some**. -It could be an invisible redirect, an external link, another app on your local network, a reverse proxy to an app or a Docker container... Some apps can be even be protected behind your panel (meaning that you will have to log-in to access them). The only limit is your imagination - and Nginx ;). +It could be an invisible redirect, an external link, another app on your local network, a reverse proxy to an app or a Docker container... Some apps can be even be protected behind your panel (meaning that you will have to log-in to access them). The only limit is your imagination - and NGINX ;). This app only adds a Nginx configuration file with `redirect` or `proxy_pass` rule, and a YunoHost tile. Nothing more. @@ -10,20 +33,18 @@ This app only adds a Nginx configuration file with `redirect` or `proxy_pass` ru ### Visible redirect -Visitor's address bar will change. Helpfull to add a user link to another -website +Visitor's address bar will change. Helpfull to add a user link to another website you-domain.com -> another-domain.net you-domain.com/foo -> another-domain.net/bar ### Invisible (proxy) redirect -Visitor's address bar will remain the same. Mostly use to serve local webserver -for a personnal application. +Visitor's address bar will remain the same. Mostly use to serve local webserver for a personnal application. you-domain.com/foo -> http://172.0.0.1:8080/app -**IMPORTANT:** the redirect.conf file might need to be updated according to your situation! +**IMPORTANT:** the `redirect.conf` file might need to be updated according to your situation! **WARNING:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ HAVE TO be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/ @@ -51,3 +72,22 @@ In case of a private redirect, the app will be available to logged in users only ## Credits Insprired by [scith](https://github.com/scith) work. + +## Documentation and resources + +* Official app website: https://github.com/YunoHost-Apps/redirect_ynh +* YunoHost documentation for this app: https://yunohost.org/app_redirect +* Report a bug: https://github.com/YunoHost-Apps/redirect_ynh/issues + +## Developer info + +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/redirect_ynh/tree/testing). + +To try the testing branch, please proceed like that. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug +or +sudo yunohost app upgrade redirect -u https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug +``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..9bf3438 --- /dev/null +++ b/README_fr.md @@ -0,0 +1,89 @@ +# Redirect pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/redirect.svg)](https://dash.yunohost.org/appci/app/redirect) ![](https://ci-apps.yunohost.org/ci/badges/redirect.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/redirect.maintain.svg) +[![Installer Redirect avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=redirect) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer Redirect rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +Créer une redirection ou un proxy vers un autre emplacement + +**Version incluse :** 1.0.0~ynh5 + + + +## Avertissements / informations importantes + +**Add a link on your user panel redirecting to another page or app, which can be protected behind your panel for some**. + +It could be an invisible redirect, an external link, another app on your local network, a reverse proxy to an app or a Docker container... Some apps can be even be protected behind your panel (meaning that you will have to log-in to access them). The only limit is your imagination - and NGINX ;). + +This app only adds a Nginx configuration file with `redirect` or `proxy_pass` rule, and a YunoHost tile. Nothing more. + +## Redirect type + +### Visible redirect + +Visitor's address bar will change. Helpfull to add a user link to another website + + you-domain.com -> another-domain.net + you-domain.com/foo -> another-domain.net/bar + +### Invisible (proxy) redirect + +Visitor's address bar will remain the same. Mostly use to serve local webserver for a personnal application. + + you-domain.com/foo -> http://172.0.0.1:8080/app + +**IMPORTANT:** the `redirect.conf` file might need to be updated according to your situation! + +**WARNING:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ HAVE TO be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/ + +*Concrete example:* the Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/ + +## Public or private redirect + +In case of a private redirect, the app will be available to logged in users only. This could be useful if you want to protect behind the SSO an app from your local network or from the server (e.g., a Docker container or an app that does not have user management or password protection). + +**IMPORTANT:** Make sure that the app you want to protect CANNOT be accessed by its port or another direct link. Otherwise, your app will only be protected in YunoHost but would still be available through its direct link. In the case of a Docker container, the port of the container will have to be local (e.g., -p 127.0.0.1:9000:9000). + +## Case examples + +- **Creating a tile for a Docker container** with a local port (e.g., -p 127.0.0.1:PORT:PORT): proxy redirect to http://127.0.0.1:PORT-OF-THE-CONTAINER/ + +- **Redirecting to an external website**: visible redirect to the URL + +- [CozyCloud behind YunoHost?](https://forum.cozy.io/t/cozy-cloud-sous-yunohost/616/11) + +- **Creating a tile and protecting apps that are difficult to package natively (or for prototyping)** + + +**_Feel free to [share your case examples and customized Nginx files on the forum](https://forum.yunohost.org/t/2182)._** + +## Credits + +Insprired by [scith](https://github.com/scith) work. + +## Documentations et ressources + +* Site officiel de l'app : https://github.com/YunoHost-Apps/redirect_ynh +* Documentation YunoHost pour cette app : https://yunohost.org/app_redirect +* Signaler un bug : https://github.com/YunoHost-Apps/redirect_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/redirect_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug +ou +sudo yunohost app upgrade redirect -u https://github.com/YunoHost-Apps/redirect_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/check_process b/check_process index 32179d7..7d507d0 100644 --- a/check_process +++ b/check_process @@ -1,41 +1,21 @@ -# See here for more informations -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - is_public=1 (PUBLIC|public=1|private=0) - redirect_type="visible_302" + domain="domain.tld" + path="/path" + redirect_type="public_302" redirect_path="http://127.0.0.1" ; Checks pkg_linter=1 setup_sub_dir=1 setup_root=1 setup_nourl=0 + setup_private=0 setup_private=1 setup_public=1 upgrade=1 backup_restore=1 multi_instance=1 - incorrect_path=1 - port_already_use=0 change_url=0 -;;; Levels - Level 1=auto - Level 2=auto - Level 3=auto -# Level 4: - Level 4=0 -# Level 5: - Level 5=auto - Level 6=auto - Level 7=auto - Level 8=0 - Level 9=0 - Level 10=0 ;;; Options Email= -Notification=none \ No newline at end of file +Notification=none diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..48b5c67 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,49 @@ +**Add a link on your user panel redirecting to another page or app, which can be protected behind your panel for some**. + +It could be an invisible redirect, an external link, another app on your local network, a reverse proxy to an app or a Docker container... Some apps can be even be protected behind your panel (meaning that you will have to log-in to access them). The only limit is your imagination - and NGINX ;). + +This app only adds a Nginx configuration file with `redirect` or `proxy_pass` rule, and a YunoHost tile. Nothing more. + +## Redirect type + +### Visible redirect + +Visitor's address bar will change. Helpfull to add a user link to another website + + you-domain.com -> another-domain.net + you-domain.com/foo -> another-domain.net/bar + +### Invisible (proxy) redirect + +Visitor's address bar will remain the same. Mostly use to serve local webserver for a personnal application. + + you-domain.com/foo -> http://172.0.0.1:8080/app + +**IMPORTANT:** the `redirect.conf` file might need to be updated according to your situation! + +**WARNING:** Many apps do not support being redirected to a different path due to relative links! This means that some apps being hosted for example on http://127.0.0.1:5050/app/ HAVE TO be redirected to http://domain.tld/app/ and NOT http://domain.tld/someotherapp/ + +*Concrete example:* the Odoo Docker container runs on http://127.0.0.1:8069/. You will not be able to redirect it to http://domain.tld/odoo/ ! You have to redirect it to the root, so for example http://odoo.domain.tld/ + +## Public or private redirect + +In case of a private redirect, the app will be available to logged in users only. This could be useful if you want to protect behind the SSO an app from your local network or from the server (e.g., a Docker container or an app that does not have user management or password protection). + +**IMPORTANT:** Make sure that the app you want to protect CANNOT be accessed by its port or another direct link. Otherwise, your app will only be protected in YunoHost but would still be available through its direct link. In the case of a Docker container, the port of the container will have to be local (e.g., -p 127.0.0.1:9000:9000). + +## Case examples + +- **Creating a tile for a Docker container** with a local port (e.g., -p 127.0.0.1:PORT:PORT): proxy redirect to http://127.0.0.1:PORT-OF-THE-CONTAINER/ + +- **Redirecting to an external website**: visible redirect to the URL + +- [CozyCloud behind YunoHost?](https://forum.cozy.io/t/cozy-cloud-sous-yunohost/616/11) + +- **Creating a tile and protecting apps that are difficult to package natively (or for prototyping)** + + +**_Feel free to [share your case examples and customized Nginx files on the forum](https://forum.yunohost.org/t/2182)._** + +## Credits + +Insprired by [scith](https://github.com/scith) work. diff --git a/manifest.json b/manifest.json index bb22c9d..23ecefe 100644 --- a/manifest.json +++ b/manifest.json @@ -2,19 +2,23 @@ "name": "Redirect", "id": "redirect", "packaging_format": 1, - "requirements": { - "yunohost": ">= 2.7.12" - }, "description": { "en": "Create a redirection or a proxy to another path.", "fr": "Créer une redirection ou un proxy vers un autre emplacement" }, - "version": "1.0.0~ynh2", - "url": "https://github.com/YunoHost-Apps/redirect_ynh", + "version": "1.0.0~ynh5", "license": "AGPL-3.0-or-later", + "url": "https://github.com/YunoHost-Apps/redirect_ynh", + "upstream": { + "license": "AGPL-3.0-or-later", + "website": "https://github.com/YunoHost-Apps/redirect_ynh" + }, "maintainer": { - "name": "opi", - "email": "opi@zeropi.net" + "name": "alexAubin", + "email": "alex.aubin@mailoo.org" + }, + "requirements": { + "yunohost": ">= 4.2.0" }, "multi_instance": true, "services": [ @@ -25,24 +29,17 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain for your redirect", - "fr": "Choisissez un domaine pour votre redirection" - }, "example": "domain.org" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for your redirect", - "fr": "Choisissez un chemin pour votre redirection" - }, "example": "/redirect", "default": "/redirect" }, { "name": "redirect_path", + "type": "string", "ask": { "en": "Redirect destination path", "fr": "Emplacement de destination" @@ -50,27 +47,20 @@ "example": "http://127.0.0.1:8080/app/", "default": "http://127.0.0.1" }, - { - "name": "is_public", - "type": "boolean", - "ask": { - "en": "Is it a public redirect?", - "fr": "Est-ce une redirection publique ?" - }, - "default": false - }, { "name": "redirect_type", + "type": "string", "ask": { "en": "Redirect type", "fr": "Type de redirection" }, "choices": { - "visible_302" : "Visible (302, temporary redirect)", - "visible_301" : "Visible (301, permanent redirect)", - "proxy": "Proxy, invisible (Nginx proxy_pass)" + "public_302" : "Visible redirect (302, temporary). Everybody will be able to access it.", + "public_301" : "Visible redirect (301, permanent). Everybody will be able to access it.", + "public_proxy": "Proxy, invisible (nginx proxy_pass). Everybody will be able to access it.", + "private_proxy": "Proxy, invisible (nginx proxy_pass). Only accessible for allowed users." }, - "default": "visible_302" + "default": "public_302" } ] } diff --git a/scripts/backup b/scripts/backup index ddb8155..cc3bbed 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,12 +6,6 @@ # IMPORT GENERIC HELPERS #================================================= -# if [ ! -e _common.sh ]; then - # Get the _common.sh file if it's not in the current directory -# cp ../settings/scripts/_common.sh ./_common.sh -# chmod a+rx _common.sh -# fi -# source _common.sh source /usr/share/yunohost/helpers #================================================= @@ -24,22 +18,21 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= - -# This is a multi-instance app, meaning it can be installed several times independently -# The id of the app as stated in the manifest is available as $YNH_APP_ID -# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) -# The app instance name is available as $YNH_APP_INSTANCE_NAME -# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -# - ynhexample__{N} for the subsequent installations, with N=3,4, ... -# The app instance name is probably what you are interested the most, since this is -# guaranteed to be unique. This is a good unique identifier to define installation path, -# db names, ... -app=$YNH_APP_INSTANCE_NAME +ynh_print_info --message="Loading installation settings..." # Retrieve arguments -domain=$(yunohost app setting $app domain) +app=$YNH_APP_INSTANCE_NAME +domain=$(ynh_app_setting_get $app domain) + +#================================================= +# BACKUP THE NGINX CONFIGURATION +#================================================= # Copy the conf files -mkdir -p ./conf -cp -a "/etc/nginx/conf.d/${domain}.d/${app}.conf" ./conf/nginx.conf \ No newline at end of file +ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/install b/scripts/install index 935709e..77acee9 100644 --- a/scripts/install +++ b/scripts/install @@ -6,7 +6,6 @@ # IMPORT GENERIC HELPERS #================================================= -# source _common.sh source /usr/share/yunohost/helpers #================================================= @@ -20,38 +19,19 @@ ynh_abort_if_errors # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -# This is a multi-instance app, meaning it can be installed several times independently -# The id of the app as stated in the manifest is available as $YNH_APP_ID -# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) -# The app instance name is available as $YNH_APP_INSTANCE_NAME -# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -# - ynhexample__{N} for the subsequent installations, with N=3,4, ... -# The app instance name is probably what you are interested the most, since this is -# guaranteed to be unique. This is a good unique identifier to define installation path, -# db names, ... -app=$YNH_APP_INSTANCE_NAME - # Retrieve arguments +app=$YNH_APP_INSTANCE_NAME domain=$YNH_APP_ARG_DOMAIN -path=$YNH_APP_ARG_PATH -is_public=$YNH_APP_ARG_IS_PUBLIC +path_url=$YNH_APP_ARG_PATH redirect_type=$YNH_APP_ARG_REDIRECT_TYPE redirect_path=$YNH_APP_ARG_REDIRECT_PATH -# Remove trailing slash to path -path=${path%/} -#force location to be / or /foo -location=${path:-/} - # Check domain/path availability -yunohost app checkurl $domain$path -a $app \ - || ynh_die "Path not available: $domain$path" +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url # Validate redirect path url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]' -[[ ! $redirect_path =~ $url_regex ]] && ynh_die \ -"Invalid destination: $redirect_path" 1 +[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1 # Avoid uncrypted remote destination with reverse proxy mode # Indeed the SSO send the password in all requests in HTTP headers @@ -60,42 +40,54 @@ url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+) "For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $redirect_path" 1 # Save extra settings -yunohost app setting $app is_public -v "$is_public" -yunohost app setting $app redirect_type -v "$redirect_type" -yunohost app setting $app redirect_path -v "$redirect_path" +ynh_app_setting_set --app=$app --key=redirect_type --value=$redirect_type +ynh_app_setting_set --app=$app --key=redirect_path --value=$redirect_path + +#================================================= +# CONFIGURE NGINX +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." --weight=1 # Nginx configuration -sed -i "s@YNH_LOCATION@$location@g" ../conf/nginx-*.conf -if [ "$redirect_type" = "visible_302" ]; +for FILE in $(ls ../conf/nginx-*.conf) +do + ynh_replace_string "YNH_LOCATION" "$path_url" $FILE +done +if [ "$redirect_type" = "public_302" ]; then - sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-302.conf + ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf -elif [ "$redirect_type" = "visible_301" ]; +elif [ "$redirect_type" = "public_301" ]; then - sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-301.conf + ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf -elif [ "$redirect_type" = "proxy" ]; +elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ]; then - sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-proxy.conf + ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf fi #================================================= -# SETUP SSOWAT +# CONFIGURE SSOWAT #================================================= +ynh_script_progression --message="Configuring permissions..." --weight=2 -if [[ "$is_public" -eq 0 ]] -then # Remove the public access - ynh_app_setting_delete "$app" skipped_uris -fi # Make app public if necessary -if [[ "$is_public" -eq 1 ]] +if [ "$redirect_type" != "private_proxy" ] then # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set "$app" unprotected_uris "/" + ynh_permission_update --permission="main" --add="visitors" fi +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -# Reload Nginx and regenerate SSOwat conf -service nginx reload -yunohost app ssowatconf +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 32159db..304eab7 100644 --- a/scripts/remove +++ b/scripts/remove @@ -6,31 +6,33 @@ # IMPORT GENERIC HELPERS #================================================= -# source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= - -# This is a multi-instance app, meaning it can be installed several times independently -# The id of the app as stated in the manifest is available as $YNH_APP_ID -# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) -# The app instance name is available as $YNH_APP_INSTANCE_NAME -# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -# - ynhexample__{N} for the subsequent installations, with N=3,4, ... -# The app instance name is probably what you are interested the most, since this is -# guaranteed to be unique. This is a good unique identifier to define installation path, -# db names, ... -app=$YNH_APP_INSTANCE_NAME +ynh_script_progression --message="Loading installation settings..." --weight=1 # Retrieve arguments -domain=$(yunohost app setting $app domain) +app=$YNH_APP_INSTANCE_NAME +domain=$(ynh_app_setting_get --app=$app --key=domain) + +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= # Remove configuration files -rm -f /etc/nginx/conf.d/$domain.d/$app.conf +ynh_secure_remove /etc/nginx/conf.d/$domain.d/$app.conf -# Restart services -service nginx reload -yunohost app ssowatconf +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 1a4b8e8..c333112 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,12 +6,6 @@ # IMPORT GENERIC HELPERS #================================================= -# if [ ! -e _common.sh ]; then - # Get the _common.sh file if it's not in the current directory -# cp ../settings/scripts/_common.sh ./_common.sh -# chmod a+rx _common.sh -# fi -# source _common.sh source /usr/share/yunohost/helpers #================================================= @@ -25,45 +19,23 @@ ynh_abort_if_errors # LOAD SETTINGS #================================================= -# This is a multi-instance app, meaning it can be installed several times independently -# The id of the app as stated in the manifest is available as $YNH_APP_ID -# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) -# The app instance name is available as $YNH_APP_INSTANCE_NAME -# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -# - ynhexample__{N} for the subsequent installations, with N=3,4, ... -# The app instance name is probably what you are interested the most, since this is -# guaranteed to be unique. This is a good unique identifier to define installation path, -# db names, ... -app=$YNH_APP_INSTANCE_NAME - # Retrieve arguments +app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get "$app" domain) -path=$(ynh_app_setting_get "$app" path) -is_public=$(ynh_app_setting_get "$app" is_public) +path_url=$(ynh_app_setting_get "$app" path) redirect_type=$(ynh_app_setting_get "$app" redirect_type) redirect_path=$(ynh_app_setting_get "$app" redirect_path) -# Remove trailing slash to path -path=${path%/} - -# Check domain/path availability -yunohost app checkurl $domain$path -a $app \ - || die "The path ${domain}${path} is not available for app installation." - # Validate redirect path url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]' -[[ ! $redirect_path =~ $url_regex ]] && ynh_die \ -"Invalid destination: $redirect_path" 1 +[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1 # Check configuration files NGINX_CONF="/etc/nginx/conf.d/${domain}.d/${app}.conf" -[[ -f $NGINX_CONF ]] && die \ -"The NGINX configuration already exists at '${NGINX_CONF}'. - You should safely delete it before restoring this app." +[[ -f $NGINX_CONF ]] && ynh_die "The NGINX configuration already exists at '${NGINX_CONF}'. You should safely delete it before restoring this app." # Restore configuration files -cp -a ./conf/nginx.conf "$NGINX_CONF" +ynh_restore_file "$NGINX_CONF" #================================================= # SETUP SSOWAT @@ -74,12 +46,21 @@ then # Remove the public access ynh_app_setting_delete "$app" skipped_uris fi # Make app public if necessary -if [[ "$is_public" -eq 1 ]] +if [ "$redirect_type" != "private_proxy" ] then # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set "$app" unprotected_uris "/" + ynh_permission_update --permission="main" --add="visitors" fi -# Reload Nginx and regenerate SSOwat conf -service nginx reload -yunohost app ssowatconf +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 027b27c..7b9df56 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,32 +7,16 @@ # IMPORT GENERIC HELPERS #================================================= -# source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -# This is a multi-instance app, meaning it can be installed several times independently -# The id of the app as stated in the manifest is available as $YNH_APP_ID -# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) -# The app instance name is available as $YNH_APP_INSTANCE_NAME -# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -# - ynhexample__{N} for the subsequent installations, with N=3,4, ... -# The app instance name is probably what you are interested the most, since this is -# guaranteed to be unique. This is a good unique identifier to define installation path, -# db names, ... -app=$YNH_APP_INSTANCE_NAME - -# Source app helpers -. /usr/share/yunohost/helpers - # Retrieve arguments +app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get "$app" domain) -path=$(ynh_app_setting_get "$app" path) -is_public=$(ynh_app_setting_get "$app" is_public) +path_url=$(ynh_app_setting_get "$app" path) redirect_type=$(ynh_app_setting_get "$app" redirect_type) redirect_path=$(ynh_app_setting_get "$app" redirect_path) @@ -41,14 +25,6 @@ redirect_path=$(ynh_app_setting_get "$app" redirect_path) #================================================= # Fix is_public as a boolean value -if [ "$is_public" = "Yes" ]; then - ynh_app_setting_set $app is_public 1 - is_public=1 -elif [ "$is_public" = "No" ]; then - ynh_app_setting_set $app is_public 0 - is_public=0 -fi - # Default value for redirect_type if upgrading from https://github.com/scith/redirect_ynh if [ -z "$redirect_type" ]; then @@ -56,6 +32,40 @@ then ynh_app_setting_set $app 'redirect_type' $redirect_type fi +# Migrate away from old stuff with 'is_public' and old redirect type names +is_public=$(ynh_app_setting_get "$app" is_public) +if [ -n "$is_public" ] +then + if [ "$is_public" = "Yes" ]; then + is_public=1 + elif [ "$is_public" = "No" ]; then + is_public=0 + fi + + if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then + echo "WARNING: You previously had a 'supposedly' private 301 or 302 redirection ... but it was found that it was public all along and it is not easy to create such a private redirection. Your 301 or 302 redirection will be re-flagged as public..." >&2 + is_public=1 + fi + + if [ "$redirect_type" == "proxy" ] && [ "$is_public" = "1" ] + then + redirect_type="public_proxy" + elif [ "$redirect_type" == "proxy" ] && [ "$is_public" = "0" ] + then + redirect_type="private_proxy" + elif [ "$redirect_type" == "visible_302" ] + then + redirect_type="public_302" + elif [ "$redirect_type" == "visible_301" ] + then + redirect_type="public_301" + fi + + ynh_app_setting_set $app 'redirect_type' $redirect_type + ynh_app_setting_set $app 'is_public' +fi + + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -69,51 +79,53 @@ ynh_clean_setup () { # Exit if an error occurs during the execution of the script ynh_abort_if_errors -# Remove trailing slash to path -path=${path%/} -#force location to be / or /foo -location=${path:-/} - -# Check domain/path availability -yunohost app checkurl $domain$path -a $app \ - || ynh_die "Path not available: $domain$path" - # Validate redirect path url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]' -[[ ! $redirect_path =~ $url_regex ]] && ynh_die \ -"Invalid destination: $redirect_path" 1 +[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1 + +#================================================= +# CONFIGURE NGINX +#================================================= # Nginx configuration -sed -i "s@YNH_LOCATION@$location@g" ../conf/nginx-*.conf -if [ "$redirect_type" = "visible_302" ]; +for FILE in $(ls ../conf/nginx-*.conf) +do + ynh_replace_string "YNH_LOCATION" "$path_url" $FILE +done +if [ "$redirect_type" = "public_302" ]; then - sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-302.conf + ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf -elif [ "$redirect_type" = "visible_301" ]; +elif [ "$redirect_type" = "public_301" ]; then - sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-visible-301.conf + ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf -elif [ "$redirect_type" = "proxy" ]; +elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ]; then - sed -i "s@YNH_REDIRECT_PATH@$redirect_path@g" ../conf/nginx-proxy.conf + ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf fi #================================================= -# SETUP SSOWAT +# CONFIGURE SSOWAT #================================================= -if [[ "$is_public" -eq 0 ]] -then # Remove the public access - ynh_app_setting_delete "$app" skipped_uris -fi # Make app public if necessary -if [[ "$is_public" -eq 1 ]] +if [ "$redirect_type" != "private_proxy" ] then # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set "$app" unprotected_uris -v "/" + ynh_permission_update --permission="main" --add="visitors" fi -# Reload Nginx and regenerate SSOwat conf -service nginx reload -yunohost app ssowatconf +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" --last