1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/ssbroom_ynh.git synced 2024-09-03 20:26:29 +02:00

Working on single install

This commit is contained in:
mhfowler 2021-09-15 08:17:28 +02:00
parent 2bce3a74d1
commit e7dbc96048
8 changed files with 257 additions and 246 deletions

View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/ssb-ngi-pointer/go-ssb-room/releases/download/v2.0.6/go-ssb-room_2.0.6_Linux_x86_64.tar.gz
SOURCE_SUM=0ab385e7632ad8c3c16c13f6bb1843dcfaa9e927afd9d6a8a35691b14a308e5e
SOURCE_URL=https://files.commoninternet.net/go-ssb-room_2.0.6_Linux_x86_64.tar.gz
SOURCE_SUM=7823838a42daac48c39f13563552b84920d66e782acf239d1da5fbd3b475c5bf
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true

178
conf/full_nginx.conf Normal file
View file

@ -0,0 +1,178 @@
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen [::]:80;
server_name __DOMAIN__ xmpp-upload.__DOMAIN__;
access_by_lua_file /usr/share/ssowat/access.lua;
include /etc/nginx/conf.d/acme-challenge.conf.inc;
location /yunohost {
return 301 https://$http_host$request_uri;
}
location ^~ '/.well-known/ynh-diagnosis/' {
alias /tmp/.well-known/ynh-diagnosis/;
}
location ^~ '/.well-known/autoconfig/mail/' {
alias /var/www/.well-known/__DOMAIN__/autoconfig/mail/;
}
access_log /var/log/nginx/__DOMAIN__-access.log;
error_log /var/log/nginx/__DOMAIN__-error.log;
}
# vhost dedicated to XMPP http_upload
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name xmpp-upload.__DOMAIN__;
root /dev/null;
location /upload/ {
alias /var/xmpp-upload/__DOMAIN__/upload/;
# Pass all requests to metronome, except for GET and HEAD requests.
limit_except GET HEAD {
proxy_pass http://localhost:5290;
}
include proxy_params;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'HEAD, GET, PUT, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization';
add_header 'Access-Control-Allow-Credentials' 'true';
client_max_body_size 105M; # Choose a value a bit higher than the max upload configured in XMPP server
}
include /etc/nginx/conf.d/security.conf.inc;
ssl_certificate /etc/yunohost/certs/__DOMAIN__/crt.pem;
ssl_certificate_key /etc/yunohost/certs/__DOMAIN__/key.pem;
more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload";
# OCSP settings
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/yunohost/certs/__DOMAIN__/crt.pem;
resolver 127.0.0.1 127.0.1.1 valid=300s;
resolver_timeout 5s;
access_log /var/log/nginx/xmpp-upload.__DOMAIN__-access.log;
error_log /var/log/nginx/xmpp-upload.__DOMAIN__-error.log;
}
# base ssl path
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name __DOMAIN__;
include /etc/nginx/conf.d/security.conf.inc;
ssl_certificate /etc/yunohost/certs/__DOMAIN__/crt.pem;
ssl_certificate_key /etc/yunohost/certs/__DOMAIN__/key.pem;
more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload";
# OCSP settings
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/yunohost/certs/__DOMAIN__/crt.pem;
resolver 127.0.0.1 127.0.1.1 valid=300s;
resolver_timeout 5s;
location / {
proxy_pass http://localhost:8899;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_set_header X-Forwarded-Proto $scheme;
# for websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
location ^~ '/.well-known/autoconfig/mail/' {
alias /var/www/.well-known/__DOMAIN__/autoconfig/mail/;
}
access_by_lua_file /usr/share/ssowat/access.lua;
include /etc/nginx/conf.d/yunohost_sso.conf.inc;
include /etc/nginx/conf.d/yunohost_admin.conf.inc;
include /etc/nginx/conf.d/yunohost_api.conf.inc;
access_log /var/log/nginx/__DOMAIN__-access.log;
error_log /var/log/nginx/__DOMAIN__-error.log;
}
# alias ssl paths
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name "~^(?<alias>\w+)\.__DOMAINREGEX__$";
include /etc/nginx/conf.d/security.conf.inc;
ssl_certificate /etc/yunohost/certs/__DOMAIN__/crt.pem;
ssl_certificate_key /etc/yunohost/certs/__DOMAIN__/key.pem;
more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload";
# OCSP settings
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/yunohost/certs/__DOMAIN__/crt.pem;
resolver 127.0.0.1 127.0.1.1 valid=300s;
resolver_timeout 5s;
location = / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_set_header X-Forwarded-Proto $scheme;
# "rewrite" requests with subdomains to the non-wildcard url for alias resolving
# $is_args$args pass on ?encoding=json if present
proxy_pass http://localhost:8899/alias/$alias$is_args$args;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8899;
}
access_by_lua_file /usr/share/ssowat/access.lua;
#include /etc/nginx/conf.d/yunohost_sso.conf.inc;
#include /etc/nginx/conf.d/yunohost_admin.conf.inc;
#include /etc/nginx/conf.d/yunohost_api.conf.inc;
access_log /var/log/nginx/__DOMAIN__-access.log;
error_log /var/log/nginx/__DOMAIN__-error.log;
}
# redirect http to https
server {
if ($host ~ __DOMAIN__$ ) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name __DOMAIN__;
return 404; # managed by Certbot
}

View file

@ -6,9 +6,8 @@ After=network.target
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/
ExecStart=__FINALPATH__/go-ssb-room -repo /var/lib/peachcloud/go-ssb-room -lishttp localhost:8899 -https-domain ssbroom.commoninternet.net
WorkingDirectory=/var/lib/peachcloud/go-ssb-room
WorkingDirectory=__DATADIR__/
ExecStart=__FINALPATH__/go-ssb-room -repo __DATADIR__/ -lishttp localhost:__PORT__ -https-domain __DOMAIN__ -lismux localhost:__SSBPORT__
StandardOutput=append:/var/log/__APP__/__APP__.log
StandardError=inherit

View file

@ -35,29 +35,19 @@
"example": "example.com"
},
{
"name": "path",
"type": "path",
"example": "/example",
"default": "/example"
},
{
"name": "admin",
"type": "user",
"example": "johndoe"
},
{
"name": "is_public",
"type": "boolean",
"default": true
"name": "ssb_admin_id",
"type": "string",
"help": {
"en": "This ssb_id is used as the username for the first admin of the room. Create an ssb account or use your already existing ssb account, and use your ssb public key as the room admin id."
},
"example": "@5Pt3dKy2HTJ0mWuS78oIiklIX0gBz6BTfEnXsbvke9c=.ed25519"
},
{
"name": "password",
"type": "password",
"help": {
"en": "Use the help field to add an information for the admin about this question.",
"fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question."
},
"example": "Choose a password"
"en": "Use this password to log into the admin interface for the ssb room."
}
}
]
}

View file

@ -11,6 +11,20 @@ pkg_dependencies=""
# PERSONAL HELPERS
#=================================================
# because ssbroom requires wildcard subdomains for aliases
# we need this custom function for creating the ssbroom nginx config
# instead of the standard ynh_add_nginx_config
add_ssb_room_nginx_config() {
domain=$1
domainregex=$(echo "$domain" | sed -r 's/\./\\\./g')
# the sed statement above replaces all . with \.
ynh_add_config --template="full_nginx.conf" --destination="/etc/nginx/conf.d/$domain.conf"
}
remove_ssb_room_nginx_config() {
rm "/etc/nginx/conf.d/$domain.conf"
}
#=================================================
# EXPERIMENTAL HELPERS
#=================================================

View file

@ -81,35 +81,11 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --time --weight=1
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the NGINX config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original NGINX config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for NGINX helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated NGINX config
ynh_add_nginx_config
fi
# Change the domain for NGINX
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# ...
#=================================================
# because ssbroom requires wildcard subdomains for aliases
# we need this custom function for creating the ssbroom nginx config
# instead of the standard ynh_add_nginx_config
remove_ssb_room_nginx_config $old_domain
add_ssb_room_nginx_config $new_domain
#=================================================
# GENERIC FINALISATION

View file

@ -25,40 +25,18 @@ ynh_abort_if_errors
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
path_url="/"
ssb_admin_id=$YNH_APP_ARG_SSB_ADMIN_ID
password=$YNH_APP_ARG_PASSWORD
architecture=$(ynh_detect_arch)
### If it's a multi-instance app, meaning it can be installed several times independently
### The id of the app as stated in the manifest is available as $YNH_APP_ID
### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...)
### The app instance name is available as $YNH_APP_INSTANCE_NAME
### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
### - ynhexample__{N} for the subsequent installations, with N=3,4...
### The app instance name is probably what interests you most, since this is
### guaranteed to be unique. This is a good unique identifier to define installation path,
### db names...
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
### About --weight and --time
### ynh_script_progression will show to your final users the progression of each scripts.
### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script.
### --time is a packager option, it will show you the execution time since the previous call.
### This option should be removed before releasing your app.
### Use the execution time, given by --time, to estimate the weight of a step.
### A common way to do it is to set a weight equal to the execution time in second +1.
### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call.
ynh_script_progression --message="Validating installation parameters..." --time --weight=1
### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app"
final_path=/var/www/$app
final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
@ -71,7 +49,7 @@ ynh_script_progression --message="Storing installation settings..." --time --wei
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=admin --value=$ssb_admin_id
#=================================================
# STANDARD MODIFICATIONS
@ -80,36 +58,23 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin
#=================================================
ynh_script_progression --message="Finding an available port..." --time --weight=1
### Use these lines if you have to open a port for the application
### `ynh_find_port` will find the first available port starting from the given port.
### If you're not using these lines:
### - Remove the section "CLOSE A PORT" in the remove script
# Find an available port
# Find an available port for web interface
port=$(ynh_find_port --port=8899)
ynh_app_setting_set --app=$app --key=port --value=$port
# Optional: Expose this port publicly
# (N.B.: you only need to do this if the app actually needs to expose the port publicly.
# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !)
# Find an available port for ssb tunnels
ssbport=$(ynh_find_port --port=8008)
ynh_app_setting_set --app=$app --key=ssbport --value=$ssbport
# Open the port
# ynh_script_progression --message="Configuring firewall..." --time --weight=1
# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
# Open the ssbport to the public
ynh_script_progression --message="Configuring firewall..." --time --weight=1
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $ssbport
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --time --weight=1
### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package.
### Those deb packages will be installed as dependencies of this package.
### If you're not using this helper:
### - Remove the section "REMOVE DEPENDENCIES" in the remove script
### - Remove the variable "pkg_dependencies" in _common.sh
### - As well as the section "REINSTALL DEPENDENCIES" in the restore script
### - And the section "UPGRADE DEPENDENCIES" in the upgrade script
ynh_install_app_dependencies $pkg_dependencies
#=================================================
@ -120,7 +85,6 @@ ynh_script_progression --message="Configuring system user..." --time --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@ -139,85 +103,39 @@ chown -R $app:www-data "$final_path"
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --time --weight=1
### `ynh_add_nginx_config` will use the file conf/nginx.conf
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# ...
#=================================================
# because ssbroom requires wildcard subdomains for aliases
# we need this custom function for creating the ssbroom nginx config
add_ssb_room_nginx_config $domain
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..." --time --weight=1
### Use these lines if you need to create a directory to store "persistent files" for the application.
### Usually this directory is used to store uploaded files or any file that won't be updated during
### an upgrade and that won't be deleted during app removal
### If you're not using these lines:
### - Remove the section "BACKUP THE DATA DIR" in the backup script
### - As well as the section "RESTORE THE DATA DIRECTORY" in the restore script
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir
# FIXME: this should be managed by the core in the future
# Here, as a packager, you may have to tweak the ownerhsip/permissions
# such that the appropriate users (e.g. maybe www-data) can access
# files in some cases.
# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
# this will be treated as a security issue.
# permissions
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#=================================================
# CREATE FIRST ADMIN USER
#=================================================
ynh_script_progression --message="Creating first ssbroom admin user" --weight=1
ynh_exec_as $app $final_path/insert-user -repo $datadir $ssb_admin_id
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --time --weight=1
### `ynh_systemd_config` is used to configure a systemd script for an app.
### It can be used for apps that use sysvinit (with adaptation) or systemd.
### Have a look at the app to be sure this app needs a systemd script.
### `ynh_systemd_config` will use the file conf/systemd.service
### If you're not using these lines:
### - You can remove those files in conf/.
### - Remove the section "BACKUP SYSTEMD" in the backup script
### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script
### - As well as the section "RESTORE SYSTEMD" in the restore script
### - And the section "SETUP SYSTEMD" in the upgrade script
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# SETUP APPLICATION WITH CURL
#=================================================
### Use these lines only if the app installation needs to be finalized through
### web forms. We generally don't want to ask the final user,
### so we're going to use curl to automatically fill the fields and submit the
### forms.
# Set the app as temporarily public for curl call
ynh_script_progression --message="Configuring SSOwat..." --time --weight=1
# Making the app public for curl
ynh_permission_update --permission="main" --add="visitors"
# Installation with curl
ynh_script_progression --message="Finalizing installation..." --time --weight=1
ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
# Remove the public access
ynh_permission_update --permission="main" --remove="visitors"
#=================================================
# GENERIC FINALIZATION
#=================================================
@ -225,14 +143,6 @@ ynh_permission_update --permission="main" --remove="visitors"
#=================================================
ynh_script_progression --message="Configuring log rotation..." --time --weight=1
### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app.
### Use this helper only if there is effectively a log file for this app.
### If you're not using this helper:
### - Remove the section "BACKUP LOGROTATE" in the backup script
### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script
### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script
### - And the section "SETUP LOGROTATE" in the upgrade script
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
@ -241,46 +151,13 @@ ynh_use_logrotate
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
### `yunohost service add` integrates a service in YunoHost. It then gets
### displayed in the admin interface and through the others `yunohost service` commands.
### (N.B.: this line only makes sense if the app adds a service to the system!)
### If you're not using these lines:
### - You can remove these files in conf/.
### - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script
### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script
### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
### Additional options starting with 3.8:
###
### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed
### which will then be checked by YunoHost's diagnosis system
### (N.B. DO NOT USE THIS is the port is only internal!!!)
###
### --test_status "some command" a custom command to check the status of the service
### (only relevant if 'systemctl status' doesn't do a good job)
###
### --test_conf "some command" some command similar to "nginx -t" that validates the conf of the service
###
### Re-calling 'yunohost service add' during the upgrade script is the right way
### to proceed if you later realize that you need to enable some flags that
### weren't enabled on old installs (be careful it'll override the existing
### service though so you should re-provide all relevant flags when doing so)
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" --needs_exposed_ports $ssbport
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
### `ynh_systemd_action` is used to start a systemd service for an app.
### Only needed if you have configure a systemd service
### If you're not using these lines:
### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script
### - As well as the section "START SYSTEMD SERVICE" in the restore script
### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script
### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
@ -289,24 +166,14 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$ap
#=================================================
ynh_script_progression --message="Configuring permissions..." --time --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
# Make app public
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
### N.B. : the following extra permissions only make sense if your app
### does have for example an admin interface or an api.
# Only the admin can access the admin panel of the app (if the app has an admin panel)
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
# Everyone can access to the api part
# We don't want to display the tile in the sso so we put --show_tile="false"
# And we don't want that the YunoHost Admin can remove visitors group to this permission, so we put --protected="true"
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
# all users can access the /admin section, with or without SSO
# as go-ssb-room has its own authentication and user-system
# which operates outside of yunohost SSO
#=================================================
# RELOAD NGINX

View file

@ -18,9 +18,9 @@ app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
ssbport=$(ynh_app_setting_get --app=$app --key=ssbport)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# STANDARD REMOVE
@ -51,14 +51,6 @@ ynh_script_progression --message="Removing logrotate configuration..." --time --
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Removing the MySQL database..." --time --weight=1
# Remove a database if it exists, along with the associated user
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE DEPENDENCIES
#=================================================
@ -75,21 +67,24 @@ ynh_script_progression --message="Removing app main directory..." --time --weigh
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE DATA DIR
#=================================================
ynh_script_progression --message="Removing data directory..." --time --weight=1
# Remove the data directory securely
ynh_secure_remove --file="$datadir"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..." --time --weight=1
# because ssbroom requires wildcard subdomains for aliases
# we need this custom function for creating/removing the ssbroom nginx config
# instead of the standard ynh_add_nginx_config
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Removing PHP-FPM configuration..." --time --weight=1
# Remove the dedicated PHP-FPM config
ynh_remove_fpm_config
remove_ssb_room_nginx_config $domain
#=================================================
# CLOSE A PORT
@ -101,13 +96,11 @@ then
ynh_exec_warn_less yunohost firewall disallow TCP $port
fi
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2ban configuration..." --time --weight=1
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
if yunohost firewall list | grep -q "\- $ssbport$"
then
ynh_script_progression --message="Closing ssbport $ssbport..." --time --weight=1
ynh_exec_warn_less yunohost firewall disallow TCP $ssbport
fi
#=================================================
# SPECIFIC REMOVE
@ -116,12 +109,6 @@ ynh_remove_fail2ban_config
#=================================================
ynh_script_progression --message="Removing various files..." --time --weight=1
# Remove a cron file
ynh_secure_remove --file="/etc/cron.d/$app"
# Remove a directory securely
ynh_secure_remove --file="/etc/$app"
# Remove the log files
ynh_secure_remove --file="/var/log/$app"