1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/vaultwarden_ynh.git synced 2024-09-03 18:26:31 +02:00
This commit is contained in:
Éric Gaspar 2023-09-15 14:39:06 +02:00
parent cc7425ec26
commit bad0ac4dbc
5 changed files with 31 additions and 102 deletions

View file

@ -23,7 +23,7 @@ DATA_FOLDER=__DATA_DIR__
## Details: ## Details:
## - https://docs.diesel.rs/diesel/pg/struct.PgConnection.html ## - https://docs.diesel.rs/diesel/pg/struct.PgConnection.html
## - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING ## - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING
# DATABASE_URL=postgresql://user:password@host[:port]/database_name # DATABASE_URL=postgresql://__DB_USER:__DB_PWD__@host[:port]/__DB_NAME__
## Database max connections ## Database max connections
## Define the size of the connection pool used for connecting to the database. ## Define the size of the connection pool used for connecting to the database.

View file

@ -59,6 +59,13 @@ chown -R $app:$app "/var/log/$app"
ynh_use_logrotate ynh_use_logrotate
# Create a dedicated Fail2Ban config
mkdir -p "/var/log/$app"
touch "/var/log/$app/$app.log"
chown -R $app:$app "/var/log/$app"
ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: <ADDR>\. Username:.*$"
yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log"
#================================================= #=================================================
@ -91,17 +98,6 @@ ynh_script_progression --message="Starting a systemd service..."
# Start a systemd service # Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..."
# Create a dedicated Fail2Ban config
mkdir -p "/var/log/$app"
touch "/var/log/$app/$app.log"
chown -R $app:$app "/var/log/$app"
ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: <ADDR>\. Username:.*$"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

View file

@ -22,40 +22,21 @@ then
yunohost service remove $app yunohost service remove $app
fi fi
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_script_progression --message="Stopping and removing the systemd service..."
# Remove the dedicated systemd config # Remove the dedicated systemd config
ynh_remove_systemd_config ynh_remove_systemd_config
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..."
# Remove the dedicated NGINX config # Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_remove_nginx_config
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2Ban configuration..."
# Remove the dedicated Fail2Ban config # Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config ynh_remove_fail2ban_config
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE VARIOUS FILES
#=================================================
ynh_script_progression --message="Removing various files..."
# Remove the log files # Remove the log files
ynh_secure_remove --file="/var/log/$app" ynh_secure_remove --file="/var/log/$app"
# Remove the config file
ynh_secure_remove --file="/$data_dir/config.json"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

View file

@ -30,9 +30,18 @@ ynh_restore_file --origin_path="$data_dir" --not_mandatory
chown -R $app:$app "$data_dir" chown -R $app:$app "$data_dir"
#================================================= #=================================================
# RESTORE FAIL2BAN CONFIGURATION # RESTORE THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..." ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
# Create a dedicated Fail2Ban config # Create a dedicated Fail2Ban config
mkdir -p "/var/log/$app" mkdir -p "/var/log/$app"
@ -43,35 +52,6 @@ ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..."
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..."
mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app"
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log"
#================================================= #=================================================
@ -81,13 +61,6 @@ ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
#================================================= #=================================================

View file

@ -46,14 +46,6 @@ fi
chmod -R o-rwx "$install_dir" chmod -R o-rwx "$install_dir"
chown -R $app:$app "$install_dir" chown -R $app:$app "$install_dir"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated NGINX config
ynh_add_nginx_config
#================================================= #=================================================
# SPECIFIC UPGRADE # SPECIFIC UPGRADE
#================================================= #=================================================
@ -88,25 +80,23 @@ chown $app:$app "$install_dir/live/.env"
#================================================= #=================================================
ynh_script_progression --message="Upgrading systemd configuration..." ynh_script_progression --message="Upgrading systemd configuration..."
# Create a dedicated NGINX config
ynh_add_nginx_config
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..."
mkdir -p "/var/log/$app" mkdir -p "/var/log/$app"
chown -R $app:$app "/var/log/$app" chown -R $app:$app "/var/log/$app"
# Use logrotate to manage app-specific logfile(s) # Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append ynh_use_logrotate --non-append
#================================================= mkdir -p "/var/log/$app"
# INTEGRATE SERVICE IN YUNOHOST touch "/var/log/$app/$app.log"
#================================================= chown -R $app:$app "/var/log/$app"
ynh_script_progression --message="Integrating service in YunoHost..."
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: <HOST>\. Username:.*$"
yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log"
@ -117,17 +107,6 @@ ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..."
mkdir -p "/var/log/$app"
touch "/var/log/$app/$app.log"
chown -R $app:$app "/var/log/$app"
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: <HOST>\. Username:.*$"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================