From 260a28279fad23a6ce828335676c906f448b2d12 Mon Sep 17 00:00:00 2001 From: anmol Date: Thu, 12 Nov 2020 22:50:42 +0530 Subject: [PATCH] Added password to access the app because app don't work with SSO --- check_process | 2 +- conf/systemd.service | 2 +- manifest.json | 13 +++++++------ scripts/_common.sh | 2 +- scripts/install | 25 +++++++++++-------------- scripts/remove | 2 +- scripts/restore | 13 +++++++------ scripts/upgrade | 16 ++++++++++------ 8 files changed, 39 insertions(+), 36 deletions(-) diff --git a/check_process b/check_process index d966a49..6f5a7bb 100644 --- a/check_process +++ b/check_process @@ -4,7 +4,7 @@ ; Manifest domain="sub.domain.tld" (DOMAIN) # path="/" (PATH) - admin="john" (USER) + password="seceret123" (USER) # language="fr" # is_public="Yes" (PUBLIC|public=Yes|private=No) # is_public=0 (PUBLIC|public=1|private=0) diff --git a/conf/systemd.service b/conf/systemd.service index 2a3b270..5462b79 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,7 +6,7 @@ After=network.target User=__APP__ Group=__APP__ WorkingDirectory=__FINALPATH__ -ExecStart=/usr/bin/python3 __FINALPATH__/zeronet.py --ui_port __PORT__ --ui_host __DOMAIN__ --fileserver_port __FS_PORT__ --data_dir __DATADIR__/data --log_dir __DATADIR__/log +ExecStart=/usr/bin/python3 __FINALPATH__/zeronet.py --ui_port __PORT__ --ui_host __DOMAIN__ --fileserver_port __FS_PORT__ --data_dir __DATADIR__/data --log_dir __DATADIR__/log --ui_password __PASSWORD__ ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure diff --git a/manifest.json b/manifest.json index 7260872..0d3665e 100644 --- a/manifest.json +++ b/manifest.json @@ -32,14 +32,15 @@ "example": "zeronet.domain.tld" }, { - "name": "admin", - "type": "user", + "name": "password", + "type": "password", + "optional": true, "ask": { - "en": "Choose an admin user (the one who will be able to access the admin interface)", - "fr": "Choisissez l'administrateur (seul autorisé à accéder à l'interface d'administration)" + "en": "Set the password for the Zeronet.", + "fr": "Définissez le mot de passe pour votre Zeronet." }, - "example": "john doe" - } + "example": "myreallystrengthpassword" + } ] } } diff --git a/scripts/_common.sh b/scripts/_common.sh index 46d94b0..55107c1 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="python3-msgpack python3-socks python3-gevent" +pkg_dependencies="python3-venv python3-pip" #================================================= # PERSONAL HELPERS diff --git a/scripts/install b/scripts/install index 0628dca..679b9df 100755 --- a/scripts/install +++ b/scripts/install @@ -26,7 +26,7 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" -admin=$YNH_APP_ARG_ADMIN +password=$YNH_APP_ARG_PASSWORD ### If it's a multi-instance app, meaning it can be installed several times independently @@ -69,9 +69,8 @@ ynh_script_progression --message="Storing installation settings..." ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=datadir --value=$datadir - +ynh_app_setting_set --app=$app --key=password --value=$password #================================================= # STANDARD MODIFICATIONS @@ -110,7 +109,8 @@ ynh_script_progression --message="Installing dependencies..." ### - As well as the section "REINSTALL DEPENDENCIES" in the restore script ### - And the section "UPGRADE DEPENDENCIES" in the upgrade script -pip3 install msgpack-python gevent +ynh_install_app_dependencies $pkg_dependencies +pip3 install msgpack-python gevent base58 merkletools #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -162,21 +162,18 @@ ynh_script_progression --message="Configuring a systemd service..." ynh_add_systemd_config #================================================= -# SETUP APPLICATION WITH CURL +# SETUP APPLICATION PERMISSIONS #================================================= -### Use these lines only if the app installation needs to be finalized through -### web forms. We generally don't want to ask the final user, -### so we're going to use curl to automatically fill the fields and submit the -### forms. +# Enable password authentication for Zeronet +mv $final_path/plugins/disabled-UiPassword $final_path/plugins/UiPassword -# Set right permissions for curl install +# Set right permissions mkdir -p $datadir/data mkdir -p $datadir/log chown -R $app: $final_path chown -R $app: $datadir - #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= @@ -190,7 +187,7 @@ ynh_script_progression --message="Integrating service in YunoHost..." ### - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script ### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script ### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script -ynh_add_systemd_config --service="$app" --template="systemd.service" --others_var="fs_port port domain datadir" +ynh_add_systemd_config --service="$app" --template="systemd.service" --others_var="fs_port port domain datadir password" yunohost service add $app --description "$app service" --log "$datadir/log/debug-last.log" --needs_exposed_ports "$fs_port" @@ -231,9 +228,9 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="$datadir/log #================================================= ynh_script_progression --message="Configuring SSOwat..." -# Restrict access to admin only -#yunohost app addaccess --users=$admin $app +# Allow the app to be public ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" + #================================================= # RELOAD NGINX #================================================= diff --git a/scripts/remove b/scripts/remove index 5ff4037..9b0c890 100755 --- a/scripts/remove +++ b/scripts/remove @@ -50,7 +50,7 @@ ynh_script_progression --message="Removing dependencies..." # Remove metapackage and its dependencies pip3 uninstall -y msgpack-python gevent - +ynh_remove_app_dependencies #================================================= # REMOVE APP MAIN DIR #================================================= diff --git a/scripts/restore b/scripts/restore index 38a1312..2d645b3 100755 --- a/scripts/restore +++ b/scripts/restore @@ -30,11 +30,11 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) fs_port=$(ynh_app_setting_get --app=$app --key=fs_port) datadir=$(ynh_app_setting_get --app=$app --key=datadir) +password=$(ynh_app_setting_get --app=$app --key=password) #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -68,7 +68,7 @@ ynh_restore_file --origin_path="$datadir" ynh_script_progression --message="Recreating the dedicated system user..." # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir=$datadir -s #================================================= # RESTORE USER RIGHTS @@ -86,7 +86,8 @@ chown -R $app: $datadir ynh_script_progression --message="Reinstalling dependencies..." # Define and install dependencies -pip3 install msgpack-python gevent +ynh_install_app_dependencies $pkg_dependencies +pip3 install msgpack-python gevent base58 merkletools #================================================= # RESTORE SYSTEMD @@ -101,7 +102,7 @@ systemctl enable $app.service #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -ynh_add_systemd_config --service="$app" --template="systemd.service" --others_var="fs_port port domain datadir" +ynh_add_systemd_config --service="$app" --template="systemd.service" --others_var="fs_port port domain datadir password" yunohost service add $app --description "$app service" --log "$datadir/log/debug-last.log" --needs_exposed_ports "$fs_port" #================================================= @@ -116,8 +117,8 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="$datadir/log #================================================= ynh_script_progression --message="Upgrading SSOwat configuration..." -# Restrict access to admin only -yunohost app addaccess --users=$admin $app +# Allow the app to be public +ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index d78c87c..88bd534 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,11 +18,11 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) fs_port=$(ynh_app_setting_get --app=$app --key=fs_port) datadir=$(ynh_app_setting_get --app=$app --key=datadir) +password=$(ynh_app_setting_get --app=$app --key=password) #================================================= # CHECK VERSION @@ -108,7 +108,8 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Upgrading dependencies..." -pip3 install msgpack-python gevent +ynh_install_app_dependencies $pkg_dependencies +pip3 install msgpack-python gevent base58 merkletools #================================================= # CREATE DEDICATED USER @@ -116,7 +117,7 @@ pip3 install msgpack-python gevent ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir=$datadir -s #================================================= # SETUP SYSTEMD @@ -132,6 +133,9 @@ ynh_add_systemd_config # SECURE FILES AND DIRECTORIES #================================================= +# Enable password authentication for Zeronet +mv $final_path/plugins/disabled-UiPassword $final_path/plugins/UiPassword + # Set permissions on app files chown -R $app: $final_path chown -R $app: $datadir @@ -140,7 +144,7 @@ chown -R $app: $datadir # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -ynh_add_systemd_config --service="$app" --template="systemd.service" --others_var="fs_port port domain datadir" +ynh_add_systemd_config --service="$app" --template="systemd.service" --others_var="fs_port port domain datadir password" yunohost service add $app --description "$app service" --log "$datadir/log/debug-last.log" --needs_exposed_ports "$fs_port" #================================================= @@ -155,8 +159,8 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="$datadir/log #================================================= ynh_script_progression --message="Upgrading SSOwat configuration..." -# Restrict access to admin only -yunohost app addaccess --users=$admin $app +# Allow the app to be public +ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" #================================================= # RELOAD NGINX