diff --git a/check_process b/check_process index 23e6543..04aae70 100644 --- a/check_process +++ b/check_process @@ -1,14 +1,9 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) + domain="domain.tld" + path="/path" language="fr" - is_public=1 (PUBLIC|public=1|private=0) + is_public=1 password="pass" ; Checks pkg_linter=1 @@ -18,7 +13,8 @@ setup_private=1 setup_public=1 upgrade=1 - # New app, no upgrade. upgrade=1 from_commit=CommitHash + # 2.0.3~ynh4 + upgrade=1 from_commit=a3ac3d094feaa8ea45d98fb8c067c532216bb1a8 backup_restore=1 multi_instance=1 port_already_use=0 @@ -27,6 +23,5 @@ Email= Notification=none ;;; Upgrade options - ; commit=CommitHash - name=Name and date of the commit. - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& + ; commit=a3ac3d094feaa8ea45d98fb8c067c532216bb1a8 + name=2.0.3~ynh4 diff --git a/conf/app.src b/conf/app.src index 9726f5c..75ad556 100644 --- a/conf/app.src +++ b/conf/app.src @@ -4,3 +4,4 @@ SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index dc3ad2d..b37f382 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -10,12 +10,11 @@ location __PATH__/ { # break tells nginx to continue processing the location block rewrite ^__PATH__/$ __PATH__ break; - proxy_pass http://localhost:__PORT__; + proxy_pass http://127.0.0.1:__PORT__; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - # TODO why doesn't this work ? new feature of nginx ? - # proxy_read_timeout 43200000; + proxy_read_timeout 43200000; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/conf/systemd.service b/conf/systemd.service index b026b2d..aaac467 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -4,12 +4,18 @@ After=network.target [Service] Type=simple +Environment=NODE_ENV=production User=__APP__ Group=__APP__ WorkingDirectory=__FINALPATH__/ -Environment=NODE_ENV=production -Environment="__YNH_NODE_LOAD_PATH__" -ExecStart=__YARN_BIN_DIR__/wetty --conf __FINALPATH__/config.json5 +ExecStart=__YNH_NODE__ . --conf ./config.json5 +TimeoutStopSec=20 +KillMode=mixed +Restart=always +RestartSec=2 + +StandardOutput=append:/var/log/__APP__/__APP__.log +StandardError=inherit [Install] WantedBy=multi-user.target diff --git a/manifest.json b/manifest.json index 32e81c9..671e396 100644 --- a/manifest.json +++ b/manifest.json @@ -14,7 +14,7 @@ "email": "salamandar@salamandar.fr" }, "requirements": { - "yunohost": ">= 3.8.1" + "yunohost": ">= 4.1.0" }, "multi_instance": true, "services": [ @@ -25,29 +25,17 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain name for Wetty", - "fr": "Choisissez un nom de domaine pour Wetty" - }, "example": "example.com" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for Wetty", - "fr": "Choisissez un chemin pour Wetty" - }, "example": "/wetty", "default": "/wetty" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Is it a public application?", - "fr": "Est-ce une application publique ?" - }, "help": { "en": "Even if public, it still requires authentication.", "fr": "Même publique, vous devrez vous authentifier" diff --git a/scripts/_common.sh b/scripts/_common.sh index a8f80e8..2a28ffc 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -7,9 +7,7 @@ # dependencies used by the app # pkg_dependencies="" -YNH_NODEJS_VERSION=14 - -YARN_APP_REAL_VERSION=2.0.2 +NODEJS_VERSION=14 #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index a89b570..f78c623 100755 --- a/scripts/backup +++ b/scripts/backup @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash #================================================= # GENERIC START @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -14,7 +15,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - true + true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -26,8 +27,8 @@ ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -domain=$(ynh_app_setting_get --app="$app" --key=domain) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -52,7 +53,7 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" # BACKUP LOGROTATE #================================================= -# ynh_backup --src_path="/etc/logrotate.d/$app" +ynh_backup --src_path="/etc/logrotate.d/$app" #================================================= # BACKUP SYSTEMD @@ -64,4 +65,4 @@ ynh_backup --src_path="/etc/systemd/system/$app.service" # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for Wetty. (YunoHost will then actually copy those files to the archive)." +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 9b6c929..404a367 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash #================================================= # GENERIC STARTING @@ -27,24 +27,22 @@ app=$YNH_APP_INSTANCE_NAME ynh_script_progression --message="Loading installation settings..." --weight=1 # Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -port=$(ynh_app_setting_get --app="$app" --key=port) - +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +port=$(ynh_app_setting_get --app=$app --key=port) #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up Wetty before changing its URL (may take a while)..." --weight=1 +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - # restore it if the upgrade fails - ynh_restore_upgradebackup + # Restore it if the upgrade fails + ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -54,13 +52,15 @@ ynh_abort_if_errors #================================================= change_domain=0 -if [ "$old_domain" != "$new_domain" ]; then - change_domain=1 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 fi change_path=0 -if [ "$old_path" != "$new_path" ]; then - change_path=1 +if [ "$old_path" != "$new_path" ] +then + change_path=1 fi #================================================= @@ -68,9 +68,9 @@ fi #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping the systemd service..." --weight=1 +ynh_script_progression --message="Stopping a systemd service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" #================================================= # MODIFY URL IN NGINX CONF @@ -80,23 +80,25 @@ ynh_script_progression --message="Updating NGINX web server configuration..." -- nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf # Change the path in the NGINX config file -if [ $change_path -eq 1 ]; then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config +if [ $change_path -eq 1 ] +then + # Make a backup of the original NGINX config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Set global variables for NGINX helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated NGINX config + ynh_add_nginx_config fi # Change the domain for NGINX -if [ $change_domain -eq 1 ]; then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv "$nginx_conf_path" "/etc/nginx/conf.d/$new_domain.d/$app.conf" - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi #================================================= @@ -110,9 +112,11 @@ domain="$new_domain" path_url="$new_path" # port is already defined in this file -ynh_backup_if_checksum_is_different --file="$final_path/config.json5" ynh_add_config --template="config.json5" --destination="$final_path/config.json5" +chmod 400 "$final_path/config.json5" +chown $app:$app "$final_path/config.json5" + #================================================= # GENERIC FINALISATION #================================================= @@ -120,7 +124,8 @@ ynh_add_config --template="config.json5" --destination="$final_path/config.json5 #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" +# Start a systemd service +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="Server started" #================================================= # RELOAD NGINX @@ -133,4 +138,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for Wetty" --last +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index cbf4bf7..e778903 100755 --- a/scripts/install +++ b/scripts/install @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash #================================================= # GENERIC START @@ -14,7 +14,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - true + true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -37,16 +37,15 @@ final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path -ynh_webpath_register --app="$app" --domain="$domain" --path_url="$path_url" +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." --weight=1 -ynh_app_setting_set --app="$app" --key=domain --value="$domain" -ynh_app_setting_set --app="$app" --key=path --value="$path_url" -ynh_app_setting_set --app="$app" --key=is_public --value="$is_public" +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url #================================================= # STANDARD MODIFICATIONS @@ -57,7 +56,7 @@ ynh_script_progression --message="Finding an available port..." --weight=1 # Find an available port port=$(ynh_find_port --port=8095) -ynh_app_setting_set --app="$app" --key=port --value="$port" +ynh_app_setting_set --app=$app --key=port --value=$port # DO NOT OPEN THIS PORT @@ -67,22 +66,31 @@ ynh_app_setting_set --app="$app" --key=port --value="$port" ynh_script_progression --message="Installing dependencies..." --weight=6 # Install nodejs -ynh_install_nodejs --nodejs_version="$YNH_NODEJS_VERSION" +ynh_install_nodejs --nodejs_version=$NODEJS_VERSION # Install Yarn -ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" \ - --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" +ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 -ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" +ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" -ynh_add_config --template="config.json5" --destination="$final_path/config.json5" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # NGINX CONFIGURATION @@ -92,27 +100,29 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username="$app" --home_dir="$final_path" - #================================================= # SPECIFIC SETUP +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a configuration file..." --weight=1 + +ynh_add_config --template="config.json5" --destination="$final_path/config.json5" + +chmod 400 "$final_path/config.json5" +chown $app:$app "$final_path/config.json5" + #================================================= # BUILD YARN DEPENDENCIES #================================================= ynh_script_progression --message="Building Yarn dependencies... This may take several minutes for a first install." --weight=6 -chown -R "$app":"$app" "$final_path" - pushd "$final_path" || return 1 ynh_use_nodejs ; set "${ynh_node_load_PATH:?}" - sudo -u "$app" env "$ynh_node_load_PATH" yarn global add wetty@"$YARN_APP_REAL_VERSION" - yarn_bin_dir="$(sudo -u "$app" env "$ynh_node_load_PATH" yarn global bin)" + sudo -u $app env "$ynh_node_load_PATH" yarn + sudo -u $app env "$ynh_node_load_PATH" yarn build + sudo -u $app env "$ynh_node_load_PATH" yarn install --production --ignore-scripts --prefer-offline + ynh_secure_remove --file="$final_path/.cache" popd || return 1 #================================================= @@ -121,8 +131,7 @@ popd || return 1 ynh_script_progression --message="Configuring the systemd service..." --weight=1 # Create a dedicated systemd config -test -n "${ynh_node_load_PATH}${yarn_bin_dir}" -ynh_add_systemd_config --others_var="ynh_node_load_PATH yarn_bin_dir" +ynh_add_systemd_config #================================================= # GENERIC FINALIZATION @@ -139,31 +148,27 @@ ynh_use_logrotate #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add "$app" --description "Wetty Web Terminal service" --log "/var/log/$app/$app.log" +yunohost service add $app --description="Wetty Web Terminal service" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting the systemd service..." --weight=1 +ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" - -#================================================= -# SETUP FAIL2BAN -#================================================= -# ynh_script_progression --message="Configuring fail2ban..." --weight=1 - -# Create a dedicated fail2ban config -# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" +# Start a systemd service +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="Server started" #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." --weight=1 +ynh_script_progression --message="Configuring permissions..." --weight=1 # Make app public if necessary -if [ "$is_public" -eq 1 ]; then - ynh_permission_update --permission "main" --add "visitors" +if [ $is_public -eq 1 ] +then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. + ynh_permission_update --permission="main" --add="visitors" fi #================================================= @@ -177,4 +182,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of Wetty completed" --last +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 91bbf2b..040cf28 100755 --- a/scripts/remove +++ b/scripts/remove @@ -16,18 +16,19 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # STANDARD REMOVE #================================================= # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -ynh_script_progression --message="Removing Wetty service integration..." --weight=1 -# Remove the service from the list of services known by Yunohost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status "$app" >/dev/null; then - yunohost service remove "$app" +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status $app >/dev/null +then + ynh_script_progression --message="Removing $app service integration..." + yunohost service remove $app fi #================================================= @@ -49,7 +50,7 @@ ynh_remove_app_dependencies #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing Wetty main directory..." --weight=1 +ynh_script_progression --message="Removing app main directory..." --weight=1 # Remove the app directory securely ynh_secure_remove --file="$final_path" @@ -70,29 +71,6 @@ ynh_script_progression --message="Removing logrotate configuration..." --weight= # Remove the app-specific logrotate config ynh_remove_logrotate -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -# ynh_script_progression --message="Removing fail2ban configuration..." --weight=1 - -# # Remove the dedicated fail2ban config -# ynh_remove_fail2ban_config - -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= - -# # Remove a cron file -# ynh_secure_remove --file="/etc/cron.d/$app" - -# # Remove a directory securely -# ynh_secure_remove --file="/etc/$app/" - -# # Remove the log files -# ynh_secure_remove --file="/var/log/$app/" - #================================================= # GENERIC FINALIZATION #================================================= @@ -101,10 +79,10 @@ ynh_remove_logrotate ynh_script_progression --message="Removing the dedicated system user..." --weight=1 # Delete a system user -ynh_system_user_delete --username="$app" +ynh_system_user_delete --username=$app #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of Wetty completed" --last +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 4672115..ead71ed 100755 --- a/scripts/restore +++ b/scripts/restore @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash #================================================= # GENERIC START @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -14,7 +15,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - true + true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -26,49 +27,47 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -domain=$(ynh_app_setting_get --app="$app" --key=domain) -path_url=$(ynh_app_setting_get --app="$app" --key=path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available --domain="$domain" --path_url="$path_url" \ - || ynh_die --message="Path not available: ${domain}${path_url}" -test ! -d "$final_path" \ - || ynh_die --message="There is already a directory: $final_path " +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}${path_url}" +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the NGINX configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring Wetty main directory..." --weight=1 - -ynh_restore_file --origin_path="$final_path" - #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 # Create the dedicated user (if not existing) -ynh_system_user_create --username="$app" +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# RESTORE USER RIGHTS +# RESTORE THE APP MAIN DIR #================================================= +ynh_script_progression --message="Restoring the app main directory..." --weight=1 -# Restore permissions on app files -chown -R "$app":"$app" "$final_path" +ynh_restore_file --origin_path="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # SPECIFIC RESTORATION @@ -78,11 +77,10 @@ chown -R "$app":"$app" "$final_path" ynh_script_progression --message="Reinstalling dependencies..." --weight=3 # Install nodejs -ynh_install_nodejs --nodejs_version="$YNH_NODEJS_VERSION" +ynh_install_nodejs --nodejs_version=$NODEJS_VERSION # Install Yarn -ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" \ - --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" +ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" #================================================= # RESTORE SYSTEMD @@ -90,27 +88,29 @@ ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ st ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 ynh_restore_file --origin_path="/etc/systemd/system/$app.service" -ynh_systemd_action --service_name="$app" --action="enable" --log_path="/var/log/$app/$app.log" +systemctl enable $app.service --quiet #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add "$app" --description "Wetty Web Terminal service" --log "/var/log/$app/$app.log" +yunohost service add $app --description="Wetty Web Terminal service" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" +mkdir -p "/var/log/$app/" +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="Server started" #================================================= # RESTORE THE LOGROTATE CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the logrotate configuration..." -# ynh_restore_file --origin_path="/etc/logrotate.d/$app" +ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= # GENERIC FINALIZATION @@ -125,4 +125,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for Wetty" --last +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 8435793..2673a57 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -16,11 +16,10 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app="$app" --key=domain) -path_url=$(ynh_app_setting_get --app="$app" --key=path) -is_public=$(ynh_app_setting_get --app="$app" --key=is_public) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -port=$(ynh_app_setting_get --app="$app" --key=port) +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +port=$(ynh_app_setting_get --app=$app --key=port) #================================================= # CHECK VERSION @@ -28,36 +27,16 @@ port=$(ynh_app_setting_get --app="$app" --key=port) upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 - -# Fix is_public as a boolean value -if [ "$is_public" = "Yes" ]; then - ynh_app_setting_set --app="$app" --key=is_public --value=1 - is_public=1 -elif [ "$is_public" = "No" ]; then - ynh_app_setting_set --app="$app" --key=is_public --value=0 - is_public=0 -fi - -# If final_path doesn't exist, create it -if [ -z "$final_path" ]; then - final_path="/var/www/$app" - ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" -fi - #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up Wetty before upgrading (may take a while)..." --weight=3 +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=3 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup + # Restore it if the upgrade fails + ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -67,33 +46,51 @@ ynh_abort_if_errors #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping the systemd service..." --weight=1 +ynh_script_progression --message="Stopping a systemd service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" #================================================= -# UPGRADE DEPENDENCIES +# ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=3 +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 -# Install nodejs -ynh_install_nodejs --nodejs_version="$YNH_NODEJS_VERSION" +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path="/var/www/$app" + ynh_app_setting_set --app=$app --key=final_path --value="$final_path" +fi -# Install Yarn -ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" \ - --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Upgrading source files..." --weight=1 -if [ "$upgrade_type" == "UPGRADE_APP" ]; then - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" fi -ynh_add_config --template="config.json5" --destination="$final_path/config.json5" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # NGINX CONFIGURATION @@ -104,26 +101,42 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - ynh_add_nginx_config #================================================= -# CREATE DEDICATED USER +# UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 +ynh_script_progression --message="Upgrading dependencies..." --weight=3 -# Create a dedicated user (if not existing) -ynh_system_user_create --username="$app" --home_dir="$final_path" +# Install nodejs +ynh_install_nodejs --nodejs_version=$NODEJS_VERSION + +# Install Yarn +ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" \ + --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" #================================================= # SPECIFIC UPGRADE +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating a configuration file..." + +ynh_add_config --template="config.json5" --destination="$final_path/config.json5" + +chmod 400 "$final_path/config.json5" +chown $app:$app "$final_path/config.json5" + #================================================= # BUILD YARN DEPENDENCIES #================================================= ynh_script_progression --message="Rebuilding Yarn dependencies..." --weight=2 -chown -R "$app":"$app" "$final_path" +chown -R $app:$app "$final_path" pushd "$final_path" || return 1 ynh_use_nodejs ; set "${ynh_node_load_PATH:?}" - sudo -u "$app" env "$ynh_node_load_PATH" yarn global add wetty@"$YARN_APP_REAL_VERSION" - yarn_bin_dir="$(sudo -u "$app" env "$ynh_node_load_PATH" yarn global bin)" + sudo -u $app env "$ynh_node_load_PATH" yarn + sudo -u $app env "$ynh_node_load_PATH" yarn build + sudo -u $app env "$ynh_node_load_PATH" yarn install --production --ignore-scripts --prefer-offline + ynh_secure_remove --file="$final_path/.cache" popd || return 1 #================================================= @@ -132,8 +145,7 @@ popd || return 1 ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 # Create a dedicated systemd config -test -n "${ynh_node_load_PATH}${yarn_bin_dir}" -ynh_add_systemd_config --others_var="ynh_node_load_PATH yarn_bin_dir" +ynh_add_systemd_config #================================================= # GENERIC FINALIZATION @@ -142,7 +154,7 @@ ynh_add_systemd_config --others_var="ynh_node_load_PATH yarn_bin_dir" #================================================= ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 -# Use logrotate to manage application logfile(s) +# Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append #================================================= @@ -150,34 +162,14 @@ ynh_use_logrotate --non-append #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add "$app" --description "Wetty Web Terminal service" --log "/var/log/$app/$app.log" +yunohost service add $app --description="Wetty Web Terminal service" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting the systemd service..." --weight=1 +ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" - -#================================================= -# UPGRADE FAIL2BAN -#================================================= -# ynh_script_progression --message="Reconfiguring fail2ban..." --weight=1 - -# Create a dedicated fail2ban config -# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." --weight=1 - -# Make app public if necessary -if [ "$is_public" -eq 1 ]; then - ynh_permission_update --permission "main" --add "visitors" -else - ynh_permission_update --permission "main" --remove "visitors" -fi +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="Server started" #================================================= # RELOAD NGINX @@ -190,4 +182,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of Wetty completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last