From 508b8d60589b2478583d8b966bc538093303c948 Mon Sep 17 00:00:00 2001 From: Fabian Wilkens Date: Sat, 18 Jan 2020 10:28:47 +0100 Subject: [PATCH] Init commit --- .gitignore | 2 + LICENSE | 4 + README.md | 85 ++++++ README_fr.md | 77 ++++++ check_process.default | 40 +++ conf/app.src | 5 + conf/env.sample | 14 + conf/nginx.conf | 38 +++ conf/systemd.service | 26 ++ manifest.json | 79 ++++++ pull_request_template.md | 18 ++ scripts/_common.sh | 42 +++ scripts/backup | 100 +++++++ scripts/change_url | 134 ++++++++++ scripts/install | 405 +++++++++++++++++++++++++++++ scripts/remove | 124 +++++++++ scripts/restore | 148 +++++++++++ scripts/upgrade | 214 +++++++++++++++ scripts/ynh_install_ruby__2 | 143 ++++++++++ sources/extra_files/app/.gitignore | 2 + sources/patches/.gitignore | 2 + 21 files changed, 1702 insertions(+) create mode 100644 .gitignore create mode 100644 LICENSE create mode 100644 README.md create mode 100644 README_fr.md create mode 100644 check_process.default create mode 100644 conf/app.src create mode 100644 conf/env.sample create mode 100644 conf/nginx.conf create mode 100644 conf/systemd.service create mode 100644 manifest.json create mode 100644 pull_request_template.md create mode 100644 scripts/_common.sh create mode 100755 scripts/backup create mode 100644 scripts/change_url create mode 100755 scripts/install create mode 100755 scripts/remove create mode 100755 scripts/restore create mode 100755 scripts/upgrade create mode 100644 scripts/ynh_install_ruby__2 create mode 100644 sources/extra_files/app/.gitignore create mode 100644 sources/patches/.gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..783a4ae --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*~ +*.sw[op] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..f3cff84 --- /dev/null +++ b/LICENSE @@ -0,0 +1,4 @@ +File containing the license of your package. + +More information here: +https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-13---indiquer-la-licence-associ%C3%A9e-au-paquet---brouillon--auto--working- diff --git a/README.md b/README.md new file mode 100644 index 0000000..c4bc9db --- /dev/null +++ b/README.md @@ -0,0 +1,85 @@ +# Usage of this package (REMOVE THIS SECTION BEFORE RELEASE) +- Copy this app before working on it. +- Edit `conf/nginx.conf` file to match application prerequisites. +- Edit `manifest.json` with application specific information. +- Edit the `install`, `upgrade`, `remove`, `backup`, and `restore` scripts. + - Using the [script helpers documentation.](https://helpers.yunohost.org/) +- Add a `LICENSE` file for the package. +- Edit `README.md` and README_fr.md. + +# Example app for YunoHost + +[![Integration level](https://dash.yunohost.org/integration/REPLACEBYYOURAPP.svg)](https://dash.yunohost.org/appci/app/REPLACEBYYOURAPP) +[![Install REPLACEBYYOURAPP with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=REPLACEBYYOURAPP) + +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allow you to install REPLACEBYYOURAPP quickly and simply on a YunoHost server. +If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* + +## Overview +Quick description of this app. + +**Shipped version:** 1.0 + +## Screenshots + +![](Link to an screenshot for this app) + +## Demo + +* [Official demo](Link to a demo site for this app) + +## Configuration + +How to configure this app: by an admin panel, a plain file with SSH, or any other way. + +## Documentation + + * Official documentation: Link to the official documentation of this app + * YunoHost documentation: If specific documentation is needed, feel free to contribute. + +## YunoHost specific features + +#### Multi-users support + +Are LDAP and HTTP auth supported? +Can the app be used by multiple users? + +#### Supported architectures + +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/REPLACEBYYOURAPP%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/REPLACEBYYOURAPP/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/REPLACEBYYOURAPP%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/REPLACEBYYOURAPP/) + +## Limitations + +* Any known limitations. + +## Additional information + +* Other information you would add about this application + +**More information on the documentation page:** +https://yunohost.org/packaging_apps + +## Links + + * Report a bug: https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/issues + * App website: Link to the official website of this app + * Upstream app repository: Link to the official repository of the upstream app + * YunoHost website: https://yunohost.org/ + +--- + +Developers info +---------------- + +**Only if you want to use a testing branch for coding, instead of merging directly into master.** +Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/tree/testing). + +To try the testing branch, please proceed like that. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/tree/testing --debug +or +sudo yunohost app upgrade REPLACEBYYOURAPP -u https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/tree/testing --debug +``` diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..c37d358 --- /dev/null +++ b/README_fr.md @@ -0,0 +1,77 @@ +# App exemple pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/REPLACEBYYOURAPP.svg)](https://dash.yunohost.org/appci/app/REPLACEBYYOURAPP) +[![Installer REPLACEBYYOURAPP avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=REPLACEBYYOURAPP) + +*[Read this readme in english.](./README.md)* + +> *Ce package vous permet d'installer REPLACEBYYOURAPP rapidement et simplement sur un serveur Yunohost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble +Description rapide de cette application. + +**Version incluse:** 1.0 + +## Captures d'écran + +![](Lien vers une capture d'écran pour cette application) + +## Démo + +* [Démo officielle](Lien vers un site de démonstration pour cette application) + +## Configuration + +Comment configurer cette application: via le panneau d'administration, un fichier brut en SSH ou tout autre moyen. + +## Documentation + + * Documentation officielle: Lien vers la documentation officielle de cette application + * Documentation YunoHost: Si une documentation spécifique est nécessaire, n'hésitez pas à contribuer. + +## Caractéristiques spécifiques YunoHost + +#### Support multi-utilisateurs + +L'authentification LDAP et HTTP est-elle prise en charge? +L'application peut-elle être utilisée par plusieurs utilisateurs? + +#### Architectures supportées + +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/REPLACEBYYOURAPP%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/REPLACEBYYOURAPP/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/REPLACEBYYOURAPP%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/REPLACEBYYOURAPP/) +* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/REPLACEBYYOURAPP%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/REPLACEBYYOURAPP/) + +## Limitations + +* Limitations connues. + +## Informations additionnelles + +* Autres informations à ajouter sur cette application + +**Plus d'informations sur la page de documentation:** +https://yunohost.org/packaging_apps + +## Liens + + * Signaler un bug: https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/issues + * Site de l'application: Lien vers le site officiel de cette application + * Dépôt de l'application principale: Lien vers le dépôt officiel de l'application principale + * Site web YunoHost: https://yunohost.org/ + +--- + +Informations pour les développeurs +---------------- + +**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.** +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/tree/testing --debug +ou +sudo yunohost app upgrade REPLACEBYYOURAPP -u https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/tree/testing --debug +``` diff --git a/check_process.default b/check_process.default new file mode 100644 index 0000000..00325ad --- /dev/null +++ b/check_process.default @@ -0,0 +1,40 @@ +# See here for more information +# https://github.com/YunoHost/package_check#syntax-check_process-file + +# Move this file from check_process.default to check_process when you have filled it. + +;; Test complet + ; Manifest + domain="domain.tld" (DOMAIN) + path="/path" (PATH) + admin="john" (USER) + language="en" + is_public=1 (PUBLIC|public=1|private=0) + password="pass" + port="666" (PORT) + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_nourl=0 + setup_private=1 + setup_public=1 + upgrade=1 + upgrade=1 from_commit=CommitHash + backup_restore=1 + multi_instance=1 + # This test is no longer necessary since the version 2.7 (PR: https://github.com/YunoHost/yunohost/pull/304), you can still do it if your app could be installed with this version. + # incorrect_path=1 + port_already_use=0 + change_url=1 +;;; Levels + # If the level 5 (Package linter) is forced to 1. Please add justifications here. + Level 5=auto +;;; Options +Email= +Notification=none +;;; Upgrade options + ; commit=CommitHash + name=Name and date of the commit. + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& + diff --git a/conf/app.src b/conf/app.src new file mode 100644 index 0000000..a908018 --- /dev/null +++ b/conf/app.src @@ -0,0 +1,5 @@ +SOURCE_URL=https://github.com/standardnotes/syncing-server/archive/master.zip +SOURCE_SUM=856e34b65b9134035134c3a9e215c2fe531b8fa9005acdf88934cc063066405b +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=zip +SOURCE_IN_SUBDIR=true diff --git a/conf/env.sample b/conf/env.sample new file mode 100644 index 0000000..d29237b --- /dev/null +++ b/conf/env.sample @@ -0,0 +1,14 @@ + +# Rails Settings +EXPOSED_PORT=3000 +SECRET_KEY_BASE=changeme123 +RAILS_ENV=development + +# Database Settings +DB_PORT=3306 +DB_HOST=127.0.0.1 + +DB_DATABASE=standard_notes_db +DB_USERNAME=std_notes_user +DB_PASSWORD=changeme123 +DB_ROOT_PASSWORD=changeme123 diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..4c9d809 --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,38 @@ +root __FINALPATH__/live/public; + +location / { + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } + proxy_set_header Accept-Encoding ""; + try_files $uri @proxy; + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; +} + +location @proxy { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header Proxy ""; + proxy_pass_header Server; + + proxy_pass http://127.0.0.1:3000; + proxy_buffering on; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + #proxy_cache CACHE; + proxy_cache_valid 200 7d; + proxy_cache_valid 410 24h; + proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; + add_header X-Cached $upstream_cache_status; + add_header Strict-Transport-Security "max-age=31536000"; + tcp_nodelay on; +} + +error_page 500 501 502 503 504 /500.html; diff --git a/conf/systemd.service b/conf/systemd.service new file mode 100644 index 0000000..7da85e2 --- /dev/null +++ b/conf/systemd.service @@ -0,0 +1,26 @@ +[Unit] +Description=__APP__ service +After=network.target + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__FINALPATH__/live +Environment=RAILS_ENV=production +Environment="PORT=__PORT_WEB__" +#ExecStart=/opt/yunohost/snserver/rails s >> /var/log/snserver/snserver.log 2>&1 +#ExecStart=__FINALPATH__/bin/rails s -e production >> /var/log/__APP__/__APP__.log 2>&1 +ExecStart=/opt/rbenv/versions/2.6.5/bin/bundle exec puma -C config/puma.rb +ExecReload=/bin/kill -SIGUSR1 $MAINPID +StandardError=syslog +Restart=always +RestartSec=15 + +[Install] +WantedBy=multi-user.target + + + + + diff --git a/manifest.json b/manifest.json new file mode 100644 index 0000000..849a772 --- /dev/null +++ b/manifest.json @@ -0,0 +1,79 @@ +{ + "name": "Standard Notes - Syncing Server", + "id": "snserver", + "packaging_format": 1, + "description": { + "en": "The Standard Notes syncing server. An end-to-end encrypted note-taking app." + }, + "version": "1.0~ynh1", + "url": "https://github.com/standardnotes/syncing-server", + "license": "free", + "maintainer": { + "name": "Fabian Wilkens", + "email": "wilkens.fabian+github@gmail.com", + "url": "https://github.com/FabianWilkens/snserver_ynh" + }, + "requirements": { + "yunohost": ">= 3.5" + }, + "multi_instance": true, + "services": [ + "nginx", + "mysql" + ], + "arguments": { + "install" : [ + { + "name": "domain", + "type": "domain", + "ask": { + "en": "Choose a domain name for snserver", + "fr": "Choisissez un domaine pour Mastodon", + "de": "Wähle einen Domain Namen für snserver" + }, + "example": "example.com" + }, + { + "name": "path", + "type": "path", + "ask": { + "en": "Choose a path for snserver", + "de": "Wähle einen Pfad für snserver" + }, + "example": "/snserver", + "default": "/snserver" + }, + { + "name": "admin", + "type": "user", + "ask": { + "en": "Choose an admin user", + "fr": "Choisissez l'administrateur", + "de": "Wähle einen Admin Benutzer" + }, + "example": "johndoe" + }, + { + "name": "is_public", + "type": "boolean", + "ask": { + "en": "Is it a public application?", + "fr": "Est-ce une application publique ?", + "de": "Ist die Application Öffendlich?" + }, + "default": true + }, + { + "name": "language", + "type": "string", + "ask": { + "en": "Choose the application language", + "fr": "Choisissez la langue de l'application", + "de": "Wähle die Application Sprache" + }, + "choices": ["en", "fr", "de"], + "default": "en" + } + ] + } +} diff --git a/pull_request_template.md b/pull_request_template.md new file mode 100644 index 0000000..0287f9f --- /dev/null +++ b/pull_request_template.md @@ -0,0 +1,18 @@ +## Problem +- *Description of why you made this PR* + +## Solution +- *And how do you fix that problem* + +## PR Status +- [ ] Code finished. +- [ ] Tested with Package_check. +- [ ] Fix or enhancement tested. +- [ ] Upgrade from last version tested. +- [ ] Can be reviewed and tested. + +## Package_check results +--- +*If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results* + +[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/REPLACEBYYOURAPP_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/REPLACEBYYOURAPP_ynh%20PR-NUM-%20(USERNAME)/) diff --git a/scripts/_common.sh b/scripts/_common.sh new file mode 100644 index 0000000..dded0e1 --- /dev/null +++ b/scripts/_common.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +#================================================= +# COMMON VARIABLES +#================================================= + +# dependencies used by the app +#pkg_dependencies="ruby ruby-dev rails zlib1g-dev libsqlite3-dev default-libmysqlclient-dev libssl-dev libreadline-dev" +pkg_dependencies=" zlib1g-dev libsqlite3-dev default-libmysqlclient-dev libssl-dev libreadline-dev" + +#================================================= +# PERSONAL HELPERS +#================================================= + +# Execute a command as another user with login +# (hence in user home dir, with prior loading of .profile, etc.) +# usage: exec_login_as USER COMMAND [ARG ...] +exec_login_as() { + local user=$1 + shift 1 + exec_as $user --login "$@" +} +# Execute a command as another user +# usage: exec_as USER COMMAND [ARG ...] +exec_as() { + local user=$1 + shift 1 + + if [[ $user = $(whoami) ]]; then + eval "$@" + else + sudo -u "$user" "$@" + fi +} + +#================================================ +# EXPERIMENTAL HELPERS +#================================================= + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= diff --git a/scripts/backup b/scripts/backup new file mode 100755 index 0000000..870a408 --- /dev/null +++ b/scripts/backup @@ -0,0 +1,100 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + ### Remove this function if there's nothing to clean before calling the remove script. + true +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) + +#================================================= +# STANDARD BACKUP STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" + +#================================================= +# BACKUP THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Backing up the main app directory..." --time --weight=1 + +ynh_backup --src_path="$final_path" + +#================================================= +# BACKUP THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Backing up nginx web server configuration..." --time --weight=1 + +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# BACKUP THE MYSQL DATABASE +#================================================= +ynh_script_progression --message="Backing up the MySQL database..." --time --weight=1 + +ynh_mysql_dump_db --database="$db_name" > db.sql + +#================================================= +# BACKUP FAIL2BAN CONFIGURATION +#================================================= +ynh_script_progression --message="Backing up fail2ban configuration..." --time --weight=1 + +ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" +ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" + +#================================================= +# SPECIFIC BACKUP +#================================================= +# BACKUP LOGROTATE +#================================================= +ynh_script_progression --message="Backing up logrotate configuration..." --time --weight=1 + +ynh_backup --src_path="/etc/logrotate.d/$app" + +#================================================= +# BACKUP SYSTEMD +#================================================= +ynh_script_progression --message="Backing up systemd configuration..." --time --weight=1 + +ynh_backup --src_path="/etc/systemd/system/$app.service" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --time --last diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..3f21bc8 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,134 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path=$YNH_APP_NEW_PATH + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +# Add settings here as needed by your application +#db_name=$(ynh_app_setting_get --app=$app --key=db_name) +#db_user=$db_name +#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." --time --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" + +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_script_progression --message="Updating nginx web server configuration..." --time --weight=1 + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the nginx config file +if [ $change_path -eq 1 ] +then + # Make a backup of the original nginx config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Set global variables for nginx helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated nginx config + ynh_add_nginx_config +fi + +# Change the domain for nginx +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= +# ... +#================================================= + +#================================================= +# GENERIC FINALISATION +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Change of URL completed for $app" --time --last diff --git a/scripts/install b/scripts/install new file mode 100755 index 0000000..6aec2e7 --- /dev/null +++ b/scripts/install @@ -0,0 +1,405 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source ynh_install_ruby__2 +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + ynh_clean_check_starting +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= + +domain=$YNH_APP_ARG_DOMAIN +#path_url=$YNH_APP_ARG_PATH +path_url="/" +admin=$YNH_APP_ARG_ADMIN +is_public=$YNH_APP_ARG_IS_PUBLIC +language=$YNH_APP_ARG_LANGUAGE +admin_mail=$(ynh_user_get_info $admin 'mail') +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= +### About --weight and --time +### ynh_script_progression will show to your final users the progression of each scripts. +### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script. +### --time is a packager option, it will show you the execution time since the previous call. +### This option should be removed before releasing your app. +### Use the execution time, given by --time, to estimate the weight of a step. +### A common way to do it is to set a weight equal to the execution time in second +1. +### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. +ynh_script_progression --message="Validating installation parameters..." --weight=2 + +### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". +### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app" +final_path=/var/www/$app +#final_path=/opt/yunohost/$app +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" + +# Register (book) web path +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url + +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= +ynh_script_progression --message="Storing installation settings..." --weight=2 + +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=is_public --value=$is_public +ynh_app_setting_set --app=$app --key=language --value=$language + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# FIND AND OPEN A PORT +#================================================= +ynh_script_progression --message="Configuring firewall..." --weight=1 + +### Use these lines if you have to open a port for the application +### `ynh_find_port` will find the first available port starting from the given port. +### If you're not using these lines: +### - Remove the section "CLOSE A PORT" in the remove script + +# Find an available port +port_web=$(ynh_find_port --port=3000) +# Open the port +ynh_app_setting_set --app=$app --key=port_web --value=$port_web + +# Optional: Expose this port publicly +# (N.B. : you only need to do this if the app actually needs to expose the port publicly. +# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) + +# Open the port +# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port + +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." --weight=7 + +### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. +### Those deb packages will be installed as dependencies of this package. +### If you're not using this helper: +### - Remove the section "REMOVE DEPENDENCIES" in the remove script +### - Remove the variable "pkg_dependencies" in _common.sh +### - As well as the section "REINSTALL DEPENDENCIES" in the restore script +### - And the section "UPGRADE DEPENDENCIES" in the upgrade script + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# CREATE A MYSQL DATABASE +#================================================= +ynh_script_progression --message="Creating a MySQL database..." --weight=2 + +### Use these lines if you need a database for the application. +### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. +### The password will be stored as 'mysqlpwd' into the app settings, +### and will be available as $db_pwd +### If you're not using these lines: +### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script +### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script +### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script + +db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name +ynh_app_setting_set --app=$app --key=db_name --value=$db_name +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_script_progression --message="Setting up source files..." --weight=2 + +### `ynh_setup_source` is used to install an app from a zip or tar.gz file, +### downloaded from an upstream source, like a git repository. +### `ynh_setup_source` use the file conf/app.src + +ynh_app_setting_set --app=$app --key=final_path --value=$final_path +# Download, check integrity, uncompress and patch the source from app.src +mkdir $final_path +ynh_setup_source --dest_dir="$final_path/live" +#ynh_setup_source --dest_dir="$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring nginx web server..." --weight=2 + +### `ynh_add_nginx_config` will use the file conf/nginx.conf + +# Create a dedicated nginx config +ynh_add_nginx_config 'port_web' + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=2 + +# Create a system user +#ynh_system_user_create --username=$app +# Create a system user allowing login +#ynh_system_user_create $app $final_path 1 +# Create a system user +ynh_system_user_create --username=$app --home_dir=$final_path + + +#================================================= +# SPECIFIC SETUP +#================================================= +pwd +ls -al +# INSTALLING RUBY AND BUNDLER +#================================================= +ynh_script_progression --message="Installing Ruby..." --weight=321 + +ynh_install_ruby --ruby_version=2.6.5 +/opt/rbenv/versions/2.6.5/bin/gem update --system +#/opt/rbenv/versions/2.6.5/bin/gem install bundler --no-document + +#================================================= +# Setup +#================================================= +#ynh_script_progression --message="Setup..." --weight=780 + +# Set right permissions +#chown -R "$app":"$app" $final_path +#mkdir -p "/var/log/$app" +#chown -R "$app":"$app" "/var/log/$app" + +#================================================= +# MODIFY A CONFIG FILE +#================================================= +ynh_script_progression --message="Modifying a config file..." --weight=2 +### `ynh_replace_string` is used to replace a string in a file. +### (It's compatible with sed regular expressions syntax) + + +cp -f ../conf/env.sample "$final_path/live/.env" +config_file="$final_path/live/.env" +ynh_replace_string --match_string="EXPOSED_PORT=3000" --replace_string="EXPOSED_PORT=$port_web" --target_file="$config_file" +secret_key=$(ynh_string_random --length=48 | base64) +ynh_replace_string --match_string="SECRET_KEY_BASE=changeme123" --replace_string="SECRET_KEY_BASE=$secret_key" --target_file="$config_file" +ynh_replace_string --match_string="RAILS_ENV=development" --replace_string="RAILS_ENV=production" --target_file="$config_file" +ynh_replace_string --match_string="DB_DATABASE=standard_notes_db" --replace_string="DB_DATABASE=$db_name" --target_file="$config_file" +ynh_replace_string --match_string="DB_USERNAME=std_notes_user" --replace_string="DB_USERNAME=$db_user" --target_file="$config_file" +ynh_replace_string --match_string="DB_PASSWORD=changeme123" --replace_string="DB_PASSWORD=$db_pwd" --target_file="$config_file" +ynh_replace_string --match_string="DB_ROOT_PASSWORD=changeme123" --replace_string="DB_ROOT_PASSWORD=" --target_file="$config_file" + +ynh_replace_string --match_string="proxy_pass http://127.0.0.1:3000;" --replace_string="proxy_pass http://127.0.0.1:$port_web;" --target_file="../conf/nginx.conf" + +#================================================= +# INSTALLING Standard Notes - Synicing Server +#================================================= +ynh_script_progression --message="Installing Standard Notes - Synicing Server..." --weight=153 + +chown -R "$app": "$final_path" + +pushd "$final_path/live" + sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.5/bin/bundle config set path 'vendor/bundle' + sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.5/bin/bundle config set with 'development' + sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.5/bin/bundle install + #sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile + #sudo -u "$app" echo "SAFETY_ASSURED=1">> .env.production + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.5/bin/bundle exec rails db:create db:migrate + #sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.5/bin/bundle exec rails assets:precompile --quiet + #sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.5/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt + #sudo -u "$app" env PATH=$PATH RAILS_ENV=production bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=admin > acc.txt +popd + +#(cd "$final_path" +# Install bundler, a gems installer +#gem install bundler +# Install without documentation +#exec_as $app echo "gem: --no-ri --no-rdoc" >> "$final_path/.gemrc") + +# Install dependencies +#exec_login_as $app bundle config set path 'vendor/bundle' +#exec_login_as $app bundle config set with 'development' +#exec_login_as $app bundle install +# Database Migrate +#exec_login_as $app rails db:create db:migrate +#================================================= + +#================================================= +# SETUP APPLICATION WITH CURL +#================================================= + +### Use these lines only if the app installation needs to be finalized through +### web forms. We generally don't want to ask the final user, +### so we're going to use curl to automatically fill the fields and submit the +### forms. + +# Set right permissions for curl install +#chown -R $app: $final_path + +# Set the app as temporarily public for curl call +#ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 +#ynh_app_setting_set --app=$app --key=skipped_uris --value="/" +# Reload SSOwat config +#yunohost app ssowatconf + +# Reload Nginx +#ynh_systemd_action --service_name=nginx --action=reload + +# Installation with curl +#ynh_script_progression --message="Finalizing installation..." --time --weight=1 +#ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" + +# Remove the public access +#if [ $is_public -eq 0 ] +#then +# ynh_app_setting_delete --app=$app --key=skipped_uris +#fi + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Configuring a systemd service..." --weight=2 + +### `ynh_systemd_config` is used to configure a systemd script for an app. +### It can be used for apps that use sysvinit (with adaptation) or systemd. +### Have a look at the app to be sure this app needs a systemd script. +### `ynh_systemd_config` will use the file conf/systemd.service +### If you're not using these lines: +### - You can remove those files in conf/. +### - Remove the section "BACKUP SYSTEMD" in the backup script +### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script +### - As well as the section "RESTORE SYSTEMD" in the restore script +### - And the section "SETUP SYSTEMD" in the upgrade script + +# Create a dedicated systemd config +#ynh_add_systemd_config +ynh_replace_string --match_string="__PORT_WEB__" --replace_string="$port_web" --target_file="../conf/systemd.service" +ynh_add_systemd_config --service="$app" --template="systemd.service" + +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= + +### `ynh_store_file_checksum` is used to store the checksum of a file. +### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, +### you can make a backup of this file before modifying it again if the admin had modified it. + +# Calculate and store the config file checksum into the app settings +ynh_store_file_checksum --file="$config_file" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= +ynh_script_progression --message="Securing files and directories..." --weight=1 +### For security reason, any app should set the permissions to root: before anything else. +### Then, if write authorization is needed, any access should be given only to directories +### that really need such authorization. + +# Set permissions to app files +chown -R root: $final_path +chown $app: $final_path +chown -R $app: $final_path/live/log/ + +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Configuring log rotation..." --weight=2 + +### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. +### Use this helper only if there is effectively a log file for this app. +### If you're not using this helper: +### - Remove the section "BACKUP LOGROTATE" in the backup script +### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script +### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script +### - And the section "SETUP LOGROTATE" in the upgrade script + +# Use logrotate to manage application logfile(s) +ynh_use_logrotate + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= + +### `yunohost service add` integrates a service in YunoHost. It then gets +### displayed in the admin interface and through the others `yunohost service` commands. +### (N.B. : this line only makes sense if the app adds a service to the system!) +### If you're not using these lines: +### - You can remove these files in conf/. +### - Remove the section "REMOVE SERVICE FROM ADMIN PANEL" in the remove script +### - As well as the section "ADVERTISE SERVICE IN ADMIN PANEL" in the restore script + +yunohost service add $app --description "Standard Notes - Syncing Server" + +### With YunoHost 3.8 you will then be able to: +### - specify a list of ports that needs to be publicly exposed (c.f. --needs_exposed_ports) +### which will then be checked by YunoHost's diagnosis system +### - specify a custom command to check the status of the service (c.f. --test_status) +### though it's only needed for weird cases where 'systemctl status' doesn't do a good job +### - specify a custom command to check / validate the configuration of the service (c.f. --test_conf) +### for example, the command to check the configuration of nginx is "nginx -t" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +### `ynh_systemd_action` is used to start a systemd service for an app. +### Only needed if you have configure a systemd service +### If you're not using these lines: +### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script +### - As well as the section "START SYSTEMD SERVICE" in the restore script +### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script +### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script + +# Start a systemd service +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" + +#================================================= +# SETUP FAIL2BAN +#================================================= +#ynh_script_progression --message="Configuring fail2ban..." --time --weight=1 + +# Create a dedicated fail2ban config +#ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" + +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Configuring SSOwat..." --weight=1 + +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" +fi + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Installation of $app completed" --time --last diff --git a/scripts/remove b/scripts/remove new file mode 100755 index 0000000..c04c95a --- /dev/null +++ b/scripts/remove @@ -0,0 +1,124 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source ynh_install_ruby__2 +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +port_web=$(ynh_app_setting_get --app=$app --key=port_web) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +#================================================= +# STANDARD REMOVE +#================================================= +# REMOVE SERVICE INTEGRATION IN YUNOHOST +#================================================= + +# Remove the service from the list of services known by Yunohost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status $app >/dev/null +then + ynh_script_progression --message="Removing $app service..." --time --weight=1 + yunohost service remove $app +fi + +#================================================= +# STOP AND REMOVE SERVICE +#================================================= +ynh_script_progression --message="Stopping and removing the systemd service..." --time --weight=1 + +# Remove the dedicated systemd config +ynh_remove_systemd_config --service="$app" + +#================================================= +# REMOVE THE MYSQL DATABASE +#================================================= +ynh_script_progression --message="Removing the MySQL database..." --time --weight=1 + +# Remove a database if it exists, along with the associated user +ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name + +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_script_progression --message="Removing dependencies..." --time --weight=1 + +# Remove metapackage and its dependencies +ynh_remove_ruby +ynh_remove_app_dependencies + +#================================================= +# REMOVE APP MAIN DIR +#================================================= +ynh_script_progression --message="Removing app main directory..." --time --weight=1 + +# Remove the app directory securely +ynh_secure_remove --file="$final_path" + +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Removing nginx web server configuration..." --time --weight=1 + +# Remove the dedicated nginx config +ynh_remove_nginx_config + +#================================================= +# REMOVE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1 + +# Remove the app-specific logrotate config +ynh_remove_logrotate + +#================================================= +# CLOSE A PORT +#================================================= + +if yunohost firewall list | grep -q "\- $port$" +then + ynh_script_progression --message="Closing port $port..." + ynh_exec_warn_less yunohost firewall disallow TCP $port +fi + +#================================================= +# REMOVE FAIL2BAN CONFIGURATION +#================================================= +#ynh_script_progression --message="Removing fail2ban configuration..." --time --weight=1 + +# Remove the dedicated fail2ban config +#ynh_remove_fail2ban_config + +#================================================= +# SPECIFIC REMOVE +#================================================= + +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= +ynh_script_progression --message="Removing the dedicated system user..." --time --weight=1 + +# Delete a system user +ynh_system_user_delete --username=$app + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Removal of $app completed" --time --last diff --git a/scripts/restore b/scripts/restore new file mode 100755 index 0000000..272e31c --- /dev/null +++ b/scripts/restore @@ -0,0 +1,148 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + #### Remove this function if there's nothing to clean before calling the remove script. + true +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name + +#================================================= +# CHECK IF THE APP CAN BE RESTORED +#================================================= +ynh_script_progression --message="Validating restoration parameters..." --time --weight=1 + +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}${path_url}" +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " + +#================================================= +# STANDARD RESTORATION STEPS +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Restoring the app main directory..." --time --weight=1 + +ynh_restore_file --origin_path="$final_path" + +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app + +#================================================= +# RESTORE USER RIGHTS +#================================================= + +# Restore permissions on app files +chown -R "$app":"$app" $final_path +mkdir -p "/var/log/$app" +chown -R "$app":"$app" /var/log/$app + +#================================================= +# RESTORE FAIL2BAN CONFIGURATION +#================================================= +#ynh_script_progression --message="Restoring the fail2ban configuration..." --time --weight=1 + +#ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" +#ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" +#ynh_systemd_action --action=restart --service_name=fail2ban + +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# RESTORE THE MYSQL DATABASE +#================================================= +ynh_script_progression --message="Restoring the MySQL database..." --time --weight=1 + +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql + +#================================================= +# RESTORE SYSTEMD +#================================================= +ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1 + +ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +systemctl enable $app.service + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= + +yunohost service add $app --description "A short description of the app" --log "/var/log/$app/$app.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" + +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/logrotate.d/$app" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= +ynh_script_progression --message="Reloading nginx web server and php-fpm..." --time --weight=1 + +ynh_systemd_action --service_name=php7.0-fpm --action=reload +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Restoration completed for $app" --time --last diff --git a/scripts/upgrade b/scripts/upgrade new file mode 100755 index 0000000..593550f --- /dev/null +++ b/scripts/upgrade @@ -0,0 +1,214 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +is_public=$(ynh_app_setting_get --app=$app --key=is_public) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +language=$(ynh_app_setting_get --app=$app --key=language) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) + +#================================================= +# CHECK VERSION +#================================================= + +### This helper will compare the version of the currently installed app and the version of the upstream package. +### $upgrade_type can have 2 different values +### - UPGRADE_APP if the upstream app version has changed +### - UPGRADE_PACKAGE if only the YunoHost package has changed +### ynh_check_app_version_changed will stop the upgrade if the app is up to date. +### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 + +# Fix is_public as a boolean value +if [ "$is_public" = "Yes" ]; then + ynh_app_setting_set --app=$app --key=is_public --value=1 + is_public=1 +elif [ "$is_public" = "No" ]; then + ynh_app_setting_set --app=$app --key=is_public --value=0 + is_public=0 +fi + +# If db_name doesn't exist, create it +if [ -z "$db_name" ]; then + db_name=$(ynh_sanitize_dbid --db_name=$app) + ynh_app_setting_set --app=$app --key=db_name --value=$db_name +fi + +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path +fi + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK THE PATH +#================================================= + +# Normalize the URL path syntax +# N.B. : this is for app installations before YunoHost 2.7 +# where this value might be something like /foo/ or foo/ +# instead of /foo .... +# If nobody installed your app before 2.7, then you may +# safely remove this line +path_url=$(ynh_normalize_url_path --path_url=$path_url) + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." --time --weight=1 + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" +fi + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading nginx web server configuration..." --time --weight=1 + +# Create a dedicated nginx config +ynh_add_nginx_config + +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app + +#================================================= +# SPECIFIC UPGRADE +#================================================= +# ... +#================================================= + +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= + +### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. +### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. +ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE" +# Recalculate and store the checksum of the file for the next upgrade. +ynh_store_file_checksum --file="$final_path/CONFIG_FILE" + +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1 + +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1 + +# Create a dedicated systemd config +ynh_add_systemd_config + +#================================================= +# GENERIC FINALIZATION +#================================================= +# UPGRADE FAIL2BAN +#================================================= +ynh_script_progression --message="Reconfiguring fail2ban..." --time --weight=1 + +# Create a dedicated fail2ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" + +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Set permissions on app files +chown -R root: $final_path + +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Upgrading SSOwat configuration..." --time --weight=1 + +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway + ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" +fi + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" --time --last diff --git a/scripts/ynh_install_ruby__2 b/scripts/ynh_install_ruby__2 new file mode 100644 index 0000000..f064c08 --- /dev/null +++ b/scripts/ynh_install_ruby__2 @@ -0,0 +1,143 @@ +#!/bin/bash + +# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args + +rbenv_install_dir="/opt/rbenv" +# RBENV_ROOT is the directory of rbenv, it needs to be loaded as a environment variable. +export RBENV_ROOT="$rbenv_install_dir" + +# Install ruby version management +# +# [internal] +# +# usage: ynh_install_rbenv +ynh_install_rbenv () { + echo "Installation of rbenv - ruby version management" >&2 + # Build an app.src for rbenv + mkdir -p "../conf" + echo "SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.2.tar.gz +SOURCE_SUM=80ad89ffe04c0b481503bd375f05c212bbc7d44ef5f5e649e0acdf25eba86736" > "../conf/rbenv.src" + # Download and extract rbenv + ynh_setup_source "$rbenv_install_dir" rbenv + + # Build an app.src for ruby-build + mkdir -p "../conf" + echo "SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20191004.tar.gz +SOURCE_SUM=6f053957acb0af6d621ebf2b9dacc9c265844b2dc6842a021eb10f0a70094fe8" > "../conf/ruby-build.src" + # Download and extract ruby-build + ynh_setup_source "$rbenv_install_dir/plugins/ruby-build" ruby-build + + (cd $rbenv_install_dir + ./src/configure && make -C src) + +# Create shims directory if needed +if [ ! -d $rbenv_install_dir/shims ] ; then + mkdir $rbenv_install_dir/shims +fi +} + +# Install a specific version of ruby +# +# ynh_install_ruby will install the version of ruby provided as argument by using rbenv. +# +# rbenv (ruby version management) stores the target ruby version in a .ruby_version file created in the target folder (using rbenv local ) +# It then uses that information for every ruby user that uses rbenv provided ruby command +# +# This helper creates a /etc/profile.d/rbenv.sh that configures PATH environment for rbenv +# for every LOGIN user, hence your user must have a defined shell (as opposed to /usr/sbin/nologin) +# +# Don't forget to execute ruby-dependent command in a login environment +# (e.g. sudo --login option) +# When not possible (e.g. in systemd service definition), please use direct path +# to rbenv shims (e.g. $RBENV_ROOT/shims/bundle) +# +# usage: ynh_install_ruby ruby_version user +# | arg: -v, --ruby_version= - Version of ruby to install. +# If possible, prefer to use major version number (e.g. 8 instead of 8.10.0). +# The crontab will handle the update of minor versions when needed. +ynh_install_ruby () { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [v]=ruby_version= ) + # Use rbenv, https://github.com/rbenv/rbenv to manage the ruby versions + local ruby_version + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + # Create $rbenv_install_dir + mkdir -p "$rbenv_install_dir/plugins/ruby-build" + + # Load rbenv path in PATH + CLEAR_PATH="$rbenv_install_dir/bin:$PATH" + + # Remove /usr/local/bin in PATH in case of ruby prior installation + PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@') + + # Move an existing ruby binary, to avoid to block rbenv + test -x /usr/bin/ruby && mv /usr/bin/ruby /usr/bin/ruby_rbenv + + # If rbenv is not previously setup, install it + if ! type rbenv > /dev/null 2>&1 + then + ynh_install_rbenv + elif dpkg --compare-versions "$(/opt/rbenv/bin/rbenv --version | cut -d" " -f2)" lt "1.1.2" + then + ynh_install_rbenv + fi + + # Restore /usr/local/bin in PATH (if needed) + PATH=$CLEAR_PATH + + # And replace the old ruby binary + test -x /usr/bin/ruby_rbenv && mv /usr/bin/ruby_rbenv /usr/bin/ruby + + # Install the requested version of ruby + CONFIGURE_OPTS="--disable-install-doc" MAKE_OPTS="-j2" rbenv install --skip-existing $ruby_version + + # Store the ID of this app and the version of ruby requested for it + echo "$YNH_APP_ID:$ruby_version" | tee --append "$rbenv_install_dir/ynh_app_version" + + # Store ruby_version into the config of this app + ynh_app_setting_set $app ruby_version $ruby_version + + # Set environment for ruby users + echo "#rbenv +export RBENV_ROOT=$rbenv_install_dir +export PATH=\"$rbenv_install_dir/bin:$PATH\" +eval \"\$(rbenv init -)\" +#rbenv" > /etc/profile.d/rbenv.sh + + # Load the right environment for the Installation + eval "$(rbenv init -)" + + (cd $final_path + rbenv local $ruby_version) +} + +# Remove the version of ruby used by the app. +# +# This helper will check if another app uses the same version of ruby, +# if not, this version of ruby will be removed. +# If no other app uses ruby, rbenv will be also removed. +# +# usage: ynh_remove_ruby +ynh_remove_ruby () { + ruby_version=$(ynh_app_setting_get $app ruby_version) + + # Remove the line for this app + sed --in-place "/$YNH_APP_ID:$ruby_version/d" "$rbenv_install_dir/ynh_app_version" + + # If no other app uses this version of ruby, remove it. + if ! grep --quiet "$ruby_version" "$rbenv_install_dir/ynh_app_version" + then + $rbenv_install_dir/bin/rbenv uninstall --force $ruby_version + fi + + # Remove rbenv environment configuration + rm /etc/profile.d/rbenv.sh + + # If no other app uses rbenv, remove rbenv and dedicated group + if [ ! -s "$rbenv_install_dir/ynh_app_version" ] + then + ynh_secure_remove "$rbenv_install_dir" + fi +} diff --git a/sources/extra_files/app/.gitignore b/sources/extra_files/app/.gitignore new file mode 100644 index 0000000..783a4ae --- /dev/null +++ b/sources/extra_files/app/.gitignore @@ -0,0 +1,2 @@ +*~ +*.sw[op] diff --git a/sources/patches/.gitignore b/sources/patches/.gitignore new file mode 100644 index 0000000..783a4ae --- /dev/null +++ b/sources/patches/.gitignore @@ -0,0 +1,2 @@ +*~ +*.sw[op]