From 8c6aaa7bb3ed5254f5604951c1548d20cb117c78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Sat, 31 Aug 2024 10:19:34 +0200 Subject: [PATCH] Cleanup after auto patch --- conf/log.yaml | 1 + conf/turnserver.conf | 2 ++ scripts/_common.sh | 4 ++-- scripts/install | 2 +- scripts/restore | 22 +++++++++++----------- scripts/upgrade | 39 ++++++++++++++++++--------------------- 6 files changed, 35 insertions(+), 35 deletions(-) diff --git a/conf/log.yaml b/conf/log.yaml index 447f584..5a726b0 100644 --- a/conf/log.yaml +++ b/conf/log.yaml @@ -1,3 +1,4 @@ +# WARNING: Don't edit this file. All change will be removed after each app upgrade version: 1 diff --git a/conf/turnserver.conf b/conf/turnserver.conf index 9575f9e..75f8599 100644 --- a/conf/turnserver.conf +++ b/conf/turnserver.conf @@ -1,3 +1,5 @@ +# WARNING: Don't edit this file. All change will be removed after each app upgrade + use-auth-secret static-auth-secret={{ turnserver_pwd }} cli-password={{ turnserver_cli_pwd }} diff --git a/scripts/_common.sh b/scripts/_common.sh index 400cf27..8389893 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -68,7 +68,7 @@ configure_coturn() { then turn_external_ip+="$public_ip4," fi - if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6" + if [ -n "$public_ip6" ] && ynh_validate_ip --family=6 --ip_address="$public_ip6" then turn_external_ip+="$public_ip6" fi @@ -139,7 +139,7 @@ ensure_vars_set() { } set_permissions() { - chown $app:$app -R "$code_dir" + chown "$app":"$app" -R "$code_dir" chmod o= -R "$code_dir" chmod 770 "$code_dir"/Coturn_config_rotate.sh diff --git a/scripts/install b/scripts/install index 69c2f5f..d31cbff 100644 --- a/scripts/install +++ b/scripts/install @@ -115,7 +115,7 @@ cp ../sources/cas_server.php "$install_dir"/ ynh_script_progression "Creating Synapse config..." # Generate config -$code_dir/bin/python -m synapse.app.homeserver --keys-directory /etc/matrix-"$app"/ --generate-config --server-name "$server_name" --report-stats=no -c homeserver.yml +"$code_dir"/bin/python -m synapse.app.homeserver --keys-directory /etc/matrix-"$app"/ --generate-config --server-name "$server_name" --report-stats=no -c homeserver.yml # Get random values from config registration_shared_secret="$(grep -E "^registration_shared_secret:" homeserver.yml | cut -d'"' -f2)" diff --git a/scripts/restore b/scripts/restore index 226ebb0..0c8d450 100644 --- a/scripts/restore +++ b/scripts/restore @@ -16,7 +16,7 @@ ynh_script_progression "Loading settings..." ynh_script_progression 'Configuring system groups' # Create the dedicated user (if not existing) -adduser $app ssl-cert +adduser "$app" ssl-cert adduser turnserver ssl-cert #================================================= @@ -33,7 +33,7 @@ ynh_psql_execute_as_root \ ynh_script_progression "Restoring directory and configuration..." ynh_restore_everything -mkdir -p /etc/matrix-$app/app-service +mkdir -p /etc/matrix-"$app"/app-service # Check that the good python version is installed # If not upgrade the source @@ -52,7 +52,7 @@ ynh_systemctl --action=restart --service=fail2ban #================================================= ynh_script_progression "Restoring the PostgreSQL database..." -ynh_psql_db_shell " < "${YNH_CWD}/dump.sql"" +ynh_psql_db_shell < "${YNH_CWD}/dump.sql" #================================================= # RESTORE SYSTEMD @@ -60,15 +60,15 @@ ynh_psql_db_shell " < "${YNH_CWD}/dump.sql"" ynh_script_progression "Enable systemd services" # systemctl daemon-reload -systemctl enable $app.service --quiet -systemctl enable $app-coturn.service --quiet +systemctl enable "$app".service --quiet +systemctl enable "$app"-coturn.service --quiet #================================================= # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -yunohost service add $app --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports $port_synapse_tls --description 'Main matrix server service.' -yunohost service add $app-coturn --needs_exposed_ports $port_turnserver_tls --description 'Turn server for matrix server. Used for audio and video call.' +yunohost service add "$app" --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports $port_synapse_tls --description 'Main matrix server service.' +yunohost service add "$app-coturn" --needs_exposed_ports "$port_turnserver_tls" --description 'Turn server for matrix server. Used for audio and video call.' #================================================= # CREATE A DH FILE @@ -98,7 +98,7 @@ configure_coturn #================================================= ynh_script_progression "Configuring log rotation..." -ynh_config_add_logrotate /var/log/matrix-$app +ynh_config_add_logrotate /var/log/matrix-"$app" #================================================= # SECURE FILES AND DIRECTORIES @@ -112,15 +112,15 @@ set_permissions data #================================================= ynh_script_progression "Restarting Synapse services..." -ynh_systemctl --service=$app-coturn.service --action=restart -ynh_systemctl --service=$app.service --action=restart --wait_until="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300 +ynh_systemctl --service="$app"-coturn.service --action=restart +ynh_systemctl --service="$app".service --action=restart --wait_until="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300 #================================================= # RELOAD NGINX #================================================= ynh_script_progression "Reloading NGINX web server..." -ynh_systemctl --service=php$php_version-fpm --action=reload +ynh_systemctl --service=php"$php_version"-fpm --action=reload ynh_systemctl --service=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 17d2101..ec95fe3 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -231,12 +231,8 @@ fi # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed -if ynh_app_upstream_version_changed || [ ! -e $code_dir/bin/python3 ] || [ ! -e $code_dir/lib/python$python_version ] -then - ynh_script_progression "Upgrading source files..." - install_sources -fi +ynh_script_progression "Upgrading source files..." +install_sources #================================================= # MIGRATION 1 : GENERATE SYNAPSE SECRET @@ -247,7 +243,7 @@ then ynh_script_progression "Generating synapse secret..." # Generate config and keys - $code_dir/bin/python -m synapse.app.homeserver --keys-directory /etc/matrix-$app/ --generate-config --generate-keys --server-name $server_name --report-stats=no -c homeserver.yml + "$code_dir"/bin/python -m synapse.app.homeserver --keys-directory /etc/matrix-"$app"/ --generate-config --generate-keys --server-name "$server_name" --report-stats=no -c homeserver.yml # Get random values from config registration_shared_secret=$(egrep "^registration_shared_secret:" homeserver.yml | cut -d'"' -f2) @@ -273,10 +269,11 @@ ynh_config_add --template="log.yaml" --destination="/etc/matrix-$app/log.yaml" # WARNING : theses command are used in INSTALL, UPGRADE # For any update do it in all files -mkdir -p $install_dir -cp ../sources/cas_server.php $install_dir/ -#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod u=rwX,g=rX,o= -R $install_dir -#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:root -R $install_dir +mkdir -p "$install_dir" +cp ../sources/cas_server.php "$install_dir"/ +chmod u=rwX,g=rX,o= -R "$install_dir" +chown "$app":root -R "$install_dir" + #================================================= # NGINX CONFIGURATION #================================================= @@ -322,8 +319,8 @@ fi # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -yunohost service add $app --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports $port_synapse_tls --description 'Main matrix server service.' -yunohost service add $app-coturn --needs_exposed_ports $port_turnserver_tls --description 'Turn server for matrix server. Used for audio and video call.' +yunohost service add "$app" --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports "$port_synapse_tls" --description 'Main matrix server service.' +yunohost service add "$app"-coturn --needs_exposed_ports "$port_turnserver_tls" --description 'Turn server for matrix server. Used for audio and video call.' #================================================= # UPDATE SYSTEMD @@ -333,8 +330,8 @@ ynh_script_progression "Upgrading systemd configuration..." # Create systemd service for synapse and turnserver ynh_config_add_systemd --template=synapse.service -cp ../conf/default_coturn /etc/matrix-$app/coturn_env -ynh_config_add_systemd --service=$app-coturn --template=synapse-coturn.service +cp ../conf/default_coturn /etc/matrix-"$app"/coturn_env +ynh_config_add_systemd --service="$app"-coturn --template=synapse-coturn.service #================================================= # UPGRADE FAIL2BAN @@ -351,11 +348,11 @@ ynh_script_progression "Configuring permissions..." if yunohost --output-as plain domain list | grep -q "^$server_name"'$'; then if ! ynh_""permission_exists --permission=server_client_infos; then - ynh_""permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \ + ynh_""permission_create --permission=server_client_infos --url="$server_name"/.well-known/matrix \ --label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \ --auth_header=false --protected=true else yunohost --output-as plain domain list | grep -q "^$server_name"'$' - ynh_""permission_url --permission=server_client_infos --url=$server_name/.well-known/matrix \ + ynh_""permission_url --permission=server_client_infos --url="$server_name"/.well-known/matrix \ --auth_header=false ynh_""permission_update --permission=server_client_infos --label="Server info for clients. (well-known)" --show_tile=false \ --protected=true @@ -375,16 +372,16 @@ set_permissions data # WARNING : theses command are used in INSTALL, UPGRADE # For any update do it in all files -ynh_replace __APP__ $app ../hooks/post_cert_update -ynh_replace __DOMAIN__ $domain ../hooks/post_cert_update +ynh_replace __APP__ "$app" ../hooks/post_cert_update +ynh_replace __DOMAIN__ "$domain" ../hooks/post_cert_update #================================================= # RELOAD SERVICES #================================================= ynh_script_progression "Restarting Synapse services..." -ynh_systemctl --service=$app-coturn.service --action=restart -ynh_systemctl --service=$app.service --action=restart --wait_until="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300 +ynh_systemctl --service="$app"-coturn.service --action=restart +ynh_systemctl --service="$app".service --action=restart --wait_until="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300 #================================================= # END OF SCRIPT