diff --git a/scripts/_common.sh b/scripts/_common.sh index b3e64be..e3bdca4 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -6,51 +6,51 @@ install_sources() { # Install/upgrade synapse in virtualenv # Clean venv is it was on python2.7 or python3 with old version in case major upgrade of debian - if [ ! -e $code_dir/bin/python3 ] || [ ! -e $code_dir/lib/python$python_version ]; then - ynh_secure_remove --file=$code_dir/bin - ynh_secure_remove --file=$code_dir/lib - ynh_secure_remove --file=$code_dir/lib64 - ynh_secure_remove --file=$code_dir/include - ynh_secure_remove --file=$code_dir/share - ynh_secure_remove --file=$code_dir/pyvenv.cfg + if [ ! -e "$code_dir"/bin/python3 ] || [ ! -e "$code_dir/lib/python$python_version" ]; then + ynh_secure_remove --file="$code_dir"/bin + ynh_secure_remove --file="$code_dir"/lib + ynh_secure_remove --file="$code_dir"/lib64 + ynh_secure_remove --file="$code_dir"/include + ynh_secure_remove --file="$code_dir"/share + ynh_secure_remove --file="$code_dir"/pyvenv.cfg fi - mkdir -p $code_dir - chown $app:root -R $code_dir + mkdir -p "$code_dir" + chown "$app":root -R "$code_dir" if [ -n "$(uname -m | grep arm)" ] then # Clean old file, sometimes it could make some big issues if we don't do this!! - ynh_secure_remove --file=$code_dir/bin - ynh_secure_remove --file=$code_dir/lib - ynh_secure_remove --file=$code_dir/include - ynh_secure_remove --file=$code_dir/share + ynh_secure_remove --file="$code_dir"/bin + ynh_secure_remove --file="$code_dir"/lib + ynh_secure_remove --file="$code_dir"/include + ynh_secure_remove --file="$code_dir"/share - ynh_setup_source --dest_dir=$code_dir/ --source_id="synapse_prebuilt_armv7_$(lsb_release --codename --short)" + ynh_setup_source --dest_dir="$code_dir"/ --source_id="synapse_prebuilt_armv7_$(lsb_release --codename --short)" # Fix multi-instance support - for f in $(ls $code_dir/bin); do + for f in $(ls "$code_dir"/bin); do if ! [[ $f =~ "__" ]]; then - ynh_replace_special_string --match_string='#!/opt/yunohost/matrix-synapse' --replace_string='#!'$code_dir --target_file=$code_dir/bin/$f + ynh_replace_special_string --match_string='#!/opt/yunohost/matrix-synapse' --replace_string='#!'$code_dir --target_file="$code_dir"/bin/"$f" fi done else # Install virtualenv if it don't exist - test -e $code_dir/bin/python3 || python3 -m venv $code_dir + test -e "$code_dir"/bin/python3 || python3 -m venv "$code_dir" # Install synapse in virtualenv - local pip3=$code_dir/bin/pip3 + local pip3="$code_dir"/bin/pip3 $pip3 install --upgrade setuptools wheel pip cffi - $pip3 install --upgrade -r $YNH_APP_BASEDIR/conf/requirement_$(lsb_release --codename --short).txt + $pip3 install --upgrade -r "$YNH_APP_BASEDIR/conf/requirement_$(lsb_release --codename --short).txt" fi # Apply patch for LDAP auth if needed # Note that we put patch into scripts dir because /source are not stored and can't be used on restore - if ! grep -F -q '# LDAP Filter anonymous user Applied' $code_dir/lib/python$python_version/site-packages/ldap_auth_provider.py; then - pushd $code_dir/lib/python$python_version/site-packages - patch < $YNH_APP_BASEDIR/scripts/patch/ldap_auth_filter_anonymous_user.patch + if ! grep -F -q '# LDAP Filter anonymous user Applied' "$code_dir/lib/python$python_version/site-packages/ldap_auth_provider.py"; then + pushd "$code_dir/lib/python$python_version/site-packages" + patch < "$YNH_APP_BASEDIR"/scripts/patch/ldap_auth_filter_anonymous_user.patch popd fi } @@ -58,8 +58,10 @@ install_sources() { configure_coturn() { # Get public IP and set as external IP for coturn # note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 - local public_ip4="$(curl -s ip.yunohost.org)" || true - local public_ip6="$(curl -s ipv6.yunohost.org)" || true + local public_ip4 + local public_ip6 + public_ip4="$(curl -s ip.yunohost.org)" || true + public_ip6="$(curl -s ipv6.yunohost.org)" || true local turn_external_ip="" if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4" @@ -80,7 +82,7 @@ configure_nginx() { if yunohost --output-as plain domain list | grep -q "^$server_name$" then local e2e_enabled_by_default_client_config - if [ $e2e_enabled_by_default == "off" ]; then + if [ "$e2e_enabled_by_default" == "off" ]; then e2e_enabled_by_default_client_config=false else e2e_enabled_by_default_client_config=true diff --git a/scripts/backup b/scripts/backup index e84aad5..087774c 100644 --- a/scripts/backup +++ b/scripts/backup @@ -14,7 +14,7 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -if systemctl is-active $app.service --quiet; then +if systemctl is-active "$app".service --quiet; then ynh_print_warn --message="It's hightly recommended to make your backup when the service is stopped. Please stop $app service with this command before to run the backup 'systemctl stop $app.service'" fi diff --git a/scripts/change_url b/scripts/change_url index 2c9347a..440e2c9 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -10,7 +10,7 @@ source ./_common.sh source /usr/share/yunohost/helpers # We stop the service -ynh_systemd_action --service_name=$app.service --action=stop +ynh_systemd_action --service_name="$app".service --action=stop #================================================= # STANDARD MODIFICATIONS @@ -43,8 +43,8 @@ set_permissions #================================================= ynh_script_progression --message="Restarting Synapse services..." --weight=5 -ynh_systemd_action --service_name=$app-coturn.service --action=restart -ynh_systemd_action --service_name=$app.service --action=restart --line_match="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300 +ynh_systemd_action --service_name="$app"-coturn.service --action=restart +ynh_systemd_action --service_name="$app".service --action=restart --line_match="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300 if ! yunohost --output-as plain domain list | grep -q "^$server_name"'$'; then ynh_print_warn "Note yunohost won't be able to manage the required config for $server_name. So please add the needed DNS config as described on the documentation" diff --git a/scripts/config b/scripts/config index 258896a..51ee2fe 100644 --- a/scripts/config +++ b/scripts/config @@ -37,4 +37,4 @@ ynh_app_config_apply() { #================================================= # SELECT THE ACTION FOLLOWING THE GIVEN ARGUMENT #================================================= -ynh_app_config_run $1 +ynh_app_config_run "$1" diff --git a/scripts/install b/scripts/install index 2933118..7d14fe4 100644 --- a/scripts/install +++ b/scripts/install @@ -13,8 +13,8 @@ source /usr/share/yunohost/helpers #================================================= if [ "$server_name" == "Same than the domain" ]; then - server_name=$domain - ynh_app_setting_set --app=$app --key=server_name --value=$server_name + server_name="$domain" + ynh_app_setting_set --app="$app" --key=server_name --value="$server_name" fi #================================================= @@ -43,10 +43,10 @@ ynh_app_setting_set --app="$app" --key=enable_registration --value="$enable_regi # Check datadir empty #================================================= -if [ -n "$(ls -A $data_dir)" ]; then +if [ -n "$(ls -A "$data_dir")" ]; then old_data_dir_path="${data_dir}_$(date '+%Y%m%d.%H%M%S')" ynh_print_warn "Data directory was not empty. Data was moved to $old_data_dir_path" - mkdir -p $old_data_dir_path + mkdir -p "$old_data_dir_path" mv -t "$old_data_dir_path" "$data_dir"/* fi @@ -71,7 +71,7 @@ fi #================================================= ynh_script_progression --message='Configuring system groups' -adduser $app ssl-cert +adduser "$app" ssl-cert adduser turnserver ssl-cert #================================================= @@ -91,10 +91,10 @@ ynh_script_progression --message="Setting up source files..." --weight=50 # WARNING : theses command are used in INSTALL, UPGRADE # For any update do it in all files -mkdir -p /var/log/matrix-$app -mkdir -p /etc/matrix-$app/conf.d -mkdir -p /etc/matrix-$app/app-service -touch /etc/matrix-$app/conf.d/app_service.yaml +mkdir -p /var/log/matrix-"$app" +mkdir -p /etc/matrix-"$app"/conf.d +mkdir -p /etc/matrix-"$app"/app-service +touch /etc/matrix-"$app"/conf.d/app_service.yaml # Install synapse in virtualenv install_sources @@ -105,9 +105,9 @@ install_sources # WARNING : theses command are used in INSTALL, UPGRADE # For any update do it in all files -cp ../sources/cas_server.php $install_dir/ -chmod u=rwX,g=rX,o= -R $install_dir -chown $app:$app -R $install_dir +cp ../sources/cas_server.php "$install_dir"/ +chmod u=rwX,g=rX,o= -R "$install_dir" +chown "$app:$app" -R "$install_dir" #================================================= # CREATE SYNAPSE CONFIG @@ -116,17 +116,17 @@ chown $app:$app -R $install_dir ynh_script_progression --message="Creating Synapse config..." --weight=3 # Generate config -$code_dir/bin/python -m synapse.app.homeserver --keys-directory /etc/matrix-$app/ --generate-config --server-name $server_name --report-stats=no -c homeserver.yml +$code_dir/bin/python -m synapse.app.homeserver --keys-directory /etc/matrix-"$app"/ --generate-config --server-name "$server_name" --report-stats=no -c homeserver.yml # Get random values from config -registration_shared_secret=$(egrep "^registration_shared_secret:" homeserver.yml | cut -d'"' -f2) -form_secret=$(egrep "^form_secret:" homeserver.yml | cut -d'"' -f2) -macaroon_secret_key=$(egrep "^macaroon_secret_key:" homeserver.yml | cut -d'"' -f2) +registration_shared_secret="$(grep -E "^registration_shared_secret:" homeserver.yml | cut -d'"' -f2)" +form_secret="$(grep -E "^form_secret:" homeserver.yml | cut -d'"' -f2)" +macaroon_secret_key="$(grep -E "^macaroon_secret_key:" homeserver.yml | cut -d'"' -f2)" # store in yunohost settings -ynh_app_setting_set --app=$app --key=registration_shared_secret --value="$registration_shared_secret" -ynh_app_setting_set --app=$app --key=form_secret --value="$form_secret" -ynh_app_setting_set --app=$app --key=macaroon_secret_key --value="$macaroon_secret_key" +ynh_app_setting_set --app="$app" --key=registration_shared_secret --value="$registration_shared_secret" +ynh_app_setting_set --app="$app" --key=form_secret --value="$form_secret" +ynh_app_setting_set --app="$app" --key=macaroon_secret_key --value="$macaroon_secret_key" #================================================= # SETUP SYSTEMD @@ -134,10 +134,10 @@ ynh_app_setting_set --app=$app --key=macaroon_secret_key --value="$macaroon_secr ynh_script_progression --message="Configuring a systemd service..." --weight=2 # Create systemd service for synapse and turnserver -ynh_add_systemd_config --service=$app --template=synapse.service +ynh_add_systemd_config --service="$app" --template=synapse.service -cp ../conf/default_coturn /etc/matrix-$app/coturn_env -ynh_add_systemd_config --service=$app-coturn --template=synapse-coturn.service +cp ../conf/default_coturn /etc/matrix-"$app"/coturn_env +ynh_add_systemd_config --service="$app"-coturn --template=synapse-coturn.service #================================================= # NGINX CONFIGURATION @@ -182,7 +182,7 @@ ynh_use_logrotate --logfile="/var/log/matrix-$app" ynh_add_config --template="../sources/Coturn_config_rotate.sh" --destination="$code_dir/Coturn_config_rotate.sh" ynh_add_config --template="../sources/update_synapse_for_appservice.sh" --destination="$code_dir/update_synapse_for_appservice.sh" -ynh_add_config --template=../sources/set_admin_user.sh --destination=$code_dir/set_admin_user.sh +ynh_add_config --template=../sources/set_admin_user.sh --destination="$code_dir"/set_admin_user.sh #================================================= # GENERIC FINALIZATION @@ -193,7 +193,7 @@ ynh_add_config --template=../sources/set_admin_user.sh --destination=$code_dir/s ynh_script_progression --message="Configuring permissions..." --weight=1 if yunohost --output-as plain domain list | grep -q "^$server_name$"; then - ynh_""permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \ + ynh_""permission_create --permission=server_client_infos --url="$server_name"/.well-known/matrix \ --label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \ --auth_header=false --protected=true else @@ -206,8 +206,8 @@ fi # WARNING : theses command are used in INSTALL, UPGRADE # For any update do it in all files -ynh_replace_string __APP__ $app ../hooks/post_cert_update -ynh_replace_string __DOMAIN__ $domain ../hooks/post_cert_update +ynh_replace_string __APP__ "$app" ../hooks/post_cert_update +ynh_replace_string __DOMAIN__ "$domain" ../hooks/post_cert_update #================================================= # SECURE FILES AND DIRECTORIES @@ -220,16 +220,16 @@ set_permissions data # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -yunohost service add $app --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports $port_synapse_tls --description 'Main matrix server service.' -yunohost service add $app-coturn --needs_exposed_ports $port_turnserver_tls --description 'Turn server for matrix server. Used for audio and video call.' +yunohost service add "$app" --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports "$port_synapse_tls" --description 'Main matrix server service.' +yunohost service add "$app"-coturn --needs_exposed_ports "$port_turnserver_tls" --description 'Turn server for matrix server. Used for audio and video call.' #================================================= # RELOAD SERVICES #================================================= ynh_script_progression --message="Restarting Synapse services..." --weight=11 -ynh_systemd_action --service_name=$app-coturn.service --action=restart -ynh_systemd_action --service_name=$app.service --action=restart --line_match="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300 +ynh_systemd_action --service_name="$app"-coturn.service --action=restart +ynh_systemd_action --service_name="$app".service --action=restart --line_match="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300 #================================================= # SETUP FAIL2BAN