YunoHost-Apps/tiddlywiki_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/tiddlywiki_ynh.git synced 2024-09-03 20:26:34 +02:00
Code Issues Activity Actions

Merge pull request #18 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Éric Gaspar 2021-09-22 08:25:32 +02:00 committed by GitHub
commit 33e088121b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 183 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

132
.github/workflows/updater.sh vendored Normal file
View file

@ -0,0 +1,132 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
# Remove this exit command when you are ready to run this Action
#exit 1
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | .tag_name' | sort -V | tail -1)
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
# if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
# version=${version:1}
# fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
echo "${#assets[@]} available asset(s)"
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Here we use the $assets variable to get the resources published in the upstream release.
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
# Let's loop over the array of assets URLs
for asset_url in ${assets[@]}; do
echo "Handling asset at $asset_url"
# Assign the asset to a source file in conf/ directory
# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
# Leave $src empty to ignore the asset
case $asset_url in
*".tar.gz"*)
src="app"
;;
*)
src=""
;;
esac
# If $src is not empty, let's process the asset
if [ ! -z "$src" ]; then
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
EOT
echo "... conf/$src.src updated"
else
echo "... asset ignored"
fi
done
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Install moreutils, needed for sponge
sudo apt-get install moreutils
# Replace new version in manifest
jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json | sponge manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

2
README.md
View file

@ -15,7 +15,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
## Overview ## Overview
A non-linear personal web notebook TiddlyWiki is a complete interactive wiki in JavaScript. It can be used as a single HTML file in the browser or as a powerful Node.js application. It is highly customisable: the entire user interface is itself implemented in hackable WikiText.
**Shipped version:** 5.1.23~ynh5 **Shipped version:** 5.1.23~ynh5

2
README_fr.md
View file

@ -11,7 +11,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
## Vue d'ensemble ## Vue d'ensemble
Un carnet Web personnel non linéaire TiddlyWiki is a complete interactive wiki in JavaScript. It can be used as a single HTML file in the browser or as a powerful Node.js application. It is highly customisable: the entire user interface is itself implemented in hackable WikiText.
**Version incluse :** 5.1.23~ynh5 **Version incluse :** 5.1.23~ynh5

2
check_process
View file

@ -3,9 +3,7 @@
; Manifest ; Manifest
domain="domain.tld" domain="domain.tld"
path="/" path="/"
admin="john"
is_public=1 is_public=1
password="password"
port="8095" port="8095"
; Checks ; Checks
pkg_linter=1 pkg_linter=1

32
conf/systemd.service
View file

@ -9,8 +9,38 @@ Group=__APP__
WorkingDirectory=__FINALPATH__ WorkingDirectory=__FINALPATH__
Environment=PATH=__ENV_PATH__ Environment=PATH=__ENV_PATH__
Environment=NODE_ENV=production Environment=NODE_ENV=production
ExecStart=__YNH_NODE__ tiddlywiki ++languages/fr-FR mynewwiki --listen port=__PORT__ username=__ADMIN__ password=__PASSWORD__ ExecStart=__YNH_NODE__ tiddlywiki ++languages/fr-FR mynewwiki --listen port=__PORT__
Restart=always Restart=always
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

1
doc/DESCRIPTION.md Normal file
View file

@ -0,0 +1 @@
TiddlyWiki is a complete interactive wiki in JavaScript. It can be used as a single HTML file in the browser or as a powerful Node.js application. It is highly customisable: the entire user interface is itself implemented in hackable WikiText.

18
manifest.json
View file

@ -3,8 +3,8 @@
"id": "tiddlywiki", "id": "tiddlywiki",
"packaging_format": 1, "packaging_format": 1,
"description": { "description": {
"en": "A non-linear personal web notebook", "en": "Non-linear personal web notebook",
"fr": "Un carnet Web personnel non linéaire" "fr": "Carnet Web personnel non linéaire"
}, },
"version": "5.1.23~ynh5", "version": "5.1.23~ynh5",
"url": "https://tiddlywiki.com/", "url": "https://tiddlywiki.com/",
@ -34,20 +34,6 @@
"type": "domain", "type": "domain",
"example": "domain.org" "example": "domain.org"
}, },
{
"name": "admin",
"type": "user",
"example": "johndoe"
},
{
"name": "password",
"type": "password",
"help": {
"en": "Using some special characters such as % may cause issues.",
"fr": "L'utilisation de certains caractères spéciaux tels que % peut causer des erreurs."
},
"example": "Choose a password"
},
{ {
"name": "is_public", "name": "is_public",
"type": "boolean", "type": "boolean",

7
scripts/install
View file

@ -13,9 +13,6 @@ source /usr/share/yunohost/helpers
# MANAGE SCRIPT FAILURE # MANAGE SCRIPT FAILURE
#================================================= #=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
@ -26,8 +23,6 @@ ynh_abort_if_errors
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url="/" path_url="/"
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
password=$YNH_APP_ARG_PASSWORD
admin=$YNH_APP_ARG_ADMIN
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -49,8 +44,6 @@ ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=password --value="$password"
#================================================= #=================================================
# STANDARD MODIFICATIONS # STANDARD MODIFICATIONS

2
scripts/restore
View file

@ -36,8 +36,6 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#================================================= #=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=1 ynh_script_progression --message="Validating restoration parameters..." --weight=1
ynh_webpath_available --domain=$domain --path_url=$path_url \
|| ynh_die --message="Path not available: ${domain}${path_url}"
test ! -d $final_path \ test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path " || ynh_die --message="There is already a directory: $final_path "

32
scripts/upgrade
View file

@ -20,8 +20,6 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path) path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port) port=$(ynh_app_setting_get --app=$app --key=port)
admin=$(ynh_app_setting_get --app=$app --key=admin)
password=$(ynh_app_setting_get --app=$app --key=password)
#================================================= #=================================================
# CHECK VERSION # CHECK VERSION
@ -29,6 +27,21 @@ password=$(ynh_app_setting_get --app=$app --key=password)
upgrade_type=$(ynh_check_app_version_changed) upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
@ -47,21 +60,6 @@ if ynh_legacy_permissions_exists; then
ynh_app_setting_delete --app=$app --key=is_public ynh_app_setting_delete --app=$app --key=is_public
fi fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#================================================= #=================================================
# STANDARD UPGRADE STEPS # STANDARD UPGRADE STEPS
#================================================= #=================================================