diff --git a/README.md b/README.md index 16a41f1..1fbb81b 100644 --- a/README.md +++ b/README.md @@ -16,105 +16,23 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in ## Overview -[Scovie](https://github.com/eldertek/scovie) is an open-source digital signage system for high schools, built using Python and Django. It provides an easy-to-use interface for administrators to upload and manage multimedia content, which is then displayed on screens throughout the school. +[Scovie](https://github.com/eldertek/scovie) is an open-source digital signage system for high schools, built using Python and Django. +It provides an easy-to-use interface for administrators to upload and manage multimedia content, which is then displayed on screens throughout the school. + +## Links + +* Report a bug about this package: +* PyPi package: **Shipped version:** 0.0.6~ynh2 +**Demo:** https://scovie.eclipse-technology.eu + ## Screenshots ![Screenshot of Scovie](./doc/screenshots/all.png) -## Disclaimers / important information - -## Links - -* Report a bug about this package: https://github.com/eldertek/scovie/issues -* YunoHost website: https://yunohost.org/ -* PyPi package: https://pypi.org/project/scovie/ - -These projects used `scovie`: - -* https://github.com/eldertek/scovie - ---- - -# Developer info - -The App project will be stored under `__FINALPATH__` (e.g.: `/opt/yunohost/$app`) that's Django's `settings.FINALPATH` -"static" / "media" files to serve via nginx are under `__PUBLIC_PATH__` (e.g.: `/var/www/$app`) that's `settings.PUBLIC_PATH` - -## package installation / debugging - -This app is not in YunoHost app catalog. Test install, e.g.: -```bash -~# git clone https://github.com/eldertek/scovie_ynh.git -~# yunohost app install scovie_ynh/ -f -``` -To update: -```bash -~# cd scovie_ynh -~/scovie_ynh# git fetch && git reset --hard origin/testing -~/scovie_ynh# yunohost app upgrade scovie_ynh -u . -F -``` - -To remove call e.g.: -```bash -sudo yunohost app remove scovie_ynh -``` - -Backup / remove / restore cycle, e.g.: -```bash -yunohost backup create --apps scovie_ynh -yunohost backup list -archives: - - scovie_ynh-pre-upgrade1 - - 20201223-163434 -yunohost app remove scovie_ynh -yunohost backup restore 20201223-163434 --apps scovie_ynh -``` - -Debug the installation, e.g.: -```bash -root@yunohost:~# cat /etc/yunohost/apps/scovie_ynh/settings.yml -... - -root@yunohost:~# ls -la /var/www/scovie_ynh/ -total 18 -drwxr-xr-x 4 root root 4 Dec 8 08:36 . -drwxr-xr-x 6 root root 6 Dec 8 08:36 .. -drwxr-xr-x 2 root root 2 Dec 8 08:36 media -drwxr-xr-x 7 root root 8 Dec 8 08:40 static - -root@yunohost:~# ls -la /opt/yunohost/scovie_ynh/ -total 58 -drwxr-xr-x 5 scovie_ynh scovie_ynh 11 Dec 8 08:39 . -drwxr-xr-x 3 root root 3 Dec 8 08:36 .. --rw-r--r-- 1 scovie_ynh scovie_ynh 460 Dec 8 08:39 gunicorn.conf.py --rw-r--r-- 1 scovie_ynh scovie_ynh 0 Dec 8 08:39 local_settings.py --rwxr-xr-x 1 scovie_ynh scovie_ynh 274 Dec 8 08:39 manage.py --rw-r--r-- 1 scovie_ynh scovie_ynh 171 Dec 8 08:39 secret.txt -drwxr-xr-x 6 scovie_ynh scovie_ynh 6 Dec 8 08:37 venv --rw-r--r-- 1 scovie_ynh scovie_ynh 115 Dec 8 08:39 wsgi.py --rw-r--r-- 1 scovie_ynh scovie_ynh 4737 Dec 8 08:39 scovie_ynh_demo_settings.py - -root@yunohost:~# cd /opt/yunohost/scovie_ynh/ -root@yunohost:/opt/yunohost/scovie_ynh# source venv/bin/activate -(venv) root@yunohost:/opt/yunohost/scovie_ynh# ./manage.py check -scovie_ynh v0.8.2 (Django v2.2.17) -DJANGO_SETTINGS_MODULE='scovie_ynh_demo_settings' -PROJECT_PATH:/opt/yunohost/scovie_ynh/venv/lib/python3.7/site-packages -BASE_PATH:/opt/yunohost/scovie_ynh -System check identified no issues (0 silenced). - -root@yunohost:~# tail -f /var/log/scovie_ynh/scovie_ynh.log -root@yunohost:~# cat /etc/systemd/system/systemd.service -... - -root@yunohost:~# systemctl reload-or-restart scovie_ynh -root@yunohost:~# journalctl --unit=scovie_ynh --follow -``` - ## Documentation and resources * Upstream app code repository: diff --git a/README_fr.md b/README_fr.md index e0ee248..d1f068b 100644 --- a/README_fr.md +++ b/README_fr.md @@ -16,105 +16,23 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po ## Vue d’ensemble -[Scovie](https://github.com/eldertek/scovie) is an open-source digital signage system for high schools, built using Python and Django. It provides an easy-to-use interface for administrators to upload and manage multimedia content, which is then displayed on screens throughout the school. +[Scovie](https://github.com/eldertek/scovie) is an open-source digital signage system for high schools, built using Python and Django. +It provides an easy-to-use interface for administrators to upload and manage multimedia content, which is then displayed on screens throughout the school. + +## Links + +* Report a bug about this package: +* PyPi package: **Version incluse :** 0.0.6~ynh2 +**Démo :** https://scovie.eclipse-technology.eu + ## Captures d’écran ![Capture d’écran de Scovie](./doc/screenshots/all.png) -## Avertissements / informations importantes - -## Links - -* Report a bug about this package: https://github.com/eldertek/scovie/issues -* YunoHost website: https://yunohost.org/ -* PyPi package: https://pypi.org/project/scovie/ - -These projects used `scovie`: - -* https://github.com/eldertek/scovie - ---- - -# Developer info - -The App project will be stored under `__FINALPATH__` (e.g.: `/opt/yunohost/$app`) that's Django's `settings.FINALPATH` -"static" / "media" files to serve via nginx are under `__PUBLIC_PATH__` (e.g.: `/var/www/$app`) that's `settings.PUBLIC_PATH` - -## package installation / debugging - -This app is not in YunoHost app catalog. Test install, e.g.: -```bash -~# git clone https://github.com/eldertek/scovie_ynh.git -~# yunohost app install scovie_ynh/ -f -``` -To update: -```bash -~# cd scovie_ynh -~/scovie_ynh# git fetch && git reset --hard origin/testing -~/scovie_ynh# yunohost app upgrade scovie_ynh -u . -F -``` - -To remove call e.g.: -```bash -sudo yunohost app remove scovie_ynh -``` - -Backup / remove / restore cycle, e.g.: -```bash -yunohost backup create --apps scovie_ynh -yunohost backup list -archives: - - scovie_ynh-pre-upgrade1 - - 20201223-163434 -yunohost app remove scovie_ynh -yunohost backup restore 20201223-163434 --apps scovie_ynh -``` - -Debug the installation, e.g.: -```bash -root@yunohost:~# cat /etc/yunohost/apps/scovie_ynh/settings.yml -... - -root@yunohost:~# ls -la /var/www/scovie_ynh/ -total 18 -drwxr-xr-x 4 root root 4 Dec 8 08:36 . -drwxr-xr-x 6 root root 6 Dec 8 08:36 .. -drwxr-xr-x 2 root root 2 Dec 8 08:36 media -drwxr-xr-x 7 root root 8 Dec 8 08:40 static - -root@yunohost:~# ls -la /opt/yunohost/scovie_ynh/ -total 58 -drwxr-xr-x 5 scovie_ynh scovie_ynh 11 Dec 8 08:39 . -drwxr-xr-x 3 root root 3 Dec 8 08:36 .. --rw-r--r-- 1 scovie_ynh scovie_ynh 460 Dec 8 08:39 gunicorn.conf.py --rw-r--r-- 1 scovie_ynh scovie_ynh 0 Dec 8 08:39 local_settings.py --rwxr-xr-x 1 scovie_ynh scovie_ynh 274 Dec 8 08:39 manage.py --rw-r--r-- 1 scovie_ynh scovie_ynh 171 Dec 8 08:39 secret.txt -drwxr-xr-x 6 scovie_ynh scovie_ynh 6 Dec 8 08:37 venv --rw-r--r-- 1 scovie_ynh scovie_ynh 115 Dec 8 08:39 wsgi.py --rw-r--r-- 1 scovie_ynh scovie_ynh 4737 Dec 8 08:39 scovie_ynh_demo_settings.py - -root@yunohost:~# cd /opt/yunohost/scovie_ynh/ -root@yunohost:/opt/yunohost/scovie_ynh# source venv/bin/activate -(venv) root@yunohost:/opt/yunohost/scovie_ynh# ./manage.py check -scovie_ynh v0.8.2 (Django v2.2.17) -DJANGO_SETTINGS_MODULE='scovie_ynh_demo_settings' -PROJECT_PATH:/opt/yunohost/scovie_ynh/venv/lib/python3.7/site-packages -BASE_PATH:/opt/yunohost/scovie_ynh -System check identified no issues (0 silenced). - -root@yunohost:~# tail -f /var/log/scovie_ynh/scovie_ynh.log -root@yunohost:~# cat /etc/systemd/system/systemd.service -... - -root@yunohost:~# systemctl reload-or-restart scovie_ynh -root@yunohost:~# journalctl --unit=scovie_ynh --follow -``` - ## Documentations et ressources * Dépôt de code officiel de l’app : diff --git a/_common.sh b/_common.sh deleted file mode 100644 index 69c72c9..0000000 --- a/_common.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -#================================================= -# COMMON VARIABLES -#================================================= - -#================================================= -# PERSONAL HELPERS -#================================================= - -#================================================= -# EXPERIMENTAL HELPERS -#================================================= - -#================================================= -# FUTURE OFFICIAL HELPERS -#================================================= \ No newline at end of file diff --git a/check_process b/check_process deleted file mode 100644 index 0b0e093..0000000 --- a/check_process +++ /dev/null @@ -1,33 +0,0 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - -;; Test complet - ; Manifest - domain="domain.tld" - path="/path" - admin="john" - is_public=1 - password="pass" - port="666" - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - backup_restore=1 - multi_instance=1 - port_already_use=0 - change_url=1 -;;; Options -Email= -Notification=none -;;; Upgrade options - ; commit=CommitHash - name=Name and date of the commit. - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& - diff --git a/conf/gunicorn.conf.py b/conf/gunicorn.conf.py index f49a397..ee2cee5 100644 --- a/conf/gunicorn.conf.py +++ b/conf/gunicorn.conf.py @@ -1,6 +1,8 @@ +#!/usr/bin/env python3 """ Configuration for Gunicorn """ + import multiprocessing @@ -13,8 +15,8 @@ workers = multiprocessing.cpu_count() * 2 + 1 loglevel = 'info' # https://docs.gunicorn.org/en/latest/settings.html#logging -accesslog = '__LOG_FILE__' -errorlog = '__LOG_FILE__' +accesslog = '/var/log/__APP__/__APP__.log' +errorlog = '/var/log/__APP__/__APP__.log' # https://docs.gunicorn.org/en/latest/settings.html#pidfile -pidfile = '__FINALPATH__/gunicorn.pid' +pidfile = '__INSTALL_DIR__/gunicorn.pid' diff --git a/conf/manage.py b/conf/manage.py index ec26808..a85e3b1 100644 --- a/conf/manage.py +++ b/conf/manage.py @@ -1,4 +1,4 @@ -#!__FINALPATH__/venv/bin/python +#!/usr/bin/env python3 import os import sys diff --git a/conf/nginx.conf b/conf/nginx.conf index 867d5ef..6798c99 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -2,7 +2,7 @@ location __PATH__/static/ { # Service static files by nginx # e.g.: /var/www/$app/static - alias __PUBLIC_PATH__/static/; + alias __INSTALL_DIR__/static/; expires 30d; } diff --git a/conf/settings.py b/conf/settings.py index 5029a29..42a9b9a 100644 --- a/conf/settings.py +++ b/conf/settings.py @@ -1,15 +1,17 @@ +#!/usr/bin/env python3 + ################################################################################ ################################################################################ # Please do not modify this file, it will be reset at the next update. -# You can edit the file __FINALPATH__/local_settings.py and add/modify the settings you need. +# You can edit the file __INSTALL_DIR__/local_settings.py and add/modify the settings you need. # The parameters you add in local_settings.py will overwrite these, # but you can use the options and documentation in this file to find out what can be done. ################################################################################ ################################################################################ -from pathlib import Path as __Path +from pathlib import Path from django.contrib.admin.sites import AdminSite from django.utils.translation import gettext_lazy as _ @@ -24,17 +26,17 @@ from scovie.settings.prod import * # noqa:F401,F403 isort:skip from django_yunohost_integration.base_settings import LOGGING # noqa:F401 isort:skip -FINALPATH = __Path('__FINALPATH__') # /opt/yunohost/$app -assert FINALPATH.is_dir(), f'Directory not exists: {FINALPATH}' +INSTALL_DIR = Path('__INSTALL_DIR__') +assert INSTALL_DIR.is_dir(), f'Directory not exists: {INSTALL_DIR}' -PUBLIC_PATH = __Path('__PUBLIC_PATH__') # /var/www/$app +PUBLIC_PATH = Path('__INSTALL_DIR__/public') assert PUBLIC_PATH.is_dir(), f'Directory not exists: {PUBLIC_PATH}' -LOG_FILE = __Path('__LOG_FILE__') # /var/log/$app/scovie_ynh.log +LOG_FILE = Path('/var/log/__APP__/__APP__.log') assert LOG_FILE.is_file(), f'File not exists: {LOG_FILE}' -PATH_URL = '__PATH_URL__' # $YNH_APP_ARG_PATH -PATH_URL = PATH_URL.strip('/') +PATH = '__PATH__' # $YNH_APP_ARG_PATH +PATH = PATH.strip('/') YNH_CURRENT_HOST = '__YNH_CURRENT_HOST__' # YunoHost main domain from: /etc/yunohost/current_host @@ -54,7 +56,7 @@ DEFAULT_FROM_EMAIL = '__DEFAULT_FROM_EMAIL__' # Function that will be called to finalize a user profile: YNH_SETUP_USER = 'setup_user.setup_project_user' -SECRET_KEY = __get_or_create_secret(FINALPATH / 'secret.txt') # /opt/yunohost/$app/secret.txt +SECRET_KEY = __get_or_create_secret(INSTALL_DIR / 'secret.txt') # /opt/yunohost/$app/secret.txt INSTALLED_APPS += [ 'axes', # https://github.com/jazzband/django-axes @@ -144,9 +146,9 @@ CACHES = { # _____________________________________________________________________________ # Static files (CSS, JavaScript, Images) -if PATH_URL: - STATIC_URL = f'/{PATH_URL}/static/' - MEDIA_URL = f'/{PATH_URL}/media/' +if PATH: + STATIC_URL = f'/{PATH}/static/' + MEDIA_URL = f'/{PATH}/media/' else: # Installed to domain root, without a path prefix? STATIC_URL = '/static/' diff --git a/conf/setup_user.py b/conf/setup_user.py index d838d3e..2a348ad 100644 --- a/conf/setup_user.py +++ b/conf/setup_user.py @@ -1,3 +1,5 @@ +#!/usr/bin/env python3 + def setup_project_user(user): """ All users used the Django admin, so we need to set the "staff" user flag. diff --git a/conf/systemd.service b/conf/systemd.service index 02c2c7f..3b0be5c 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,15 +1,51 @@ [Unit] Description=__APP__ server -After=redis.service postgresql.service +After=network.target redis.service postgresql.service [Service] +Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=__FINALPATH__/ -ExecStart=__FINALPATH__/venv/bin/gunicorn --config __FINALPATH__/gunicorn.conf.py wsgi +WorkingDirectory=__INSTALL_DIR__/ +ExecStart=__INSTALL_DIR__/venv/bin/gunicorn --config __INSTALL_DIR__/gunicorn.conf.py wsgi StandardOutput=syslog StandardError=syslog SyslogIdentifier=__APP__-server +# FIXME: Test all that +# ### Depending on specificities of your service/app, you may need to tweak these +# ### .. but this should be a good baseline +# # Sandboxing options to harden security +# # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html +# NoNewPrivileges=yes +# PrivateTmp=yes +# PrivateDevices=yes +# RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK +# RestrictNamespaces=yes +# RestrictRealtime=yes +# DevicePolicy=closed +# ProtectClock=yes +# ProtectHostname=yes +# ProtectProc=invisible +# ProtectSystem=full +# ProtectControlGroups=yes +# ProtectKernelModules=yes +# ProtectKernelTunables=yes +# LockPersonality=yes +# SystemCallArchitectures=native +# SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged + +# # Denying access to capabilities that should not be relevant for webapps +# # Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html +# CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD +# CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE +# CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT +# CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK +# CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM +# CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG +# CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE +# CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW +# CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG + [Install] WantedBy=multi-user.target diff --git a/conf/urls.py b/conf/urls.py index 135999e..eeed0fe 100644 --- a/conf/urls.py +++ b/conf/urls.py @@ -1,19 +1,19 @@ +#!/usr/bin/env python3 """ urls.py """ - from django.conf import settings from django.urls import include, path from django.views.generic import RedirectView -if settings.PATH_URL: - # settings.PATH_URL is the $YNH_APP_ARG_PATH - # Prefix all urls with "PATH_URL": +if settings.PATH: + # settings.PATH is the $YNH_APP_ARG_PATH + # Prefix all urls with "PATH": urlpatterns = [ - path('', RedirectView.as_view(url=f'{settings.PATH_URL}/')), - path(f'{settings.PATH_URL}/', include('scovie.urls')), + path('', RedirectView.as_view(url=f'{settings.PATH}/')), + path(f'{settings.PATH}/', include('scovie.urls')), ] else: # Installed to domain root, without a path prefix diff --git a/conf/wsgi.py b/conf/wsgi.py index 018a0cc..dd7da31 100644 --- a/conf/wsgi.py +++ b/conf/wsgi.py @@ -1,9 +1,10 @@ +#!/usr/bin/env python3 + """ WSGI config """ import os - os.environ['DJANGO_SETTINGS_MODULE'] = 'settings' from django.core.wsgi import get_wsgi_application # noqa diff --git a/config_panel.toml b/config_panel.toml index d020b20..7295610 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -14,13 +14,13 @@ services = ["__APP__"] ask = "from email" type = "email" help = "Default email address to use for various automated emails." - bind = "default_from_email:__FINALPATH__/settings.py" + bind = "default_from_email:__INSTALL_DIR__/settings.py" [main.config.admin_email] ask = "ADMIN email" type = "email" help = "EMail address for error emails." - bind = "admin_email:__FINALPATH__/settings.py" + bind = "admin_email:__INSTALL_DIR__/settings.py" [main.config.debug_enabled] ask = "DEBUG mode" @@ -28,11 +28,11 @@ services = ["__APP__"] yes = "1" no = "0" help = "Should be never enabled in production!" - bind = "debug_enabled:__FINALPATH__/settings.py" + bind = "debug_enabled:__INSTALL_DIR__/settings.py" [main.config.log_level] type = "string" ask = "Log Level" choices = ["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"] default = "WARNING" - bind = "log_level:__FINALPATH__/settings.py" + bind = "log_level:__INSTALL_DIR__/settings.py" diff --git a/doc/ADMIN.md b/doc/ADMIN.md new file mode 100644 index 0000000..4d803cb --- /dev/null +++ b/doc/ADMIN.md @@ -0,0 +1,2 @@ +The App project will be stored under `__INSTALL_DIR__` that's Django's `settings.FINALPATH` +"static" / "media" files to serve via nginx are under `__INSTALL_DIR__` (e.g.: `/var/www/$app`) that's `settings.PUBLIC_PATH` diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index 0129d5c..85bd547 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -1 +1,7 @@ -[Scovie](https://github.com/eldertek/scovie) is an open-source digital signage system for high schools, built using Python and Django. It provides an easy-to-use interface for administrators to upload and manage multimedia content, which is then displayed on screens throughout the school. +[Scovie](https://github.com/eldertek/scovie) is an open-source digital signage system for high schools, built using Python and Django. +It provides an easy-to-use interface for administrators to upload and manage multimedia content, which is then displayed on screens throughout the school. + +## Links + +* Report a bug about this package: +* PyPi package: diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md deleted file mode 100644 index 308fd8c..0000000 --- a/doc/DISCLAIMER.md +++ /dev/null @@ -1,87 +0,0 @@ -## Links - -* Report a bug about this package: https://github.com/eldertek/scovie/issues -* YunoHost website: https://yunohost.org/ -* PyPi package: https://pypi.org/project/scovie/ - -These projects used `scovie`: - -* https://github.com/eldertek/scovie - ---- - -# Developer info - -The App project will be stored under `__FINALPATH__` (e.g.: `/opt/yunohost/$app`) that's Django's `settings.FINALPATH` -"static" / "media" files to serve via nginx are under `__PUBLIC_PATH__` (e.g.: `/var/www/$app`) that's `settings.PUBLIC_PATH` - -## package installation / debugging - -This app is not in YunoHost app catalog. Test install, e.g.: -```bash -~# git clone https://github.com/eldertek/scovie_ynh.git -~# yunohost app install scovie_ynh/ -f -``` -To update: -```bash -~# cd scovie_ynh -~/scovie_ynh# git fetch && git reset --hard origin/testing -~/scovie_ynh# yunohost app upgrade scovie_ynh -u . -F -``` - -To remove call e.g.: -```bash -sudo yunohost app remove scovie_ynh -``` - -Backup / remove / restore cycle, e.g.: -```bash -yunohost backup create --apps scovie_ynh -yunohost backup list -archives: - - scovie_ynh-pre-upgrade1 - - 20201223-163434 -yunohost app remove scovie_ynh -yunohost backup restore 20201223-163434 --apps scovie_ynh -``` - -Debug the installation, e.g.: -```bash -root@yunohost:~# cat /etc/yunohost/apps/scovie_ynh/settings.yml -... - -root@yunohost:~# ls -la /var/www/scovie_ynh/ -total 18 -drwxr-xr-x 4 root root 4 Dec 8 08:36 . -drwxr-xr-x 6 root root 6 Dec 8 08:36 .. -drwxr-xr-x 2 root root 2 Dec 8 08:36 media -drwxr-xr-x 7 root root 8 Dec 8 08:40 static - -root@yunohost:~# ls -la /opt/yunohost/scovie_ynh/ -total 58 -drwxr-xr-x 5 scovie_ynh scovie_ynh 11 Dec 8 08:39 . -drwxr-xr-x 3 root root 3 Dec 8 08:36 .. --rw-r--r-- 1 scovie_ynh scovie_ynh 460 Dec 8 08:39 gunicorn.conf.py --rw-r--r-- 1 scovie_ynh scovie_ynh 0 Dec 8 08:39 local_settings.py --rwxr-xr-x 1 scovie_ynh scovie_ynh 274 Dec 8 08:39 manage.py --rw-r--r-- 1 scovie_ynh scovie_ynh 171 Dec 8 08:39 secret.txt -drwxr-xr-x 6 scovie_ynh scovie_ynh 6 Dec 8 08:37 venv --rw-r--r-- 1 scovie_ynh scovie_ynh 115 Dec 8 08:39 wsgi.py --rw-r--r-- 1 scovie_ynh scovie_ynh 4737 Dec 8 08:39 scovie_ynh_demo_settings.py - -root@yunohost:~# cd /opt/yunohost/scovie_ynh/ -root@yunohost:/opt/yunohost/scovie_ynh# source venv/bin/activate -(venv) root@yunohost:/opt/yunohost/scovie_ynh# ./manage.py check -scovie_ynh v0.8.2 (Django v2.2.17) -DJANGO_SETTINGS_MODULE='scovie_ynh_demo_settings' -PROJECT_PATH:/opt/yunohost/scovie_ynh/venv/lib/python3.7/site-packages -BASE_PATH:/opt/yunohost/scovie_ynh -System check identified no issues (0 silenced). - -root@yunohost:~# tail -f /var/log/scovie_ynh/scovie_ynh.log -root@yunohost:~# cat /etc/systemd/system/systemd.service -... - -root@yunohost:~# systemctl reload-or-restart scovie_ynh -root@yunohost:~# journalctl --unit=scovie_ynh --follow -``` diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 975d93d..0000000 --- a/manifest.json +++ /dev/null @@ -1,55 +0,0 @@ -{ - "name": "Scovie", - "id": "scovie", - "packaging_format": 1, - "description": { - "en": "Digital signage system for high schools", - "fr": "Affichage dynamique open-source pour les lycées" - }, - "version": "0.0.6~ynh2", - "url": "https://github.com/eldertek/scovie", - "upstream": { - "license": "GPL-3.0", - "code": "https://github.com/eldertek/scovie" - }, - "license": "GPL-3.0", - "maintainer": { - "name": "André Théo LAURET", - "email": "andrelauret@eclipse-technology.eu" - }, - "previous_maintainers": [], - "requirements": { - "yunohost": ">=11" - }, - "multi_instance": true, - "services": [ - "nginx", "postgresql", "redis" - ], - "arguments": { - "install" : [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "example": "/scovie", - "default": "/scovie" - }, - { - "name": "admin", - "type": "user" - }, - { - "name": "is_public", - "type": "boolean", - "help": { - "en": "Any YunoHost user and anonymous people from the web will be able to access the application", - "fr": "Tout utilisateur YunoHost et les personnes anonymes pourront accéder à l'application" - }, - "default": true - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..770b747 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,70 @@ +#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json + +packaging_format = 2 + +id = "scovie" +name = "Scovie" +description.en = "Digital signage system for high schools" +description.fr = "Affichage dynamique open-source pour les lycées" + +version = "0.0.6~ynh2" + +maintainers = ["André Théo LAURET"] + +[upstream] +license = "GPL-3.0" +code = "https://github.com/eldertek/scovie" +demo = "https://scovie.eclipse-technology.eu" + +[integration] +yunohost = ">=11.2" +architectures = "all" +multi_instance = true +ldap = true +sso = true +disk = "150M" +ram.build = "500M" +ram.runtime = "300M" + +[install] + [install.domain] + type = "domain" + + [install.path] + type = "path" + default = "/scovie" + + [install.admin] + type = "user" + + [install.init_main_permission] + help.en = "Any YunoHost user and anonymous people from the web will be able to access the application" + help.fr = "Tout utilisateur YunoHost et les personnes anonymes pourront accéder à l'application" + type = "group" + default = "visitors" + +[resources] + [resources.system_user] + + [resources.install_dir] + + [resources.permissions] + main.url = "/" + + [resources.ports] + main.default = 8000 + + [resources.apt] + packages = [ + "build-essential", + "python3-dev", + "python3-pip", + "python3-venv", + "git", + "libpq-dev", + "postgresql", + "postgresql-contrib", + ] + + [resources.database] + type = "postgresql" diff --git a/scripts/_common.sh b/scripts/_common.sh index b14c5d7..6997dc6 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,23 +1,12 @@ #!/bin/bash #================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST +# COMMON VARIABLES #================================================= -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH - -admin=$YNH_APP_ARG_ADMIN -is_public=$YNH_APP_ARG_IS_PUBLIC -app=$YNH_APP_INSTANCE_NAME - -# Transfer the main SSO domain to the App: ynh_current_host=$(cat /etc/yunohost/current_host) -__YNH_CURRENT_HOST__=${ynh_current_host} -#================================================= # ARGUMENTS FROM CONFIG PANEL -#================================================= # 'debug_enabled' -> '__DEBUG_ENABLED__' -> settings.DEBUG debug_enabled="0" @@ -31,24 +20,34 @@ admin_email="${admin}@${domain}" # 'default_from_email' -> '__DEFAULT_FROM_EMAIL__' -> settings.DEFAULT_FROM_EMAIL default_from_email="${app}@${domain}" -#================================================= -# SET CONSTANTS -#================================================= -public_path=/var/www/$app -final_path=/opt/yunohost/$app +#REMOVEME? install_dir=/opt/yunohost/$app log_path=/var/log/$app log_file="${log_path}/${app}.log" -#================================================= -# COMMON VARIABLES -#================================================= - -# dependencies used by the app -pkg_dependencies="build-essential python3-dev python3-pip python3-venv git libpq-dev postgresql postgresql-contrib" #================================================= -# Redis HELPERS +# PERSONAL HELPERS +#================================================= + +_install_scovie_venv() { + ynh_exec_as "$app" python3 -m venv --upgrade "$install_dir/venv" + + venvpython="$install_dir/venv/bin/python3" + + ynh_add_config --template="requirements.txt" --destination="$install_dir/requirements.txt" + + ynh_exec_as "$app" "$venvpython" -m ensurepip + ynh_exec_as "$app" "$venvpython" -m pip install --upgrade wheel pip setuptools + ynh_exec_as "$app" "$venvpython" -m pip install --no-deps -r "$install_dir/requirements.txt" +} + +#================================================= +# EXPERIMENTAL HELPERS +#================================================= + +#================================================= +# FUTURE OFFICIAL HELPERS #================================================= # get the first available redis database @@ -56,27 +55,27 @@ pkg_dependencies="build-essential python3-dev python3-pip python3-venv git libpq # usage: ynh_redis_get_free_db # | returns: the database number to use ynh_redis_get_free_db() { - local result max db - result=$(redis-cli INFO keyspace) + local result max db + result=$(redis-cli INFO keyspace) - # get the num - max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") + # get the num + max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") - db=0 - # default Debian setting is 15 databases - for i in $(seq 0 "$max") - do - if ! echo "$result" | grep -q "db$i" - then - db=$i - break 1 - fi - db=-1 - done + db=0 + # default Debian setting is 15 databases + for i in $(seq 0 "$max") + do + if ! echo "$result" | grep -q "db$i" + then + db=$i + break 1 + fi + db=-1 + done - test "$db" -eq -1 && ynh_die "No available Redis databases..." + test "$db" -eq -1 && ynh_die "No available Redis databases..." - echo "$db" + echo "$db" } # Create a master password and set up global settings @@ -85,7 +84,6 @@ ynh_redis_get_free_db() { # usage: ynh_redis_remove_db database # | arg: database - the database to erase ynh_redis_remove_db() { - local db=$1 - redis-cli -n "$db" flushall + local db=$1 + redis-cli -n "$db" flushall } - diff --git a/scripts/backup b/scripts/backup index a440220..1b514d4 100644 --- a/scripts/backup +++ b/scripts/backup @@ -9,21 +9,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -public_path=$(ynh_app_setting_get --app="$app" --key=public_path) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -db_name=$(ynh_app_setting_get --app="$app" --key=db_name) - -domain=$(ynh_app_setting_get --app="$app" --key=domain) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -33,28 +18,19 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" -ynh_backup --src_path="$public_path" +ynh_backup --src_path="$install_dir" #================================================= -# BACKUP THE NGINX CONFIGURATION +# SYSTEM CONFIGURATION #================================================= ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# SPECIFIC BACKUP -#================================================= -# BACKUP LOGROTATE -#================================================= +ynh_backup --src_path="/etc/systemd/system/$app.service" ynh_backup --src_path="/etc/logrotate.d/$app" -#================================================= -# BACKUP SYSTEMD -#================================================= - -ynh_backup --src_path="/etc/systemd/system/$app.service" +ynh_backup --src_path="/var/log/$app/" #================================================= # BACKUP THE PostgreSQL DATABASE diff --git a/scripts/change_url b/scripts/change_url index c4fa51a..665a954 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -6,81 +6,12 @@ # IMPORT GENERIC HELPERS #================================================= -YNH_APP_ARG_DOMAIN=$YNH_APP_NEW_DOMAIN -YNH_APP_ARG_PATH=$YNH_APP_NEW_PATH +#REMOVEME? YNH_APP_ARG_DOMAIN=$YNH_APP_NEW_DOMAIN +#REMOVEME? YNH_APP_ARG_PATH=$YNH_APP_NEW_PATH source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." - -admin=$(ynh_app_setting_get --app="$app" --key=admin) -public_path=$(ynh_app_setting_get --app="$app" --key=public_path) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -log_path=$(ynh_app_setting_get --app="$app" --key=log_path) - -port=$(ynh_app_setting_get --app="$app" --key=port) - -db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd) -db_name=$(ynh_sanitize_dbid --db_name="$app") -db_user=$db_name - -redis_db=$(ynh_app_setting_get --app="$app" --key=redis_db) - -#------------------------------------------------- -# config_panel.toml settings: - -debug_enabled=$(ynh_app_setting_get --app="$app" --key=debug_enabled) -log_level=$(ynh_app_setting_get --app="$app" --key=log_level) -admin_email=$(ynh_app_setting_get --app="$app" --key=admin_email) -default_from_email=$(ynh_app_setting_get --app="$app" --key=default_from_email) - -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=40 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -97,29 +28,7 @@ ynh_systemd_action --service_name="$app" --action="stop" #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the nginx config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original nginx config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for nginx helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated nginx config - ynh_add_nginx_config "public_path" "port" -fi - -# Change the domain for nginx -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi +ynh_change_url_nginx_config #================================================= # SPECIFIC MODIFICATIONS @@ -128,10 +37,7 @@ fi #================================================= ynh_script_progression --message="Modify $app config file..." -domain=$YNH_APP_NEW_DOMAIN -path_url=$YNH_APP_NEW_PATH - -ynh_add_config --template="settings.py" --destination="$final_path/settings.py" +ynh_add_config --template="settings.py" --destination="$install_dir/settings.py" #================================================= # GENERIC FINALISATION @@ -142,13 +48,6 @@ ynh_script_progression --message="Starting systemd service '$app'..." --weight=5 ynh_systemd_action --service_name="$app" --action="start" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 5bc75f7..9174c84 100644 --- a/scripts/install +++ b/scripts/install @@ -8,54 +8,9 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE SCRIPT FAILURE +# INITIALIZE AND STORE SETTINGS #================================================= -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." - -# Path for e.g. "static" files, served by nginx: -test ! -e "$public_path" || ynh_die --message="This path already contains a folder" - -# Path for own config files, e.g.: Django's settings.py: -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app="$app" --domain="$domain" --path_url="$path_url" - -mkdir -p "$public_path/media" "$public_path/static" -mkdir -p "$final_path" - -mkdir -p "$log_path" -touch "${log_file}" - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." - -ynh_app_setting_set --app="$app" --key=admin --value="$admin" -ynh_app_setting_set --app="$app" --key=public_path --value="$public_path" -ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" -ynh_app_setting_set --app="$app" --key=log_path --value="$log_file" - -ynh_app_setting_set --app="$app" --key=domain --value="$domain" -ynh_app_setting_set --app="$app" --key=path --value="$path_url" - -# Find a free port -port=$(ynh_find_port --port=8000) -# Set port as application setting -# https://yunohost.org/en/contribute/packaging_apps/helpers -# https://github.com/YunoHost/yunohost/blob/dev/helpers/setting -ynh_app_setting_set --app="$app" --key=port --value="$port" - -db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd) - redis_db=$(ynh_redis_get_free_db) ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" @@ -68,179 +23,82 @@ ynh_app_setting_set --app="$app" --key=admin_email --value="$admin_email" ynh_app_setting_set --app="$app" --key=default_from_email --value="$default_from_email" #================================================= -# STANDARD MODIFICATIONS +# INSTALLATION #================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing $app dependencies..." --weight=20 +ynh_script_progression --message="Installing project via pip..." --weight=45 -ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies" +_install_scovie_venv + +mkdir -p "$install_dir/public/media" "$install_dir/public/static" + +chmod o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" + +mkdir -p "$log_path" +touch "$log_file" + +chmod o-rwx "$log_path" +chown -R "$app:$app" "$log_path" #================================================= -# CREATE A PostgreSQL DATABASE -#================================================= -ynh_script_progression --message="Creating a PostgreSQL database..." - -db_name=$(ynh_sanitize_dbid --db_name="$app") -db_user=$db_name -ynh_app_setting_set --app="$app" --key=db_name --value="$db_name" - -ynh_psql_test_if_first_run - -# Initialize database and store postgres password for upgrade -ynh_psql_setup_db --db_user="$db_user" --db_name="$db_name" - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." - -# Create a dedicated nginx config -# https://yunohost.org/en/contribute/packaging_apps/helpers -# https://github.com/YunoHost/yunohost/blob/dev/helpers/nginx -ynh_add_nginx_config "public_path" "port" - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user $app..." - -# A home directory for venv and settings etc. -ynh_system_user_create --username="$app" --home_dir="$final_path" --use_shell - -#================================================= -# PYTHON VIRTUALENV -#================================================= -ynh_script_progression --message="Create Python virtualenv..." --weight=5 - -# Always recreate everything fresh with current python version -ynh_secure_remove "${final_path}/venv" - -# Skip pip because of: https://github.com/YunoHost/issues/issues/1960 -python3 -m venv --without-pip "${final_path}/venv" - -cp ../conf/requirements.txt "$final_path/requirements.txt" -chown -R "$app:" "$final_path" - -#================================================= -# PIP INSTALLATION -#================================================= -ynh_script_progression --message="Install project via pip..." --weight=45 - -#run source in a 'sub shell' -( - set +o nounset - source "${final_path}/venv/bin/activate" - set -o nounset - ynh_exec_as $app $final_path/venv/bin/python3 -m ensurepip - ynh_exec_as $app $final_path/venv/bin/pip3 install --upgrade wheel pip setuptools - ynh_exec_as $app $final_path/venv/bin/pip3 install --no-deps -r "$final_path/requirements.txt" -) - -#================================================= -# copy config files +# COPY CONFIG FILES # ================================================ ynh_script_progression --message="Create $app configuration files..." -ynh_add_config --template="gunicorn.conf.py" --destination="$final_path/gunicorn.conf.py" +ynh_add_config --template="gunicorn.conf.py" --destination="$install_dir/gunicorn.conf.py" -ynh_add_config --template="manage.py" --destination="$final_path/manage.py" -chmod +x "$final_path/manage.py" +ynh_add_config --template="manage.py" --destination="$install_dir/manage.py" +chmod +x "$install_dir/manage.py" -ynh_add_config --template="settings.py" --destination="$final_path/settings.py" -ynh_add_config --template="setup_user.py" --destination="$final_path/setup_user.py" -ynh_add_config --template="urls.py" --destination="$final_path/urls.py" -ynh_add_config --template="wsgi.py" --destination="$final_path/wsgi.py" +ynh_add_config --template="settings.py" --destination="$install_dir/settings.py" +ynh_add_config --template="setup_user.py" --destination="$install_dir/setup_user.py" +ynh_add_config --template="urls.py" --destination="$install_dir/urls.py" +ynh_add_config --template="wsgi.py" --destination="$install_dir/wsgi.py" -touch "$final_path/local_settings.py" +touch "$install_dir/local_settings.py" #================================================= # MIGRATE / COLLECTSTATIC / CREATEADMIN #================================================= ynh_script_progression --message="migrate/collectstatic/createadmin..." --weight=10 -cd "$final_path" || exit +pushd "$install_dir" + # Just for debugging: + ynh_exec_as "$app" "$venvpython" ./manage.py diffsettings -# Just for debugging: -./manage.py diffsettings + ynh_exec_as "$app" "$venvpython" ./manage.py migrate --no-input + ynh_exec_as "$app" "$venvpython" ./manage.py collectstatic --no-input -./manage.py migrate --no-input -./manage.py collectstatic --no-input - -# Create/update Django superuser (set unusable password, because auth done via SSOwat): -./manage.py create_superuser --username="$admin" --email="$(ynh_user_get_info "$admin" mail)" - -# Check the configuration -# This may fail in some cases with errors, etc., but the app works and the user can fix issues later. -./manage.py check --deploy || true + # Create/update Django superuser (set unusable password, because auth done via SSOwat): + ynh_exec_as "$app" "$venvpython" ./manage.py create_superuser --username="$admin" --email="$(ynh_user_get_info "$admin" mail)" + # Check the configuration + # This may fail in some cases with errors, etc., but the app works and the user can fix issues later. + ynh_exec_as "$app" "$venvpython" ./manage.py check --deploy || true +popd #================================================= -# SETUP LOGROTATE +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring log rotation..." +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 + +# Create a dedicated nginx config +ynh_add_nginx_config + +# Create a dedicated NGINX config using the conf/nginx.conf template +ynh_add_systemd_config --service="$app" --template="systemd.service" +yunohost service add "$app" --description="Digital signage system for high schools" --log="/var/log/$app/$app.log" # Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate "$log_file" - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." - -yunohost service add $app --description="Digital signage system for high schools" --log="${log_file}" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R "$app:" "$log_path" -chown -R "$app:www-data" "$public_path" -chown -R "$app:" "$final_path" - -chmod o-rwx "$log_path" -chmod o-rwx "$public_path" -chmod o-rwx "$final_path" - -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Configuring systemd service '$app'..." --weight=5 - -# https://yunohost.org/en/contribute/packaging_apps/helpers -# https://github.com/YunoHost/yunohost/blob/dev/helpers/systemd -ynh_add_systemd_config --service="$app" --template="systemd.service" - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring SSOwat..." - -# Make app public if necessary or protect it -if [ $is_public -eq 1 ] -then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. - ynh_permission_update --permission "main" --add "visitors" -fi +ynh_use_logrotate "/var/log/$app/$app.log" #================================================= # Start the app server via systemd #================================================= -ynh_script_progression --message="Starting systemd service '$app'..." --weight=5 +ynh_script_progression --message="Starting systemd service $app..." --weight=5 ynh_systemd_action --service_name="$app" --action="start" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name="nginx" --action="reload" - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index e9c4bbc..cd3c54c 100644 --- a/scripts/remove +++ b/scripts/remove @@ -10,92 +10,22 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." - -domain=$(ynh_app_setting_get --app="$app" --key=domain) -db_name=$(ynh_app_setting_get --app="$app" --key=db_name) -db_user=$db_name -public_path=$(ynh_app_setting_get --app="$app" --key=public_path) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) - -#================================================= -# STANDARD REMOVE -#================================================= -# REMOVE SERVICE FROM ADMIN PANEL +# REMOVE SYSTEM CONFIGURATIONS #================================================= +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove a service from the admin panel, added by `yunohost service add` -if yunohost service status "$app" >/dev/null 2>&1 -then - ynh_script_progression --message="Removing $app service integration..." - yunohost service remove "$app" +if yunohost service status "$app" >/dev/null 2>&1; then + yunohost service remove "$app" fi -#================================================= -# STOP PYINVENTORY'S SERVICES -#================================================= -ynh_script_progression --message="Stopping and removing systemd service '$app'..." --weight=5 +ynh_remove_logrotate ynh_remove_systemd_config --service="$app" -#================================================= -# REMOVE THE PostgreSQL DATABASE -#================================================= -ynh_script_progression --message="Removing the PostgreSQL database..." - -# Remove a database if it exists, along with the associated user -ynh_psql_remove_db --db_user=$db_user --db_name=$db_name - -##================================================= -## REMOVE REDIS DB -##================================================= - -ynh_redis_remove_db - -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=10 - -# Remove metapackage and its dependencies -ynh_exec_warn_less ynh_remove_app_dependencies - -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." - -# Remove the app directory securely -ynh_secure_remove --file="$public_path" -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." - -# Remove the dedicated nginx config ynh_remove_nginx_config -#================================================= -# REMOVE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Removing logrotate configuration..." - -# Remove the app-specific logrotate config -ynh_remove_logrotate - -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." - -# Delete a system user -ynh_system_user_delete --username="$app" +ynh_redis_remove_db "$redis_db" #================================================= # END OF SCRIPT diff --git a/scripts/restore b/scripts/restore index eaf5475..0ca081f 100644 --- a/scripts/restore +++ b/scripts/restore @@ -9,74 +9,22 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading settings..." - -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -public_path=$(ynh_app_setting_get --app="$app" --key=public_path) -db_name=$(ynh_app_setting_get --app="$app" --key=db_name) -db_user=$db_name -db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd) - -domain=$(ynh_app_setting_get --app="$app" --key=domain) -path_url=$(ynh_app_setting_get --app="$app" --key=path) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring $app main directory..." +ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" -ynh_restore_file --origin_path="$public_path" +ynh_restore_file --origin_path="$install_dir" + +chmod o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" #================================================= -# RECREATE THE DEDICATED USER +# RESTORE THE POSTGRES DATABASE #================================================= -ynh_script_progression --message="Recreating the dedicated system user..." +ynh_script_progression --message="Restoring the Postgresql database..." --weight=1 -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" --use_shell - -#================================================= -# RESTORE USER RIGHTS -#================================================= - -# Restore permissions on app files -chown -R "$app:www-data" "$public_path" -chown -R "$app:" "$final_path" - -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=20 - -ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies" +ynh_psql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql #================================================= # PYTHON VIRTUALENV @@ -85,11 +33,11 @@ ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies" ynh_script_progression --message="Recreate Python virtualenv..." --weight=5 # Always recreate everything fresh with current python version -ynh_secure_remove "${final_path}/venv" +ynh_secure_remove "${install_dir}/venv" # Skip pip because of: https://github.com/YunoHost/issues/issues/1960 -python3 -m venv --without-pip "${final_path}/venv" -chown -R "$app:" "$final_path" +python3 -m venv --without-pip "${install_dir}/venv" +chown -R "$app:" "$install_dir" #================================================= # PIP INSTALLATION @@ -97,77 +45,41 @@ chown -R "$app:" "$final_path" ynh_script_progression --message="Install project via pip..." --weight=45 #run source in a 'sub shell' ( - set +o nounset - source "${final_path}/venv/bin/activate" - set -o nounset - ynh_exec_as $app $final_path/venv/bin/python3 -m ensurepip - ynh_exec_as $app $final_path/venv/bin/pip3 install --upgrade wheel pip setuptools - ynh_exec_as $app $final_path/venv/bin/pip3 install --no-deps -r "$final_path/requirements.txt" + set +o nounset + source "${install_dir}/venv/bin/activate" + set -o nounset + ynh_exec_as $app $install_dir/venv/bin/python3 -m ensurepip + ynh_exec_as $app $install_dir/venv/bin/pip3 install --upgrade wheel pip setuptools + ynh_exec_as $app $install_dir/venv/bin/pip3 install --no-deps -r "$install_dir/requirements.txt" ) #================================================= -# RESTORE THE PostgreSQL DATABASE +# RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=5 +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 -ynh_psql_test_if_first_run -ynh_psql_setup_db --db_user="$db_user" --db_name="$db_name" --db_pwd="$db_pwd" -ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql - -#================================================= -# RESTORE SYSTEMD -#================================================= -ynh_script_progression --message="Restoring the systemd configuration..." +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/systemd/system/$app.service" -systemctl enable $app.service --quiet +systemctl enable "$app.service" --quiet +yunohost service add "$app" --description="Digital signage system for high schools" --log="/var/log/$app/$app.log" -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." - -yunohost service add $app --description="Digital signage system for high schools" --log="${log_file}" - -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= - -mkdir -p "$log_path" -touch "${log_file}" -chown -R "$app:" "$log_path" ynh_restore_file --origin_path="/etc/logrotate.d/$app" -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R "$app:" "$log_path" -chown -R "$app:www-data" "$public_path" -chown -R "$app:" "$final_path" - -chmod o-rwx "$log_path" -chmod o-rwx "$public_path" -chmod o-rwx "$final_path" +ynh_restore_file --origin_path="/var/log/$app/" +chmod o-rwx "/var/log/$app" +chown -R "$app:" "/var/log/$app" #================================================= # GENERIC FINALIZATION #================================================= -# START PYINVENTORY +# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= -ynh_script_progression --message="Starting systemd service '$app'..." --weight=5 +ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="start" +ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name="nginx" --action="reload" +ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT diff --git a/scripts/upgrade b/scripts/upgrade index 56871cc..e7c8645 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -8,66 +8,31 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# LOAD SETTINGS +# STANDARD UPGRADE STEPS #================================================= -ynh_script_progression --message="Loading installation settings..." - -admin=$(ynh_app_setting_get --app="$app" --key=admin) -public_path=$(ynh_app_setting_get --app="$app" --key=public_path) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -log_path=$(ynh_app_setting_get --app="$app" --key=log_path) - -domain=$(ynh_app_setting_get --app="$app" --key=domain) -path_url=$(ynh_app_setting_get --app="$app" --key=path) - -port=$(ynh_app_setting_get --app="$app" --key=port) - -db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd) -db_name=$(ynh_sanitize_dbid --db_name="$app") -db_user=$db_name - -redis_db=$(ynh_app_setting_get --app="$app" --key=redis_db) - -#------------------------------------------------- -# config_panel.toml settings: - -debug_enabled=$(ynh_app_setting_get --app="$app" --key=debug_enabled) -if [ -z "$debug_enabled" ]; then - debug_enabled="0" - ynh_app_setting_set --app="$app" --key=debug_enabled --value="$debug_enabled" -fi - -log_level=$(ynh_app_setting_get --app="$app" --key=log_level) -if [ -z "$log_level" ]; then - log_level="WARNING" - ynh_app_setting_set --app="$app" --key=log_level --value="$log_level" -fi - -admin_email=$(ynh_app_setting_get --app="$app" --key=admin_email) -if [ -z "$admin_email" ]; then - admin_email="${admin}@${domain}" - ynh_app_setting_set --app="$app" --key=admin_email --value="$admin_email" -fi - -default_from_email=$(ynh_app_setting_get --app="$app" --key=default_from_email) -if [ -z "$default_from_email" ]; then - default_from_email="${app}@${domain}" - ynh_app_setting_set --app="$app" --key=default_from_email --value="$default_from_email" -fi - +# ENSURE DOWNWARD COMPATIBILITY #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up $app before upgrading (may take a while)..." --weight=40 +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +if [ -z "${debug_enabled:-}" ]; then + debug_enabled="0" + ynh_app_setting_set --app="$app" --key=debug_enabled --value="$debug_enabled" +fi + +if [ -z "${log_level:-}" ]; then + log_level="WARNING" + ynh_app_setting_set --app="$app" --key=log_level --value="$log_level" +fi + +if [ -z "${admin_email:-}" ]; then + admin_email="${admin}@${domain}" + ynh_app_setting_set --app="$app" --key=admin_email --value="$admin_email" +fi + +if [ -z "${default_from_email:-}" ]; then + default_from_email="${app}@${domain}" + ynh_app_setting_set --app="$app" --key=default_from_email --value="$default_from_email" +fi #================================================= # STANDARD UPGRADE STEPS @@ -76,135 +41,69 @@ ynh_abort_if_errors #================================================= ynh_script_progression --message="Stopping systemd service '$app'..." --weight=5 -ynh_systemd_action --service_name="$app" --action="stop" - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading nginx web server configuration..." - -# Create a dedicated nginx config -# https://yunohost.org/en/contribute/packaging_apps/helpers -# https://github.com/YunoHost/yunohost/blob/dev/helpers/nginx -ynh_add_nginx_config "public_path" "port" - -#================================================= -# SPECIFIC UPGRADE -#================================================= -# Update dependencies -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=20 - -ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies" - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a system user -ynh_system_user_create --username="$app" --home_dir="$final_path" --use_shell - -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Configuring systemd service '$app'..." --weight=5 - -ynh_add_systemd_config --service="$app" --template="systemd.service" - -#================================================= -# PYTHON VIRTUALENV -#================================================= -ynh_script_progression --message="Recreate Python virtualenv..." --weight=5 - -# Always recreate everything fresh with current python version -ynh_secure_remove "${final_path}/venv" - -# Skip pip because of: https://github.com/YunoHost/issues/issues/1960 -python3 -m venv --without-pip "${final_path}/venv" - -cp ../conf/requirements.txt "$final_path/requirements.txt" -chown -R "$app:" "$final_path" +ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log" #================================================= # PIP INSTALLATION #================================================= -ynh_script_progression --message="Install project via pip..." --weight=45 -#run source in a 'sub shell' -( - set +o nounset - source "${final_path}/venv/bin/activate" - set -o nounset - ynh_exec_as $app $final_path/venv/bin/python3 -m ensurepip - ynh_exec_as $app $final_path/venv/bin/pip3 install --upgrade wheel pip setuptools - ynh_exec_as $app $final_path/venv/bin/pip3 install --no-deps -r "$final_path/requirements.txt" -) +ynh_script_progression --message="Installing project via pip..." --weight=45 + +# Always recreate everything fresh with current python version +ynh_secure_remove "$install_dir/venv" + +_install_scovie_venv + +chmod o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" #================================================= # copy config files # ================================================ ynh_script_progression --message="Create project configuration files..." -ynh_add_config --template="gunicorn.conf.py" --destination="$final_path/gunicorn.conf.py" +ynh_add_config --template="gunicorn.conf.py" --destination="$install_dir/gunicorn.conf.py" -ynh_add_config --template="manage.py" --destination="$final_path/manage.py" -chmod +x "$final_path/manage.py" +ynh_add_config --template="manage.py" --destination="$install_dir/manage.py" +chmod +x "$install_dir/manage.py" -ynh_add_config --template="settings.py" --destination="$final_path/settings.py" -ynh_add_config --template="setup_user.py" --destination="$final_path/setup_user.py" -ynh_add_config --template="urls.py" --destination="$final_path/urls.py" -ynh_add_config --template="wsgi.py" --destination="$final_path/wsgi.py" +ynh_add_config --template="settings.py" --destination="$install_dir/settings.py" +ynh_add_config --template="setup_user.py" --destination="$install_dir/setup_user.py" +ynh_add_config --template="urls.py" --destination="$install_dir/urls.py" +ynh_add_config --template="wsgi.py" --destination="$install_dir/wsgi.py" #================================================= # MIGRATE PYINVENTORY #================================================= ynh_script_progression --message="migrate/collectstatic/createadmin..." --weight=10 -cd "$final_path" || exit +pushd "$install_dir" + # Just for debugging: + ynh_exec_as "$app" "$venvpython" ./manage.py diffsettings -# Just for debugging: -./manage.py diffsettings + ynh_exec_as "$app" "$venvpython" ./manage.py migrate --no-input + ynh_exec_as "$app" "$venvpython" ./manage.py collectstatic --no-input -./manage.py migrate --no-input -./manage.py collectstatic --no-input - -# Create/update Django superuser (set unusable password, because auth done via SSOwat): -./manage.py create_superuser --username="$admin" --email="$(ynh_user_get_info "$admin" mail)" - -# Check the configuration -# This may fail in some cases with errors, etc., but the app works and the user can fix issues later. -./manage.py check --deploy || true + # Create/update Django superuser (set unusable password, because auth done via SSOwat): + ynh_exec_as "$app" "$venvpython" ./manage.py create_superuser --username="$admin" --email="$(ynh_user_get_info "$admin" mail)" + # Check the configuration + # This may fail in some cases with errors, etc., but the app works and the user can fix issues later. + ynh_exec_as "$app" "$venvpython" ./manage.py check --deploy || true +popd #================================================= -# SETUP LOGROTATE +# REAPPLY SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 + +ynh_add_nginx_config + +ynh_add_systemd_config --service="$app" --template="systemd.service" +yunohost service add "$app" --description="Digital signage system for high schools" --log="/var/log/$app/$app.log" -# Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." - -yunohost service add $app --description="Digital signage system for high schools" --log="${log_file}" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R "$app:" "$log_path" -chown -R "$app:www-data" "$public_path" -chown -R "$app:" "$final_path" - chmod o-rwx "$log_path" -chmod o-rwx "$public_path" -chmod o-rwx "$final_path" +chown -R "$app:" "$log_path" #================================================= # Start the app server via systemd @@ -213,13 +112,6 @@ ynh_script_progression --message="Starting systemd service '$app'..." --weight=5 ynh_systemd_action --service_name="$app" --action="start" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..d64ef3c --- /dev/null +++ b/tests.toml @@ -0,0 +1,7 @@ +test_format = 1.0 + +[default] + + # ------------ + # Tests to run + # ------------