From 74a930c035847391196199c9d2f64d9ebd0e35df Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Sat, 31 Aug 2024 03:09:02 +0200 Subject: [PATCH] [autopatch] Automatic patch attempt for helpers 2.1 --- .gitignore | 1 + manifest.toml | 4 +++- scripts/_common.sh | 24 ++++++---------------- scripts/backup | 27 ++++++++---------------- scripts/change_url | 38 +++++++++++++--------------------- scripts/install | 38 +++++++++++++++------------------- scripts/remove | 25 +++++++++-------------- scripts/restore | 43 ++++++++++++++++---------------------- scripts/upgrade | 51 +++++++++++++++++----------------------------- 9 files changed, 96 insertions(+), 155 deletions(-) diff --git a/.gitignore b/.gitignore index 783a4ae..8f144f3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ *~ *.sw[op] +.DS_Store diff --git a/manifest.toml b/manifest.toml index 1d60ea1..a373fd7 100644 --- a/manifest.toml +++ b/manifest.toml @@ -19,7 +19,8 @@ userdoc = "https://help.bitwarden.com/" code = "https://github.com/dani-garcia/vaultwarden" [integration] -yunohost = ">= 11.2" +yunohost = ">= 11.2.18" +helpers_version = "2.1" architectures = "all" multi_instance = true ldap = false @@ -49,6 +50,7 @@ ram.runtime = "50M" allow_email = true [resources.install_dir] + group = "www-data:r-x" [resources.data_dir] diff --git a/scripts/_common.sh b/scripts/_common.sh index 1c6f41c..3fe0bf9 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,11 +1,7 @@ #!/bin/bash #================================================= -# COMMON VARIABLES -#================================================= - -#================================================= -# PERSONAL HELPERS +# COMMON VARIABLES AND CUSTOM HELPERS #================================================= _download_vaultwarden_from_docker() { @@ -26,20 +22,12 @@ _download_vaultwarden_from_docker() { ynh_docker_image_extract --dest_dir="$install_dir/build/" --image_spec="$docker_image:$docker_version" $docker_arg # Move files from the extract to the live directory - ynh_secure_remove --file="$install_dir/live/" + ynh_safe_rm "$install_dir/live/" mkdir -p "$install_dir/live/" mv -f "$install_dir/build/"{vaultwarden,web-vault} "$install_dir/live/" - ynh_secure_remove --file="$install_dir/build" + ynh_safe_rm "$install_dir/build" - chmod 750 "$install_dir" - chmod -R o-rwx "$install_dir" - chown -R $app:$app "$install_dir" + #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 "$install_dir" + #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" + #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:$app "$install_dir" } - -#================================================= -# EXPERIMENTAL HELPERS -#================================================= - -#================================================= -# FUTURE OFFICIAL HELPERS -#================================================= diff --git a/scripts/backup b/scripts/backup index 56012c0..1df4b1e 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,44 +1,35 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# DECLARE DATA AND CONF FILES TO BACKUP -#================================================= -ynh_print_info --message="Declaring files to be backed up..." +ynh_print_info "Declaring files to be backed up..." #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$install_dir" +ynh_backup "$install_dir" #================================================= # BACKUP THE DATA DIR #================================================= -ynh_backup --src_path="$data_dir" --is_big +ynh_backup "$data_dir" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP FAIL2BAN CONFIGURATION #================================================= -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" +ynh_backup "/etc/fail2ban/jail.d/$app.conf" +ynh_backup "/etc/fail2ban/filter.d/$app.conf" #================================================= # SPECIFIC BACKUP @@ -46,16 +37,16 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" # BACKUP LOGROTATE #================================================= -ynh_backup --src_path="/etc/logrotate.d/$app" +ynh_backup "/etc/logrotate.d/$app" #================================================= # BACKUP SYSTEMD #================================================= -ynh_backup --src_path="/etc/systemd/system/$app.service" +ynh_backup "/etc/systemd/system/$app.service" #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index c5f3d2d..1b493e4 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,61 +1,51 @@ #!/bin/bash -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD MODIFICATIONS #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." +ynh_script_progression "Stopping $app's systemd service..." -ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" +ynh_systemctl --service=$app --action="stop" --log_path="systemd" #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." +ynh_script_progression "Updating NGINX web server configuration..." -ynh_change_url_nginx_config +ynh_config_change_url_nginx #================================================= # SPECIFIC MODIFICATIONS #================================================= # MODIFY A CONFIG FILE #================================================= -ynh_script_progression --message="Modifying a config file..." +ynh_script_progression "Updating configuration..." -ynh_add_config --template="vaultwarden.env" --destination="$install_dir/live/.env" +ynh_config_add --template="vaultwarden.env" --destination="$install_dir/live/.env" -chmod 400 "$install_dir/live/.env" -chown $app:$app "$install_dir/live/.env" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$install_dir/live/.env" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/live/.env" -#ynh_backup_if_checksum_is_different --file="$install_dir/live/.env" +#ynh_backup_if_checksum_is_different "$install_dir/live/.env" -#ynh_replace_string --match_string="DOMAIN=https://$old_domain$old_path" --replace_string="DOMAIN=https://$new_domain$new_path" --target_file="$install_dir/live/.env" +#ynh_replace --match="DOMAIN=https://$old_domain$old_path" --replace="DOMAIN=https://$new_domain$new_path" --file="$install_dir/live/.env" # Recalculate and store the checksum of the file for the next upgrade. -#ynh_store_file_checksum --file="$install_dir/live/.env" +#ynh_store_file_checksum "$install_dir/live/.env" -#================================================= -# GENERIC FINALISATION #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." +ynh_script_progression "Starting $app's systemd service..." # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 +ynh_systemctl --service=$app --action="start" --log_path="systemd" --wait_until="Rocket has launched from" --length=100 #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" +ynh_script_progression "Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index 1353c33..21f273f 100644 --- a/scripts/install +++ b/scripts/install @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source ynh_docker_image_extract source /usr/share/yunohost/helpers @@ -20,61 +14,61 @@ admin_token=$(ynh_string_random --length=48 | base64) #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -ynh_script_progression --message="Storing installation settings..." +ynh_script_progression "Storing installation settings..." -ynh_app_setting_set --app=$app --key=admin_token --value=$admin_token +ynh_app_setting_set --key=admin_token --value=$admin_token #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." +ynh_script_progression "Setting up source files..." _download_vaultwarden_from_docker #================================================= # ADD A CONFIGURATION FILE #================================================= -ynh_script_progression --message="Adding a configuration file..." +ynh_script_progression "Adding $app's configuration..." -ynh_add_config --template="vaultwarden.env" --destination="$install_dir/live/.env" +ynh_config_add --template="vaultwarden.env" --destination="$install_dir/live/.env" -chmod 400 "$install_dir/live/.env" -chown $app:$app "$install_dir/live/.env" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$install_dir/live/.env" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/live/.env" #================================================= # SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 +ynh_script_progression "Adding system configurations related to $app..." # Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx # Create a dedicated systemd config -ynh_add_systemd_config +ynh_config_add_systemd # Create log file for fail2ban mkdir -p "/var/log/$app" touch "/var/log/$app/$app.log" -chown -R $app:$app "/var/log/$app" +#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:$app "/var/log/$app" # Use logrotate to manage application logfile(s) -ynh_use_logrotate +ynh_config_add_logrotate # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" +ynh_config_add_fail2ban --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." +ynh_script_progression "Starting $app's systemd service..." # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 +ynh_systemctl --service=$app --action="start" --log_path="systemd" --wait_until="Rocket has launched from" --length=100 #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" +ynh_script_progression "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index 688f492..3aa5751 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,42 +1,37 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers #================================================= # REMOVE SYSTEM CONFIGURATIONS #================================================= -# REMOVE SYSTEMD SERVICE +# REMOVE SYSTEMD SERVICE + #================================================= -ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 +ynh_script_progression "Removing system configurations related to $app..." # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status $app >/dev/null +if ynh_hide_warnings yunohost service status $app >/dev/null then - ynh_script_progression --message="Removing $app service integration..." + ynh_script_progression "Removing $app service integration..." yunohost service remove $app fi # Remove the dedicated systemd config -ynh_remove_systemd_config +ynh_config_remove_systemd # Remove the dedicated NGINX config -ynh_remove_nginx_config +ynh_config_remove_nginx # Remove the dedicated Fail2Ban config -ynh_remove_fail2ban_config +ynh_config_remove_fail2ban # Remove the config file -ynh_secure_remove --file="/$data_dir/config.json" +ynh_safe_rm "/$data_dir/config.json" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" +ynh_script_progression "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index 65c3a5a..dd2bbbf 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -13,30 +7,29 @@ source /usr/share/yunohost/helpers #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." +ynh_script_progression "Restoring the app main directory..." -ynh_restore_file --origin_path="$install_dir" - -chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" +ynh_restore "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:$app "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY #================================================= -ynh_script_progression --message="Restoring the data directory..." +ynh_script_progression "Restoring the data directory..." -ynh_restore_file --origin_path="$data_dir" --not_mandatory +ynh_restore "$data_dir" chown -R $app:$app "$data_dir" #================================================= # RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 +ynh_script_progression "Restoring system configurations related to $app..." -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +ynh_restore "/etc/systemd/system/$app.service" systemctl enable $app.service --quiet yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" @@ -44,25 +37,25 @@ yunohost service add $app --description="$app daemon for vaultwarden" --log="/va # Create log file for fail2ban mkdir -p "/var/log/$app" touch "/var/log/$app/$app.log" -chown -R $app:$app "/var/log/$app" +#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:$app "/var/log/$app" -ynh_restore_file --origin_path="/etc/logrotate.d/$app" +ynh_restore "/etc/logrotate.d/$app" -ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban +ynh_restore "/etc/fail2ban/jail.d/$app.conf" +ynh_restore "/etc/fail2ban/filter.d/$app.conf" +ynh_systemctl --action=restart --service=fail2ban #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 +ynh_script_progression "Reloading NGINX web server and $app's service..." -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 +ynh_systemctl --service=$app --action="start" --log_path="systemd" --wait_until="Rocket has launched from" --length=100 -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemctl --service=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" +ynh_script_progression "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index 8bf316b..a884bd7 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,37 +1,24 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source ynh_docker_image_extract source /usr/share/yunohost/helpers -#================================================= -# CHECK VERSION -#================================================= - -upgrade_type=$(ynh_check_app_version_changed) - -#================================================= -# STANDARD UPGRADE STEPS #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." +ynh_script_progression "Stopping $app's systemd service..." -ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopping Vaultwarden Server" +ynh_systemctl --service=$app --action="stop" --log_path="systemd" --wait_until="Stopping Vaultwarden Server" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -if [ "$upgrade_type" == "UPGRADE_APP" ] +# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed +if ynh_app_upstream_version_changed then - ynh_script_progression --message="Upgrading source files..." + ynh_script_progression "Upgrading source files..." _download_vaultwarden_from_docker fi @@ -39,12 +26,12 @@ fi #================================================= # UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Updating a configuration file..." +ynh_script_progression "Updating configuration..." -ynh_add_config --template="vaultwarden.env" --destination="$install_dir/live/.env" +ynh_config_add --template="vaultwarden.env" --destination="$install_dir/live/.env" -chmod 400 "$install_dir/live/.env" -chown $app:$app "$install_dir/live/.env" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$install_dir/live/.env" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/live/.env" # Fix SMTP configuration config_file=$data_dir/config.json @@ -52,43 +39,43 @@ if [ -e "$config_file" ]; then cat <<< $(jq -r --arg domain "$domain" '.smtp_host = $domain' $config_file) > $config_file cat <<< $(jq -r '.smtp_security = "starttls"' $config_file) > $config_file if [ ! -s "$config_file" ]; then - ynh_die --message="Something went wrong while setting up $config_file: it ended up empty." + ynh_die "Something went wrong while setting up $config_file: it ended up empty." fi fi #================================================= # REAPPLY SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 +ynh_script_progression "Upgrading system configurations related to $app..." # Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx # Create a dedicated systemd config -ynh_add_systemd_config +ynh_config_add_systemd # Create log file for fail2ban mkdir -p "/var/log/$app" touch "/var/log/$app/$app.log" -chown -R $app:$app "/var/log/$app" +#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:$app "/var/log/$app" # Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate --non-append +ynh_config_add_logrotate # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" +ynh_config_add_fail2ban --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." +ynh_script_progression "Starting $app's systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 +ynh_systemctl --service=$app --action="start" --log_path="systemd" --wait_until="Rocket has launched from" --length=100 #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" +ynh_script_progression "Upgrade of $app completed"