#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= ynh_clean_setup () { ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= domain=$YNH_APP_ARG_DOMAIN path_url="/" admin=$YNH_APP_ARG_ADMIN password=$YNH_APP_ARG_PASSWORD app=$YNH_APP_INSTANCE_NAME key_seed=$(ynh_string_random --length=18 | xxd -p | head -n1 | cut -c 1-18) jwt_secret=$(ynh_string_random --length=9 | xxd -p | head -n1 | cut -c 1-9) admin_mail="$(ynh_user_get_info --username=$admin --key=mail)" #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=key_seed --value=$key_seed ynh_app_setting_set --app=$app --key=jwt_secret --value=$jwt_secret #================================================= # STANDARD MODIFICATIONS #================================================= # FIND AND OPEN A PORT #================================================= ynh_script_progression --message="Finding an available port..." # Find an available port client_port=$(ynh_find_port --port=8095) ynh_app_setting_set --app=$app --key=client_port --value=$client_port # Open the port ynh_script_progression --message="Configuring firewall..." ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $client_port api_port=$(ynh_find_port --port=$(($client_port + 1))) ynh_app_setting_set --app=$app --key=api_port --value=$api_port guacd_port=$(ynh_find_port --port=$(($api_port + 1))) ynh_app_setting_set --app=$app --key=guacd_port --value=$guacd_port used_start_port=$(ynh_find_port --port=20000) ynh_app_setting_set --app=$app --key=used_start_port --value=$used_start_port used_end_port=$(ynh_find_port --port=30000) ynh_app_setting_set --app=$app --key=used_end_port --value=$used_end_port ynh_exec_warn_less yunohost firewall allow TCP $used_start_port:$used_end_port #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." ynh_install_app_dependencies $pkg_dependencies GUACD_PKG=rport-guacamole_1.4.0_$(lsb_release --id --short | tr '[:upper:]' '[:lower:]')_$(lsb_release --codename --short)_$(uname -m).deb GUACD_DOWNLOAD=https://bitbucket.org/cloudradar/rport-guacamole/downloads/${GUACD_PKG} tempdir="$(mktemp -d)" pushd "$tempdir" curl -fLOSs "$GUACD_DOWNLOAD" || (throw_error "Download failed" && return 0) DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install ./"${GUACD_PKG}" popd ynh_replace_string --match_string="9445" --replace_string="$guacd_port" --target_file="/etc/default/rport-guacamole" systemctl restart rport-guacd ynh_secure_remove --file="$tempdir" #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Configuring system user..." # Create a system user ynh_system_user_create --username=$app --home_dir="$final_path" usermod -a -G ssl-cert "$app" #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_script_progression --message="Creating a MySQL database..." db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path/bin" --source_id="$YNH_ARCH" ynh_setup_source --dest_dir="$final_path/frontend" --source_id="frontend" ynh_setup_source --dest_dir="$final_path/novnc" --source_id="novnc" chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # SPECIFIC SETUP #================================================= # POPULATE DATABASE #================================================= ynh_script_progression --message="Populating database..." password_hash=$(htpasswd -nbB password "$password"|cut -d: -f2) ynh_add_config --template="../conf/mysql.sql" --destination="../conf/populated_mysql.sql" ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < "../conf/populated_mysql.sql" #================================================= # CREATE DATA DIRECTORY #================================================= ynh_script_progression --message="Creating a data directory..." datadir=/home/yunohost.app/$app ynh_app_setting_set --app=$app --key=datadir --value=$datadir mkdir -p $datadir chmod 750 "$datadir" chmod -R o-rwx "$datadir" chown -R $app:www-data "$datadir" #================================================= # ADD A CONFIGURATION #================================================= ynh_script_progression --message="Adding a configuration file..." ynh_add_config --template="../conf/rportd.example.conf" --destination="$final_path/rportd.conf" chmod 400 "$final_path/rportd.conf" chown $app:$app "$final_path/rportd.conf" #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." # Create a dedicated systemd config ynh_add_systemd_config #================================================= # GENERIC FINALIZATION #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Configuring log rotation..." mkdir -p /var/log/$app chown -R $app:$app "/var/log/$app" # Use logrotate to manage application logfile(s) ynh_use_logrotate #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." yunohost service add $app --log="/var/log/$app/$app.log" --needs_exposed_ports="$client_port" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="API Listening on" #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring permissions..." # Everyone can access the app. # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Installation of $app completed"