From 84a487d1475011e33c7362ca968fc3482023e3ea Mon Sep 17 00:00:00 2001 From: yalh76 Date: Thu, 3 Oct 2019 21:42:08 +0200 Subject: [PATCH 1/4] Upgrade to 3.45 --- README.md | 2 +- conf/.env | 161 ++++++++++++++++++++++++++++++++++++++++-------- conf/arm64.src | 7 ++- conf/x86-64.src | 9 +-- manifest.json | 2 +- scripts/install | 3 +- scripts/restore | 2 +- scripts/upgrade | 22 +++++++ 8 files changed, 171 insertions(+), 37 deletions(-) diff --git a/README.md b/README.md index 3164388..9f6ce99 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to ## Overview Wekan is an open-source kanban board (task manager and organizer) -**Shipped version:** 2.98 +**Shipped version:** 3.45 ## Screenshots diff --git a/conf/.env b/conf/.env index f5164ee..7402d80 100644 --- a/conf/.env +++ b/conf/.env @@ -3,50 +3,127 @@ NODE_ENV=production # The path to NODEJS PATH=__NODEJS_PATH__ - -# Activate Debug mode +#--------------------------------------------------------------- +# Debug OIDC OAuth2 etc. #DEBUG=true +#--------------------------------------------------------------- # URL of the mongodb MONGO_URL=mongodb://127.0.0.1:27017/__DB_NAME__ -# Root URL +# ROOT_URL EXAMPLES FOR WEBSERVERS: https://github.com/wekan/wekan/wiki/Settings +# Production: https://example.com/wekan +# Local: http://localhost:3000 +# ipaddress=$(ifdata -pa eth0) ROOT_URL=https://__DOMAIN_URI__ -# Mail URL -MAIL_URL=smtp://localhost +#--------------------------------------------------------------- +# Working email IS NOT REQUIRED to use Wekan. +# https://github.com/wekan/wekan/wiki/Adding-users +# https://github.com/wekan/wekan/wiki/Troubleshooting-Mail +# https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml +MAIL_URL='smtp://localhost:25' +MAIL_FROM='Wekan Support ' # This is local port where Wekan Node.js runs PORT=__PORT__ -#--------------------------------------------- -# Wekan Export Board works when WITH_API=true. -# If you disable Wekan API with false, Export Board does not work. +#--------------------------------------------------------------- +# Wekan Export Board works when WITH_API='true'. +# If you disable Wekan API, Export Board does not work. WITH_API='true' -#--------------------------------------------- +#--------------------------------------------------------------- +# ==== PASSWORD BRUTE FORCE PROTECTION ==== +# https://atmospherejs.com/lucasantoniassi/accounts-lockout +# Defaults below. Uncomment to change. wekan/server/accounts-lockout.js +#ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE=3 +#ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD=60 +#ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW=15 +#ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE=3 +#ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD=60 +#ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW=15 + +#--------------------------------------------------------------- +# ==== RICH TEXT EDITOR IN CARD COMMENTS ==== +# https://github.com/wekan/wekan/pull/2560 +RICHER_CARD_COMMENT_EDITOR=true + +#--------------------------------------------------------------- +# ==== CARD OPENED, SEND WEBHOOK MESSAGE ==== +CARD_OPENED_WEBHOOK_ENABLED=false + +#--------------------------------------------------------------- +# ==== Allow to shrink attached/pasted image ==== +# https://github.com/wekan/wekan/pull/2544 +#MAX_IMAGE_PIXEL=1024 +#IMAGE_COMPRESS_RATIO=80 + +#--------------------------------------------------------------- +# ==== BIGEVENTS DUE ETC NOTIFICATIONS ===== +# https://github.com/wekan/wekan/pull/2541 +# Introduced a system env var BIGEVENTS_PATTERN default as "NONE", +# so any activityType matches the pattern, system will send out +# notifications to all board members no matter they are watching +# or tracking the board or not. Owner of the wekan server can +# disable the feature by setting this variable to "NONE" or +# change the pattern to any valid regex. i.e. '|' delimited +# activityType names. +# a) Example +#BIGEVENTS_PATTERN=due +# b) All +#BIGEVENTS_PATTERN=received|start|due|end +# c) Disabled +BIGEVENTS_PATTERN=NONE + +#--------------------------------------------------------------- +# ==== EMAIL DUE DATE NOTIFICATION ===== +# https://github.com/wekan/wekan/pull/2536 +# System timelines will be showing any user modification for +# dueat startat endat receivedat, also notification to +# the watchers and if any card is due, about due or past due. +# +# Notify due days, default is None. +#NOTIFY_DUE_DAYS_BEFORE_AND_AFTER=2,0 +# it will notify user 2 days before due day and on the due day +# +# Notify due at hour of day. Default every morning at 8am. Can be 0-23. +# If env variable has parsing error, use default. Notification sent to watchers. +# NOTIFY_DUE_AT_HOUR_OF_DAY=8 + +#--------------------------------------------------------------- +# ==== EMAIL NOTIFICATION TIMEOUT, ms ===== +# Defaut: 30000 ms = 30s +#EMAIL_NOTIFICATION_TIMEOUT=30000 + +#--------------------------------------------------------------- # CORS: Set Access-Control-Allow-Origin header. Example: * #CORS=* -#--------------------------------------------- -## Optional: Integration with Matomo https://matomo.org that is installed to your server -## The address of the server where Matomo is hosted: -# Example: MATOMO_ADDRESS=https://example.com/matomo +# To enable the Set Access-Control-Allow-Headers header. "Authorization,Content-Type" is required for cross-origin use of the API. +#CORS_ALLOW_HEADERS=Authorization,Content-Type + +# To enable the Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: * +#CORS_EXPOSE_HEADERS=* + +#--------------------------------------------------------------- +# Optional: Integration with Matomo https://matomo.org that is installed to your server +# The address of the server where Matomo is hosted: +# MATOMO_ADDRESS=https://example.com/matomo #MATOMO_ADDRESS= -## The value of the site ID given in Matomo server for Wekan +# The value of the site ID given in Matomo server for Wekan # Example: MATOMO_SITE_ID=123456789 #MATOMO_SITE_ID='' -## The option do not track which enables users to not be tracked by matomo" -#Example: MATOMO_DO_NOT_TRACK=false +# The option do not track which enables users to not be tracked by matomo" +# Example: MATOMO_DO_NOT_TRACK=false #MATOMO_DO_NOT_TRACK=true -## The option that allows matomo to retrieve the username: +# The option that allows matomo to retrieve the username: # Example: MATOMO_WITH_USERNAME=true #MATOMO_WITH_USERNAME='false' -#--------------------------------------------- # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside. # Setting this to false is not recommended, it also disables all other browser policy protections # and allows all iframing etc. See wekan/server/policy.js @@ -61,7 +138,7 @@ TRUSTED_URL='' # Example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId WEBHOOKS_ATTRIBUTES='' -#--------------------------------------------- +#--------------------------------------------------------------- # ==== OAUTH2 AZURE ==== # https://github.com/wekan/wekan/wiki/Azure # 1) Register the application with Azure. Make sure you capture @@ -70,6 +147,9 @@ WEBHOOKS_ATTRIBUTES='' # by installation type, but make sure you have the following: #OAUTH2_ENABLED=true +# OAuth2 login style: popup or redirect. +#OAUTH2_LOGIN_STYLE=redirect + # Application GUID captured during app registration: #OAUTH2_CLIENT_ID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx @@ -80,6 +160,12 @@ WEBHOOKS_ATTRIBUTES='' #OAUTH2_USERINFO_ENDPOINT=https://graph.microsoft.com/oidc/userinfo #OAUTH2_TOKEN_ENDPOINT=/oauth2/v2.0/token +# OAUTH2 ID Token Whitelist Fields. +#OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[] + +# OAUTH2 Request Permissions. +#OAUTH2_REQUEST_PERMISSIONS='openid profile email' + # The claim name you want to map to the unique ID field: #OAUTH2_ID_MAP=email @@ -89,13 +175,16 @@ WEBHOOKS_ATTRIBUTES='' # The claim name you want to map to the full name field: #OAUTH2_FULLNAME_MAP=name -# The claim name you want to map to the email field: +# Tthe claim name you want to map to the email field: #OAUTH2_EMAIL_MAP=email -#----------------------------------------------------------------- +#--------------------------------------------------------------- # ==== OAUTH2 KEYCLOAK ==== # https://github.com/wekan/wekan/wiki/Keycloak <== MAPPING INFO, REQUIRED #OAUTH2_ENABLED=true + +# OAuth2 login style: popup or redirect. +#OAUTH2_LOGIN_STYLE=redirect #OAUTH2_CLIENT_ID= #OAUTH2_SERVER_URL=/auth #OAUTH2_AUTH_ENDPOINT=/realms//protocol/openid-connect/auth @@ -103,14 +192,17 @@ WEBHOOKS_ATTRIBUTES='' #OAUTH2_TOKEN_ENDPOINT=/realms//protocol/openid-connect/token #OAUTH2_SECRET= -#----------------------------------------------------------------- +#--------------------------------------------------------------- # ==== OAUTH2 DOORKEEPER ==== +# OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2 # https://github.com/wekan/wekan/issues/1874 # https://github.com/wekan/wekan/wiki/OAuth2 # Enable the OAuth2 connection #OAUTH2_ENABLED=true -# OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2 +# OAuth2 login style: popup or redirect. +#OAUTH2_LOGIN_STYLE=redirect + # OAuth2 Client ID. #OAUTH2_CLIENT_ID=abcde12345 @@ -141,7 +233,7 @@ WEBHOOKS_ATTRIBUTES='' # OAuth2 Email Mapping #OAUTH2_EMAIL_MAP= -#--------------------------------------------- +#--------------------------------------------------------------- # LDAP_ENABLE : Enable or not the connection by the LDAP # example : LDAP_ENABLE=true #LDAP_ENABLE=false @@ -211,7 +303,9 @@ LDAP_LOG_ENABLED=true LDAP_BACKGROUND_SYNC=true # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds -# example : LDAP_BACKGROUND_SYNC_INTERVAL=12345 +# At which interval does the background task sync in milliseconds. +# Leave this unset, so it uses default, and does not crash. +# https://github.com/wekan/wekan/issues/2354#issuecomment-515305722 #LDAP_BACKGROUND_SYNC_INTERVAL=100 LDAP_BACKGROUND_SYNC_INTERVAL=100 @@ -237,6 +331,12 @@ LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true # example : LDAP_REJECT_UNAUTHORIZED=true #LDAP_REJECT_UNAUTHORIZED=false +# Option to login to the LDAP server with the user's own username and password, instead of an administrator key. Default: false (use administrator key). +#LDAP_USER_AUTHENTICATION=true + +# Which field is used to find the user for the user authentication. Default: uid. +#LDAP_USER_AUTHENTICATION_FIELD=uid + # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed # example : LDAP_USER_SEARCH_FILTER= #LDAP_USER_SEARCH_FILTER= @@ -360,10 +460,19 @@ LDAP_SYNC_GROUP_ROLES=admins #LDAP_SYNC_ADMIN_STATUS=true LDAP_SYNC_ADMIN_STATUS=true -# Comma separated list of admin group names to sync. +# Comma separated list of admin group names. #LDAP_SYNC_ADMIN_GROUPS=group1,group2 LDAP_SYNC_ADMIN_GROUPS=admins +#--------------------------------------------------------------- +# Login to LDAP automatically with HTTP header. +# In below example for siteminder, at right side of = is header name. +#HEADER_LOGIN_ID=HEADERUID +#HEADER_LOGIN_FIRSTNAME=HEADERFIRSTNAME +#HEADER_LOGIN_LASTNAME=HEADERLASTNAME +#HEADER_LOGIN_EMAIL=HEADEREMAILADDRESS + +#--------------------------------------------------------------- # LOGOUT_WITH_TIMER : Enables or not the option logout with timer # example : LOGOUT_WITH_TIMER=true #LOGOUT_WITH_TIMER= diff --git a/conf/arm64.src b/conf/arm64.src index 36d7ec1..d4daddf 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,7 +1,8 @@ # This is on YunoHost server just to avoid the file from disappearing -# Original source is https://releases.wekan.team/raspi3/wekan-2.94-arm64-bundle.tar.gz -SOURCE_URL=https://build.yunohost.org/apps/wekan-2.94-arm64-bundle.tar.gz -SOURCE_SUM=f23d57238e5e7702c9e7a93226f2d6dcaf996671a6b22a6639b99b5ec2ab2c7f +# Original source is https://releases.wekan.team/raspi3/wekan-3.45-arm64.zip +# YunoHost source is https://build.yunohost.org/apps/wekan-3.45-arm64.zip +SOURCE_URL=https://releases.wekan.team/raspi3/wekan-3.45-arm64.zip +SOURCE_SUM=854c4a47125b616da3a36b7a766dbcf23adc1d926060c3e8b370e6c16b53bc25 SOURCE_SUM_PRG=sha256sum ARCH_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/x86-64.src b/conf/x86-64.src index f929c72..a4b617e 100644 --- a/conf/x86-64.src +++ b/conf/x86-64.src @@ -1,8 +1,9 @@ # This is on YunoHost server just to avoid the file from disappearing -# Original source is https://releases.wekan.team/wekan-2.98-meteor1.8-x64.tar.gz -SOURCE_URL=https://build.yunohost.org/apps/wekan-2.98-meteor1.8-x64.tar.gz -SOURCE_SUM=0f851e74eb35ef34415701c212f2953e55028d7cded5f427a161b20318e36885 +# Original source is https://releases.wekan.team/wekan-3.45.zip +# YunoHost source is https://build.yunohost.org/apps/wekan-3.45.zip +SOURCE_URL=https://releases.wekan.team/wekan-3.45.zip +SOURCE_SUM=b5385e2aadefe01a5f21d669475f8c33bd34992d2b019a5417576dbfc4ed77b1 SOURCE_SUM_PRG=sha256sum ARCH_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=wekan-2.98-meteor1.8-x64.tar.gz +SOURCE_FILENAME=wekan-3.45-meteor1.8-x64.tar.gz diff --git a/manifest.json b/manifest.json index 0ef8d79..12aca02 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Trello-like kanban", "fr": "Un kanban similaire à Trello" }, - "version": "2.98~ynh2", + "version": "3.45~ynh1", "url": "https://wekan.io", "license": "MIT", "maintainer": [ diff --git a/scripts/install b/scripts/install index dc81366..5c5a250 100755 --- a/scripts/install +++ b/scripts/install @@ -73,7 +73,7 @@ ynh_app_setting_set --app=$app --key=port --value=$port #================================================= ynh_print_info --message="Installing dependencies..." -ynh_install_nodejs --nodejs_version="8.16.0" +ynh_install_nodejs --nodejs_version="8.16.1" ynh_use_nodejs ynh_install_app_dependencies $pkg_dependencies @@ -136,6 +136,7 @@ cp "../conf/.env" $config_file ynh_replace_string --match_string="__NODEJS_PATH__" --replace_string="$nodejs_path" --target_file="$config_file" ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$config_file" +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config_file" ynh_replace_string --match_string="__DOMAIN_URI__" --replace_string="$domain$path_url" --target_file="$config_file" ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config_file" diff --git a/scripts/restore b/scripts/restore index d230c03..8da2784 100644 --- a/scripts/restore +++ b/scripts/restore @@ -82,7 +82,7 @@ find "$final_path" -type d -print0 | xargs -0 chmod 750 ynh_print_info --message="Reinstalling dependencies..." # Define and install dependencies -ynh_install_nodejs --nodejs_version="8.16.0" +ynh_install_nodejs --nodejs_version="8.16.1" ynh_use_nodejs ynh_install_app_dependencies $pkg_dependencies diff --git a/scripts/upgrade b/scripts/upgrade index fa2f250..5ea5c64 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -132,6 +132,28 @@ if ynh_version_gt "2.48~ynh1" "${previous_version}" ; then ynh_store_file_checksum "$config_file" fi +if ynh_version_gt "3.45~ynh1" "${previous_version}" ; then + # Install dependencies + ynh_remove_nodejs + ynh_install_nodejs --nodejs_version="8.16.1" + ynh_use_nodejs + + # Create a dedicated systemd config + ynh_replace_string --match_string="__NODEJS_PATH__" --replace_string="$nodejs_path" --target_file="../conf/systemd.service" + ynh_add_systemd_config + + # Create a dedicated .env config + config_file="$final_path/.env" + ynh_backup_if_checksum_is_different --file="$config_file" + cp "../conf/.env" "$config_file" + ynh_replace_string --match_string="__NODEJS_PATH__" --replace_string="$nodejs_path" --target_file="$config_file" + ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$config_file" + ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config_file" + ynh_replace_string --match_string="__DOMAIN_URI__" --replace_string="$domain$path_url" --target_file="$config_file" + ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config_file" + ynh_store_file_checksum "$config_file" +fi + #================================================= # CHECK THE PATH #================================================= From 4d1fa1e7b68cbca612c2997c47cf52f832b40a26 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Thu, 3 Oct 2019 21:50:50 +0200 Subject: [PATCH 2/4] Correct source filename --- conf/arm64.src | 2 +- conf/x86-64.src | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/arm64.src b/conf/arm64.src index d4daddf..7733b7f 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -6,4 +6,4 @@ SOURCE_SUM=854c4a47125b616da3a36b7a766dbcf23adc1d926060c3e8b370e6c16b53bc25 SOURCE_SUM_PRG=sha256sum ARCH_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=wekan-2.94-arm64-bundle.tar.gz +SOURCE_FILENAME=wekan-3.45-arm64.zip diff --git a/conf/x86-64.src b/conf/x86-64.src index a4b617e..923510c 100644 --- a/conf/x86-64.src +++ b/conf/x86-64.src @@ -6,4 +6,4 @@ SOURCE_SUM=b5385e2aadefe01a5f21d669475f8c33bd34992d2b019a5417576dbfc4ed77b1 SOURCE_SUM_PRG=sha256sum ARCH_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=wekan-3.45-meteor1.8-x64.tar.gz +SOURCE_FILENAME=wekan-3.45.zip From cd72eab61fd324a0ca9989b2024321fef8041e09 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Thu, 3 Oct 2019 22:17:10 +0200 Subject: [PATCH 3/4] Fix source format --- conf/arm64.src | 2 +- conf/x86-64.src | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/arm64.src b/conf/arm64.src index 7733b7f..ea87f30 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -4,6 +4,6 @@ SOURCE_URL=https://releases.wekan.team/raspi3/wekan-3.45-arm64.zip SOURCE_SUM=854c4a47125b616da3a36b7a766dbcf23adc1d926060c3e8b370e6c16b53bc25 SOURCE_SUM_PRG=sha256sum -ARCH_FORMAT=tar.gz +SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true SOURCE_FILENAME=wekan-3.45-arm64.zip diff --git a/conf/x86-64.src b/conf/x86-64.src index 923510c..894dd8d 100644 --- a/conf/x86-64.src +++ b/conf/x86-64.src @@ -4,6 +4,6 @@ SOURCE_URL=https://releases.wekan.team/wekan-3.45.zip SOURCE_SUM=b5385e2aadefe01a5f21d669475f8c33bd34992d2b019a5417576dbfc4ed77b1 SOURCE_SUM_PRG=sha256sum -ARCH_FORMAT=tar.gz +SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true SOURCE_FILENAME=wekan-3.45.zip From a68fed3d7e14db287d6d6815e113a715a43d31d5 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Thu, 3 Oct 2019 22:18:59 +0200 Subject: [PATCH 4/4] switch to YunoHost sources --- conf/arm64.src | 2 +- conf/x86-64.src | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/arm64.src b/conf/arm64.src index ea87f30..75c417a 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,7 +1,7 @@ # This is on YunoHost server just to avoid the file from disappearing # Original source is https://releases.wekan.team/raspi3/wekan-3.45-arm64.zip # YunoHost source is https://build.yunohost.org/apps/wekan-3.45-arm64.zip -SOURCE_URL=https://releases.wekan.team/raspi3/wekan-3.45-arm64.zip +SOURCE_URL=https://build.yunohost.org/apps/wekan-3.45-arm64.zip SOURCE_SUM=854c4a47125b616da3a36b7a766dbcf23adc1d926060c3e8b370e6c16b53bc25 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip diff --git a/conf/x86-64.src b/conf/x86-64.src index 894dd8d..e77ca6e 100644 --- a/conf/x86-64.src +++ b/conf/x86-64.src @@ -1,7 +1,7 @@ # This is on YunoHost server just to avoid the file from disappearing # Original source is https://releases.wekan.team/wekan-3.45.zip # YunoHost source is https://build.yunohost.org/apps/wekan-3.45.zip -SOURCE_URL=https://releases.wekan.team/wekan-3.45.zip +SOURCE_URL=https://build.yunohost.org/apps/wekan-3.45.zip SOURCE_SUM=b5385e2aadefe01a5f21d669475f8c33bd34992d2b019a5417576dbfc4ed77b1 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip