From 536cfd766c45661eb45aced1ea93ff240aae6704 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Sun, 3 Dec 2023 13:54:05 +0100 Subject: [PATCH] Cleanup scripts : * reorder steps for more consistent scripts * regroup the installation step in a single function in _common.sh --- scripts/_common.sh | 10 ++++++++++ scripts/install | 46 +++++++++++++--------------------------------- scripts/restore | 14 +++++--------- scripts/upgrade | 32 ++++---------------------------- 4 files changed, 32 insertions(+), 70 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 390cc61..77b87bd 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -19,6 +19,16 @@ _download_vaultwarden_from_docker() { docker_arg="--os_arch_variant=linux/arm/v7" fi ynh_docker_image_extract --dest_dir="$install_dir/build/" --image_spec="$pkg_image:$(ynh_app_upstream_version)" $docker_arg + + mkdir -p "$install_dir/live/" + + mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" + rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" + ynh_secure_remove --file="$install_dir/build" + + chmod 750 "$install_dir" + chmod -R o-rwx "$install_dir" + chown -R $app:$app "$install_dir" } #================================================= diff --git a/scripts/install b/scripts/install index 77d1c66..1353c33 100644 --- a/scripts/install +++ b/scripts/install @@ -31,11 +31,15 @@ ynh_script_progression --message="Setting up source files..." _download_vaultwarden_from_docker -mkdir -p "$install_dir/live/" +#================================================= +# ADD A CONFIGURATION FILE +#================================================= +ynh_script_progression --message="Adding a configuration file..." -chmod 750 "$install_dir" -chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" +ynh_add_config --template="vaultwarden.env" --destination="$install_dir/live/.env" + +chmod 400 "$install_dir/live/.env" +chown $app:$app "$install_dir/live/.env" #================================================= # SYSTEM CONFIGURATION @@ -48,43 +52,19 @@ ynh_add_nginx_config # Create a dedicated systemd config ynh_add_systemd_config -# Use logrotate to manage application logfile(s) -mkdir -p "/var/log/$app" -chown -R $app:$app "/var/log/$app" - -ynh_use_logrotate - -# Create a dedicated Fail2Ban config +# Create log file for fail2ban mkdir -p "/var/log/$app" touch "/var/log/$app/$app.log" chown -R $app:$app "/var/log/$app" +# Use logrotate to manage application logfile(s) +ynh_use_logrotate + +# Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" -#================================================= -# MAKE INSTALL -#================================================= -ynh_script_progression --message="Making install..." - -mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" -rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" -ynh_secure_remove --file="$install_dir/build" - -chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" - -#================================================= -# ADD A CONFIGURATION -#================================================= -ynh_script_progression --message="Adding a configuration file..." - -ynh_add_config --template="vaultwarden.env" --destination="$install_dir/live/.env" - -chmod 400 "$install_dir/live/.env" -chown $app:$app "$install_dir/live/.env" - #================================================= # START SYSTEMD SERVICE #================================================= diff --git a/scripts/restore b/scripts/restore index 561981d..65c3a5a 100644 --- a/scripts/restore +++ b/scripts/restore @@ -32,8 +32,6 @@ chown -R $app:$app "$data_dir" #================================================= # RESTORE SYSTEM CONFIGURATIONS #================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" @@ -41,25 +39,23 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -mkdir -p "/var/log/$app" -chown -R $app:$app "/var/log/$app" -ynh_restore_file --origin_path="/etc/logrotate.d/$app" +yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" -# Create a dedicated Fail2Ban config +# Create log file for fail2ban mkdir -p "/var/log/$app" touch "/var/log/$app/$app.log" chown -R $app:$app "/var/log/$app" +ynh_restore_file --origin_path="/etc/logrotate.d/$app" + ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=restart --service_name=fail2ban -yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" - #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." +ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 diff --git a/scripts/upgrade b/scripts/upgrade index 25eab9d..ec19a99 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -34,31 +34,8 @@ then ynh_script_progression --message="Upgrading source files..." _download_vaultwarden_from_docker - mkdir -p "$install_dir/live/" fi -chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" - -#================================================= -# SPECIFIC UPGRADE -#================================================= -# MAKE UPGRADE -#================================================= -ynh_script_progression --message="Making upgrade..." - -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" - ynh_secure_remove --file="$install_dir/live/web-vault/" - rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" - ynh_secure_remove --file="$install_dir/build" -fi - -chmod 750 "$install_dir" -chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" - #================================================= # UPDATE A CONFIG FILE #================================================= @@ -80,15 +57,14 @@ ynh_add_nginx_config # Create a dedicated systemd config ynh_add_systemd_config -mkdir -p "/var/log/$app" -chown -R $app:$app "/var/log/$app" -# Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate --non-append - +# Create log file for fail2ban mkdir -p "/var/log/$app" touch "/var/log/$app/$app.log" chown -R $app:$app "/var/log/$app" +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append + # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$"