YunoHost-Apps/snserver_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/snserver_ynh.git synced 2024-09-03 20:26:22 +02:00
Code Issues Activity Actions

Fix issues,env, typos

Browse source
This commit is contained in:
Fabian Wilkens 2021-07-05 19:08:00 +02:00
parent ff1dff02cd
commit c08f0aeafb
No known key found for this signature in database
GPG key ID: 23DFA025BB4E9FAB
8 changed files with 151 additions and 80 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
conf/env_api-gateway.env.sample
View file

@ -1,12 +1,23 @@
Environment="__YNH_NODE_LOAD_PATH__"
PORT="__PORT_API_GATEWAY__"
__YNH_NODE_LOAD_PATH__
LOG_LEVEL="info"
NODE_ENV="production"
NEW_RELIC_ENABLED=false
NEW_RELIC_APP_NAME="API Gateway"
NEW_RELIC_NO_CONFIG_FILE=true
PORT="__PORT_API_GATEWAY__"
SYNCING_SERVER_JS_URL="http://localhost:__PORT_SYNCING_SERVER_JS__"
AUTH_SERVER_URL="http://localhost:__PORT_AUTH__"
#PAYMENTS_SERVER_URL=http://payments:3000
HTTP_CALL_TIMEOUT=10000
AUTH_JWT_SECRET=__AUTH_JWT_SECRET__
# (Optional) New Relic Setup
NEW_RELIC_ENABLED=false
NEW_RELIC_APP_NAME="API Gateway"
NEW_RELIC_LICENSE_KEY=
NEW_RELIC_NO_CONFIG_FILE=true
NEW_RELIC_DISTRIBUTED_TRACING_ENABLED=false
NEW_RELIC_LOG_ENABLED=false
NEW_RELIC_LOG_LEVEL=info

70
conf/env_auth-worker.env.sample
View file

@ -1,33 +1,59 @@
Environment="__YNH_NODE_LOAD_PATH__"
PORT="__PORT_AUTH__"
__YNH_NODE_LOAD_PATH__
LOG_LEVEL="info"
NODE_ENV="production"
AUTH_JWT_TTL=60000
JWT_SECRET=__JWT_SECRET__
LEGACY_JWT_SECRET=__LEGACY_JWT_SECTRET__
NEW_RELIC_ENABLED=false
NEW_RELIC_APP_NAME=Auth
NEW_RELIC_NO_CONFIG_FILE=true
REDIS_EVENTS_CHANNEL="auth-events"
DISABLE_USER_REGISTRATION=false
PSEUDO_KEY_PARAMS_KEY=__PSEUDO_KEY_PARAMS_KEY__
ACCESS_TOKEN_AGE=5184000
REFRESH_TOKEN_AGE=31556926
MAX_LOGIN_ATTEMPTS=6
FAILED_LOGIN_LOCKOUT=3600
EPHEMERAL_SESSION_AGE=259200
LEGACY_JWT_SECRET=__LEGACY_JWT_SECRET__
AUTH_JWT_SECRET=__AUTH_JWT_SECRET__
AUTH_JWT_TTL=60
# Must be a hex string exactly 32 bytes long
# e.g. feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
ENCRYPTION_SERVER_KEY=__ENCRYPTION_SERVER_KEY__
PORT="__PORT_AUTH_WORKER__"
DB_HOST=127.0.0.1
DB_REPLICA_HOST=127.0.0.1
DB_PORT=3306
DB_USERNAME=auth
DB_PASSWORD=changeme123
DB_DATABASE=auth
DB_DEBUG_LEVEL=all # "all" | "query" | "schema" | "error" | "warn" | "info" | "log" | "migration"
DB_MIGRATIONS_PATH=dist/migrations/*.js
REDIS_URL=redis://localhost:6379/__REDIS_DB__
DISABLE_USER_REGISTRATION=false
ACCESS_TOKEN_AGE=5184000
REFRESH_TOKEN_AGE=31556926
EPHEMERAL_SESSION_AGE=259200
MAX_LOGIN_ATTEMPTS=6
FAILED_LOGIN_LOCKOUT=3600
PSEUDO_KEY_PARAMS_KEY=__PSEUDO_KEY_PARAMS_KEY__
SNS_TOPIC_ARN=
SNS_AWS_REGION=
SQS_QUEUE_URL=
SQS_AWS_REGION=
USER_SERVER_REGISTRATION_URL=
USER_SERVER_AUTH_KEY=
SYNCING_SERVER_URL=http://localhost:__PORT_SYNCING_SERVER_JS__
REDIS_EVENTS_CHANNEL=events
# (Optional) New Relic Setup
NEW_RELIC_ENABLED=false
NEW_RELIC_APP_NAME=Auth
NEW_RELIC_LICENSE_KEY=
NEW_RELIC_NO_CONFIG_FILE=true
NEW_RELIC_DISTRIBUTED_TRACING_ENABLED=false
NEW_RELIC_LOG_ENABLED=false
NEW_RELIC_LOG_LEVEL=info

70
conf/env_auth.env.sample
View file

@ -1,33 +1,59 @@
Environment="__YNH_NODE_LOAD_PATH__"
PORT="__PORT_AUTH_WORKER__"
__YNH_NODE_LOAD_PATH__
LOG_LEVEL="info"
NODE_ENV="production"
AUTH_JWT_TTL=60000
JWT_SECRET=__JWT_SECRET__
LEGACY_JWT_SECRET=__LEGACY_JWT_SECTRET__
NEW_RELIC_ENABLED=false
NEW_RELIC_APP_NAME=Auth
NEW_RELIC_NO_CONFIG_FILE=true
REDIS_EVENTS_CHANNEL="auth-events"
DISABLE_USER_REGISTRATION=false
PSEUDO_KEY_PARAMS_KEY=__PSEUDO_KEY_PARAMS_KEY__
ACCESS_TOKEN_AGE=5184000
REFRESH_TOKEN_AGE=31556926
MAX_LOGIN_ATTEMPTS=6
FAILED_LOGIN_LOCKOUT=3600
EPHEMERAL_SESSION_AGE=259200
LEGACY_JWT_SECRET=__LEGACY_JWT_SECRET__
AUTH_JWT_SECRET=__AUTH_JWT_SECRET__
AUTH_JWT_TTL=60
# Must be a hex string exactly 32 bytes long
# e.g. feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308
ENCRYPTION_SERVER_KEY=__ENCRYPTION_SERVER_KEY__
PORT="__PORT_AUTH__"
DB_HOST=127.0.0.1
DB_REPLICA_HOST=127.0.0.1
DB_PORT=3306
DB_USERNAME=auth
DB_PASSWORD=changeme123
DB_DATABASE=auth
DB_DEBUG_LEVEL=all # "all" | "query" | "schema" | "error" | "warn" | "info" | "log" | "migration"
DB_MIGRATIONS_PATH=dist/migrations/*.js
REDIS_URL=redis://localhost:6379/__REDIS_DB__
DISABLE_USER_REGISTRATION=false
ACCESS_TOKEN_AGE=5184000
REFRESH_TOKEN_AGE=31556926
EPHEMERAL_SESSION_AGE=259200
MAX_LOGIN_ATTEMPTS=6
FAILED_LOGIN_LOCKOUT=3600
PSEUDO_KEY_PARAMS_KEY=__PSEUDO_KEY_PARAMS_KEY__
SNS_TOPIC_ARN=
SNS_AWS_REGION=
SQS_QUEUE_URL=
SQS_AWS_REGION=
USER_SERVER_REGISTRATION_URL=
USER_SERVER_AUTH_KEY=
SYNCING_SERVER_URL=http://localhost:__PORT_SYNCING_SERVER_JS__
REDIS_EVENTS_CHANNEL=events
# (Optional) New Relic Setup
NEW_RELIC_ENABLED=false
NEW_RELIC_APP_NAME=Auth
NEW_RELIC_LICENSE_KEY=
NEW_RELIC_NO_CONFIG_FILE=true
NEW_RELIC_DISTRIBUTED_TRACING_ENABLED=false
NEW_RELIC_LOG_ENABLED=false
NEW_RELIC_LOG_LEVEL=info

9
conf/env_syncing-server-js-worker.env.sample
View file

@ -1,12 +1,11 @@
Environment="__YNH_NODE_LOAD_PATH__"
PORT="__PORT_SYNCING_SERVER_JS__"
__YNH_NODE_LOAD_PATH__
LOG_LEVEL="info"
NODE_ENV="production"
AUTH_JWT_SECRET=__JWT_SECRET__
AUTH_JWT_SECRET=__AUTH_JWT_SECRET__
EXPOSED_PORT=__PORT_SYNCING_SERVER_JS__
PORT=__PORT_SYNCING_SERVER_JS_WORKER__
DB_HOST=localhost
DB_REPLICA_HOST=localhost
@ -28,6 +27,8 @@ S3_BACKUP_BUCKET_NAME=
REDIS_EVENTS_CHANNEL=events
INTERNAL_DNS_REROUTE_ENABLED=false
#EXTENSIONS_SERVER_URL=http://extensions-server:3004
AUTH_SERVER_URL=http://localhost:__PORT_AUTH__
EMAIL_ATTACHMENT_MAX_BYTE_SIZE=10485760

9
conf/env_syncing-server-js.env.sample
View file

@ -1,12 +1,11 @@
Environment="__YNH_NODE_LOAD_PATH__"
PORT="__PORT_SYNCING_SERVER_JS__"
__YNH_NODE_LOAD_PATH__
LOG_LEVEL="info"
NODE_ENV="production"
AUTH_JWT_SECRET=__JWT_SECRET__
AUTH_JWT_SECRET=__AUTH_JWT_SECRET__
EXPOSED_PORT=__PORT_SYNCING_SERVER_JS__
PORT=__PORT_SYNCING_SERVER_JS__
DB_HOST=localhost
DB_REPLICA_HOST=localhost
@ -28,6 +27,8 @@ S3_BACKUP_BUCKET_NAME=
REDIS_EVENTS_CHANNEL=events
INTERNAL_DNS_REROUTE_ENABLED=false
#EXTENSIONS_SERVER_URL=http://extensions-server:3004
AUTH_SERVER_URL=http://localhost:__PORT_AUTH__
EMAIL_ATTACHMENT_MAX_BYTE_SIZE=10485760

2
conf/nginx.conf
View file

@ -5,7 +5,7 @@ location __PATH__/ {
rewrite ^ https://$server_name$request_uri? permanent;
}
proxy_pass http://127.0.0.1:__PORT____PATH__/;
proxy_pass http://127.0.0.1:__PORT_API_GATEWAY__/;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;

2
conf/systemd_syncing-server-js.service
View file

@ -12,7 +12,7 @@ WorkingDirectory=__FINALPATH__/live/syncing-server-js
EnvironmentFile=__FINALPATH__/live/syncing-server-js/.env
ExecStart=/usr/bin/yarn start
StandardOutput=append:/var/log/__APP__/syncing-server-js.log
StandardError=append:inherit
StandardError=inherit
Restart=always
[Install]

48
scripts/install
View file

@ -88,6 +88,14 @@ ynh_install_app_dependencies $pkg_dependencies
ynh_install_nodejs --nodejs_version=$NODEJS_VERSION
ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
@ -112,6 +120,10 @@ ynh_setup_source --source_id=app_auth --dest_dir="$final_path/live/auth"
ynh_setup_source --source_id=app_auth --dest_dir="$final_path/live/auth-worker"
ynh_setup_source --source_id=app_api-gateway --dest_dir="$final_path/live/api-gateway"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
@ -120,14 +132,6 @@ ynh_script_progression --message="Configuring nginx web server..." --weight=3
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# SPECIFIC SETUP
#=================================================
@ -143,13 +147,15 @@ config_auth_worker="$final_path/live/auth-worker/.env"
config_api_gateway="$final_path/live/api-gateway/.env"
jwt_sectret=$(ynh_string_random --length=48 | base64)
legacy_jwt_sectret=$(ynh_string_random --length=48 | base64)
jwt_secret=$(ynh_string_random --length=48 | base64)
legacy_jwt_secret=$(ynh_string_random --length=48 | base64)
auth_jwt_secret=$(ynh_string_random --length=48 | base64)
pseudo_key_params_key=$(ynh_string_random --length=48 | base64)
encryption_server_key=$(ynh_string_random --length=32 | base64)
encryption_server_key=$(ynh_string_random --length=64 | base64)
ynh_app_setting_set --app=$app --key=jwt_sectret --value=$jwt_sectret
ynh_app_setting_set --app=$app --key=legacy_jwt_sectret --value=$legacy_jwt_sectret
ynh_app_setting_set --app=$app --key=jwt_secret --value=$jwt_secret
ynh_app_setting_set --app=$app --key=legacy_jwt_secret --value=$legacy_jwt_secret
ynh_app_setting_set --app=$app --key=auth_jwt_secret --value=$auth_jwt_secret
ynh_app_setting_set --app=$app --key=pseudo_key_params_key --value=$pseudo_key_params_key
ynh_app_setting_set --app=$app --key=encryption_server_key --value=$encryption_server_key
@ -242,11 +248,11 @@ ynh_add_systemd_config --service="$app-api-gateway" --template="systemd_api-gate
ynh_script_progression --message="Storing the config file checksum..." --weight=1
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$onfig_syncing_server_js"
ynh_store_file_checksum --file="$onfig_syncing_server_js_worker"
ynh_store_file_checksum --file="$onfig_auth"
ynh_store_file_checksum --file="$onfig_auth_worker"
ynh_store_file_checksum --file="$onfig_api_gateway"
ynh_store_file_checksum --file="$config_syncing_server_js"
ynh_store_file_checksum --file="$config_syncing_server_js_worker"
ynh_store_file_checksum --file="$config_auth"
ynh_store_file_checksum --file="$config_auth_worker"
ynh_store_file_checksum --file="$config_api_gateway"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
@ -321,8 +327,8 @@ fi
ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service
ynh_systemd_action --service_name="$app-syncing-server-js" --action="start" --log_path="/var/log/$app/sycing-server-js.log"
ynh_systemd_action --service_name="$app-syncing-server-js-worker" --action="start" --log_path="/var/log/$app/sycing-server-js-worker.log"
ynh_systemd_action --service_name="$app-syncing-server-js" --action="start" --log_path="/var/log/$app/syncing-server-js.log"
ynh_systemd_action --service_name="$app-syncing-server-js-worker" --action="start" --log_path="/var/log/$app/syncing-server-js-worker.log"
ynh_systemd_action --service_name="$app-auth" --action="start" --log_path="/var/log/$app/auth.log"
ynh_systemd_action --service_name="$app-auth-worker" --action="start" --log_path="/var/log/$app/auth-worker.log"
ynh_systemd_action --service_name="$app-api-gateway" --action="start" --log_path="/var/log/$app/api-gateway.log"
@ -359,7 +365,7 @@ Please setup the Access-Domain for the extensions in the __URL_TAG1__config-pane
echo -e "\
Standard Notes - Syncing Server was successfully installed.\n\
Please configure the Standard Notes web app or mobile app to use this syning server: https://$domain$path_url/\n\
Please configure the Standard Notes web app or mobile app to use this syncing server: https://$domain$path_url/\n\
$config_panel\n\n\
$admin_mail_info\
" > message