From 4b8fae84d23f9c7742c418259cbe4b34e8e1a0e2 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 12 Apr 2021 14:16:07 +0200 Subject: [PATCH 1/7] Upgrade to 4.5.3 --- README.md | 2 +- conf/settings.py | 2 +- manifest.json | 2 +- scripts/_common.sh | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 41b71ec..635dfa4 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Weblate is a libre web-based translation tool with tight version control integration. It provides two user interfaces, propagation of translations across components, quality checks and automatic linking to source files. -**Shipped version:** 4.5.1 +**Shipped version:** 4.5.3 ## Screenshots diff --git a/conf/settings.py b/conf/settings.py index 5689750..adc0805 100644 --- a/conf/settings.py +++ b/conf/settings.py @@ -705,6 +705,7 @@ CRISPY_TEMPLATE_PACK = "bootstrap3" # "weblate.checks.format.PerlFormatCheck", # "weblate.checks.format.JavaScriptFormatCheck", # "weblate.checks.format.LuaFormatCheck", +# "weblate.checks.format.SchemeFormatCheck", # "weblate.checks.format.CSharpFormatCheck", # "weblate.checks.format.JavaFormatCheck", # "weblate.checks.format.JavaMessageFormatCheck", @@ -753,7 +754,6 @@ CRISPY_TEMPLATE_PACK = "bootstrap3" # List of enabled addons # WEBLATE_ADDONS = ( -# "weblate.addons.autotranslate.AutoTranslateAddon", # "weblate.addons.gettext.GenerateMoAddon", # "weblate.addons.gettext.UpdateLinguasAddon", # "weblate.addons.gettext.UpdateConfigureAddon", diff --git a/manifest.json b/manifest.json index 41e51e0..7585a5e 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "A translation platform using Git and Python", "fr": "Une plateforme de traduction utilisant Git et Python" }, - "version": "4.5.1~ynh1", + "version": "4.5.3~ynh1", "url": "https://weblate.org", "license": "AGPL-3.0", "maintainer": { diff --git a/scripts/_common.sh b/scripts/_common.sh index 68ad43d..025a55f 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -12,7 +12,7 @@ pkg_dependencies="libxml2-dev libxslt-dev libfreetype6-dev libjpeg-dev libz-dev libpq-dev libglib2.0-dev mailutils python-celery-common hub" # Weblate's version for PIP and settings file -weblate_version="4.5.1" +weblate_version="4.5.3" debian_maj_version=$(sed 's/\..*//' /etc/debian_version) From 3155a90f45b703e2c461cfbe3d140ba717883e74 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 12 Apr 2021 15:21:09 +0200 Subject: [PATCH 2/7] fix folder/files permissions --- manifest.json | 22 +--------------------- scripts/install | 6 +++--- scripts/restore | 6 +++--- scripts/upgrade | 6 +++--- 4 files changed, 10 insertions(+), 30 deletions(-) diff --git a/manifest.json b/manifest.json index 7585a5e..24149da 100644 --- a/manifest.json +++ b/manifest.json @@ -18,7 +18,7 @@ "email": "jean-baptiste@holcroft.fr" }], "requirements": { - "yunohost": ">= 4.0.0" + "yunohost": ">= 4.1.0" }, "multi_instance": true, "services": [ @@ -29,29 +29,17 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain for Weblate", - "fr": "Choisissez un domaine pour Weblate" - }, "example": "domain.org" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for Weblate", - "fr": "Choisissez un chemin pour Weblate" - }, "example": "/weblate", "default": "/weblate" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Should Weblate be public accessible?", - "fr": "Weblate doit-il être accessible au public ?" - }, "help": { "en": "Any YunoHost user and anonymous people from the web will be able to access the application", "fr": "Tout utilisateur YunoHost et les personnes anonymes pourront accéder à l'application" @@ -61,19 +49,11 @@ { "name": "admin", "type": "user", - "ask": { - "en": "Choose an admin user for Weblate", - "fr": "Choisissez l'administrateur pour Weblate" - }, "example": "johndoe" }, { "name": "password", "type": "password", - "ask": { - "en": "Set the administrator password", - "fr": "Définissez le mot de passe administrateur" - }, "example": "Choose a password" }, { diff --git a/scripts/install b/scripts/install index 15c23ca..35ce788 100755 --- a/scripts/install +++ b/scripts/install @@ -246,10 +246,10 @@ ynh_add_systemd_config --service="$app-celery" --template="celery-weblate.servic #================================================= # Set permissions to app files -chown -R "$app": "$final_path" - mkdir -p "$final_path/avatar-cache" -chown -R "$app": "$final_path/avatar-cache" +chown -R "$app": "$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" #================================================= # SETUP LOGROTATE diff --git a/scripts/restore b/scripts/restore index 7be3bff..0ef83c8 100755 --- a/scripts/restore +++ b/scripts/restore @@ -70,10 +70,10 @@ ynh_system_user_create --username=$app --home_dir="$final_path" --use_shell #================================================= # Restore permissions on app files -chown -R "$app": "$final_path" - mkdir -p "$final_path/avatar-cache" -chown -R "$app": "$final_path/avatar-cache" +chown -R "$app": "$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" #================================================= # SPECIFIC RESTORATION diff --git a/scripts/upgrade b/scripts/upgrade index 3506e41..bea21fc 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -289,10 +289,10 @@ yunohost service add "$app-celery" --log "/var/log/$app/weblate-celery-w1.log" #================================================= # Set right permissions for curl installation -chown -R "$app": "$final_path" - mkdir -p "$final_path/avatar-cache" -chown -R "$app": "$final_path/avatar-cache" +chown -R "$app": "$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" #================================================= # START SYSTEMD SERVICES From aed7035db58f158f7e6ab5a43f70b3851a9b2727 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 12 Apr 2021 16:39:05 +0200 Subject: [PATCH 3/7] version number is now in the version.py file --- scripts/upgrade | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/scripts/upgrade b/scripts/upgrade index bea21fc..47c30a6 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -253,6 +253,11 @@ file_version="${final_path}/venv/lib/$weblate_pypath/site-packages/weblate/__ini if [ -e $file_version ] then current_version=$(cat $file_version | grep "^VERSION = " | grep -o "[0-9].[0-9]" | head -n1 | cut -d"." -f1) + if [ -z "$current_version" ] + then + file_version="${final_path}/venv/lib/$weblate_pypath/site-packages/weblate/utils/version.py" + current_version=$(cat $file_version | grep "^VERSION = " | grep -o "[0-9].[0-9]" | head -n1 | cut -d"." -f1) + fi else current_version=3 fi From b3dea800bf723b3c5a7e16011ac152f94912887c Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 30 Apr 2021 15:58:52 +0200 Subject: [PATCH 4/7] 4.6 --- conf/settings.py | 18 +++++++++++++++--- scripts/_common.sh | 2 +- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/conf/settings.py b/conf/settings.py index adc0805..e15e977 100644 --- a/conf/settings.py +++ b/conf/settings.py @@ -127,6 +127,7 @@ LANGUAGES = ( ("pl", "Polski"), ("pt", "Português"), ("pt-br", "Português brasileiro"), + ("ro", "Română"), ("ru", "Русский"), ("sk", "Slovenčina"), ("sl", "Slovenščina"), @@ -218,12 +219,12 @@ TEMPLATES = [ ] -# GitHub username for sending pull requests. +# GitHub username and token for sending pull requests. # Please see the documentation for more details. GITHUB_USERNAME = "__GITHUBUSER__" GITHUB_TOKEN = "__GITHUBTOKEN__" -# GitLab username for sending merge requests. +# GitLab username and token for sending merge requests. # Please see the documentation for more details. GITLAB_USERNAME = None GITLAB_TOKEN = None @@ -336,6 +337,14 @@ AUTH_PASSWORD_VALIDATORS = [ # }, ] +# Password hashing (prefer Argon) +PASSWORD_HASHERS = [ + "django.contrib.auth.hashers.Argon2PasswordHasher", + "django.contrib.auth.hashers.PBKDF2PasswordHasher", + "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher", + "django.contrib.auth.hashers.BCryptSHA256PasswordHasher", +] + # Allow new user registrations REGISTRATION_OPEN = True @@ -623,6 +632,7 @@ SECURE_REDIRECT_EXEMPT = (r"healthz/$",) # Allowing HTTP access to health check # Session cookie age (in seconds) SESSION_COOKIE_AGE = 1000 SESSION_COOKIE_AGE_AUTHENTICATED = 1209600 +SESSION_COOKIE_SAMESITE = "Lax" # Increase allowed upload size DATA_UPLOAD_MAX_MEMORY_SIZE = 50000000 @@ -630,6 +640,7 @@ DATA_UPLOAD_MAX_MEMORY_SIZE = 50000000 LANGUAGE_COOKIE_SECURE = SESSION_COOKIE_SECURE LANGUAGE_COOKIE_HTTPONLY = SESSION_COOKIE_HTTPONLY LANGUAGE_COOKIE_AGE = SESSION_COOKIE_AGE_AUTHENTICATED * 10 +LANGUAGE_COOKIE_SAMESITE = SESSION_COOKIE_SAMESITE # Some security headers SECURE_BROWSER_XSS_FILTER = True @@ -896,7 +907,7 @@ CELERY_RESULT_BACKEND = CELERY_BROKER_URL CELERY_WORKER_MAX_MEMORY_PER_CHILD = 200000 CELERY_BEAT_SCHEDULE_FILENAME = os.path.join(DATA_DIR, "celery", "beat-schedule") CELERY_TASK_ROUTES = { - "weblate.trans.tasks.auto_translate": {"queue": "translate"}, + "weblate.trans.tasks.auto_translate*": {"queue": "translate"}, "weblate.accounts.tasks.notify_*": {"queue": "notify"}, "weblate.accounts.tasks.send_mails": {"queue": "notify"}, "weblate.utils.tasks.settings_backup": {"queue": "backup"}, @@ -920,6 +931,7 @@ MATOMO_SITE_ID = None MATOMO_URL = None GOOGLE_ANALYTICS_ID = None SENTRY_DSN = None +SENTRY_ENVIRONMENT = None AKISMET_API_KEY = None try: diff --git a/scripts/_common.sh b/scripts/_common.sh index 025a55f..250be18 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -12,7 +12,7 @@ pkg_dependencies="libxml2-dev libxslt-dev libfreetype6-dev libjpeg-dev libz-dev libpq-dev libglib2.0-dev mailutils python-celery-common hub" # Weblate's version for PIP and settings file -weblate_version="4.5.3" +weblate_version="4.6" debian_maj_version=$(sed 's/\..*//' /etc/debian_version) From 603f194e84042cc41601ceaa710f76c8aecf1ecd Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 3 May 2021 14:15:42 +0200 Subject: [PATCH 5/7] fix install and upgrade --- scripts/install | 17 ++++++++--------- scripts/upgrade | 21 ++++++++++----------- 2 files changed, 18 insertions(+), 20 deletions(-) diff --git a/scripts/install b/scripts/install index 35ce788..2344f58 100755 --- a/scripts/install +++ b/scripts/install @@ -119,20 +119,19 @@ ynh_script_progression --message="Install weblate using PIP..." --weight=80 ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name virtualenv --python=python3 "${final_path}/venv" -chown -R "$app": "$final_path" #run source in a 'sub shell' ( set +o nounset source "${final_path}/venv/bin/activate" set -o nounset - sudo -u $app $final_path/venv/bin/pip install --upgrade pip setuptools wheel + $final_path/venv/bin/pip install --upgrade pip setuptools wheel # Still needed with latest version of weblate? - sudo -u $app $final_path/venv/bin/pip install Weblate=="$weblate_version" - sudo -u $app $final_path/venv/bin/pip install psycopg2-binary ruamel.yaml aeidon phply + $final_path/venv/bin/pip install Weblate=="$weblate_version" + $final_path/venv/bin/pip install psycopg2-binary ruamel.yaml aeidon phply #pip install pytz python-bidi PyYaML Babel pyuca pylibravatar py3dns psycopg2-binary phply django-redis hiredis aeidon ruamel.yaml # specific to YunoHost package: - sudo -u $app $final_path/venv/bin/pip install django_sendmail_backend + $final_path/venv/bin/pip install django_sendmail_backend ) #================================================= @@ -183,17 +182,17 @@ ynh_script_progression --message="Filling up the database..." --weight=10 set -o nounset export DJANGO_SETTINGS_MODULE="weblate.settings" # the user needs to be weblate for postgresql - sudo -u $app $final_path/venv/bin/weblate migrate --noinput + $final_path/venv/bin/weblate migrate --noinput # generate static files - sudo -u $app $final_path/venv/bin/weblate collectstatic --noinput - sudo -u $app $final_path/venv/bin/weblate createadmin --no-color \ + $final_path/venv/bin/weblate collectstatic --noinput + $final_path/venv/bin/weblate createadmin --no-color \ --password "$password" \ --username "$admin" \ --email "$admin_mail" # Check the configuration # This may fail in some cases with errors, etc., but the app works and the user can fix issues later. - sudo -u $app $final_path/venv/bin/weblate check --deploy || true + $final_path/venv/bin/weblate check --deploy || true ) #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 47c30a6..53b522c 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -171,20 +171,19 @@ upgrade() { ynh_systemd_action --service_name="$app-celery" --action="stop" virtualenv --python=python3 "${final_path}/venv" - chown -R "$app": "$final_path/venv" #run source in a 'sub shell' ( set +o nounset source "${final_path}/venv/bin/activate" set -o nounset - sudo -u $app $final_path/venv/bin/pip install --upgrade pip setuptools wheel + $final_path/venv/bin/pip install --upgrade pip setuptools wheel # Still needed with latest version of weblate? - sudo -u $app $final_path/venv/bin/pip install --upgrade Weblate=="$new_version" - sudo -u $app $final_path/venv/bin/pip install psycopg2-binary ruamel.yaml aeidon phply + $final_path/venv/bin/pip install --upgrade Weblate=="$new_version" + $final_path/venv/bin/pip install psycopg2-binary ruamel.yaml aeidon phply #pip install pytz python-bidi PyYaML Babel pyuca pylibravatar py3dns psycopg2-binary phply django-redis hiredis aeidon ruamel.yaml # specific to YunoHost package: - sudo -u $app $final_path/venv/bin/pip install django_sendmail_backend + $final_path/venv/bin/pip install django_sendmail_backend ) #================================================= @@ -235,16 +234,16 @@ upgrade() { export DJANGO_SETTINGS_MODULE="weblate.settings" cd "${final_path}" - sudo -u $app $final_path/venv/bin/weblate migrate --noinput - sudo -u $app $final_path/venv/bin/weblate collectstatic --noinput - sudo -u $app $final_path/venv/bin/weblate setuplang - sudo -u $app $final_path/venv/bin/weblate setupgroups - sudo -u $app $final_path/venv/bin/weblate compilemessages + $final_path/venv/bin/weblate migrate --noinput + $final_path/venv/bin/weblate collectstatic --noinput + $final_path/venv/bin/weblate setuplang + $final_path/venv/bin/weblate setupgroups + $final_path/venv/bin/weblate compilemessages # Check the configuration # This may fail in some cases with errors, etc., but the app works and the user can fix issues later. if [ "$new_version" == "$weblate_version" ]; then - sudo -u $app $final_path/venv/bin/weblate check --deploy || true + $final_path/venv/bin/weblate check --deploy || true fi ) } From 80f9b00da049ee17e6b0a8855ad904994552aef8 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 3 May 2021 14:30:31 +0200 Subject: [PATCH 6/7] 4.6.1 --- README.md | 2 +- manifest.json | 2 +- scripts/_common.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 635dfa4..ebee65b 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Weblate is a libre web-based translation tool with tight version control integration. It provides two user interfaces, propagation of translations across components, quality checks and automatic linking to source files. -**Shipped version:** 4.5.3 +**Shipped version:** 4.6.1 ## Screenshots diff --git a/manifest.json b/manifest.json index 24149da..57f1bc0 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "A translation platform using Git and Python", "fr": "Une plateforme de traduction utilisant Git et Python" }, - "version": "4.5.3~ynh1", + "version": "4.6.1~ynh1", "url": "https://weblate.org", "license": "AGPL-3.0", "maintainer": { diff --git a/scripts/_common.sh b/scripts/_common.sh index 250be18..0af1aa3 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -12,7 +12,7 @@ pkg_dependencies="libxml2-dev libxslt-dev libfreetype6-dev libjpeg-dev libz-dev libpq-dev libglib2.0-dev mailutils python-celery-common hub" # Weblate's version for PIP and settings file -weblate_version="4.6" +weblate_version="4.6.1" debian_maj_version=$(sed 's/\..*//' /etc/debian_version) From 840050079e236d4260e3eeb56c2e713137684c4f Mon Sep 17 00:00:00 2001 From: Kay0u Date: Tue, 4 May 2021 16:06:04 +0200 Subject: [PATCH 7/7] fix CI, again --- scripts/install | 21 +++++++++++++-------- scripts/upgrade | 23 +++++++++++++---------- 2 files changed, 26 insertions(+), 18 deletions(-) diff --git a/scripts/install b/scripts/install index 2344f58..ff55bba 100755 --- a/scripts/install +++ b/scripts/install @@ -119,19 +119,22 @@ ynh_script_progression --message="Install weblate using PIP..." --weight=80 ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name virtualenv --python=python3 "${final_path}/venv" +chown -R "$app": "$final_path" #run source in a 'sub shell' ( set +o nounset source "${final_path}/venv/bin/activate" set -o nounset - $final_path/venv/bin/pip install --upgrade pip setuptools wheel + cd "${final_path}" + + sudo --user=$app $final_path/venv/bin/pip install --upgrade pip setuptools wheel # Still needed with latest version of weblate? - $final_path/venv/bin/pip install Weblate=="$weblate_version" - $final_path/venv/bin/pip install psycopg2-binary ruamel.yaml aeidon phply + sudo --user=$app $final_path/venv/bin/pip install Weblate=="$weblate_version" + sudo --user=$app $final_path/venv/bin/pip install psycopg2-binary ruamel.yaml aeidon phply #pip install pytz python-bidi PyYaML Babel pyuca pylibravatar py3dns psycopg2-binary phply django-redis hiredis aeidon ruamel.yaml # specific to YunoHost package: - $final_path/venv/bin/pip install django_sendmail_backend + sudo --user=$app $final_path/venv/bin/pip install django_sendmail_backend ) #================================================= @@ -181,18 +184,20 @@ ynh_script_progression --message="Filling up the database..." --weight=10 source "${final_path}/venv/bin/activate" set -o nounset export DJANGO_SETTINGS_MODULE="weblate.settings" + cd "${final_path}" + # the user needs to be weblate for postgresql - $final_path/venv/bin/weblate migrate --noinput + sudo --user=$app $final_path/venv/bin/weblate migrate --noinput # generate static files - $final_path/venv/bin/weblate collectstatic --noinput - $final_path/venv/bin/weblate createadmin --no-color \ + sudo --user=$app $final_path/venv/bin/weblate collectstatic --noinput + sudo --user=$app $final_path/venv/bin/weblate createadmin --no-color \ --password "$password" \ --username "$admin" \ --email "$admin_mail" # Check the configuration # This may fail in some cases with errors, etc., but the app works and the user can fix issues later. - $final_path/venv/bin/weblate check --deploy || true + sudo --user=$app $final_path/venv/bin/weblate check --deploy || true ) #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 53b522c..1ce5d17 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -171,19 +171,22 @@ upgrade() { ynh_systemd_action --service_name="$app-celery" --action="stop" virtualenv --python=python3 "${final_path}/venv" + chown -R "$app": "$final_path" #run source in a 'sub shell' ( set +o nounset source "${final_path}/venv/bin/activate" set -o nounset - $final_path/venv/bin/pip install --upgrade pip setuptools wheel + cd "${final_path}" + + sudo --user=$app $final_path/venv/bin/pip install --upgrade pip setuptools wheel # Still needed with latest version of weblate? - $final_path/venv/bin/pip install --upgrade Weblate=="$new_version" - $final_path/venv/bin/pip install psycopg2-binary ruamel.yaml aeidon phply + sudo --user=$app $final_path/venv/bin/pip install --upgrade Weblate=="$new_version" + sudo --user=$app $final_path/venv/bin/pip install psycopg2-binary ruamel.yaml aeidon phply #pip install pytz python-bidi PyYaML Babel pyuca pylibravatar py3dns psycopg2-binary phply django-redis hiredis aeidon ruamel.yaml # specific to YunoHost package: - $final_path/venv/bin/pip install django_sendmail_backend + sudo --user=$app $final_path/venv/bin/pip install django_sendmail_backend ) #================================================= @@ -234,16 +237,16 @@ upgrade() { export DJANGO_SETTINGS_MODULE="weblate.settings" cd "${final_path}" - $final_path/venv/bin/weblate migrate --noinput - $final_path/venv/bin/weblate collectstatic --noinput - $final_path/venv/bin/weblate setuplang - $final_path/venv/bin/weblate setupgroups - $final_path/venv/bin/weblate compilemessages + sudo --user=$app $final_path/venv/bin/weblate migrate --noinput + sudo --user=$app $final_path/venv/bin/weblate collectstatic --noinput + sudo --user=$app $final_path/venv/bin/weblate setuplang + sudo --user=$app $final_path/venv/bin/weblate setupgroups + sudo --user=$app $final_path/venv/bin/weblate compilemessages # Check the configuration # This may fail in some cases with errors, etc., but the app works and the user can fix issues later. if [ "$new_version" == "$weblate_version" ]; then - $final_path/venv/bin/weblate check --deploy || true + sudo --user=$app $final_path/venv/bin/weblate check --deploy || true fi ) }