diff --git a/.gitignore b/.gitignore index da8f598..3ed2386 100644 --- a/.gitignore +++ b/.gitignore @@ -220,3 +220,4 @@ pip-log.txt .directory *-swp +auto_update_config.sh diff --git a/ALL_README.md b/ALL_README.md index a01b345..152f2e7 100644 --- a/ALL_README.md +++ b/ALL_README.md @@ -1,6 +1,7 @@ # All available README files by language - [Read the README in English](README.md) +- [Lea el README en español](README_es.md) - [Irakurri README euskaraz](README_eu.md) - [Lire le README en français](README_fr.md) - [Le o README en galego](README_gl.md) diff --git a/README.md b/README.md index c3b9816..cb1e5d9 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ Seafile is an open Source Cloud Storage application. It's a Enterprise file sync and share platform with high reliability and performance. It's a file hosting platform with high reliability and performance. Put files on your own server. Sync and share files across different devices, or access all the files as a virtual disk. -**Shipped version:** 9.0.9~ynh3 +**Shipped version:** 11.0.9~ynh1 **Demo:** diff --git a/README_es.md b/README_es.md new file mode 100644 index 0000000..8887b85 --- /dev/null +++ b/README_es.md @@ -0,0 +1,59 @@ + + +# Seafile para Yunohost + +[![Nivel de integración](https://dash.yunohost.org/integration/seafile.svg)](https://dash.yunohost.org/appci/app/seafile) ![Estado funcional](https://ci-apps.yunohost.org/ci/badges/seafile.status.svg) ![Estado En Mantención](https://ci-apps.yunohost.org/ci/badges/seafile.maintain.svg) + +[![Instalar Seafile con Yunhost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=seafile) + +*[Leer este README en otros idiomas.](./ALL_README.md)* + +> *Este paquete le permite instalarSeafile rapidamente y simplement en un servidor YunoHost.* +> *Si no tiene YunoHost, visita [the guide](https://yunohost.org/install) para aprender como instalarla.* + +## Descripción general + +Seafile is an open Source Cloud Storage application. + +It's a Enterprise file sync and share platform with high reliability and performance. It's a file hosting platform with high reliability and performance. Put files on your own server. Sync and share files across different devices, or access all the files as a virtual disk. + + +**Versión actual:** 11.0.9~ynh1 + +**Demo:** + +## Capturas + +![Captura de Seafile](./doc/screenshots/mobile-ios-client.jpg) +![Captura de Seafile](./doc/screenshots/drive-client.png) +![Captura de Seafile](./doc/screenshots/file-locking.jpg) +![Captura de Seafile](./doc/screenshots/access-logs.jpg) +![Captura de Seafile](./doc/screenshots/file-history.png) +![Captura de Seafile](./doc/screenshots/wiki_en.png) +![Captura de Seafile](./doc/screenshots/sharing-dialog.png) +![Captura de Seafile](./doc/screenshots/sync-client.jpg) + +## Documentaciones y recursos + +- Sitio web oficial: +- Documentación administrador oficial: +- Repositorio del código fuente oficial de la aplicación : +- Catálogo YunoHost: +- Reportar un error: + +## Información para desarrolladores + +Por favor enviar sus correcciones a la [`branch testing`](https://github.com/YunoHost-Apps/seafile_ynh/tree/testing + +Para probar la rama `testing`, sigue asÍ: + +```bash +sudo yunohost app install https://github.com/YunoHost-Apps/seafile_ynh/tree/testing --debug +o +sudo yunohost app upgrade seafile -u https://github.com/YunoHost-Apps/seafile_ynh/tree/testing --debug +``` + +**Mas informaciones sobre el empaquetado de aplicaciones:** diff --git a/README_eu.md b/README_eu.md index d4ff6c0..6ad7781 100644 --- a/README_eu.md +++ b/README_eu.md @@ -21,7 +21,7 @@ Seafile is an open Source Cloud Storage application. It's a Enterprise file sync and share platform with high reliability and performance. It's a file hosting platform with high reliability and performance. Put files on your own server. Sync and share files across different devices, or access all the files as a virtual disk. -**Paketatutako bertsioa:** 9.0.9~ynh3 +**Paketatutako bertsioa:** 11.0.9~ynh1 **Demoa:** diff --git a/README_fr.md b/README_fr.md index cda0d15..760b246 100644 --- a/README_fr.md +++ b/README_fr.md @@ -21,7 +21,7 @@ Seafile is an open Source Cloud Storage application. It's a Enterprise file sync and share platform with high reliability and performance. It's a file hosting platform with high reliability and performance. Put files on your own server. Sync and share files across different devices, or access all the files as a virtual disk. -**Version incluse :** 9.0.9~ynh3 +**Version incluse :** 11.0.9~ynh1 **Démo :** diff --git a/README_gl.md b/README_gl.md index 38504bc..1fec14a 100644 --- a/README_gl.md +++ b/README_gl.md @@ -21,7 +21,7 @@ Seafile is an open Source Cloud Storage application. It's a Enterprise file sync and share platform with high reliability and performance. It's a file hosting platform with high reliability and performance. Put files on your own server. Sync and share files across different devices, or access all the files as a virtual disk. -**Versión proporcionada:** 9.0.9~ynh3 +**Versión proporcionada:** 11.0.9~ynh1 **Demo:** diff --git a/README_zh_Hans.md b/README_zh_Hans.md index 8eed69f..92d8aa7 100644 --- a/README_zh_Hans.md +++ b/README_zh_Hans.md @@ -3,7 +3,7 @@ 请勿手动编辑。 --> -# YunoHost 的 Seafile +# YunoHost 上的 Seafile [![集成程度](https://dash.yunohost.org/integration/seafile.svg)](https://dash.yunohost.org/appci/app/seafile) ![工作状态](https://ci-apps.yunohost.org/ci/badges/seafile.status.svg) ![维护状态](https://ci-apps.yunohost.org/ci/badges/seafile.maintain.svg) @@ -21,7 +21,7 @@ Seafile is an open Source Cloud Storage application. It's a Enterprise file sync and share platform with high reliability and performance. It's a file hosting platform with high reliability and performance. Put files on your own server. Sync and share files across different devices, or access all the files as a virtual disk. -**分发版本:** 9.0.9~ynh3 +**分发版本:** 11.0.9~ynh1 **演示:** diff --git a/auto_update/auto_update.sh b/auto_update/auto_update.sh new file mode 100644 index 0000000..8484329 --- /dev/null +++ b/auto_update/auto_update.sh @@ -0,0 +1,89 @@ +#!/bin/bash + +set -eu + +readonly app_name=seafile + +get_from_manifest() { + result=$(python3 <&1 | tee "${app_name}_build_temp.log" + return "${PIPESTATUS[0]}" +} + +app_prev_version="$(get_from_manifest ".version" | cut -d'~' -f1)" +app_version="$app_prev_version" + +if check_app_version +then + set +eu + upgrade_app + res=$? + set -eu + if [ $res -eq 0 ]; then + result="Success" + else + result="Failed" + fi + msg="Build: $app_name version $app_version\n" + msg+="$(cat ${app_name}_build_temp.log)" + echo -e "$msg" | mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "Autoupgrade $app_name : $result" "$notify_email" +fi diff --git a/auto_update/auto_update_config_example.sh b/auto_update/auto_update_config_example.sh new file mode 100644 index 0000000..daecfc8 --- /dev/null +++ b/auto_update/auto_update_config_example.sh @@ -0,0 +1 @@ +notify_email="hello@world.tld" diff --git a/conf/ccnet.conf b/conf/ccnet.conf index a26426a..49a0f82 100644 --- a/conf/ccnet.conf +++ b/conf/ccnet.conf @@ -9,9 +9,3 @@ USER = __DB_USER__ PASSWD = __DB_PWD__ DB = ccnetdb CONNECTION_CHARSET = utf8 - -[LDAP] -HOST = ldap://localhost:389 -BASE = ou=users,dc=yunohost,dc=org -LOGIN_ATTR = mail -FILTER = permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org diff --git a/conf/gunicorn.conf.py b/conf/gunicorn.conf.py index 7880d8f..533a73e 100644 --- a/conf/gunicorn.conf.py +++ b/conf/gunicorn.conf.py @@ -7,7 +7,7 @@ workers = 5 bind = "127.0.0.1:__PORT_SEAHUB__" # Pid -pids_dir = '__INSTALL_DIR__/pids' +pids_dir = '/opt/seafile/pids' pidfile = os.path.join(pids_dir, 'seahub.pid') # for file upload, we need a longer timeout value (default is only 30s, too short) diff --git a/conf/nginx.conf b/conf/nginx.conf index 5c8f248..65d8abb 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,31 +1,54 @@ + location __PATH__ { proxy_pass http://127.0.0.1:__PORT_SEAHUB__; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; - proxy_read_timeout 1200s; - # used for view/edit office file via Office Online Server + proxy_read_timeout 1200s; client_max_body_size 0; - access_log /var/log/nginx/seahub.access.log; - error_log /var/log/nginx/seahub.error.log; + access_log /var/log/nginx/seahub.access.log; + error_log /var/log/nginx/seahub.error.log; include conf.d/yunohost_panel.conf.inc; } +location __PATH__/media/ { + alias __SEAFILE_CODE__/seahub/media/; +} + +location __PATH__/media/avatars/ { + alias __DATA_DIR__/seahub-data/avatars/; +} + location /seafhttp/ { proxy_pass http://127.0.0.1:__PORT_FILESERVER__/; - client_max_body_size 0; proxy_connect_timeout 36000s; proxy_read_timeout 36000s; proxy_send_timeout 36000s; + + client_max_body_size 0; + proxy_request_buffering off; + + access_log /var/log/nginx/seafhttp.access.log; + error_log /var/log/nginx/seafhttp.error.log; } +location /notification/ping { + proxy_pass http://127.0.0.1:8083/ping; + access_log /var/log/nginx/notification.access.log; + error_log /var/log/nginx/notification.error.log; +} -location __PATH__/media/ { - alias __INSTALL_DIR__/seafile-server-latest/seahub/media/; +location /notification { + proxy_pass http://127.0.0.1:8083/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + access_log /var/log/nginx/notification.access.log; + error_log /var/log/nginx/notification.error.log; } location /seafdav { @@ -35,8 +58,10 @@ location /seafdav { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 1200s; client_max_body_size 0; + proxy_request_buffering off; access_log /var/log/nginx/seafdav.access.log; error_log /var/log/nginx/seafdav.error.log; diff --git a/conf/seafevents.conf b/conf/seafevents.conf new file mode 100644 index 0000000..8cfa634 --- /dev/null +++ b/conf/seafevents.conf @@ -0,0 +1,18 @@ +[DATABASE] +type = mysql +host = 127.0.0.1 +port = 3306 +username = __DB_USER__ +password = __DB_PWD__ +name = seahubdb + +[STATISTICS] +## must be "true" to enable statistics +enabled = false + +[SEAHUB EMAIL] +## must be "true" to enable user email notifications when there are new unread notifications +enabled = true + +## interval of sending Seahub email. Can be s(seconds), m(minutes), h(hours), d(days) +interval = 1d diff --git a/conf/seafile.conf b/conf/seafile.conf index 68793a7..a684aa8 100644 --- a/conf/seafile.conf +++ b/conf/seafile.conf @@ -7,6 +7,8 @@ max_upload_size=1000 # Set maximum download directory size to 200M. max_download_dir_size=1000 +use_go_fileserver = true + [database] type = mysql host = 127.0.0.1 @@ -15,3 +17,13 @@ user = __DB_USER__ password = __DB_PWD__ db_name = __DB_NAME__ connection_charset = utf8 + +[memcached] +memcached_options = --SERVER=127.0.0.1 --POOL-MIN=10 --POOL-MAX=100 + +[notification] +enabled = true +host = 127.0.0.1 +port = __PORT_NOTIFICATIONSERVER__ +log_level = info +jwt_private_key = __JWT_PRIVATE_KEY_NOTIFICATION_SERVER__ diff --git a/conf/seafile.service b/conf/seafile.service index 5e2fb37..9ccea1c 100644 --- a/conf/seafile.service +++ b/conf/seafile.service @@ -5,11 +5,15 @@ After=mysql.service [Service] Type=forking -ExecStart=/opt/yunohost/__APP__/seafile-server-latest/seafile.sh start -ExecStop=/opt/yunohost/__APP__/seafile-server-latest/seafile.sh stop +ExecStart=/opt/seafile/seafile-server-__SEAFILE_VERSION__/seafile.sh start +ExecStop=/opt/seafile/seafile-server-__SEAFILE_VERSION__/seafile.sh stop User=__APP__ Group=__APP__ +# Config releated to run in docker provied file system +RootDirectory=__INSTALL_DIR__/seafile_image +BindPaths=__SYSTEMD_SEAFILE_BIND_MOUNT__ + # Sandboxing options to harden security # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html NoNewPrivileges=yes diff --git a/conf/seahub.service b/conf/seahub.service index b81a4d4..e274bea 100644 --- a/conf/seahub.service +++ b/conf/seahub.service @@ -4,11 +4,15 @@ After=network.target seafile.service [Service] Type=forking -ExecStart=/opt/yunohost/__APP__/seafile-server-latest/seahub.sh start -ExecStop=/opt/yunohost/__APP__/seafile-server-latest/seahub.sh stop +ExecStart=/opt/seafile/seafile-server-__SEAFILE_VERSION__/seahub.sh start +ExecStop=/opt/seafile/seafile-server-__SEAFILE_VERSION__/seahub.sh stop User=__APP__ Group=__APP__ +# Config releated to run in docker provied file system +RootDirectory=__INSTALL_DIR__/seafile_image +BindPaths=__SYSTEMD_SEAFILE_BIND_MOUNT__ + # Sandboxing options to harden security # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html NoNewPrivileges=yes diff --git a/conf/seahub_settings.py b/conf/seahub_settings.py index ee43935..4c72450 100644 --- a/conf/seahub_settings.py +++ b/conf/seahub_settings.py @@ -1,46 +1,399 @@ -SECRET_KEY = "__SEAHUB_SECRET_KEY__" +# -*- coding: utf-8 -*- + +SECRET_KEY = "{{ seahub_secret_key }}" DATABASES = { 'default': { 'ENGINE': 'django.db.backends.mysql', 'NAME': 'seahubdb', - 'USER': '__DB_USER__', - 'PASSWORD': '__DB_PWD__', + 'USER': '{{ db_user }}', + 'PASSWORD': '{{ db_pwd }}', 'HOST': '127.0.0.1', 'PORT': '3306', - 'OPTIONS': { - 'init_command': 'SET storage_engine=INNODB', - } + 'OPTIONS': {'charset': 'utf8mb4'}, } } -SERVICE_URL = "https://__DOMAIN____PATH__" -FILE_SERVER_ROOT = "https://__DOMAIN__/seafhttp" -SITE_ROOT = "__PATH2__" -SERVE_STATIC = False -MEDIA_URL = "__PATH2__media/" -COMPRESS_URL = MEDIA_URL -STATIC_URL = MEDIA_URL + 'assets/' -EMAIL_USE_TLS = True -EMAIL_HOST = "__DOMAIN__" -EMAIL_HOST_USER = "__APP__" -EMAIL_HOST_PASSWORD = "__MAIL_PWD__" -EMAIL_PORT = "587" -REPLACE_FROM_EMAIL = True -ADD_REPLY_TO_HEADER = True -DEFAULT_FROM_EMAIL = "__APP__@__DOMAIN__" -SERVER_EMAIL = "__APP__@__DOMAIN__" -LOGIN_URL = '__PATH2__accounts/login/' -ENABLE_WIKI = True -ALLOWED_HOSTS = ['__DOMAIN__'] -ENABLE_REMOTE_USER_AUTHENTICATION = True -REMOTE_USER_HEADER = 'HTTP_EMAIL' -REMOTE_USER_CREATE_UNKNOWN_USER = False -REMOTE_USER_PROTECTED_PATH = ['__PATH__', '__PATH2__accounts/login'] -TIME_ZONE = "__TIME_ZONE__" CACHES = { 'default': { 'BACKEND': 'django_pylibmc.memcached.PyLibMCCache', 'LOCATION': '127.0.0.1:11211', }, } + +FILE_SERVER_ROOT = "https://{{ domain }}/seafhttp" +SERVE_STATIC = False +MEDIA_URL = "{{ path2 }}media/" +COMPRESS_URL = MEDIA_URL +STATIC_URL = MEDIA_URL + 'assets/' +LOGIN_URL = '{{ path2 }}accounts/login/' + +# +# LDAP +# + +ENABLE_LDAP = True +# The URL of LDAP server +LDAP_SERVER_URL = 'ldap://localhost:389' + +# The root node of users who can log in to Seafile in the LDAP server +LDAP_BASE_DN = 'ou=users,dc=yunohost,dc=org' + +# DN of the administrator used to query the LDAP server for information. +# For OpenLDAP, it maybe cn=admin,dc=example,dc=com +LDAP_ADMIN_DN = '' # Need to leave empty to work with anonymous authentication + +# Password of LDAP_ADMIN_DN +LDAP_ADMIN_PASSWORD = '' # Need to leave empty to work with anonymous authentication + +# Identify the source of the user, used in +# the table social_auth_usersocialauth, defaults to 'ldap' +LDAP_PROVIDER = 'ldap' + +# User's attribute used to log in to Seafile. +# It should be a unique identifier for the user in LDAP server. +# Learn more about this id from the descriptions at begining of this section. +LDAP_LOGIN_ATTR = 'mail' + +# LDAP user's contact_email attribute +LDAP_CONTACT_EMAIL_ATTR = 'mail' + +# LDAP user's role attribute +LDAP_USER_ROLE_ATTR = '' + +# For sync user's first name +LDAP_USER_FIRST_NAME_ATTR = 'givenName' + +# For sync user's last name +LDAP_USER_LAST_NAME_ATTR = 'sn' + +# Whether to reverse the user's first and last name +LDAP_USER_NAME_REVERSE = False + +# Additional filter conditions, users who meet the filter conditions can log in, otherwise they cannot log in +LDAP_FILTER = 'permission=cn={{ app }}.main,ou=permission,dc=yunohost,dc=org' + +# +# SSO +# + +ENABLE_REMOTE_USER_AUTHENTICATION = True +REMOTE_USER_HEADER = 'HTTP_EMAIL' +REMOTE_USER_CREATE_UNKNOWN_USER = False +REMOTE_USER_PROTECTED_PATH = ['{{ path }}', '{{ path2 }}accounts/login', '{{ path2 }}sso'] + +# +# Security settings +# + +# For security consideration, please set to match the host/domain of your site, e.g., ALLOWED_HOSTS = ['.example.com']. +# Please refer https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts for details. +ALLOWED_HOSTS = ['{{ domain }}'] + +# Whether to use a secure cookie for the CSRF cookie +# https://docs.djangoproject.com/en/3.2/ref/settings/#csrf-cookie-secure +CSRF_COOKIE_SECURE = True + +# The value of the SameSite flag on the CSRF cookie +# https://docs.djangoproject.com/en/3.2/ref/settings/#csrf-cookie-samesite +CSRF_COOKIE_SAMESITE = 'Strict' + +# https://docs.djangoproject.com/en/3.2/ref/settings/#csrf-trusted-origins +CSRF_TRUSTED_ORIGINS = ['https://{{ domain }}'] + +# +# User options +# + +# Enalbe or disalbe registration on web. Default is `False`. +# ENABLE_SIGNUP = False + +# Activate or deactivate user when registration complete. Default is `True`. +# If set to `False`, new users need to be activated by admin in admin panel. +# ACTIVATE_AFTER_REGISTRATION = True + +# Whether to send email when a system admin adding a new member. Default is `True`. +# SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER = True + +# Whether to send email when a system admin resetting a user's password. Default is `True`. +# SEND_EMAIL_ON_RESETTING_USER_PASSWD = True + +# Send system admin notify email when user registration is complete. Default is `False`. +# NOTIFY_ADMIN_AFTER_REGISTRATION = False + +# Remember days for login. Default is 7 +# LOGIN_REMEMBER_DAYS = 7 + +# Attempt limit before showing a captcha when login. +# LOGIN_ATTEMPT_LIMIT = 3 + +# deactivate user account when login attempts exceed limit +# Since version 5.1.2 or pro 5.1.3 +# FREEZE_USER_ON_LOGIN_FAILED = False + +# Age of cookie, in seconds (default: 2 weeks). +# SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2 + +# Whether a user's session cookie expires when the Web browser is closed. +# SESSION_EXPIRE_AT_BROWSER_CLOSE = False + +# Whether to save the session data on every request. Default is `False` +# SESSION_SAVE_EVERY_REQUEST = False + +# Whether enable the feature "published library". Default is `False` +# Since 6.1.0 CE +ENABLE_WIKI = True + +# In old version, if you use Single Sign On, the password is not saved in Seafile. +# Users can't use WebDAV because Seafile can't check whether the password is correct. +# Since version 6.3.8, you can enable this option to let user's to specific a password for WebDAV login. +# Users login via SSO can use this password to login in WebDAV. +# Enable the feature. pycryptodome should be installed first. +# sudo pip install pycryptodome==3.12.0 +ENABLE_WEBDAV_SECRET = False + +# Since version 7.0.9, you can force a full user to log in with a two factor authentication. +# The prerequisite is that the administrator should 'enable two factor authentication' in the 'System Admin -> Settings' page. +# Then you can add the following configuration information to the configuration file. +# ENABLE_FORCE_2FA_TO_ALL_USERS = False + +# +# Library options +# + +# if enable create encrypted library +# ENABLE_ENCRYPTED_LIBRARY = True + +# version for encrypted library +# should only be `2` or `4`. +# version 3 is insecure (using AES128 encryption) so it's not recommended any more. +# ENCRYPTED_LIBRARY_VERSION = 2 + +# mininum length for password of encrypted library +# REPO_PASSWORD_MIN_LENGTH = 8 + +# force use password when generate a share/upload link (since version 8.0.9) +# SHARE_LINK_FORCE_USE_PASSWORD = False + +# mininum length for password for share link (since version 4.4) +# SHARE_LINK_PASSWORD_MIN_LENGTH = 8 + +# LEVEL for the password of a share/upload link +# based on four types of input: +# num, upper letter, lower letter, other symbols +# '3' means password must have at least 3 types of the above. (since version 8.0.9) +# SHARE_LINK_PASSWORD_STRENGTH_LEVEL = 3 + +# Default expire days for share link (since version 6.3.8) +# Once this value is configured, the user can no longer generate an share link with no expiration time. +# If the expiration value is not set when the share link is generated, the value configured here will be used. +# SHARE_LINK_EXPIRE_DAYS_DEFAULT = 5 + +# minimum expire days for share link (since version 6.3.6) +# SHARE_LINK_EXPIRE_DAYS_MIN should be less than SHARE_LINK_EXPIRE_DAYS_DEFAULT (If the latter is set). +# SHARE_LINK_EXPIRE_DAYS_MIN = 3 # default is 0, no limit. + +# maximum expire days for share link (since version 6.3.6) +# SHARE_LINK_EXPIRE_DAYS_MIN should be greater than SHARE_LINK_EXPIRE_DAYS_DEFAULT (If the latter is set). +# SHARE_LINK_EXPIRE_DAYS_MAX = 8 # default is 0, no limit. + +# Default expire days for upload link (since version 7.1.6) +# Once this value is configured, the user can no longer generate an upload link with no expiration time. +# If the expiration value is not set when the upload link is generated, the value configured here will be used. +# UPLOAD_LINK_EXPIRE_DAYS_DEFAULT = 5 + +# minimum expire days for upload link (since version 7.1.6) +# UPLOAD_LINK_EXPIRE_DAYS_MIN should be less than UPLOAD_LINK_EXPIRE_DAYS_DEFAULT (If the latter is set). +# UPLOAD_LINK_EXPIRE_DAYS_MIN = 3 # default is 0, no limit. + +# maximum expire days for upload link (since version 7.1.6) +# UPLOAD_LINK_EXPIRE_DAYS_MAX should be greater than UPLOAD_LINK_EXPIRE_DAYS_DEFAULT (If the latter is set). +# UPLOAD_LINK_EXPIRE_DAYS_MAX = 8 # default is 0, no limit. + +# force user login when view file/folder share link (since version 6.3.6) +# SHARE_LINK_LOGIN_REQUIRED = False + +# enable water mark when view(not edit) file in web browser (since version 6.3.6) +# ENABLE_WATERMARK = True + +# Disable sync with any folder. Default is `False` +# NOTE: since version 4.2.4 +# DISABLE_SYNC_WITH_ANY_FOLDER = False + +# Enable or disable library history setting +# ENABLE_REPO_HISTORY_SETTING = True + +# Enable or disable normal user to create organization libraries +# Since version 5.0.5 +# ENABLE_USER_CREATE_ORG_REPO = True + +# Enable or disable user share library to any group +# Since version 6.2.0 +# ENABLE_SHARE_TO_ALL_GROUPS = True + +# Enable or disable user to clean trash (default is True) +# Since version 6.3.6 +# ENABLE_USER_CLEAN_TRASH = True + +# Add a report abuse button on download links. (since version 7.1.0) +# Users can report abuse on the share link page, fill in the report type, contact information, and description. +# Default is false. +# ENABLE_SHARE_LINK_REPORT_ABUSE = False + +# +# Online preview +# + +# Whether to use pdf.js to view pdf files online. Default is `True`, you can turn it off. +# NOTE: since version 1.4. +# USE_PDFJS = True + +# Online preview maximum file size, defaults to 30M. +# FILE_PREVIEW_MAX_SIZE = 30 * 1024 * 1024 + +# Extensions of previewed text files. +# NOTE: since version 6.1.1 +# TEXT_PREVIEW_EXT = """ac, am, bat, c, cc, cmake, cpp, cs, css, diff, el, h, html, +# htm, java, js, json, less, make, org, php, pl, properties, py, rb, +# scala, script, sh, sql, txt, text, tex, vi, vim, xhtml, xml, log, csv, +# groovy, rst, patch, go""" + +# Enable or disable thumbnails +# NOTE: since version 4.0.2 +# ENABLE_THUMBNAIL = True + +# Seafile only generates thumbnails for images smaller than the following size. +# Since version 6.3.8 pro, suport the psd online preview. +# THUMBNAIL_IMAGE_SIZE_LIMIT = 30 # MB + +# Enable or disable thumbnail for video. ffmpeg and moviepy should be installed first. +# For details, please refer to https://manual.seafile.com/deploy/video_thumbnails.html +# NOTE: this option is deprecated in version 7.1 +# ENABLE_VIDEO_THUMBNAIL = False + +# Use the frame at 5 second as thumbnail +# NOTE: this option is deprecated in version 7.1 +# THUMBNAIL_VIDEO_FRAME_TIME = 5 + +# Absolute filesystem path to the directory that will hold thumbnail files. +# THUMBNAIL_ROOT = '/haiwen/seahub-data/thumbnail/thumb/' + +# Default size for picture preview. Enlarge this size can improve the preview quality. +# NOTE: since version 6.1.1 +# THUMBNAIL_SIZE_FOR_ORIGINAL = 1024 + +# +# Other options +# + +# This is outside URL for Seahub(Seafile Web). +# The domain part (i.e., www.example.com) will be used in generating share links and download/upload file via web. +# Note: Outside URL means "if you use Nginx, it should be the Nginx's address" +# Note: SERVICE_URL is moved to seahub_settings.py since 9.0.0 +SERVICE_URL = "https://{{ domain }}{{ path }}" + +# Disable settings via Web interface in system admin->settings +# Default is True +# Since 5.1.3 +# ENABLE_SETTINGS_VIA_WEB = True + +# Choices can be found here: +# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name +# although not all choices may be available on all operating systems. +# If running in a Windows environment this must be set to the same as your +# system time zone. +TIME_ZONE = "{{ time_zone }}" + +# Language code for this installation. All choices can be found here: +# http://www.i18nguy.com/unicode/language-identifiers.html +# Default language for sending emails. +LANGUAGE_CODE = '{{ language }}' + +# Custom language code choice. +# LANGUAGES = ( ) + +# Set this to your website/company's name. This is contained in email notifications and welcome message when user login for the first time. +SITE_NAME = 'Seafile' + +# Browser tab's title +SITE_TITLE = 'Private Seafile' + +# If you don't want to run seahub website on your site's root path, set this option to your preferred path. +# e.g. setting it to '/seahub/' would run seahub on http://example.com/seahub/. +SITE_ROOT = "{{ path2 }}" + +# Max number of files when user upload file/folder. +# Since version 6.0.4 +# MAX_NUMBER_OF_FILES_FOR_FILEUPLOAD = 500 + +# Control the language that send email. Default to user's current language. +# Since version 6.1.1 +# SHARE_LINK_EMAIL_LANGUAGE = '' + +# Interval for browser requests unread notifications +# Since PRO 6.1.4 or CE 6.1.2 +# UNREAD_NOTIFICATIONS_REQUEST_INTERVAL = 3 * 60 # seconds + +# Get web api auth token on profile page. +# ENABLE_GET_AUTH_TOKEN_BY_SESSION = True + +# Since 8.0.6 CE/PRO version. +# Url redirected to after user logout Seafile. +# Usually configured as Single Logout url. +LOGOUT_REDIRECT_URL = 'https://{{ domain }}/yunohost/sso/?action=logout' + +# Enable system admin add T&C, all users need to accept terms before using. Defaults to `False`. +# Since version 6.0 +# ENABLE_TERMS_AND_CONDITIONS = False + +# Enable two factor authentication for accounts. Defaults to `False`. +# Since version 6.0 +# ENABLE_TWO_FACTOR_AUTH = False + +# Enable user select a template when he/she creates library. +# When user select a template, Seafile will create folders releated to the pattern automaticly. +# Since version 6.0 +# LIBRARY_TEMPLATES = { +# 'Technology': ['/Develop/Python', '/Test'], +# 'Finance': ['/Current assets', '/Fixed assets/Computer'] +# } + +# Enable a user to change password in 'settings' page. Default to `True` +# Since version 6.2.11 +# ENABLE_CHANGE_PASSWORD = True + +# If show contact email when search user. +# ENABLE_SHOW_CONTACT_EMAIL_WHEN_SEARCH_USER = True + +# +# Mail +# + +EMAIL_USE_TLS = True +EMAIL_HOST = "{{ domain }}" +EMAIL_HOST_USER = "{{ app }}" +EMAIL_HOST_PASSWORD = "{{ mail_pwd }}" +EMAIL_PORT = "587" +REPLACE_FROM_EMAIL = True +ADD_REPLY_TO_HEADER = True +DEFAULT_FROM_EMAIL = "{{ app }}@{{ domain }}" +SERVER_EMAIL = "{{ app }}@{{ domain }}" + +# +# RESTful API +# + +# API throttling related settings. Enlarger the rates if you got 429 response code during API calls. +# REST_FRAMEWORK = { +# 'DEFAULT_THROTTLE_RATES': { +# 'ping': '600/minute', +# 'anon': '5/minute', +# 'user': '300/minute', +# }, +# 'UNICODE_JSON': False, +# } + +# Throtting whitelist used to disable throttle for certain IPs. +# e.g. REST_FRAMEWORK_THROTTING_WHITELIST = ['127.0.0.1', '192.168.1.1'] +# Please make sure `REMOTE_ADDR` header is configured in Nginx conf according to https://manual.seafile.com/deploy/deploy_with_nginx.html. +# REST_FRAMEWORK_THROTTING_WHITELIST = [] diff --git a/manifest.toml b/manifest.toml index 6483e63..cb2c69e 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Seafile" description.en = "Open Source Cloud Storage" description.fr = "Stockage Cloud Open Source" -version = "9.0.9~ynh3" +version = "11.0.9~ynh1" maintainers = ["Josué Tille"] @@ -18,13 +18,13 @@ code = "https://github.com/haiwen/seafile-server" cpe = "cpe:2.3:a:seafile:seafile" [integration] -yunohost = ">= 11.2.8" -architectures = ["amd64", "arm64", "armhf"] +yunohost = ">= 11.2.13" +architectures = ["amd64", "arm64"] multi_instance = false ldap = true sso = true -disk = "1G" -ram.build = "500M" +disk = "1.5G" +ram.build = "0M" ram.runtime = "500M" [install] @@ -66,8 +66,8 @@ ram.runtime = "500M" [resources.install_dir] dir = "/opt/yunohost/__APP__" - owner = "__APP__:rwX" - group = "__APP__:rX" + owner = "__APP__:rwx" + group = "www-data:rx" [resources.data_dir] dir = "/home/yunohost.app/__APP__" @@ -82,6 +82,13 @@ ram.runtime = "500M" file_server.show_tile = false file_server.protected = true + notification_server.url = "__DOMAIN__/notification" + notification_server.label = "Notification server" + notification_server.allowed = "visitors" + notification_server.auth_header = false + notification_server.show_tile = false + notification_server.protected = true + webdav.url = "__DOMAIN__/seafdav" webdav.label = "Webdav" webdav.allowed = "visitors" @@ -89,6 +96,13 @@ ram.runtime = "500M" webdav.protected = true webdav.show_tile = false + notification.url = "__DOMAIN__/notification" + notification.label = "Client-notification" + notification.allowed = "visitors" + notification.auth_header = false + notification.protected = true + notification.show_tile = false + media.url = "/media" media.label = "Media" media.allowed = "visitors" @@ -99,24 +113,22 @@ ram.runtime = "500M" [resources.ports] seahub.default = 8000 fileserver.default = 8082 + notificationserver.default = 8083 webdav.default = 8080 [resources.sources.main] - amd64.url = "https://s3.eu-central-1.amazonaws.com/download.seadrive.org/seafile-server_9.0.9_x86-64.tar.gz" - amd64.sha256 = "db76bb33572ad0a6860470e907bed4ed780aa17d9e022226d99448a7f9e4ba74" + format = "docker" + extract = true + prefetch = false - arm64.url = "https://github.com/haiwen/seafile-rpi/releases/download/v9.0.9/seafile-server-9.0.9-bullseye-arm64v8l.tar.gz" - arm64.sha256 = "c58f5d6b741dec240be9d75d6e617102b7adbfeba98cbd866732822bf9ca10b7" - armhf.url = "https://github.com/haiwen/seafile-rpi/releases/download/v9.0.9/seafile-server-9.0.9-bullseye-arm32v7l.tar.gz" - armhf.sha256 = "171fcf08b726d452e1c4cd22dadb9f8f5cf6848424ebc1e04cde5be34ef3d7f6" + amd64.url = "seafileltd/seafile-mc:11.0.9" + amd64.sha256 = "564f122eae31e96c24be12c25affec7618fa574abf2ba381fadb8467e8e4ad4e" + + arm64.url = "seafileltd/seafile-mc:11.0.9" + arm64.sha256 = "57a78b0f80e8ecf272fca5fc3f2aff685239849f222bd358fbac4be0d4b280a2" [resources.apt] - packages = ["ffmpeg", - "python3", "python3-venv", "python3-setuptools", "python3-pip", "python3-dev", - "python3-requests", "python3-scipy", "python3-matplotlib", - "mariadb-server", "libmariadb-dev-compat", "libmariadb-dev", - "memcached", "libmemcached-dev", - "libjpeg62-turbo-dev", "zlib1g-dev", "libffi-dev"] + packages = ["mariadb-server", "memcached"] [resources.database] type = "mysql" diff --git a/scripts/_common.sh b/scripts/_common.sh index 3ee6dfa..f65469b 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -2,99 +2,88 @@ # SET ALL CONSTANTS #================================================= -time_zone=$(cat /etc/timezone) -python_version="$(python3 -V | cut -d' ' -f2 | cut -d. -f1-2)" +readonly time_zone="$(cat /etc/timezone)" +readonly python_version="$(python3 -V | cut -d' ' -f2 | cut -d. -f1-2)" +systemd_seafile_bind_mount="$data_dir/seafile-data:/opt/seafile/seafile-data " +systemd_seafile_bind_mount+="$data_dir/seahub-data:/opt/seafile/seahub-data " +systemd_seafile_bind_mount+="/var/log/$app:/opt/seafile/logs " +systemd_seafile_bind_mount+="$install_dir/conf:/opt/seafile/conf " +systemd_seafile_bind_mount+="$install_dir/ccnet:/opt/seafile/ccnet " +systemd_seafile_bind_mount+="/proc " +systemd_seafile_bind_mount+="/dev" # Create special path with / at the end -if [[ $path == '/' ]] +if [[ "$path" == '/' ]] then - path2="$path" + readonly path2="$path" else - path2="$path/" + readonly path2="$path/" +fi + +if [ "${LANG:0:2}" == C. ]; then + readonly language=en +else + readonly language="${LANG:0:2}" fi #================================================= # DEFINE ALL COMMON FONCTIONS #================================================= -install_pkg_conf() { - # Install manually pkgconf - # WARNING don't move this to dependencies - # We install this manually because we have an issue between pkgconf and pkg-config. - # If pkg-config is already installed on the system we can't declare pkgconf as dependency as pkg-config need to be removed to install pkgconf (note that pkgconf replace pkg-config and both can't be installed) - ynh_apt install pkgconf +run_seafile_cmd() { + ynh_exec_warn_less systemd-run --wait --uid="$app" --gid="$app" \ + --property=RootDirectory="$install_dir"/seafile_image \ + --property="BindPaths=$systemd_seafile_bind_mount" \ + $@ } -install_dependance() { - ynh_add_swap --size=2000 - - # Clean venv is it was on python3 with old version in case major upgrade of debian - if [ ! -e $install_dir/venv/bin/python3 ] || [ ! -e $install_dir/venv/lib/python$python_version ]; then - ynh_secure_remove --file=$install_dir/venv/bin - ynh_secure_remove --file=$install_dir/venv/lib - ynh_secure_remove --file=$install_dir/venv/lib64 - ynh_secure_remove --file=$install_dir/venv/include - ynh_secure_remove --file=$install_dir/venv/share - ynh_secure_remove --file=$install_dir/venv/pyvenv.cfg - fi - - # Create venv if it don't exist - test -e $install_dir/venv/bin/python3 || python3 -m venv $install_dir/venv - - u_arg='u' - set +$u_arg; - source $install_dir/venv/bin/activate - set -$u_arg; - - # Note that we install imageio to force the dependance, without this imageio 2.8 is installed and it need python3.5 - if [ $(lsb_release --codename --short) == "bookworm" ]; then - # Fix cffi installtion issue cf: https://github.com/haiwen/seahub/issues/5166 - pip3 install --upgrade 'cffi==1.15.1' - sed -e "s|1.14.0|1.15.1|" -i $install_dir/seafile-server-$seafile_version/seahub/thirdpart/cffi/__init__.py - else - pip3 install --upgrade cffi==1.14.0 - fi - if [ -n "$(uname -m | grep x86_64)" ]; then - py_dependancy="django==3.2.* Pillow<10.0.0 pylibmc captcha jinja2 SQLAlchemy<2 django-pylibmc django-simple-captcha python3-ldap mysqlclient pycryptodome==3.12.0 lxml python3-ldap" - else - py_dependancy="lxml python3-ldap" - fi - pip3 install --upgrade --timeout=3600 $py_dependancy - - set +$u_arg; - deactivate - set -$u_arg; - ynh_del_swap - - # Create symbolic link to venv package on seahub - ls $install_dir/venv/lib/python$python_version/site-packages | while read f; do - if [ ! -e "$install_dir/seafile-server-$seafile_version/seahub/thirdpart/$f" ]; then - ln -s ../../../venv/lib/python$python_version/site-packages/$f $install_dir/seafile-server-$seafile_version/seahub/thirdpart/$f - fi - done +install_source() { + ynh_setup_source_custom --dest_dir="$install_dir"/seafile_image --full_replace + mkdir -p "$install_dir"/seafile_image/opt/seafile/{seafile-data,seahub-data,conf,ccnet,logs} + grep "^$app:x" /etc/passwd | sed "s|$install_dir|/opt/seafile|" >> "$install_dir"/seafile_image/etc/passwd + grep "^$app:x" /etc/group >> "$install_dir"/seafile_image/etc/group + grep "^$app:x" /etc/group- >> "$install_dir"/seafile_image/etc/group- + grep "^$app:" /etc/shadow >> "$install_dir"/seafile_image/etc/shadow } set_permission() { - chown -R $app:$app $install_dir - chmod -R u+rwX,g-wx,o= $install_dir - setfacl -m user:www-data:rX $install_dir - setfacl -m user:www-data:rX $install_dir/seafile-server-$seafile_version - # At install time theses directory are not available - test -e $install_dir/seafile-server-$seafile_version/seahub && setfacl -m user:www-data:rX $install_dir/seafile-server-$seafile_version/seahub - test -e $install_dir/seafile-server-$seafile_version/seahub/media && setfacl -R -m user:www-data:rX $install_dir/seafile-server-$seafile_version/seahub/media - test -e $install_dir/seahub-data && setfacl -m user:www-data:rX $data_dir - test -e $install_dir/seahub-data && setfacl -R -m user:www-data:rX $data_dir/seahub-data + chown -R "$app:$app" "$install_dir"/{conf,ccnet} + chmod -R u+rwX,g-w,o= "$install_dir"/{conf,ccnet} + chown -R "$app:$app" "$install_dir"/seafile_image/opt/seafile + chmod -R u+rwX,g-w,o= "$install_dir"/seafile_image/opt/seafile - find $data_dir \( \! -perm -o= \ - -o \! -user $app \ - -o \! -group $app \) \ - -exec chown $app:$app {} \; \ + # Allow to www-data to each dir between /opt/yunohost/seafile and /opt/yunohost/seafile/seafile_image/opt/seafile/seahub/media + local dir_path='' + while read -r -d/ dir_name; do + dir_path+="$dir_name/" + if [[ "$dir_path" == "$install_dir"* ]] && [ -e "$dir_path" ]; then + setfacl -m user:www-data:rX "$dir_path" + fi + done <<< "$seafile_code/seahub/media" + test -e "$install_dir/seafile_image/opt/seafile/seahub-data" && setfacl -m user:www-data:rX "$install_dir/seafile_image/opt/seafile/seahub-data" + test -e "$seafile_code/seahub/media" && setfacl -R -m user:www-data:rX "$seafile_code/seahub/media" + + # At install time theses directory are not available + test -e "$install_dir"/seahub-data && setfacl -m user:www-data:rX "$data_dir" + test -e "$install_dir"/seahub-data && setfacl -R -m user:www-data:rX "$data_dir"/seahub-data + + find "$data_dir" \( \! -perm -o= \ + -o \! -user "$app" \ + -o \! -group "$app" \) \ + -exec chown "$app:$app" {} \; \ -exec chmod o= {} \; } clean_url_in_db_config() { sql_request='DELETE FROM `constance_config` WHERE `constance_key`= "SERVICE_URL"' - ynh_mysql_execute_as_root --sql "$sql_request" --database seahubdb + ynh_mysql_execute_as_root --sql="$sql_request" --database=seahubdb sql_request='DELETE FROM `constance_config` WHERE `constance_key`= "FILE_SERVER_ROOT"' - ynh_mysql_execute_as_root --sql "$sql_request" --database seahubdb + ynh_mysql_execute_as_root --sql="$sql_request" --database=seahubdb +} + +ensure_vars_set() { + if [ -z "${jwt_private_key_notification_server:-}" ]; then + jwt_private_key_notification_server=$(ynh_string_random -l 32) + ynh_app_setting_set --app="$app" --key=jwt_private_key_notification_server --value="$jwt_private_key_notification_server" + fi } diff --git a/scripts/backup b/scripts/backup index eeb91e9..c5d9791 100644 --- a/scripts/backup +++ b/scripts/backup @@ -12,6 +12,7 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers seafile_version=$(ynh_app_upstream_version) +seafile_code="$install_dir/seafile_image/opt/seafile/seafile-server-$seafile_version" if systemctl is-active seafile --quiet || systemctl is-active seahub --quiet; then ynh_print_warn --message="It's hightly recommended to make your backup when the service is stopped. Please stop seafile service and seahub service with this command before to run the backup 'systemctl stop seafile.service seahub.service'" @@ -23,23 +24,23 @@ fi # # Backup app files ynh_print_info --message="Backing up code..." -ynh_backup --src_path "$install_dir" +ynh_backup --src_path="$install_dir" ynh_print_info --message="Backing up user data..." ynh_backup --src_path="$data_dir" --dest_path="data" --is_big=1 ynh_print_info --message="Backing up configuration..." -ynh_backup --src_path "/etc/nginx/conf.d/$domain.d/${app}.conf" -ynh_backup --src_path /etc/systemd/system/seafile.service -ynh_backup --src_path /etc/systemd/system/seahub.service -ynh_backup --src_path /etc/fail2ban/jail.d/"$app".conf -ynh_backup --src_path /etc/fail2ban/filter.d/"$app".conf +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/${app}.conf" +ynh_backup --src_path=/etc/systemd/system/seafile.service +ynh_backup --src_path=/etc/systemd/system/seahub.service +ynh_backup --src_path=/etc/fail2ban/jail.d/"$app".conf +ynh_backup --src_path=/etc/fail2ban/filter.d/"$app".conf # Backup logs ynh_backup --src_path="/var/log/$app" # Backup mysql ynh_print_info --message="Backing up database" -ynh_mysql_dump_db --database "$db_name" > "${YNH_CWD}"/seafiledb.dmp -ynh_mysql_dump_db --database ccnetdb > "${YNH_CWD}"/ccnetdb.dmp -ynh_mysql_dump_db --database seahubdb > "${YNH_CWD}"/seahubdb.dmp +ynh_mysql_dump_db --database="$db_name" > "${YNH_CWD}"/seafiledb.dmp +ynh_mysql_dump_db --database=ccnetdb > "${YNH_CWD}"/ccnetdb.dmp +ynh_mysql_dump_db --database=seahubdb > "${YNH_CWD}"/seahubdb.dmp ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 5e38c3c..cdbb140 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -11,15 +11,8 @@ source ./_common.sh # Source YunoHost helpers source /usr/share/yunohost/helpers -seafile_version=$(ynh_app_upstream_version) - -# Create special path with / at the end -if [[ $path == '/' ]] -then - path2=$path -else - path2=$path"/" -fi +seafile_version="$(ynh_app_upstream_version)" +seafile_code="$install_dir/seafile_image/opt/seafile/seafile-server-$seafile_version" #================================================= # STANDARD MODIFICATIONS @@ -35,8 +28,8 @@ ynh_change_url_nginx_config ynh_script_progression --message="Stoping services..." # Stop service before any change -ynh_systemd_action --service_name seafile --action stop -ynh_systemd_action --service_name seahub --action stop +ynh_systemd_action --service_name=seafile --action=stop +ynh_systemd_action --service_name=seahub --action=stop sleep 2 pkill -f seafile-controller || true pkill -f seaf-server || true @@ -46,14 +39,14 @@ pkill -f seahub || true ynh_script_progression --message="Updating seafile configuration..." # Update Seafile Config -ynh_add_config --template=seahub_settings.py --destination=$install_dir/conf/seahub_settings.py -ynh_add_config --template=ccnet.conf --destination=$install_dir/conf/ccnet.conf -ynh_add_config --template=gunicorn.conf.py --destination=$install_dir/conf/gunicorn.conf.py -ynh_add_config --template=seafdav.conf --destination=$install_dir/conf/seafdav.conf +ynh_add_config --jinja --template=seahub_settings.py --destination="$install_dir"/conf/seahub_settings.py +ynh_add_config --template=ccnet.conf --destination="$install_dir"/conf/ccnet.conf +ynh_add_config --template=gunicorn.conf.py --destination="$install_dir"/conf/gunicorn.conf.py +ynh_add_config --template=seafdav.conf --destination="$install_dir"/conf/seafdav.conf # Update permissions -ynh_permission_url --permission=file_server --url=$domain/seafhttp -ynh_permission_url --permission=webdav --url=$domain/seafdav +ynh_permission_url --permission=file_server --url="$domain"/seafhttp +ynh_permission_url --permission=webdav --url="$domain"/seafdav # Clean url in config in DB clean_url_in_db_config @@ -63,8 +56,8 @@ sleep 2 # Reload services ynh_script_progression --message="Starting services..." -ynh_systemd_action --service_name seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log -ynh_systemd_action --service_name seahub -l "Started Seafile hub." -p "systemd" +ynh_systemd_action --service_name=seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log +ynh_systemd_action --service_name=seahub -l "Started Seafile hub." -p "systemd" sleep 2 -ynh_script_progression --message="Change of URL completed for $app" --time --last +ynh_script_progression --message="Change of URL completed for $app" --time=--last diff --git a/scripts/experimental_helper.sh b/scripts/experimental_helper.sh index 26538a9..e69de29 100644 --- a/scripts/experimental_helper.sh +++ b/scripts/experimental_helper.sh @@ -1,99 +0,0 @@ -#!/bin/bash - -# Add swap -# -# usage: ynh_add_swap --size=SWAP in Mb -# | arg: -s, --size= - Amount of SWAP to add in Mb. -ynh_add_swap () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [s]=size= ) - local size - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - - local swap_max_size=$(( $size * 1024 )) - - local free_space=$(df --output=avail / | sed 1d) - # Because we don't want to fill the disk with a swap file, divide by 2 the available space. - local usable_space=$(( $free_space / 2 )) - - SD_CARD_CAN_SWAP=${SD_CARD_CAN_SWAP:-0} - - # Swap on SD card only if it's is specified - if ynh_is_main_device_a_sd_card && [ "$SD_CARD_CAN_SWAP" == "0" ] - then - ynh_print_warn --message="The main mountpoint of your system '/' is on an SD card, swap will not be added to prevent some damage of this one, but that can cause troubles for the app $app. If you still want activate the swap, you can relaunch the command preceded by 'SD_CARD_CAN_SWAP=1'" - return - fi - - # Compare the available space with the size of the swap. - # And set a acceptable size from the request - if [ $usable_space -ge $swap_max_size ] - then - local swap_size=$swap_max_size - elif [ $usable_space -ge $(( $swap_max_size / 2 )) ] - then - local swap_size=$(( $swap_max_size / 2 )) - elif [ $usable_space -ge $(( $swap_max_size / 3 )) ] - then - local swap_size=$(( $swap_max_size / 3 )) - elif [ $usable_space -ge $(( $swap_max_size / 4 )) ] - then - local swap_size=$(( $swap_max_size / 4 )) - else - echo "Not enough space left for a swap file" >&2 - local swap_size=0 - fi - - # If there's enough space for a swap, and no existing swap here - if [ $swap_size -ne 0 ] && [ ! -e /swap_$app ] - then - # Create file - truncate -s 0 /swap_$app - - # set the No_COW attribute on the swapfile with chattr - chattr +C /swap_$app || true - - # Preallocate space for the swap file, fallocate may sometime not be used, use dd instead in this case - if ! fallocate -l ${swap_size}K /swap_$app - then - dd if=/dev/zero of=/swap_$app bs=1024 count=${swap_size} - fi - chmod 0600 /swap_$app - # Create the swap - mkswap /swap_$app - # And activate it - swapon /swap_$app || true - # Then add an entry in fstab to load this swap at each boot. - echo -e "/swap_$app swap swap defaults 0 0 #Swap added by $app" >> /etc/fstab - fi -} - -ynh_del_swap () { - # If there a swap at this place - if [ -e /swap_$app ] - then - # Clean the fstab - sed -i "/#Swap added by $app/d" /etc/fstab - # Desactive the swap file - swapoff /swap_$app || true - # And remove it - rm /swap_$app - fi -} - -# Check if the device of the main mountpoint "/" is an SD card -# -# [internal] -# -# return 0 if it's an SD card, else 1 -ynh_is_main_device_a_sd_card () { - local main_device=$(lsblk --output PKNAME --noheadings $(findmnt / --nofsroot --uniq --output source --noheadings --first-only)) - - if echo $main_device | grep --quiet "mmc" && [ $(tail -n1 /sys/block/$main_device/queue/rotational) == "0" ] - then - return 0 - else - return 1 - fi -} diff --git a/scripts/install b/scripts/install index ad85c79..b883257 100644 --- a/scripts/install +++ b/scripts/install @@ -7,13 +7,15 @@ # Import common cmd source ./experimental_helper.sh source ./_common.sh +source ./ynh_setup_source # Source YunoHost helpers source /usr/share/yunohost/helpers seafile_version=$(ynh_app_upstream_version) +seafile_code="$install_dir/seafile_image/opt/seafile/seafile-server-$seafile_version" -install_pkg_conf +ensure_vars_set #================================================= # STANDARD MODIFICATIONS @@ -30,28 +32,29 @@ fi mkdir -p /var/log/"$app" mkdir -p "$data_dir"/{seafile-data,seahub-data} +mkdir -p "$install_dir"/{conf,ccnet} # Download new version from sources ynh_script_progression --message="Installing sources files..." --weight=7 -ynh_setup_source --dest_dir=$install_dir/seafile-server-$seafile_version - -ynh_script_progression --message="Installing python dependancies..." -install_dependance +install_source # init databases ynh_script_progression --message="Configuring MySQL database..." db_user=seafile -ynh_''mysql_setup_db --db_user "$db_user" --db_name ccnetdb --db_pwd "$db_pwd" -ynh_''mysql_setup_db --db_user "$db_user" --db_name seahubdb --db_pwd "$db_pwd" +ynh_''mysql_setup_db --db_user="$db_user" --db_name=ccnetdb --db_pwd="$db_pwd" +ynh_''mysql_setup_db --db_user="$db_user" --db_name=seahubdb --db_pwd="$db_pwd" ynh_script_progression --message="Configuring application..." --weight=3 # Run install script set_permission -ynh_replace_special_string --match_string 'seafile_config.seafile_dir = seafile_config.validate_seafile_dir(seafile_dir)' \ - --replace_string 'seafile_config.seafile_dir = seafile_dir' \ - --target_file "$install_dir/seafile-server-$seafile_version/setup-seafile-mysql.py" -sudo -u "$app" bash "$install_dir/seafile-server-$seafile_version/setup-seafile-mysql.sh" auto \ +ynh_replace_special_string --match_string='seafile_config.seafile_dir = seafile_config.validate_seafile_dir(seafile_dir)' \ + --replace_string='seafile_config.seafile_dir = seafile_dir' \ + --target_file="$seafile_code/setup-seafile-mysql.py" +ynh_replace_special_string --match_string="Utils.error('Ccnet config dir \\\"%s\\\" already exists.' % ccnet_config.ccnet_dir)" \ + --replace_string='patched = 1' \ + --target_file="$seafile_code/setup-seafile-mysql.py" +run_seafile_cmd bash "/opt/seafile/seafile-server-$seafile_version/setup-seafile-mysql.sh" auto \ --server-name "$server_name" \ --server-ip "$domain" \ --fileserver-port "$port_fileserver" \ @@ -60,27 +63,28 @@ sudo -u "$app" bash "$install_dir/seafile-server-$seafile_version/setup-seafile- --mysql-port 3306 \ --mysql-user "$db_user" \ --mysql-user-passwd "$db_pwd" \ - --seafile-db "$db_name" \ - --ccnet-db ccnetdb \ - --seahub-db seahubdb + -s "$db_name" \ + -c ccnetdb \ + -b seahubdb # Retrive values from auto generated config file seahub_secret_key=$(grep -P 'SECRET_KEY\s*=\s*".+"' "$install_dir"/conf/seahub_settings.py | cut -d'"' -f2) -ynh_app_setting_set --app "$app" --key seahub_secret_key --value "$seahub_secret_key" +ynh_app_setting_set --app="$app" --key=seahub_secret_key --value="$seahub_secret_key" # Update seafile config files -ynh_add_config --template=seahub_settings.py --destination=$install_dir/conf/seahub_settings.py -ynh_add_config --template=seafile.conf --destination=$install_dir/conf/seafile.conf -ynh_add_config --template=ccnet.conf --destination=$install_dir/conf/ccnet.conf -ynh_add_config --template=gunicorn.conf.py --destination=$install_dir/conf/gunicorn.conf.py -ynh_add_config --template=seafdav.conf --destination=$install_dir/conf/seafdav.conf +ynh_add_config --jinja --template=seahub_settings.py --destination="$install_dir"/conf/seahub_settings.py +ynh_add_config --template=seafile.conf --destination="$install_dir"/conf/seafile.conf +ynh_add_config --template=ccnet.conf --destination="$install_dir"/conf/ccnet.conf +ynh_add_config --template=gunicorn.conf.py --destination="$install_dir"/conf/gunicorn.conf.py +ynh_add_config --template=seafdav.conf --destination="$install_dir"/conf/seafdav.conf +ynh_add_config --template=seafevents.conf --destination="$install_dir"/conf/seafevents.conf # Configure admin info # It will be used the first start -admin_email=$(ynh_user_get_info --username "$admin" --key 'mail') +admin_email=$(ynh_user_get_info --username="$admin" --key='mail') cp ../conf/create_admin.json $install_dir/conf/admin.txt -ynh_replace_string --match_string __ADMIN__ --replace_string "$admin_email" --target_file $install_dir/conf/admin.txt -ynh_replace_special_string --match_string __PASSWORD__ --replace_string "$admin_password" --target_file $install_dir/conf/admin.txt +ynh_replace_string --match_string=__ADMIN__ --replace_string="$admin_email" --target_file=$install_dir/conf/admin.txt +ynh_replace_special_string --match_string=__PASSWORD__ --replace_string="$admin_password" --target_file=$install_dir/conf/admin.txt # Use symlink to store data if [ -e "$install_dir"/seafile-data ]; then @@ -100,12 +104,12 @@ ln -s "$data_dir"/seahub-data "$install_dir"/seahub-data ln -s /var/log/"$app" "$install_dir"/logs # Fix local warning -ynh_replace_string --match_string en_US.UTF-8 --replace_string ${LANG:-'en_US.UTF-8'} --target_file $install_dir/seafile-server-$seafile_version/seahub.sh +ynh_replace_string --match_string=en_US.UTF-8 --replace_string="${LANG:-'en_US.UTF-8'}" --target_file="$seafile_code/seahub.sh" # Add Seafile Server to startup ynh_script_progression --message="Configuring a systemd service..." -ynh_add_systemd_config --service seafile --template seafile.service -ynh_add_systemd_config --service seahub --template seahub.service +ynh_add_systemd_config --service=seafile --template=seafile.service +ynh_add_systemd_config --service=seahub --template=seahub.service # register yunohost service yunohost service add seafile --description 'Main service for seafile server.' @@ -135,9 +139,9 @@ set_permission sleep 3 ynh_script_progression --message="Starting seafile services..." -ynh_systemd_action --service_name seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log +ynh_systemd_action --service_name=seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log sleep 2 -ynh_systemd_action --service_name seahub -l "Started Seafile hub." -p "systemd" +ynh_systemd_action --service_name=seahub -l "Started Seafile hub." -p "systemd" sleep 2 ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 6020846..a0ce8e0 100644 --- a/scripts/remove +++ b/scripts/remove @@ -11,7 +11,8 @@ source ./_common.sh # Source YunoHost helpers source /usr/share/yunohost/helpers -seafile_version=$(ynh_app_upstream_version) +seafile_version="$(ynh_app_upstream_version)" +seafile_code="$install_dir/seafile_image/opt/seafile/seafile-server-$seafile_version" #================================================= # STANDARD REMOVE @@ -20,8 +21,8 @@ seafile_version=$(ynh_app_upstream_version) ynh_script_progression --message="Stoping services..." # Stop all services -ynh_systemd_action --service_name seafile --action stop -ynh_systemd_action --service_name seahub --action stop +ynh_systemd_action --service_name=seafile --action=stop +ynh_systemd_action --service_name=seahub --action=stop # Force to kill all process in case of a process is not stoped cleanly pkill -f seafile-controller || true @@ -34,8 +35,8 @@ if [ "$YNH_APP_PURGE" -eq 1 ]; then ynh_secure_remove --file=/var/log/"$app" fi ynh_script_progression --message="Removing code..." -ynh_secure_remove --file=/var/www/$app -ynh_secure_remove --file=/opt/yunohost/$app +ynh_secure_remove --file=/var/www/"$app" +ynh_secure_remove --file=/opt/yunohost/"$app" # Remove databases ynh_script_progression --message="Removing databases..." @@ -45,8 +46,8 @@ $db_helper --db_name seahubdb --db_user seafile # Remove systemd service ynh_script_progression --message="Removing systemd units..." -ynh_remove_systemd_config --service seafile -ynh_remove_systemd_config --service seahub +ynh_remove_systemd_config --service=seafile +ynh_remove_systemd_config --service=seahub # Remove nginx config ynh_script_progression --message="Removing nginx configuration..." diff --git a/scripts/restore b/scripts/restore index 19a50cc..95587b1 100644 --- a/scripts/restore +++ b/scripts/restore @@ -11,13 +11,11 @@ source ../settings/scripts/_common.sh # Source YunoHost helpers source /usr/share/yunohost/helpers -seafile_version=$(ynh_app_upstream_version) +seafile_version="$(ynh_app_upstream_version)" +seafile_code="$install_dir/seafile_image/opt/seafile/seafile-server-$seafile_version" ynh_script_progression --message="Loading settings..." -# Retrieve arguments -seafile_version=$(ynh_app_upstream_version) - #================================================= # STANDARD RESTORATION STEPS #================================================= @@ -42,7 +40,7 @@ su -c "mysql -u ${app} -p$db_pwd seahubdb < ${YNH_CWD}/seahubdb.dmp" # Add logrotate ynh_script_progression --message="Configuring log rotation..." mkdir -p /var/log/"$app" -ynh_use_logrotate --logfile "$install_dir"/logs +ynh_use_logrotate --logfile="$install_dir"/logs # Set all permissions ynh_script_progression --message="Protecting directory..." @@ -72,8 +70,8 @@ sleep 5 # Restart service ynh_script_progression --message="Starting seafile services..." --weight=3 -ynh_systemd_action --service_name seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log -ynh_systemd_action --service_name seahub -l "Started Seafile hub." -p "systemd" +ynh_systemd_action --service_name=seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log +ynh_systemd_action --service_name=seahub -l "Started Seafile hub." -p "systemd" sleep 2 ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index ce218d4..4b037bd 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,25 +7,26 @@ # Import common cmd source ./experimental_helper.sh source ./_common.sh +source ./ynh_setup_source # Source YunoHost helpers source /usr/share/yunohost/helpers -seafile_version=$(ynh_app_upstream_version) +seafile_version="$(ynh_app_upstream_version)" +installed_version="${YNH_APP_CURRENT_VERSION/~ynh*/}" -# Retrieve arguments -installed_version=${YNH_APP_CURRENT_VERSION/~ynh*/} +seafile_code="$install_dir/seafile_image/opt/seafile/seafile-server-$seafile_version" + +ensure_vars_set if [ "$YNH_APP_CURRENT_VERSION" == '-' ] || ynh_compare_current_package_version --comparison=le --version='7.0~ynh1'; then ynh_die "Upgrade from this version not supported" fi -install_pkg_conf - ynh_script_progression --message="Stoping services..." -ynh_systemd_action --service_name seafile --action stop -ynh_systemd_action --service_name seahub --action stop +ynh_systemd_action --service_name=seafile --action=stop +ynh_systemd_action --service_name=seahub --action=stop sleep 5 pkill -f seafile-controller || true pkill -f seaf-server || true @@ -47,8 +48,8 @@ fi # Set missing settings if [ -z "${seahub_secret_key:-}" ]; then - seahub_secret_key=$(grep -P 'SECRET_KEY\s*=\s*".+"' "$install_dir"/conf/seahub_settings.py | cut -d'"' -f2) - ynh_app_setting_set --app "$app" --key seahub_secret_key --value "$seahub_secret_key" + seahub_secret_key="$(grep -P 'SECRET_KEY\s*=\s*".+"' "$install_dir"/conf/seahub_settings.py | cut -d'"' -f2)" + ynh_app_setting_set --app="$app" --key=seahub_secret_key --value="$seahub_secret_key" fi # @@ -100,10 +101,9 @@ ynh_script_progression --message="Upgrading source files..." --weight=6 # Download new version from sources ynh_script_progression --message="Installing sources files..." --weight=7 -ynh_setup_source --dest_dir="$install_dir"/seafile-server-$seafile_version - -ynh_script_progression --message="Installing python dependancies..." -install_dependance +if [ "$YNH_APP_UPGRADE_TYPE" == UPGRADE_APP ]; then + install_source +fi ynh_script_progression --message="Configuring application..." @@ -111,7 +111,7 @@ ynh_script_progression --message="Configuring application..." set_permission # do the upgrade ( the ";&" syntax mean when it go in the first case which is true it do all the next case) -case $installed_version in +case "$installed_version" in "4."* ) # Update seafile by script ynh_die "Upgrade form the version 4.x was removed. Upgrade from this version won't be supported any more." @@ -125,46 +125,54 @@ case $installed_version in ;& "7.0"* ) # Fix file comment - pushd $install_dir/seafile-server-$seafile_version - sudo -u $app $install_dir/seafile-server-$seafile_version/seahub.sh python-env python3 seahub/manage.py migrate_file_comment - popd + run_seafile_cmd "/opt/seafile/seafile-server-$seafile_version/seahub.sh" python-env python3 "/opt/seafile/seafile-server-$seafile_version/seahub/manage.py" migrate_file_comment # Update seafile by script - ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file=$install_dir/seafile-server-$seafile_version/upgrade/upgrade_7.0_7.1.sh - sudo -u $app bash $install_dir/seafile-server-$seafile_version/upgrade/upgrade_7.0_7.1.sh + ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file="$seafile_code/upgrade/upgrade_7.0_7.1.sh" + run_seafile_cmd "/opt/seafile/seafile-server-$seafile_version/upgrade/upgrade_7.0_7.1.sh" # Fix seafile data link. Look like that the upgrade script of seafile don't always work correctly - if [ -e $install_dir/seafile-data ]; then + if [ -e "$install_dir"/seafile-data ]; then old_data_dir_path="$install_dir/seafile-data$(date '+%Y%m%d.%H%M%S')" mv "$install_dir/seafile-data" "$old_data_dir_path" fi - ln -s $data_dir $install_dir/seafile-data + ln -s "$data_dir" "$install_dir"/seafile-data ;& "7.1."* ) - ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file=$install_dir/seafile-server-$seafile_version/upgrade/upgrade_8.0_9.0.sh - sudo -u $app bash $install_dir/seafile-server-$seafile_version/upgrade/upgrade_8.0_9.0.sh + ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file="$seafile_code/upgrade/upgrade_8.0_9.0.sh" + run_seafile_cmd "/opt/seafile/seafile-server-$seafile_version/upgrade/upgrade_8.0_9.0.sh" ;& "8.0."* ) - ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file=$install_dir/seafile-server-$seafile_version/upgrade/upgrade_7.1_8.0.sh - sudo -u $app bash $install_dir/seafile-server-$seafile_version/upgrade/upgrade_7.1_8.0.sh + ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file="$seafile_code/upgrade/upgrade_7.1_8.0.sh" + run_seafile_cmd "/opt/seafile/seafile-server-$seafile_version/upgrade/upgrade_7.1_8.0.sh" +;& +"9."* ) + ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file="$seafile_code/upgrade/upgrade_8.0_9.0.sh" + run_seafile_cmd "/opt/seafile/seafile-server-$seafile_version/upgrade/upgrade_8.0_9.0.sh" +;& +"10."* ) + ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file="$seafile_code/upgrade/upgrade_9.0_10.0.sh" + run_seafile_cmd "/opt/seafile/seafile-server-$seafile_version/upgrade/upgrade_9.0_10.0.sh" + run_seafile_cmd "/opt/seafile/seafile-server-$seafile_version/seahub.sh" python-env python3 "/opt/seafile/seafile-server-$seafile_version/migrate_ldapusers.py" ;& esac -ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file=$install_dir/seafile-server-$seafile_version/upgrade/minor-upgrade.sh -sudo -u $app bash $install_dir/seafile-server-$seafile_version/upgrade/minor-upgrade.sh +ynh_replace_string --match_string='read dummy' --replace_string='# patched' --target_file="$seafile_code/upgrade/minor-upgrade.sh" +run_seafile_cmd "/opt/seafile/seafile-server-$seafile_version/upgrade/minor-upgrade.sh" # Clean url in config in DB clean_url_in_db_config # Update seafile config files -ynh_add_config --template=seahub_settings.py --destination=$install_dir/conf/seahub_settings.py -ynh_add_config --template=seafile.conf --destination=$install_dir/conf/seafile.conf -ynh_add_config --template=ccnet.conf --destination=$install_dir/conf/ccnet.conf -ynh_add_config --template=gunicorn.conf.py --destination=$install_dir/conf/gunicorn.conf.py -ynh_add_config --template=seafdav.conf --destination=$install_dir/conf/seafdav.conf +ynh_add_config --jinja --template=seahub_settings.py --destination="$install_dir"/conf/seahub_settings.py +ynh_add_config --template=seafile.conf --destination="$install_dir"/conf/seafile.conf +ynh_add_config --template=ccnet.conf --destination="$install_dir"/conf/ccnet.conf +ynh_add_config --template=gunicorn.conf.py --destination="$install_dir"/conf/gunicorn.conf.py +ynh_add_config --template=seafdav.conf --destination="$install_dir"/conf/seafdav.conf +ynh_add_config --template=seafevents.conf --destination="$install_dir"/conf/seafevents.conf # Fix local warning -ynh_replace_string --match_string en_US.UTF-8 --replace_string ${LANG:-'en_US.UTF-8'} --target_file $install_dir/seafile-server-$seafile_version/seahub.sh +ynh_replace_string --match_string=en_US.UTF-8 --replace_string="${LANG:-'en_US.UTF-8'}" --target_file="$seafile_code/seahub.sh" #================================================= # STANDARD UPGRADE STEPS @@ -175,8 +183,8 @@ ynh_add_nginx_config 'seahub_port fileserver_port webdav_port' # Add Seafile Server to startup ynh_script_progression --message="Updating systemd units..." -ynh_add_systemd_config --service seafile --template seafile.service -ynh_add_systemd_config --service seahub --template seahub.service +ynh_add_systemd_config --service=seafile --template=seafile.service +ynh_add_systemd_config --service=seahub --template=seahub.service #================================================= # GENERIC FINALIZATION @@ -204,17 +212,17 @@ yunohost service add seahub --description 'Seafile server web interface.' # restart seafile server ynh_script_progression --message="Starting seafile services..." --weight=3 sleep 5 -ynh_systemd_action --service_name memcached.service -p "systemd" -ynh_systemd_action --service_name seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log -ynh_systemd_action --service_name seahub -l "Started Seafile hub." -p "systemd" +ynh_systemd_action --service_name=memcached.service -p "systemd" +ynh_systemd_action --service_name=seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log +ynh_systemd_action --service_name=seahub -l "Started Seafile hub." -p "systemd" sleep 2 # remove old version files ynh_script_progression --message="Cleaning system and updating settings..." -ls $install_dir | grep "seafile-server-" | egrep -v "(${seafile_version//./\\.})|(latest)" | \ -while read f -do - ynh_secure_remove --file=$install_dir/$f +for f in "$install_dir"/seafile-server-*;do + if [[ ! "$f" =~ ${seafile_version//./\\.}|latest ]]; then + ynh_secure_remove --file="$f" + fi done ynh_script_progression --message="Upgrade of $app completed" --last diff --git a/scripts/ynh_setup_source b/scripts/ynh_setup_source new file mode 100644 index 0000000..70a58f0 --- /dev/null +++ b/scripts/ynh_setup_source @@ -0,0 +1,242 @@ +# Download, check integrity, uncompress and patch the source from app.src +# +# Requires YunoHost version 2.6.4 or higher. +ynh_setup_source_custom() { + # Declare an array to define the options of this helper. + local legacy_args=dsk + local -A args_array=([d]=dest_dir= [s]=source_id= [k]=keep= [r]=full_replace=) + local dest_dir + local source_id + local keep + local full_replace + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + keep="${keep:-}" + full_replace="${full_replace:-0}" + + if test -e $YNH_APP_BASEDIR/manifest.toml && cat $YNH_APP_BASEDIR/manifest.toml | toml_to_json | jq -e '.resources.sources' >/dev/null + then + source_id="${source_id:-main}" + local sources_json=$(cat $YNH_APP_BASEDIR/manifest.toml | toml_to_json | jq ".resources.sources[\"$source_id\"]") + if jq -re ".url" <<< "$sources_json" + then + local arch_prefix="" + else + local arch_prefix=".$YNH_ARCH" + fi + + local src_url="$(jq -r "$arch_prefix.url" <<< "$sources_json" | sed 's/^null$//')" + local src_sum="$(jq -r "$arch_prefix.sha256" <<< "$sources_json" | sed 's/^null$//')" + local src_sumprg="sha256sum" + local src_format="$(jq -r ".format" <<< "$sources_json" | sed 's/^null$//')" + local src_in_subdir="$(jq -r ".in_subdir" <<< "$sources_json" | sed 's/^null$//')" + local src_extract="$(jq -r ".extract" <<< "$sources_json" | sed 's/^null$//')" + local src_platform="$(jq -r ".platform" <<< "$sources_json" | sed 's/^null$//')" + local src_rename="$(jq -r ".rename" <<< "$sources_json" | sed 's/^null$//')" + + [[ -n "$src_url" ]] || ynh_die "No URL defined for source $source_id$arch_prefix ?" + [[ -n "$src_sum" ]] || ynh_die "No sha256 sum defined for source $source_id$arch_prefix ?" + + if [[ -z "$src_format" ]] + then + if [[ "$src_url" =~ ^.*\.zip$ ]] || [[ "$src_url" =~ ^.*/zipball/.*$ ]] + then + src_format="zip" + elif [[ "$src_url" =~ ^.*\.tar\.gz$ ]] || [[ "$src_url" =~ ^.*\.tgz$ ]] || [[ "$src_url" =~ ^.*/tar\.gz/.*$ ]] || [[ "$src_url" =~ ^.*/tarball/.*$ ]] + then + src_format="tar.gz" + elif [[ "$src_url" =~ ^.*\.tar\.xz$ ]] + then + src_format="tar.xz" + elif [[ "$src_url" =~ ^.*\.tar\.bz2$ ]] + then + src_format="tar.bz2" + elif [[ -z "$src_extract" ]] + then + src_extract="false" + fi + fi + else + source_id="${source_id:-app}" + local src_file_path="$YNH_APP_BASEDIR/conf/${source_id}.src" + + # Load value from configuration file (see above for a small doc about this file + # format) + local src_url=$(grep 'SOURCE_URL=' "$src_file_path" | cut --delimiter='=' --fields=2-) + local src_sum=$(grep 'SOURCE_SUM=' "$src_file_path" | cut --delimiter='=' --fields=2-) + local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$src_file_path" | cut --delimiter='=' --fields=2-) + local src_format=$(grep 'SOURCE_FORMAT=' "$src_file_path" | cut --delimiter='=' --fields=2-) + local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$src_file_path" | cut --delimiter='=' --fields=2-) + local src_rename=$(grep 'SOURCE_FILENAME=' "$src_file_path" | cut --delimiter='=' --fields=2-) + local src_extract=$(grep 'SOURCE_EXTRACT=' "$src_file_path" | cut --delimiter='=' --fields=2-) + local src_platform=$(grep 'SOURCE_PLATFORM=' "$src_file_path" | cut --delimiter='=' --fields=2-) + fi + + # Default value + src_sumprg=${src_sumprg:-sha256sum} + src_in_subdir=${src_in_subdir:-true} + src_format=${src_format:-tar.gz} + src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]') + src_extract=${src_extract:-true} + + if [[ "$src_extract" != "true" ]] && [[ "$src_extract" != "false" ]] + then + ynh_die "For source $source_id, expected either 'true' or 'false' for the extract parameter" + fi + + + # (Unused?) mecanism where one can have the file in a special local cache to not have to download it... + local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${source_id}" + + # Gotta use this trick with 'dirname' because source_id may contain slashes x_x + mkdir -p $(dirname /var/cache/yunohost/download/${YNH_APP_ID}/${source_id}) + src_filename="/var/cache/yunohost/download/${YNH_APP_ID}/${source_id}" + + if [ "$src_format" = "docker" ]; then + src_platform="${src_platform:-"linux/$YNH_ARCH"}" + # BEGIN APP CUSTOMIZATION + if [ "$YNH_ARCH" == arm64 ]; then + src_platform="linux/$YNH_ARCH/v8" + fi + # END APP CUSTOMIZATION + else + if test -e "$local_src"; then + cp $local_src $src_filename + fi + + [ -n "$src_url" ] || ynh_die "Couldn't parse SOURCE_URL from $src_file_path ?" + + # If the file was prefetched but somehow doesn't match the sum, rm and redownload it + if [ -e "$src_filename" ] && ! echo "${src_sum} ${src_filename}" | ${src_sumprg} --check --status + then + rm -f "$src_filename" + fi + + # Only redownload the file if it wasnt prefetched + if [ ! -e "$src_filename" ] + then + # NB. we have to declare the var as local first, + # otherwise 'local foo=$(false) || echo 'pwet'" does'nt work + # because local always return 0 ... + local out + # Timeout option is here to enforce the timeout on dns query and tcp connect (c.f. man wget) + out=$(wget --tries 3 --no-dns-cache --timeout 900 --no-verbose --output-document=$src_filename $src_url 2>&1) \ + || ynh_die --message="$out" + fi + + # Check the control sum + if ! echo "${src_sum} ${src_filename}" | ${src_sumprg} --check --status + then + local actual_sum="$(${src_sumprg} ${src_filename} | cut --delimiter=' ' --fields=1)" + local actual_size="$(du -hs ${src_filename} | cut --fields=1)" + rm -f ${src_filename} + ynh_die --message="Corrupt source for ${src_url}: Expected sha256sum to be ${src_sum} but got ${actual_sum} (size: ${actual_size})." + fi + fi + + # Keep files to be backup/restored at the end of the helper + # Assuming $dest_dir already exists + rm -rf /var/cache/yunohost/files_to_keep_during_setup_source/ + if [ -n "$keep" ] && [ -e "$dest_dir" ]; then + local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID} + mkdir -p $keep_dir + local stuff_to_keep + for stuff_to_keep in $keep; do + if [ -e "$dest_dir/$stuff_to_keep" ]; then + mkdir --parents "$(dirname "$keep_dir/$stuff_to_keep")" + cp --archive "$dest_dir/$stuff_to_keep" "$keep_dir/$stuff_to_keep" + fi + done + fi + + if [ "$full_replace" -eq 1 ]; then + ynh_secure_remove --file="$dest_dir" + fi + + # Extract source into the app dir + mkdir --parents "$dest_dir" + + if [ -n "${install_dir:-}" ] && [ "$dest_dir" == "$install_dir" ]; then + _ynh_apply_default_permissions $dest_dir + fi + if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ]; then + _ynh_apply_default_permissions $dest_dir + fi + + if [[ "$src_extract" == "false" ]]; then + if [[ -z "$src_rename" ]] + then + mv $src_filename $dest_dir + else + mv $src_filename $dest_dir/$src_rename + fi + elif [[ "$src_format" == "docker" ]]; then + "$YNH_HELPERS_DIR/vendor/docker-image-extract/docker-image-extract" -p $src_platform -o $dest_dir $src_url 2>&1 + elif [[ "$src_format" == "zip" ]]; then + # Zip format + # Using of a temp directory, because unzip doesn't manage --strip-components + if $src_in_subdir; then + local tmp_dir=$(mktemp --directory) + unzip -quo $src_filename -d "$tmp_dir" + cp --archive $tmp_dir/*/. "$dest_dir" + ynh_secure_remove --file="$tmp_dir" + else + unzip -quo $src_filename -d "$dest_dir" + fi + ynh_secure_remove --file="$src_filename" + else + local strip="" + if [ "$src_in_subdir" != "false" ]; then + if [ "$src_in_subdir" == "true" ]; then + local sub_dirs=1 + else + local sub_dirs="$src_in_subdir" + fi + strip="--strip-components $sub_dirs" + fi + if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]]; then + tar --extract --file=$src_filename --directory="$dest_dir" $strip + else + ynh_die --message="Archive format unrecognized." + fi + ynh_secure_remove --file="$src_filename" + fi + + # Apply patches + if [ -d "$YNH_APP_BASEDIR/sources/patches/" ]; then + local patches_folder=$(realpath $YNH_APP_BASEDIR/sources/patches/) + if (($(find $patches_folder -type f -name "${source_id}-*.patch" 2>/dev/null | wc --lines) > "0")); then + pushd "$dest_dir" + for p in $patches_folder/${source_id}-*.patch; do + echo $p + patch --strip=1 <$p || ynh_print_warn --message="Packagers /!\\ patch $p failed to apply" + done + popd + fi + fi + + # Add supplementary files + if test -e "$YNH_APP_BASEDIR/sources/extra_files/${source_id}"; then + cp --archive $YNH_APP_BASEDIR/sources/extra_files/$source_id/. "$dest_dir" + fi + + # Keep files to be backup/restored at the end of the helper + # Assuming $dest_dir already exists + if [ -n "$keep" ]; then + local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID} + local stuff_to_keep + for stuff_to_keep in $keep; do + if [ -e "$keep_dir/$stuff_to_keep" ]; then + mkdir --parents "$(dirname "$dest_dir/$stuff_to_keep")" + + # We add "--no-target-directory" (short option is -T) to handle the special case + # when we "keep" a folder, but then the new setup already contains the same dir (but possibly empty) + # in which case a regular "cp" will create a copy of the directory inside the directory ... + # resulting in something like /var/www/$app/data/data instead of /var/www/$app/data + # cf https://unix.stackexchange.com/q/94831 for a more elaborate explanation on the option + cp --archive --no-target-directory "$keep_dir/$stuff_to_keep" "$dest_dir/$stuff_to_keep" + fi + done + fi + rm -rf /var/cache/yunohost/files_to_keep_during_setup_source/ +} diff --git a/tests.toml b/tests.toml index 265631e..88b42ba 100644 --- a/tests.toml +++ b/tests.toml @@ -23,3 +23,4 @@ test_format = 1.0 test_upgrade_from.ef7eb6f.name = "Pre packaging v2 (Old_version_for_CI_6 branch)" test_upgrade_from.8d41482.name = "Version 7.1 (Old_version_for_CI_4 branch)" test_upgrade_from.c11c24b.name = "Version 8.x (Old_version_for_CI_5 branch)" + test_upgrade_from.7a4d00a.name = "Version 9.x"