diff --git a/conf/sudoers.conf b/conf/sudoers.conf index cb80189..5942292 100644 --- a/conf/sudoers.conf +++ b/conf/sudoers.conf @@ -1,3 +1,2 @@ -Cmnd_Alias WIREGUARDSERVICE = /bin/systemctl restart wg-quick@wg0.service - -__USER__ ALL = NOPASSWD: WIREGUARDSERVICE +Cmnd_Alias WIREGUARDSERVICE = /usr/bin/systemctl restart wg-quick@wg0.service +%__USER__ ALL = NOPASSWD: WIREGUARDSERVICE diff --git a/conf/wireguard.path b/conf/wireguard_ui_conf.path similarity index 100% rename from conf/wireguard.path rename to conf/wireguard_ui_conf.path diff --git a/conf/wireguard.service b/conf/wireguard_ui_conf.service similarity index 65% rename from conf/wireguard.service rename to conf/wireguard_ui_conf.service index 7711fbf..0e5ec1d 100644 --- a/conf/wireguard.service +++ b/conf/wireguard_ui_conf.service @@ -6,4 +6,4 @@ After=network.target Type=oneshot User=__APP__ Group=__APP__ -ExecStart=/bin/systemctl restart wg-quick@wg0.service +ExecStart=/usr/bin/systemctl restart wg-quick@wg0.service diff --git a/scripts/backup b/scripts/backup index 6fc9a1d..38b6443 100644 --- a/scripts/backup +++ b/scripts/backup @@ -60,9 +60,9 @@ ynh_backup --src_path="/etc/logrotate.d/$app" # BACKUP SYSTEMD #================================================= -ynh_backup --src_path="/etc/systemd/system/$app.service" ynh_backup --src_path=/etc/systemd/system/wireguard_ui.service -ynh_backup --src_path=/etc/systemd/system/wireguard.path +ynh_backup --src_path=/etc/systemd/system/wireguard_ui_conf.path +ynh_backup --src_path=/etc/systemd/system/wireguard_ui_conf.service ynh_backup --src_path="/etc/sudoers.d/${app}_ynh" #================================================= diff --git a/scripts/install b/scripts/install index 1a487d6..cc65b6f 100644 --- a/scripts/install +++ b/scripts/install @@ -135,7 +135,7 @@ ynh_replace_string --match_string="__PORT_WG__" --replace_string="$port_wg" --ta # Create WireGuard configuration directory mkdir -p /etc/wireguard -# Add interace configuration file for WireGuard +# Add interface configuration file for WireGuard cp ../conf/wg0.conf /etc/wireguard/wg0.conf ynh_replace_string --match_string="__PORT_WG__" --replace_string="$port_wg" --target_file="/etc/wireguard/wg0.conf" ynh_replace_string --match_string="__PRIVATE_KEY__" --replace_string="$(wg genkey)" --target_file="/etc/wireguard/wg0.conf" @@ -149,11 +149,11 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1 ynh_add_systemd_config --service=wireguard_ui --template=wireguard_ui.service --others_var="port" # Create a dedicated systemd config for monitoring WireGuard's configuration -cp ../conf/wireguard.path /etc/systemd/system/wireguard.path -systemctl enable --quiet wireguard.path +cp ../conf/wireguard_ui_conf.path /etc/systemd/system/wireguard_ui_conf.path +systemctl enable --quiet wireguard_ui_conf.path -# Create a dedicated systemd config for restarting WireGuard -ynh_add_systemd_config --service=wireguard --template=wireguard.service --others_var="port_wg" +# Create a dedicated systemd config for restarting WireGuard when its configuration changes +ynh_add_systemd_config --service=wireguard_ui_conf --template=wireguard_ui_conf.service --others_var="port_wg" #================================================= # GENERIC FINALIZATION @@ -168,21 +168,13 @@ chmod -R 750 $final_path/db chown -R $app:$app /etc/wireguard -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 - -# Use logrotate to manage application logfile(s) -ynh_use_logrotate - #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add wireguard --description "WireGuard" --needs_exposed_ports $port_wg --test_status "wg show | grep wg0" -yunohost service add wireguard_ui --description "WireGuard UI" --log "/var/log/$app/ui.log" +yunohost service add wg-quick@wg0 --description "WireGuard" --needs_exposed_ports $port_wg +yunohost service add wireguard_ui --description "WireGuard UI" #================================================= # START SYSTEMD SERVICE diff --git a/scripts/remove b/scripts/remove index 0befc03..c6577b8 100644 --- a/scripts/remove +++ b/scripts/remove @@ -27,26 +27,33 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove the service from the list of services known by Yunohost (added from `yunohost service add`) +# Remove the services from the list of services known by Yunohost (added from `yunohost service add`) + if ynh_exec_warn_less yunohost service status wireguard_ui >/dev/null then ynh_script_progression --message="Removing WireGuard UI service integration..." --weight=1 yunohost service remove wireguard_ui fi +if ynh_exec_warn_less yunohost service status wg-quick@wg0 >/dev/null +then + ynh_script_progression --message="Removing WireGuard service integration..." --weight=1 + yunohost service remove wg-quick@wg0 +fi + #================================================= # STOP AND REMOVE SERVICE #================================================= ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 # YunoHost does not handle services not ending with .service, let's remove it manually -systemctl stop wireguard.path -systemctl disable wireguard.path --quiet -ynh_secure_remove --file="/etc/systemd/system/wireguard.path" +systemctl stop wireguard_ui_conf.path +systemctl disable wireguard_ui_conf.path --quiet +ynh_secure_remove --file="/etc/systemd/system/wireguard_ui_conf.path" systemctl daemon-reload # Remove the dedicated systemd configs -ynh_remove_systemd_config --service=wireguard +ynh_remove_systemd_config --service=wireguard_ui_conf ynh_remove_systemd_config --service=wireguard_ui #================================================= diff --git a/scripts/restore b/scripts/restore index ff26e10..e5fdbef 100644 --- a/scripts/restore +++ b/scripts/restore @@ -111,17 +111,17 @@ ynh_remove_extra_repo --name=$app ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 ynh_restore_file --origin_path=/etc/systemd/system/wireguard_ui.service -ynh_restore_file --origin_path=/etc/systemd/system/wireguard.path -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +ynh_restore_file --origin_path=/etc/systemd/system/wireguard_ui_conf.path +ynh_restore_file --origin_path=/etc/systemd/system/wireguard_ui_conf.service -systemctl enable --quiet wireguard.path +systemctl enable --quiet wireguard_ui_conf.path #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add wireguard --description "WireGuard" --needs_exposed_ports $port_wg --test_status "wg show | grep wg0" +yunohost service add wg-quick@wg0 --description "WireGuard" --needs_exposed_ports "$port_wg" yunohost service add wireguard_ui --description "WireGuard UI" --log "/var/log/$app/ui.log" #================================================= @@ -137,12 +137,7 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=wireguard_ui --action="start" --line_match="http server started" --log_path="systemd" --timeout=30 sleep 5 - -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= - -ynh_restore_file --origin_path="/etc/logrotate.d/$app" +ynh_systemd_action --service_name=wg-quick@wg0 --action="start" --line_match="Started WireGuard via wg-quick(8) for wg0." --log_path="systemd" --timeout=30 #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index a9c383b..e9b37ce 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -84,6 +84,13 @@ if [ -f "/etc/sudoers.d/${app}_ynh" ]; then ynh_replace_string "__USER__" "${app}" /etc/sudoers.d/${app}_ynh fi +# Remove deprecated services +if systemctl list-units --full -all | grep -Fq "wireguard.path"; then + systemctl disable --now --quiet wireguard.path + ynh_secure_remove --file="/etc/systemd/system/wireguard.path" +fi +ynh_remove_systemd_config --service="wireguard.service" + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -106,8 +113,7 @@ ynh_abort_if_errors ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=wireguard_ui --action="stop" --line_match="Stopped WireGuard UI" --log_path="systemd" --timeout=30 -systemctl disable --now --quiet wireguard.path -ynh_systemd_action --service_name=wireguard --action="stop" +ynh_systemd_action --service_name=wg-quick@wg0 --action="stop" --line_match="Stopped WireGuard via wg-quick(8) for wg0." --log_path="systemd" --timeout=30 #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -170,11 +176,8 @@ ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 ynh_add_systemd_config --service=wireguard_ui --template=wireguard_ui.service --others_var="port" # Create a dedicated systemd config for monitoring WireGuard's configuration -cp ../conf/wireguard.path /etc/systemd/system/wireguard.path -systemctl enable --quiet wireguard.path - -# Create a dedicated systemd config for restarting WireGuard -ynh_add_systemd_config --service=wireguard --template=wireguard.service --others_var="port_wg" +cp ../conf/wireguard_ui_conf.path /etc/systemd/system/wireguard_ui_conf.path +systemctl enable --quiet wireguard_ui_conf.path #================================================= # CONFIGURING WIREGUARD @@ -198,21 +201,13 @@ chown -R root: $final_path chown -R $app: $final_path/db chmod -R 750 $final_path/db -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 - -# Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate --non-append - #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add wireguard --description "WireGuard" --needs_exposed_ports "$port_wg" --test_status "wg show | grep wg0" -yunohost service add wireguard_ui --description "WireGuard UI" --log "/var/log/$app/ui.log" +yunohost service add wg-quick@wg0 --description "WireGuard" --needs_exposed_ports "$port_wg" +yunohost service add wireguard_ui --description "WireGuard UI" #================================================= # START SYSTEMD SERVICE @@ -222,6 +217,7 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service ynh_systemd_action --service_name=wireguard_ui --action="start" --line_match="http server started" --log_path="systemd" --timeout=30 sleep 5 +ynh_systemd_action --service_name=wg-quick@wg0 --action="start" --line_match="Started WireGuard via wg-quick(8) for wg0." --log_path="systemd" --timeout=30 #================================================= # RELOAD NGINX