diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh deleted file mode 100755 index 72eb5cb..0000000 --- a/.github/workflows/updater.sh +++ /dev/null @@ -1,137 +0,0 @@ -#!/bin/bash - -#================================================= -# PACKAGE UPDATING HELPER -#================================================= - -# This script is meant to be run by GitHub Actions -# The YunoHost-Apps organisation offers a template Action to run this script periodically -# Since each app is different, maintainers can adapt its contents so as to perform -# automatic actions when a new upstream release is detected. - -# Remove this exit command when you are ready to run this Action -exit 1 - -#================================================= -# FETCHING LATEST RELEASE AND ITS ASSETS -#================================================= - -# Fetching information -current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') -repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') -# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) -version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) -assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) - -# Later down the script, we assume the version has only digits and dots -# Sometimes the release name starts with a "v", so let's filter it out. -# You may need more tweaks here if the upstream repository has different naming conventions. -if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then - version=${version:1} -fi - -# Setting up the environment variables -echo "Current version: $current_version" -echo "Latest release from upstream: $version" -echo "VERSION=$version" >> $GITHUB_ENV -echo "REPO=$repo" >> $GITHUB_ENV -# For the time being, let's assume the script will fail -echo "PROCEED=false" >> $GITHUB_ENV - -# Proceed only if the retrieved version is greater than the current one -if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then - echo "::warning ::No new version available" - exit 0 -# Proceed only if a PR for this new version does not already exist -elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then - echo "::warning ::A branch already exists for this update" - exit 0 -fi - -# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) -echo "${#assets[@]} available asset(s)" - -#================================================= -# UPDATE SOURCE FILES -#================================================= - -# Here we use the $assets variable to get the resources published in the upstream release. -# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. - -# Let's loop over the array of assets URLs -for asset_url in ${assets[@]}; do - -echo "Handling asset at $asset_url" - -# Assign the asset to a source file in conf/ directory -# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) -# Leave $src empty to ignore the asset -case $asset_url in - *"admin"*) - src="app" - ;; - *"update"*) - src="app-upgrade" - ;; - *) - src="" - ;; -esac - -# If $src is not empty, let's process the asset -if [ ! -z "$src" ]; then - -# Create the temporary directory -tempdir="$(mktemp -d)" - -# Download sources and calculate checksum -filename=${asset_url##*/} -curl --silent -4 -L $asset_url -o "$tempdir/$filename" -checksum=$(sha256sum "$tempdir/$filename" | head -c 64) - -# Delete temporary directory -rm -rf $tempdir - -# Get extension -if [[ $filename == *.tar.gz ]]; then - extension=tar.gz -else - extension=${filename##*.} -fi - -# Rewrite source file -cat < conf/$src.src -SOURCE_URL=$asset_url -SOURCE_SUM=$checksum -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=$extension -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -EOT -echo "... conf/$src.src updated" - -else -echo "... asset ignored" -fi - -done - -#================================================= -# SPECIFIC UPDATE STEPS -#================================================= - -# Any action on the app's source code can be done. -# The GitHub Action workflow takes care of committing all changes after this script ends. - -#================================================= -# GENERIC FINALIZATION -#================================================= - -# Replace new version in manifest -echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json - -# No need to update the README, yunohost-bot takes care of it - -# The Action will proceed only if the PROCEED environment variable is set to true -echo "PROCEED=true" >> $GITHUB_ENV -exit 0 diff --git a/README.md b/README.md index a86976f..61c94f1 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,8 @@ It shall NOT be edited by hand. # Umami for YunoHost -[![Integration level](https://dash.yunohost.org/integration/umami.svg)](https://dash.yunohost.org/appci/app/umami) ![Working status](https://ci-apps.yunohost.org/ci/badges/umami.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/umami.maintain.svg) +[![Integration level](https://dash.yunohost.org/integration/umami.svg)](https://dash.yunohost.org/appci/app/umami) ![Working status](https://ci-apps.yunohost.org/ci/badges/umami.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/umami.maintain.svg) + [![Install Umami with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=umami) *[Lire ce readme en français.](./README_fr.md)* @@ -28,24 +29,16 @@ Umami is a simple, easy to use, self-hosted web analytics solution. The goal is - Mobile-friendly - Data ownership - Privacy-focused -- Open-source -**Shipped version:** 1.33~ynh2 +**Shipped version:** 2.2.0~ynh1 **Demo:** https://app.umami.is/share/8rmHaheU/umami.is ## Screenshots -![Screenshot of Umami](./doc/screenshots/dark.gif) +![Screenshot of Umami](./doc/screenshots/dark.png) -## Disclaimers / important information - -### Login - -Your Umami installation will create a default administrator account with the username `admin` and the password `umami`. - -The first thing you will want to do is log in and change your password. ## Documentation and resources * Official app website: diff --git a/README_fr.md b/README_fr.md index 7a1c534..224f28f 100644 --- a/README_fr.md +++ b/README_fr.md @@ -5,15 +5,16 @@ It shall NOT be edited by hand. # Umami pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/umami.svg)](https://dash.yunohost.org/appci/app/umami) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/umami.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/umami.maintain.svg) +[![Niveau d’intégration](https://dash.yunohost.org/integration/umami.svg)](https://dash.yunohost.org/appci/app/umami) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/umami.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/umami.maintain.svg) + [![Installer Umami avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=umami) *[Read this readme in english.](./README.md)* -> *Ce package vous permet d'installer Umami rapidement et simplement sur un serveur YunoHost. -Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* +> *Ce package vous permet d’installer Umami rapidement et simplement sur un serveur YunoHost. +Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l’installer et en profiter.* -## Vue d'ensemble +## Vue d’ensemble Umami is a simple, easy to use, self-hosted web analytics solution. The goal is to provide you with a friendlier, privacy-focused alternative to Google Analytics and a free, open-sourced alternative to paid solutions. Umami collects only the metrics you care about and everything fits on a single page. @@ -28,29 +29,21 @@ Umami is a simple, easy to use, self-hosted web analytics solution. The goal is - Mobile-friendly - Data ownership - Privacy-focused -- Open-source -**Version incluse :** 1.33~ynh2 +**Version incluse :** 2.2.0~ynh1 **Démo :** https://app.umami.is/share/8rmHaheU/umami.is -## Captures d'écran +## Captures d’écran -![Capture d'écran de Umami](./doc/screenshots/dark.gif) +![Capture d’écran de Umami](./doc/screenshots/dark.png) -## Avertissements / informations importantes - -### Login - -Your Umami installation will create a default administrator account with the username `admin` and the password `umami`. - -The first thing you will want to do is log in and change your password. ## Documentations et ressources -* Site officiel de l'app : -* Documentation officielle de l'admin : -* Dépôt de code officiel de l'app : +* Site officiel de l’app : +* Documentation officielle de l’admin : +* Dépôt de code officiel de l’app : * Documentation YunoHost pour cette app : * Signaler un bug : @@ -66,4 +59,4 @@ ou sudo yunohost app upgrade umami -u https://github.com/YunoHost-Apps/umami_ynh/tree/testing --debug ``` -**Plus d'infos sur le packaging d'applications :** +**Plus d’infos sur le packaging d’applications :** \ No newline at end of file diff --git a/check_process b/check_process deleted file mode 100644 index ec2c3e5..0000000 --- a/check_process +++ /dev/null @@ -1,28 +0,0 @@ -;; Test complet - ; Manifest - domain="domain.tld" - path="/path" - is_public=1 - language="fr" - admin="john" - password="1Strong-Password" - ; Checks - pkg_linter=1 - setup_sub_dir=0 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - # 1.32.1~ynh1 - #upgrade=1 from_commit=267cb1aced761924cca8a2608be3a1b9bd14605c - backup_restore=1 - multi_instance=1 - change_url=1 -;;; Options -Email= -Notification=none -;;; Upgrade options - ; commit=267cb1aced761924cca8a2608be3a1b9bd14605c - name=# 1.32.1~ynh1 - manifest_arg=domain=DOMAIN&path=PATH&is_public=1&language=fr&admin=USER&password=pass&port=666& diff --git a/conf/.env b/conf/.env index 9d5f6b8..c24e7c1 100644 --- a/conf/.env +++ b/conf/.env @@ -1,2 +1,7 @@ -DATABASE_URL=postgresql://__DB_USER__:__DB_PWD__@localhost:5432/__DB_NAME__ -DISABLE_TELEMETRY = 1 +DATABASE_TYPE=postgresql + +DATABASE_URL=postgresql://__DB_USER__:__DB_PWD__@127.0.0.1:5432/__DB_NAME__ + +DISABLE_TELEMETRY=0 + +PORT=__PORT__ diff --git a/conf/app.src b/conf/app.src deleted file mode 100644 index 3fd8024..0000000 --- a/conf/app.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://github.com/mikecao/umami/archive/refs/tags/v1.33.tar.gz -SOURCE_SUM=22d29436d582f26ca913b7a641a03f3c6b82f6263a5e0fc0e4eae5ef7c8116b5 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index 9a8bed9..da798bf 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,7 +1,11 @@ -location / { +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { proxy_pass http://127.0.0.1:__PORT__; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; } diff --git a/conf/systemd.service b/conf/systemd.service index 2a636ec..cb2ee0d 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,11 +6,44 @@ After=network.target Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=__FINALPATH__/ -Environment=NODE_ENV=production -Environment=PORT=__PORT__ +WorkingDirectory=__INSTALL_DIR__/ +#Environment=NODE_ENV=production Environment="__YNH_NODE_LOAD_PATH__" -ExecStart=__YNH_NPM__ run start +ExecStart=__YNH_NPM__ run start-env + +# Sandboxing options to harden security +# Depending on specificities of your service/app, you may need to tweak these +# .. but this should be a good baseline +# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK +RestrictNamespaces=yes +RestrictRealtime=yes +DevicePolicy=closed +ProtectClock=yes +ProtectHostname=yes +ProtectProc=invisible +ProtectSystem=full +ProtectControlGroups=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +LockPersonality=yes +SystemCallArchitectures=native +SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged + +# Denying access to capabilities that should not be relevant for webapps +# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html +CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD +CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE +CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT +CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK +CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM +CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG +CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE +CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW +CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG [Install] WantedBy=multi-user.target diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index d25f749..527d1d1 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -11,4 +11,3 @@ Umami is a simple, easy to use, self-hosted web analytics solution. The goal is - Mobile-friendly - Data ownership - Privacy-focused -- Open-source diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md deleted file mode 100644 index f420f53..0000000 --- a/doc/DISCLAIMER.md +++ /dev/null @@ -1,5 +0,0 @@ -### Login - -Your Umami installation will create a default administrator account with the username `admin` and the password `umami`. - -The first thing you will want to do is log in and change your password. \ No newline at end of file diff --git a/doc/POST_INSTALL.md b/doc/POST_INSTALL.md new file mode 100644 index 0000000..bc26452 --- /dev/null +++ b/doc/POST_INSTALL.md @@ -0,0 +1,6 @@ +Umami installation will create a default administrator account: + +username: admin +password: umami + +The first thing you will want to do is log in and change your password. diff --git a/doc/screenshots/dark.gif b/doc/screenshots/dark.gif deleted file mode 100644 index 62dca1e..0000000 Binary files a/doc/screenshots/dark.gif and /dev/null differ diff --git a/doc/screenshots/dark.png b/doc/screenshots/dark.png new file mode 100644 index 0000000..7fc78a3 Binary files /dev/null and b/doc/screenshots/dark.png differ diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 8c5d0fd..0000000 --- a/manifest.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - "name": "Umami", - "id": "umami", - "packaging_format": 1, - "description": { - "en": "Simple, fast, privacy-focused alternative to Google Analytics", - "fr": "Analyse de trafic web simple et respectueux" - }, - "version": "1.33~ynh2", - "url": "https://umami.is/", - "upstream": { - "license": "MIT", - "website": "https://umami.is/", - "demo": "https://app.umami.is/share/8rmHaheU/umami.is", - "admindoc": "https://umami.is/docs/about", - "code": "https://github.com/mikecao/umami" - }, - "license": "MIT", - "maintainer": { - "name": "eric_G", - "email": "" - }, - "requirements": { - "yunohost": ">= 4.3.0" - }, - "multi_instance": true, - "services": [ - "nginx", - "postgresql" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "is_public", - "type": "boolean", - "default": true - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..3a85366 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,69 @@ +packaging_format = 2 + +id = "umami" +name = "Umami" +description.en = "Simple, fast, privacy-focused alternative to Google Analytics" +description.fr = "Analyse de trafic web simple et respectueux" + +version = "2.2.0~ynh1" + +maintainers = ["eric_G"] + +[upstream] +license = "MIT" +website = "https://umami.is/" +demo = "https://app.umami.is/share/8rmHaheU/umami.is" +admindoc = "https://umami.is/docs/about" +code = "https://github.com/mikecao/umami" + +[integration] +yunohost = ">= 11.1.18" +architectures = "all" +multi_instance = true +ldap = false +sso = false +disk = "50M" +ram.build = "50M" +ram.runtime = "50M" + +[install] + [install.domain] + type = "domain" + full_domain = true + + [install.init_main_permission] + type = "group" + default = "visitors" + +[resources] + + [resources.sources] + + [resources.sources.main] + + url = "https://github.com/mikecao/umami/archive/refs/tags/v2.2.0.tar.gz" + sha256 = "5aabb3fc63ef6203185cd3dee837998ca3d2c5e012a0665dfbbc47101c19ffb5" + autoupdate.strategy = "latest_github_tag" + + [resources.system_user] + + [resources.install_dir] + + [resources.ports] + + [resources.permissions] + main.url = "/" + api.url = "/api" + api.show_tile = false + api.allowed = "visitors" + api.auth_header = false + + [resources.apt] + packages = "postgresql" + + extras.yarn.repo = "deb https://dl.yarnpkg.com/debian/ stable main" + extras.yarn.key = "https://dl.yarnpkg.com/debian/pubkey.gpg" + extras.yarn.packages = "yarn" + + [resources.database] + type = "postgresql" diff --git a/scripts/_common.sh b/scripts/_common.sh index 8fddb7d..9195d57 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,10 +4,7 @@ # COMMON VARIABLES #================================================= -# dependencies used by the app -pkg_dependencies="postgresql postgresql-contrib" - -nodejs_version=16 +nodejs_version=18 #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index f77e44c..722ff45 100755 --- a/scripts/backup +++ b/scripts/backup @@ -10,28 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -41,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/change_url b/scripts/change_url index 538ca2b..ae914ad 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -9,60 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -77,29 +23,7 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi +ynh_change_url_nginx_config #================================================= # GENERIC FINALISATION @@ -110,13 +34,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 71ddc5f..d4cbfde 100755 --- a/scripts/install +++ b/scripts/install @@ -9,102 +9,24 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -domain=$YNH_APP_ARG_DOMAIN -path_url="/" -is_public=$YNH_APP_ARG_IS_PUBLIC - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=1 - -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." --weight=2 - -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." --weight=2 - -# Find an available port -port=$(ynh_find_port --port=8095) -ynh_app_setting_set --app=$app --key=port --value=$port - #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." --weight=10 -ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies - # Install Nodejs ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version -ynh_use_nodejs - -# Install Yarn -ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" - -#================================================= -# CREATE A DATABASE -#================================================= -ynh_script_progression --message="Creating a database..." --weight=2 - -db_name=$(ynh_sanitize_dbid --db_name=$app) -db_user=$db_name -ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_psql_test_if_first_run -ynh_psql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=5 -ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # NGINX CONFIGURATION @@ -119,20 +41,20 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Adding a configuration file..." --weight=1 -ynh_add_config --template="../conf/.env" --destination="$final_path/.env" +ynh_add_config --template="../conf/.env" --destination="$install_dir/.env" -chmod 650 "$final_path/.env" -chown $app:$app "$final_path/.env" +chmod 650 "$install_dir/.env" +chown $app:$app "$install_dir/.env" #================================================= # CONFIGURE THE APP #================================================= ynh_script_progression --message="Configuring the app..." --weight=15 -pushd $final_path +pushd $install_dir + ynh_use_nodejs ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn install ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn build - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn update-db popd #================================================= @@ -158,29 +80,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=3 # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - ynh_permission_update --permission="main" --add="visitors" -fi - -# Everyone can access the API part -# We don't want to display the tile in the SSO so we put --show_tile="false" -# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true" -ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index 5490de6..bb95289 100755 --- a/scripts/remove +++ b/scripts/remove @@ -9,19 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - #================================================= # STANDARD REMOVE #================================================= @@ -51,22 +38,6 @@ ynh_script_progression --message="Removing logrotate configuration..." --weight= # Remove the app-specific logrotate config ynh_remove_logrotate -#================================================= -# REMOVE THE DATABASE -#================================================= -ynh_script_progression --message="Removing the database..." --weight=2 - -# Remove a database if it exists, along with the associated user -ynh_psql_remove_db --db_user=$db_user --db_name=$db_name - -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=3 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - #================================================= # REMOVE NGINX CONFIGURATION #================================================= @@ -80,20 +51,8 @@ ynh_remove_nginx_config #================================================= ynh_script_progression --message="Removing dependencies..." --weight=1 -# Remove metapackage and its dependencies -ynh_remove_app_dependencies ynh_remove_nodejs -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 - -# Delete a system user -ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 450d71d..193583b 100755 --- a/scripts/restore +++ b/scripts/restore @@ -10,59 +10,15 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=5 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # SPECIFIC RESTORATION @@ -71,14 +27,9 @@ chown -R $app:www-data "$final_path" #================================================= ynh_script_progression --message="Reinstalling dependencies..." --weight=10 -ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies - # Install Nodejs ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version -# Install Yarn -ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" - #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= @@ -91,8 +42,6 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= ynh_script_progression --message="Restoring the database..." --weight=6 -ynh_psql_test_if_first_run -ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 034e5df..b38e332 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,38 +9,12 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -port=$(ynh_app_setting_get --app=$app --key=port) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -50,30 +24,6 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 - -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" -fi - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -83,26 +33,19 @@ then ynh_script_progression --message="Upgrading source files..." --weight=5 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --keep="$final_path/.env" + ynh_setup_source --dest_dir="$install_dir" #--keep=".env" fi -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." --weight=10 -ynh_install_app_dependencies $pkg_dependencies - # Install Nodejs ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version -ynh_use_nodejs - -# Install Yarn -ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" #================================================= # NGINX CONFIGURATION @@ -112,15 +55,26 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a configuration file..." --weight=1 + +ynh_add_config --template="../conf/.env" --destination="$install_dir/.env" + +chmod 650 "$install_dir/.env" +chown $app:$app "$install_dir/.env" + #================================================= # CONFIGURE THE APP #================================================= ynh_script_progression --message="Configuring the app..." --weight=15 -pushd $final_path +pushd $install_dir + ynh_use_nodejs ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn install ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn build - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn update-db + #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH yarn update-db popd #================================================= @@ -145,13 +99,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..511c292 --- /dev/null +++ b/tests.toml @@ -0,0 +1,15 @@ +test_format = 1.0 + +[default] + + # ------------ + # Tests to run + # ------------ + + exclude = "install.subdir" + + # ------------------------------- + # Commits to test upgrade from + # ------------------------------- + + #test_upgrade_from.4860e2cc.name = "Upgrade from 1.33~ynh2"