diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh index c939a84..b33b480 100755 --- a/.github/workflows/updater.sh +++ b/.github/workflows/updater.sh @@ -49,7 +49,7 @@ tempdir="$(mktemp -d)" # Download sources and calculate checksum curl --silent -4 -L $asset_url -o "$tempdir/master.zip" -checksum=$(sha256sum "$tempdir/$filename" | head -c 64) +checksum=$(sha256sum "$tempdir/master.zip" | head -c 64) # Delete temporary directory rm -rf $tempdir diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml index 4363d38..4a866ff 100644 --- a/.github/workflows/updater.yml +++ b/.github/workflows/updater.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Fetch the source code - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run the updater script @@ -33,7 +33,7 @@ jobs: - name: Create Pull Request id: cpr if: ${{ env.PROCEED == 'true' }} - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@v4 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: Update to version ${{ env.VERSION }} diff --git a/README.md b/README.md index 72b8ba7..0a24d98 100644 --- a/README.md +++ b/README.md @@ -16,15 +16,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in ## Overview -Some long and extensive description of what the app is and does, lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. - -### Features - -- Ut enim ad minim veniam, quis nostrud exercitation ullamco ; -- Laboris nisi ut aliquip ex ea commodo consequat ; -- Duis aute irure dolor in reprehenderit in voluptate ; -- Velit esse cillum dolore eu fugiat nulla pariatur ; -- Excepteur sint occaecat cupidatat non proident, sunt in culpa." +SearxXNG is a free internet metasearch engine which aggregates results from more than 70 search services. Users are neither tracked nor profiled. **Shipped version:** 2023.03.02.17.37.25~ynh1 @@ -33,22 +25,12 @@ Some long and extensive description of what the app is and does, lorem ipsum dol ## Screenshots -![Screenshot of SearXNG](./doc/screenshots/example.jpg) +![Screenshot of SearXNG](./doc/screenshots/screenshot_1.png) +![Screenshot of SearXNG](./doc/screenshots/screenshot_2.png) ## Disclaimers / important information -* Any known limitations, constrains or stuff not working, such as (but not limited to): - * requiring a full dedicated domain ? - * architectures not supported ? - * not-working single-sign on or LDAP integration ? - * the app requires an important amount of RAM / disk / .. to install or to work properly - * etc... - -* Other infos that people should be aware of, such as: - * any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...) - * how to configure / administrate the application if it ain't obvious - * upgrade process / specificities / things to be aware of ? - * security considerations ? +Please note that this application is a rolling-release (i.e. each commit is a release) and thus is updated very regularly. People not updating frequently may encounter some bugs or disruptions due to the very nature of this software. ## Documentation and resources diff --git a/README_fr.md b/README_fr.md index d157a47..2c4e431 100644 --- a/README_fr.md +++ b/README_fr.md @@ -16,15 +16,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po ## Vue d’ensemble -Some long and extensive description of what the app is and does, lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. - -### Features - -- Ut enim ad minim veniam, quis nostrud exercitation ullamco ; -- Laboris nisi ut aliquip ex ea commodo consequat ; -- Duis aute irure dolor in reprehenderit in voluptate ; -- Velit esse cillum dolore eu fugiat nulla pariatur ; -- Excepteur sint occaecat cupidatat non proident, sunt in culpa." +SearxXNG is a free internet metasearch engine which aggregates results from more than 70 search services. Users are neither tracked nor profiled. **Version incluse :** 2023.03.02.17.37.25~ynh1 @@ -33,22 +25,12 @@ Some long and extensive description of what the app is and does, lorem ipsum dol ## Captures d’écran -![Capture d’écran de SearXNG](./doc/screenshots/example.jpg) +![Capture d’écran de SearXNG](./doc/screenshots/screenshot_1.png) +![Capture d’écran de SearXNG](./doc/screenshots/screenshot_2.png) ## Avertissements / informations importantes -* Any known limitations, constrains or stuff not working, such as (but not limited to): - * requiring a full dedicated domain ? - * architectures not supported ? - * not-working single-sign on or LDAP integration ? - * the app requires an important amount of RAM / disk / .. to install or to work properly - * etc... - -* Other infos that people should be aware of, such as: - * any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...) - * how to configure / administrate the application if it ain't obvious - * upgrade process / specificities / things to be aware of ? - * security considerations ? +Please note that this application is a rolling-release (i.e. each commit is a release) and thus is updated very regularly. People not updating frequently may encounter some bugs or disruptions due to the very nature of this software. ## Documentations et ressources diff --git a/check_process b/check_process index f10c3d0..ea3588a 100644 --- a/check_process +++ b/check_process @@ -16,6 +16,6 @@ setup_public=1 upgrade=1 backup_restore=1 - multi_instance=1 + multi_instance=0 port_already_use=0 change_url=1 diff --git a/conf/settings.yml b/conf/settings.yml index 49c112e..2c02f47 100644 --- a/conf/settings.yml +++ b/conf/settings.yml @@ -69,7 +69,7 @@ server: # instance's environment (make buildenv) port: 8888 bind_address: "127.0.0.1" - base_url: "__FULL_URL__" # Possible values: false or "https://example.org/location". + base_url: __FULL_URL__ # Possible values: false or "https://example.org/location". limiter: false # rate limit the number of request on the instance, block some bots # If your instance owns a /etc/searxng/settings.yml file, then set the following diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index 0685205..694f316 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -1,9 +1 @@ -Some long and extensive description of what the app is and does, lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. - -### Features - -- Ut enim ad minim veniam, quis nostrud exercitation ullamco ; -- Laboris nisi ut aliquip ex ea commodo consequat ; -- Duis aute irure dolor in reprehenderit in voluptate ; -- Velit esse cillum dolore eu fugiat nulla pariatur ; -- Excepteur sint occaecat cupidatat non proident, sunt in culpa." +SearxXNG is a free internet metasearch engine which aggregates results from more than 70 search services. Users are neither tracked nor profiled. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index aded581..3677b6f 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -1,12 +1 @@ -* Any known limitations, constrains or stuff not working, such as (but not limited to): - * requiring a full dedicated domain ? - * architectures not supported ? - * not-working single-sign on or LDAP integration ? - * the app requires an important amount of RAM / disk / .. to install or to work properly - * etc... - -* Other infos that people should be aware of, such as: - * any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...) - * how to configure / administrate the application if it ain't obvious - * upgrade process / specificities / things to be aware of ? - * security considerations ? +Please note that this application is a rolling-release (i.e. each commit is a release) and thus is updated very regularly. People not updating frequently may encounter some bugs or disruptions due to the very nature of this software. diff --git a/doc/screenshots/example.jpg b/doc/screenshots/example.jpg deleted file mode 100644 index a1efa1a..0000000 Binary files a/doc/screenshots/example.jpg and /dev/null differ diff --git a/doc/screenshots/screenshot_1.png b/doc/screenshots/screenshot_1.png new file mode 100644 index 0000000..56bedbc Binary files /dev/null and b/doc/screenshots/screenshot_1.png differ diff --git a/doc/screenshots/screenshot_2.png b/doc/screenshots/screenshot_2.png new file mode 100644 index 0000000..6d8a67c Binary files /dev/null and b/doc/screenshots/screenshot_2.png differ diff --git a/manifest.json b/manifest.json index 21114c1..e74b5ea 100644 --- a/manifest.json +++ b/manifest.json @@ -3,20 +3,20 @@ "id": "searxng", "packaging_format": 1, "description": { - "en": "Metasearch engine which aggregates results from more than 70 search services. Users are neither tracked nor profiled", - "fr": "Méta-moteur de recherche qui rassemble les résultats de plus de 70 services de recherche. Les utilisateurs ne sont ni suivis ni espionnés" + "en": "A free internet metasearch engine which aggregates results from more than 70 search services. Users are neither tracked nor profiled", + "fr": "Un méta-moteur de recherche qui rassemble les résultats de plus de 70 services de recherche. Les utilisateurs ne sont ni suivis ni espionnés" }, "version": "2023.03.02.17.37.25~ynh1", "url": "https://docs.searxng.org/", "upstream": { - "license": " AGPL-3.0-or-later", + "license": "AGPL-3.0-or-later", "website": "https://docs.searxng.org/", "demo": "https://searx.be/", "admindoc": "https://docs.searxng.org/admin/", "userdoc": "https://docs.searxng.org/user/", "code": "https://github.com/searxng/searxng" }, - "license": "free", + "license": "AGPL-3.0-or-later", "maintainer": { "name": "mh4ckt3mh4ckt1c4s", "email": "mh4ckt3mh4ckt1c4s@protonmail.com" diff --git a/scripts/backup b/scripts/backup index f99225d..ec907d2 100755 --- a/scripts/backup +++ b/scripts/backup @@ -30,9 +30,6 @@ app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -50,62 +47,19 @@ ynh_print_info --message="Declaring files to be backed up..." ynh_backup --src_path="$final_path" -#================================================= -# BACKUP THE DATA DIR -#================================================= - -ynh_backup --src_path="$datadir" --is_big - #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP THE PHP-FPM CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -#================================================= -# BACKUP FAIL2BAN CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" - #================================================= # SPECIFIC BACKUP #================================================= -# BACKUP LOGROTATE +# BACKUP UWSGI CONFIG #================================================= -ynh_backup --src_path="/etc/logrotate.d/$app" - -#================================================= -# BACKUP SYSTEMD -#================================================= - -ynh_backup --src_path="/etc/systemd/system/$app.service" - -#================================================= -# BACKUP VARIOUS FILES -#================================================= - -ynh_backup --src_path="/etc/cron.d/$app" - -ynh_backup --src_path="/etc/$app/" - -#================================================= -# BACKUP THE MYSQL DATABASE -#================================================= -ynh_print_info --message="Backing up the MySQL database..." - -### (However, things like MySQL dumps *do* take some time to run, though the -### copy of the generated dump to the archive still happens later) - -ynh_mysql_dump_db --database="$db_name" > db.sql +ynh_backup --src_path="/etc/uwsgi/apps-available/$app.ini" #================================================= # END OF SCRIPT diff --git a/scripts/change_url b/scripts/change_url index 322641b..a7bc00b 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -74,7 +74,7 @@ fi #================================================= ynh_script_progression --message="Stopping a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name="uwsgi-app@$app.service" --action="stop" --log_path="/var/log/$app/$app.log" #================================================= # MODIFY URL IN NGINX CONF @@ -91,8 +91,9 @@ then # Set global variables for NGINX helper domain="$old_domain" path_url="$new_path" + path_no_root=${path_url%/} # Create a dedicated NGINX config - ynh_add_nginx_config + ynh_add_nginx_config "path_no_root" fi # Change the domain for NGINX @@ -108,8 +109,11 @@ fi #================================================= # SPECIFIC MODIFICATIONS #================================================= -# ... +# RECONFIGURING SEARXNG #================================================= +ynh_script_progression --message="Reconfiguring SearXNG..." --weight=2 + +ynh_replace_string --match_string="base_url: https://$old_domain$old_path" --replace_string="base_url: https://$new_domain$new_path" --target_file="$final_path/searx/settings.yml" #================================================= # GENERIC FINALISATION @@ -118,7 +122,7 @@ fi #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=uwsgi-app@$app.service --action="start" --log_path="/var/log/$app/$app.log" #================================================= # RELOAD NGINX diff --git a/scripts/install b/scripts/install index 4e0fc37..a198a2a 100755 --- a/scripts/install +++ b/scripts/install @@ -191,7 +191,7 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script # Start a systemd service -ynh_systemd_action --service_name=uwsgi-app@$app.service --action=start --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log" +ynh_systemd_action --service_name=uwsgi-app@$app.service --action=start --log_path="/var/log/uwsgi/$app/$app.log" #================================================= # SETUP SSOWAT diff --git a/scripts/remove b/scripts/remove index f9c376d..d8e4619 100755 --- a/scripts/remove +++ b/scripts/remove @@ -27,7 +27,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 # Remove the uwsgi and systemd configuration -ynh_systemd_action --service_name "uswgi-app@app.service" --action stop +ynh_systemd_action --service_name "uwsgi-app@$app.service" --action stop ynh_remove_uwsgi_service #================================================= diff --git a/scripts/restore b/scripts/restore index 1be949b..d5d6311 100755 --- a/scripts/restore +++ b/scripts/restore @@ -31,10 +31,6 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -71,34 +67,6 @@ chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" -#================================================= -# RESTORE THE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Restoring the data directory..." --weight=1 - -ynh_restore_file --origin_path="$datadir" --not_mandatory - -mkdir -p $datadir - -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" - -#================================================= -# RESTORE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban - #================================================= # SPECIFIC RESTORATION #================================================= @@ -109,75 +77,41 @@ ynh_script_progression --message="Reinstalling dependencies..." --weight=1 # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies -#================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the PHP-FPM configuration..." --time --weight=1 - -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." --time --weight=1 +ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=1 - -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql - #================================================= # RESTORE VARIOUS FILES #================================================= ynh_script_progression --message="Restoring various files..." --weight=1 -ynh_restore_file --origin_path="/etc/cron.d/$app" +ynh_restore_file --origin_path="/etc/uwsgi/apps-available/$app.ini" -ynh_restore_file --origin_path="/etc/$app/" +mkdir -p "/var/log/uwsgi/$app" +chown $app:$app "/var/log/uwsgi/$app" +chmod u+rwX,g=rX,o= "/var/log/uwsgi/$app" -#================================================= -# RESTORE SYSTEMD -#================================================= -ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" -systemctl enable $app.service --quiet - -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/logrotate.d/$app" - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +ynh_check_global_uwsgi_config #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=uwsgi-app@$app.service --action=start --line_match="spawned + uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log" #================================================= # GENERIC FINALIZATION #================================================= -# RELOAD NGINX AND PHP-FPM +# RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 77cf803..f040dc2 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,10 +18,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -language=$(ynh_app_setting_get --app=$app --key=language) -admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) #================================================= # CHECK VERSION @@ -51,13 +48,6 @@ ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS -#================================================= -# STOP SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 - -ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" - #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -76,30 +66,14 @@ ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 #fi # If final_path doesn't exist, create it -#if [ -z "$final_path" ]; then -# final_path=/var/www/$app -# ynh_app_setting_set --app=$app --key=final_path --value=$final_path -#fi - -### If nobody installed your app before 4.1, -### then you may safely remove these lines - -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi -if ! ynh_permission_exists --permission="admin"; then - # Create the required permissions - ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin -fi - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" -fi +mkdir -p /var/log/uwsgi/$app +chown $app:$app /var/log/uwsgi/$app +chmod -R u=rwX,g=rX,o= /var/log/uwsgi/$app #================================================= # CREATE DEDICATED USER @@ -116,9 +90,21 @@ ynh_system_user_create --username=$app --home_dir="$final_path" if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." --weight=1 + + # create a temporary directory + tmpdir=$(mktemp -d) + + # backup the config file in the temp dir + cp -a "$final_path/searx/settings.yml" "$tmpdir/settings.yml" # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" + + # Copy the saved settings back to final path + cp -a "$tmpdir/settings.yml" "$final_path/searx/settings.yml" + + # Remove the temporary directory safely + ynh_secure_remove --file="$tmpdir" fi # FIXME: this should be managed by the core in the future @@ -138,94 +124,51 @@ ynh_script_progression --message="Upgrading dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config - #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1 +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 +path_no_root=${path_url%/} # Create a dedicated NGINX config -ynh_add_nginx_config +ynh_add_nginx_config "path_no_root" #================================================= # SPECIFIC UPGRADE #================================================= -# ... +# UPGRADE SEARXNG IN ITS VIRTUALENV #================================================= +ynh_script_progression --message="Upgrading SearXNG..." --weight=2 -#================================================= -# UPDATE A CONFIG FILE -#================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 +ynh_secure_remove --file="$final_path/venv" -### Same as during install -### -### The file will automatically be backed-up if it's found to be manually modified (because -### ynh_add_config keeps track of the file's checksum) +python3 -m venv --system-site-packages "$final_path/venv" -ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file" - -# FIXME: this should be handled by the core in the future -# You may need to use chmod 600 instead of 400, -# for example if the app is expected to be able to modify its own config -chmod 400 "$final_path/some_config_file" -chown $app:$app "$final_path/some_config_file" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file" -### ynh_store_file_checksum --file="$final_path/some_config_file" +set +u; source $final_path/venv/bin/activate; set -u +pip3 install -U pip setuptools wheel pyyaml --no-cache-dir +pip3 install -e "$final_path" chown -R $app: "$final_path" #================================================= -# SETUP SYSTEMD +# CONFIGURE UWSGI FOR SEARX #================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 +ynh_script_progression --message="Reconfiguring uWSGI for Searx..." --weight=2 -# Create a dedicated systemd config -ynh_add_systemd_config +# Clean old files +ynh_secure_remove --file="/etc/uwsgi/apps-enabled/$app.ini" +ynh_secure_remove --file="/etc/uwsgi/apps-available/$app.ini" +ynh_add_uwsgi_service #================================================= # GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 - -# Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate --non-append - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" - #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" - -#================================================= -# UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1 - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" +# Wait for searx to be fully started +ynh_systemd_action --service_name=uwsgi-app@$app.service --action=restart --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log" #================================================= # RELOAD NGINX