From 332f930a7b98e090d915506919ec8d015e5eeffc Mon Sep 17 00:00:00 2001 From: yalh76 Date: Tue, 18 May 2021 09:26:51 +0200 Subject: [PATCH] Apply example_ynh (#104) --- check_process | 9 ++-- conf/app.src | 1 + conf/nginx.conf | 7 ++- conf/systemd.service | 4 +- scripts/_common.sh | 15 ------ scripts/backup | 5 +- scripts/install | 63 +++++++++++----------- scripts/remove | 11 ++-- scripts/restore | 59 +++++++++++---------- scripts/upgrade | 122 ++++++++++++++++++++++--------------------- 10 files changed, 149 insertions(+), 147 deletions(-) diff --git a/check_process b/check_process index 5d0a165..d550696 100644 --- a/check_process +++ b/check_process @@ -1,7 +1,7 @@ -;; Nom du test +;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) + domain="domain.tld" + path="/path" ; Checks pkg_linter=1 setup_sub_dir=1 @@ -17,6 +17,3 @@ Email= Notification=none ;;; Upgrade options - ; commit= - name= - manifest_arg=domain=DOMAIN&path=PATH diff --git a/conf/app.src b/conf/app.src index 1066639..aed3709 100644 --- a/conf/app.src +++ b/conf/app.src @@ -4,3 +4,4 @@ SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index cfdefca..556b622 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -11,6 +11,9 @@ location __PATH__/ { index index.php; + # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file + #client_max_body_size 50M; + try_files $uri $uri/ index.php; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; @@ -18,8 +21,8 @@ location __PATH__/ { fastcgi_index index.php; include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; } diff --git a/conf/systemd.service b/conf/systemd.service index 3adf23c..8571097 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -3,9 +3,11 @@ Description=News feed reader and aggregator After=network.target mysql.service [Service] +Type=simple User=__APP__ Group=__APP__ -ExecStart=/usr/bin/php __FINALPATH__/update_daemon2.php +WorkingDirectory=__FINALPATH__/ +ExecStart=/usr/bin/php__PHPVERSION__ __FINALPATH__/update_daemon2.php Restart=always RestartSec=10 diff --git a/scripts/_common.sh b/scripts/_common.sh index f6a26c1..082941e 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -49,18 +49,3 @@ ynh_smart_mktemp () { echo "$(mktemp --directory --tmpdir="$tmpdir")" } - -#================================================= - -# Execute a command as another user -# usage: ynh_exec_as USER COMMAND [ARG ...] -ynh_exec_as() { - local USER=$1 - shift 1 - - if [[ $USER = $(whoami) ]]; then - eval "$@" - else - sudo -u "$USER" "$@" - fi -} diff --git a/scripts/backup b/scripts/backup index 19c2ed1..edae2c2 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,9 +1,12 @@ #!/bin/bash +#================================================= +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -23,8 +26,8 @@ app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP diff --git a/scripts/install b/scripts/install index f767408..6ace68a 100644 --- a/scripts/install +++ b/scripts/install @@ -31,7 +31,7 @@ app=$YNH_APP_INSTANCE_NAME ynh_script_progression --message="Validating installation parameters..." --weight=1 final_path=/var/www/$app -test ! -e "$final_path" || ynh_die "This path already contains a folder" +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url @@ -46,14 +46,23 @@ ynh_app_setting_set --app=$app --key=path --value=$path_url #================================================= # STANDARD MODIFICATIONS +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=2 + +# Create a system user +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_script_progression --message="Creating a MySQL database..." --weight=2 -db_name=$(ynh_sanitize_dbid $app) +db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) #================================================= @@ -65,6 +74,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -73,14 +86,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -93,28 +98,25 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC SETUP #================================================= -# CONFIGURE TTRSS +# ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Configuring ttrss..." --weight=1 +ynh_script_progression --message="Adding a configuration file..." --weight=1 domain_path=https://$domain$path_url + ynh_add_config --template="../conf/config.php" --destination="$final_path/config.php" +chmod 400 "$final_path/config.php" +chown $app:$app "$final_path/config.php" + #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." --weight=2 +# Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R root:$app $final_path -chown -R $app $final_path/{cache,feed-icons,lock} - #================================================= # INITIALIZE DATABASE #================================================= @@ -125,26 +127,27 @@ ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name ynh_exec_as $app php${phpversion} ${final_path}/update.php --update-schema -#================================================= -# START TTRSS IN BACKGROUND -#================================================= -ynh_script_progression --message="Starting ttrss..." --weight=1 - -ynh_systemd_action --service_name=$app --action=start - #================================================= # GENERIC FINALIZATION #================================================= -# ADVERTISE SERVICE IN ADMIN PANEL +# INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 yunohost service add $app --description="News feed reader and aggregator" --log="/var/log/$app/$app.log" +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +# Start a systemd service +ynh_systemd_action --service_name=$app --action="start" + #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." --weight=1 +ynh_script_progression --message="Configuring permissions..." --weight=1 ynh_app_setting_set --app=$app --key=skipped_uris --value="/public.php,/api,/opml.php?op=publish" diff --git a/scripts/remove b/scripts/remove index de18869..f071464 100644 --- a/scripts/remove +++ b/scripts/remove @@ -18,18 +18,19 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # STANDARD REMOVE #================================================= -# REMOVE SERVICE FROM ADMIN PANEL +# REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove a service from the admin panel, added by `yunohost service add` -if yunohost service status $app >/dev/null 2>&1 +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status $app >/dev/null then - ynh_script_progression --message="Removing $app service..." --weight=2 + ynh_script_progression --message="Removing $app service integration..." yunohost service remove $app fi @@ -47,7 +48,7 @@ ynh_remove_systemd_config ynh_script_progression --message="Removing the MySQL database..." --weight=4 # Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_name --db_name=$db_name +ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE APP MAIN DIR diff --git a/scripts/restore b/scripts/restore index 745361d..4c6bdeb 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -27,6 +28,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= @@ -44,9 +46,18 @@ test ! -d $final_path \ #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the NGINX configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -54,26 +65,14 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# RESTORE USER RIGHTS -#================================================= - -# Set permissions to app files -chown -R root:$app $final_path -chown -R $app $final_path/{cache,feed-icons,lock} +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50 +ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=50 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" @@ -85,15 +84,8 @@ ynh_add_fpm_config --package="$extra_php_dependencies" ynh_script_progression --message="Restoring the MySQL database..." --weight=5 db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql - -#================================================= -# ADVERTISE SERVICE IN ADMIN PANEL -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app --description="News feed reader and aggregator" --log="/var/log/$app/$app.log" +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= # RESTORE SYSTEMD @@ -102,7 +94,20 @@ ynh_script_progression --message="Restoring the systemd configuration..." --weig ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -ynh_systemd_action --service_name=$app --action=start + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 + +yunohost service add $app --description="News feed reader and aggregator" --log="/var/log/$app/$app.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." + +ynh_systemd_action --service_name=$app --action="start" #================================================= # GENERIC FINALIZATION @@ -111,7 +116,7 @@ ynh_systemd_action --service_name=$app --action=start #================================================= ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=2 -ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload +ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 68b9396..6dd8108 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,15 +20,40 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # CHECK VERSION #================================================= +ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up $app before upgrading (may take a while)..." --weight=7 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." + +ynh_systemd_action --service_name=$app --action="stop" + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -46,30 +71,18 @@ if [ -z "$db_name" ]; then ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up $app before upgrading (may take a while)..." --weight=7 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# ENSURE DOWNWARD COMPATIBILITY BIS -#================================================= - # Do not remove the file before the backup, to not fail the backup. # Remove old cron job ynh_secure_remove --file="/etc/cron.d/$app" #================================================= -# STANDARD UPGRADE STEPS +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -83,8 +96,20 @@ then # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$tmpdir" + + # Backup the config file in the temp dir + cp -a "$final_path/config.php" "$tmpdir/config.php" + + # Replace the old ttrss by the new one + ynh_secure_remove --file="$final_path" + mv "$tmpdir" "$final_path" + ynh_secure_remove --file="$tmpdir" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -93,14 +118,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -112,31 +129,26 @@ ynh_add_fpm_config --package="$extra_php_dependencies" #================================================= # SPECIFIC UPGRADE #================================================= -# CONFIGURE TTRSS +# UPDATE A CONFIG FILE #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then - ynh_script_progression --message="Reconfiguring ttrss..." --weight=2 - - # Backup the config file in the temp dir - cp -a "$final_path/config.php" "$tmpdir/config.php" - - # Replace the old ttrss by the new one - ynh_secure_remove --file="$final_path" - mv "$tmpdir" "$final_path" - ynh_secure_remove --file="$tmpdir" + ynh_script_progression --message="Updating a configuration file..." --weight=2 domain_path=https://$domain$path_url ynh_add_config --template="../conf/config.php" --destination="$final_path/config.php" +fi +chmod 400 "$final_path/config.php" +chown $app:$app "$final_path/config.php" + +#================================================= +# UPGRADE DATABASE +#================================================= - #================================================= - # UPGRADE DATABASE - #================================================= +if [ "$upgrade_type" == "UPGRADE_APP" ] +then ynh_script_progression --message="Upgrading ttrss database..." --weight=2 - - chown -R root:$app $final_path - chown -R $app $final_path/{cache,feed-icons,lock} ynh_exec_as $app php"${phpversion}" ${final_path}/update.php --update-schema fi @@ -151,29 +163,19 @@ ynh_add_systemd_config #================================================= # GENERIC FINALIZATION #================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R root:$app $final_path -chown -R $app $final_path/{cache,feed-icons,lock} - -#================================================= -# RESTART TTRSS -#================================================= -ynh_script_progression --message="Restarting ttrss..." --weight=1 - -ynh_systemd_action --service_name=$app --action=restart - -#================================================= -# ADVERTISE SERVICE IN ADMIN PANEL +# INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 yunohost service add $app --description="News feed reader and aggregator" --log="/var/log/$app/$app.log" #================================================= -# GENERIC FINALIZATION +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action="start" + #================================================= # RELOAD NGINX #=================================================