From baf565e7e719771e626a05312429383d7f767d4a Mon Sep 17 00:00:00 2001 From: Thomas <51749973+Thovi98@users.noreply.github.com> Date: Tue, 17 Oct 2023 20:50:05 +0200 Subject: [PATCH] first version --- conf/.env | 84 ++++++++++++++++ scripts/_common.sh | 3 + scripts/backup | 39 +------- scripts/install | 239 ++++++++++++++++----------------------------- scripts/remove | 122 +++++++++++++++++------ scripts/restore | 75 ++++++++------ scripts/upgrade | 144 ++++++++++++--------------- 7 files changed, 367 insertions(+), 339 deletions(-) diff --git a/conf/.env b/conf/.env index e69de29..10b290d 100644 --- a/conf/.env +++ b/conf/.env @@ -0,0 +1,84 @@ +## Uncomment and change any of the variables if you need to +## Read more at https://github.com/terraforming-mars/terraforming-mars/wiki/dot-env + +## Which port to use for this server +PORT=__PORT__ + +## What hostname to use +HOST=__DOMAIN__ + +## Your TLS certificate path (=> `fullchain.pem` created by certbot) +CERT_PATH=/etc/yunohost/certs/__DOMAIN__/crt.pem + +## Your TLS private key path (=> `privkey.pem` created by certbot) +KEY_PATH=/etc/yunohost/certs/__DOMAIN__/key.pem + +## Postgresql +POSTGRES_HOST=postgresql://__DB_USER__:__DB_PWD__@:5432/__DB_NAME__ + +## Games can only be in the database for this many days. +## When this is unspecified, PostgresQL deletes games in 10 days, and +## SQLite does not delete games at all. +# MAX_GAME_DAYS= + +## How many days to keep a game in its complete state before it is compressed +## When this is unspecified, games do not compress. +# COMPRESS_COMPLETED_GAMES_DAYS= + +## How many milliseconds to check for game update on multi-player games +# WAITING_FOR_TIMEOUT=5000 + +## How many seconds should assets (fonts, stylesheets, images) be cached by browsers +# ASSET_CACHE_MAX_AGE=0 + +## (default random) Static pass phrase to restrict access to administrative endpoints +SERVER_ID=__KEY__ + +## (default random) passphrase to restrict access to the /stats endpoint. +## While the stats endpoint will also accept the SERVER_ID passphrase, it will +## redirect to the stats passphrase. +## +## Having a separate ID means you can collect statistics without compromising the +## more powerful SERVER_ID +# STATS_ID = + +## When non-empty, stores game states in JSON files. Good for local development and debugging, bad for hosting lots of games. +# LOCAL_FS_DB= + +## Specifies the number of lines of history to be shown in the game log (default 50) +# LOG_LENGTH= + +## Specifies how the server removes games from memory after they're completed. +## +## Specified as a series of semicolon-separated = pairs, there are +## three possible keys. All of them are optional, as is this environment +## variable. +## +## sweep: (default='manual') +## Can be 'auto' or 'manual'. When 'auto', the sweeper will run on a regular +## basis to find and evict completed games. When 'manual' the server doesn't +## sweep at all. (The idea is this will be made available through some +## endpoint.) +## +## eviction_age: (default='15m') +## How long after a game is completed (or after a completed game is reloaded) +## the server removes the game from memory. The larger the value the longer +## saved games stay in memory. +## +## Games evicted from memory can be reloaded as if they weren't loaded to begin +## with. +## +## Can be expressed as 'nnHnnMnnS' or any parts of that triplet. +## +## sweep_freq: (default='5m') Meaningless when sweep is 'manual' +## The frequency the server runs to remove games from memory. The larger the +## value the less often the sweeper runs. +## +## Can be expressed as 'nnHnnMnnS' or any parts of that triplet. +## +## Example: Use all default values. Sweeper is off. +# GAME_CACHE= +# +## Example: Sweep every 45 seconds. Evict finished games 90 minutes +## after they load. +# GAME_CACHE=sweep=auto;eviction_age=1h30m;sweep_freq=45s \ No newline at end of file diff --git a/scripts/_common.sh b/scripts/_common.sh index 944a65e..2540c42 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,6 +4,9 @@ # COMMON VARIABLES #================================================= +# nodejs version +nodejs_version=18 + #================================================= # PERSONAL HELPERS #================================================= diff --git a/scripts/backup b/scripts/backup index 010f6c5..89930b6 100755 --- a/scripts/backup +++ b/scripts/backup @@ -15,11 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_print_info --message="Declaring files to be backed up..." -### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs -### to be backuped and not an actual copy of any file. The actual backup that -### creates and fills the archive with the files happens in the core after this -### script is called. Hence ynh_backups calls take basically 0 seconds to run. - #================================================= # BACKUP THE APP MAIN DIR #================================================= @@ -30,7 +25,6 @@ ynh_backup --src_path="$install_dir" # BACKUP THE DATA DIR #================================================= -# Only relevant if there is a "data_dir" resource for this app ynh_backup --src_path="$data_dir" --is_big #================================================= @@ -39,19 +33,6 @@ ynh_backup --src_path="$data_dir" --is_big ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP THE PHP-FPM CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -#================================================= -# BACKUP FAIL2BAN CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" - #================================================= # SPECIFIC BACKUP #================================================= @@ -66,26 +47,8 @@ ynh_backup --src_path="/etc/logrotate.d/$app" ynh_backup --src_path="/etc/systemd/system/$app.service" -#================================================= -# BACKUP VARIOUS FILES -#================================================= - -ynh_backup --src_path="/etc/cron.d/$app" - -ynh_backup --src_path="/etc/$app/" - -#================================================= -# BACKUP THE MYSQL DATABASE -#================================================= -ynh_print_info --message="Backing up the MySQL database..." - -### (However, things like MySQL dumps *do* take some time to run, though the -### copy of the generated dump to the archive still happens later) - -ynh_mysql_dump_db --database="$db_name" > db.sql - #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." \ No newline at end of file diff --git a/scripts/install b/scripts/install index 8c717e2..5f4a691 100755 --- a/scripts/install +++ b/scripts/install @@ -9,189 +9,116 @@ source _common.sh source /usr/share/yunohost/helpers -# Install parameters are automatically saved as settings -# -# Settings are automatically loaded as bash variables -# in every app script context, therefore typically these will exist: -# - $domain -# - $path -# - $language -# ... etc -# -# Resources defined in the manifest are provisioned prior to this script -# and corresponding settings are also available, such as: -# - $install_dir -# - $port -# - $db_name -# ... - -# -# $app is the app id (i.e. 'example' for first install, -# or 'example__2', '__3', ... for multi-instance installs) -# - #================================================= -# APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC) +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." --weight=5 + +ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version + +# Upgrade NPM +ynh_npm install --global npm@latest + +# Install Yarn +ynh_npm install --global yarn + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 -### `ynh_setup_source` is used to install an app from a zip or tar.gz file, -### downloaded from an upstream source, like a git repository. -### `ynh_setup_source` use the file manifest.toml - -# Download, check integrity, uncompress and patch the source from manifest.toml +# Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" -# $install_dir will automatically be initialized with some decent -# permission by default ... however, you may need to recursively reapply -# ownership to all files such as after the ynh_setup_source step +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" #================================================= -# SYSTEM CONFIGURATION +# NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 +ynh_script_progression --message="Configuring NGINX web server..." -### `ynh_add_fpm_config` is used to set up a PHP config. -### You can remove it if your app doesn't use PHP. -### `ynh_add_fpm_config` will use the files conf/php-fpm.conf -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script -### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script -### with the reload at the end of the script. -### - And the section "PHP-FPM CONFIGURATION" in the upgrade script - -# Create a dedicated PHP-FPM config using the conf/php-fpm.conf or conf/extra_php-fpm.conf -ynh_add_fpm_config - -# Create a dedicated NGINX config using the conf/nginx.conf template +# Create a dedicated NGINX config ynh_add_nginx_config -### `ynh_systemd_config` is used to configure a systemd script for an app. -### It can be used for apps that use sysvinit (with adaptation) or systemd. -### Have a look at the app to be sure this app needs a systemd script. -### `ynh_systemd_config` will use the file conf/systemd.service -### If you're not using these lines: -### - You can remove those files in conf/. -### - Remove the section "BACKUP SYSTEMD" in the backup script -### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script -### - As well as the section "RESTORE SYSTEMD" in the restore script -### - And the section "SETUP SYSTEMD" in the upgrade script +#================================================= +# SPECIFIC SETUP +#================================================= +#================================================= +# BUILD APP +#================================================= + +pushd $install_dir + ynh_use_nodejs + + ynh_script_progression --message="Fetching Yarn dev dependencies... This can be very long, be patient !" --weight=18 + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn install --network-timeout=100000 + + ynh_script_progression --message="Building Yarn dev dependencies... This can be very long, be patient !" --weight=25 + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn run build + + ynh_script_progression --message="Cleaning cache... " --weight=3 + ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn cache clean 2>&1 + +popd + +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" + +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a configuration file..." + + +key=$(ynh_string_random --length=45 | base64) +ynh_app_setting_set --app=$app --key=key --value=$key + +ynh_add_config --template="../conf/.env" --destination="$install_dir/.env" + +chmod 600 "$install_dir/.env" +chown $app:$app "$install_dir/.env" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Configuring a systemd service..." # Create a dedicated systemd config ynh_add_systemd_config -### `yunohost service add` integrates a service in YunoHost. It then gets -### displayed in the admin interface and through the others `yunohost service` commands. -### (N.B.: this line only makes sense if the app adds a service to the system!) -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script -### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script -### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script - -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" - -### Additional options starting with 3.8: -### -### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed -### which will then be checked by YunoHost's diagnosis system -### (N.B. DO NOT USE THIS if the port is only internal!!!) -### -### --test_status "some command" a custom command to check the status of the service -### (only relevant if 'systemctl status' doesn't do a good job) -### -### --test_conf "some command" some command similar to "nginx -t" that validates the conf of the service -### -### Re-calling 'yunohost service add' during the upgrade script is the right way -### to proceed if you later realize that you need to enable some flags that -### weren't enabled on old installs (be careful it'll override the existing -### service though so you should re-provide all relevant flags when doing so) - -### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. -### Use this helper only if there is effectively a log file for this app. -### If you're not using this helper: -### - Remove the section "BACKUP LOGROTATE" in the backup script -### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script -### - And the section "SETUP LOGROTATE" in the upgrade script - -# Use logrotate to manage application logfile(s) -ynh_use_logrotate - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - -#================================================= -# APP INITIAL CONFIGURATION -#================================================= -# ADD A CONFIGURATION -#================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 - -### You can add specific configuration files. -### -### Typically, put your template conf file in ../conf/your_config_file -### The template may contain strings such as __FOO__ or __FOO_BAR__, -### which will automatically be replaced by the values of $foo and $foo_bar -### -### ynh_add_config will also keep track of the config file's checksum, -### which later during upgrade may allow to automatically backup the config file -### if it's found that the file was manually modified -### -### Check the documentation of `ynh_add_config` for more info. - -ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file" - -# FIXME: this should be handled by the core in the future -# You may need to use chmod 600 instead of 400, -# for example if the app is expected to be able to modify its own config -chmod 400 "$install_dir/some_config_file" -chown $app:$app "$install_dir/some_config_file" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file" -### ynh_store_file_checksum --file="$install_dir/some_config_file" - -#================================================= -# SETUP APPLICATION WITH CURL -#================================================= - -### Use these lines only if the app installation needs to be finalized through -### web forms. We generally don't want to ask the final user, -### so we're going to use curl to automatically fill the fields and submit the -### forms. - -# Installation with curl -ynh_script_progression --message="Finalizing installation..." --weight=1 -ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" - #================================================= # GENERIC FINALIZATION +#================================================= +# LOGROTATE +#================================================= +ynh_script_progression --message="Configuring logrotate to manage application logfiles" --weight=1 + +# Use logrotate to manage application logfile(s) +ynh_use_logrotate --specific_user=$app +touch /var/log/$app/$app.log +chown -R $app:www-data /var/log/$app/ + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." + +yunohost service add $app --log="/var/log/$app/$app.log" + #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 - -### `ynh_systemd_action` is used to start a systemd service for an app. -### Only needed if you have configure a systemd service -### If you're not using these lines: -### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script -### - As well as the section "START SYSTEMD SERVICE" in the restore script -### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script -### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script +ynh_script_progression --message="Starting a systemd service..." # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" +ynh_exec_warn_less ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="" + #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last + +ynh_script_progression --message="Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index 097c3f4..12dfd43 100755 --- a/scripts/remove +++ b/scripts/remove @@ -9,55 +9,113 @@ source _common.sh source /usr/share/yunohost/helpers -# Settings are automatically loaded as bash variables -# in every app script context, therefore typically these will exist: -# - $domain -# - $path -# - $language -# - $install_dir -# - $port -# ... - -# For remove operations : -# - the core will deprovision every resource defined in the manifest **after** this script is ran -# this includes removing the install directory, and data directory (if --purge was used) +upgrade_type=$(ynh_check_app_version_changed) #================================================= -# REMOVE SYSTEM CONFIGURATIONS +# STOP SYSTEMD SERVICE #================================================= -# REMOVE SYSTEMD SERVICE +ynh_script_progression --message="Stopping a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" + #================================================= -ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." --weight=5 -# This should be a symetric version of what happens in the install script +ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version -# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status $app >/dev/null -then - ynh_script_progression --message="Removing $app service integration..." --weight=1 - yunohost service remove $app -fi +# Upgrade NPM +ynh_npm install --global npm@latest -ynh_remove_systemd_config +# Install Yarn +ynh_npm install --global yarn -ynh_remove_nginx_config +#================================================= +# "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD...) +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_script_progression --message="Setting up source files..." --weight=1 -ynh_remove_fpm_config +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$install_dir" --force-replace=1 -ynh_remove_logrotate +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" -ynh_remove_fail2ban_config +#================================================= +# BUILD APP +#================================================= +ynh_script_progression --message="Building app... This may take quiete some time" --weight=30 -# Remove other various files specific to the app... such as : +pushd $install_dir + ynh_use_nodejs -ynh_secure_remove --file="/etc/cron.d/$app" + ynh_script_progression --message="Fetching Yarn dev dependencies... This can be very long, be patient !" --weight=18 + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn install --network-timeout=100000 -ynh_secure_remove --file="/etc/$app" + ynh_script_progression --message="Building Yarn dev dependencies... This can be very long, be patient !" --weight=25 + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn run build + + ynh_script_progression --message="Cleaning cache... " --weight=3 + ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn cache clean 2>&1 -ynh_secure_remove --file="/var/log/$app" +popd + +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Configuring a systemd service..." + +# Create a dedicated systemd config +ynh_add_systemd_config + +#================================================= +# GENERIC FINALIZATION +#================================================= +# LOGROTATE +#================================================= +ynh_script_progression --message="Configuring logrotate to manage application logfiles" --weight=1 + +# Use logrotate to manage application logfile(s) +ynh_use_logrotate --specific_user=$app +touch /var/log/$app/$app.log +chown -R $app:www-data /var/log/$app/ + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." + +yunohost service add $app --log="/var/log/$app/$app.log" + +#================================================= +# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...) +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating a configuration file..." --weight=1 + +ynh_add_config --template="../conf/.env" --destination="$install_dir/.env" + +chmod 600 "$install_dir/.env" +chown $app:$app "$install_dir/.env" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +ynh_exec_warn_less ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last diff --git a/scripts/restore b/scripts/restore index e60cb7a..53fd758 100755 --- a/scripts/restore +++ b/scripts/restore @@ -10,16 +10,24 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers +#================================================= +# STANDARD RESTORATION STEPS +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." --weight=1 +ynh_script_progression --message="Restoring the app main directory..." --weight=3 ynh_restore_file --origin_path="$install_dir" -# $install_dir will automatically be initialized with some decent -# permissions by default ... however, you may need to recursively reapply -# ownership to all files such as after the ynh_setup_source step +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" #================================================= @@ -29,55 +37,60 @@ ynh_script_progression --message="Restoring the data directory..." --weight=1 ynh_restore_file --origin_path="$data_dir" --not_mandatory -# (Same as for install dir) +mkdir -p $data_dir + +chmod 750 "$data_dir" +chmod -R o-rwx "$data_dir" chown -R $app:www-data "$data_dir" #================================================= -# RESTORE THE MYSQL DATABASE +# SPECIFIC RESTORATION #================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=1 +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=10 -ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql +# Define and install dependencies +ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version #================================================= -# RESTORE SYSTEM CONFIGURATIONS +# RESTORE SYSTEMD #================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 - -# This should be a symetric version of what happens in the install script - -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 +mkdir -p "/var/log/$app" +chown -R $app: "/var/log/$app" ynh_restore_file --origin_path="/etc/logrotate.d/$app" -ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -# Other various files... +yunohost service add $app --log="/var/log/$app/$app.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +ynh_exec_warn_less ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="" -ynh_restore_file --origin_path="/etc/cron.d/$app" -ynh_restore_file --origin_path="/etc/$app/" #================================================= # GENERIC FINALIZATION #================================================= -# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE +# RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 - -# Typically you only have either $app or php-fpm but not both at the same time... -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -ynh_systemd_action --service_name=php$phpversion-fpm --action=reload +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index ddb8ba3..d210184 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,52 +9,8 @@ source _common.sh source /usr/share/yunohost/helpers -# Settings are automatically loaded as bash variables -# in every app script context, therefore typically these will exist: -# - $domain -# - $path -# - $language -# - $install_dir -# - $port -# ... - -# In the context of upgrade, -# - resources are automatically provisioned / updated / deleted (depending on existing resources) -# - a safety backup is automatically created by the core and will be restored if the upgrade fails - -### This helper will compare the version of the currently installed app and the version of the upstream package. -### $upgrade_type can have 2 different values -### - UPGRADE_APP if the upstream app version has changed -### - UPGRADE_PACKAGE if only the YunoHost package has changed -### ynh_check_app_version_changed will stop the upgrade if the app is up to date. -### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -#ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 - -# -# N.B. : the following setting migration snippets are provided as *EXAMPLES* -# of what you may want to do in some cases (e.g. a setting was not defined on -# some legacy installs and you therefore want to initiaze stuff during upgrade) -# - -# If db_name doesn't exist, create it -#if [ -z "$db_name" ]; then -# db_name=$(ynh_sanitize_dbid --db_name=$app) -# ynh_app_setting_set --app=$app --key=db_name --value=$db_name -#fi - -# If install_dir doesn't exist, create it -#if [ -z "$install_dir" ]; then -# install_dir=/var/www/$app -# ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir -#fi - #================================================= # STOP SYSTEMD SERVICE #================================================= @@ -62,43 +18,82 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." --weight=5 + +ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version + +# Upgrade NPM +ynh_npm install --global npm@latest + +# Install Yarn +ynh_npm install --global yarn + #================================================= # "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD...) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_script_progression --message="Setting up source files..." --weight=1 + +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$install_dir" --full-repace=1 -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." --weight=1 - - # Download, check integrity, uncompress and patch the source from manifest.toml - ynh_setup_source --dest_dir="$install_dir" -fi - -# $install_dir will automatically be initialized with some decent -# permissions by default ... however, you may need to recursively reapply -# ownership to all files such as after the ynh_setup_source step +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" #================================================= -# REAPPLY SYSTEM CONFIGURATIONS +# BUILD APP #================================================= -ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 +ynh_script_progression --message="Building app... This may take quiete some time" --weight=30 -# This should be a literal copypaste of what happened in the install's "System configuration" section +pushd $install_dir + ynh_use_nodejs -ynh_add_fpm_config + ynh_script_progression --message="Fetching Yarn dev dependencies... This can be very long, be patient !" --weight=18 + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn install --network-timeout=100000 -ynh_add_nginx_config + ynh_script_progression --message="Building Yarn dev dependencies... This can be very long, be patient !" --weight=25 + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn run build + + ynh_script_progression --message="Cleaning cache... " --weight=3 + ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH yarn cache clean 2>&1 +popd + +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Configuring a systemd service..." + +# Create a dedicated systemd config ynh_add_systemd_config -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +#================================================= +# GENERIC FINALIZATION +#================================================= +# LOGROTATE +#================================================= +ynh_script_progression --message="Configuring logrotate to manage application logfiles" --weight=1 -ynh_use_logrotate --non-append +# Use logrotate to manage application logfile(s) +ynh_use_logrotate --specific_user=$app +touch /var/log/$app/$app.log +chown -R $app:www-data /var/log/$app/ -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." + +yunohost service add $app --log="/var/log/$app/$app.log" #================================================= # RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...) @@ -107,32 +102,17 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failreg #================================================= ynh_script_progression --message="Updating a configuration file..." --weight=1 -### Same as during install -### -### The file will automatically be backed-up if it's found to be manually modified (because -### ynh_add_config keeps track of the file's checksum) +ynh_add_config --template="../conf/jellyseerr.conf" --destination="$install_dir/jellyseerr.conf" -ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file" - -# FIXME: this should be handled by the core in the future -# You may need to use chmod 600 instead of 400, -# for example if the app is expected to be able to modify its own config -chmod 400 "$install_dir/some_config_file" -chown $app:$app "$install_dir/some_config_file" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file" -### ynh_store_file_checksum --file="$install_dir/some_config_file" +chmod 600 "$install_dir/jellyseerr.conf" +chown $app:$app "$install_dir/jellyseerr.conf" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" +ynh_exec_warn_less ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="" #================================================= # END OF SCRIPT