From f5dd425bd8e945e82222bb2c5c863973309a9281 Mon Sep 17 00:00:00 2001 From: navanchauhan Date: Sat, 6 Aug 2022 17:20:30 -0400 Subject: [PATCH] initial --- conf/.env.template | 167 +++++++++++++++++++++++++++++++++++++++++++ conf/app.src | 4 +- conf/systemd.service | 47 +++--------- manifest.json | 26 +------ scripts/_common.sh | 20 +----- scripts/install | 164 ++++++++++++------------------------------ scripts/remove | 28 +------- scripts/restore | 2 +- 8 files changed, 231 insertions(+), 227 deletions(-) create mode 100644 conf/.env.template diff --git a/conf/.env.template b/conf/.env.template new file mode 100644 index 0000000..bfb9f6b --- /dev/null +++ b/conf/.env.template @@ -0,0 +1,167 @@ +# only set this to true when testing/debugging +# when unset: 1 (true) - dont unset this, just for development +DEBUG=0 +SQL_DEBUG=0 + +# HTTP port to bind to +TANDOOR_PORT=__PORT__ + +# hosts the application can run under e.g. recipes.mydomain.com,cooking.mydomain.com,... +ALLOWED_HOSTS=* + +# random secret key, use for example `base64 /dev/urandom | head -c50` to generate one +# ---------------------------- REQUIRED ------------------------- +SECRET_KEY=__SECRETKEY__ +# --------------------------------------------------------------- + +# your default timezone See https://timezonedb.com/time-zones for a list of timezones +TIMEZONE=Europe/Berlin + +# add only a database password if you want to run with the default postgres, otherwise change settings accordingly +DB_ENGINE=django.db.backends.postgresql +# DB_OPTIONS= {} # e.g. {"sslmode":"require"} to enable ssl +POSTGRES_HOST=127.0.0.1 +POSTGRES_PORT=5432 +POSTGRES_USER=__DB_NAME__ +# ---------------------------- REQUIRED ------------------------- +POSTGRES_PASSWORD=__DB_PWD__ +# --------------------------------------------------------------- +POSTGRES_DB=__DB_NAME__ + +# database connection string, when used overrides other database settings. +# format might vary depending on backend +# DATABASE_URL = engine://username:password@host:port/dbname + +# the default value for the user preference 'fractions' (enable/disable fraction support) +# default: disabled=0 +FRACTION_PREF_DEFAULT=0 + +# the default value for the user preference 'comments' (enable/disable commenting system) +# default comments enabled=1 +COMMENT_PREF_DEFAULT=1 + +# Users can set a amount of time after which the shopping list is refreshed when they are in viewing mode +# This is the minimum interval users can set. Setting this to low will allow users to refresh very frequently which +# might cause high load on the server. (Technically they can obviously refresh as often as they want with their own scripts) +SHOPPING_MIN_AUTOSYNC_INTERVAL=5 + +# Default for user setting sticky navbar +# STICKY_NAV_PREF_DEFAULT=1 + +# If base URL is something other than just / (you are serving a subfolder in your proxy for instance http://recipe_app/recipes/) +# Be sure to not have a trailing slash: e.g. '/recipes' instead of '/recipes/' +SCRIPT_NAME=__PATH__ + +# If staticfiles are stored at a different location uncomment and change accordingly, MUST END IN / +# this is not required if you are just using a subfolder +# This can either be a relative path from the applications base path or the url of an external host +# STATIC_URL=/static/ + +# If mediafiles are stored at a different location uncomment and change accordingly, MUST END IN / +# this is not required if you are just using a subfolder +# This can either be a relative path from the applications base path or the url of an external host +# MEDIA_URL=/media/ + +# Serve mediafiles directly using gunicorn. Basically everyone recommends not doing this. Please use any of the examples +# provided that include an additional nxginx container to handle media file serving. +# If you know what you are doing turn this back on (1) to serve media files using djangos serve() method. +# when unset: 1 (true) - this is temporary until an appropriate amount of time has passed for everyone to migrate +GUNICORN_MEDIA=0 + +# GUNICORN SERVER RELATED SETTINGS (see https://docs.gunicorn.org/en/stable/design.html#how-many-workers for recommended settings) +# GUNICORN_WORKERS=1 +# GUNICORN_THREADS=1 + +# S3 Media settings: store mediafiles in s3 or any compatible storage backend (e.g. minio) +# as long as S3_ACCESS_KEY is not set S3 features are disabled +# S3_ACCESS_KEY= +# S3_SECRET_ACCESS_KEY= +# S3_BUCKET_NAME= +# S3_REGION_NAME= # default none, set your region might be required +# S3_QUERYSTRING_AUTH=1 # default true, set to 0 to serve media from a public bucket without signed urls +# S3_QUERYSTRING_EXPIRE=3600 # number of seconds querystring are valid for +# S3_ENDPOINT_URL= # when using a custom endpoint like minio +# S3_CUSTOM_DOMAIN= # when using a CDN/proxy to S3 (see https://github.com/TandoorRecipes/recipes/issues/1943) + +# Email Settings, see https://docs.djangoproject.com/en/3.2/ref/settings/#email-host +# Required for email confirmation and password reset (automatically activates if host is set) +# EMAIL_HOST= +# EMAIL_PORT= +# EMAIL_HOST_USER= +# EMAIL_HOST_PASSWORD= +# EMAIL_USE_TLS=0 +# EMAIL_USE_SSL=0 +# email sender address (default 'webmaster@localhost') +# DEFAULT_FROM_EMAIL= +# prefix used for account related emails (default "[Tandoor Recipes] ") +# ACCOUNT_EMAIL_SUBJECT_PREFIX= + +# allow authentication via reverse proxy (e.g. authelia), leave off if you dont know what you are doing +# see docs for more information https://vabene1111.github.io/recipes/features/authentication/ +# when unset: 0 (false) +REVERSE_PROXY_AUTH=0 + +# Default settings for spaces, apply per space and can be changed in the admin view +# SPACE_DEFAULT_MAX_RECIPES=0 # 0=unlimited recipes +# SPACE_DEFAULT_MAX_USERS=0 # 0=unlimited users per space +# SPACE_DEFAULT_MAX_FILES=0 # Maximum file storage for space in MB. 0 for unlimited, -1 to disable file upload. +# SPACE_DEFAULT_ALLOW_SHARING=1 # Allow users to share recipes with public links + +# allow people to create accounts on your application instance (without an invite link) +# when unset: 0 (false) +# ENABLE_SIGNUP=0 + +# If signup is enabled you might want to add a captcha to it to prevent spam +# HCAPTCHA_SITEKEY= +# HCAPTCHA_SECRET= + +# if signup is enabled you might want to provide urls to data protection policies or terms and conditions +# TERMS_URL= +# PRIVACY_URL= +# IMPRINT_URL= + +# enable serving of prometheus metrics under the /metrics path +# ATTENTION: view is not secured (as per the prometheus default way) so make sure to secure it +# trough your web server (or leave it open of you dont care if the stats are exposed) +# ENABLE_METRICS=0 + +# allows you to setup OAuth providers +# see docs for more information https://vabene1111.github.io/recipes/features/authentication/ +# SOCIAL_PROVIDERS = allauth.socialaccount.providers.github, allauth.socialaccount.providers.nextcloud, + +# Should a newly created user from a social provider get assigned to the default space and given permission by default ? +# ATTENTION: This feature might be deprecated in favor of a space join and public viewing system in the future +# default 0 (false), when 1 (true) users will be assigned space and group +# SOCIAL_DEFAULT_ACCESS = 1 + +# if SOCIAL_DEFAULT_ACCESS is used, which group should be added +# SOCIAL_DEFAULT_GROUP=guest + +# Django session cookie settings. Can be changed to allow a single django application to authenticate several applications +# when running under the same database +# SESSION_COOKIE_DOMAIN=.example.com +# SESSION_COOKIE_NAME=sessionid # use this only to not interfere with non unified django applications under the same top level domain + +# by default SORT_TREE_BY_NAME is disabled this will store all Keywords and Food in the order they are created +# enabling this setting makes saving new keywords and foods very slow, which doesn't matter in most usecases. +# however, when doing large imports of recipes that will create new objects, can increase total run time by 10-15x +# Keywords and Food can be manually sorted by name in Admin +# This value can also be temporarily changed in Admin, it will revert the next time the application is started +# This will be fixed/changed in the future by changing the implementation or finding a better workaround for sorting +# SORT_TREE_BY_NAME=0 +# LDAP authentication +# default 0 (false), when 1 (true) list of allowed users will be fetched from LDAP server +LDAP_AUTH=1 +AUTH_LDAP_SERVER_URI="ldap://localhost:389" +AUTH_LDAP_BIND_DN="ou=users,dc=yunohost,dc=org" +AUTH_LDAP_BIND_PASSWORD="" +AUTH_LDAP_USER_SEARCH_BASE_DN="" +#AUTH_LDAP_TLS_CACERTFILE= + +# Enables exporting PDF (see export docs) +# Disabled by default, uncomment to enable +# ENABLE_PDF_EXPORT=1 + +# Recipe exports are cached for a certain time by default, adjust time if needed +# EXPORT_FILE_CACHE_DURATION=600 + diff --git a/conf/app.src b/conf/app.src index 17489bf..2d30d71 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=url of app's source -SOURCE_SUM=sha256 checksum +SOURCE_URL=https://github.com/TandoorRecipes/recipes/archive/refs/tags/1.3.3.tar.gz +SOURCE_SUM=887df9ac51162605fc43fd4437d956db4fcfeac68955ed8ecac6305aeb9ad68c SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/systemd.service b/conf/systemd.service index 7bb448e..e3bd4c8 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,45 +1,16 @@ [Unit] -Description=Small description of the service +Description=gunicorn daemon for recipes After=network.target [Service] Type=simple -User=__APP__ -Group=__APP__ -WorkingDirectory=__FINALPATH__/ -ExecStart=__FINALPATH__/script -StandardOutput=append:/var/log/__APP__/__APP__.log -StandardError=inherit - -# Sandboxing options to harden security -# Depending on specificities of your service/app, you may need to tweak these -# .. but this should be a good baseline -# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html -NoNewPrivileges=yes -PrivateTmp=yes -PrivateDevices=yes -RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 -RestrictNamespaces=yes -RestrictRealtime=yes -DevicePolicy=closed -ProtectSystem=full -ProtectControlGroups=yes -ProtectKernelModules=yes -ProtectKernelTunables=yes -LockPersonality=yes -SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap - -# Denying access to capabilities that should not be relevant for webapps -# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html -CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD -CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE -CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT -CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK -CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM -CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG -CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE -CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW -CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG +Restart=always +RestartSec=3 +User=recipes +Group=www-data +WorkingDirectory=__FINAL_PATH__ +EnvironmentFile=__FINAL_PATH__/.env +ExecStart=__FINAL_PATH__/bin/gunicorn --error-logfile /tmp/gunicorn_err.log --log-level debug --capture-output --bind unix:__FINAL_PATH__/recipes.sock recipes.wsgi:application [Install] -WantedBy=multi-user.target +WantedBy=multi-user.target \ No newline at end of file diff --git a/manifest.json b/manifest.json index 9fdc46e..8ecab8b 100644 --- a/manifest.json +++ b/manifest.json @@ -1,6 +1,6 @@ { - "name": "Example app", - "id": "example", + "name": "Tandoor", + "id": "tandoor", "packaging_format": 1, "description": { "en": "Explain in *a few (10~15) words* the purpose of the app or what it actually does (it is meant to give a rough idea to users browsing a catalog of 100+ apps)", @@ -46,28 +46,6 @@ "name": "is_public", "type": "boolean", "default": true - }, - { - "name": "language", - "type": "string", - "ask": { - "en": "Choose the application language", - "fr": "Choisissez la langue de l'application" - }, - "choices": ["fr", "en"], - "default": "fr" - }, - { - "name": "admin", - "type": "user" - }, - { - "name": "password", - "type": "password", - "help": { - "en": "Use the help field to add an information for the admin about this question.", - "fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question." - } } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index 04b61bb..01f8228 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,25 +3,11 @@ #================================================= # COMMON VARIABLES #================================================= -# PHP APP SPECIFIC -#================================================= -# Depending on its version, YunoHost uses different default PHP version: -## YunoHost version "11.X" => PHP 7.4 -## YunoHost version "4.X" => PHP 7.3 -# -# This behaviour can be overridden by setting the YNH_PHP_VERSION variable -#YNH_PHP_VERSION=7.3 -#YNH_PHP_VERSION=7.4 -#YNH_PHP_VERSION=8.0 -# For more information, see the PHP application helper: https://github.com/YunoHost/yunohost/blob/dev/helpers/php#L3-L6 -# Or this app package depending on PHP: https://github.com/YunoHost-Apps/grav_ynh/blob/master/scripts/_common.sh -# PHP dependencies used by the app (must be on a single line) -#php_dependencies="php$YNH_PHP_VERSION-deb1 php$YNH_PHP_VERSION-deb2" -# or, if you do not need a custom YNH_PHP_VERSION: -php_dependencies="php$YNH_DEFAULT_PHP_VERSION-deb1 php$YNH_DEFAULT_PHP_VERSION-deb2" # dependencies used by the app (must be on a single line) -pkg_dependencies="deb1 deb2 $php_dependencies" +pkg_dependencies="git curl python3 python3-pip python3-venv libpq-dev postgresql libsasl2-dev python3-dev libldap2-dev libssl-dev" + +nodejs_version=16 #================================================= # PERSONAL HELPERS diff --git a/scripts/install b/scripts/install index af6ca03..c45ad81 100755 --- a/scripts/install +++ b/scripts/install @@ -27,33 +27,14 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC -language=$YNH_APP_ARG_LANGUAGE -admin=$YNH_APP_ARG_ADMIN -password=$YNH_APP_ARG_PASSWORD -### If it's a multi-instance app, meaning it can be installed several times independently -### The id of the app as stated in the manifest is available as $YNH_APP_ID -### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...) -### The app instance name is available as $YNH_APP_INSTANCE_NAME -### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -### - ynhexample__{N} for the subsequent installations, with N=3,4... -### The app instance name is probably what interests you most, since this is -### guaranteed to be unique. This is a good unique identifier to define installation path, -### db names... app=$YNH_APP_INSTANCE_NAME +secretkey=$(ynh_string_random --length=12) + #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -### About --weight and --time -### ynh_script_progression will show to your final users the progression of each scripts. -### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script. -### --time is a packager option, it will show you the execution time since the previous call. -### This option should be removed before releasing your app. -### Use the execution time, given by --time, to estimate the weight of a step. -### A common way to do it is to set a weight equal to the execution time in second +1. -### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. ynh_script_progression --message="Validating installation parameters..." --time --weight=1 ### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". @@ -71,8 +52,7 @@ ynh_script_progression --message="Storing installation settings..." --time --wei ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=language --value=$language -ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=secretkey --value=$secretkey #================================================= # STANDARD MODIFICATIONS @@ -81,38 +61,23 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin #================================================= ynh_script_progression --message="Finding an available port..." --time --weight=1 -### Use these lines if you have to open a port for the application -### `ynh_find_port` will find the first available port starting from the given port. -### If you're not using these lines: -### - Remove the section "CLOSE A PORT" in the remove script - # Find an available port port=$(ynh_find_port --port=8095) ynh_app_setting_set --app=$app --key=port --value=$port -# Optional: Expose this port publicly -# (N.B.: you only need to do this if the app actually needs to expose the port publicly. -# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) - -# Open the port -# ynh_script_progression --message="Configuring firewall..." --time --weight=1 -# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port - #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --time --weight=1 - -### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. -### Those deb packages will be installed as dependencies of this package. -### If you're not using this helper: -### - Remove the section "REMOVE DEPENDENCIES" in the remove script -### - Remove the variable "pkg_dependencies" in _common.sh -### - As well as the section "REINSTALL DEPENDENCIES" in the restore script -### - And the section "UPGRADE DEPENDENCIES" in the upgrade script +ynh_script_progression --message="Installing dependencies..." --time --weight=5 ynh_install_app_dependencies $pkg_dependencies +# Install Nodejs +ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version + +# Install Yarn +ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" + #================================================= # CREATE DEDICATED USER #================================================= @@ -122,66 +87,30 @@ ynh_script_progression --message="Configuring system user..." --time --weight=1 ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# CREATE A MYSQL DATABASE +# CREATE A PostgreSQL DATABASE #================================================= -ynh_script_progression --message="Creating a MySQL database..." --time --weight=1 - -### Use these lines if you need a database for the application. -### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. -### The password will be stored as 'mysqlpwd' into the app settings, -### and will be available as $db_pwd -### If you're not using these lines: -### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script -### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script -### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script +ynh_script_progression --message="Creating a PostgreSQL database..." --time --weight=1 db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name +ynh_psql_setup_db --db_user=$db_user --db_name=$db_name + +ynh_psql_connect_as $db_user $db_pwd <<< "ALTER DATABASE $db_name OWNER TO $db_user;" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --time --weight=1 -### `ynh_setup_source` is used to install an app from a zip or tar.gz file, -### downloaded from an upstream source, like a git repository. -### `ynh_setup_source` use the file conf/app.src - ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --time --weight=1 - -### `ynh_add_fpm_config` is used to set up a PHP config. -### You can remove it if your app doesn't use PHP. -### `ynh_add_fpm_config` will use the files conf/php-fpm.conf -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script -### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script -### with the reload at the end of the script. -### - And the section "PHP-FPM CONFIGURATION" in the upgrade script - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config - #================================================= # NGINX CONFIGURATION #================================================= @@ -192,11 +121,38 @@ ynh_script_progression --message="Configuring NGINX web server..." --time --weig # Create a dedicated NGINX config ynh_add_nginx_config +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a configuration file..." --time --weight=1 + +ynh_add_config --template=".env.template" --destination="$final_path/.env" + +chmod 400 "$final_path/some_config_file" +chown $app:$app "$final_path/some_config_file" + #================================================= # SPECIFIC SETUP #================================================= -# ... -#================================================= +ynh_script_progression --message="Setting up Tandoor dependencies..." --weight=1 + +ynh_exec_as $app python3 -m venv "$final_path/venv" + +pushd "$final_path" + ynh_exec_as $app "$final_path/venv/bin/pip3" install -r requirements.txt +popd + +pushd "$final_path/vue" + ynh_use_nodejs + yarn install + yarn build +popd + +pushd "$final_path" + ynh_exec_as $app "$final_path/venv/bin/python3" manage.py migrate + ynh_psql_connect_as $db_user $db_pwd <<< "ALTER USER $app WITH NOSUPERUSER;" +popd + #================================================= # CREATE DATA DIRECTORY @@ -226,38 +182,6 @@ chmod 750 "$datadir" chmod -R o-rwx "$datadir" chown -R $app:www-data "$datadir" -#================================================= -# ADD A CONFIGURATION -#================================================= -ynh_script_progression --message="Adding a configuration file..." --time --weight=1 - -### You can add specific configuration files. -### -### Typically, put your template conf file in ../conf/your_config_file -### The template may contain strings such as __FOO__ or __FOO_BAR__, -### which will automatically be replaced by the values of $foo and $foo_bar -### -### ynh_add_config will also keep track of the config file's checksum, -### which later during upgrade may allow to automatically backup the config file -### if it's found that the file was manually modified -### -### Check the documentation of `ynh_add_config` for more info. - -ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file" - -# FIXME: this should be handled by the core in the future -# You may need to use chmod 600 instead of 400, -# for example if the app is expected to be able to modify its own config -chmod 400 "$final_path/some_config_file" -chown $app:$app "$final_path/some_config_file" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file" -### ynh_store_file_checksum --file="$final_path/some_config_file" - #================================================= # SETUP SYSTEMD #================================================= diff --git a/scripts/remove b/scripts/remove index 29da1fd..b9c3f8f 100755 --- a/scripts/remove +++ b/scripts/remove @@ -53,12 +53,12 @@ ynh_script_progression --message="Removing logrotate configuration..." --time -- ynh_remove_logrotate #================================================= -# REMOVE THE MYSQL DATABASE +# REMOVE THE PostgreSQL DATABASE #================================================= -ynh_script_progression --message="Removing the MySQL database..." --time --weight=1 +ynh_script_progression --message="Removing the PostgreSQL database..." --time --weight=1 # Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name +ynh_psql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE APP MAIN DIR @@ -87,14 +87,6 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." --time --weight=1 - -# Remove the dedicated PHP-FPM config -ynh_remove_fpm_config - #================================================= # REMOVE DEPENDENCIES #================================================= @@ -113,14 +105,6 @@ then ynh_exec_warn_less yunohost firewall disallow TCP $port fi -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Removing Fail2Ban configuration..." --time --weight=1 - -# Remove the dedicated Fail2Ban config -ynh_remove_fail2ban_config - #================================================= # SPECIFIC REMOVE #================================================= @@ -128,12 +112,6 @@ ynh_remove_fail2ban_config #================================================= ynh_script_progression --message="Removing various files..." --time --weight=1 -# Remove a cron file -ynh_secure_remove --file="/etc/cron.d/$app" - -# Remove a directory securely -ynh_secure_remove --file="/etc/$app" - # Remove the log files ynh_secure_remove --file="/var/log/$app" diff --git a/scripts/restore b/scripts/restore index d0c948c..6ba90f1 100755 --- a/scripts/restore +++ b/scripts/restore @@ -128,7 +128,7 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= ynh_script_progression --message="Restoring the MySQL database..." --time --weight=1 -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql