YunoHost-Apps/snserver_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/snserver_ynh.git synced 2024-09-03 20:26:22 +02:00
Code Issues Activity Actions

Update: update to new upstream-source

Browse source
This commit is contained in:
Fabian Wilkens 2022-08-04 17:28:39 +02:00
parent 74aee8b733
commit d1b13ca130
No known key found for this signature in database
GPG key ID: 23DFA025BB4E9FAB
27 changed files with 479 additions and 745 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
check_process
View file

@ -15,10 +15,8 @@
setup_private=0
setup_public=1
upgrade=1
# 2022.01.17~yhn1
upgrade=1 from_commit=2b94368d53d4e90e698f9ceb2ca5e47b07794e15
# 3.22.8~yhn2 ( Old Server version based on Ruby )
# upgrade=1 from_commit=b0c7e9e6f16d286ec74fa3c1b9cdf8492f4dcb9b
# 2022.06.20~yhn1
upgrade=1 from_commit=2a0f413937f8a3d4bd067a5890480bce1222ec5a
backup_restore=1
multi_instance=1
port_already_use=0
@ -27,8 +25,6 @@
Email=
Notification=
;;; Upgrade options
; commit=2b94368d53d4e90e698f9ceb2ca5e47b07794e15
name=2022.01.17~ynh1
#; commit=b0c7e9e6f16d286ec74fa3c1b9cdf8492f4dcb9b
# name=3.22.8~ynh2
; commit=2a0f413937f8a3d4bd067a5890480bce1222ec5a
name=2022.06.20~ynh1

5
conf/app.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://github.com/standardnotes/server/archive/033bc25d8f55e22ba168bad2d0c44fa1ac9a86e4.tar.gz
SOURCE_SUM=1f64d26630932d19985df8989f51c909912066b1dc4539b22f952f5e81f978f2
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true

5
conf/app_api-gateway.src
View file

@ -1,5 +0,0 @@
SOURCE_URL=https://github.com/standardnotes/api-gateway/archive/1.40.1.tar.gz
SOURCE_SUM=8060b89d51532c850730467223f83cb90fc4d53135d7b8b0974045c179dfa1f6
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true

5
conf/app_auth.src
View file

@ -1,5 +0,0 @@
SOURCE_URL=https://github.com/standardnotes/auth/archive/1.46.2.tar.gz
SOURCE_SUM=e5c6b9fc767cd94f8326ba7012278f7520b0d8aab283484ef4f3e776a3d995f6
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true

5
conf/app_syncing-server-js.src
View file

@ -1,5 +0,0 @@
SOURCE_URL=https://github.com/standardnotes/syncing-server-js/archive/1.54.1.tar.gz
SOURCE_SUM=29141efba82b8085907745827a9606e2dc6f0f192a3c1c45535f3fa88d9aa568
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true

5
conf/env_api-gateway.env.sample
View file

@ -6,10 +6,10 @@ VERSION="production"
PORT="__PORT_API_GATEWAY__"
SYNCING_SERVER_JS_URL="http://localhost:__PORT_SYNCING_SERVER_JS__"
SYNCING_SERVER_JS_URL="http://localhost:__PORT_SYNCING_SERVER__"
AUTH_SERVER_URL="http://localhost:__PORT_AUTH__"
#PAYMENTS_SERVER_URL=http://payments:3000
#FILES_SERVER_URL=http://files:3000
FILES_SERVER_URL=http://__DOMAIN____PATH__/files/
HTTP_CALL_TIMEOUT=60000
@ -24,7 +24,6 @@ NEW_RELIC_DISTRIBUTED_TRACING_ENABLED=false
NEW_RELIC_LOG_ENABLED=false
NEW_RELIC_LOG_LEVEL=info
REDIS_URL=redis://localhost:6379/__REDIS_DB__
REDIS_EVENTS_CHANNEL=events

6
conf/env_auth-worker.env.sample
View file

@ -43,7 +43,7 @@ SNS_AWS_REGION=
SQS_QUEUE_URL=
SQS_AWS_REGION=
SYNCING_SERVER_URL=http://localhost:__PORT_SYNCING_SERVER_JS__
SYNCING_SERVER_URL=http://localhost:__PORT_SYNCING_SERVER__
REDIS_EVENTS_CHANNEL=events
@ -65,8 +65,8 @@ USER_SERVER_AUTH_KEY=
SENTRY_DSN=
SENTRY_ENVIRONMENT=
VALET_TOKEN_SECRET=
VALET_TOKEN_TTL=
VALET_TOKEN_SECRET=__VALET_TOKEN_SECRET__
VALET_TOKEN_TTL=7200
# (Optional) Analytics
ANALYTICS_ENABLED=false

6
conf/env_auth.env.sample
View file

@ -43,7 +43,7 @@ SNS_AWS_REGION=
SQS_QUEUE_URL=
SQS_AWS_REGION=
SYNCING_SERVER_URL=http://localhost:__PORT_SYNCING_SERVER_JS__
SYNCING_SERVER_URL=http://localhost:__PORT_SYNCING_SERVER__
REDIS_EVENTS_CHANNEL=events
@ -66,8 +66,8 @@ USER_SERVER_AUTH_KEY=
SENTRY_DSN=
SENTRY_ENVIRONMENT=
VALET_TOKEN_SECRET=
VALET_TOKEN_TTL=
VALET_TOKEN_SECRET=__VALET_TOKEN_SECRET__
VALET_TOKEN_TTL=7200
# (Optional) Analytics
ANALYTICS_ENABLED=false

37
conf/env_files.env.sample Normal file
View file

@ -0,0 +1,37 @@
PATH=/opt/node_n/n/versions/node/16/bin:/opt/node_n/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
LOG_LEVEL="debug"
NODE_ENV="production"
VERSION="production"
PORT=__PORT_FILES__
REDIS_URL=redis://localhost:6379/0
REDIS_EVENTS_CHANNEL=events
VALET_TOKEN_SECRET=__VALET_TOKEN_SECRET__
MAX_CHUNK_BYTES=1000000
# (Optional) New Relic Setup
NEW_RELIC_ENABLED=false
NEW_RELIC_APP_NAME=Syncing Server JS
NEW_RELIC_LICENSE_KEY=
NEW_RELIC_NO_CONFIG_FILE=true
NEW_RELIC_DISTRIBUTED_TRACING_ENABLED=false
NEW_RELIC_LOG_ENABLED=false
NEW_RELIC_LOG_LEVEL=info
# (Optional) AWS Setup
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
S3_BUCKET_NAME=
S3_AWS_REGION=
S3_ENDPOINT=
SNS_TOPIC_ARN=
SNS_AWS_REGION=
SQS_QUEUE_URL=
SQS_AWS_REGION=
# (Optional) File upload path (relative to root directory)
FILE_UPLOAD_PATH=/home/yunohost.app/__APP__/uploads/

2
conf/env_syncing-server-js-worker.env.sample → conf/env_syncing-server-worker.env.sample
View file

@ -6,7 +6,7 @@ VERSION="production"
AUTH_JWT_SECRET=__AUTH_JWT_SECRET__
PORT=__PORT_SYNCING_SERVER_JS_WORKER__
PORT=__PORT_SYNCING_SERVER_WORKER__
DB_HOST=localhost
DB_REPLICA_HOST=localhost

2
conf/env_syncing-server-js.env.sample → conf/env_syncing-server.env.sample
View file

@ -6,7 +6,7 @@ VERSION="production"
AUTH_JWT_SECRET=__AUTH_JWT_SECRET__
PORT=__PORT_SYNCING_SERVER_JS__
PORT=__PORT_SYNCING_SERVER__
DB_HOST=localhost
DB_REPLICA_HOST=localhost

45
conf/nginx.conf
View file

@ -13,41 +13,12 @@ location = __PATH__/ {
return 200 "This is where Standard Notes - Syncing Server is installed.";
}
location = __PATH__/help {
return 301 https://$server_name__PATH__/help/;
}
location __PATH__/help/ {
alias __FINAL_PATH_WWW__/help/;
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}
location = __PATH__/extensions {
return 301 https://$server_name__PATH__/extensions/repo.json;
}
location = __PATH__/extensions/ {
return 301 https://$server_name__PATH__/extensions/repo.json;
}
location __PATH__/extensions/ {
alias __FINAL_PATH_EXTENSIONS__/;
if ($request_method = 'OPTIONS') {
more_set_headers 'Access-Control-Allow-Origin: $http_origin';
more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, HEAD';
more_set_headers 'Access-Control-Allow-Credentials: true';
more_set_headers 'Access-Control-Allow-Headers: Origin,Content-Type,Accept,Authorization';
return 204;
}
if ($request_method = 'GET') {
more_set_headers 'Access-Control-Allow-Origin: $http_origin';
more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, HEAD';
more_set_headers 'Access-Control-Allow-Credentials: true';
more_set_headers 'Access-Control-Allow-Headers: Origin,Content-Type,Accept,Authorization';
}
more_set_headers "Content-Security-Policy: frame-ancestors 'self' * ";
location __PATH__/files/ {
proxy_pass http://127.0.0.1:__PORT_FILES__/;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
}

6
conf/systemd_api-gateway.service
View file

@ -1,16 +1,16 @@
[Unit]
Description=StandardNotes api-gateway
After=network.target
After=__APP__-syncing-server-js.service
After=__APP__-syncing-server.service
After=__APP__-auth.service
[Service]
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live/api-gateway
WorkingDirectory=__FINALPATH__/live/
EnvironmentFile=__FINALPATH__/live/api-gateway.env
ExecStart=/usr/bin/yarn start
ExecStart=/usr/bin/yarn start:api-gateway
StandardOutput=append:/var/log/__APP__/api-gateway.log
StandardError=inherit
Restart=always

4
conf/systemd_auth-worker.service
View file

@ -9,9 +9,9 @@ After=__APP__-auth.service
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live/auth
WorkingDirectory=__FINALPATH__/live
EnvironmentFile=__FINALPATH__/live/auth-worker.env
ExecStart=/usr/bin/yarn worker
ExecStart=/usr/bin/yarn start:auth-worker
StandardOutput=append:/var/log/__APP__/auth-worker.log
StandardError=inherit
Restart=always

4
conf/systemd_auth.service
View file

@ -9,9 +9,9 @@ After=__APP__-syncing-server-js.service
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live/auth
WorkingDirectory=__FINALPATH__/live
EnvironmentFile=__FINALPATH__/live/auth.env
ExecStart=/usr/bin/yarn start
ExecStart=/usr/bin/yarn start:auth
StandardOutput=append:/var/log/__APP__/auth.log
StandardError=inherit
Restart=always

47
conf/systemd_files.service Normal file
View file

@ -0,0 +1,47 @@
[Unit]
Description=StandardNotes files
After=network.target
After=mysql.service
After=redis.service
After=__APP__-syncing-server.service
[Service]
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live
EnvironmentFile=__FINALPATH__/live/files.env
ExecStart=/usr/bin/yarn start:files
StandardOutput=append:/var/log/__APP__/files.log
StandardError=inherit
Restart=always
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=default.target

10
conf/systemd_syncing-server-js-worker.service → conf/systemd_syncing-server-worker.service
View file

@ -3,16 +3,16 @@ Description=StandardNotes syncing server worker
After=network.target
After=mysql.service
After=redis.service
After=__APP__-syncing-server-js.service
After=__APP__-syncing-server.service
[Service]
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live/syncing-server-js
EnvironmentFile=__FINALPATH__/live/syncing-server-js-worker.env
ExecStart=/usr/bin/yarn worker
StandardOutput=append:/var/log/__APP__/syncing-server-js-worker.log
WorkingDirectory=__FINALPATH__/live
EnvironmentFile=__FINALPATH__/live/syncing-server-worker.env
ExecStart=/usr/bin/yarn start:syncing-server-worker
StandardOutput=append:/var/log/__APP__/syncing-server-worker.log
StandardError=inherit
Restart=always

8
conf/systemd_syncing-server-js.service → conf/systemd_syncing-server.service
View file

@ -8,10 +8,10 @@ After=redis.service
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live/syncing-server-js
EnvironmentFile=__FINALPATH__/live/syncing-server-js.env
ExecStart=/usr/bin/yarn start
StandardOutput=append:/var/log/__APP__/syncing-server-js.log
WorkingDirectory=__FINALPATH__/live
EnvironmentFile=__FINALPATH__/live/syncing-server.env
ExecStart=/usr/bin/yarn start:syncing-server
StandardOutput=append:/var/log/__APP__/syncing-server.log
StandardError=inherit
Restart=always

4
manifest.json
View file

@ -5,7 +5,7 @@
"description": {
"en": "The Standard Notes syncing server. An end-to-end encrypted note-taking app."
},
"version": "2022.06.20~ynh1",
"version": "2022.07.29~ynh1",
"url": "https://github.com/standardnotes/standalone",
"upstream": {
"license": "AGPL-3.0-or-later",
@ -38,7 +38,7 @@
"name": "path",
"type": "path",
"example": "/example",
"default": "/example"
"default": "/"
}
]
}

6
scripts/_common.sh
View file

@ -3,12 +3,12 @@
#=================================================
# COMMON VARIABLES
#=================================================
RUBY_VERSION="2.7.3"
NODEJS_VERSION="16"
syncing_server_js_version="1.54.1"
auth_version="1.46.2"
api_gateway_version="1.40.1"
auth_version="1.46.2"
files_version="0"
syncing_server_version="1.54.1"
swap_needed=2048
node_max_old_space_size=6144

16
scripts/backup
View file

@ -31,6 +31,7 @@ app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# BACKUP THE APP MAIN DIR
@ -39,6 +40,12 @@ ynh_print_info "Backing up the main app directory..."
ynh_backup --src_path="$final_path"
#=================================================
# BACKUP THE DATA DIR
#=================================================
ynh_backup --src_path="$datadir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
@ -75,11 +82,12 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
#=================================================
ynh_print_info "Backing up systemd configuration..."
ynh_backup --src_path="/etc/systemd/system/$app-syncing-server-js.service"
ynh_backup --src_path="/etc/systemd/system/$app-syncing-server-js-worker.service"
ynh_backup --src_path="/etc/systemd/system/$app-auth.service"
ynh_backup --src_path="/etc/systemd/system/$app-auth-worker.service"
ynh_backup --src_path="/etc/systemd/system/$app-api-gateway.service"
ynh_backup --src_path="/etc/systemd/system/$app-auth.service"
ynh_backup --src_path="/etc/systemd/system/$app-auth.service"
ynh_backup --src_path="/etc/systemd/system/$app-files.service"
ynh_backup --src_path="/etc/systemd/system/$app-syncing-server.service"
ynh_backup --src_path="/etc/systemd/system/$app-syncing-server-worker.service"
#=================================================
# END OF SCRIPT

8
scripts/change_url
View file

@ -28,11 +28,13 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port_syncing_server_js=$(ynh_app_setting_get --app=$app --key=port_syncing_server_js)
port_syncing_server_js_worker=$(ynh_app_setting_get --app=$app --key=port_syncing_server_js_worker)
port_api_gateway=$(ynh_app_setting_get --app=$app --key=port_api_gateway)
port_auth=$(ynh_app_setting_get --app=$app --key=port_auth)
port_auth_worker=$(ynh_app_setting_get --app=$app --key=port_auth_worker)
port_api_gateway=$(ynh_app_setting_get --app=$app --key=port_api_gateway)
port_files=$(ynh_app_setting_get --app=$app --key=port_files)
port_syncing_server=$(ynh_app_setting_get --app=$app --key=port_syncing_server)
port_syncing_server_worker=$(ynh_app_setting_get --app=$app --key=port_syncing_server_worker)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP

139
scripts/install
View file

@ -8,7 +8,6 @@
source _common.sh
source ynh_add_swap
source ynh_install_ruby__2
source ynh_redis
source /usr/share/yunohost/helpers
@ -53,10 +52,11 @@ ynh_app_setting_set --app=$app --key=redis_db --value="$redis_db"
#=================================================
# STORE SETTINGS
#=================================================
ynh_app_setting_set --app=$app --key=syncing_server_js_version --value=$syncing_server_js_version
ynh_app_setting_set --app=$app --key=auth_version --value=$auth_version
ynh_app_setting_set --app=$app --key=api_gateway_version --value=$api_gateway_version
ynh_app_setting_set --app=$app --key=standalone --value="true"
ynh_app_setting_set --app=$app --key=auth_version --value=$auth_version
ynh_app_setting_set --app=$app --key=files_version --value=$files_version
ynh_app_setting_set --app=$app --key=syncing_server_version --value=$syncing_server_version
#=================================================
# STANDARD MODIFICATIONS
@ -66,16 +66,19 @@ ynh_app_setting_set --app=$app --key=standalone --value="true"
ynh_script_progression --message="Finding an available port..." --weight=1
# Find an available port
port_syncing_server_js=$(ynh_find_port --port=3000)
port_syncing_server_js_worker=$(ynh_find_port --port=$((port_syncing_server_js+1)))
port_auth=$(ynh_find_port --port=$((port_syncing_server_js_worker+1)))
port_api_gateway=$(ynh_find_port --port=3000)
port_auth=$(ynh_find_port --port=$((port_api_gateway+1)))
port_auth_worker=$(ynh_find_port --port=$((port_auth+1)))
port_api_gateway=$(ynh_find_port --port=$((port_auth_worker+1)))
ynh_app_setting_set --app=$app --key=port_syncing_server_js --value=$port_syncing_server_js
ynh_app_setting_set --app=$app --key=port_syncing_server_js_worker --value=$port_syncing_server_js_worker
port_files=$(ynh_find_port --port=$((port_auth_worker+1)))
port_syncing_server=$(ynh_find_port --port=$((port_files+1)))
port_syncing_server_worker=$(ynh_find_port --port=$((port_syncing_server+1)))
ynh_app_setting_set --app=$app --key=port_api_gateway --value=$port_api_gateway
ynh_app_setting_set --app=$app --key=port_auth --value=$port_auth
ynh_app_setting_set --app=$app --key=port_auth_worker --value=$port_auth_worker
ynh_app_setting_set --app=$app --key=port_api_gateway --value=$port_api_gateway
ynh_app_setting_set --app=$app --key=port_files --value=$port_files
ynh_app_setting_set --app=$app --key=port_syncing_server --value=$port_syncing_server
ynh_app_setting_set --app=$app --key=port_syncing_server_worker --value=$port_syncing_server_worker
#=================================================
# INSTALL DEPENDENCIES
@ -111,9 +114,7 @@ ynh_script_progression --message="Setting up source files..." --weight=2
# Download, check integrity, uncompress and patch the source from app.src
mkdir -p "$final_path/live"
ynh_setup_source --source_id=app_syncing-server-js --dest_dir="$final_path/live/syncing-server-js"
ynh_setup_source --source_id=app_auth --dest_dir="$final_path/live/auth"
ynh_setup_source --source_id=app_api-gateway --dest_dir="$final_path/live/api-gateway"
ynh_setup_source --source_id=app --dest_dir="$final_path/live"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
@ -130,6 +131,20 @@ ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..." --weight=1
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir/uploads
chmod -R 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:$app "$datadir"
#=================================================
# ADD SWAP
#=================================================
@ -142,51 +157,45 @@ ynh_add_swap --size=$swap_needed
#=================================================
ynh_script_progression --message="Modifying a config file..." --weight=2
config_syncing_server_js="$final_path/live/syncing-server-js.env"
config_syncing_server_js_worker="$final_path/live/syncing-server-js-worker.env"
config_api_gateway="$final_path/live/api-gateway.env"
config_auth="$final_path/live/auth.env"
config_auth_worker="$final_path/live/auth-worker.env"
config_api_gateway="$final_path/live/api-gateway.env"
config_files="$final_path/live/files.env"
config_syncing_server="$final_path/live/syncing-server.env"
config_syncing_server_worker="$final_path/live/syncing-server-worker.env"
jwt_secret=$(ynh_string_random --length=48 | base64)
legacy_jwt_secret=$(ynh_string_random --length=48 | base64)
auth_jwt_secret=$(ynh_string_random --length=48 | base64)
pseudo_key_params_key=$(ynh_string_random --length=48 | base64)
encryption_server_key=$(hexdump -n 32 -e '4/4 "%08X"' /dev/random) # 32bytes hex key is required
valet_token_secret=$(ynh_string_random --length=48 | base64)
ynh_app_setting_set --app=$app --key=jwt_secret --value=$jwt_secret
ynh_app_setting_set --app=$app --key=legacy_jwt_secret --value=$legacy_jwt_secret
ynh_app_setting_set --app=$app --key=auth_jwt_secret --value=$auth_jwt_secret
ynh_app_setting_set --app=$app --key=pseudo_key_params_key --value=$pseudo_key_params_key
ynh_app_setting_set --app=$app --key=encryption_server_key --value=$encryption_server_key
ynh_app_setting_set --app=$app --key=valet_token_secret --value=$valet_token_secret
ynh_add_config --template="env_syncing-server-js.env.sample" --destination="$config_syncing_server_js"
ynh_add_config --template="env_syncing-server-js-worker.env.sample" --destination="$config_syncing_server_js_worker"
ynh_add_config --template="env_api-gateway.env.sample" --destination="$config_api_gateway"
ynh_add_config --template="env_auth.env.sample" --destination="$config_auth"
ynh_add_config --template="env_auth-worker.env.sample" --destination="$config_auth_worker"
ynh_add_config --template="env_api-gateway.env.sample" --destination="$config_api_gateway"
ynh_add_config --template="env_files.env.sample" --destination="$config_files"
ynh_add_config --template="env_syncing-server.env.sample" --destination="$config_syncing_server"
ynh_add_config --template="env_syncing-server-worker.env.sample" --destination="$config_syncing_server_worker"
#=================================================
# INSTALLING Standard Notes - Syncing Server
#=================================================
ynh_script_progression --message="Installing Standard Notes - Syncing Server..." --weight=93
ynh_use_nodejs
pushd "$final_path/live/syncing-server-js"
ynh_print_info "Installing ... [1/3]"
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn build
popd
pushd "$final_path/live/auth"
ynh_print_info "Installing ... [2/3]"
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn build
popd
pushd "$final_path/live/api-gateway"
ynh_print_info "Installing ... [3/3]"
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn build
pushd "$final_path/live"
#ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn install --pure-lockfile
#ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn build
ynh_exec_warn_less ynh_exec_as $app PATH=$ynh_node_load_PATH yarn install --immutable
ynh_exec_warn_less ynh_exec_as $app PATH=$ynh_node_load_PATH yarn build
popd
#=================================================
@ -195,11 +204,12 @@ popd
ynh_script_progression --message="Configuring a systemd service..." --weight=4
# Create a dedicated systemd config
ynh_add_systemd_config --service="$app-syncing-server-js" --template="systemd_syncing-server-js.service"
ynh_add_systemd_config --service="$app-syncing-server-js-worker" --template="systemd_syncing-server-js-worker.service"
ynh_add_systemd_config --service="$app-api-gateway" --template="systemd_api-gateway.service"
ynh_add_systemd_config --service="$app-auth" --template="systemd_auth.service"
ynh_add_systemd_config --service="$app-auth-worker" --template="systemd_auth-worker.service"
ynh_add_systemd_config --service="$app-api-gateway" --template="systemd_api-gateway.service"
ynh_add_systemd_config --service="$app-files" --template="systemd_files.service"
ynh_add_systemd_config --service="$app-syncing-server" --template="systemd_syncing-server.service"
ynh_add_systemd_config --service="$app-syncing-server-worker" --template="systemd_syncing-server-worker.service"
#=================================================
# STORE THE CONFIG FILE CHECKSUM
@ -207,11 +217,12 @@ ynh_add_systemd_config --service="$app-api-gateway" --template="systemd_api-gate
ynh_script_progression --message="Storing the config file checksum..." --weight=1
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$config_syncing_server_js"
ynh_store_file_checksum --file="$config_syncing_server_js_worker"
ynh_store_file_checksum --file="$config_api_gateway"
ynh_store_file_checksum --file="$config_auth"
ynh_store_file_checksum --file="$config_auth_worker"
ynh_store_file_checksum --file="$config_api_gateway"
ynh_store_file_checksum --file="$config_files"
ynh_store_file_checksum --file="$config_syncing_server"
ynh_store_file_checksum --file="$config_syncing_server_worker"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
@ -226,23 +237,24 @@ mkdir -p "/var/log/$app"
chown -R "$app": "/var/log/$app"
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile="/var/log/$app/syncing-server.log"
ynh_use_logrotate --logfile="/var/log/$app/syncing-server-worker.log"
ynh_use_logrotate --logfile="/var/log/$app/api-gateway.log"
ynh_use_logrotate --logfile="/var/log/$app/auth.log"
ynh_use_logrotate --logfile="/var/log/$app/auth-worker.log"
ynh_use_logrotate --logfile="/var/log/$app/api-gateway.log"
ynh_use_logrotate --logfile="/var/log/$app/files.log"
ynh_use_logrotate --logfile="/var/log/$app/syncing-server.log"
ynh_use_logrotate --logfile="/var/log/$app/syncing-server-worker.log"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrate $app service in Yunohost..." --weight=1
yunohost service add "$app-syncing-server-js" --description="Standard Notes - Syncing Server" --log="/var/log/$app/syncing-server-js.log"
yunohost service add "$app-syncing-server-js-worker" --description="Standard Notes - Syncing Server - Worker" --log="/var/log/$app/syncing-server-js-worker.log"
yunohost service add "$app-api-gateway" --description="Standard Notes - API Gateway" --log="/var/log/$app/api-gateway.log"
yunohost service add "$app-auth" --description="Standard Notes - Auth" --log="/var/log/$app/auth.log"
yunohost service add "$app-auth-worker" --description="Standard Notes - Auth - Worker" --log="/var/log/$app/auth-worker.log"
yunohost service add "$app-api-gateway" --description="Standard Notes - API Gateway" --log="/var/log/$app/api-gateway.log"
yunohost service add "$app-files" --description="Standard Notes - Files" --log="/var/log/$app/files.log"
yunohost service add "$app-syncing-server" --description="Standard Notes - Syncing Server" --log="/var/log/$app/syncing-server.log"
yunohost service add "$app-syncing-server-worker" --description="Standard Notes - Syncing Server - Worker" --log="/var/log/$app/syncing-server-worker.log"
#=================================================
# START SYSTEMD SERVICE
@ -251,30 +263,35 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service
ynh_systemd_action \
--service_name="$app-syncing-server-js" \
--service_name="$app-api-gateway" \
--action="start" \
--log_path="/var/log/$app/syncing-server-js.log" \
--line_match='{"message":"Server started on port '$port_syncing_server_js'","level":"info"}'
ynh_systemd_action \
--service_name="$app-syncing-server-js-worker" \
--action="start" \
--log_path="/var/log/$app/syncing-server-js-worker.log" \
--line_match='{"message":"Starting worker...","level":"info"}'
--log_path="/var/log/$app/api-gateway.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-auth" \
--action="start" \
--log_path="/var/log/$app/auth.log" \
--line_match='{"message":"Server started on port '$port_auth'","level":"info"}'
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-auth-worker" \
--action="start" \
--log_path="/var/log/$app/auth-worker.log" \
--line_match='{"message":"Starting worker...","level":"info"}'
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-api-gateway" \
--service_name="$app-files" \
--action="start" \
--log_path="/var/log/$app/api-gateway.log" \
--line_match='{"level":"info","message":"Server started on port '$port_api_gateway'"}'
--log_path="/var/log/$app/files.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-syncing-server" \
--action="start" \
--log_path="/var/log/$app/syncing-server.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-syncing-server-worker" \
--action="start" \
--log_path="/var/log/$app/syncing-server-worker.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
#=================================================
# SETUP FAIL2BAN

55
scripts/remove
View file

@ -8,7 +8,6 @@
source _common.sh
source ynh_add_swap
source ynh_install_ruby__2
source ynh_redis
source /usr/share/yunohost/helpers
@ -20,14 +19,17 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port_syncing_server_js=$(ynh_app_setting_get --app=$app --key=port_syncing_server_js)
port_syncing_server_js_worker=$(ynh_app_setting_get --app=$app --key=port_syncing_server_js_worker)
port_api_gateway=$(ynh_app_setting_get --app=$app --key=port_api_gateway)
port_auth=$(ynh_app_setting_get --app=$app --key=port_auth)
port_auth_worker=$(ynh_app_setting_get --app=$app --key=port_auth_worker)
port_api_gateway=$(ynh_app_setting_get --app=$app --key=port_api_gateway)
port_files=$(ynh_app_setting_get --app=$app --key=port_files)
port_syncing_server=$(ynh_app_setting_get --app=$app --key=port_syncing_server)
port_syncing_server_worker=$(ynh_app_setting_get --app=$app --key=port_syncing_server_worker)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# STANDARD REMOVE
@ -36,15 +38,10 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# Remove the service from the list of services known by Yunohost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status "$app-syncing-server-js" >/dev/null
if ynh_exec_warn_less yunohost service status "$app-api-gateway" >/dev/null
then
ynh_script_progression --message="Removing $app-syncing-server-js service..." --weight=1
yunohost service remove "$app-syncing-server-js"
fi
if ynh_exec_warn_less yunohost service status "$app-syncing-server-js-worker" >/dev/null
then
ynh_script_progression --message="Removing $app-syncing-server-js-worker service..." --weight=1
yunohost service remove "$app-syncing-server-js-worker"
ynh_script_progression --message="Removing $app-api-gateway service..." --weight=1
yunohost service remove "$app-api-gateway"
fi
if ynh_exec_warn_less yunohost service status "$app-auth" >/dev/null
then
@ -56,10 +53,20 @@ then
ynh_script_progression --message="Removing $app-auth-worker service..." --weight=1
yunohost service remove "$app-auth-worker"
fi
if ynh_exec_warn_less yunohost service status "$app-api-gateway" >/dev/null
if ynh_exec_warn_less yunohost service status "$app-files" >/dev/null
then
ynh_script_progression --message="Removing $app-api-gateway service..." --weight=1
yunohost service remove "$app-api-gateway"
ynh_script_progression --message="Removing $app-files service..." --weight=1
yunohost service remove "$app-files"
fi
if ynh_exec_warn_less yunohost service status "$app-syncing-server" >/dev/null
then
ynh_script_progression --message="Removing $app-syncing-server service..." --weight=1
yunohost service remove "$app-syncing-server"
fi
if ynh_exec_warn_less yunohost service status "$app-syncing-server-worker" >/dev/null
then
ynh_script_progression --message="Removing $app-syncing-server-worker service..." --weight=1
yunohost service remove "$app-syncing-server-worker"
fi
#=================================================
@ -68,11 +75,12 @@ fi
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
# Remove the dedicated systemd config
ynh_remove_systemd_config --service="$app-syncing-server-js"
ynh_remove_systemd_config --service="$app-syncing-server-js-worker"
ynh_remove_systemd_config --service="$app-api-gateway"
ynh_remove_systemd_config --service="$app-auth"
ynh_remove_systemd_config --service="$app-auth-worker"
ynh_remove_systemd_config --service="$app-api-gateway"
ynh_remove_systemd_config --service="$app-files"
ynh_remove_systemd_config --service="$app-syncing-server"
ynh_remove_systemd_config --service="$app-syncing-server-worker"
#=================================================
# REMOVE THE MYSQL DATABASE
@ -106,6 +114,17 @@ ynh_script_progression --message="Removing app main directory..." --weight=1
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE DATA DIR
#=================================================
# Remove the data directory if --purge option is used
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then
ynh_script_progression --message="Removing app data directory..." --weight=1
ynh_secure_remove --file="$datadir"
fi
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================

121
scripts/restore
View file

@ -9,7 +9,6 @@
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source ../settings/scripts/ynh_add_swap
source ../settings/scripts/ynh_install_ruby__2
source ../settings/scripts/ynh_redis
source /usr/share/yunohost/helpers
@ -37,15 +36,17 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set --app=$app --key=redis_db --value="$redis_db"
config_syncing_server_js="$final_path/live/syncing-server-js.env"
config_syncing_server_js_worker="$final_path/live/syncing-server-js-worker.env"
config_api_gateway="$final_path/live/api-gateway.env"
config_auth="$final_path/live/auth.env"
config_auth_worker="$final_path/live/auth-worker.env"
config_api_gateway="$final_path/live/api-gateway.env"
config_files="$final_path/live/files.env"
config_syncing_server="$final_path/live/syncing-server.env"
config_syncing_server_worker="$final_path/live/syncing-server-worker.env"
#=================================================
# CHECK IF THE APP CAN BE RESTORED
@ -53,7 +54,6 @@ config_api_gateway="$final_path/live/api-gateway.env"
ynh_script_progression --message="Validating restoration parameters..." --weight=2
test ! -d $final_path || ynh_die --message="There is already a directory: $final_path "
test ! -d $final_path_www || ynh_die --message="There is already a directory: $final_path_www "
#=================================================
# STANDARD RESTORATION STEPS
@ -63,16 +63,19 @@ test ! -d $final_path_www || ynh_die --message="There is already a directory: $f
ynh_script_progression --message="Finding an available port..." --weight=1
# Find an available port
port_syncing_server_js=$(ynh_find_port --port=3000)
port_syncing_server_js_worker=$(ynh_find_port --port=$((port_syncing_server_js+1)))
port_auth=$(ynh_find_port --port=$((port_syncing_server_js_worker+1)))
port_api_gateway=$(ynh_find_port --port=3000)
port_auth=$(ynh_find_port --port=$((port_api_gateway+1)))
port_auth_worker=$(ynh_find_port --port=$((port_auth+1)))
port_api_gateway=$(ynh_find_port --port=$((port_auth_worker+1)))
ynh_app_setting_set --app=$app --key=port_syncing_server_js --value=$port_syncing_server_js
ynh_app_setting_set --app=$app --key=port_syncing_server_js_worker --value=$port_syncing_server_js_worker
port_files=$(ynh_find_port --port=$((port_auth_worker+1)))
port_syncing_server=$(ynh_find_port --port=$((port_files+1)))
port_syncing_server_worker=$(ynh_find_port --port=$((port_syncing_server+1)))
ynh_app_setting_set --app=$app --key=port_api_gateway --value=$port_api_gateway
ynh_app_setting_set --app=$app --key=port_auth --value=$port_auth
ynh_app_setting_set --app=$app --key=port_auth_worker --value=$port_auth_worker
ynh_app_setting_set --app=$app --key=port_api_gateway --value=$port_api_gateway
ynh_app_setting_set --app=$app --key=port_files --value=$port_files
ynh_app_setting_set --app=$app --key=port_syncing_server --value=$port_syncing_server
ynh_app_setting_set --app=$app --key=port_syncing_server_worker --value=$port_syncing_server_worker
#=================================================
# RESTORE THE NGINX CONFIGURATION
@ -87,6 +90,15 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
ynh_restore_file --origin_path="$final_path"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring the data directory..." --weight=1
ynh_restore_file --origin_path="$datadir" --not_mandatory
mkdir -p "$datadir/uploads"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
@ -104,6 +116,10 @@ chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:$app "$datadir"
mkdir -p "/var/log/$app"
chown -R $app: "/var/log/$app"
@ -141,55 +157,61 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./
ynh_script_progression --message="Modify config files..." --weight=2
# Redis Port
ynh_replace_string --match_string="^REDIS_URL.*$" --replace_string="REDIS_URL=redis://localhost:6379/$redis_db" --target_file="$config_syncing_server_js"
ynh_replace_string --match_string="^REDIS_URL.*$" --replace_string="REDIS_URL=redis://localhost:6379/$redis_db" --target_file="$config_syncing_server_js_worker"
ynh_replace_string --match_string="^REDIS_URL.*$" --replace_string="REDIS_URL=redis://localhost:6379/$redis_db" --target_file="$config_api_gateway"
ynh_replace_string --match_string="^REDIS_URL.*$" --replace_string="REDIS_URL=redis://localhost:6379/$redis_db" --target_file="$config_auth"
ynh_replace_string --match_string="^REDIS_URL.*$" --replace_string="REDIS_URL=redis://localhost:6379/$redis_db" --target_file="$config_auth_worker"
# Syncing_Server_JS Port
ynh_replace_string --match_string="^PORT.*$" --replace_string="PORT=$port_syncing_server_js" --target_file="$config_syncing_server_js"
ynh_replace_string --match_string="^SYNCING_SERVER_URL.*$" --replace_string="SYNCING_SERVER_URL=$port_syncing_server_js" --target_file="$config_auth"
ynh_replace_string --match_string="^SYNCING_SERVER_URL.*$" --replace_string="SYNCING_SERVER_URL=$port_syncing_server_js" --target_file="$config_auth_worker"
ynh_replace_string --match_string="^SYNCING_SERVER_URL.*$" --replace_string="SYNCING_SERVER_URL=$port_syncing_server_js" --target_file="$config_api_gateway"
# Syncing_Server_JS_Worker Port
ynh_replace_string --match_string="^PORT.*$" --replace_string="PORT=$port_syncing_server_js_worker" --target_file="$config_syncing_server_js_worker"
ynh_replace_string --match_string="^REDIS_URL.*$" --replace_string="REDIS_URL=redis://localhost:6379/$redis_db" --target_file="$config_files"
ynh_replace_string --match_string="^REDIS_URL.*$" --replace_string="REDIS_URL=redis://localhost:6379/$redis_db" --target_file="$config_syncing_server"
ynh_replace_string --match_string="^REDIS_URL.*$" --replace_string="REDIS_URL=redis://localhost:6379/$redis_db" --target_file="$config_syncing_server_worker"
# Syncing_Server Port
ynh_replace_string --match_string="^PORT.*$" --replace_string="PORT=$port_syncing_server" --target_file="$config_syncing_server"
ynh_replace_string --match_string="^SYNCING_SERVER_URL.*$" --replace_string="SYNCING_SERVER_URL=$port_syncing_server" --target_file="$config_api_gateway"
ynh_replace_string --match_string="^SYNCING_SERVER_URL.*$" --replace_string="SYNCING_SERVER_URL=$port_syncing_server" --target_file="$config_auth"
ynh_replace_string --match_string="^SYNCING_SERVER_URL.*$" --replace_string="SYNCING_SERVER_URL=$port_syncing_server" --target_file="$config_auth_worker"
# Syncing_Server_Worker Port
ynh_replace_string --match_string="^PORT.*$" --replace_string="PORT=$port_syncing_server_worker" --target_file="$config_syncing_server_worker"
# Auth Port
ynh_replace_string --match_string="^PORT.*$" --replace_string="PORT=$port_auth" --target_file="$config_auth"
ynh_replace_string --match_string="^AUTH_SERVER_URL.*$" --replace_string="AUTH_SERVER_URL=$port_auth" --target_file="$config_syncing_server_js"
ynh_replace_string --match_string="^AUTH_SERVER_URL.*$" --replace_string="AUTH_SERVER_URL=$port_auth" --target_file="$config_syncing_server_js_worker"
ynh_replace_string --match_string="^AUTH_SERVER_URL.*$" --replace_string="AUTH_SERVER_URL=$port_auth" --target_file="$config_api_gateway"
ynh_replace_string --match_string="^AUTH_SERVER_URL.*$" --replace_string="AUTH_SERVER_URL=$port_auth" --target_file="$config_syncing_server"
ynh_replace_string --match_string="^AUTH_SERVER_URL.*$" --replace_string="AUTH_SERVER_URL=$port_auth" --target_file="$config_syncing_server_worker"
# Auth_Worker Port
ynh_replace_string --match_string="^PORT.*$" --replace_string="PORT=$port_auth_worker" --target_file="$config_auth_worker"
# API-Gateway Port
ynh_replace_string --match_string="^PORT.*$" --replace_string="PORT=$port_api_gateway" --target_file="$config_api_gateway"
# Files Port
ynh_replace_string --match_string="^PORT.*$" --replace_string="PORT=$port_files" --target_file="$config_files"
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
ynh_restore_file --origin_path="/etc/systemd/system/$app-syncing-server-js.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-syncing-server-js-worker.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-api-gateway.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-auth.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-auth-worker.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-api-gateway.service"
systemctl enable $app-syncing-server-js.service --quiet
systemctl enable $app-syncing-server-js-worker.service --quiet
ynh_restore_file --origin_path="/etc/systemd/system/$app-files.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-syncing-server.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-syncing-server-worker.service"
systemctl enable $app-api-gateway.service --quiet
systemctl enable $app-auth.service --quiet
systemctl enable $app-auth-worker.service --quiet
systemctl enable $app-api-gateway.service --quiet
systemctl enable $app-files.service --quiet
systemctl enable $app-syncing-server.service --quiet
systemctl enable $app-syncing-server-worker.service --quiet
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrate $app service in Yunohost..." --weight=1
yunohost service add "$app-syncing-server-js" --description="Standard Notes - Syncing Server" --log="/var/log/$app/syncing-server-js.log"
yunohost service add "$app-syncing-server-js-worker" --description="Standard Notes - Syncing Server - Worker" --log="/var/log/$app/syncing-server-js-worker.log"
yunohost service add "$app-api-gateway" --description="Standard Notes - API Gateway" --log="/var/log/$app/api-gateway.log"
yunohost service add "$app-auth" --description="Standard Notes - Auth" --log="/var/log/$app/auth.log"
yunohost service add "$app-auth-worker" --description="Standard Notes - Auth - Worker" --log="/var/log/$app/auth-worker.log"
yunohost service add "$app-api-gateway" --description="Standard Notes - API Gateway" --log="/var/log/$app/api-gateway.log"
yunohost service add "$app-files" --description="Standard Notes - Files" --log="/var/log/$app/files.log"
yunohost service add "$app-syncing-server" --description="Standard Notes - Syncing Server" --log="/var/log/$app/syncing-server.log"
yunohost service add "$app-syncing-server-worker" --description="Standard Notes - Syncing Server - Worker" --log="/var/log/$app/syncing-server-worker.log"
#=================================================
# START SYSTEMD SERVICE
@ -197,30 +219,35 @@ yunohost service add "$app-api-gateway" --description="Standard Notes - API Gate
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action \
--service_name="$app-syncing-server-js" \
--service_name="$app-api-gateway" \
--action="start" \
--log_path="/var/log/$app/syncing-server-js.log" \
--line_match='{"message":"Server started on port '$port_syncing_server_js'","level":"info"}'
ynh_systemd_action \
--service_name="$app-syncing-server-js-worker" \
--action="start" \
--log_path="/var/log/$app/syncing-server-js-worker.log" \
--line_match='{"message":"Starting worker...","level":"info"}'
--log_path="/var/log/$app/api-gateway.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-auth" \
--action="start" \
--log_path="/var/log/$app/auth.log" \
--line_match='{"message":"Server started on port '$port_auth'","level":"info"}'
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-auth-worker" \
--action="start" \
--log_path="/var/log/$app/auth-worker.log" \
--line_match='{"message":"Starting worker...","level":"info"}'
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-api-gateway" \
--service_name="$app-files" \
--action="start" \
--log_path="/var/log/$app/api-gateway.log" \
--line_match='{"level":"info","message":"Server started on port '$port_api_gateway'"}'
--log_path="/var/log/$app/files.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-syncing-server" \
--action="start" \
--log_path="/var/log/$app/syncing-server.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-syncing-server-worker" \
--action="start" \
--log_path="/var/log/$app/syncing-server-worker.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION

356
scripts/upgrade
View file

@ -8,7 +8,6 @@
source _common.sh
source ynh_add_swap
source ynh_install_ruby__2
source ynh_redis
source /usr/share/yunohost/helpers
@ -23,16 +22,18 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
port_syncing_server_js=$(ynh_app_setting_get --app=$app --key=port_syncing_server_js)
port_syncing_server_js_worker=$(ynh_app_setting_get --app=$app --key=port_syncing_server_js_worker)
port_api_gateway=$(ynh_app_setting_get --app=$app --key=port_api_gateway)
port_auth=$(ynh_app_setting_get --app=$app --key=port_auth)
port_auth_worker=$(ynh_app_setting_get --app=$app --key=port_auth_worker)
port_api_gateway=$(ynh_app_setting_get --app=$app --key=port_api_gateway)
port_files=$(ynh_app_setting_get --app=$app --key=port_files)
port_syncing_server=$(ynh_app_setting_get --app=$app --key=port_syncing_server)
port_syncing_server_worker=$(ynh_app_setting_get --app=$app --key=port_syncing_server_worker)
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
@ -41,19 +42,19 @@ legacy_jwt_secret=$(ynh_app_setting_get --app=$app --key=legacy_jwt_secret)
auth_jwt_secret=$(ynh_app_setting_get --app=$app --key=auth_jwt_secret)
pseudo_key_params_key=$(ynh_app_setting_get --app=$app --key=pseudo_key_params_key)
encryption_server_key=$(ynh_app_setting_get --app=$app --key=encryption_server_key)
valet_token_secret=$(ynh_app_setting_get --app=$app --key=valet_token_secret)
syncing_server_js_version_installed=$(ynh_app_setting_get --app=$app --key=syncing_server_js_version)
syncing_server_version_installed=$(ynh_app_setting_get --app=$app --key=syncing_server_version)
auth_version_installed=$(ynh_app_setting_get --app=$app --key=auth_version)
api_gateway_version_installed=$(ynh_app_setting_get --app=$app --key=api_gateway_version)
extensions_version_installed=$(ynh_app_setting_get --app=$app --key=extension_version)
config_syncing_server_js="$final_path/live/syncing-server-js.env"
config_syncing_server_js_worker="$final_path/live/syncing-server-js-worker.env"
config_api_gateway="$final_path/live/api-gateway.env"
config_auth="$final_path/live/auth.env"
config_auth_worker="$final_path/live/auth-worker.env"
config_api_gateway="$final_path/live/api-gateway.env"
config_files="$final_path/live/files.env"
config_syncing_server="$final_path/live/syncing-server.env"
config_syncing_server_worker="$final_path/live/syncing-server-worker.env"
standalone=$(ynh_app_setting_get --app=$app --key=standalone)
nodejs_version_installed=$(ynh_app_setting_get --app=$app --key=nodejs_version)
#=================================================
@ -89,150 +90,122 @@ ynh_abort_if_errors
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1
if [[ ! $standalone ]];
then
ynh_remove_systemd_config --service=$app
else
ynh_systemd_action \
--service_name="$app-syncing-server-js" \
--action="stop" \
--log_path="/var/log/$app/syncing-server-js.log"
ynh_systemd_action \
--service_name="$app-syncing-server-js-worker" \
--action="stop" \
--log_path="/var/log/$app/syncing-server-js-worker.log"
ynh_systemd_action \
--service_name="$app-auth" \
--action="stop" \
--log_path="/var/log/$app/auth.log"
ynh_systemd_action \
--service_name="$app-auth-worker" \
--action="stop" \
--log_path="/var/log/$app/auth-worker.log"
ynh_systemd_action \
--service_name="$app-api-gateway" \
--action="stop" \
--log_path="/var/log/$app/api-gateway.log"
fi
ynh_systemd_action \
--service_name="$app-api-gateway" \
--action="stop" \
--log_path="/var/log/$app/api-gateway.log"
ynh_systemd_action \
--service_name="$app-auth" \
--action="stop" \
--log_path="/var/log/$app/auth.log"
ynh_systemd_action \
--service_name="$app-auth-worker" \
--action="stop" \
--log_path="/var/log/$app/auth-worker.log"
ynh_systemd_action \
--service_name="$app-files" \
--action="stop" \
--log_path="/var/log/$app/files.log"
ynh_systemd_action \
--service_name="$app-syncing-server" \
--action="stop" \
--log_path="/var/log/$app/syncing-server.log"
ynh_systemd_action \
--service_name="$app-syncing-server-worker" \
--action="stop" \
--log_path="/var/log/$app/syncing-server-worker.log"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
# Everyone can access the app.
if [[ $(ynh_permission_exists --permission="main") && ! $standalone ]]
then
ynh_permission_update --permission="main" --add="visitors" --show_tile="false"
fi
if ! ynh_permission_exists --permission="main"
then
ynh_permission_create --permission="main" --url="/" --allowed="visitors" --show_tile="false"
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/opt/yunohost/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
# If redis_db doesn't exist, create it
if [ -z "$redis_db" ]; then
redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set --app=$app --key=redis_db --value="$redis_db"
fi
# If port_syncing_server_js doesn't exist, create it
if [ -z "$port_syncing_server_js" ]; then
port_syncing_server_js=$(ynh_find_port --port=3000)
ynh_app_setting_set --app=$app --key=port_syncing_server_js --value=$port_syncing_server_js
fi
# If port_syncing_server_js_worker doesn't exist, create it
if [ -z "$port_syncing_server_js_worker" ]; then
port_syncing_server_js_worker=$(ynh_find_port --port=$((port_syncing_server_js+1)))
ynh_app_setting_set --app=$app --key=port_syncing_server_js_worker --value=$port_syncing_server_js_worker
# If port_api_gateway doesn't exist, create it
if [ -z "$port_api_gateway" ]; then
port_api_gateway=$(ynh_find_port --port=3000)
ynh_app_setting_set --app=$app --key=port_api_gateway --value=$port_api_gateway
fi
# If port_auth doesn't exist, create it
if [ -z "$port_auth" ]; then
port_auth=$(ynh_find_port --port=$((port_syncing_server_js_worker+1)))
port_auth=$(ynh_find_port --port=$((port_api_gateway+1)))
ynh_app_setting_set --app=$app --key=port_auth --value=$port_auth
fi
# If port_auth_worker doesn't exist, create it
if [ -z "$port_auth_worker" ]; then
port_auth_worker=$(ynh_find_port --port=$((port_auth+1)))
ynh_app_setting_set --app=$app --key=port_auth_worker --value=$port_auth_worker
fi
# If port_api_gateway doesn't exist, create it
if [ -z "$port_api_gateway" ]; then
port_api_gateway=$(ynh_find_port --port=$((port_auth_worker+1)))
ynh_app_setting_set --app=$app --key=port_api_gateway --value=$port_api_gateway
# If port_files doesn't exist, create it
if [ -z "$port_files" ]; then
port_files=$(ynh_find_port --port=$((port_auth_worker+1)))
ynh_app_setting_set --app=$app --key=port_files --value=$port_files
fi
# If port_syncing_server doesn't exist, create it
if [ -z "$port_syncing_server" ]; then
port_syncing_server=$(ynh_find_port --port=$((port_files+1)))
ynh_app_setting_set --app=$app --key=port_syncing_server --value=$port_syncing_server
fi
# If port_syncing_server_worker doesn't exist, create it
if [ -z "$port_syncing_server_worker" ]; then
port_syncing_server_worker=$(ynh_find_port --port=$((port_syncing_server+1)))
ynh_app_setting_set --app=$app --key=port_syncing_server_worker --value=$port_syncing_server_worker
fi
# If jwt_secret doesn't exist, create it
if [ -z "$jwt_secret" ]; then
jwt_secret=$(ynh_string_random --length=48 | base64)
ynh_app_setting_set --app=$app --key=jwt_secret --value=$jwt_secret
fi
# If legacy_jwt_secret doesn't exist, create it
if [ -z "$legacy_jwt_secret" ]; then
legacy_jwt_secret=$(ynh_string_random --length=48 | base64)
ynh_app_setting_set --app=$app --key=legacy_jwt_secret --value=$legacy_jwt_secret
fi
# If auth_jwt_secret doesn't exist, create it
if [ -z "$auth_jwt_secret" ]; then
auth_jwt_secret=$(ynh_string_random --length=48 | base64)
ynh_app_setting_set --app=$app --key=auth_jwt_secret --value=$auth_jwt_secret
fi
# If pseudo_key_params_key doesn't exist, create it
if [ -z "$pseudo_key_params_key" ]; then
pseudo_key_params_key=$(ynh_string_random --length=48 | base64)
ynh_app_setting_set --app=$app --key=pseudo_key_params_key --value=$pseudo_key_params_key
fi
# If encryption_server_key doesn't exist, create it
if [ -z "$encryption_server_key" ]; then
encryption_server_key=$(hexdump -n 32 -e '4/4 "%08X"' /dev/random) # 32bytes hex key is required
ynh_app_setting_set --app=$app --key=encryption_server_key --value=$encryption_server_key
fi
# If valet_token_secret doesn't exist, create it
if [ -z "$valet_token_secret" ]; then
valet_token_secret=$(ynh_string_random --length=48 | base64)
ynh_app_setting_set --app=$app --key=valet_token_secret --value=$valet_token_secret
fi
# Remove old Settings, Services, Files, Dependencies
# If access_domain exist, delete it
if [ -n $(ynh_app_setting_get --app="$app" --key=access_domain) ]; then
ynh_app_setting_delete --app=$app --key=access_domain
fi
# If mail exist, delete it
if [ -n $(ynh_app_setting_get --app="$app" --key=mail) ]; then
ynh_app_setting_delete --app=$app --key=mail
fi
# If port exist, delete it
if [ -n $(ynh_app_setting_get --app="$app" --key=port) ]; then
ynh_app_setting_delete --app=$app --key=port
fi
# If final_path exist, delete it
if [ -n "$final_path_www" ]; then
# If final_path_www exist, delete it
final_path_www=$(ynh_app_setting_get --app=$app --key=final_path_www)
if [ -n ${final_path_www+x} ]; then
ynh_app_setting_delete --app=$app --key=final_path_www
fi
# If final_path exist, delete it
if [ -n "$final_path_extensions" ]; then
# If final_path_extensions exist, delete it
final_path_extensions=$(ynh_app_setting_get --app=$app --key=final_path_extensions)
if [ -n ${final_path_extensions+x} ]; then
ynh_app_setting_delete --app=$app --key=final_path_extensions
fi
@ -243,39 +216,36 @@ then
fi
# If old service exsits; remove it
if ynh_exec_warn_less yunohost service status "$app" >/dev/null
if ynh_exec_warn_less yunohost service status "$app-syncing-server-js" >/dev/null
then
ynh_script_progression --message="Removing $app service..." --weight=1
yunohost service remove "$app"
ynh_script_progression --message="Removing old service..." --weight=1
yunohost service remove "$app-syncing-server-js"
fi
# Remove old config scripts
if [ -e "/etc/yunohost/apps/$app/config_panel.toml" ]; then
ynh_secure_remove --file="/etc/yunohost/apps/$app/config_panel.toml"
fi
if [ -e "/etc/yunohost/apps/$app/scripts/config" ]; then
ynh_secure_remove --file="/etc/yunohost/apps/$app/scripts/config"
fi
# Remove old dependencies
if [[ ! $standalone ]];
if ynh_exec_warn_less yunohost service status "$app-syncing-server-js-worker" >/dev/null
then
ynh_remove_ruby
ynh_remove_app_dependencies
ynh_script_progression --message="Removing old service..." --weight=1
yunohost service remove "$app-syncing-server-js-worker"
fi
# Remove unneeded data
if [ -e "$final_path/live/syncing-server-js-worker" ]; then
ynh_secure_remove --file="$final_path/live/syncing-server-js-worker"
fi
if [ -e "$final_path/live/auth-worker" ]; then
ynh_secure_remove --file="$final_path/live/auth-worker"
fi
if [ -e "/var/www/$app" ]; then
ynh_secure_remove --file="/var/www/$app"
fi
# If datadir doesn't exist, create it
# CREATE DATA DIRECTORY
if [ -z "$datadir" ]; then
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir/uploads
chmod -R 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:$app "$datadir"
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
@ -287,59 +257,20 @@ ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Upgrading source files..." --weight=1
# Remove all files if the old syncing-server is used
if [[ ! $standalone ]];
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_secure_remove --file="$final_path"
ynh_secure_remove --file="/var/log/$app"
fi
ynh_script_progression --message="Upgrading source files..." --weight=1
if [[ "$syncing_server_js_version_installed" < "$syncing_server_js_version" ]]
then
# Backup files to keep
ynh_backup_if_checksum_is_different --file=$config_syncing_server_js
ynh_backup_if_checksum_is_different --file=$config_syncing_server_js_worker
# Remove destination directory
ynh_secure_remove --file="$final_path/live/syncing-server-js"
ynh_secure_remove --file="$config_syncing_server_js"
ynh_secure_remove --file="$config_syncing_server_js_worker"
# Download, check integrity, uncompress and patch the source from app.src
ynh_secure_remove --file="$final_path/live"
mkdir -p "$final_path/live"
ynh_setup_source --source_id=app_syncing-server-js --dest_dir="$final_path/live/syncing-server-js"
fi
ynh_setup_source --source_id=app --dest_dir="$final_path/live"
if [[ "$auth_version_installed" < "$auth_version" ]]
then
# Backup files to keep
ynh_backup_if_checksum_is_different --file=$config_auth
ynh_backup_if_checksum_is_different --file=$config_auth_worker
# Remove destination directory
ynh_secure_remove --file="$final_path/live/auth"
ynh_secure_remove --file="$config_auth"
ynh_secure_remove --file="$config_auth_worker"
# Download, check integrity, uncompress and patch the source from app.src
mkdir -p "$final_path/live"
ynh_setup_source --source_id=app_auth --dest_dir="$final_path/live/auth"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
fi
if [[ "$api_gateway_version_installed" < "$api_gateway_version" ]]
then
# Backup files to keep
ynh_backup_if_checksum_is_different --file=$config_api_gateway
# Remove destination directory
ynh_secure_remove --file="$final_path/live/api-gateway"
ynh_secure_remove --file="$config_api_gateway"
# Download, check integrity, uncompress and patch the source from app.src
mkdir -p "$final_path/live"
ynh_setup_source --source_id=app_api-gateway --dest_dir="$final_path/live/api-gateway"
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
@ -366,6 +297,8 @@ ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ st
#=================================================
# SPECIFIC UPGRADE
#=================================================
#=================================================
# ADD SWAP
#=================================================
@ -378,11 +311,12 @@ ynh_add_swap --size=$swap_needed
#=================================================
ynh_script_progression --message="Modify a config file..." --weight=2
ynh_add_config --template="env_syncing-server-js.env.sample" --destination="$config_syncing_server_js"
ynh_add_config --template="env_syncing-server-js-worker.env.sample" --destination="$config_syncing_server_js_worker"
ynh_add_config --template="env_api-gateway.env.sample" --destination="$config_api_gateway"
ynh_add_config --template="env_auth.env.sample" --destination="$config_auth"
ynh_add_config --template="env_auth-worker.env.sample" --destination="$config_auth_worker"
ynh_add_config --template="env_api-gateway.env.sample" --destination="$config_api_gateway"
ynh_add_config --template="env_files.env.sample" --destination="$config_files"
ynh_add_config --template="env_syncing-server.env.sample" --destination="$config_syncing_server"
ynh_add_config --template="env_syncing-server-worker.env.sample" --destination="$config_syncing_server_worker"
#=================================================
# INSTALLING Standard Notes - Syncing Server
@ -391,30 +325,12 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Installing Standard Notes - Syncing Server..." --weight=93
ynh_use_nodejs
if [[ "$syncing_server_js_version_installed" < "$syncing_server_js_version" ]]
then
pushd "$final_path/live/syncing-server-js"
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn build
popd
ynh_app_setting_set --app=$app --key=syncing_server_js_version --value=$syncing_server_js_version
fi
if [[ "$auth_version_installed" < "$auth_version" ]]
then
pushd "$final_path/live/auth"
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn build
popd
ynh_app_setting_set --app=$app --key=auth_version --value=$auth_version
fi
if [[ "$api_gateway_version_installed" < "$api_gateway_version" ]]
then
pushd "$final_path/live/api-gateway"
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn build
popd
ynh_app_setting_set --app=$app --key=api_gateway_version --value=$api_gateway_version
fi
pushd "$final_path/live"
#ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn install --pure-lockfile
#ynh_exec_warn_less ynh_exec_as $app env NODE_OPTIONS="--max-old-space-size=$node_max_old_space_size" PATH=$ynh_node_load_PATH yarn build
ynh_exec_warn_less ynh_exec_as $app PATH=$ynh_node_load_PATH yarn install --immutable
ynh_exec_warn_less ynh_exec_as $app PATH=$ynh_node_load_PATH yarn build
popd
fi
#=================================================
@ -423,22 +339,25 @@ fi
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config --service="$app-syncing-server-js" --template="systemd_syncing-server-js.service"
ynh_add_systemd_config --service="$app-syncing-server-js-worker" --template="systemd_syncing-server-js-worker.service"
ynh_add_systemd_config --service="$app-api-gateway" --template="systemd_api-gateway.service"
ynh_add_systemd_config --service="$app-auth" --template="systemd_auth.service"
ynh_add_systemd_config --service="$app-auth-worker" --template="systemd_auth-worker.service"
ynh_add_systemd_config --service="$app-api-gateway" --template="systemd_api-gateway.service"
ynh_add_systemd_config --service="$app-files" --template="systemd_files.service"
ynh_add_systemd_config --service="$app-syncing-server" --template="systemd_syncing-server.service"
ynh_add_systemd_config --service="$app-syncing-server-worker" --template="systemd_syncing-server-worker.service"
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
ynh_script_progression --message="Storing the config file checksum..." --weight=1
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$config_syncing_server_js"
ynh_store_file_checksum --file="$config_syncing_server_js_worker"
ynh_store_file_checksum --file="$config_api_gateway"
ynh_store_file_checksum --file="$config_auth"
ynh_store_file_checksum --file="$config_auth_worker"
ynh_store_file_checksum --file="$config_api_gateway"
ynh_store_file_checksum --file="$config_files"
ynh_store_file_checksum --file="$config_syncing_server"
ynh_store_file_checksum --file="$config_syncing_server_worker"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
@ -453,22 +372,24 @@ mkdir -p "/var/log/$app"
chown -R "$app": "/var/log/$app"
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile="/var/log/$app/syncing-server.log"
ynh_use_logrotate --logfile="/var/log/$app/syncing-server-worker.log"
ynh_use_logrotate --logfile="/var/log/$app/api-gateway.log"
ynh_use_logrotate --logfile="/var/log/$app/auth.log"
ynh_use_logrotate --logfile="/var/log/$app/auth-worker.log"
ynh_use_logrotate --logfile="/var/log/$app/api-gateway.log"
ynh_use_logrotate --logfile="/var/log/$app/files.log"
ynh_use_logrotate --logfile="/var/log/$app/syncing-server.log"
ynh_use_logrotate --logfile="/var/log/$app/syncing-server-worker.log"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrate $app service in Yunohost..." --weight=1
yunohost service add "$app-syncing-server-js" --description="Standard Notes - Syncing Server" --log="/var/log/$app/syncing-server-js.log"
yunohost service add "$app-syncing-server-js-worker" --description="Standard Notes - Syncing Server - Worker" --log="/var/log/$app/syncing-server-js-worker.log"
yunohost service add "$app-api-gateway" --description="Standard Notes - API Gateway" --log="/var/log/$app/api-gateway.log"
yunohost service add "$app-auth" --description="Standard Notes - Auth" --log="/var/log/$app/auth.log"
yunohost service add "$app-auth-worker" --description="Standard Notes - Auth - Worker" --log="/var/log/$app/auth-worker.log"
yunohost service add "$app-api-gateway" --description="Standard Notes - API Gateway" --log="/var/log/$app/api-gateway.log"
yunohost service add "$app-files" --description="Standard Notes - Files" --log="/var/log/$app/files.log"
yunohost service add "$app-syncing-server" --description="Standard Notes - Syncing Server" --log="/var/log/$app/syncing-server.log"
yunohost service add "$app-syncing-server-worker" --description="Standard Notes - Syncing Server - Worker" --log="/var/log/$app/syncing-server-worker.log"
#=================================================
# START SYSTEMD SERVICE
@ -477,30 +398,35 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service
ynh_systemd_action \
--service_name="$app-syncing-server-js" \
--service_name="$app-api-gateway" \
--action="start" \
--log_path="/var/log/$app/syncing-server-js.log" \
--line_match='{"message":"Server started on port '$port_syncing_server_js'","level":"info"}'
ynh_systemd_action \
--service_name="$app-syncing-server-js-worker" \
--action="start" \
--log_path="/var/log/$app/syncing-server-js-worker.log" \
--line_match='{"message":"Starting worker...","level":"info"}'
--log_path="/var/log/$app/api-gateway.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-auth" \
--action="start" \
--log_path="/var/log/$app/auth.log" \
--line_match='{"message":"Server started on port '$port_auth'","level":"info"}'
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-auth-worker" \
--action="start" \
--log_path="/var/log/$app/auth-worker.log" \
--line_match='{"message":"Starting worker...","level":"info"}'
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-api-gateway" \
--service_name="$app-files" \
--action="start" \
--log_path="/var/log/$app/api-gateway.log" \
--line_match='{"level":"info","message":"Server started on port '$port_api_gateway'"}'
--log_path="/var/log/$app/files.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-syncing-server" \
--action="start" \
--log_path="/var/log/$app/syncing-server.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
ynh_systemd_action \
--service_name="$app-syncing-server-worker" \
--action="start" \
--log_path="/var/log/$app/syncing-server-worker.log" \
--line_match='^.*Server started on port.*$|^.*Starting worker.*$'
#=================================================
# SETUP FAIL2BAN

305
scripts/ynh_install_ruby__2
View file

@ -1,305 +0,0 @@
#!/bin/bash
ynh_ruby_try_bash_extension() {
if [ -x src/configure ]; then
src/configure && make -C src || {
ynh_print_info --message="Optional bash extension failed to build, but things will still work normally."
}
fi
}
rbenv_install_dir="/opt/rbenv"
ruby_version_path="$rbenv_install_dir/versions"
# RBENV_ROOT is the directory of rbenv, it needs to be loaded as a environment variable.
export RBENV_ROOT="$rbenv_install_dir"
# Load the version of Ruby for an app, and set variables.
#
# ynh_use_ruby has to be used in any app scripts before using Ruby for the first time.
# This helper will provide alias and variables to use in your scripts.
#
# To use gem or Ruby, use the alias `ynh_gem` and `ynh_ruby`
# Those alias will use the correct version installed for the app
# For example: use `ynh_gem install` instead of `gem install`
#
# With `sudo` or `ynh_exec_as`, use instead the fallback variables `$ynh_gem` and `$ynh_ruby`
# And propagate $PATH to sudo with $ynh_ruby_load_path
# Exemple: `ynh_exec_as $app $ynh_ruby_load_path $ynh_gem install`
#
# $PATH contains the path of the requested version of Ruby.
# However, $PATH is duplicated into $ruby_path to outlast any manipulation of $PATH
# You can use the variable `$ynh_ruby_load_path` to quickly load your Ruby version
# in $PATH for an usage into a separate script.
# Exemple: $ynh_ruby_load_path $final_path/script_that_use_gem.sh`
#
#
# Finally, to start a Ruby service with the correct version, 2 solutions
# Either the app is dependent of Ruby or gem, but does not called it directly.
# In such situation, you need to load PATH
# `Environment="__YNH_RUBY_LOAD_ENV_PATH__"`
# `ExecStart=__FINALPATH__/my_app`
# You will replace __YNH_RUBY_LOAD_ENV_PATH__ with $ynh_ruby_load_path
#
# Or Ruby start the app directly, then you don't need to load the PATH variable
# `ExecStart=__YNH_RUBY__ my_app run`
# You will replace __YNH_RUBY__ with $ynh_ruby
#
#
# one other variable is also available
# - $ruby_path: The absolute path to Ruby binaries for the chosen version.
#
# usage: ynh_use_ruby
#
# Requires YunoHost version 3.2.2 or higher.
ynh_use_ruby () {
ruby_version=$(ynh_app_setting_get --app=$app --key=ruby_version)
# Get the absolute path of this version of Ruby
ruby_path="$ruby_version_path/$YNH_APP_INSTANCE_NAME/bin"
# Allow alias to be used into bash script
shopt -s expand_aliases
# Create an alias for the specific version of Ruby and a variable as fallback
ynh_ruby="$ruby_path/ruby"
alias ynh_ruby="$ynh_ruby"
# And gem
ynh_gem="$ruby_path/gem"
alias ynh_gem="$ynh_gem"
# Load the path of this version of Ruby in $PATH
if [[ :$PATH: != *":$ruby_path"* ]]; then
PATH="$ruby_path:$PATH"
fi
# Create an alias to easily load the PATH
ynh_ruby_load_path="PATH=$PATH"
# Sets the local application-specific Ruby version
pushd $final_path
$rbenv_install_dir/bin/rbenv local $ruby_version
popd
}
# Install a specific version of Ruby
#
# ynh_install_ruby will install the version of Ruby provided as argument by using rbenv.
#
# This helper creates a /etc/profile.d/rbenv.sh that configures PATH environment for rbenv
# for every LOGIN user, hence your user must have a defined shell (as opposed to /usr/sbin/nologin)
#
# Don't forget to execute ruby-dependent command in a login environment
# (e.g. sudo --login option)
# When not possible (e.g. in systemd service definition), please use direct path
# to rbenv shims (e.g. $RBENV_ROOT/shims/bundle)
#
# usage: ynh_install_ruby --ruby_version=ruby_version
# | arg: -v, --ruby_version= - Version of ruby to install.
#
# Requires YunoHost version 3.2.2 or higher.
ynh_install_ruby () {
# Declare an array to define the options of this helper.
local legacy_args=v
local -A args_array=( [v]=ruby_version= )
local ruby_version
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
# Load rbenv path in PATH
local CLEAR_PATH="$rbenv_install_dir/bin:$PATH"
# Remove /usr/local/bin in PATH in case of Ruby prior installation
PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@')
# Move an existing Ruby binary, to avoid to block rbenv
test -x /usr/bin/ruby && mv /usr/bin/ruby /usr/bin/ruby_rbenv
# Install or update rbenv
rbenv="$(command -v rbenv $rbenv_install_dir/bin/rbenv | grep "$rbenv_install_dir/bin/rbenv" | head -1)"
if [ -n "$rbenv" ]; then
ynh_print_info --message="rbenv already seems installed in \`$rbenv'."
pushd "${rbenv%/*/*}"
if git remote -v 2>/dev/null | grep "https://github.com/rbenv/rbenv.git"; then
ynh_print_info --message="Trying to update with git..."
git pull -q --tags origin master
ynh_ruby_try_bash_extension
else
ynh_print_info --message="Reinstalling rbenv with git..."
cd ..
ynh_secure_remove --file=$rbenv_install_dir
mkdir -p $rbenv_install_dir
cd $rbenv_install_dir
git init -q
git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1
git checkout -q -b master origin/master
ynh_ruby_try_bash_extension
rbenv=$rbenv_install_dir/bin/rbenv
fi
popd
else
ynh_print_info --message="Installing rbenv with git..."
mkdir -p $rbenv_install_dir
pushd $rbenv_install_dir
git init -q
git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1
git checkout -q -b master origin/master
ynh_ruby_try_bash_extension
rbenv=$rbenv_install_dir/bin/rbenv
popd
fi
ruby_build="$(command -v "$rbenv_install_dir"/plugins/*/bin/rbenv-install rbenv-install | head -1)"
if [ -n "$ruby_build" ]; then
ynh_print_info --message="\`rbenv install' command already available in \`$ruby_build'."
pushd "${ruby_build%/*/*}"
if git remote -v 2>/dev/null | grep "https://github.com/rbenv/ruby-build.git"; then
ynh_print_info --message="Trying to update rbenv with git..."
git pull -q origin master
fi
popd
else
ynh_print_info --message="Installing ruby-build with git..."
mkdir -p "${rbenv_install_dir}/plugins"
git clone -q https://github.com/rbenv/ruby-build.git "${rbenv_install_dir}/plugins/ruby-build"
fi
rbenv_alias="$(command -v "$rbenv_install_dir"/plugins/*/bin/rbenv-alias rbenv-alias | head -1)"
if [ -n "$rbenv_alias" ]; then
ynh_print_info --message="\`rbenv alias' command already available in \`$rbenv_alias'."
pushd "${rbenv_alias%/*/*}"
if git remote -v 2>/dev/null | grep "https://github.com/tpope/rbenv-aliases.git"; then
ynh_print_info --message="Trying to update rbenv-aliases with git..."
git pull -q origin master
fi
popd
else
ynh_print_info --message="Installing rbenv-aliases with git..."
mkdir -p "${rbenv_install_dir}/plugins"
git clone -q https://github.com/tpope/rbenv-aliases.git "${rbenv_install_dir}/plugins/rbenv-aliase"
fi
rbenv_latest="$(command -v "$rbenv_install_dir"/plugins/*/bin/rbenv-latest rbenv-latest | head -1)"
if [ -n "$rbenv_latest" ]; then
ynh_print_info --message="\`rbenv latest' command already available in \`$rbenv_latest'."
pushd "${rbenv_latest%/*/*}"
if git remote -v 2>/dev/null | grep "https://github.com/momo-lab/xxenv-latest.git"; then
ynh_print_info --message="Trying to update xxenv-latest with git..."
git pull -q origin master
fi
popd
else
ynh_print_info --message="Installing xxenv-latest with git..."
mkdir -p "${rbenv_install_dir}/plugins"
git clone -q https://github.com/momo-lab/xxenv-latest.git "${rbenv_install_dir}/plugins/xxenv-latest"
fi
# Enable caching
mkdir -p "${rbenv_install_dir}/cache"
# Create shims directory if needed
mkdir -p "${rbenv_install_dir}/shims"
# Restore /usr/local/bin in PATH
PATH=$CLEAR_PATH
# And replace the old Ruby binary
test -x /usr/bin/ruby_rbenv && mv /usr/bin/ruby_rbenv /usr/bin/ruby
# Install the requested version of Ruby
local final_ruby_version=$(rbenv latest --print $ruby_version)
if ! [ -n "$final_ruby_version" ]; then
final_ruby_version=$ruby_version
fi
ynh_print_info --message="Installing Ruby-$final_ruby_version"
CONFIGURE_OPTS="--disable-install-doc --with-jemalloc" MAKE_OPTS="-j2" rbenv install --skip-existing $final_ruby_version > /dev/null 2>&1
# Store ruby_version into the config of this app
ynh_app_setting_set --app=$YNH_APP_INSTANCE_NAME --key=ruby_version --value=$final_ruby_version
# Remove app virtualenv
if `rbenv alias --list | grep --quiet "$YNH_APP_INSTANCE_NAME " 1>/dev/null 2>&1`
then
rbenv alias $YNH_APP_INSTANCE_NAME --remove
fi
# Create app virtualenv
rbenv alias $YNH_APP_INSTANCE_NAME $final_ruby_version
# Cleanup Ruby versions
ynh_cleanup_ruby
# Set environment for Ruby users
echo "#rbenv
export RBENV_ROOT=$rbenv_install_dir
export PATH=\"$rbenv_install_dir/bin:$PATH\"
eval \"\$(rbenv init -)\"
#rbenv" > /etc/profile.d/rbenv.sh
# Load the environment
eval "$(rbenv init -)"
}
# Remove the version of Ruby used by the app.
#
# This helper will also cleanup Ruby versions
#
# usage: ynh_remove_ruby
ynh_remove_ruby () {
local ruby_version=$(ynh_app_setting_get --app=$YNH_APP_INSTANCE_NAME --key=ruby_version)
# Load rbenv path in PATH
local CLEAR_PATH="$rbenv_install_dir/bin:$PATH"
# Remove /usr/local/bin in PATH in case of Ruby prior installation
PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@')
rbenv alias $YNH_APP_INSTANCE_NAME --remove
# Remove the line for this app
ynh_app_setting_delete --app=$YNH_APP_INSTANCE_NAME --key=ruby_version
# Cleanup Ruby versions
ynh_cleanup_ruby
}
# Remove no more needed versions of Ruby used by the app.
#
# This helper will check what Ruby version are no more required,
# and uninstall them
# If no app uses Ruby, rbenv will be also removed.
#
# usage: ynh_cleanup_ruby
ynh_cleanup_ruby () {
# List required Ruby versions
local installed_apps=$(yunohost app list | grep -oP 'id: \K.*$')
local required_ruby_versions=""
for installed_app in $installed_apps
do
local installed_app_ruby_version=$(ynh_app_setting_get --app=$installed_app --key="ruby_version")
if [[ $installed_app_ruby_version ]]
then
required_ruby_versions="${installed_app_ruby_version}\n${required_ruby_versions}"
fi
done
# Remove no more needed Ruby versions
local installed_ruby_versions=$(rbenv versions --bare --skip-aliases | grep -Ev '/')
for installed_ruby_version in $installed_ruby_versions
do
if ! `echo ${required_ruby_versions} | grep "${installed_ruby_version}" 1>/dev/null 2>&1`
then
ynh_print_info --message="Removing of Ruby-$installed_ruby_version"
$rbenv_install_dir/bin/rbenv uninstall --force $installed_ruby_version
fi
done
# If none Ruby version is required
if [[ ! $required_ruby_versions ]]
then
# Remove rbenv environment configuration
ynh_print_info --message="Removing of rbenv"
ynh_secure_remove --file="$rbenv_install_dir"
ynh_secure_remove --file="/etc/profile.d/rbenv.sh"
fi
}