YunoHost-Apps/vaultwarden_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/vaultwarden_ynh.git synced 2024-09-03 18:26:31 +02:00
Code Issues Activity Actions

Merge pull request #128 from YunoHost-Apps/example

Browse source 
Apply example_ynh
This commit is contained in:
yalh76 2021-04-21 20:35:55 +02:00 committed by GitHub
commit 5bea7a5128
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 82 additions and 132 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -42,8 +42,8 @@ How to configure this app: by an admin panel at https://bitwarden.domain.tld/adm
#### Supported architectures
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/bitwarden%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/bitwarden/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/bitwarden%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/bitwarden/)
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/bitwarden.svg)](https://ci-apps.yunohost.org/ci/apps/bitwarden/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/bitwarden.svg)](https://ci-apps-arm.yunohost.org/ci/apps/bitwarden/)
## Links

4
README_fr.md
View file

@ -42,8 +42,8 @@ Comment configurer cette application : via le panneau d'administration https://b
#### Architectures supportées
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/bitwarden%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/bitwarden/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/bitwarden%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/bitwarden/)
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/bitwarden.svg)](https://ci-apps.yunohost.org/ci/apps/bitwarden/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/bitwarden.svg)](https://ci-apps-arm.yunohost.org/ci/apps/bitwarden/)
## Liens

4
check_process
View file

@ -33,6 +33,8 @@
upgrade=1 from_commit=df2a0510288c352cfc03886763149f49839ed620
# 1.19.0~ynh1
upgrade=1 from_commit=980f625ab1eb3136437ff6275bec7990c534282c
# 1.20.0~ynh2
upgrade=1 from_commit=5250a50f0bf177a79b30c25f8b6baa7ef615f75e
backup_restore=1
multi_instance=1
port_already_use=0
@ -57,3 +59,5 @@ Notification=all
name=1.16.3~ynh3
; commit=980f625ab1eb3136437ff6275bec7990c534282c
name=1.19.0~ynh1
; commit=5250a50f0bf177a79b30c25f8b6baa7ef615f75e
name=1.20.0~ynh2

18
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Manage passwords and other sensitive informations",
"fr": "Gérez les mots de passe et autres informations sensibles"
},
"version": "1.20.0~ynh2",
"version": "1.20.0~ynh3",
"url": "https://github.com/dani-garcia/bitwarden_rs",
"license": "GPL-3.0-or-later",
"maintainer": {
@ -24,38 +24,22 @@
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain name for Bitwarden",
"fr": "Choisissez un nom de domaine pour Bitwarden"
},
"example": "example.com"
},
{
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for Bitwarden",
"fr": "Choisissez un chemin pour Bitwarden"
},
"example": "/bitwarden",
"default": "/bitwarden"
},
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose an admin user",
"fr": "Choisissez l'administrateur"
},
"example": "johndoe"
},
{
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Is it a public application?",
"fr": "Est-ce une application publique ?"
},
"default": true
}
]

8
scripts/backup
View file

@ -6,7 +6,7 @@
# IMPORT GENERIC HELPERS
#=================================================
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
@ -56,12 +56,6 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_backup --src_path="/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
#=================================================

4
scripts/change_url
View file

@ -37,7 +37,7 @@ rocket_port=$(ynh_app_setting_get --app=$app --key=rocket_port)
websocket_port=$(ynh_app_setting_get --app=$app --key=websocket_port)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..."
@ -47,7 +47,7 @@ ynh_clean_setup () {
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
# restore it if the upgrade fails
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script

69
scripts/install
View file

@ -77,6 +77,14 @@ ynh_script_progression --message="Installing dependencies..."
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@ -90,6 +98,10 @@ ynh_setup_source --dest_dir="$final_path/build/" --source_id="app"
# Download, check integrity, uncompress and patch the source from web.src
ynh_setup_source --dest_dir="$final_path/live/web-vault/" --source_id="web"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
@ -98,14 +110,6 @@ ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated NGINX config
ynh_add_nginx_config "websocket_port rocket_port"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username="$app" --home_dir="$final_path"
#=================================================
# SPECIFIC SETUP
#=================================================
@ -113,9 +117,6 @@ ynh_system_user_create --username="$app" --home_dir="$final_path"
#=================================================
ynh_script_progression --message="Making install..."
# Set right permissions
chown -R "$app":"$app" "$final_path"
# Install rustup with the toolchain needed by bitwarden_rs
pushd "$final_path"
sudo -u "$app" RUSTUP_HOME="$final_path"/.rustup CARGO_HOME="$final_path"/.cargo bash -c 'curl -sSf -L https://static.rust-lang.org/rustup.sh | sh -s -- -y --default-toolchain nightly'
@ -129,7 +130,7 @@ pushd "$final_path"/build
popd
# Install bitwarden_rs
cp -a "$final_path/build/target/release/bitwarden_rs" "$final_path/live/bitwarden_rs"
cp -af "$final_path/build/target/release/bitwarden_rs" "$final_path/live/bitwarden_rs"
# Remove build files and rustup
ynh_secure_remove --file="$final_path/build"
@ -137,7 +138,21 @@ ynh_secure_remove --file="$final_path/.cargo"
ynh_secure_remove --file="$final_path/.rustup"
# Create datadir
mkdir -p "$final_path"/live/data
mkdir -p "$final_path/live/data"
chmod 750 "$final_path/live/data"
chmod -R o-rwx "$final_path/live/data"
chown -R $app:$app "$final_path/live/data"
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a config file..."
ynh_add_config --template="../conf/bitwarden_rs.env" --destination="$final_path/live/bitwarden_rs.env"
chmod 400 "$final_path/live/bitwarden_rs.env"
chown $app:$app "$final_path/live/bitwarden_rs.env"
#=================================================
# SETUP SYSTEMD
@ -147,39 +162,14 @@ ynh_script_progression --message="Configuring a systemd service..."
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# MODIFY A CONFIG FILE
#=================================================
ynh_script_progression --message="Modifying a config file..."
ynh_add_config --template="../conf/bitwarden_rs.env" --destination="$final_path/live/bitwarden_rs.env"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
ynh_script_progression --message="Securing files and directories..."
# Set permissions to app files
chown -R "$app":"$app" "$final_path"
mkdir -p "/var/log/$app"
chown -R "$app":"$app" "/var/log/$app"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..."
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app --description "$app daemon for Bitwarden" --log "/var/log/$app/$app.log"
yunohost service add $app --description="$app daemon for Bitwarden" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
@ -195,6 +185,7 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l
ynh_script_progression --message="Configuring Fail2Ban..."
# Create a dedicated Fail2Ban config
mkdir -p "/var/log/$app"
touch /var/log/"$app"/"$app".log
ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: <HOST>\. Username:.*$"

4
scripts/remove
View file

@ -25,7 +25,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#=================================================
# Remove the service from the list of services known by Yunohost (added from `yunohost service add`)
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null
then
ynh_script_progression --message="Removing $app service integration..."
@ -75,7 +75,7 @@ ynh_remove_logrotate
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2Ban configuration..."
ynh_script_progression --message="Removing Fail2ban configuration..."
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config

36
scripts/restore
View file

@ -6,7 +6,7 @@
# IMPORT GENERIC HELPERS
#=================================================
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
@ -23,7 +23,7 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..."
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
@ -46,17 +46,10 @@ test ! -d $final_path \
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the nginx configuration..."
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file --origin_path="$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
@ -66,14 +59,15 @@ ynh_script_progression --message="Recreating the dedicated system user..."
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# RESTORE USER RIGHTS
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring user rights..."
ynh_script_progression --message="Restoring the app main directory..."
# Restore permissions on app files
chown -R "$app":"$app" "$final_path"
mkdir -p "/var/log/$app"
chown -R "$app":"$app" /var/log/"$app"
ynh_restore_file --origin_path="$final_path"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
#=================================================
# RESTORE FAIL2BAN CONFIGURATION
@ -82,7 +76,6 @@ ynh_script_progression --message="Restoring the Fail2Ban configuration..."
# Create a dedicated Fail2Ban config
mkdir -p "/var/log/$app"
chown -R "$app":"$app" "/var/log/$app"
touch /var/log/"$app"/"$app".log
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
@ -112,7 +105,7 @@ systemctl enable $app.service --quiet
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app --description "$app daemon for Bitwarden" --log "/var/log/$app/$app.log"
yunohost service add $app --description="$app daemon for Bitwarden" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
@ -121,13 +114,6 @@ ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..."
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================

63
scripts/upgrade
View file

@ -46,7 +46,7 @@ fi
if ! ynh_permission_exists --permission="admin"; then
# Create the required permissions
ynh_permission_create --permission="admin" --url="/admin" --allowed="$admin" --show_tile="false"
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin --show_tile="false"
fi
# Create a permission if needed
@ -54,6 +54,8 @@ if ! ynh_permission_exists --permission="api"; then
ynh_permission_create --permission="api" --url="/api" --additional_urls="/identity/connect/token" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
fi
ynh_remove_logrotate
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
@ -63,7 +65,7 @@ ynh_script_progression --message="Backing up the app before upgrading (may take
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# restore it if the upgrade fails
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
@ -78,6 +80,14 @@ ynh_script_progression --message="Stopping a systemd service..."
ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped Bitwarden Server"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@ -93,6 +103,10 @@ then
ynh_setup_source --dest_dir="$final_path/live/web-vault/" --source_id="web"
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
@ -108,14 +122,6 @@ ynh_script_progression --message="Upgrading dependencies..."
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# SPECIFIC UPGRADE
#=================================================
@ -158,6 +164,16 @@ then
ynh_secure_remove --file="$final_path/.rustup"
fi
#=================================================
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating a config file..."
ynh_add_config --template="../conf/bitwarden_rs.env" --destination="$final_path/live/bitwarden_rs.env"
chmod 400 "$final_path/live/bitwarden_rs.env"
chown $app:$app "$final_path/live/bitwarden_rs.env"
#=================================================
# SETUP SYSTEMD
#=================================================
@ -166,39 +182,14 @@ ynh_script_progression --message="Upgrading systemd configuration..."
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# MODIFY A CONFIG FILE
#=================================================
ynh_script_progression --message="Modifying a config file..."
ynh_add_config --template="../conf/bitwarden_rs.env" --destination="$final_path/live/bitwarden_rs.env"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
ynh_script_progression --message="Securing files and directories..."
# Set permissions on app files
chown -R "$app":"$app" "$final_path"
mkdir -p "/var/log/$app"
chown -R "$app":"$app" /var/log/"$app"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..."
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app --description "$app daemon for Bitwarden" --log "/var/log/$app/$app.log"
yunohost service add $app --description="$app daemon for Bitwarden" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE