diff --git a/README.md b/README.md index e889bee..b85bfe6 100644 --- a/README.md +++ b/README.md @@ -42,8 +42,8 @@ How to configure this app: by an admin panel at https://bitwarden.domain.tld/adm #### Supported architectures -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/bitwarden%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/bitwarden/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/bitwarden%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/bitwarden/) +* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/bitwarden.svg)](https://ci-apps.yunohost.org/ci/apps/bitwarden/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/bitwarden.svg)](https://ci-apps-arm.yunohost.org/ci/apps/bitwarden/) ## Links diff --git a/README_fr.md b/README_fr.md index d292d82..fa36c5d 100644 --- a/README_fr.md +++ b/README_fr.md @@ -42,8 +42,8 @@ Comment configurer cette application : via le panneau d'administration https://b #### Architectures supportées -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/bitwarden%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/bitwarden/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/bitwarden%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/bitwarden/) +* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/bitwarden.svg)](https://ci-apps.yunohost.org/ci/apps/bitwarden/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/bitwarden.svg)](https://ci-apps-arm.yunohost.org/ci/apps/bitwarden/) ## Liens diff --git a/check_process b/check_process index ec673b0..03da315 100644 --- a/check_process +++ b/check_process @@ -33,6 +33,8 @@ upgrade=1 from_commit=df2a0510288c352cfc03886763149f49839ed620 # 1.19.0~ynh1 upgrade=1 from_commit=980f625ab1eb3136437ff6275bec7990c534282c + # 1.20.0~ynh2 + upgrade=1 from_commit=5250a50f0bf177a79b30c25f8b6baa7ef615f75e backup_restore=1 multi_instance=1 port_already_use=0 @@ -57,3 +59,5 @@ Notification=all name=1.16.3~ynh3 ; commit=980f625ab1eb3136437ff6275bec7990c534282c name=1.19.0~ynh1 + ; commit=5250a50f0bf177a79b30c25f8b6baa7ef615f75e + name=1.20.0~ynh2 diff --git a/manifest.json b/manifest.json index a9cda2f..1ae223b 100644 --- a/manifest.json +++ b/manifest.json @@ -6,14 +6,14 @@ "en": "Manage passwords and other sensitive informations", "fr": "Gérez les mots de passe et autres informations sensibles" }, - "version": "1.20.0~ynh2", + "version": "1.20.0~ynh3", "url": "https://github.com/dani-garcia/bitwarden_rs", "license": "GPL-3.0-or-later", "maintainer": { "name": "yalh76" }, "requirements": { - "yunohost": ">= 4.1.7.3" + "yunohost": ">= 4.1.3" }, "multi_instance": true, "services": [ @@ -24,38 +24,22 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain name for Bitwarden", - "fr": "Choisissez un nom de domaine pour Bitwarden" - }, "example": "example.com" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for Bitwarden", - "fr": "Choisissez un chemin pour Bitwarden" - }, "example": "/bitwarden", "default": "/bitwarden" }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose an admin user", - "fr": "Choisissez l'administrateur" - }, "example": "johndoe" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Is it a public application?", - "fr": "Est-ce une application publique ?" - }, "default": true } ] diff --git a/scripts/backup b/scripts/backup index cb104bf..3807be9 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers diff --git a/scripts/change_url b/scripts/change_url index e63ec90..fafdaca 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -37,7 +37,7 @@ rocket_port=$(ynh_app_setting_get --app=$app --key=rocket_port) websocket_port=$(ynh_app_setting_get --app=$app --key=websocket_port) #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." @@ -47,7 +47,7 @@ ynh_clean_setup () { # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - # restore it if the upgrade fails + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script diff --git a/scripts/install b/scripts/install index fdbf219..4abf0c1 100644 --- a/scripts/install +++ b/scripts/install @@ -77,6 +77,14 @@ ynh_script_progression --message="Installing dependencies..." ynh_install_app_dependencies $pkg_dependencies +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -98,14 +106,6 @@ ynh_script_progression --message="Configuring NGINX web server..." # Create a dedicated NGINX config ynh_add_nginx_config "websocket_port rocket_port" -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username="$app" --home_dir="$final_path" - #================================================= # SPECIFIC SETUP #================================================= @@ -148,30 +148,25 @@ ynh_script_progression --message="Configuring a systemd service..." ynh_add_systemd_config #================================================= -# MODIFY A CONFIG FILE +# ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Modifying a config file..." +ynh_script_progression --message="Adding a config file..." ynh_add_config --template="../conf/bitwarden_rs.env" --destination="$final_path/live/bitwarden_rs.env" +chmod 400 "$final_path/some_config_file" +chown $app:$app "$final_path/some_config_file" + #================================================= # GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions to app files -chown -R "$app":"$app" "$final_path" -mkdir -p "/var/log/$app" -chown -R "$app":"$app" "/var/log/$app" - #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Configuring log rotation..." # Use logrotate to manage application logfile(s) +chown -R "$app":"$app" "$final_path" +mkdir -p "/var/log/$app" ynh_use_logrotate #================================================= @@ -179,7 +174,7 @@ ynh_use_logrotate #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --description "$app daemon for Bitwarden" --log "/var/log/$app/$app.log" +yunohost service add $app --description="$app daemon for Bitwarden" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE diff --git a/scripts/remove b/scripts/remove index 50ef568..e8c4267 100644 --- a/scripts/remove +++ b/scripts/remove @@ -25,7 +25,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove the service from the list of services known by Yunohost (added from `yunohost service add`) +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null then ynh_script_progression --message="Removing $app service integration..." @@ -75,7 +75,7 @@ ynh_remove_logrotate #================================================= # REMOVE FAIL2BAN CONFIGURATION #================================================= -ynh_script_progression --message="Removing Fail2Ban configuration..." +ynh_script_progression --message="Removing Fail2ban configuration..." # Remove the dedicated Fail2Ban config ynh_remove_fail2ban_config diff --git a/scripts/restore b/scripts/restore index ea4ea2d..c97975d 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -23,7 +23,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -46,17 +46,10 @@ test ! -d $final_path \ #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the nginx configuration..." +ynh_script_progression --message="Restoring the NGINX web server configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring the app main directory..." - -ynh_restore_file --origin_path="$final_path" - #================================================= # RECREATE THE DEDICATED USER #================================================= @@ -66,14 +59,15 @@ ynh_script_progression --message="Recreating the dedicated system user..." ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# RESTORE USER RIGHTS +# RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring user rights..." +ynh_script_progression --message="Restoring the app main directory..." -# Restore permissions on app files -chown -R "$app":"$app" "$final_path" -mkdir -p "/var/log/$app" -chown -R "$app":"$app" /var/log/"$app" +ynh_restore_file --origin_path="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R root:$app "$final_path" #================================================= # RESTORE FAIL2BAN CONFIGURATION @@ -112,7 +106,7 @@ systemctl enable $app.service --quiet #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --description "$app daemon for Bitwarden" --log "/var/log/$app/$app.log" +yunohost service add $app --description="$app daemon for Bitwarden" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE diff --git a/scripts/upgrade b/scripts/upgrade index db0aa28..d9aadcb 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -63,7 +63,7 @@ ynh_script_progression --message="Backing up the app before upgrading (may take ynh_backup_before_upgrade ynh_clean_setup () { ynh_clean_check_starting - # restore it if the upgrade fails + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script @@ -78,6 +78,14 @@ ynh_script_progression --message="Stopping a systemd service..." ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped Bitwarden Server" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -93,6 +101,10 @@ then ynh_setup_source --dest_dir="$final_path/live/web-vault/" --source_id="web" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R root:$app "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -108,14 +120,6 @@ ynh_script_progression --message="Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # SPECIFIC UPGRADE #================================================= @@ -167,30 +171,22 @@ ynh_script_progression --message="Upgrading systemd configuration..." ynh_add_systemd_config #================================================= -# MODIFY A CONFIG FILE +# UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Modifying a config file..." +ynh_script_progression --message="Updating a config file..." ynh_add_config --template="../conf/bitwarden_rs.env" --destination="$final_path/live/bitwarden_rs.env" #================================================= # GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions on app files -chown -R "$app":"$app" "$final_path" -mkdir -p "/var/log/$app" -chown -R "$app":"$app" /var/log/"$app" - #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) +mkdir -p "/var/log/$app" +chown -R "$app":"$app" /var/log/"$app" ynh_use_logrotate --non-append #================================================= @@ -198,7 +194,7 @@ ynh_use_logrotate --non-append #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --description "$app daemon for Bitwarden" --log "/var/log/$app/$app.log" +yunohost service add $app --description="$app daemon for Bitwarden" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE