YunoHost-Apps/ssh_chroot_dir_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/ssh_chroot_dir_ynh.git synced 2024-09-03 20:26:26 +02:00
Code Issues Activity Actions

Fix doc / post_install.md

Browse source
This commit is contained in:
Salamandar 2023-12-11 11:04:07 +01:00 committed by Salamandar
parent d720fe3025
commit 7846771bd1
7 changed files with 22 additions and 243 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
doc/DESCRIPTION.md
View file

@ -1,6 +1,6 @@
This app create a directory for an user, to allow him to put in here his backups (or whatever he want).
This directory is accessible by ssh or sftp.
The directory is highly secured by a complete chroot with limited commands available. So the user can't go out of his directory and can't use any other command which not allowed.
In addition to the chroot, the user has a limited space available.
This app provides a directory, accessible via ssh of sftp, to a new user.
So, you can provide to a distant user a limited part of your hard disk to let him put his backup, without any risk for your own server.
A "chroot jail" limits the commands the user can use, so you can rest assured that
they can't access your server's contents outside of the provided directory.
A data size quota is also set on the directory.

0
doc/DISCLAIMER.md
View file

5
doc/POST_INSTALL.md Normal file
View file

@ -0,0 +1,5 @@
A new chrooted directory has been created.
To use it, connect to 'ssh __SSH_USER__@__DOMAIN__ -p __SSH_PORT__' via a terminal or by using an sftp connection with 'sftp://__SSH_USER__@__DOMAIN__:__SSH_PORT__/data'
If you're facing an issue or want to improve this app, please open a new issue in this [project](https://github.com/YunoHost-Apps/ssh_chroot_dir_ynh)."

201
scripts/_common.sh
View file

@ -21,204 +21,3 @@ IS_PACKAGE_CHECK () {
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin --app_message=app_message [--recipients=recipients] [--type=type]
# | arg: -m --app_message= - The file with the content to send to the administrator.
# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
# | arg: -t, --type= - Type of mail, could be 'backup', 'change_url', 'install', 'remove', 'restore', 'upgrade'
ynh_send_readme_to_admin() {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [m]=app_message= [r]=recipients= [t]=type= )
local app_message
local recipients
local type
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
app_message="${app_message:-}"
recipients="${recipients:-root}"
type="${type:-install}"
# Get the value of admin_mail_html
#REMOVEME? admin_mail_html=$(ynh_app_setting_get $app admin_mail_html)
admin_mail_html="${admin_mail_html:-0}"
# Retrieve the email of users
find_mails () {
local list_mails="$1"
local mail
local recipients=" "
# Read each mail in argument
for mail in $list_mails
do
# Keep root or a real email address as it is
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
then
recipients="$recipients $mail"
else
# But replace an user name without a domain after by its email
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
then
recipients="$recipients $mail"
fi
fi
done
echo "$recipients"
}
recipients=$(find_mails "$recipients")
# Subject base
local mail_subject="☁️🆈🅽🅷☁️: \`$app\`"
# Adapt the subject according to the type of mail required.
if [ "$type" = "backup" ]; then
mail_subject="$mail_subject has just been backup."
elif [ "$type" = "change_url" ]; then
mail_subject="$mail_subject has just been moved to a new URL!"
elif [ "$type" = "remove" ]; then
mail_subject="$mail_subject has just been removed!"
elif [ "$type" = "restore" ]; then
mail_subject="$mail_subject has just been restored!"
elif [ "$type" = "upgrade" ]; then
mail_subject="$mail_subject has just been upgraded!"
else # install
mail_subject="$mail_subject has just been installed!"
fi
local mail_message="This is an automated message from your beloved YunoHost server.
Specific information for the application $app.
$(if [ -n "$app_message" ]
then
cat "$app_message"
else
echo "...No specific information..."
fi)
---
Automatic diagnosis data from YunoHost
__PRE_TAG1__$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')__PRE_TAG2__"
# Store the message into a file for further modifications.
echo "$mail_message" > mail_to_send
# If a html email is required. Apply html tags to the message.
if [ "$admin_mail_html" -eq 1 ]
then
# Insert 'br' tags at each ending of lines.
ynh_replace_string "$" "<br>" mail_to_send
# Insert starting HTML tags
sed --in-place '1s@^@<!DOCTYPE html>\n<html>\n<head></head>\n<body>\n@' mail_to_send
# Keep tabulations
ynh_replace_string " " "\&#160;\&#160;" mail_to_send
ynh_replace_string "\t" "\&#160;\&#160;" mail_to_send
# Insert url links tags
ynh_replace_string "__URL_TAG1__\(.*\)__URL_TAG2__\(.*\)__URL_TAG3__" "<a href=\"\2\">\1</a>" mail_to_send
# Insert pre tags
ynh_replace_string "__PRE_TAG1__" "<pre>" mail_to_send
ynh_replace_string "__PRE_TAG2__" "<\pre>" mail_to_send
# Insert finishing HTML tags
echo -e "\n</body>\n</html>" >> mail_to_send
# Otherwise, remove tags to keep a plain text.
else
# Remove URL tags
ynh_replace_string "__URL_TAG[1,3]__" "" mail_to_send
ynh_replace_string "__URL_TAG2__" ": " mail_to_send
# Remove PRE tags
ynh_replace_string "__PRE_TAG[1-2]__" "" mail_to_send
fi
# Define binary to use for mail command
if [ -e /usr/bin/bsd-mailx ]
then
local mail_bin=/usr/bin/bsd-mailx
else
local mail_bin=/usr/bin/mail.mailutils
fi
if [ "$admin_mail_html" -eq 1 ]
then
content_type="text/html"
else
content_type="text/plain"
fi
# Send the email to the recipients
cat mail_to_send | $mail_bin -a "Content-Type: $content_type; charset=UTF-8" -s "$mail_subject" "$recipients"
}
#=================================================
# Create a changelog for an app after an upgrade.
#
# The changelog is printed into the file ./changelog for the time of the upgrade.
#
# In order to create a changelog, ynh_app_changelog will get info from /etc/yunohost/apps/$app/status.json
# In order to find the current commit use by the app.
# The remote repository, and the branch.
# The changelog will be only the commits since the current revision.
#
# Because of the need of those info, ynh_app_changelog works only
# with apps that have been installed from a list.
#
# usage: ynh_app_changelog
ynh_app_changelog () {
get_value_from_settings ()
{
local value="$1"
# Extract a value from the status.json file of an installed app.
grep "$value\": \"" /etc/yunohost/apps/$app/status.json | sed "s/.*$value\": \"\([^\"]*\).*/\1/"
}
local current_revision="$(get_value_from_settings revision)"
local repo="$(get_value_from_settings url)"
local branch="$(get_value_from_settings branch)"
# ynh_app_changelog works only with an app installed from a list.
if [ -z "$current_revision" ] || [ -z "$repo" ] || [ -z "$branch" ]
then
ynh_print_warn "Unable to build the changelog..."
touch changelog
return 0
fi
# Fetch the history of the repository, without cloning it
mkdir git_history
(cd git_history
ynh_exec_warn_less git init
ynh_exec_warn_less git remote add -f origin $repo
# Get the line of the current commit of the installed app in the history.
local line_to_head=$(git log origin/$branch --pretty=oneline | grep --line-number "$current_revision" | cut -d':' -f1)
# Cut the history before the current commit, to keep only newer commits.
# Then use sed to reorganise each lines and have a nice list of commits since the last upgrade.
# This list is redirected into the file changelog
git log origin/$branch --pretty=oneline | head --lines=$(($line_to_head-1)) | sed 's/^\([[:alnum:]]*\)\(.*\)/*(\1) -> \2/g' > ../changelog)
# Remove 'Merge pull request' commits
sed -i '/Merge pull request #[[:digit:]]* from/d' changelog
# As well as conflict resolving commits
sed -i '/Merge branch .* into/d' changelog
# Get the value of admin_mail_html
#REMOVEME? admin_mail_html=$(ynh_app_setting_get $app admin_mail_html)
admin_mail_html="${admin_mail_html:-0}"
# If a html email is required. Apply html to the changelog.
if [ "$admin_mail_html" -eq 1 ]
then
sed -in-place "s@\*(\([[:alnum:]]*\)) -> \(.*\)@* __URL_TAG1__\2__URL_TAG2__${repo}/commit/\1__URL_TAG3__@g" changelog
fi
}

28
scripts/install
View file

@ -112,31 +112,17 @@ chown -R root: "$install_dir"
# DISCLAIMER
#=================================================
# Get the main domain
domain=$(yunohost domain list | grep -m1 "-" | awk '{print $2}')
ssh_port=$(grep "^Port " /etc/ssh/sshd_config | awk '{print $2}')
ynh_print_info "
To use this directory, connect to 'ssh $ssh_user@$domain -p $ssh_port' via a terminal or by using an sftp connection with 'sftp://$ssh_user@$domain:$ssh_port/data'" >&2
if grep --quiet "^AllowUsers" /etc/ssh/sshd_config
then
ynh_print_warn "
Be carreful, your ssh configuration contains an AllowUsers option. You should probably add the user $ssh_user to this line."
if grep --quiet "^AllowUsers" /etc/ssh/sshd_config; then
ynh_print_warn "Be carreful, your ssh configuration contains an AllowUsers option."
ynh_print_warn "You should probably add the user $ssh_user to this line."
fi
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
echo "A new chrooted directory has been created. To use it, connect to 'ssh $ssh_user@$domain -p $ssh_port' via a terminal or by using an sftp connection with 'sftp://$ssh_user@$domain:$ssh_port/data'
If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/ssh_chroot_dir_ynh__URL_TAG3__." > mail_to_send
ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="root"
#=================================================
# END OF SCRIPT
#=================================================
# Not really settings, but required for POST_INSTALL.md
ynh_app_setting_set --app="$app" --key="domain" --value="$(yunohost domain list --json | jq -r '.["main"]')"
ynh_app_setting_set --app="$app" --key="ssh_port" --value="$(grep "^Port " /etc/ssh/sshd_config | awk '{print $2}')"
ynh_script_progression --message="Installation of $app completed" --last

5
scripts/restore
View file

@ -99,10 +99,15 @@ ln -sf "$install_dir/chroot_manager.sh" "$data_dir/chroot_manager"
# Set permissions to app files
chown -R root: $install_dir
#=================================================
# GENERIC FINALIZATION
#=================================================
# END OF SCRIPT
#=================================================
# Not really settings, but required for POST_INSTALL.md
ynh_app_setting_set --app="$app" --key="domain" --value="$(yunohost domain list --json | jq -r '.["main"]')"
ynh_app_setting_set --app="$app" --key="ssh_port" --value="$(grep "^Port " /etc/ssh/sshd_config | awk '{print $2}')"
ynh_script_progression --message="Restoration completed for $app" --last

16
scripts/upgrade
View file

@ -79,22 +79,6 @@ chown -R root: $install_dir
# Set permissions to app files
chown -R root: $install_dir
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
# Build the changelog
ynh_app_changelog || true
echo "If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/ssh_chroot_dir_ynh__URL_TAG3__.
---
Changelog since your last upgrade:
$(cat changelog)" > mail_to_send
ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="root" --type="upgrade"
#=================================================
# END OF SCRIPT
#=================================================