#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= ynh_clean_setup () { true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --time --weight=1 final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path ynh_webpath_register --app="$app" --domain="$domain" --path_url="$path_url" #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." --time --weight=1 ynh_app_setting_set --app="$app" --key=domain --value="$domain" ynh_app_setting_set --app="$app" --key=path --value="$path_url" ynh_app_setting_set --app="$app" --key=is_public --value="$is_public" #================================================= # STANDARD MODIFICATIONS #================================================= # FIND AND OPEN A PORT #================================================= ynh_script_progression --message="Configuring firewall..." --time --weight=1 # Find an available port port=$(ynh_find_port --port=8095) ynh_app_setting_set --app="$app" --key=port --value="$port" # DO NOT OPEN THIS PORT #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." --time --weight=6 # Install nodejs ynh_install_nodejs --nodejs_version=$YNH_NODEJS_VERSION # Install Yarn ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" \ --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --time --weight=1 ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring nginx web server..." --time --weight=1 # Create a dedicated nginx config ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Configuring system user..." --time --weight=1 # Create a system user ynh_system_user_create --username="$app" --home_dir="$final_path" #================================================= # SPECIFIC SETUP #================================================= # BUILD YARN DEPENDENCIES #================================================= ynh_script_progression --message="Building yarn dependencies..." --time --weight=6 chown -R "$app":"$app" "$final_path" pushd "$final_path" || return 1 ynh_use_nodejs sudo -u "$app" env "$ynh_node_load_PATH" yarn global add wetty yarn_bin_dir="$(sudo -u "$app" yarn global bin)" popd || return 1 #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." --time --weight=1 # Create a dedicated systemd config ynh_add_systemd_config --others_var="domain port path_url ynh_node_load_PATH yarn_bin_dir" #================================================= # MODIFY A CONFIG FILE #================================================= ### `ynh_replace_string` is used to replace a string in a file. ### (It's compatible with sed regular expressions syntax) # ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE" #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= ### `ynh_store_file_checksum` is used to store the checksum of a file. ### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, ### you can make a backup of this file before modifying it again if the admin had modified it. # Calculate and store the config file checksum into the app settings # ynh_store_file_checksum --file="$final_path/CONFIG_FILE" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= ### For security reason, any app should set the permissions to root: before anything else. ### Then, if write authorization is needed, any access should be given only to directories ### that really need such authorization. # Set permissions to app files # chown -R root: "$final_path" #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Configuring log rotation..." --time --weight=1 ### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. ### Use this helper only if there is effectively a log file for this app. ### If you're not using this helper: ### - Remove the section "BACKUP LOGROTATE" in the backup script ### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script ### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script ### - And the section "SETUP LOGROTATE" in the upgrade script # Use logrotate to manage application logfile(s) ynh_use_logrotate #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 yunohost service add "$app" --description "A short description of the app" --log "/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --time --weight=1 # Start a systemd service ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" #================================================= # SETUP FAIL2BAN #================================================= # ynh_script_progression --message="Configuring fail2ban..." --time --weight=1 # # Create a dedicated fail2ban config # ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 # Make app public if necessary if [ "$is_public" -eq 1 ]; then ynh_permission_update --permission "main" --add "visitors" fi #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Installation of $app completed" --time --last