diff --git a/check_process b/check_process index 7eeb2ed..0afae3f 100644 --- a/check_process +++ b/check_process @@ -11,7 +11,10 @@ setup_private=1 setup_public=1 upgrade=1 - upgrade=1 from_commit=24d48bd0e1268cae80a496855dbd9d404cd555ca + # 1.0.0~ynh1 + #upgrade=1 from_commit=24d48bd0e1268cae80a496855dbd9d404cd555ca + # 1.0.0~ynh5 + upgrade=1 from_commit=1466ec2bc358ba4556c3b8d0725a914b3da69648 backup_restore=1 multi_instance=0 change_url=1 diff --git a/scripts/backup b/scripts/backup index 7c32620..01a64a5 100755 --- a/scripts/backup +++ b/scripts/backup @@ -1,18 +1,22 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= -# source ../settings/scripts/_common.sh +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -23,8 +27,8 @@ ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -32,13 +36,13 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) ynh_print_info --message="Declaring files to be backed up..." #================================================= -# BACKUP OF THE MAIN DIR OF THE APP +# BACKUP THE APP MAIN DIR #================================================= ynh_backup --src_path="$final_path" #================================================= -# BACKUP OF THE NGINX CONFIGURATION +# BACKUP THE NGINX CONFIGURATION #================================================= ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" @@ -46,14 +50,13 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # SPECIFIC BACKUP #================================================= -# BACKUP OF THE UWSGI CONFIG +# BACKUP VARIOUS FILES #================================================= -ynh_backup --src_path "/etc/uwsgi/apps-available/$app.ini" -ynh_backup --src_path "/var/log/uwsgi/$app" +ynh_backup --src_path="/etc/uwsgi/apps-available/$app.ini" #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for Searx. (YunoHost will then actually copy those files to the archive)." +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 3773192..fab398b 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -30,13 +30,14 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_clean_check_starting # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" @@ -67,7 +68,7 @@ fi #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping Searx..." --weight=10 +ynh_script_progression --message="Stopping a systemd service..." --weight=10 ynh_systemd_action --service_name=uwsgi --action=stop @@ -86,7 +87,6 @@ then # Set global variables for NGINX helper domain="$old_domain" path_url="$new_path" - path_no_root=${path_url%/} # Create a dedicated NGINX config ynh_add_nginx_config "path_no_root" @@ -116,8 +116,9 @@ ynh_script_progression --message="Reconfiguring Searx..." --weight=2 #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting Searx..." --weight=2 +ynh_script_progression --message="Starting a systemd service..." --weight=2 +# Start a systemd service ynh_systemd_action --service_name=uwsgi-app@$app.service --action=restart --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log" #================================================= @@ -131,4 +132,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for Searx" --last +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index 0da2b87..940e749 100644 --- a/scripts/install +++ b/scripts/install @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,7 +10,7 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE FAILURE OF THE SCRIPT +# MANAGE SCRIPT FAILURE #================================================= ynh_clean_setup () { @@ -30,7 +30,7 @@ is_public=$YNH_APP_ARG_IS_PUBLIC app=$YNH_APP_INSTANCE_NAME #================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=1 @@ -65,15 +65,6 @@ ynh_script_progression --message="Configuring system user..." --weight=3 # Create a system user ynh_system_user_create --username=$app --home_dir="$final_path" -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=2 - -path_no_root=${path_url%/} -# Create a dedicated NGINX config -ynh_add_nginx_config "path_no_root" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -83,6 +74,19 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app: "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." --weight=2 + +path_no_root=${path_url%/} +# Create a dedicated NGINX config +ynh_add_nginx_config "path_no_root" + #================================================= # SPECIFIC SETUP #================================================= @@ -117,21 +121,21 @@ ynh_script_progression --message="Configuring uWSGI for Searx..." --weight=2 ynh_add_uwsgi_service #================================================= -# CHECK SEARX STARTING +# GENERIC FINALIZATION #================================================= -ynh_script_progression --message="Starting Searx..." --weight=4 +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=4 -# Wait for Searx to be fully started +# Start a systemd service ynh_systemd_action --service_name=uwsgi-app@$app.service --action=start --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log" -#================================================= -# GENERIC FINALISATION #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring permissions..." --weight=2 -# Make app public if necessary or protect it +# Make app public if necessary if [ $is_public -eq 1 ] then ynh_permission_update --permission="main" --add="visitors" @@ -148,4 +152,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of Searx completed" --last +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 364e882..6767b2f 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -31,27 +31,29 @@ ynh_systemd_action --service_name "uwsgi-app@$app.service" --action stop ynh_remove_uwsgi_service #================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=3 - -ynh_remove_app_dependencies - -#================================================= -# REMOVE THE MAIN DIR OF THE APP +# REMOVE APP MAIN DIR #================================================= ynh_script_progression --message="Removing app main directory..." --weight=2 +# Remove the app directory securely ynh_secure_remove --file="$final_path" #================================================= -# REMOVE THE NGINX CONFIGURATION +# REMOVE NGINX CONFIGURATION #================================================= ynh_script_progression --message="Removing NGINX web server configuration..." --weight=2 # Remove the dedicated NGINX config ynh_remove_nginx_config +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_script_progression --message="Removing dependencies..." --weight=3 + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies + #================================================= # REMOVE SERVICE FROM ADMIN PANEL #================================================= diff --git a/scripts/restore b/scripts/restore index bdf1d59..ad6e4ae 100755 --- a/scripts/restore +++ b/scripts/restore @@ -1,11 +1,12 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -22,6 +23,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -34,18 +36,20 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=2 -test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " #================================================= -# STANDARD RESTORE STEPS +# STANDARD RESTORATION STEPS #================================================= -# RESTORE OF THE NGINX CONFIGURATION +# RESTORE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# RECREATE OF THE DEDICATED USER +# RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 @@ -53,40 +57,47 @@ ynh_script_progression --message="Recreating the dedicated system user..." --wei ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# RESTORE OF THE MAIN DIR OF THE APP +# RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=2 -mkdir -p "$(dirname "$final_path")" ynh_restore_file --origin_path="$final_path" -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=35 - -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# SPECIFIC RESTORE -#================================================= -# RESTORE USER RIGHTS -#================================================= - +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" chown -R $app: "$final_path" #================================================= -# RESTORE THE UWSGI CONFIG +# SPECIFIC RESTORATION #================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=35 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# RESTORE VARIOUS FILES +#================================================= +ynh_script_progression --message="Restoring various files..." ynh_restore_file --origin_path="/etc/uwsgi/apps-available/$app.ini" -ynh_restore_file --origin_path "/var/log/uwsgi/$app" +mkdir -p /var/log/uwsgi/$app chown $app:root /var/log/uwsgi/$app +chmod -R u=rwX,g=rX,o= /var/log/uwsgi/$app ynh_check_global_uwsgi_config systemctl enable "uwsgi-app@$app.service" --quiet #================================================= -# GENERIC FINALISATION +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=4 + +ynh_systemd_action --service_name=uwsgi-app@$app.service --action=start --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log" + +#================================================= +# GENERIC FINALIZATION #================================================= # RELOAD NGINX #================================================= @@ -94,14 +105,6 @@ ynh_script_progression --message="Reloading NGINX web server..." --weight=2 ynh_systemd_action --service_name=nginx --action=reload -#================================================= -# CHECK SEARX STARTING -#================================================= -ynh_script_progression --message="Starting Searx..." --weight=4 - -# Wait for searx to be fully started -ynh_systemd_action --service_name=uwsgi-app@$app.service --action=start --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log" - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index bf271b8..d5c20d6 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -23,6 +23,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # CHECK VERSION #================================================= +ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) @@ -34,12 +35,15 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # restore it if the upgrade fails + ynh_clean_check_starting + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors +#================================================= +# STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -58,14 +62,9 @@ if ynh_legacy_permissions_exists; then ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=7 - -ynh_install_app_dependencies $pkg_dependencies +mkdir -p /var/log/uwsgi/$app +chown $app:root /var/log/uwsgi/$app +chmod -R u=rwX,g=rX,o= /var/log/uwsgi/$app #================================================= # CREATE DEDICATED USER @@ -108,6 +107,13 @@ path_no_root=${path_url%/} # Create a dedicated NGINX config ynh_add_nginx_config "path_no_root" +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." --weight=7 + +ynh_install_app_dependencies $pkg_dependencies + #================================================= # SPECIFIC UPGRADE #================================================= @@ -131,6 +137,8 @@ set +u; source $final_path/bin/activate; set -u pip3 install -U setuptools pip3 install --requirement $final_path/requirements-ynh.txt --upgrade +chown -R $app: "$final_path" + #================================================= # CONFIGURE SEARX #================================================= @@ -139,14 +147,6 @@ pip3 install --requirement $final_path/requirements-ynh.txt --upgrade # secret_key=$(ynh_string_random) # ynh_add_config --template="../conf/settings.yml" --destination="$final_path/searx/settings.yml" -#================================================= -# GENERIC FINALISATION -#================================================= -# SECURING FILES AND DIRECTORIES -#================================================= - -chown -R $app: "$final_path" - #================================================= # CONFIGURE UWSGI FOR SEARX #================================================= @@ -158,9 +158,11 @@ ynh_secure_remove --file="/etc/uwsgi/apps-available/$app.ini" ynh_add_uwsgi_service #================================================= -# CHECK SEARX STARTING +# GENERIC FINALISATION #================================================= -ynh_script_progression --message="Restarting Searx..." --weight=3 +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=3 # Wait for searx to be fully started ynh_systemd_action --service_name=uwsgi-app@$app.service --action=restart --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log" @@ -176,4 +178,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of Searx completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last diff --git a/sources/extra_files/app/requirements-ynh.txt b/sources/extra_files/app/requirements-ynh.txt index 111d620..ba5850d 100644 --- a/sources/extra_files/app/requirements-ynh.txt +++ b/sources/extra_files/app/requirements-ynh.txt @@ -2,7 +2,7 @@ certifi==2020.12.05 babel==2.9.1 flask-babel==2.0.0 -flask==1.1.2 +flask==1.1.4 idna==2.10 jinja2==2.11.3 lxml==4.6.3 @@ -12,6 +12,7 @@ pyyaml==5.4.1 requests[socks]==2.25.1 langdetect==1.0.8 # cryptography==3.2 +markupsafe==2.0.1 # # Additionnals requirements # markupsafe>=0.23