From 2c4fcbfdcb905747289ed5d83806de5efb85594e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 8 Jun 2023 11:20:27 +0200 Subject: [PATCH] v2 --- conf/amd64.src | 7 ---- conf/arm64.src | 7 ---- conf/arm7.src | 7 ---- conf/systemd.service | 4 +-- manifest.toml | 70 ++++++++++++++++++++++++++++++++++++ scripts/_common.sh | 2 +- scripts/backup | 18 +++++----- scripts/change_url | 66 +++++++++++++++++----------------- scripts/install | 84 ++++++++++++++++++++++---------------------- scripts/remove | 28 +++++++-------- scripts/restore | 50 +++++++++++++------------- scripts/upgrade | 52 +++++++++++++-------------- 12 files changed, 223 insertions(+), 172 deletions(-) delete mode 100644 conf/amd64.src delete mode 100644 conf/arm64.src delete mode 100644 conf/arm7.src create mode 100644 manifest.toml diff --git a/conf/amd64.src b/conf/amd64.src deleted file mode 100644 index f80fcc2..0000000 --- a/conf/amd64.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://files.commoninternet.net/go-ssb-room_2.0.6_Linux_amd64.tar.gz -SOURCE_SUM=1a1c4368df219e907e15996bd6d62b653f54017993b1cc607ab09a9a01fb8558 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/arm64.src b/conf/arm64.src deleted file mode 100644 index 606d438..0000000 --- a/conf/arm64.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://files.commoninternet.net/go-ssb-room_2.0.6_Linux_aarch64.tar.gz -SOURCE_SUM=8f9d357d54fd8bdc1c2e906919ddefef21ae51b13e5ae1939424c6c1e94c9d23 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/arm7.src b/conf/arm7.src deleted file mode 100644 index d648c9d..0000000 --- a/conf/arm7.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://files.commoninternet.net/go-ssb-room_2.0.6_Linux_arm7.tar.gz -SOURCE_SUM=8894b7b21031976e1d79265fefdcef4edb6fde38f34231e8aea4cebcc85a4f88 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/systemd.service b/conf/systemd.service index 8973d36..3e89248 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,8 +6,8 @@ After=network.target Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=__FINALPATH__/ -ExecStart=__FINALPATH__/server -repo __DATADIR__/ -lishttp localhost:__PORT__ -https-domain __DOMAIN__ -lismux :__SSBPORT__ -aliases-as-subdomains false +WorkingDirectory=__INSTALL_DIR__/ +ExecStart=__INSTALL_DIR__/server -repo __DATA_DIR__/ -lishttp localhost:__PORT__ -https-domain __DOMAIN__ -lismux :__SSBPORT__ -aliases-as-subdomains false StandardOutput=append:/var/log/__APP__/__APP__.log StandardError=inherit diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..e8b3621 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,70 @@ +packaging_format = 2 + +id = "ssbroom" +name = "Scuttlebutt Room" +description.en = "Secure Scuttlebutt room server implemented in Go" + +version = "2.0.6~ynh5" + +maintainers = ["Max Fowler"] + +[upstream] +license = "free" +website = "https://github.com/ssb-ngi-pointer/go-ssb-room" +demo = "https://hermies.club/" +admindoc = "https://github.com/ssb-ngi-pointer/go-ssb-room/blob/master/README.md" +userdoc = "https://github.com/ssb-ngi-pointer/go-ssb-room/blob/master/README.md" +code = "https://github.com/ssb-ngi-pointer/go-ssb-room" +cpe = "???" # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number) +fund = "???" # FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin. + +[integration] +yunohost = ">= 4.3.0" +architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"] +multi_instance = true +ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials. +sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal. +disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... +ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... + +[install] + [install.domain] + # this is a generic question - ask strings are automatically handled by Yunohost's core + type = "domain" + full_domain = true + + [install.init_main_permission] + help.en = "If false, ssbroom will only be usable by yunohost users." + type = "group" + default = "visitors" + + [install.ssb_admin_id] + ask.en = "SSB ID of first admin of the room" + help.en = "This ssb_id is used as the username for the first admin of the room. Create an ssb account or use your already existing ssb account, and use your ssb public key as the room admin id." + type = "string" + example = "@5Pt3dKy2HTJ0mWuS78oIiklIX0gBz6BTfEnXsbvke9c=.ed25519" + + [install.password] + # this is a generic question - ask strings are automatically handled by Yunohost's core + help.en = "Use this password to log into the admin interface for the ssb room." + type = "password" + +[resources] + [resources.sources.main] + armhf.url = "https://files.commoninternet.net/go-ssb-room_2.0.6_Linux_arm7.tar.gz" + armhf.sha256 = "8894b7b21031976e1d79265fefdcef4edb6fde38f34231e8aea4cebcc85a4f88" + arm64.url = "https://files.commoninternet.net/go-ssb-room_2.0.6_Linux_aarch64.tar.gz" + arm64.sha256 = "8f9d357d54fd8bdc1c2e906919ddefef21ae51b13e5ae1939424c6c1e94c9d23" + amd64.url = "https://files.commoninternet.net/go-ssb-room_2.0.6_Linux_amd64.tar.gz" + amd64.sha256 = "1a1c4368df219e907e15996bd6d62b653f54017993b1cc607ab09a9a01fb8558" + + + [resources.system_user] + + [resources.install_dir] + + [resources.data_dir] + + [resources.permissions] + main.url = "/" diff --git a/scripts/_common.sh b/scripts/_common.sh index e3a9683..ab73845 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="expect" +#REMOVEME? pkg_dependencies="expect" description="Secure Scuttlebutt room server implemented in Go" diff --git a/scripts/backup b/scripts/backup index 67278fd..46d3e5c 100755 --- a/scripts/backup +++ b/scripts/backup @@ -14,22 +14,22 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { true } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_print_info --message="Loading installation settings..." +#REMOVEME? ynh_print_info --message="Loading installation settings..." -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -40,13 +40,13 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE DATA DIR #================================================= -ynh_backup --src_path="$datadir" --is_big +ynh_backup --src_path="$data_dir" --is_big #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/change_url b/scripts/change_url index 7fd1806..60ef9e2 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -13,55 +13,55 @@ source /usr/share/yunohost/helpers # RETRIEVE ARGUMENTS #================================================= -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH +#REMOVEME? old_domain=$YNH_APP_OLD_DOMAIN +#REMOVEME? old_path=$YNH_APP_OLD_PATH -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH +#REMOVEME? new_domain=$YNH_APP_NEW_DOMAIN +#REMOVEME? new_path=$YNH_APP_NEW_PATH -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=1 -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) +#REMOVEME? # Needed for helper "ynh_add_nginx_config" +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) #================================================= # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 +#REMOVEME? ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 # Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - ynh_clean_check_starting +#REMOVEME? ynh_backup_before_upgrade +#REMOVEME? ynh_clean_setup () { + #REMOVEME? ynh_clean_check_starting # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +#REMOVEME? ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" # Restore it if the upgrade fails - ynh_restore_upgradebackup +#REMOVEME? ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # CHECK WHICH PARTS SHOULD BE CHANGED #================================================= -change_domain=0 -if [ "$old_domain" != "$new_domain" ] +#REMOVEME? change_domain=0 +#REMOVEME? if [ "$old_domain" != "$new_domain" ] then - change_domain=1 + #REMOVEME? change_domain=1 fi -change_path=0 -if [ "$old_path" != "$new_path" ] +#REMOVEME? change_path=0 +#REMOVEME? if [ "$old_path" != "$new_path" ] then - change_path=1 + #REMOVEME? change_path=1 fi #================================================= @@ -78,28 +78,30 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf +ynh_change_url_nginx_config + +#REMOVEME? nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf # Change the path in the NGINX config file if [ $change_path -eq 1 ] then # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" +#REMOVEME? ynh_backup_if_checksum_is_different --file="$nginx_conf_path" # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" +#REMOVEME? domain="$old_domain" +#REMOVEME? path="$new_path" # Create a dedicated NGINX config - ynh_add_nginx_config +#REMOVEME? ynh_add_nginx_config fi # Change the domain for NGINX if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf +#REMOVEME? ynh_delete_file_checksum --file="$nginx_conf_path" +#REMOVEME? mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +#REMOVEME? ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" # replace domain in systemd service file ynh_replace_string --match_string=$old_domain --replace_string=$new_domain --target_file=/etc/systemd/system/$app.service systemctl daemon-reload @@ -117,9 +119,9 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$ap #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_systemd_action --service_name=nginx --action=reload +#REMOVEME? #REMOVEME? ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index 74411c8..9350b1f 100755 --- a/scripts/install +++ b/scripts/install @@ -13,58 +13,58 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { ynh_clean_check_starting } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -domain=$YNH_APP_ARG_DOMAIN -path_url="/" -is_public=$YNH_APP_ARG_IS_PUBLIC -ssb_admin_id=$YNH_APP_ARG_SSB_ADMIN_ID -password=$YNH_APP_ARG_PASSWORD +#REMOVEME? domain=$YNH_APP_ARG_DOMAIN +path="/" +#REMOVEME? is_public=$YNH_APP_ARG_IS_PUBLIC +#REMOVEME? ssb_admin_id=$YNH_APP_ARG_SSB_ADMIN_ID +#REMOVEME? password=$YNH_APP_ARG_PASSWORD -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=1 +#REMOVEME? ynh_script_progression --message="Validating installation parameters..." --weight=1 -final_path=/opt/yunohost/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" +#REMOVEME? install_dir=/opt/yunohost/$app +#REMOVEME? test ! -e "$install_dir" || ynh_die --message="This path already contains a folder" # Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url +#REMOVEME? ynh_webpath_register --app=$app --domain=$domain --path=$path #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -ynh_script_progression --message="Storing installation settings..." --weight=1 +#REMOVEME? ynh_script_progression --message="Storing installation settings..." --weight=1 -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$ssb_admin_id +#REMOVEME? ynh_app_setting_set --app=$app --key=domain --value=$domain +#REMOVEME? ynh_app_setting_set --app=$app --key=path --value=$path +#REMOVEME? ynh_app_setting_set --app=$app --key=admin --value=$ssb_admin_id #================================================= # STANDARD MODIFICATIONS #================================================= # FIND AND OPEN A PORT #================================================= -ynh_script_progression --message="Finding an available port..." --weight=1 +#REMOVEME? ynh_script_progression --message="Finding an available port..." --weight=1 # Find an available port for web interface -port=$(ynh_find_port --port=8899) -ynh_app_setting_set --app=$app --key=port --value=$port +#REMOVEME? port=$(ynh_find_port --port=8899) +#REMOVEME? ynh_app_setting_set --app=$app --key=port --value=$port # Find an available port for ssb tunnels -ssbport=$(ynh_find_port --port=8008) -ynh_app_setting_set --app=$app --key=ssbport --value=$ssbport +#REMOVEME? ssbport=$(ynh_find_port --port=8008) +#REMOVEME? ynh_app_setting_set --app=$app --key=ssbport --value=$ssbport # Open the ssbport to the public ynh_script_progression --message="Configuring firewall..." --weight=1 @@ -73,30 +73,30 @@ ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $ssbport #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --weight=1 +#REMOVEME? ynh_script_progression --message="Installing dependencies..." --weight=1 -ynh_install_app_dependencies $pkg_dependencies +#REMOVEME? ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 +#REMOVEME? ynh_script_progression --message="Configuring system user..." --weight=1 # Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" +#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 -ynh_app_setting_set --app=$app --key=final_path --value=$final_path +#REMOVEME? ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH" +ynh_setup_source --dest_dir="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # NGINX CONFIGURATION @@ -111,14 +111,14 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Creating a data directory..." --weight=1 -datadir=/home/yunohost.app/$app -ynh_app_setting_set --app=$app --key=datadir --value=$datadir +#REMOVEME? data_dir=/home/yunohost.app/$app +#REMOVEME? ynh_app_setting_set --app=$app --key=data_dir --value=$data_dir -mkdir -p $datadir +mkdir -p $data_dir -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" +chmod 750 "$data_dir" +chmod -R o-rwx "$data_dir" +chown -R $app:www-data "$data_dir" #================================================= # CREATE FIRST ADMIN USER @@ -128,7 +128,7 @@ ynh_script_progression --message="Creating first ssbroom admin user" --weight=1 ynh_exec_as $app /usr/bin/expect<