From 4739859598cc7240a58a6175941f109cb78b8ab6 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 4 Oct 2021 11:52:12 +0200 Subject: [PATCH 01/47] fix app upgrade --- src/yunohost/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 821ef06b0..81b79ff48 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -507,7 +507,7 @@ def app_upgrade(app=[], url=None, file=None, force=False, no_safety_backup=False logger.warning(m18n.n("custom_app_url_required", app=app_instance_name)) continue elif app_dict["upgradable"] == "yes" or force: - new_app_src = app_dict["id"] + new_app_src = app_dict["manifest"]["id"] else: logger.success(m18n.n("app_already_up_to_date", app=app_instance_name)) continue From 27721749da10db3979b5629fdb3bbe83f3e00b89 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Mon, 4 Oct 2021 12:50:57 +0000 Subject: [PATCH 02/47] [CI] Format code --- src/yunohost/tests/test_apps.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/yunohost/tests/test_apps.py b/src/yunohost/tests/test_apps.py index 33af7256f..22e18ec9a 100644 --- a/src/yunohost/tests/test_apps.py +++ b/src/yunohost/tests/test_apps.py @@ -41,7 +41,13 @@ def clean(): os.system("mkdir -p /etc/ssowat/") app_ssowatconf() - test_apps = ["break_yo_system", "legacy_app", "legacy_app__2", "full_domain_app", "my_webapp"] + test_apps = [ + "break_yo_system", + "legacy_app", + "legacy_app__2", + "full_domain_app", + "my_webapp", + ] for test_app in test_apps: @@ -192,7 +198,10 @@ def test_legacy_app_install_main_domain(): def test_app_from_catalog(): main_domain = _get_maindomain() - app_install("my_webapp", args=f"domain={main_domain}&path=/site&with_sftp=0&password=superpassword&is_public=1&with_mysql=0") + app_install( + "my_webapp", + args=f"domain={main_domain}&path=/site&with_sftp=0&password=superpassword&is_public=1&with_mysql=0", + ) app_map_ = app_map(raw=True) assert main_domain in app_map_ assert "/site" in app_map_[main_domain] From 54d901ad7820f3bb1895fba86ff651add08a048b Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 5 Oct 2021 12:26:21 +0200 Subject: [PATCH 03/47] config: handle case where file quetion didnt get modified from webadmin, in which case self.value contains a path --- src/yunohost/utils/config.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/yunohost/utils/config.py b/src/yunohost/utils/config.py index 27a9e1533..2a1159042 100644 --- a/src/yunohost/utils/config.py +++ b/src/yunohost/utils/config.py @@ -1019,10 +1019,9 @@ class FileQuestion(Question): FileQuestion.upload_dirs += [upload_dir] logger.debug(f"Saving file {self.name} for file question into {file_path}") - if Moulinette.interface.type != "api": + if Moulinette.interface.type != "api" or (self.value.startswith("/") and os.path.exists(self.value)): content = read_file(str(self.value), file_mode="rb") - - if Moulinette.interface.type == "api": + else: content = b64decode(self.value) write_to_file(file_path, content, file_mode="wb") From 753c4e34ed37889efc7846951042fff2c7836589 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 5 Oct 2021 12:32:23 +0200 Subject: [PATCH 04/47] Typo/wording --- data/helpers.d/config | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/config b/data/helpers.d/config index d12316996..accedfce3 100644 --- a/data/helpers.d/config +++ b/data/helpers.d/config @@ -104,7 +104,7 @@ _ynh_app_config_apply_one() { cp "${!short_setting}" "$bind_file" fi ynh_store_file_checksum --file="$bind_file" --update_only - ynh_print_info --message="File '$bind_file' overwrited with ${!short_setting}" + ynh_print_info --message="File '$bind_file' overwritten with ${!short_setting}" fi # Save value in app settings @@ -124,7 +124,7 @@ _ynh_app_config_apply_one() { ynh_backup_if_checksum_is_different --file="$bind_file" echo "${!short_setting}" > "$bind_file" ynh_store_file_checksum --file="$bind_file" --update_only - ynh_print_info --message="File '$bind_file' overwrited with the content you provieded in '${short_setting}' question" + ynh_print_info --message="File '$bind_file' overwritten with the content provided in question '${short_setting}'" # Set value into a kind of key/value file else From 941cc29438e08a9a5f6579e099dd4fd7661c1758 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 5 Oct 2021 12:35:06 +0200 Subject: [PATCH 05/47] bind_key -> bind_key_ to prevent yunohost from redacting key names which leads to broken log metadata.yml somehow --- data/helpers.d/config | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/data/helpers.d/config b/data/helpers.d/config index accedfce3..3f856ffa4 100644 --- a/data/helpers.d/config +++ b/data/helpers.d/config @@ -51,15 +51,15 @@ _ynh_app_config_get_one() { then bind=":/etc/yunohost/apps/$app/settings.yml" fi - local bind_key="$(echo "$bind" | cut -d: -f1)" - bind_key=${bind_key:-$short_setting} - if [[ "$bind_key" == *">"* ]]; + local bind_key_="$(echo "$bind" | cut -d: -f1)" + bind_key_=${bind_key_:-$short_setting} + if [[ "$bind_key_" == *">"* ]]; then - bind_after="$(echo "${bind_key}" | cut -d'>' -f1)" - bind_key="$(echo "${bind_key}" | cut -d'>' -f2)" + bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)" + bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)" fi local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" - old[$short_setting]="$(ynh_read_var_in_file --file="${bind_file}" --key="${bind_key}" --after="${bind_after}")" + old[$short_setting]="$(ynh_read_var_in_file --file="${bind_file}" --key="${bind_key_}" --after="${bind_after}")" fi } @@ -129,22 +129,22 @@ _ynh_app_config_apply_one() { # Set value into a kind of key/value file else local bind_after="" - local bind_key="$(echo "$bind" | cut -d: -f1)" - bind_key=${bind_key:-$short_setting} - if [[ "$bind_key" == *">"* ]]; + local bind_key_="$(echo "$bind" | cut -d: -f1)" + bind_key_=${bind_key_:-$short_setting} + if [[ "$bind_key_" == *">"* ]]; then - bind_after="$(echo "${bind_key}" | cut -d'>' -f1)" - bind_key="$(echo "${bind_key}" | cut -d'>' -f2)" + bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)" + bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)" fi local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" ynh_backup_if_checksum_is_different --file="$bind_file" - ynh_write_var_in_file --file="${bind_file}" --key="${bind_key}" --value="${!short_setting}" --after="${bind_after}" + ynh_write_var_in_file --file="${bind_file}" --key="${bind_key_}" --value="${!short_setting}" --after="${bind_after}" ynh_store_file_checksum --file="$bind_file" --update_only # We stored the info in settings in order to be able to upgrade the app ynh_app_setting_set --app=$app --key=$short_setting --value="${!short_setting}" - ynh_print_info --message="Configuration key '$bind_key' edited into $bind_file" + ynh_print_info --message="Configuration key '$bind_key_' edited into $bind_file" fi fi From 61ec02c97cb6d39b7a5ce3c665cbe1700e7493fa Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 5 Oct 2021 12:47:32 +0200 Subject: [PATCH 06/47] lint: Kill bare excepts --- src/yunohost/log.py | 2 +- src/yunohost/permission.py | 2 +- tox.ini | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/yunohost/log.py b/src/yunohost/log.py index c99c1bbc9..d73a62cd0 100644 --- a/src/yunohost/log.py +++ b/src/yunohost/log.py @@ -407,7 +407,7 @@ def is_unit_operation( if isinstance(value, IOBase): try: context[field] = value.name - except: + except Exception: context[field] = "IOBase" operation_logger = OperationLogger(op_key, related_to, args=context) diff --git a/src/yunohost/permission.py b/src/yunohost/permission.py index 80d3b8602..1856046d6 100644 --- a/src/yunohost/permission.py +++ b/src/yunohost/permission.py @@ -474,7 +474,7 @@ def permission_create( protected=protected, sync_perm=sync_perm, ) - except: + except Exception: permission_delete(permission, force=True) raise diff --git a/tox.ini b/tox.ini index e79c70fec..733a0613d 100644 --- a/tox.ini +++ b/tox.ini @@ -9,7 +9,7 @@ deps = py37-mypy: mypy >= 0.900 commands = py37-lint: flake8 src doc data tests --ignore E402,E501,E203,W503 --exclude src/yunohost/vendor - py37-invalidcode: flake8 src data --exclude src/yunohost/tests,src/yunohost/vendor --select F + py37-invalidcode: flake8 src data --exclude src/yunohost/tests,src/yunohost/vendor --select F,E722 py37-black-check: black --check --diff src doc data tests py37-black-run: black src doc data tests py37-mypy: mypy --ignore-missing-import --install-types --non-interactive --follow-imports silent src/yunohost/ --exclude (acme_tiny|data_migrations) From b0e8a58b244037db65480450521f3fa3014a4915 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 5 Oct 2021 12:49:33 +0200 Subject: [PATCH 07/47] lint: Invalid escape sequences --- data/hooks/diagnosis/80-apps.py | 2 +- tox.ini | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/data/hooks/diagnosis/80-apps.py b/data/hooks/diagnosis/80-apps.py index a75193a45..5aec48ed8 100644 --- a/data/hooks/diagnosis/80-apps.py +++ b/data/hooks/diagnosis/80-apps.py @@ -76,7 +76,7 @@ class AppDiagnoser(Diagnoser): for deprecated_helper in deprecated_helpers: if ( os.system( - f"grep -hr '{deprecated_helper}' {app['setting_path']}/scripts/ | grep -v -q '^\s*#'" + f"grep -hr '{deprecated_helper}' {app['setting_path']}/scripts/ | grep -v -q '^\\s*#'" ) == 0 ): diff --git a/tox.ini b/tox.ini index 733a0613d..267134e57 100644 --- a/tox.ini +++ b/tox.ini @@ -9,7 +9,7 @@ deps = py37-mypy: mypy >= 0.900 commands = py37-lint: flake8 src doc data tests --ignore E402,E501,E203,W503 --exclude src/yunohost/vendor - py37-invalidcode: flake8 src data --exclude src/yunohost/tests,src/yunohost/vendor --select F,E722 + py37-invalidcode: flake8 src data --exclude src/yunohost/tests,src/yunohost/vendor --select F,E722,W605 py37-black-check: black --check --diff src doc data tests py37-black-run: black src doc data tests py37-mypy: mypy --ignore-missing-import --install-types --non-interactive --follow-imports silent src/yunohost/ --exclude (acme_tiny|data_migrations) From de4b3825ab80a7b0f57639908812b0e00b7fc49d Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 5 Oct 2021 12:50:25 +0200 Subject: [PATCH 08/47] Ambiguous var name --- src/yunohost/user.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/user.py b/src/yunohost/user.py index 7d89af443..c9f70e152 100644 --- a/src/yunohost/user.py +++ b/src/yunohost/user.py @@ -677,7 +677,7 @@ def user_import(operation_logger, csvfile, update=False, delete=False): def to_list(str_list): L = str_list.split(",") if str_list else [] - L = [l.strip() for l in L] + L = [element.strip() for element in L] return L existing_users = user_list()["users"] From ef2a8c8dbd66b490f48348cbbfe2051e4ac221f5 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Tue, 5 Oct 2021 13:02:51 +0200 Subject: [PATCH 09/47] Update logrotate --- data/helpers.d/logrotate | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/data/helpers.d/logrotate b/data/helpers.d/logrotate index 2d9ab6b72..27803bafd 100644 --- a/data/helpers.d/logrotate +++ b/data/helpers.d/logrotate @@ -96,6 +96,10 @@ $logfile { EOF mkdir --parents $(dirname "$logfile") # Create the log directory, if not exist cat ${app}-logrotate | $customtee /etc/logrotate.d/$app > /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee) + + ynh_user_exists "$app" || chown $app:$app "/var/log/$app" + chmod o-rwx "/var/log/$app" + } # Remove the app's logrotate config. From 423eef7a620192389170a158dfa77bc0469ccb12 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Tue, 5 Oct 2021 13:06:21 +0200 Subject: [PATCH 10/47] Update logrotate --- data/helpers.d/logrotate | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/logrotate b/data/helpers.d/logrotate index 27803bafd..e4b354e03 100644 --- a/data/helpers.d/logrotate +++ b/data/helpers.d/logrotate @@ -97,8 +97,8 @@ EOF mkdir --parents $(dirname "$logfile") # Create the log directory, if not exist cat ${app}-logrotate | $customtee /etc/logrotate.d/$app > /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee) - ynh_user_exists "$app" || chown $app:$app "/var/log/$app" - chmod o-rwx "/var/log/$app" + ynh_user_exists "$app" || chown $app:$app "$logfile" + chmod o-rwx "$logfile" } From 1baebeba6d5d095e8c7f88cd785b668fe83941ef Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Tue, 5 Oct 2021 11:13:38 +0000 Subject: [PATCH 11/47] [CI] Format code --- src/yunohost/utils/config.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/yunohost/utils/config.py b/src/yunohost/utils/config.py index 2a1159042..2363545cf 100644 --- a/src/yunohost/utils/config.py +++ b/src/yunohost/utils/config.py @@ -1019,7 +1019,9 @@ class FileQuestion(Question): FileQuestion.upload_dirs += [upload_dir] logger.debug(f"Saving file {self.name} for file question into {file_path}") - if Moulinette.interface.type != "api" or (self.value.startswith("/") and os.path.exists(self.value)): + if Moulinette.interface.type != "api" or ( + self.value.startswith("/") and os.path.exists(self.value) + ): content = read_file(str(self.value), file_mode="rb") else: content = b64decode(self.value) From 4cd5e9b632113dc595940de766a83be13aebfb31 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 5 Oct 2021 13:46:06 +0200 Subject: [PATCH 12/47] app_info: return a new is_webapp info meant to be used by API --- src/yunohost/app.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 81b79ff48..2b8d71abf 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -168,6 +168,9 @@ def app_info(app, full=False): absolute_app_name, _ = _parse_app_instance_name(app) ret["from_catalog"] = _load_apps_catalog()["apps"].get(absolute_app_name, {}) ret["upgradable"] = _app_upgradable(ret) + + ret["is_webapp"] = ("domain" in settings and "path" in settings) + ret["supports_change_url"] = os.path.exists( os.path.join(setting_path, "scripts", "change_url") ) From 93a72a7b5fe4c7efbbecd9a1c6285ab5d9b97337 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 5 Oct 2021 13:52:45 +0200 Subject: [PATCH 13/47] Update data/helpers.d/logrotate Co-authored-by: Kayou --- data/helpers.d/logrotate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/logrotate b/data/helpers.d/logrotate index e4b354e03..a4548512d 100644 --- a/data/helpers.d/logrotate +++ b/data/helpers.d/logrotate @@ -97,7 +97,7 @@ EOF mkdir --parents $(dirname "$logfile") # Create the log directory, if not exist cat ${app}-logrotate | $customtee /etc/logrotate.d/$app > /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee) - ynh_user_exists "$app" || chown $app:$app "$logfile" + ynh_user_exists --username="$app" || chown $app:$app "$logfile" chmod o-rwx "$logfile" } From 74256845525799c674df5984afe2ec18974dbcd0 Mon Sep 17 00:00:00 2001 From: ljf Date: Wed, 6 Oct 2021 02:37:27 +0200 Subject: [PATCH 14/47] [enh] Add visible attribute support in cli --- src/yunohost/tests/test_questions.py | 96 ++++++++++++++ src/yunohost/utils/config.py | 182 ++++++++++++++++++++++++--- 2 files changed, 259 insertions(+), 19 deletions(-) diff --git a/src/yunohost/tests/test_questions.py b/src/yunohost/tests/test_questions.py index cf4e67733..b39990b73 100644 --- a/src/yunohost/tests/test_questions.py +++ b/src/yunohost/tests/test_questions.py @@ -15,6 +15,7 @@ from yunohost.utils.config import ( PathQuestion, BooleanQuestion, FileQuestion, + evaluate_simple_js_expression ) from yunohost.utils.error import YunohostError, YunohostValidationError @@ -2093,3 +2094,98 @@ def test_normalize_path(): assert PathQuestion.normalize("/macnuggets/") == "/macnuggets" assert PathQuestion.normalize("macnuggets/") == "/macnuggets" assert PathQuestion.normalize("////macnuggets///") == "/macnuggets" + +def test_simple_evaluate(): + context = { + 'a1': 1, + 'b2': 2, + 'c10': 10, + 'foo': 'bar', + 'comp': '1>2', + 'empty': '', + 'lorem': 'Lorem ipsum dolor et si qua met!', + 'warning': 'Warning! This sentence will fail!', + 'quote': "Je s'apelle Groot", + 'and_': '&&', + 'object': { 'a': 'Security risk' } + } + supported = { + '42': 42, + '9.5': 9.5, + "'bopbidibopbopbop'": 'bopbidibopbopbop', + 'true': True, + 'false': False, + 'null': None, + + # Math + '1 * (2 + 3 * (4 - 3))': 5, + '1 * (2 + 3 * (4 - 3)) > 10 - 2 || 3 * 2 > 9 - 2 * 3': True, + '(9 - 2) * 3 - 10': 11, + '12 - 2 * -2 + (3 - 4) * 3.1': 12.9, + '9 / 12 + 12 * 3 - 5': 31.75, + '9 / 12 + 12 * (3 - 5)': -23.25, + '12 > 13.1': False, + '12 < 14': True, + '12 <= 14': True, + '12 >= 14': False, + '12 == 14': False, + '12 % 5 > 3': False, + '12 != 14': True, + '9 - 1 > 10 && 3 * 5 > 10': False, + '9 - 1 > 10 || 3 * 5 > 10': True, + 'a1 > 0 || a1 < -12': True, + 'a1 > 0 && a1 < -12': False, + 'a1 + 1 > 0 && -a1 > -12': True, + '-(a1 + 1) < 0 || -(a1 + 2) > -12': True, + '-a1 * 2': -2, + '(9 - 2) * 3 - c10': 11, + '(9 - b2) * 3 - c10': 11, + 'c10 > b2': True, + + # String + "foo == 'bar'":True, + "foo != 'bar'":False, + 'foo == "bar" && 1 > 0':True, + '!!foo': True, + '!foo': False, + 'foo': 'bar', + '!(foo > "baa") || 1 > 2': False, + '!(foo > "baa") || 1 < 2': True, + 'empty == ""': True, + '1 == "1"': True, + '1.0 == "1"': True, + '1 == "aaa"': False, + "'I am ' + b2 + ' years'": 'I am 2 years', + "quote == 'Je s\\'apelle Groot'": True, + "lorem == 'Lorem ipsum dolor et si qua met!'": True, + "and_ == '&&'": True, + "warning == 'Warning! This sentence will fail!'": True, + + # Match + "match(lorem, '^Lorem [ia]psumE?')": bool, + "match(foo, '^Lorem [ia]psumE?')": None, + "match(lorem, '^Lorem [ia]psumE?') && 1 == 1": bool, + + # No code + "": False, + " ": False, + } + trigger_errors = { + "object.a": YunohostError, # Keep unsupported, for security reasons + 'a1 ** b2': YunohostError, # Keep unsupported, for security reasons + '().__class__.__bases__[0].__subclasses__()': YunohostError, # Very dangerous code + 'a1 > 11 ? 1 : 0': SyntaxError, + 'c10 > b2 == false': YunohostError, # JS and Python doesn't do the same thing for this situation + 'c10 > b2 == true': YunohostError, + } + + for expression, result in supported.items(): + if result == bool: + assert bool(evaluate_simple_js_expression(expression, context)), expression + else: + assert evaluate_simple_js_expression(expression, context) == result, expression + + for expression, error in trigger_errors.items(): + with pytest.raises(error): + evaluate_simple_js_expression(expression, context) + diff --git a/src/yunohost/utils/config.py b/src/yunohost/utils/config.py index 2363545cf..0f18fad0d 100644 --- a/src/yunohost/utils/config.py +++ b/src/yunohost/utils/config.py @@ -24,6 +24,8 @@ import re import urllib.parse import tempfile import shutil +import ast +import operator as op from collections import OrderedDict from typing import Optional, Dict, List, Union, Any, Mapping @@ -46,6 +48,138 @@ from yunohost.log import OperationLogger logger = getActionLogger("yunohost.config") CONFIG_PANEL_VERSION_SUPPORTED = 1.0 +# Those js-like evaluate functions are used to eval safely visible attributes +# The goal is to evaluate in the same way than js simple-evaluate +# https://github.com/shepherdwind/simple-evaluate +def evaluate_simple_ast(node, context={}): + operators = { + ast.Not: op.not_, + ast.Mult: op.mul, + ast.Div: op.truediv, # number + ast.Mod: op.mod, # number + ast.Add: op.add, #str + ast.Sub: op.sub, #number + ast.USub: op.neg, # Negative number + ast.Gt: op.gt, + ast.Lt: op.lt, + ast.GtE: op.ge, + ast.LtE: op.le, + ast.Eq: op.eq, + ast.NotEq: op.ne + } + context['true'] = True + context['false'] = False + context['null'] = None + + # Variable + if isinstance(node, ast.Name): # Variable + return context[node.id] + + # Python <=3.7 String + elif isinstance(node, ast.Str): + return node.s + + # Python <=3.7 Number + elif isinstance(node, ast.Num): + return node.n + + # Boolean, None and Python 3.8 for Number, Boolean, String and None + elif isinstance(node, (ast.Constant, ast.NameConstant)): + return node.value + + # + - * / % + elif isinstance(node, ast.BinOp) and type(node.op) in operators: # + left = evaluate_simple_ast(node.left, context) + right = evaluate_simple_ast(node.right, context) + if type(node.op) == ast.Add: + if isinstance(left, str) or isinstance(right, str): # support 'I am ' + 42 + left = str(left) + right = str(right) + elif type(left) != type(right): # support "111" - "1" -> 110 + left = float(left) + right = float(right) + + return operators[type(node.op)](left, right) + + # Comparison + # JS and Python don't give the same result for multi operators + # like True == 10 > 2. + elif isinstance(node, ast.Compare) and len(node.comparators) == 1: # + left = evaluate_simple_ast(node.left, context) + right = evaluate_simple_ast(node.comparators[0], context) + operator = node.ops[0] + if isinstance(left, (int, float)) or isinstance(right, (int, float)): + try: + left = float(left) + right = float(right) + except ValueError: + return type(operator) == ast.NotEq + try: + return operators[type(operator)](left, right) + except TypeError: # support "e" > 1 -> False like in JS + return False + + # and / or + elif isinstance(node, ast.BoolOp): # + values = node.values + for value in node.values: + value = evaluate_simple_ast(value, context) + if isinstance(node.op, ast.And) and not value: + return False + elif isinstance(node.op, ast.Or) and value: + return True + return isinstance(node.op, ast.And) + + # not / USub (it's negation number -\d) + elif isinstance(node, ast.UnaryOp): # e.g., -1 + return operators[type(node.op)](evaluate_simple_ast(node.operand, context)) + + # match function call + elif isinstance(node, ast.Call) and node.func.__dict__.get('id') == 'match': + return re.match( + evaluate_simple_ast(node.args[1], context), + context[node.args[0].id] + ) + + # Unauthorized opcode + else: + opcode = str(type(node)) + raise YunohostError(f"Unauthorize opcode '{opcode}' in visible attribute", raw_msg=True) + +def js_to_python(expr): + in_string = None + py_expr = "" + i = 0 + escaped = False + for char in expr: + if char in r"\"'": + # Start a string + if not in_string: + in_string = char + + # Finish a string + elif in_string == char and not escaped: + in_string = None + + # If we are not in a string, replace operators + elif not in_string: + if char == "!" and expr[i +1] != "=": + char = "not " + elif char in "|&" and py_expr[-1:] == char: + py_expr = py_expr[:-1] + char = " and " if char == "&" else " or " + + # Determine if next loop will be in escaped mode + escaped = char == "\\" and not escaped + py_expr += char + i+=1 + return py_expr + +def evaluate_simple_js_expression(expr, context={}): + if not expr.strip(): + return False + node = ast.parse(js_to_python(expr), mode="eval").body + return evaluate_simple_ast(node, context) class ConfigPanel: def __init__(self, config_path, save_path=None): @@ -466,11 +600,13 @@ class Question(object): hide_user_input_in_prompt = False pattern: Optional[Dict] = None - def __init__(self, question: Dict[str, Any]): + def __init__(self, question: Dict[str, Any], context: Dict[str, Any] = {}): self.name = question["name"] self.type = question.get("type", "string") self.default = question.get("default", None) self.optional = question.get("optional", False) + self.visible = question.get("visible", None) + self.context = context self.choices = question.get("choices", []) self.pattern = question.get("pattern", self.pattern) self.ask = question.get("ask", {"en": self.name}) @@ -512,6 +648,15 @@ class Question(object): ) def ask_if_needed(self): + + if self.visible and not evaluate_simple_js_expression(self.visible, context=self.context): + # FIXME There could be several use case if the question is not displayed: + # - we doesn't want to give a specific value + # - we want to keep the previous value + # - we want the default value + self.value = None + return self.value + for i in range(5): # Display question if no value filled or if it's a readonly message if Moulinette.interface.type == "cli" and os.isatty(1): @@ -577,7 +722,7 @@ class Question(object): # Prevent displaying a shitload of choices # (e.g. 100+ available users when choosing an app admin...) choices = ( - list(self.choices.values()) + list(self.choices.keys()) if isinstance(self.choices, dict) else self.choices ) @@ -710,8 +855,8 @@ class PasswordQuestion(Question): default_value = "" forbidden_chars = "{}" - def __init__(self, question): - super().__init__(question) + def __init__(self, question, context: Dict[str, Any] = {}): + super().__init__(question, context) self.redact = True if self.default is not None: raise YunohostValidationError( @@ -829,8 +974,8 @@ class BooleanQuestion(Question): choices="yes/no", ) - def __init__(self, question): - super().__init__(question) + def __init__(self, question, context: Dict[str, Any] = {}): + super().__init__(question, context) self.yes = question.get("yes", 1) self.no = question.get("no", 0) if self.default is None: @@ -850,10 +995,10 @@ class BooleanQuestion(Question): class DomainQuestion(Question): argument_type = "domain" - def __init__(self, question): + def __init__(self, question, context: Dict[str, Any] = {}): from yunohost.domain import domain_list, _get_maindomain - super().__init__(question) + super().__init__(question, context) if self.default is None: self.default = _get_maindomain() @@ -876,11 +1021,11 @@ class DomainQuestion(Question): class UserQuestion(Question): argument_type = "user" - def __init__(self, question): + def __init__(self, question, context: Dict[str, Any] = {}): from yunohost.user import user_list, user_info from yunohost.domain import _get_maindomain - super().__init__(question) + super().__init__(question, context) self.choices = list(user_list()["users"].keys()) if not self.choices: @@ -902,8 +1047,8 @@ class NumberQuestion(Question): argument_type = "number" default_value = None - def __init__(self, question): - super().__init__(question) + def __init__(self, question, context: Dict[str, Any] = {}): + super().__init__(question, context) self.min = question.get("min", None) self.max = question.get("max", None) self.step = question.get("step", None) @@ -954,8 +1099,8 @@ class DisplayTextQuestion(Question): argument_type = "display_text" readonly = True - def __init__(self, question): - super().__init__(question) + def __init__(self, question, context: Dict[str, Any] = {}): + super().__init__(question, context) self.optional = True self.style = question.get( @@ -989,8 +1134,8 @@ class FileQuestion(Question): if os.path.exists(upload_dir): shutil.rmtree(upload_dir) - def __init__(self, question): - super().__init__(question) + def __init__(self, question, context: Dict[str, Any] = {}): + super().__init__(question, context) self.accept = question.get("accept", "") def _prevalidate(self): @@ -1089,9 +1234,8 @@ def ask_questions_and_parse_answers( for question in questions: question_class = ARGUMENTS_TYPE_PARSERS[question.get("type", "string")] question["value"] = prefilled_answers.get(question["name"]) - question = question_class(question) - - question.ask_if_needed() + question = question_class(question, prefilled_answers) + prefilled_answers[question.name] = question.ask_if_needed() out.append(question) return out From eb8a59751ec112fc74526e53cb7c107be9b5228a Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Wed, 6 Oct 2021 00:57:04 +0000 Subject: [PATCH 15/47] [CI] Format code --- src/yunohost/app.py | 2 +- src/yunohost/tests/test_questions.py | 118 +++++++++++++-------------- src/yunohost/utils/config.py | 58 +++++++------ 3 files changed, 93 insertions(+), 85 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 2b8d71abf..fe5281384 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -169,7 +169,7 @@ def app_info(app, full=False): ret["from_catalog"] = _load_apps_catalog()["apps"].get(absolute_app_name, {}) ret["upgradable"] = _app_upgradable(ret) - ret["is_webapp"] = ("domain" in settings and "path" in settings) + ret["is_webapp"] = "domain" in settings and "path" in settings ret["supports_change_url"] = os.path.exists( os.path.join(setting_path, "scripts", "change_url") diff --git a/src/yunohost/tests/test_questions.py b/src/yunohost/tests/test_questions.py index b39990b73..c21ff8c40 100644 --- a/src/yunohost/tests/test_questions.py +++ b/src/yunohost/tests/test_questions.py @@ -15,7 +15,7 @@ from yunohost.utils.config import ( PathQuestion, BooleanQuestion, FileQuestion, - evaluate_simple_js_expression + evaluate_simple_js_expression, ) from yunohost.utils.error import YunohostError, YunohostValidationError @@ -2095,97 +2095,95 @@ def test_normalize_path(): assert PathQuestion.normalize("macnuggets/") == "/macnuggets" assert PathQuestion.normalize("////macnuggets///") == "/macnuggets" + def test_simple_evaluate(): context = { - 'a1': 1, - 'b2': 2, - 'c10': 10, - 'foo': 'bar', - 'comp': '1>2', - 'empty': '', - 'lorem': 'Lorem ipsum dolor et si qua met!', - 'warning': 'Warning! This sentence will fail!', - 'quote': "Je s'apelle Groot", - 'and_': '&&', - 'object': { 'a': 'Security risk' } + "a1": 1, + "b2": 2, + "c10": 10, + "foo": "bar", + "comp": "1>2", + "empty": "", + "lorem": "Lorem ipsum dolor et si qua met!", + "warning": "Warning! This sentence will fail!", + "quote": "Je s'apelle Groot", + "and_": "&&", + "object": {"a": "Security risk"}, } supported = { - '42': 42, - '9.5': 9.5, - "'bopbidibopbopbop'": 'bopbidibopbopbop', - 'true': True, - 'false': False, - 'null': None, - + "42": 42, + "9.5": 9.5, + "'bopbidibopbopbop'": "bopbidibopbopbop", + "true": True, + "false": False, + "null": None, # Math - '1 * (2 + 3 * (4 - 3))': 5, - '1 * (2 + 3 * (4 - 3)) > 10 - 2 || 3 * 2 > 9 - 2 * 3': True, - '(9 - 2) * 3 - 10': 11, - '12 - 2 * -2 + (3 - 4) * 3.1': 12.9, - '9 / 12 + 12 * 3 - 5': 31.75, - '9 / 12 + 12 * (3 - 5)': -23.25, - '12 > 13.1': False, - '12 < 14': True, - '12 <= 14': True, - '12 >= 14': False, - '12 == 14': False, - '12 % 5 > 3': False, - '12 != 14': True, - '9 - 1 > 10 && 3 * 5 > 10': False, - '9 - 1 > 10 || 3 * 5 > 10': True, - 'a1 > 0 || a1 < -12': True, - 'a1 > 0 && a1 < -12': False, - 'a1 + 1 > 0 && -a1 > -12': True, - '-(a1 + 1) < 0 || -(a1 + 2) > -12': True, - '-a1 * 2': -2, - '(9 - 2) * 3 - c10': 11, - '(9 - b2) * 3 - c10': 11, - 'c10 > b2': True, - + "1 * (2 + 3 * (4 - 3))": 5, + "1 * (2 + 3 * (4 - 3)) > 10 - 2 || 3 * 2 > 9 - 2 * 3": True, + "(9 - 2) * 3 - 10": 11, + "12 - 2 * -2 + (3 - 4) * 3.1": 12.9, + "9 / 12 + 12 * 3 - 5": 31.75, + "9 / 12 + 12 * (3 - 5)": -23.25, + "12 > 13.1": False, + "12 < 14": True, + "12 <= 14": True, + "12 >= 14": False, + "12 == 14": False, + "12 % 5 > 3": False, + "12 != 14": True, + "9 - 1 > 10 && 3 * 5 > 10": False, + "9 - 1 > 10 || 3 * 5 > 10": True, + "a1 > 0 || a1 < -12": True, + "a1 > 0 && a1 < -12": False, + "a1 + 1 > 0 && -a1 > -12": True, + "-(a1 + 1) < 0 || -(a1 + 2) > -12": True, + "-a1 * 2": -2, + "(9 - 2) * 3 - c10": 11, + "(9 - b2) * 3 - c10": 11, + "c10 > b2": True, # String - "foo == 'bar'":True, - "foo != 'bar'":False, - 'foo == "bar" && 1 > 0':True, - '!!foo': True, - '!foo': False, - 'foo': 'bar', + "foo == 'bar'": True, + "foo != 'bar'": False, + 'foo == "bar" && 1 > 0': True, + "!!foo": True, + "!foo": False, + "foo": "bar", '!(foo > "baa") || 1 > 2': False, '!(foo > "baa") || 1 < 2': True, 'empty == ""': True, '1 == "1"': True, '1.0 == "1"': True, '1 == "aaa"': False, - "'I am ' + b2 + ' years'": 'I am 2 years', + "'I am ' + b2 + ' years'": "I am 2 years", "quote == 'Je s\\'apelle Groot'": True, "lorem == 'Lorem ipsum dolor et si qua met!'": True, "and_ == '&&'": True, "warning == 'Warning! This sentence will fail!'": True, - # Match "match(lorem, '^Lorem [ia]psumE?')": bool, "match(foo, '^Lorem [ia]psumE?')": None, "match(lorem, '^Lorem [ia]psumE?') && 1 == 1": bool, - # No code "": False, " ": False, } trigger_errors = { - "object.a": YunohostError, # Keep unsupported, for security reasons - 'a1 ** b2': YunohostError, # Keep unsupported, for security reasons - '().__class__.__bases__[0].__subclasses__()': YunohostError, # Very dangerous code - 'a1 > 11 ? 1 : 0': SyntaxError, - 'c10 > b2 == false': YunohostError, # JS and Python doesn't do the same thing for this situation - 'c10 > b2 == true': YunohostError, + "object.a": YunohostError, # Keep unsupported, for security reasons + "a1 ** b2": YunohostError, # Keep unsupported, for security reasons + "().__class__.__bases__[0].__subclasses__()": YunohostError, # Very dangerous code + "a1 > 11 ? 1 : 0": SyntaxError, + "c10 > b2 == false": YunohostError, # JS and Python doesn't do the same thing for this situation + "c10 > b2 == true": YunohostError, } for expression, result in supported.items(): if result == bool: assert bool(evaluate_simple_js_expression(expression, context)), expression else: - assert evaluate_simple_js_expression(expression, context) == result, expression + assert ( + evaluate_simple_js_expression(expression, context) == result + ), expression for expression, error in trigger_errors.items(): with pytest.raises(error): evaluate_simple_js_expression(expression, context) - diff --git a/src/yunohost/utils/config.py b/src/yunohost/utils/config.py index 0f18fad0d..e38cfbb3a 100644 --- a/src/yunohost/utils/config.py +++ b/src/yunohost/utils/config.py @@ -55,24 +55,24 @@ def evaluate_simple_ast(node, context={}): operators = { ast.Not: op.not_, ast.Mult: op.mul, - ast.Div: op.truediv, # number - ast.Mod: op.mod, # number - ast.Add: op.add, #str - ast.Sub: op.sub, #number - ast.USub: op.neg, # Negative number + ast.Div: op.truediv, # number + ast.Mod: op.mod, # number + ast.Add: op.add, # str + ast.Sub: op.sub, # number + ast.USub: op.neg, # Negative number ast.Gt: op.gt, ast.Lt: op.lt, ast.GtE: op.ge, ast.LtE: op.le, ast.Eq: op.eq, - ast.NotEq: op.ne + ast.NotEq: op.ne, } - context['true'] = True - context['false'] = False - context['null'] = None + context["true"] = True + context["false"] = False + context["null"] = None # Variable - if isinstance(node, ast.Name): # Variable + if isinstance(node, ast.Name): # Variable return context[node.id] # Python <=3.7 String @@ -88,14 +88,16 @@ def evaluate_simple_ast(node, context={}): return node.value # + - * / % - elif isinstance(node, ast.BinOp) and type(node.op) in operators: # + elif ( + isinstance(node, ast.BinOp) and type(node.op) in operators + ): # left = evaluate_simple_ast(node.left, context) right = evaluate_simple_ast(node.right, context) if type(node.op) == ast.Add: - if isinstance(left, str) or isinstance(right, str): # support 'I am ' + 42 + if isinstance(left, str) or isinstance(right, str): # support 'I am ' + 42 left = str(left) right = str(right) - elif type(left) != type(right): # support "111" - "1" -> 110 + elif type(left) != type(right): # support "111" - "1" -> 110 left = float(left) right = float(right) @@ -104,7 +106,9 @@ def evaluate_simple_ast(node, context={}): # Comparison # JS and Python don't give the same result for multi operators # like True == 10 > 2. - elif isinstance(node, ast.Compare) and len(node.comparators) == 1: # + elif ( + isinstance(node, ast.Compare) and len(node.comparators) == 1 + ): # left = evaluate_simple_ast(node.left, context) right = evaluate_simple_ast(node.comparators[0], context) operator = node.ops[0] @@ -116,11 +120,11 @@ def evaluate_simple_ast(node, context={}): return type(operator) == ast.NotEq try: return operators[type(operator)](left, right) - except TypeError: # support "e" > 1 -> False like in JS + except TypeError: # support "e" > 1 -> False like in JS return False # and / or - elif isinstance(node, ast.BoolOp): # + elif isinstance(node, ast.BoolOp): # values = node.values for value in node.values: value = evaluate_simple_ast(value, context) @@ -131,20 +135,22 @@ def evaluate_simple_ast(node, context={}): return isinstance(node.op, ast.And) # not / USub (it's negation number -\d) - elif isinstance(node, ast.UnaryOp): # e.g., -1 + elif isinstance(node, ast.UnaryOp): # e.g., -1 return operators[type(node.op)](evaluate_simple_ast(node.operand, context)) # match function call - elif isinstance(node, ast.Call) and node.func.__dict__.get('id') == 'match': + elif isinstance(node, ast.Call) and node.func.__dict__.get("id") == "match": return re.match( - evaluate_simple_ast(node.args[1], context), - context[node.args[0].id] + evaluate_simple_ast(node.args[1], context), context[node.args[0].id] ) # Unauthorized opcode else: opcode = str(type(node)) - raise YunohostError(f"Unauthorize opcode '{opcode}' in visible attribute", raw_msg=True) + raise YunohostError( + f"Unauthorize opcode '{opcode}' in visible attribute", raw_msg=True + ) + def js_to_python(expr): in_string = None @@ -163,7 +169,7 @@ def js_to_python(expr): # If we are not in a string, replace operators elif not in_string: - if char == "!" and expr[i +1] != "=": + if char == "!" and expr[i + 1] != "=": char = "not " elif char in "|&" and py_expr[-1:] == char: py_expr = py_expr[:-1] @@ -172,15 +178,17 @@ def js_to_python(expr): # Determine if next loop will be in escaped mode escaped = char == "\\" and not escaped py_expr += char - i+=1 + i += 1 return py_expr + def evaluate_simple_js_expression(expr, context={}): if not expr.strip(): return False node = ast.parse(js_to_python(expr), mode="eval").body return evaluate_simple_ast(node, context) + class ConfigPanel: def __init__(self, config_path, save_path=None): self.config_path = config_path @@ -649,7 +657,9 @@ class Question(object): def ask_if_needed(self): - if self.visible and not evaluate_simple_js_expression(self.visible, context=self.context): + if self.visible and not evaluate_simple_js_expression( + self.visible, context=self.context + ): # FIXME There could be several use case if the question is not displayed: # - we doesn't want to give a specific value # - we want to keep the previous value From 99d2637cfe55fdfe2c654710a3e331abf7d9a925 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 13:04:24 +0200 Subject: [PATCH 16/47] FileQuestion: self.value may not be an str --- src/yunohost/utils/config.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/yunohost/utils/config.py b/src/yunohost/utils/config.py index 0f18fad0d..e0fe1416b 100644 --- a/src/yunohost/utils/config.py +++ b/src/yunohost/utils/config.py @@ -1164,9 +1164,11 @@ class FileQuestion(Question): FileQuestion.upload_dirs += [upload_dir] logger.debug(f"Saving file {self.name} for file question into {file_path}") - if Moulinette.interface.type != "api" or ( - self.value.startswith("/") and os.path.exists(self.value) - ): + + def is_file_path(s): + return isinstance(s, str) and s.startswith("/") and os.path.exists(s) + + if Moulinette.interface.type != "api" or is_file_path(self.value): content = read_file(str(self.value), file_mode="rb") else: content = b64decode(self.value) From 23bd32b3cdf435013ffc8fd4229ffa0c185daac0 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 13:45:15 +0200 Subject: [PATCH 17/47] Fix linters --- src/yunohost/utils/config.py | 43 ++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 21 deletions(-) diff --git a/src/yunohost/utils/config.py b/src/yunohost/utils/config.py index e0fe1416b..fbaecfbe0 100644 --- a/src/yunohost/utils/config.py +++ b/src/yunohost/utils/config.py @@ -121,7 +121,6 @@ def evaluate_simple_ast(node, context={}): # and / or elif isinstance(node, ast.BoolOp): # - values = node.values for value in node.values: value = evaluate_simple_ast(value, context) if isinstance(node.op, ast.And) and not value: @@ -600,7 +599,7 @@ class Question(object): hide_user_input_in_prompt = False pattern: Optional[Dict] = None - def __init__(self, question: Dict[str, Any], context: Dict[str, Any] = {}): + def __init__(self, question: Dict[str, Any], context: Mapping[str, Any] = {}): self.name = question["name"] self.type = question.get("type", "string") self.default = question.get("default", None) @@ -855,7 +854,7 @@ class PasswordQuestion(Question): default_value = "" forbidden_chars = "{}" - def __init__(self, question, context: Dict[str, Any] = {}): + def __init__(self, question, context: Mapping[str, Any] = {}): super().__init__(question, context) self.redact = True if self.default is not None: @@ -974,7 +973,7 @@ class BooleanQuestion(Question): choices="yes/no", ) - def __init__(self, question, context: Dict[str, Any] = {}): + def __init__(self, question, context: Mapping[str, Any] = {}): super().__init__(question, context) self.yes = question.get("yes", 1) self.no = question.get("no", 0) @@ -995,7 +994,7 @@ class BooleanQuestion(Question): class DomainQuestion(Question): argument_type = "domain" - def __init__(self, question, context: Dict[str, Any] = {}): + def __init__(self, question, context: Mapping[str, Any] = {}): from yunohost.domain import domain_list, _get_maindomain super().__init__(question, context) @@ -1021,7 +1020,7 @@ class DomainQuestion(Question): class UserQuestion(Question): argument_type = "user" - def __init__(self, question, context: Dict[str, Any] = {}): + def __init__(self, question, context: Mapping[str, Any] = {}): from yunohost.user import user_list, user_info from yunohost.domain import _get_maindomain @@ -1047,7 +1046,7 @@ class NumberQuestion(Question): argument_type = "number" default_value = None - def __init__(self, question, context: Dict[str, Any] = {}): + def __init__(self, question, context: Mapping[str, Any] = {}): super().__init__(question, context) self.min = question.get("min", None) self.max = question.get("max", None) @@ -1099,7 +1098,7 @@ class DisplayTextQuestion(Question): argument_type = "display_text" readonly = True - def __init__(self, question, context: Dict[str, Any] = {}): + def __init__(self, question, context: Mapping[str, Any] = {}): super().__init__(question, context) self.optional = True @@ -1134,7 +1133,7 @@ class FileQuestion(Question): if os.path.exists(upload_dir): shutil.rmtree(upload_dir) - def __init__(self, question, context: Dict[str, Any] = {}): + def __init__(self, question, context: Mapping[str, Any] = {}): super().__init__(question, context) self.accept = question.get("accept", "") @@ -1205,15 +1204,15 @@ ARGUMENTS_TYPE_PARSERS = { def ask_questions_and_parse_answers( - questions: Dict, prefilled_answers: Union[str, Mapping[str, Any]] = {} + raw_questions: Dict, prefilled_answers: Union[str, Mapping[str, Any]] = {} ) -> List[Question]: """Parse arguments store in either manifest.json or actions.json or from a config panel against the user answers when they are present. Keyword arguments: - questions -- the arguments description store in yunohost - format from actions.json/toml, manifest.json/toml - or config_panel.json/toml + raw_questions -- the arguments description store in yunohost + format from actions.json/toml, manifest.json/toml + or config_panel.json/toml prefilled_answers -- a url "query-string" such as "domain=yolo.test&path=/foobar&admin=sam" or a dict such as {"domain": "yolo.test", "path": "/foobar", "admin": "sam"} """ @@ -1224,20 +1223,22 @@ def ask_questions_and_parse_answers( # whereas parse.qs return list of values (which is useful for tags, etc) # For now, let's not migrate this piece of code to parse_qs # Because Aleks believes some bits of the app CI rely on overriding values (e.g. foo=foo&...&foo=bar) - prefilled_answers = dict( + answers = dict( urllib.parse.parse_qsl(prefilled_answers or "", keep_blank_values=True) ) + elif isinstance(prefilled_answers, Mapping): + answers = {**prefilled_answers} + else: + answers = {} - if not prefilled_answers: - prefilled_answers = {} out = [] - for question in questions: - question_class = ARGUMENTS_TYPE_PARSERS[question.get("type", "string")] - question["value"] = prefilled_answers.get(question["name"]) - question = question_class(question, prefilled_answers) - prefilled_answers[question.name] = question.ask_if_needed() + for raw_question in raw_questions: + question_class = ARGUMENTS_TYPE_PARSERS[raw_question.get("type", "string")] + raw_question["value"] = answers.get(raw_question["name"]) + question = question_class(raw_question, context=answers) + answers[question.name] = question.ask_if_needed() out.append(question) return out From 344ed7252c996c7e907319853ba6decfabf90406 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Wed, 6 Oct 2021 12:15:29 +0000 Subject: [PATCH 18/47] [CI] Format code --- src/yunohost/utils/config.py | 1 - 1 file changed, 1 deletion(-) diff --git a/src/yunohost/utils/config.py b/src/yunohost/utils/config.py index 4ee944126..4ee62c6f7 100644 --- a/src/yunohost/utils/config.py +++ b/src/yunohost/utils/config.py @@ -1241,7 +1241,6 @@ def ask_questions_and_parse_answers( else: answers = {} - out = [] for raw_question in raw_questions: From 644cdd41d8aa3cd27915dccbe472084961b742cc Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 15 Jun 2020 16:36:41 +0200 Subject: [PATCH 19/47] Allow to re-run ynh_install_app_dependencies multiple times --- data/helpers.d/apt | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index c3439a583..aee022da7 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -210,6 +210,8 @@ ynh_package_install_from_equivs () { ynh_package_is_installed "$pkgname" } +YNH_INSTALL_APP_DEPENDENCIES_REPLACE="true" + # Define and install dependencies with a equivs control file # # This helper can/should only be called once per app @@ -248,6 +250,24 @@ ynh_install_app_dependencies () { dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')" fi + # The first time we run ynh_install_app_dependencies, we will replace the + # entire control file (This is in particular meant to cover the case of + # upgrade script where ynh_install_app_dependencies is called with this + # expected effect) Otherwise, any subsequent call will add dependencies + # to those already present in the equivs control file. + if [[ $YNH_INSTALL_APP_DEPENDENCIES_REPLACE == "true" ]] + then + YNH_INSTALL_APP_DEPENDENCIES_REPLACE="false" + else + local current_dependencies="" + if ynh_package_is_installed --package="${dep_app}-ynh-deps" + then + current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) " + fi + current_dependencies=${current_dependencies// | /|} + dependencies="$current_dependencies $dependencies" + fi + # # Epic ugly hack to fix the goddamn dependency nightmare of sury # Sponsored by the "Djeezusse Fokin Kraiste Why Do Adminsys Has To Be So Fucking Complicated I Should Go Grow Potatoes Instead Of This Shit" collective @@ -284,6 +304,9 @@ EOF ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies" } + + + # Add dependencies to install with ynh_install_app_dependencies # # usage: ynh_add_app_dependencies --package=phpversion [--replace] From 76aaaab74e80a827fbbb2474676b110e04fb6ad5 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 15 Jun 2020 16:47:51 +0200 Subject: [PATCH 20/47] Factorize sury repo configuration into ynh_add_sury --- data/helpers.d/apt | 19 ++++++++++++++++++- data/helpers.d/php | 3 +-- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index aee022da7..8ba5bbe3e 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -283,7 +283,7 @@ ynh_install_app_dependencies () { if ! grep --recursive --quiet "^ *deb.*sury" /etc/apt/sources.list* then # Re-add sury - ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(ynh_get_debian_release) main" --key="https://packages.sury.org/php/apt.gpg" --name=extra_php_version --priority=600 + ynh_add_sury fi fi fi @@ -304,7 +304,24 @@ EOF ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies" } +# Add sury repository with adequate pin strategy +# +# [internal] +# +# usage: ynh_add_sury +# +ynh_add_sury() { + # Add an extra repository for those packages + ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(ynh_get_debian_release) main" --key="https://packages.sury.org/php/apt.gpg" --name=extra_php_version --priority=600 + + # Pin this extra repository after packages are installed to prevent sury of doing shit + for package_to_not_upgrade in "php" "php-fpm" "php-mysql" "php-xml" "php-zip" "php-mbstring" "php-ldap" "php-gd" "php-curl" "php-bz2" "php-json" "php-sqlite3" "php-intl" "openssl" "libssl1.1" "libssl-dev" + do + ynh_pin_repo --package="$package_to_not_upgrade" --pin="origin \"packages.sury.org\"" --priority="-1" --name=extra_php_version --append + done + +} # Add dependencies to install with ynh_install_app_dependencies diff --git a/data/helpers.d/php b/data/helpers.d/php index 7c91d89d2..6d47fdc13 100644 --- a/data/helpers.d/php +++ b/data/helpers.d/php @@ -348,8 +348,7 @@ ynh_install_php () { echo "$YNH_APP_INSTANCE_NAME:$phpversion" | tee --append "/etc/php/ynh_app_version" fi - # Add an extra repository for those packages - ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(ynh_get_debian_release) main" --key="https://packages.sury.org/php/apt.gpg" --name=extra_php_version --priority=600 + ynh_add_sury # Install requested dependencies from this extra repository. # Install PHP-FPM first, otherwise PHP will install apache as a dependency. From 040be532ad759b952c00a898136f5975d2e285ed Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 15 Jun 2020 17:39:16 +0200 Subject: [PATCH 21/47] During ynh_install_app_dependencies, if the dependency list contains specific php version stuff, add sury and other tweaks --- data/helpers.d/apt | 57 +++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 54 insertions(+), 3 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 8ba5bbe3e..0eedfd601 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -250,6 +250,25 @@ ynh_install_app_dependencies () { dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')" fi + # Check for specific php dependencies which requires sury + # This grep will for example return "7.4" if dependencies is "foo bar php7.4-pwet php-gni" + local specific_php_version=$(echo $dependencies | tr '-' ' ' | grep -o -E "\" | sed 's/php//g' | sort | uniq) + + # Ignore case where the php version found is the one available in debian vanilla + [[ "$specific_php_version" != "$YNH_DEFAULT_PHP_VERSION" ]] || specific_php_version="" + + if [[ -n "$specific_php_version" ]] + then + # Cover a small edge case where a packager could have specified "php7.4-pwet php5-gni" which is confusing + [[ $(echo $specific_php_version | wc -l) -eq 1 ]] \ + || ynh_die --message="Inconsistent php versions in dependencies ... found : $specific_php_version" + + dependencies+=", php${specific_php_version}, php${specific_php_version}-fpm, php${specific_php_version}-common" + + ynh_add_sury + fi + + # The first time we run ynh_install_app_dependencies, we will replace the # entire control file (This is in particular meant to cover the case of # upgrade script where ynh_install_app_dependencies is called with this @@ -263,9 +282,9 @@ ynh_install_app_dependencies () { if ynh_package_is_installed --package="${dep_app}-ynh-deps" then current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) " + current_dependencies=${current_dependencies// | /|} fi - current_dependencies=${current_dependencies// | /|} - dependencies="$current_dependencies $dependencies" + dependencies="$current_dependencies, $dependencies" fi # @@ -301,7 +320,20 @@ EOF ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \ || ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies rm /tmp/${dep_app}-ynh-deps.control + ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies" + + if [[ -n "$specific_php_version" ]] + then + # Set the default php version back as the default version for php-cli. + update-alternatives --set php /usr/bin/php$YNH_DEFAULT_PHP_VERSION + + # Store phpversion into the config of this app + ynh_app_setting_set $app phpversion $specific_php_version + + # Integrate new php-fpm service in yunohost + yunohost service add php${specific_php_version}-fpm --log "/var/log/php${phpversion}-fpm.log" + fi } # Add sury repository with adequate pin strategy @@ -315,7 +347,7 @@ ynh_add_sury() { # Add an extra repository for those packages ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(ynh_get_debian_release) main" --key="https://packages.sury.org/php/apt.gpg" --name=extra_php_version --priority=600 - # Pin this extra repository after packages are installed to prevent sury of doing shit + # Pin this extra repository after packages are installed to prevent sury from doing shit for package_to_not_upgrade in "php" "php-fpm" "php-mysql" "php-xml" "php-zip" "php-mbstring" "php-ldap" "php-gd" "php-curl" "php-bz2" "php-json" "php-sqlite3" "php-intl" "openssl" "libssl1.1" "libssl-dev" do ynh_pin_repo --package="$package_to_not_upgrade" --pin="origin \"packages.sury.org\"" --priority="-1" --name=extra_php_version --append @@ -365,7 +397,26 @@ ynh_add_app_dependencies () { # Requires YunoHost version 2.6.4 or higher. ynh_remove_app_dependencies () { local dep_app=${app//_/-} # Replace all '_' by '-' + + local current_dependencies="" + if ynh_package_is_installed --package="${dep_app}-ynh-deps" + then + current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) " + current_dependencies=${current_dependencies// | /|} + fi + ynh_package_autopurge ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used. + + # Check if this app used a specific php version ... in which case we check + # if the corresponding php-fpm is still there. Otherwise, we remove the + # service from yunohost as well + + local specific_php_version=$(echo $dependencies | tr '-' ' ' | grep -o -E "\" | sed 's/php//g' | sort | uniq) + [[ "$specific_php_version" != "$YNH_DEFAULT_PHP_VERSION" ]] || specific_php_version="" + if [[ -n "$specific_php_version" ]] && ! ynh_package_is_installed --package="php${specific_php_version}-fpm"; + then + yunohost service remove php${specific_php_version}-fpm + fi } # Install packages from an extra repository properly. From 76b60890c6f772f6a8e1aa105899f24877853dd3 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 15 Jun 2020 18:23:32 +0200 Subject: [PATCH 22/47] Propagate changes on other apt/php helpers... --- data/helpers.d/apt | 19 ++------------- data/helpers.d/php | 59 ++++------------------------------------------ 2 files changed, 6 insertions(+), 72 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 0eedfd601..f662c58e4 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -360,7 +360,6 @@ ynh_add_sury() { # # usage: ynh_add_app_dependencies --package=phpversion [--replace] # | arg: -p, --package= - Packages to add as dependencies for the app. -# | arg: -r, --replace - Replace dependencies instead of adding to existing ones. # # Requires YunoHost version 3.8.1 or higher. ynh_add_app_dependencies () { @@ -368,24 +367,10 @@ ynh_add_app_dependencies () { local legacy_args=pr local -A args_array=( [p]=package= [r]=replace) local package - local replace # Manage arguments with getopts ynh_handle_getopts_args "$@" - replace=${replace:-0} - local current_dependencies="" - if [ $replace -eq 0 ] - then - local dep_app=${app//_/-} # Replace all '_' by '-' - if ynh_package_is_installed --package="${dep_app}-ynh-deps" - then - current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) " - fi - - current_dependencies=${current_dependencies// | /|} - fi - - ynh_install_app_dependencies "${current_dependencies}${package}" + ynh_install_app_dependencies "${package}" } # Remove fake package and its dependencies @@ -450,7 +435,7 @@ ynh_install_extra_app_dependencies () { ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name # Install requested dependencies from this extra repository. - ynh_add_app_dependencies --package="$package" + ynh_install_app_dependencies --package="$package" # Remove this extra repository after packages are installed ynh_remove_extra_repo --name=$app diff --git a/data/helpers.d/php b/data/helpers.d/php index 6d47fdc13..2191b0d22 100644 --- a/data/helpers.d/php +++ b/data/helpers.d/php @@ -111,7 +111,7 @@ ynh_add_fpm_config () { elif [ -n "$package" ] then # Install the additionnal packages from the default repository - ynh_add_app_dependencies --package="$package" + ynh_install_app_dependencies "$package" fi if [ $dedicated_service -eq 1 ] @@ -330,36 +330,13 @@ ynh_install_php () { ynh_handle_getopts_args "$@" package=${package:-} - # Store phpversion into the config of this app - ynh_app_setting_set $app phpversion $phpversion - if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ] then ynh_die --message="Do not use ynh_install_php to install php$YNH_DEFAULT_PHP_VERSION" fi - # Create the file if doesn't exist already - touch /etc/php/ynh_app_version - - # Do not add twice the same line - if ! grep --quiet "$YNH_APP_INSTANCE_NAME:" "/etc/php/ynh_app_version" - then - # Store the ID of this app and the version of PHP requested for it - echo "$YNH_APP_INSTANCE_NAME:$phpversion" | tee --append "/etc/php/ynh_app_version" - fi - - ynh_add_sury - - # Install requested dependencies from this extra repository. - # Install PHP-FPM first, otherwise PHP will install apache as a dependency. - ynh_add_app_dependencies --package="php${phpversion}-fpm" - ynh_add_app_dependencies --package="php$phpversion php${phpversion}-common $package" - - # Set the default PHP version back as the default version for php-cli. - update-alternatives --set php /usr/bin/php$YNH_DEFAULT_PHP_VERSION - - # Advertise service in admin panel - yunohost service add php${phpversion}-fpm --log "/var/log/php${phpversion}-fpm.log" + ynh_install_app_dependencies "$package" + ynh_app_setting_set $app phpversion $phpversion } # Remove the specific version of PHP used by the app. @@ -370,35 +347,7 @@ ynh_install_php () { # # Requires YunoHost version 3.8.1 or higher. ynh_remove_php () { - # Get the version of PHP used by this app - local phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - - if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ] || [ -z "$phpversion" ] - then - if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ] - then - ynh_print_err "Do not use ynh_remove_php to remove php$YNH_DEFAULT_PHP_VERSION !" - fi - return 0 - fi - - # Create the file if doesn't exist already - touch /etc/php/ynh_app_version - - # Remove the line for this app - sed --in-place "/$YNH_APP_INSTANCE_NAME:$phpversion/d" "/etc/php/ynh_app_version" - - # If no other app uses this version of PHP, remove it. - if ! grep --quiet "$phpversion" "/etc/php/ynh_app_version" - then - # Remove the service from the admin panel - if ynh_package_is_installed --package="php${phpversion}-fpm"; then - yunohost service remove php${phpversion}-fpm - fi - - # Purge PHP dependencies for this version. - ynh_package_autopurge "php$phpversion php${phpversion}-fpm php${phpversion}-common" - fi + ynh_remove_app_dependencies } # Define the values to configure PHP-FPM From e07e1a95f4e223808d15fed8098d67f27de01653 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 16 Jun 2020 21:31:24 +0200 Subject: [PATCH 23/47] Apply suggestions from code review Co-authored-by: Kayou --- data/helpers.d/apt | 4 ++-- data/helpers.d/php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index f662c58e4..8b284d4fc 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -329,7 +329,7 @@ EOF update-alternatives --set php /usr/bin/php$YNH_DEFAULT_PHP_VERSION # Store phpversion into the config of this app - ynh_app_setting_set $app phpversion $specific_php_version + ynh_app_setting_set --app=$app --key=phpversion --value=$specific_php_version # Integrate new php-fpm service in yunohost yunohost service add php${specific_php_version}-fpm --log "/var/log/php${phpversion}-fpm.log" @@ -435,7 +435,7 @@ ynh_install_extra_app_dependencies () { ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name # Install requested dependencies from this extra repository. - ynh_install_app_dependencies --package="$package" + ynh_install_app_dependencies "$package" # Remove this extra repository after packages are installed ynh_remove_extra_repo --name=$app diff --git a/data/helpers.d/php b/data/helpers.d/php index 2191b0d22..d383c1e4f 100644 --- a/data/helpers.d/php +++ b/data/helpers.d/php @@ -336,7 +336,7 @@ ynh_install_php () { fi ynh_install_app_dependencies "$package" - ynh_app_setting_set $app phpversion $phpversion + ynh_app_setting_set --app=$app --key=phpversion --value=$specific_php_version } # Remove the specific version of PHP used by the app. From 5054397a5a73d13eb3e50a8f52b01c693d3c871d Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 15:11:09 +0200 Subject: [PATCH 24/47] helpers: Add deprecation warning to ynh_add_app_dependencies --- data/helpers.d/apt | 1 + 1 file changed, 1 insertion(+) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 8b284d4fc..b182edc6c 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -370,6 +370,7 @@ ynh_add_app_dependencies () { # Manage arguments with getopts ynh_handle_getopts_args "$@" + ynh_print_warn --message="Packagers: ynh_add_app_dependencies is deprecated and is now only an alias to ynh_install_app_dependencies" ynh_install_app_dependencies "${package}" } From 9ee631c1c451f1befe59fa3c5abeed325a4d1b5d Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 15:16:18 +0200 Subject: [PATCH 25/47] helpers: Typo in ynh_remove_app_dependencies --- data/helpers.d/apt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index b182edc6c..6f1db90f8 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -397,7 +397,7 @@ ynh_remove_app_dependencies () { # if the corresponding php-fpm is still there. Otherwise, we remove the # service from yunohost as well - local specific_php_version=$(echo $dependencies | tr '-' ' ' | grep -o -E "\" | sed 's/php//g' | sort | uniq) + local specific_php_version=$(echo $current_dependencies | tr '-' ' ' | grep -o -E "\" | sed 's/php//g' | sort | uniq) [[ "$specific_php_version" != "$YNH_DEFAULT_PHP_VERSION" ]] || specific_php_version="" if [[ -n "$specific_php_version" ]] && ! ynh_package_is_installed --package="php${specific_php_version}-fpm"; then From 13d012bb4fe8ef05a1c6c8cfdab87a88b7b6cc87 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 15:34:26 +0200 Subject: [PATCH 26/47] helpers apt: save phpversion in settings even when using php default version --- data/helpers.d/apt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 6f1db90f8..235cc0067 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -293,7 +293,7 @@ ynh_install_app_dependencies () { # https://github.com/YunoHost/issues/issues/1407 # # If we require to install php dependency - if echo $dependencies | grep --quiet 'php' + if grep --quiet 'php' <<< "$dependencies" then # And we have packages from sury installed (7.0.33-10+weirdshiftafter instead of 7.0.33-0 on debian) if dpkg --list | grep "php7.0" | grep --quiet --invert-match "7.0.33-0+deb9" @@ -333,6 +333,9 @@ EOF # Integrate new php-fpm service in yunohost yunohost service add php${specific_php_version}-fpm --log "/var/log/php${phpversion}-fpm.log" + elif grep --quiet 'php' <<< "$dependencies" + # Store phpversion into the config of this app + ynh_app_setting_set --app=$app --key=phpversion --value=$YNH_DEFAULT_PHP_VERSION fi } From a98552ef0e3a39b0870414bad574b10cfe55da59 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 15:55:52 +0200 Subject: [PATCH 27/47] helpers: Fix weird 0 syntax which shfmt ain't happy with (dangling 0) --- data/helpers.d/logging | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/logging b/data/helpers.d/logging index 71998763e..d11fc578f 100644 --- a/data/helpers.d/logging +++ b/data/helpers.d/logging @@ -249,7 +249,7 @@ ynh_script_progression () { local weight_valuesB="$(grep --perl-regexp "^[^#]*ynh_script_progression.*-w " $0 | sed 's/.*-w[= ]\([[:digit:]]*\).*/\1/g')" # Each value will be on a different line. # Remove each 'end of line' and replace it by a '+' to sum the values. - local weight_values=$(( $(echo "$weight_valuesA" | tr '\n' '+') + $(echo "$weight_valuesB" | tr '\n' '+') 0 )) + local weight_values=$(( $(echo "$weight_valuesA" "$weight_valuesB" | grep -v -E '^\s*$' | tr '\n' '+' | sed 's/+$/+0/g') )) # max_progression is a total number of calls to this helper. # Less the number of calls with a weight value. From 93cc413f4aa22dde6f50b2dd3c4e5a8207ede442 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 16:01:53 +0200 Subject: [PATCH 28/47] helpers: lint/reformat with shfmt -bn -i 4 -w $FILE --- data/helpers.d/apt | 148 ++++++++++++------------- data/helpers.d/backup | 143 ++++++++++-------------- data/helpers.d/config | 172 +++++++++++------------------ data/helpers.d/fail2ban | 18 ++- data/helpers.d/getopts | 69 +++++------- data/helpers.d/hardware | 36 +++--- data/helpers.d/logging | 83 +++++++------- data/helpers.d/logrotate | 34 +++--- data/helpers.d/multimedia | 41 ++++--- data/helpers.d/mysql | 37 +++---- data/helpers.d/network | 38 +++---- data/helpers.d/nginx | 8 +- data/helpers.d/nodejs | 42 ++++--- data/helpers.d/permission | 95 ++++++---------- data/helpers.d/php | 177 ++++++++++++------------------ data/helpers.d/postgresql | 23 ++-- data/helpers.d/setting | 17 ++- data/helpers.d/string | 28 ++--- data/helpers.d/systemd | 55 ++++------ data/helpers.d/user | 37 +++---- data/helpers.d/utils | 223 ++++++++++++++++---------------------- 21 files changed, 627 insertions(+), 897 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index c3439a583..e77fb8a5c 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -12,31 +12,27 @@ ynh_wait_dpkg_free() { local try set +o xtrace # set +x # With seq 1 17, timeout will be almost 30 minutes - for try in `seq 1 17` - do + for try in $(seq 1 17); do # Check if /var/lib/dpkg/lock is used by another process - if lsof /var/lib/dpkg/lock > /dev/null - then + if lsof /var/lib/dpkg/lock >/dev/null; then echo "apt is already in use..." # Sleep an exponential time at each round - sleep $(( try * try )) + sleep $((try * try)) else # Check if dpkg hasn't been interrupted and is fully available. # See this for more information: https://sources.debian.org/src/apt/1.4.9/apt-pkg/deb/debsystem.cc/#L141-L174 local dpkg_dir="/var/lib/dpkg/updates/" # For each file in $dpkg_dir - while read dpkg_file <&9 - do + while read dpkg_file <&9; do # Check if the name of this file contains only numbers. - if echo "$dpkg_file" | grep --perl-regexp --quiet "^[[:digit:]]+$" - then + if echo "$dpkg_file" | grep --perl-regexp --quiet "^[[:digit:]]+$"; then # If so, that a remaining of dpkg. ynh_print_err "dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem." set -o xtrace # set -x return 1 fi - done 9<<< "$(ls -1 $dpkg_dir)" + done 9<<<"$(ls -1 $dpkg_dir)" set -o xtrace # set -x return 0 fi @@ -57,7 +53,7 @@ ynh_wait_dpkg_free() { ynh_package_is_installed() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=package= ) + local -A args_array=([p]=package=) local package # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -79,13 +75,12 @@ ynh_package_is_installed() { ynh_package_version() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=package= ) + local -A args_array=([p]=package=) local package # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ynh_package_is_installed "$package" - then + if ynh_package_is_installed "$package"; then dpkg-query --show --showformat='${Version}' "$package" 2>/dev/null else echo '' @@ -166,14 +161,14 @@ ynh_package_autopurge() { # | arg: controlfile - path of the equivs control file # # Requires YunoHost version 2.2.4 or higher. -ynh_package_install_from_equivs () { +ynh_package_install_from_equivs() { local controlfile=$1 # retrieve package information - local pkgname=$(grep '^Package: ' $controlfile | cut --delimiter=' ' --fields=2) # Retrieve the name of the debian package - local pkgversion=$(grep '^Version: ' $controlfile | cut --delimiter=' ' --fields=2) # And its version number + local pkgname=$(grep '^Package: ' $controlfile | cut --delimiter=' ' --fields=2) # Retrieve the name of the debian package + local pkgversion=$(grep '^Version: ' $controlfile | cut --delimiter=' ' --fields=2) # And its version number [[ -z "$pkgname" || -z "$pkgversion" ]] \ - && ynh_die --message="Invalid control file" # Check if this 2 variables aren't empty. + && ynh_die --message="Invalid control file" # Check if this 2 variables aren't empty. # Update packages cache ynh_package_update @@ -182,7 +177,7 @@ ynh_package_install_from_equivs () { local TMPDIR=$(mktemp --directory) # Force the compatibility level at 10, levels below are deprecated - echo 10 > /usr/share/equivs/template/debian/compat + echo 10 >/usr/share/equivs/template/debian/compat # Note that the cd executes into a sub shell # Create a fake deb package with equivs-build and the given control file @@ -190,21 +185,24 @@ ynh_package_install_from_equivs () { # Install missing dependencies with ynh_package_install ynh_wait_dpkg_free cp "$controlfile" "${TMPDIR}/control" - (cd "$TMPDIR" - LC_ALL=C equivs-build ./control 1> /dev/null - LC_ALL=C dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1 | tee ./dpkg_log) + ( + cd "$TMPDIR" + LC_ALL=C equivs-build ./control 1>/dev/null + LC_ALL=C dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1 | tee ./dpkg_log + ) - ynh_package_install --fix-broken || \ - { # If the installation failed - # (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process) - # Parse the list of problematic dependencies from dpkg's log ... - # (relevant lines look like: "foo-ynh-deps depends on bar; however:") - local problematic_dependencies="$(cat $TMPDIR/dpkg_log | grep -oP '(?<=-ynh-deps depends on ).*(?=; however)' | tr '\n' ' ')" - # Fake an install of those dependencies to see the errors - # The sed command here is, Print only from 'Reading state info' to the end. - [[ -n "$problematic_dependencies" ]] && ynh_package_install $problematic_dependencies --dry-run 2>&1 | sed --quiet '/Reading state info/,$p' | grep -v "fix-broken\|Reading state info" >&2 - ynh_die --message="Unable to install dependencies"; } - [[ -n "$TMPDIR" ]] && rm --recursive --force $TMPDIR # Remove the temp dir. + ynh_package_install --fix-broken \ + || { # If the installation failed + # (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process) + # Parse the list of problematic dependencies from dpkg's log ... + # (relevant lines look like: "foo-ynh-deps depends on bar; however:") + local problematic_dependencies="$(cat $TMPDIR/dpkg_log | grep -oP '(?<=-ynh-deps depends on ).*(?=; however)' | tr '\n' ' ')" + # Fake an install of those dependencies to see the errors + # The sed command here is, Print only from 'Reading state info' to the end. + [[ -n "$problematic_dependencies" ]] && ynh_package_install $problematic_dependencies --dry-run 2>&1 | sed --quiet '/Reading state info/,$p' | grep -v "fix-broken\|Reading state info" >&2 + ynh_die --message="Unable to install dependencies" + } + [[ -n "$TMPDIR" ]] && rm --recursive --force $TMPDIR # Remove the temp dir. # check if the package is actually installed ynh_package_is_installed "$pkgname" @@ -221,7 +219,7 @@ ynh_package_install_from_equivs () { # | arg: "dep1|dep2|…" - You can specify alternatives. It will require to install (dep1 or dep2, etc). # # Requires YunoHost version 2.6.4 or higher. -ynh_install_app_dependencies () { +ynh_install_app_dependencies() { local dependencies=$@ # Add a comma for each space between packages. But not add a comma if the space separate a version specification. (See below) dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')" @@ -232,11 +230,10 @@ ynh_install_app_dependencies () { if [ -z "${version}" ] || [ "$version" == "null" ]; then version="1.0" fi - local dep_app=${app//_/-} # Replace all '_' by '-' + local dep_app=${app//_/-} # Replace all '_' by '-' # Handle specific versions - if [[ "$dependencies" =~ [\<=\>] ]] - then + if [[ "$dependencies" =~ [\<=\>] ]]; then # Replace version specifications by relationships syntax # https://www.debian.org/doc/debian-policy/ch-relationships.html # Sed clarification @@ -254,21 +251,18 @@ ynh_install_app_dependencies () { # https://github.com/YunoHost/issues/issues/1407 # # If we require to install php dependency - if echo $dependencies | grep --quiet 'php' - then + if echo $dependencies | grep --quiet 'php'; then # And we have packages from sury installed (7.0.33-10+weirdshiftafter instead of 7.0.33-0 on debian) - if dpkg --list | grep "php7.0" | grep --quiet --invert-match "7.0.33-0+deb9" - then + if dpkg --list | grep "php7.0" | grep --quiet --invert-match "7.0.33-0+deb9"; then # And sury ain't already in sources.lists - if ! grep --recursive --quiet "^ *deb.*sury" /etc/apt/sources.list* - then + if ! grep --recursive --quiet "^ *deb.*sury" /etc/apt/sources.list*; then # Re-add sury ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(ynh_get_debian_release) main" --key="https://packages.sury.org/php/apt.gpg" --name=extra_php_version --priority=600 fi fi fi - cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build + cat >/tmp/${dep_app}-ynh-deps.control < /dev/null + wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg >/dev/null fi # Update the list of package with the new repo @@ -449,10 +437,10 @@ ynh_install_extra_repo () { # | arg: -n, --name= - Name for the files for this repo, $app as default value. # # Requires YunoHost version 3.8.1 or higher. -ynh_remove_extra_repo () { +ynh_remove_extra_repo() { # Declare an array to define the options of this helper. local legacy_args=n - local -A args_array=( [n]=name= ) + local -A args_array=([n]=name=) local name # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -461,8 +449,8 @@ ynh_remove_extra_repo () { ynh_secure_remove --file="/etc/apt/sources.list.d/$name.list" # Sury pinning is managed by the regenconf in the core... [[ "$name" == "extra_php_version" ]] || ynh_secure_remove "/etc/apt/preferences.d/$name" - ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.gpg" > /dev/null - ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.asc" > /dev/null + ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.gpg" >/dev/null + ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.asc" >/dev/null # Update the list of package to exclude the old repo ynh_package_update @@ -484,10 +472,10 @@ ynh_remove_extra_repo () { # ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable # # Requires YunoHost version 3.8.1 or higher. -ynh_add_repo () { +ynh_add_repo() { # Declare an array to define the options of this helper. local legacy_args=uscna - local -A args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append ) + local -A args_array=([u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append) local uri local suite local component @@ -498,8 +486,7 @@ ynh_add_repo () { name="${name:-$app}" append=${append:-0} - if [ $append -eq 1 ] - then + if [ $append -eq 1 ]; then append="tee --append" else append="tee" @@ -525,10 +512,10 @@ ynh_add_repo () { # See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html#How_APT_Interprets_Priorities for information about pinning. # # Requires YunoHost version 3.8.1 or higher. -ynh_pin_repo () { +ynh_pin_repo() { # Declare an array to define the options of this helper. local legacy_args=pirna - local -A args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append ) + local -A args_array=([p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append) local package local pin local priority @@ -541,8 +528,7 @@ ynh_pin_repo () { name="${name:-$app}" append=${append:-0} - if [ $append -eq 1 ] - then + if [ $append -eq 1 ]; then append="tee --append" else append="tee" @@ -556,5 +542,5 @@ ynh_pin_repo () { Pin: $pin Pin-Priority: $priority " \ - | $append "/etc/apt/preferences.d/$name" + | $append "/etc/apt/preferences.d/$name" } diff --git a/data/helpers.d/backup b/data/helpers.d/backup index 21ca2d7f0..27ffa015c 100644 --- a/data/helpers.d/backup +++ b/data/helpers.d/backup @@ -67,7 +67,7 @@ ynh_backup() { # Declare an array to define the options of this helper. local legacy_args=sdbm - local -A args_array=( [s]=src_path= [d]=dest_path= [b]=is_big [m]=not_mandatory ) + local -A args_array=([s]=src_path= [d]=dest_path= [b]=is_big [m]=not_mandatory) local src_path local dest_path local is_big @@ -83,10 +83,8 @@ ynh_backup() { # If backing up core only (used by ynh_backup_before_upgrade), # don't backup big data items - if [ $is_big -eq 1 ] && ( [ ${do_not_backup_data:-0} -eq 1 ] || [ $BACKUP_CORE_ONLY -eq 1 ] ) - then - if [ $BACKUP_CORE_ONLY -eq 1 ] - then + if [ $is_big -eq 1 ] && ([ ${do_not_backup_data:-0} -eq 1 ] || [ $BACKUP_CORE_ONLY -eq 1 ]); then + if [ $BACKUP_CORE_ONLY -eq 1 ]; then ynh_print_info --message="$src_path will not be saved, because 'BACKUP_CORE_ONLY' is set." else ynh_print_info --message="$src_path will not be saved, because 'do_not_backup_data' is set." @@ -98,14 +96,11 @@ ynh_backup() { # Format correctly source and destination paths # ============================================================================== # Be sure the source path is not empty - if [ ! -e "$src_path" ] - then + if [ ! -e "$src_path" ]; then ynh_print_warn --message="Source path '${src_path}' does not exist" - if [ "$not_mandatory" == "0" ] - then + if [ "$not_mandatory" == "0" ]; then # This is a temporary fix for fail2ban config files missing after the migration to stretch. - if echo "${src_path}" | grep --quiet "/etc/fail2ban" - then + if echo "${src_path}" | grep --quiet "/etc/fail2ban"; then touch "${src_path}" ynh_print_info --message="The missing file will be replaced by a dummy one for the backup !!!" else @@ -123,13 +118,11 @@ ynh_backup() { # If there is no destination path, initialize it with the source path # relative to "/". # eg: src_path=/etc/yunohost -> dest_path=etc/yunohost - if [[ -z "$dest_path" ]] - then + if [[ -z "$dest_path" ]]; then dest_path="${src_path#/}" else - if [[ "${dest_path:0:1}" == "/" ]] - then + if [[ "${dest_path:0:1}" == "/" ]]; then # If the destination path is an absolute path, transform it as a path # relative to the current working directory ($YNH_CWD) @@ -153,8 +146,7 @@ ynh_backup() { fi # Check if dest_path already exists in tmp archive - if [[ -e "${dest_path}" ]] - then + if [[ -e "${dest_path}" ]]; then ynh_print_err --message="Destination path '${dest_path}' already exist" return 1 fi @@ -171,7 +163,7 @@ ynh_backup() { # ============================================================================== local src=$(echo "${src_path}" | sed --regexp-extended 's/"/\"\"/g') local dest=$(echo "${dest_path}" | sed --regexp-extended 's/"/\"\"/g') - echo "\"${src}\",\"${dest}\"" >> "${YNH_BACKUP_CSV}" + echo "\"${src}\",\"${dest}\"" >>"${YNH_BACKUP_CSV}" # ============================================================================== @@ -185,19 +177,18 @@ ynh_backup() { # usage: ynh_restore # # Requires YunoHost version 2.6.4 or higher. -ynh_restore () { +ynh_restore() { # Deduce the relative path of $YNH_CWD local REL_DIR="${YNH_CWD#$YNH_BACKUP_DIR/}" REL_DIR="${REL_DIR%/}/" # For each destination path begining by $REL_DIR - cat ${YNH_BACKUP_CSV} | tr --delete $'\r' | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR.*\"$" | \ - while read line - do - local ORIGIN_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\"\K.*(?=\",\".*\"$)") - local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR\K.*(?=\"$)") - ynh_restore_file --origin_path="$ARCHIVE_PATH" --dest_path="$ORIGIN_PATH" - done + cat ${YNH_BACKUP_CSV} | tr --delete $'\r' | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR.*\"$" \ + | while read line; do + local ORIGIN_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\"\K.*(?=\",\".*\"$)") + local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR\K.*(?=\"$)") + ynh_restore_file --origin_path="$ARCHIVE_PATH" --dest_path="$ORIGIN_PATH" + done } # Return the path in the archive where has been stocked the origin path @@ -205,7 +196,7 @@ ynh_restore () { # [internal] # # usage: _get_archive_path ORIGIN_PATH -_get_archive_path () { +_get_archive_path() { # For security reasons we use csv python library to read the CSV python3 -c " import sys @@ -217,7 +208,7 @@ with open(sys.argv[1], 'r') as backup_file: print(row['dest']) sys.exit(0) raise Exception('Original path for %s not found' % sys.argv[2]) - " "${YNH_BACKUP_CSV}" "$1" + " "${YNH_BACKUP_CSV}" "$1" return $? } @@ -245,10 +236,10 @@ with open(sys.argv[1], 'r') as backup_file: # # Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 3.5.0 or higher for the argument --not_mandatory -ynh_restore_file () { +ynh_restore_file() { # Declare an array to define the options of this helper. local legacy_args=odm - local -A args_array=( [o]=origin_path= [d]=dest_path= [m]=not_mandatory ) + local -A args_array=([o]=origin_path= [d]=dest_path= [m]=not_mandatory) local origin_path local dest_path local not_mandatory @@ -261,10 +252,8 @@ ynh_restore_file () { local archive_path="$YNH_CWD${origin_path}" # If archive_path doesn't exist, search for a corresponding path in CSV - if [ ! -d "$archive_path" ] && [ ! -f "$archive_path" ] && [ ! -L "$archive_path" ] - then - if [ "$not_mandatory" == "0" ] - then + if [ ! -d "$archive_path" ] && [ ! -f "$archive_path" ] && [ ! -L "$archive_path" ]; then + if [ "$not_mandatory" == "0" ]; then archive_path="$YNH_BACKUP_DIR/$(_get_archive_path \"$origin_path\")" else return 0 @@ -272,14 +261,12 @@ ynh_restore_file () { fi # Move the old directory if it already exists - if [[ -e "${dest_path}" ]] - then + if [[ -e "${dest_path}" ]]; then # Check if the file/dir size is less than 500 Mo - if [[ $(du --summarize --bytes ${dest_path} | cut --delimiter="/" --fields=1) -le "500000000" ]] - then + if [[ $(du --summarize --bytes ${dest_path} | cut --delimiter="/" --fields=1) -le "500000000" ]]; then local backup_file="/home/yunohost.conf/backup/${dest_path}.backup.$(date '+%Y%m%d.%H%M%S')" mkdir --parents "$(dirname "$backup_file")" - mv "${dest_path}" "$backup_file" # Move the current file or directory + mv "${dest_path}" "$backup_file" # Move the current file or directory else ynh_secure_remove --file=${dest_path} fi @@ -289,10 +276,8 @@ ynh_restore_file () { mkdir --parents $(dirname "$dest_path") # Do a copy if it's just a mounting point - if mountpoint --quiet $YNH_BACKUP_DIR - then - if [[ -d "${archive_path}" ]] - then + if mountpoint --quiet $YNH_BACKUP_DIR; then + if [[ -d "${archive_path}" ]]; then archive_path="${archive_path}/." mkdir --parents "$dest_path" fi @@ -323,10 +308,10 @@ ynh_bind_or_cp() { # $app should be defined when calling this helper # # Requires YunoHost version 2.6.4 or higher. -ynh_store_file_checksum () { +ynh_store_file_checksum() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= [u]=update_only ) + local -A args_array=([f]=file= [u]=update_only) local file local update_only update_only="${update_only:-0}" @@ -334,22 +319,21 @@ ynh_store_file_checksum () { # Manage arguments with getopts ynh_handle_getopts_args "$@" - local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' - + local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' + # If update only, we don't save the new checksum if no old checksum exist - if [ $update_only -eq 1 ] ; then + if [ $update_only -eq 1 ]; then local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name) - if [ -z "${checksum_value}" ] ; then + if [ -z "${checksum_value}" ]; then unset backup_file_checksum return 0 fi fi - + ynh_app_setting_set --app=$app --key=$checksum_setting_name --value=$(md5sum "$file" | cut --delimiter=' ' --fields=1) # If backup_file_checksum isn't empty, ynh_backup_if_checksum_is_different has made a backup - if [ -n "${backup_file_checksum-}" ] - then + if [ -n "${backup_file_checksum-}" ]; then # Print the diff between the previous file and the new one. # diff return 1 if the files are different, so the || true diff --report-identical-files --unified --color=always $backup_file_checksum $file >&2 || true @@ -368,27 +352,25 @@ ynh_store_file_checksum () { # modified config files. # # Requires YunoHost version 2.6.4 or higher. -ynh_backup_if_checksum_is_different () { +ynh_backup_if_checksum_is_different() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= ) + local -A args_array=([f]=file=) local file # Manage arguments with getopts ynh_handle_getopts_args "$@" - local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' + local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name) # backup_file_checksum isn't declare as local, so it can be reuse by ynh_store_file_checksum backup_file_checksum="" - if [ -n "$checksum_value" ] - then # Proceed only if a value was stored into the app settings - if [ -e $file ] && ! echo "$checksum_value $file" | md5sum --check --status - then # If the checksum is now different + if [ -n "$checksum_value" ]; then # Proceed only if a value was stored into the app settings + if [ -e $file ] && ! echo "$checksum_value $file" | md5sum --check --status; then # If the checksum is now different backup_file_checksum="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')" mkdir --parents "$(dirname "$backup_file_checksum")" - cp --archive "$file" "$backup_file_checksum" # Backup the current file + cp --archive "$file" "$backup_file_checksum" # Backup the current file ynh_print_warn "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file_checksum" - echo "$backup_file_checksum" # Return the name of the backup file + echo "$backup_file_checksum" # Return the name of the backup file fi fi } @@ -401,15 +383,15 @@ ynh_backup_if_checksum_is_different () { # $app should be defined when calling this helper # # Requires YunoHost version 3.3.1 or higher. -ynh_delete_file_checksum () { +ynh_delete_file_checksum() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= ) + local -A args_array=([f]=file=) local file # Manage arguments with getopts ynh_handle_getopts_args "$@" - local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' + local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' ynh_app_setting_delete --app=$app --key=$checksum_setting_name } @@ -417,7 +399,7 @@ ynh_delete_file_checksum () { # # [internal] # -ynh_backup_archive_exists () { +ynh_backup_archive_exists() { yunohost backup list --output-as json --quiet \ | jq -e --arg archive "$1" '.archives | index($archive)' >/dev/null } @@ -436,22 +418,19 @@ ynh_backup_archive_exists () { # ``` # # Requires YunoHost version 2.7.2 or higher. -ynh_backup_before_upgrade () { - if [ ! -e "/etc/yunohost/apps/$app/scripts/backup" ] - then +ynh_backup_before_upgrade() { + if [ ! -e "/etc/yunohost/apps/$app/scripts/backup" ]; then ynh_print_warn --message="This app doesn't have any backup script." return fi backup_number=1 local old_backup_number=2 - local app_bck=${app//_/-} # Replace all '_' by '-' + local app_bck=${app//_/-} # Replace all '_' by '-' NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0} - if [ "$NO_BACKUP_UPGRADE" -eq 0 ] - then + if [ "$NO_BACKUP_UPGRADE" -eq 0 ]; then # Check if a backup already exists with the prefix 1 - if ynh_backup_archive_exists "$app_bck-pre-upgrade1" - then + if ynh_backup_archive_exists "$app_bck-pre-upgrade1"; then # Prefix becomes 2 to preserve the previous backup backup_number=2 old_backup_number=1 @@ -459,13 +438,11 @@ ynh_backup_before_upgrade () { # Create backup BACKUP_CORE_ONLY=1 yunohost backup create --apps $app --name $app_bck-pre-upgrade$backup_number --debug - if [ "$?" -eq 0 ] - then + if [ "$?" -eq 0 ]; then # If the backup succeeded, remove the previous backup - if ynh_backup_archive_exists "$app_bck-pre-upgrade$old_backup_number" - then + if ynh_backup_archive_exists "$app_bck-pre-upgrade$old_backup_number"; then # Remove the previous backup only if it exists - yunohost backup delete $app_bck-pre-upgrade$old_backup_number > /dev/null + yunohost backup delete $app_bck-pre-upgrade$old_backup_number >/dev/null fi else ynh_die --message="Backup failed, the upgrade process was aborted." @@ -489,17 +466,15 @@ ynh_backup_before_upgrade () { # ``` # # Requires YunoHost version 2.7.2 or higher. -ynh_restore_upgradebackup () { +ynh_restore_upgradebackup() { ynh_print_err --message="Upgrade failed." - local app_bck=${app//_/-} # Replace all '_' by '-' + local app_bck=${app//_/-} # Replace all '_' by '-' NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0} - if [ "$NO_BACKUP_UPGRADE" -eq 0 ] - then + if [ "$NO_BACKUP_UPGRADE" -eq 0 ]; then # Check if an existing backup can be found before removing and restoring the application. - if ynh_backup_archive_exists "$app_bck-pre-upgrade$backup_number" - then + if ynh_backup_archive_exists "$app_bck-pre-upgrade$backup_number"; then # Remove the application then restore it yunohost app remove $app # Restore the backup diff --git a/data/helpers.d/config b/data/helpers.d/config index 3f856ffa4..247d12d6f 100644 --- a/data/helpers.d/config +++ b/data/helpers.d/config @@ -1,60 +1,49 @@ #!/bin/bash - _ynh_app_config_get_one() { local short_setting="$1" local type="$2" local bind="$3" local getter="get__${short_setting}" # Get value from getter if exists - if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null; then old[$short_setting]="$($getter)" formats[${short_setting}]="yaml" - elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then old[$short_setting]="$("get__${bind%%(*}" $short_setting $type $bind)" formats[${short_setting}]="yaml" - - elif [[ "$bind" == "null" ]] - then + + elif [[ "$bind" == "null" ]]; then old[$short_setting]="YNH_NULL" # Get value from app settings or from another file - elif [[ "$type" == "file" ]] - then - if [[ "$bind" == "settings" ]] - then + elif [[ "$type" == "file" ]]; then + if [[ "$bind" == "settings" ]]; then ynh_die --message="File '${short_setting}' can't be stored in settings" fi - old[$short_setting]="$(ls "$(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" 2> /dev/null || echo YNH_NULL)" + old[$short_setting]="$(ls "$(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" 2>/dev/null || echo YNH_NULL)" file_hash[$short_setting]="true" # Get multiline text from settings or from a full file - elif [[ "$type" == "text" ]] - then - if [[ "$bind" == "settings" ]] - then + elif [[ "$type" == "text" ]]; then + if [[ "$bind" == "settings" ]]; then old[$short_setting]="$(ynh_app_setting_get $app $short_setting)" - elif [[ "$bind" == *":"* ]] - then + elif [[ "$bind" == *":"* ]]; then ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically in a variable file, you have to create custom getter/setter" else - old[$short_setting]="$(cat $(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/) 2> /dev/null || echo YNH_NULL)" + old[$short_setting]="$(cat $(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/) 2>/dev/null || echo YNH_NULL)" fi # Get value from a kind of key/value file else local bind_after="" - if [[ "$bind" == "settings" ]] - then + if [[ "$bind" == "settings" ]]; then bind=":/etc/yunohost/apps/$app/settings.yml" fi local bind_key_="$(echo "$bind" | cut -d: -f1)" bind_key_=${bind_key_:-$short_setting} - if [[ "$bind_key_" == *">"* ]]; - then + if [[ "$bind_key_" == *">"* ]]; then bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)" bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)" fi @@ -68,39 +57,31 @@ _ynh_app_config_apply_one() { local setter="set__${short_setting}" local bind="${binds[$short_setting]}" local type="${types[$short_setting]}" - if [ "${changed[$short_setting]}" == "true" ] - then + if [ "${changed[$short_setting]}" == "true" ]; then # Apply setter if exists - if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null; then $setter - elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then "set__${bind%%(*}" $short_setting $type $bind - - elif [[ "$bind" == "null" ]] - then + + elif [[ "$bind" == "null" ]]; then continue # Save in a file - elif [[ "$type" == "file" ]] - then - if [[ "$bind" == "settings" ]] - then + elif [[ "$type" == "file" ]]; then + if [[ "$bind" == "settings" ]]; then ynh_die --message="File '${short_setting}' can't be stored in settings" fi local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" - if [[ "${!short_setting}" == "" ]] - then + if [[ "${!short_setting}" == "" ]]; then ynh_backup_if_checksum_is_different --file="$bind_file" ynh_secure_remove --file="$bind_file" ynh_delete_file_checksum --file="$bind_file" --update_only ynh_print_info --message="File '$bind_file' removed" else ynh_backup_if_checksum_is_different --file="$bind_file" - if [[ "${!short_setting}" != "$bind_file" ]] - then + if [[ "${!short_setting}" != "$bind_file" ]]; then cp "${!short_setting}" "$bind_file" fi ynh_store_file_checksum --file="$bind_file" --update_only @@ -108,21 +89,18 @@ _ynh_app_config_apply_one() { fi # Save value in app settings - elif [[ "$bind" == "settings" ]] - then + elif [[ "$bind" == "settings" ]]; then ynh_app_setting_set --app=$app --key=$short_setting --value="${!short_setting}" ynh_print_info --message="Configuration key '$short_setting' edited in app settings" # Save multiline text in a file - elif [[ "$type" == "text" ]] - then - if [[ "$bind" == *":"* ]] - then + elif [[ "$type" == "text" ]]; then + if [[ "$bind" == *":"* ]]; then ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically in a variable file, you have to create custom getter/setter" fi local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" ynh_backup_if_checksum_is_different --file="$bind_file" - echo "${!short_setting}" > "$bind_file" + echo "${!short_setting}" >"$bind_file" ynh_store_file_checksum --file="$bind_file" --update_only ynh_print_info --message="File '$bind_file' overwritten with the content provided in question '${short_setting}'" @@ -131,8 +109,7 @@ _ynh_app_config_apply_one() { local bind_after="" local bind_key_="$(echo "$bind" | cut -d: -f1)" bind_key_=${bind_key_:-$short_setting} - if [[ "$bind_key_" == *">"* ]]; - then + if [[ "$bind_key_" == *">"* ]]; then bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)" bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)" fi @@ -152,7 +129,8 @@ _ynh_app_config_apply_one() { _ynh_app_config_get() { # From settings local lines - lines=$(python3 << EOL + lines=$( + python3 </dev/null; - then + if type -t validate__$short_setting | grep -q '^function$' 2>/dev/null; then result="$(validate__$short_setting)" - elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then "validate__${bind%%(*}" $short_setting fi - if [ -n "$result" ] - then + if [ -n "$result" ]; then # # Return a yaml such as: # @@ -287,8 +246,7 @@ _ynh_app_config_validate() { # # We use changes_validated to know if this is # the first validation error - if [[ "$changes_validated" == true ]] - then + if [[ "$changes_validated" == true ]]; then ynh_return "validation_errors:" fi ynh_return " ${short_setting}: \"$result\"" @@ -298,8 +256,7 @@ _ynh_app_config_validate() { # If validation failed, exit the script right now (instead of going into apply) # Yunohost core will pick up the errors returned via ynh_return previously - if [[ "$changes_validated" == "false" ]] - then + if [[ "$changes_validated" == "false" ]]; then exit 0 fi @@ -337,21 +294,20 @@ ynh_app_config_run() { declare -Ag formats=() case $1 in - show) - ynh_app_config_get - ynh_app_config_show - ;; - apply) - max_progression=4 - ynh_script_progression --message="Reading config panel description and current configuration..." - ynh_app_config_get + show) + ynh_app_config_get + ynh_app_config_show + ;; + apply) + max_progression=4 + ynh_script_progression --message="Reading config panel description and current configuration..." + ynh_app_config_get - ynh_app_config_validate + ynh_app_config_validate - ynh_script_progression --message="Applying the new configuration..." - ynh_app_config_apply - ynh_script_progression --message="Configuration of $app completed" --last - ;; + ynh_script_progression --message="Applying the new configuration..." + ynh_app_config_apply + ynh_script_progression --message="Configuration of $app completed" --last + ;; esac } - diff --git a/data/helpers.d/fail2ban b/data/helpers.d/fail2ban index 26c899d93..2b976cb8f 100644 --- a/data/helpers.d/fail2ban +++ b/data/helpers.d/fail2ban @@ -62,10 +62,10 @@ # ``` # # Requires YunoHost version 4.1.0 or higher. -ynh_add_fail2ban_config () { +ynh_add_fail2ban_config() { # Declare an array to define the options of this helper. local legacy_args=lrmptv - local -A args_array=( [l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template [v]=others_var=) + local -A args_array=([l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template [v]=others_var=) local logpath local failregex local max_retry @@ -81,8 +81,7 @@ ynh_add_fail2ban_config () { [[ -z "$others_var" ]] || ynh_print_warn --message="Packagers: using --others_var is unecessary since YunoHost 4.2" - if [ $use_template -ne 1 ] - then + if [ $use_template -ne 1 ]; then # Usage 1, no template. Build a config file from scratch. test -n "$logpath" || ynh_die --message="ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." test -n "$failregex" || ynh_die --message="ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." @@ -94,15 +93,15 @@ port = __PORTS__ filter = __APP__ logpath = __LOGPATH__ maxretry = __MAX_RETRY__ -" > $YNH_APP_BASEDIR/conf/f2b_jail.conf +" >$YNH_APP_BASEDIR/conf/f2b_jail.conf - echo " + echo " [INCLUDES] before = common.conf [Definition] failregex = __FAILREGEX__ ignoreregex = -" > $YNH_APP_BASEDIR/conf/f2b_filter.conf +" >$YNH_APP_BASEDIR/conf/f2b_filter.conf fi ynh_add_config --template="$YNH_APP_BASEDIR/conf/f2b_jail.conf" --destination="/etc/fail2ban/jail.d/$app.conf" @@ -111,8 +110,7 @@ ignoreregex = ynh_systemd_action --service_name=fail2ban --action=reload --line_match="(Started|Reloaded) Fail2Ban Service" --log_path=systemd local fail2ban_error="$(journalctl --no-hostname --unit=fail2ban | tail --lines=50 | grep "WARNING.*$app.*")" - if [[ -n "$fail2ban_error" ]] - then + if [[ -n "$fail2ban_error" ]]; then ynh_print_err --message="Fail2ban failed to load the jail for $app" ynh_print_warn --message="${fail2ban_error#*WARNING}" fi @@ -123,7 +121,7 @@ ignoreregex = # usage: ynh_remove_fail2ban_config # # Requires YunoHost version 3.5.0 or higher. -ynh_remove_fail2ban_config () { +ynh_remove_fail2ban_config() { ynh_secure_remove --file="/etc/fail2ban/jail.d/$app.conf" ynh_secure_remove --file="/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --service_name=fail2ban --action=reload diff --git a/data/helpers.d/getopts b/data/helpers.d/getopts index 8d9e55826..e912220e4 100644 --- a/data/helpers.d/getopts +++ b/data/helpers.d/getopts @@ -45,11 +45,10 @@ # e.g. for `my_helper "val1" val2`, arg1 will be filled with val1, and arg2 with val2. # # Requires YunoHost version 3.2.2 or higher. -ynh_handle_getopts_args () { +ynh_handle_getopts_args() { # Manage arguments only if there's some provided set +o xtrace # set +x - if [ $# -ne 0 ] - then + if [ $# -ne 0 ]; then # Store arguments in an array to keep each argument separated local arguments=("$@") @@ -58,14 +57,12 @@ ynh_handle_getopts_args () { # ${!args_array[@]} is the list of all option_flags in the array (An option_flag is 'u' in [u]=user, user is a value) local getopts_parameters="" local option_flag="" - for option_flag in "${!args_array[@]}" - do + for option_flag in "${!args_array[@]}"; do # Concatenate each option_flags of the array to build the string of arguments for getopts # Will looks like 'abcd' for -a -b -c -d # If the value of an option_flag finish by =, it's an option with additionnal values. (e.g. --user bob or -u bob) # Check the last character of the value associate to the option_flag - if [ "${args_array[$option_flag]: -1}" = "=" ] - then + if [ "${args_array[$option_flag]: -1}" = "=" ]; then # For an option with additionnal values, add a ':' after the letter for getopts. getopts_parameters="${getopts_parameters}${option_flag}:" else @@ -74,8 +71,7 @@ ynh_handle_getopts_args () { # Check each argument given to the function local arg="" # ${#arguments[@]} is the size of the array - for arg in `seq 0 $(( ${#arguments[@]} - 1 ))` - do + for arg in $(seq 0 $((${#arguments[@]} - 1))); do # Escape options' values starting with -. Otherwise the - will be considered as another option. arguments[arg]="${arguments[arg]//--${args_array[$option_flag]}-/--${args_array[$option_flag]}\\TOBEREMOVED\\-}" # And replace long option (value of the option_flag) by the short option, the option_flag itself @@ -89,10 +85,9 @@ ynh_handle_getopts_args () { # Read and parse all the arguments # Use a function here, to use standart arguments $@ and be able to use shift. - parse_arg () { + parse_arg() { # Read all arguments, until no arguments are left - while [ $# -ne 0 ] - do + while [ $# -ne 0 ]; do # Initialize the index of getopts OPTIND=1 # Parse with getopts only if the argument begin by -, that means the argument is an option @@ -100,11 +95,9 @@ ynh_handle_getopts_args () { local parameter="" getopts ":$getopts_parameters" parameter || true - if [ "$parameter" = "?" ] - then + if [ "$parameter" = "?" ]; then ynh_die --message="Invalid argument: -${OPTARG:-}" - elif [ "$parameter" = ":" ] - then + elif [ "$parameter" = ":" ]; then ynh_die --message="-$OPTARG parameter requires an argument." else local shift_value=1 @@ -115,8 +108,7 @@ ynh_handle_getopts_args () { local option_var="${args_array[$parameter]%=}" # If this option doesn't take values # if there's a '=' at the end of the long option name, this option takes values - if [ "${args_array[$parameter]: -1}" != "=" ] - then + if [ "${args_array[$parameter]: -1}" != "=" ]; then # 'eval ${option_var}' will use the content of 'option_var' eval ${option_var}=1 else @@ -126,41 +118,35 @@ ynh_handle_getopts_args () { # If the first argument is longer than 2 characters, # There's a value attached to the option, in the same array cell - if [ ${#all_args[0]} -gt 2 ] - then + if [ ${#all_args[0]} -gt 2 ]; then # Remove the option and the space, so keep only the value itself. all_args[0]="${all_args[0]#-${parameter} }" # At this point, if all_args[0] start with "-", then the argument is not well formed - if [ "${all_args[0]:0:1}" == "-" ] - then + if [ "${all_args[0]:0:1}" == "-" ]; then ynh_die --message="Argument \"${all_args[0]}\" not valid! Did you use a single \"-\" instead of two?" fi # Reduce the value of shift, because the option has been removed manually - shift_value=$(( shift_value - 1 )) + shift_value=$((shift_value - 1)) fi # Declare the content of option_var as a variable. eval ${option_var}="" # Then read the array value per value local i - for i in `seq 0 $(( ${#all_args[@]} - 1 ))` - do + for i in $(seq 0 $((${#all_args[@]} - 1))); do # If this argument is an option, end here. - if [ "${all_args[$i]:0:1}" == "-" ] - then + if [ "${all_args[$i]:0:1}" == "-" ]; then # Ignore the first value of the array, which is the option itself if [ "$i" -ne 0 ]; then break fi else # Ignore empty parameters - if [ -n "${all_args[$i]}" ] - then + if [ -n "${all_args[$i]}" ]; then # Else, add this value to this option # Each value will be separated by ';' - if [ -n "${!option_var}" ] - then + if [ -n "${!option_var}" ]; then # If there's already another value for this option, add a ; before adding the new value eval ${option_var}+="\;" fi @@ -177,7 +163,7 @@ ynh_handle_getopts_args () { eval ${option_var}+='"${all_args[$i]}"' fi - shift_value=$(( shift_value + 1 )) + shift_value=$((shift_value + 1)) fi done fi @@ -190,24 +176,23 @@ ynh_handle_getopts_args () { # LEGACY MODE # Check if there's getopts arguments - if [ "${arguments[0]:0:1}" != "-" ] - then + if [ "${arguments[0]:0:1}" != "-" ]; then # If not, enter in legacy mode and manage the arguments as positionnal ones.. # Dot not echo, to prevent to go through a helper output. But print only in the log. - set -x; echo "! Helper used in legacy mode !" > /dev/null; set +x + set -x + echo "! Helper used in legacy mode !" >/dev/null + set +x local i - for i in `seq 0 $(( ${#arguments[@]} -1 ))` - do + for i in $(seq 0 $((${#arguments[@]} - 1))); do # Try to use legacy_args as a list of option_flag of the array args_array # Otherwise, fallback to getopts_parameters to get the option_flag. But an associative arrays isn't always sorted in the correct order... # Remove all ':' in getopts_parameters - getopts_parameters=${legacy_args:-${getopts_parameters//:}} + getopts_parameters=${legacy_args:-${getopts_parameters//:/}} # Get the option_flag from getopts_parameters, by using the option_flag according to the position of the argument. option_flag=${getopts_parameters:$i:1} - if [ -z "$option_flag" ] - then - ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored." - continue + if [ -z "$option_flag" ]; then + ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored." + continue fi # Use the long option, corresponding to the option_flag, as a variable # (e.g. for [u]=user, 'user' will be used as a variable) diff --git a/data/helpers.d/hardware b/data/helpers.d/hardware index 6d1c314fa..9f276b806 100644 --- a/data/helpers.d/hardware +++ b/data/helpers.d/hardware @@ -10,10 +10,10 @@ # | ret: the amount of free ram, in MB (MegaBytes) # # Requires YunoHost version 3.8.1 or higher. -ynh_get_ram () { +ynh_get_ram() { # Declare an array to define the options of this helper. local legacy_args=ftso - local -A args_array=( [f]=free [t]=total [s]=ignore_swap [o]=only_swap ) + local -A args_array=([f]=free [t]=total [s]=ignore_swap [o]=only_swap) local free local total local ignore_swap @@ -25,41 +25,34 @@ ynh_get_ram () { free=${free:-0} total=${total:-0} - if [ $free -eq $total ] - then + if [ $free -eq $total ]; then ynh_print_warn --message="You have to choose --free or --total when using ynh_get_ram" ram=0 # Use the total amount of ram - elif [ $free -eq 1 ] - then + elif [ $free -eq 1 ]; then local free_ram=$(vmstat --stats --unit M | grep "free memory" | awk '{print $1}') local free_swap=$(vmstat --stats --unit M | grep "free swap" | awk '{print $1}') - local free_ram_swap=$(( free_ram + free_swap )) + local free_ram_swap=$((free_ram + free_swap)) # Use the total amount of free ram local ram=$free_ram_swap - if [ $ignore_swap -eq 1 ] - then + if [ $ignore_swap -eq 1 ]; then # Use only the amount of free ram ram=$free_ram - elif [ $only_swap -eq 1 ] - then + elif [ $only_swap -eq 1 ]; then # Use only the amount of free swap ram=$free_swap fi - elif [ $total -eq 1 ] - then + elif [ $total -eq 1 ]; then local total_ram=$(vmstat --stats --unit M | grep "total memory" | awk '{print $1}') local total_swap=$(vmstat --stats --unit M | grep "total swap" | awk '{print $1}') - local total_ram_swap=$(( total_ram + total_swap )) + local total_ram_swap=$((total_ram + total_swap)) local ram=$total_ram_swap - if [ $ignore_swap -eq 1 ] - then + if [ $ignore_swap -eq 1 ]; then # Use only the amount of free ram ram=$total_ram - elif [ $only_swap -eq 1 ] - then + elif [ $only_swap -eq 1 ]; then # Use only the amount of free swap ram=$total_swap fi @@ -79,10 +72,10 @@ ynh_get_ram () { # | ret: 1 if the ram is under the requirement, 0 otherwise. # # Requires YunoHost version 3.8.1 or higher. -ynh_require_ram () { +ynh_require_ram() { # Declare an array to define the options of this helper. local legacy_args=rftso - local -A args_array=( [r]=required= [f]=free [t]=total [s]=ignore_swap [o]=only_swap ) + local -A args_array=([r]=required= [f]=free [t]=total [s]=ignore_swap [o]=only_swap) local required local free local total @@ -100,8 +93,7 @@ ynh_require_ram () { local ram=$(ynh_get_ram $free $total $ignore_swap $only_swap) - if [ $ram -lt $required ] - then + if [ $ram -lt $required ]; then return 1 else return 0 diff --git a/data/helpers.d/logging b/data/helpers.d/logging index d11fc578f..7a8be30e9 100644 --- a/data/helpers.d/logging +++ b/data/helpers.d/logging @@ -10,7 +10,7 @@ ynh_die() { # Declare an array to define the options of this helper. local legacy_args=mc - local -A args_array=( [m]=message= [c]=ret_code= ) + local -A args_array=([m]=message= [c]=ret_code=) local message local ret_code # Manage arguments with getopts @@ -30,7 +30,7 @@ ynh_die() { ynh_print_info() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=message= ) + local -A args_array=([m]=message=) local message # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -62,7 +62,7 @@ ynh_no_log() { # [internal] # # Requires YunoHost version 3.2.0 or higher. -ynh_print_log () { +ynh_print_log() { echo -e "${1}" } @@ -72,10 +72,10 @@ ynh_print_log () { # | arg: -m, --message= - The text to print # # Requires YunoHost version 3.2.0 or higher. -ynh_print_warn () { +ynh_print_warn() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=message= ) + local -A args_array=([m]=message=) local message # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -89,10 +89,10 @@ ynh_print_warn () { # | arg: -m, --message= - The text to print # # Requires YunoHost version 3.2.0 or higher. -ynh_print_err () { +ynh_print_err() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=message= ) + local -A args_array=([m]=message=) local message # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -110,7 +110,7 @@ ynh_print_err () { # If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_err () { +ynh_exec_err() { ynh_print_err "$(eval $@)" } @@ -124,7 +124,7 @@ ynh_exec_err () { # If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_warn () { +ynh_exec_warn() { ynh_print_warn "$(eval $@)" } @@ -138,7 +138,7 @@ ynh_exec_warn () { # If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_warn_less () { +ynh_exec_warn_less() { eval $@ 2>&1 } @@ -152,8 +152,8 @@ ynh_exec_warn_less () { # If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_quiet () { - eval $@ > /dev/null +ynh_exec_quiet() { + eval $@ >/dev/null } # Execute a command and redirect stdout and stderr in /dev/null @@ -166,8 +166,8 @@ ynh_exec_quiet () { # If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_fully_quiet () { - eval $@ > /dev/null 2>&1 +ynh_exec_fully_quiet() { + eval $@ >/dev/null 2>&1 } # Remove any logs for all the following commands. @@ -177,7 +177,7 @@ ynh_exec_fully_quiet () { # WARNING: You should be careful with this helper, and never forget to use ynh_print_ON as soon as possible to restore the logging. # # Requires YunoHost version 3.2.0 or higher. -ynh_print_OFF () { +ynh_print_OFF() { exec {BASH_XTRACEFD}>/dev/null } @@ -186,10 +186,10 @@ ynh_print_OFF () { # usage: ynh_print_ON # # Requires YunoHost version 3.2.0 or higher. -ynh_print_ON () { +ynh_print_ON() { exec {BASH_XTRACEFD}>&1 # Print an echo only for the log, to be able to know that ynh_print_ON has been called. - echo ynh_print_ON > /dev/null + echo ynh_print_ON >/dev/null } # Initial definitions for ynh_script_progression @@ -214,11 +214,11 @@ base_time=$(date +%s) # | arg: -l, --last - Use for the last call of the helper, to fill the progression bar. # # Requires YunoHost version 3.5.0 or higher. -ynh_script_progression () { +ynh_script_progression() { set +o xtrace # set +x # Declare an array to define the options of this helper. local legacy_args=mwtl - local -A args_array=( [m]=message= [w]=weight= [t]=time [l]=last ) + local -A args_array=([m]=message= [w]=weight= [t]=time [l]=last) local message local weight local time @@ -232,12 +232,11 @@ ynh_script_progression () { last=${last:-0} # Get execution time since the last $base_time - local exec_time=$(( $(date +%s) - $base_time )) + local exec_time=$(($(date +%s) - $base_time)) base_time=$(date +%s) # Compute $max_progression (if we didn't already) - if [ "$max_progression" = -1 ] - then + if [ "$max_progression" = -1 ]; then # Get the number of occurrences of 'ynh_script_progression' in the script. Except those are commented. local helper_calls="$(grep --count "^[^#]*ynh_script_progression" $0)" # Get the number of call with a weight value @@ -249,23 +248,22 @@ ynh_script_progression () { local weight_valuesB="$(grep --perl-regexp "^[^#]*ynh_script_progression.*-w " $0 | sed 's/.*-w[= ]\([[:digit:]]*\).*/\1/g')" # Each value will be on a different line. # Remove each 'end of line' and replace it by a '+' to sum the values. - local weight_values=$(( $(echo "$weight_valuesA" "$weight_valuesB" | grep -v -E '^\s*$' | tr '\n' '+' | sed 's/+$/+0/g') )) + local weight_values=$(($(echo "$weight_valuesA" "$weight_valuesB" | grep -v -E '^\s*$' | tr '\n' '+' | sed 's/+$/+0/g'))) # max_progression is a total number of calls to this helper. # Less the number of calls with a weight value. # Plus the total of weight values - max_progression=$(( $helper_calls - $weight_calls + $weight_values )) + max_progression=$(($helper_calls - $weight_calls + $weight_values)) fi # Increment each execution of ynh_script_progression in this script by the weight of the previous call. - increment_progression=$(( $increment_progression + $previous_weight )) + increment_progression=$(($increment_progression + $previous_weight)) # Store the weight of the current call in $previous_weight for next call previous_weight=$weight # Reduce $increment_progression to the size of the scale - if [ $last -eq 0 ] - then - local effective_progression=$(( $increment_progression * $progress_scale / $max_progression )) + if [ $last -eq 0 ]; then + local effective_progression=$(($increment_progression * $progress_scale / $max_progression)) # If last is specified, fill immediately the progression_bar else local effective_progression=$progress_scale @@ -273,19 +271,17 @@ ynh_script_progression () { # Build $progression_bar from progress_string(0,1,2) according to $effective_progression and the weight of the current task # expected_progression is the progression expected after the current task - local expected_progression="$(( ( $increment_progression + $weight ) * $progress_scale / $max_progression - $effective_progression ))" - if [ $last -eq 1 ] - then + local expected_progression="$((($increment_progression + $weight) * $progress_scale / $max_progression - $effective_progression))" + if [ $last -eq 1 ]; then expected_progression=0 fi # left_progression is the progression not yet done - local left_progression="$(( $progress_scale - $effective_progression - $expected_progression ))" + local left_progression="$(($progress_scale - $effective_progression - $expected_progression))" # Build the progression bar with $effective_progression, work done, $expected_progression, current work and $left_progression, work to be done. local progression_bar="${progress_string2:0:$effective_progression}${progress_string1:0:$expected_progression}${progress_string0:0:$left_progression}" local print_exec_time="" - if [ $time -eq 1 ] - then + if [ $time -eq 1 ]; then print_exec_time=" [$(date +%Hh%Mm,%Ss --date="0 + $exec_time sec")]" fi @@ -299,8 +295,8 @@ ynh_script_progression () { # usage: ynh_return somedata # # Requires YunoHost version 3.6.0 or higher. -ynh_return () { - echo "$1" >> "$YNH_STDRETURN" +ynh_return() { + echo "$1" >>"$YNH_STDRETURN" } # Debugger for app packagers @@ -310,12 +306,12 @@ ynh_return () { # | arg: -t, --trace= - Turn on or off the trace of the script. Usefull to trace nonly a small part of a script. # # Requires YunoHost version 3.5.0 or higher. -ynh_debug () { +ynh_debug() { # Disable set xtrace for the helper itself, to not pollute the debug log set +o xtrace # set +x # Declare an array to define the options of this helper. local legacy_args=mt - local -A args_array=( [m]=message= [t]=trace= ) + local -A args_array=([m]=message= [t]=trace=) local message local trace # Manage arguments with getopts @@ -325,13 +321,11 @@ ynh_debug () { message=${message:-} trace=${trace:-} - if [ -n "$message" ] - then + if [ -n "$message" ]; then ynh_print_log "[Debug] ${message}" >&2 fi - if [ "$trace" == "1" ] - then + if [ "$trace" == "1" ]; then ynh_debug --message="Enable debugging" set +o xtrace # set +x # Get the current file descriptor of xtrace @@ -343,8 +337,7 @@ ynh_debug () { # Force stdout to stderr exec 1>&2 fi - if [ "$trace" == "0" ] - then + if [ "$trace" == "0" ]; then ynh_debug --message="Disable debugging" set +o xtrace # set +x # Put xtrace back to its original fild descriptor @@ -366,6 +359,6 @@ ynh_debug () { # If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. # # Requires YunoHost version 3.5.0 or higher. -ynh_debug_exec () { +ynh_debug_exec() { ynh_debug --message="$(eval $@)" } diff --git a/data/helpers.d/logrotate b/data/helpers.d/logrotate index 2d9ab6b72..6f9726beb 100644 --- a/data/helpers.d/logrotate +++ b/data/helpers.d/logrotate @@ -15,10 +15,10 @@ # # Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 3.2.0 or higher for the argument `--specific_user` -ynh_use_logrotate () { +ynh_use_logrotate() { # Declare an array to define the options of this helper. local legacy_args=lnuya - local -A args_array=( [l]=logfile= [n]=nonappend [u]=specific_user= [y]=non [a]=append ) + local -A args_array=([l]=logfile= [n]=nonappend [u]=specific_user= [y]=non [a]=append) # [y]=non [a]=append are only for legacy purpose, to not fail on the old option '--non-append' local logfile local nonappend @@ -30,22 +30,18 @@ ynh_use_logrotate () { specific_user="${specific_user:-}" # LEGACY CODE - PRE GETOPTS - if [ $# -gt 0 ] && [ "$1" == "--non-append" ] - then + if [ $# -gt 0 ] && [ "$1" == "--non-append" ]; then nonappend=1 # Destroy this argument for the next command. shift - elif [ $# -gt 1 ] && [ "$2" == "--non-append" ] - then + elif [ $# -gt 1 ] && [ "$2" == "--non-append" ]; then nonappend=1 fi - if [ $# -gt 0 ] && [ "$(echo ${1:0:1})" != "-" ] - then + if [ $# -gt 0 ] && [ "$(echo ${1:0:1})" != "-" ]; then # If the given logfile parameter already exists as a file, or if it ends up with ".log", # we just want to manage a single file - if [ -f "$1" ] || [ "$(echo ${1##*.})" == "log" ] - then + if [ -f "$1" ] || [ "$(echo ${1##*.})" == "log" ]; then local logfile=$1 # Otherwise we assume we want to manage a directory and all its .log file inside else @@ -58,22 +54,20 @@ ynh_use_logrotate () { if [ "$nonappend" -eq 1 ]; then customtee="tee" fi - if [ -n "$logfile" ] - then - if [ ! -f "$1" ] && [ "$(echo ${logfile##*.})" != "log" ]; then # Keep only the extension to check if it's a logfile - local logfile="$logfile/*.log" # Else, uses the directory and all logfile into it. + if [ -n "$logfile" ]; then + if [ ! -f "$1" ] && [ "$(echo ${logfile##*.})" != "log" ]; then # Keep only the extension to check if it's a logfile + local logfile="$logfile/*.log" # Else, uses the directory and all logfile into it. fi else logfile="/var/log/${app}/*.log" # Without argument, use a defaut directory in /var/log fi local su_directive="" - if [[ -n $specific_user ]] - then + if [[ -n $specific_user ]]; then su_directive=" # Run logorotate as specific user - group su ${specific_user%/*} ${specific_user#*/}" fi - cat > ./${app}-logrotate << EOF # Build a config file for logrotate + cat >./${app}-logrotate < /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee) + mkdir --parents $(dirname "$logfile") # Create the log directory, if not exist + cat ${app}-logrotate | $customtee /etc/logrotate.d/$app >/dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee) } # Remove the app's logrotate config. @@ -103,7 +97,7 @@ EOF # usage: ynh_remove_logrotate # # Requires YunoHost version 2.6.4 or higher. -ynh_remove_logrotate () { +ynh_remove_logrotate() { if [ -e "/etc/logrotate.d/$app" ]; then rm "/etc/logrotate.d/$app" fi diff --git a/data/helpers.d/multimedia b/data/helpers.d/multimedia index 552b8c984..abeb9ed2c 100644 --- a/data/helpers.d/multimedia +++ b/data/helpers.d/multimedia @@ -22,8 +22,7 @@ ynh_multimedia_build_main_dir() { mkdir -p "$MEDIA_DIRECTORY/share/eBook" ## Création des dossiers utilisateurs - for user in $(yunohost user list --output-as json | jq -r '.users | keys[]') - do + for user in $(yunohost user list --output-as json | jq -r '.users | keys[]'); do mkdir -p "$MEDIA_DIRECTORY/$user" mkdir -p "$MEDIA_DIRECTORY/$user/Music" mkdir -p "$MEDIA_DIRECTORY/$user/Picture" @@ -66,22 +65,22 @@ ynh_multimedia_addfolder() { # Declare an array to define the options of this helper. local legacy_args=sd - local -A args_array=( [s]=source_dir= [d]=dest_dir= ) - local source_dir - local dest_dir + local -A args_array=([s]=source_dir= [d]=dest_dir=) + local source_dir + local dest_dir # Manage arguments with getopts ynh_handle_getopts_args "$@" # Ajout d'un lien symbolique vers le dossier à partager - ln -sfn "$source_dir" "$MEDIA_DIRECTORY/$dest_dir" + ln -sfn "$source_dir" "$MEDIA_DIRECTORY/$dest_dir" - ## Application des droits étendus sur le dossier ajouté - # Droit d'écriture pour le groupe et le groupe multimedia en acl et droit de lecture pour other: - setfacl -RnL -m g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" - # Application de la même règle que précédemment, mais par défaut pour les nouveaux fichiers. - setfacl -RnL -m d:g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" - # Réglage du masque par défaut. Qui garantie (en principe...) un droit maximal à rwx. Donc pas de restriction de droits par l'acl. - setfacl -RL -m m::rwx "$source_dir" + ## Application des droits étendus sur le dossier ajouté + # Droit d'écriture pour le groupe et le groupe multimedia en acl et droit de lecture pour other: + setfacl -RnL -m g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" + # Application de la même règle que précédemment, mais par défaut pour les nouveaux fichiers. + setfacl -RnL -m d:g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" + # Réglage du masque par défaut. Qui garantie (en principe...) un droit maximal à rwx. Donc pas de restriction de droits par l'acl. + setfacl -RL -m m::rwx "$source_dir" } # Allow an user to have an write authorisation in multimedia directories @@ -91,14 +90,14 @@ ynh_multimedia_addfolder() { # | arg: -u, --user_name= - The name of the user which gain this access. # # Requires YunoHost version 4.2 or higher. -ynh_multimedia_addaccess () { - # Declare an array to define the options of this helper. +ynh_multimedia_addaccess() { + # Declare an array to define the options of this helper. local legacy_args=u - declare -Ar args_array=( [u]=user_name=) - local user_name - # Manage arguments with getopts - ynh_handle_getopts_args "$@" + declare -Ar args_array=([u]=user_name=) + local user_name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" - groupadd -f multimedia - usermod -a -G multimedia $user_name + groupadd -f multimedia + usermod -a -G multimedia $user_name } diff --git a/data/helpers.d/mysql b/data/helpers.d/mysql index 091dfaf40..822159f27 100644 --- a/data/helpers.d/mysql +++ b/data/helpers.d/mysql @@ -15,7 +15,7 @@ ynh_mysql_connect_as() { # Declare an array to define the options of this helper. local legacy_args=upd - local -A args_array=( [u]=user= [p]=password= [d]=database= ) + local -A args_array=([u]=user= [p]=password= [d]=database=) local user local password local database @@ -36,19 +36,18 @@ ynh_mysql_connect_as() { ynh_mysql_execute_as_root() { # Declare an array to define the options of this helper. local legacy_args=sd - local -A args_array=( [s]=sql= [d]=database= ) + local -A args_array=([s]=sql= [d]=database=) local sql local database # Manage arguments with getopts ynh_handle_getopts_args "$@" database="${database:-}" - if [ -n "$database" ] - then + if [ -n "$database" ]; then database="--database=$database" fi - mysql -B "$database" <<< "$sql" + mysql -B "$database" <<<"$sql" } # Execute a command from a file as root user @@ -61,19 +60,18 @@ ynh_mysql_execute_as_root() { ynh_mysql_execute_file_as_root() { # Declare an array to define the options of this helper. local legacy_args=fd - local -A args_array=( [f]=file= [d]=database= ) + local -A args_array=([f]=file= [d]=database=) local file local database # Manage arguments with getopts ynh_handle_getopts_args "$@" database="${database:-}" - if [ -n "$database" ] - then + if [ -n "$database" ]; then database="--database=$database" fi - mysql -B "$database" < "$file" + mysql -B "$database" <"$file" } # Create a database and grant optionnaly privilegies to a user @@ -92,8 +90,7 @@ ynh_mysql_create_db() { local sql="CREATE DATABASE ${db};" # grant all privilegies to user - if [[ $# -gt 1 ]] - then + if [[ $# -gt 1 ]]; then sql+=" GRANT ALL PRIVILEGES ON ${db}.* TO '${2}'@'localhost'" if [[ -n ${3:-} ]]; then sql+=" IDENTIFIED BY '${3}'" @@ -131,7 +128,7 @@ ynh_mysql_drop_db() { ynh_mysql_dump_db() { # Declare an array to define the options of this helper. local legacy_args=d - local -A args_array=( [d]=database= ) + local -A args_array=([d]=database=) local database # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -160,17 +157,15 @@ ynh_mysql_create_user() { # | ret: 0 if the user exists, 1 otherwise. # # Requires YunoHost version 2.2.4 or higher. -ynh_mysql_user_exists() -{ +ynh_mysql_user_exists() { # Declare an array to define the options of this helper. local legacy_args=u - local -A args_array=( [u]=user= ) + local -A args_array=([u]=user=) local user # Manage arguments with getopts ynh_handle_getopts_args "$@" - if [[ -z $(ynh_mysql_execute_as_root --sql="SELECT User from mysql.user WHERE User = '$user';") ]] - then + if [[ -z $(ynh_mysql_execute_as_root --sql="SELECT User from mysql.user WHERE User = '$user';") ]]; then return 1 else return 0 @@ -200,10 +195,10 @@ ynh_mysql_drop_user() { # It will also be stored as "`mysqlpwd`" into the app settings. # # Requires YunoHost version 2.6.4 or higher. -ynh_mysql_setup_db () { +ynh_mysql_setup_db() { # Declare an array to define the options of this helper. local legacy_args=unp - local -A args_array=( [u]=db_user= [n]=db_name= [p]=db_pwd= ) + local -A args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=) local db_user local db_name db_pwd="" @@ -226,10 +221,10 @@ ynh_mysql_setup_db () { # | arg: -n, --db_name= - Name of the database # # Requires YunoHost version 2.6.4 or higher. -ynh_mysql_remove_db () { +ynh_mysql_remove_db() { # Declare an array to define the options of this helper. local legacy_args=un - local -Ar args_array=( [u]=db_user= [n]=db_name= ) + local -Ar args_array=([u]=db_user= [n]=db_name=) local db_user local db_name # Manage arguments with getopts diff --git a/data/helpers.d/network b/data/helpers.d/network index 4e536a8db..d6c15060a 100644 --- a/data/helpers.d/network +++ b/data/helpers.d/network @@ -9,18 +9,17 @@ # example: port=$(ynh_find_port --port=8080) # # Requires YunoHost version 2.6.4 or higher. -ynh_find_port () { +ynh_find_port() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=port= ) + local -A args_array=([p]=port=) local port # Manage arguments with getopts ynh_handle_getopts_args "$@" test -n "$port" || ynh_die --message="The argument of ynh_find_port must be a valid port." - while ! ynh_port_available --port=$port - do - port=$((port+1)) + while ! ynh_port_available --port=$port; do + port=$((port + 1)) done echo $port } @@ -34,28 +33,25 @@ ynh_find_port () { # example: ynh_port_available --port=1234 || ynh_die --message="Port 1234 is needs to be available for this app" # # Requires YunoHost version 3.8.0 or higher. -ynh_port_available () { +ynh_port_available() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=port= ) + local -A args_array=([p]=port=) local port # Manage arguments with getopts ynh_handle_getopts_args "$@" # Check if the port is free - if ss --numeric --listening --tcp --udp | awk '{print$5}' | grep --quiet --extended-regexp ":$port$" - then + if ss --numeric --listening --tcp --udp | awk '{print$5}' | grep --quiet --extended-regexp ":$port$"; then return 1 # This is to cover (most) case where an app is using a port yet ain't currently using it for some reason (typically service ain't up) - elif grep -q "port: '$port'" /etc/yunohost/apps/*/settings.yml - then + elif grep -q "port: '$port'" /etc/yunohost/apps/*/settings.yml; then return 1 else return 0 fi } - # Validate an IP address # # [internal] @@ -66,13 +62,12 @@ ynh_port_available () { # example: ynh_validate_ip 4 111.222.333.444 # # Requires YunoHost version 2.2.4 or higher. -ynh_validate_ip() -{ +ynh_validate_ip() { # http://stackoverflow.com/questions/319279/how-to-validate-ip-address-in-python#319298 # Declare an array to define the options of this helper. local legacy_args=fi - local -A args_array=( [f]=family= [i]=ip_address= ) + local -A args_array=([f]=family= [i]=ip_address=) local family local ip_address # Manage arguments with getopts @@ -80,7 +75,7 @@ ynh_validate_ip() [ "$family" == "4" ] || [ "$family" == "6" ] || return 1 - python3 /dev/stdin << EOF + python3 /dev/stdin < "$YNH_APP_BASEDIR/conf/n.src" +SOURCE_SUM=d4da7ea91f680de0c9b5876e097e2a793e8234fcd0f7ca87a0599b925be087a3" >"$YNH_APP_BASEDIR/conf/n.src" # Download and extract n ynh_setup_source --dest_dir="$n_install_dir/git" --source_id=n # Install n - (cd "$n_install_dir/git" - PREFIX=$N_PREFIX make install 2>&1) + ( + cd "$n_install_dir/git" + PREFIX=$N_PREFIX make install 2>&1 + ) } # Load the version of node for an app, and set variables. @@ -69,7 +71,7 @@ SOURCE_SUM=d4da7ea91f680de0c9b5876e097e2a793e8234fcd0f7ca87a0599b925be087a3" > " # - $nodejs_version: Just the version number of node for this app. Stored as 'nodejs_version' in settings.yml. # # Requires YunoHost version 2.7.12 or higher. -ynh_use_nodejs () { +ynh_use_nodejs() { nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version) # Get the absolute path of this version of node @@ -109,12 +111,12 @@ ynh_use_nodejs () { # Refer to `ynh_use_nodejs` for more information about available commands and variables # # Requires YunoHost version 2.7.12 or higher. -ynh_install_nodejs () { +ynh_install_nodejs() { # Use n, https://github.com/tj/n to manage the nodejs versions # Declare an array to define the options of this helper. local legacy_args=n - local -A args_array=( [n]=nodejs_version= ) + local -A args_array=([n]=nodejs_version=) local nodejs_version # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -132,11 +134,9 @@ ynh_install_nodejs () { test -x /usr/bin/npm && mv /usr/bin/npm /usr/bin/npm_n # If n is not previously setup, install it - if ! $n_install_dir/bin/n --version > /dev/null 2>&1 - then + if ! $n_install_dir/bin/n --version >/dev/null 2>&1; then ynh_install_n - elif dpkg --compare-versions "$($n_install_dir/bin/n --version)" lt $n_version - then + elif dpkg --compare-versions "$($n_install_dir/bin/n --version)" lt $n_version; then ynh_install_n fi @@ -152,8 +152,7 @@ ynh_install_nodejs () { # Install the requested version of nodejs uname=$(uname --machine) - if [[ $uname =~ aarch64 || $uname =~ arm64 ]] - then + if [[ $uname =~ aarch64 || $uname =~ arm64 ]]; then n $nodejs_version --arch=arm64 else n $nodejs_version @@ -164,8 +163,7 @@ ynh_install_nodejs () { real_nodejs_version=$(basename $real_nodejs_version) # Create a symbolic link for this major version if the file doesn't already exist - if [ ! -e "$node_version_path/$nodejs_version" ] - then + if [ ! -e "$node_version_path/$nodejs_version" ]; then ln --symbolic --force --no-target-directory $node_version_path/$real_nodejs_version $node_version_path/$nodejs_version fi @@ -190,21 +188,19 @@ ynh_install_nodejs () { # - If no other app uses node, n will be also removed. # # Requires YunoHost version 2.7.12 or higher. -ynh_remove_nodejs () { +ynh_remove_nodejs() { nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version) # Remove the line for this app sed --in-place "/$YNH_APP_INSTANCE_NAME:$nodejs_version/d" "$n_install_dir/ynh_app_version" # If no other app uses this version of nodejs, remove it. - if ! grep --quiet "$nodejs_version" "$n_install_dir/ynh_app_version" - then + if ! grep --quiet "$nodejs_version" "$n_install_dir/ynh_app_version"; then $n_install_dir/bin/n rm $nodejs_version fi # If no other app uses n, remove n - if [ ! -s "$n_install_dir/ynh_app_version" ] - then + if [ ! -s "$n_install_dir/ynh_app_version" ]; then ynh_secure_remove --file="$n_install_dir" ynh_secure_remove --file="/usr/local/n" sed --in-place "/N_PREFIX/d" /root/.bashrc @@ -221,9 +217,9 @@ ynh_remove_nodejs () { # usage: ynh_cron_upgrade_node # # Requires YunoHost version 2.7.12 or higher. -ynh_cron_upgrade_node () { +ynh_cron_upgrade_node() { # Build the update script - cat > "$n_install_dir/node_update.sh" << EOF + cat >"$n_install_dir/node_update.sh" < "/etc/cron.daily/node_update" << EOF + cat >"/etc/cron.daily/node_update" <> $n_install_dir/node_update.log diff --git a/data/helpers.d/permission b/data/helpers.d/permission index c04b4145b..6c2fa7ef8 100644 --- a/data/helpers.d/permission +++ b/data/helpers.d/permission @@ -66,7 +66,7 @@ ynh_permission_create() { # Declare an array to define the options of this helper. local legacy_args=puAhaltP - local -A args_array=( [p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected= ) + local -A args_array=([p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected=) local permission local url local additional_urls @@ -84,13 +84,11 @@ ynh_permission_create() { show_tile=${show_tile:-} protected=${protected:-} - if [[ -n $url ]] - then + if [[ -n $url ]]; then url=",url='$url'" fi - if [[ -n $additional_urls ]] - then + if [[ -n $additional_urls ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # By example: @@ -100,18 +98,15 @@ ynh_permission_create() { additional_urls=",additional_urls=['${additional_urls//;/\',\'}']" fi - if [[ -n $auth_header ]] - then - if [ $auth_header == "true" ] - then + if [[ -n $auth_header ]]; then + if [ $auth_header == "true" ]; then auth_header=",auth_header=True" else auth_header=",auth_header=False" fi fi - if [[ -n $allowed ]] - then + if [[ -n $allowed ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # By example: @@ -127,20 +122,16 @@ ynh_permission_create() { label=",label='$permission'" fi - if [[ -n ${show_tile:-} ]] - then - if [ $show_tile == "true" ] - then + if [[ -n ${show_tile:-} ]]; then + if [ $show_tile == "true" ]; then show_tile=",show_tile=True" else show_tile=",show_tile=False" fi fi - if [[ -n ${protected:-} ]] - then - if [ $protected == "true" ] - then + if [[ -n ${protected:-} ]]; then + if [ $protected == "true" ]; then protected=",protected=True" else protected=",protected=False" @@ -161,7 +152,7 @@ ynh_permission_create() { ynh_permission_delete() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=permission= ) + local -A args_array=([p]=permission=) local permission ynh_handle_getopts_args "$@" @@ -178,7 +169,7 @@ ynh_permission_delete() { ynh_permission_exists() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=permission= ) + local -A args_array=([p]=permission=) local permission ynh_handle_getopts_args "$@" @@ -201,7 +192,7 @@ ynh_permission_exists() { ynh_permission_url() { # Declare an array to define the options of this helper. local legacy_args=puarhc - local -A args_array=( [p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls ) + local -A args_array=([p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls) local permission local url local add_url @@ -215,13 +206,11 @@ ynh_permission_url() { auth_header=${auth_header:-} clear_urls=${clear_urls:-} - if [[ -n $url ]] - then + if [[ -n $url ]]; then url=",url='$url'" fi - if [[ -n $add_url ]] - then + if [[ -n $add_url ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # For example: @@ -231,8 +220,7 @@ ynh_permission_url() { add_url=",add_url=['${add_url//;/\',\'}']" fi - if [[ -n $remove_url ]] - then + if [[ -n $remove_url ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # For example: @@ -242,25 +230,21 @@ ynh_permission_url() { remove_url=",remove_url=['${remove_url//;/\',\'}']" fi - if [[ -n $auth_header ]] - then - if [ $auth_header == "true" ] - then + if [[ -n $auth_header ]]; then + if [ $auth_header == "true" ]; then auth_header=",auth_header=True" else auth_header=",auth_header=False" fi fi - if [[ -n $clear_urls ]] && [ $clear_urls -eq 1 ] - then + if [[ -n $clear_urls ]] && [ $clear_urls -eq 1 ]; then clear_urls=",clear_urls=True" fi yunohost tools shell -c "from yunohost.permission import permission_url; permission_url('$app.$permission' $url $add_url $remove_url $auth_header $clear_urls)" } - # Update a permission for the app # # usage: ynh_permission_update --permission "permission" [--add="group" ["group" ...]] [--remove="group" ["group" ...]] @@ -276,7 +260,7 @@ ynh_permission_url() { ynh_permission_update() { # Declare an array to define the options of this helper. local legacy_args=parltP - local -A args_array=( [p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected= ) + local -A args_array=([p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected=) local permission local add local remove @@ -290,8 +274,7 @@ ynh_permission_update() { show_tile=${show_tile:-} protected=${protected:-} - if [[ -n $add ]] - then + if [[ -n $add ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # For example: @@ -300,8 +283,7 @@ ynh_permission_update() { # add=['alice', 'bob'] add=",add=['${add//';'/"','"}']" fi - if [[ -n $remove ]] - then + if [[ -n $remove ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # For example: @@ -311,15 +293,12 @@ ynh_permission_update() { remove=",remove=['${remove//';'/"','"}']" fi - if [[ -n $label ]] - then + if [[ -n $label ]]; then label=",label='$label'" fi - if [[ -n $show_tile ]] - then - if [ $show_tile == "true" ] - then + if [[ -n $show_tile ]]; then + if [ $show_tile == "true" ]; then show_tile=",show_tile=True" else show_tile=",show_tile=False" @@ -327,8 +306,7 @@ ynh_permission_update() { fi if [[ -n $protected ]]; then - if [ $protected == "true" ] - then + if [ $protected == "true" ]; then protected=",protected=True" else protected=",protected=False" @@ -351,23 +329,20 @@ ynh_permission_update() { ynh_permission_has_user() { local legacy_args=pu # Declare an array to define the options of this helper. - local -A args_array=( [p]=permission= [u]=user= ) + local -A args_array=([p]=permission= [u]=user=) local permission local user # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ! ynh_permission_exists --permission=$permission - then + if ! ynh_permission_exists --permission=$permission; then return 1 fi # Check both allowed and corresponding_users sections in the json - for section in "allowed" "corresponding_users" - do + for section in "allowed" "corresponding_users"; do if yunohost user permission info "$app.$permission" --output-as json --quiet \ - | jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null - then + | jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null; then return 0 fi done @@ -381,9 +356,8 @@ ynh_permission_has_user() { # | exit: Return 1 if the permission doesn't exist, 0 otherwise # # Requires YunoHost version 4.1.2 or higher. -ynh_legacy_permissions_exists () { - for permission in "skipped" "unprotected" "protected" - do +ynh_legacy_permissions_exists() { + for permission in "skipped" "unprotected" "protected"; do if ynh_permission_exists --permission="legacy_${permission}_uris"; then return 0 fi @@ -402,9 +376,8 @@ ynh_legacy_permissions_exists () { # # You can recreate the required permissions here with ynh_permission_create # fi # Requires YunoHost version 4.1.2 or higher. -ynh_legacy_permissions_delete_all () { - for permission in "skipped" "unprotected" "protected" - do +ynh_legacy_permissions_delete_all() { + for permission in "skipped" "unprotected" "protected"; do if ynh_permission_exists --permission="legacy_${permission}_uris"; then ynh_permission_delete --permission="legacy_${permission}_uris" fi diff --git a/data/helpers.d/php b/data/helpers.d/php index 7c91d89d2..0aff50ee3 100644 --- a/data/helpers.d/php +++ b/data/helpers.d/php @@ -56,10 +56,10 @@ YNH_PHP_VERSION=${YNH_PHP_VERSION:-$YNH_DEFAULT_PHP_VERSION} # children ready to answer. # # Requires YunoHost version 4.1.0 or higher. -ynh_add_fpm_config () { +ynh_add_fpm_config() { # Declare an array to define the options of this helper. local legacy_args=vtufpd - local -A args_array=( [v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= [p]=package= [d]=dedicated_service ) + local -A args_array=([v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= [p]=package= [d]=dedicated_service) local phpversion local use_template local usage @@ -86,8 +86,7 @@ ynh_add_fpm_config () { local old_phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) # If the PHP version changed, remove the old fpm conf - if [ -n "$old_phpversion" ] && [ "$old_phpversion" != "$phpversion" ] - then + if [ -n "$old_phpversion" ] && [ "$old_phpversion" != "$phpversion" ]; then local old_php_fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) local old_php_finalphpconf="$old_php_fpm_config_dir/pool.d/$app.conf" @@ -97,25 +96,21 @@ ynh_add_fpm_config () { fi # If the requested PHP version is not the default version for YunoHost - if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ] - then + if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ]; then # If the argument --package is used, add the packages to ynh_install_php to install them from sury - if [ -n "$package" ] - then + if [ -n "$package" ]; then local additionnal_packages="--package=$package" else local additionnal_packages="" fi # Install this specific version of PHP. ynh_install_php --phpversion="$phpversion" "$additionnal_packages" - elif [ -n "$package" ] - then + elif [ -n "$package" ]; then # Install the additionnal packages from the default repository ynh_add_app_dependencies --package="$package" fi - if [ $dedicated_service -eq 1 ] - then + if [ $dedicated_service -eq 1 ]; then local fpm_service="${app}-phpfpm" local fpm_config_dir="/etc/php/$phpversion/dedicated-fpm" else @@ -132,12 +127,10 @@ ynh_add_fpm_config () { ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion # Migrate from mutual PHP service to dedicated one. - if [ $dedicated_service -eq 1 ] - then + if [ $dedicated_service -eq 1 ]; then local old_fpm_config_dir="/etc/php/$phpversion/fpm" # If a config file exist in the common pool, move it. - if [ -e "$old_fpm_config_dir/pool.d/$app.conf" ] - then + if [ -e "$old_fpm_config_dir/pool.d/$app.conf" ]; then ynh_print_info --message="Migrate to a dedicated php-fpm service for $app." # Create a backup of the old file before migration ynh_backup_if_checksum_is_different --file="$old_fpm_config_dir/pool.d/$app.conf" @@ -148,8 +141,7 @@ ynh_add_fpm_config () { fi fi - if [ $use_template -eq 1 ] - then + if [ $use_template -eq 1 ]; then # Usage 1, use the template in conf/php-fpm.conf local phpfpm_path="$YNH_APP_BASEDIR/conf/php-fpm.conf" # Make sure now that the template indeed exists @@ -181,49 +173,45 @@ pm = __PHP_PM__ pm.max_children = __PHP_MAX_CHILDREN__ pm.max_requests = 500 request_terminate_timeout = 1d -" > $phpfpm_path +" >$phpfpm_path - if [ "$php_pm" = "dynamic" ] - then + if [ "$php_pm" = "dynamic" ]; then echo " pm.start_servers = __PHP_START_SERVERS__ pm.min_spare_servers = __PHP_MIN_SPARE_SERVERS__ pm.max_spare_servers = __PHP_MAX_SPARE_SERVERS__ -" >> $phpfpm_path +" >>$phpfpm_path - elif [ "$php_pm" = "ondemand" ] - then + elif [ "$php_pm" = "ondemand" ]; then echo " pm.process_idle_timeout = 10s -" >> $phpfpm_path +" >>$phpfpm_path fi # Concatene the extra config. if [ -e $YNH_APP_BASEDIR/conf/extra_php-fpm.conf ]; then - cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >> "$phpfpm_path" + cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >>"$phpfpm_path" fi fi local finalphpconf="$fpm_config_dir/pool.d/$app.conf" ynh_add_config --template="$phpfpm_path" --destination="$finalphpconf" - if [ -e "$YNH_APP_BASEDIR/conf/php-fpm.ini" ] - then + if [ -e "$YNH_APP_BASEDIR/conf/php-fpm.ini" ]; then ynh_print_warn --message="Packagers ! Please do not use a separate php ini file, merge your directives in the pool file instead." ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm.ini" --destination="$fpm_config_dir/conf.d/20-$app.ini" fi - if [ $dedicated_service -eq 1 ] - then + if [ $dedicated_service -eq 1 ]; then # Create a dedicated php-fpm.conf for the service local globalphpconf=$fpm_config_dir/php-fpm-$app.conf -echo "[global] + echo "[global] pid = /run/php/php__PHPVERSION__-fpm-__APP__.pid error_log = /var/log/php/fpm-php.__APP__.log syslog.ident = php-fpm-__APP__ include = __FINALPHPCONF__ -" > $YNH_APP_BASEDIR/conf/php-fpm-$app.conf +" >$YNH_APP_BASEDIR/conf/php-fpm-$app.conf ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm-$app.conf" --destination="$globalphpconf" @@ -240,7 +228,7 @@ ExecReload=/bin/kill -USR2 \$MAINPID [Install] WantedBy=multi-user.target -" > $YNH_APP_BASEDIR/conf/$fpm_service +" >$YNH_APP_BASEDIR/conf/$fpm_service # Create this dedicated PHP-FPM service ynh_add_systemd_config --service=$fpm_service --template=$fpm_service @@ -252,8 +240,7 @@ WantedBy=multi-user.target ynh_systemd_action --service_name=$fpm_service --action=restart else # Validate that the new php conf doesn't break php-fpm entirely - if ! php-fpm${phpversion} --test 2>/dev/null - then + if ! php-fpm${phpversion} --test 2>/dev/null; then php-fpm${phpversion} --test || true ynh_secure_remove --file="$finalphpconf" ynh_die --message="The new configuration broke php-fpm?" @@ -267,7 +254,7 @@ WantedBy=multi-user.target # usage: ynh_remove_fpm_config # # Requires YunoHost version 2.7.2 or higher. -ynh_remove_fpm_config () { +ynh_remove_fpm_config() { local fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) local fpm_service=$(ynh_app_setting_get --app=$app --key=fpm_service) local dedicated_service=$(ynh_app_setting_get --app=$app --key=fpm_dedicated_service) @@ -279,20 +266,17 @@ ynh_remove_fpm_config () { phpversion="${phpversion:-$YNH_DEFAULT_PHP_VERSION}" # Assume default PHP files if not set - if [ -z "$fpm_config_dir" ] - then + if [ -z "$fpm_config_dir" ]; then fpm_config_dir="/etc/php/$YNH_DEFAULT_PHP_VERSION/fpm" fpm_service="php$YNH_DEFAULT_PHP_VERSION-fpm" fi ynh_secure_remove --file="$fpm_config_dir/pool.d/$app.conf" - if [ -e $fpm_config_dir/conf.d/20-$app.ini ] - then + if [ -e $fpm_config_dir/conf.d/20-$app.ini ]; then ynh_secure_remove --file="$fpm_config_dir/conf.d/20-$app.ini" fi - if [ $dedicated_service -eq 1 ] - then + if [ $dedicated_service -eq 1 ]; then # Remove the dedicated service PHP-FPM service for the app ynh_remove_systemd_config --service=$fpm_service # Remove the global PHP-FPM conf @@ -304,8 +288,7 @@ ynh_remove_fpm_config () { fi # If the PHP version used is not the default version for YunoHost - if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ] - then + if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ]; then # Remove this specific version of PHP ynh_remove_php fi @@ -320,10 +303,10 @@ ynh_remove_fpm_config () { # | arg: -p, --package= - Additionnal PHP packages to install # # Requires YunoHost version 3.8.1 or higher. -ynh_install_php () { +ynh_install_php() { # Declare an array to define the options of this helper. local legacy_args=vp - local -A args_array=( [v]=phpversion= [p]=package= ) + local -A args_array=([v]=phpversion= [p]=package=) local phpversion local package # Manage arguments with getopts @@ -333,8 +316,7 @@ ynh_install_php () { # Store phpversion into the config of this app ynh_app_setting_set $app phpversion $phpversion - if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ] - then + if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ]; then ynh_die --message="Do not use ynh_install_php to install php$YNH_DEFAULT_PHP_VERSION" fi @@ -342,8 +324,7 @@ ynh_install_php () { touch /etc/php/ynh_app_version # Do not add twice the same line - if ! grep --quiet "$YNH_APP_INSTANCE_NAME:" "/etc/php/ynh_app_version" - then + if ! grep --quiet "$YNH_APP_INSTANCE_NAME:" "/etc/php/ynh_app_version"; then # Store the ID of this app and the version of PHP requested for it echo "$YNH_APP_INSTANCE_NAME:$phpversion" | tee --append "/etc/php/ynh_app_version" fi @@ -370,14 +351,12 @@ ynh_install_php () { # usage: ynh_install_php # # Requires YunoHost version 3.8.1 or higher. -ynh_remove_php () { +ynh_remove_php() { # Get the version of PHP used by this app local phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ] || [ -z "$phpversion" ] - then - if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ] - then + if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ] || [ -z "$phpversion" ]; then + if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ]; then ynh_print_err "Do not use ynh_remove_php to remove php$YNH_DEFAULT_PHP_VERSION !" fi return 0 @@ -390,8 +369,7 @@ ynh_remove_php () { sed --in-place "/$YNH_APP_INSTANCE_NAME:$phpversion/d" "/etc/php/ynh_app_version" # If no other app uses this version of PHP, remove it. - if ! grep --quiet "$phpversion" "/etc/php/ynh_app_version" - then + if ! grep --quiet "$phpversion" "/etc/php/ynh_app_version"; then # Remove the service from the admin panel if ynh_package_is_installed --package="php${phpversion}-fpm"; then yunohost service remove php${phpversion}-fpm @@ -421,10 +399,10 @@ ynh_remove_php () { # high - High usage, frequently visited website. # # | arg: -p, --print - Print the result (intended for debug purpose only when packaging the app) -ynh_get_scalable_phpfpm () { +ynh_get_scalable_phpfpm() { local legacy_args=ufp # Declare an array to define the options of this helper. - local -A args_array=( [u]=usage= [f]=footprint= [p]=print ) + local -A args_array=([u]=usage= [f]=footprint= [p]=print) local usage local footprint local print @@ -435,38 +413,30 @@ ynh_get_scalable_phpfpm () { usage=${usage,,} print=${print:-0} - if [ "$footprint" = "low" ] - then + if [ "$footprint" = "low" ]; then footprint=20 - elif [ "$footprint" = "medium" ] - then + elif [ "$footprint" = "medium" ]; then footprint=35 - elif [ "$footprint" = "high" ] - then + elif [ "$footprint" = "high" ]; then footprint=50 fi # Define the factor to determine min_spare_servers # to avoid having too few children ready to start for heavy apps - if [ $footprint -le 20 ] - then + if [ $footprint -le 20 ]; then min_spare_servers_factor=8 - elif [ $footprint -le 35 ] - then + elif [ $footprint -le 35 ]; then min_spare_servers_factor=5 else min_spare_servers_factor=3 fi # Define the way the process manager handle child processes. - if [ "$usage" = "low" ] - then + if [ "$usage" = "low" ]; then php_pm=ondemand - elif [ "$usage" = "medium" ] - then + elif [ "$usage" = "medium" ]; then php_pm=dynamic - elif [ "$usage" = "high" ] - then + elif [ "$usage" = "high" ]; then php_pm=static else ynh_die --message="Does not recognize '$usage' as an usage value." @@ -477,8 +447,7 @@ ynh_get_scalable_phpfpm () { at_least_one() { # Do not allow value below 1 - if [ $1 -le 0 ] - then + if [ $1 -le 0 ]; then echo 1 else echo $1 @@ -488,20 +457,18 @@ ynh_get_scalable_phpfpm () { # Define pm.max_children # The value of pm.max_children is the total amount of ram divide by 2 and divide again by the footprint of a pool for this app. # So if PHP-FPM start the maximum of children, it won't exceed half of the ram. - php_max_children=$(( $max_ram / 2 / $footprint )) + php_max_children=$(($max_ram / 2 / $footprint)) # If process manager is set as static, use half less children. # Used as static, there's always as many children as the value of pm.max_children - if [ "$php_pm" = "static" ] - then - php_max_children=$(( $php_max_children / 2 )) + if [ "$php_pm" = "static" ]; then + php_max_children=$(($php_max_children / 2)) fi php_max_children=$(at_least_one $php_max_children) # To not overload the proc, limit the number of children to 4 times the number of cores. local core_number=$(nproc) - local max_proc=$(( $core_number * 4 )) - if [ $php_max_children -gt $max_proc ] - then + local max_proc=$(($core_number * 4)) + if [ $php_max_children -gt $max_proc ]; then php_max_children=$max_proc fi @@ -511,16 +478,15 @@ ynh_get_scalable_phpfpm () { php_max_children=$php_forced_max_children fi - if [ "$php_pm" = "dynamic" ] - then + if [ "$php_pm" = "dynamic" ]; then # Define pm.start_servers, pm.min_spare_servers and pm.max_spare_servers for a dynamic process manager - php_min_spare_servers=$(( $php_max_children / $min_spare_servers_factor )) + php_min_spare_servers=$(($php_max_children / $min_spare_servers_factor)) php_min_spare_servers=$(at_least_one $php_min_spare_servers) - php_max_spare_servers=$(( $php_max_children / 2 )) + php_max_spare_servers=$(($php_max_children / 2)) php_max_spare_servers=$(at_least_one $php_max_spare_servers) - php_start_servers=$(( $php_min_spare_servers + ( $php_max_spare_servers - $php_min_spare_servers ) /2 )) + php_start_servers=$(($php_min_spare_servers + ($php_max_spare_servers - $php_min_spare_servers) / 2)) php_start_servers=$(at_least_one $php_start_servers) else php_min_spare_servers=0 @@ -528,27 +494,22 @@ ynh_get_scalable_phpfpm () { php_start_servers=0 fi - if [ $print -eq 1 ] - then + if [ $print -eq 1 ]; then ynh_debug --message="Footprint=${footprint}Mb by pool." ynh_debug --message="Process manager=$php_pm" ynh_debug --message="Max RAM=${max_ram}Mb" - if [ "$php_pm" != "static" ] - then - ynh_debug --message="\nMax estimated footprint=$(( $php_max_children * $footprint ))" - ynh_debug --message="Min estimated footprint=$(( $php_min_spare_servers * $footprint ))" + if [ "$php_pm" != "static" ]; then + ynh_debug --message="\nMax estimated footprint=$(($php_max_children * $footprint))" + ynh_debug --message="Min estimated footprint=$(($php_min_spare_servers * $footprint))" fi - if [ "$php_pm" = "dynamic" ] - then - ynh_debug --message="Estimated average footprint=$(( $php_max_spare_servers * $footprint ))" - elif [ "$php_pm" = "static" ] - then - ynh_debug --message="Estimated footprint=$(( $php_max_children * $footprint ))" + if [ "$php_pm" = "dynamic" ]; then + ynh_debug --message="Estimated average footprint=$(($php_max_spare_servers * $footprint))" + elif [ "$php_pm" = "static" ]; then + ynh_debug --message="Estimated footprint=$(($php_max_children * $footprint))" fi ynh_debug --message="\nRaw php-fpm values:" ynh_debug --message="pm.max_children = $php_max_children" - if [ "$php_pm" = "dynamic" ] - then + if [ "$php_pm" = "dynamic" ]; then ynh_debug --message="pm.start_servers = $php_start_servers" ynh_debug --message="pm.min_spare_servers = $php_min_spare_servers" ynh_debug --message="pm.max_spare_servers = $php_max_spare_servers" @@ -569,10 +530,10 @@ YNH_COMPOSER_VERSION=${YNH_COMPOSER_VERSION:-$YNH_DEFAULT_COMPOSER_VERSION} # | arg: -c, --commands - Commands to execute. # # Requires YunoHost version 4.2 or higher. -ynh_composer_exec () { +ynh_composer_exec() { # Declare an array to define the options of this helper. local legacy_args=vwc - declare -Ar args_array=( [v]=phpversion= [w]=workdir= [c]=commands= ) + declare -Ar args_array=([v]=phpversion= [w]=workdir= [c]=commands=) local phpversion local workdir local commands @@ -595,10 +556,10 @@ ynh_composer_exec () { # | arg: -c, --composerversion - Composer version to install # # Requires YunoHost version 4.2 or higher. -ynh_install_composer () { +ynh_install_composer() { # Declare an array to define the options of this helper. local legacy_args=vwac - declare -Ar args_array=( [v]=phpversion= [w]=workdir= [a]=install_args= [c]=composerversion=) + declare -Ar args_array=([v]=phpversion= [w]=workdir= [a]=install_args= [c]=composerversion=) local phpversion local workdir local install_args @@ -612,7 +573,7 @@ ynh_install_composer () { curl -sS https://getcomposer.org/installer \ | COMPOSER_HOME="$workdir/.composer" \ - php${phpversion} -- --quiet --install-dir="$workdir" --version=$composerversion \ + php${phpversion} -- --quiet --install-dir="$workdir" --version=$composerversion \ || ynh_die --message="Unable to install Composer." # install dependencies diff --git a/data/helpers.d/postgresql b/data/helpers.d/postgresql index 12738a922..992474dd5 100644 --- a/data/helpers.d/postgresql +++ b/data/helpers.d/postgresql @@ -46,8 +46,7 @@ ynh_psql_execute_as_root() { ynh_handle_getopts_args "$@" database="${database:-}" - if [ -n "$database" ] - then + if [ -n "$database" ]; then database="--database=$database" fi @@ -72,8 +71,7 @@ ynh_psql_execute_file_as_root() { ynh_handle_getopts_args "$@" database="${database:-}" - if [ -n "$database" ] - then + if [ -n "$database" ]; then database="--database=$database" fi @@ -175,8 +173,7 @@ ynh_psql_user_exists() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user" - then + if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user"; then return 1 else return 0 @@ -198,8 +195,7 @@ ynh_psql_database_exists() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database" - then + if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database"; then return 1 else return 0 @@ -269,16 +265,14 @@ ynh_psql_remove_db() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ynh_psql_database_exists --database=$db_name - then # Check if the database exists - ynh_psql_drop_db $db_name # Remove the database + if ynh_psql_database_exists --database=$db_name; then # Check if the database exists + ynh_psql_drop_db $db_name # Remove the database else ynh_print_warn --message="Database $db_name not found" fi # Remove psql user if it exists - if ynh_psql_user_exists --user=$db_user - then + if ynh_psql_user_exists --user=$db_user; then ynh_psql_drop_user $db_user else ynh_print_warn --message="User $db_user not found" @@ -310,8 +304,7 @@ ynh_psql_test_if_first_run() { # If this is the very first time, we define the root password # and configure a few things - if [ ! -f "$PSQL_ROOT_PWD_FILE" ] - then + if [ ! -f "$PSQL_ROOT_PWD_FILE" ]; then local pg_hba=/etc/postgresql/$PSQL_VERSION/main/pg_hba.conf local psql_root_password="$(ynh_string_random)" diff --git a/data/helpers.d/setting b/data/helpers.d/setting index 66bce9717..cd231c6ba 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -10,7 +10,7 @@ ynh_app_setting_get() { # Declare an array to define the options of this helper. local legacy_args=ak - local -A args_array=( [a]=app= [k]=key= ) + local -A args_array=([a]=app= [k]=key=) local app local key # Manage arguments with getopts @@ -34,7 +34,7 @@ ynh_app_setting_get() { ynh_app_setting_set() { # Declare an array to define the options of this helper. local legacy_args=akv - local -A args_array=( [a]=app= [k]=key= [v]=value= ) + local -A args_array=([a]=app= [k]=key= [v]=value=) local app local key local value @@ -58,7 +58,7 @@ ynh_app_setting_set() { ynh_app_setting_delete() { # Declare an array to define the options of this helper. local legacy_args=ak - local -A args_array=( [a]=app= [k]=key= ) + local -A args_array=([a]=app= [k]=key=) local app local key # Manage arguments with getopts @@ -76,8 +76,7 @@ ynh_app_setting_delete() { # # [internal] # -ynh_app_setting() -{ +ynh_app_setting() { set +o xtrace # set +x ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python3 - < /dev/null \ + dd if=/dev/urandom bs=1 count=1000 2>/dev/null \ | tr --complement --delete 'A-Za-z0-9' \ | sed --quiet 's/\(.\{'"$length"'\}\).*/\1/p' } @@ -34,10 +34,10 @@ ynh_string_random() { # sub-expressions can be used (see sed manual page for more information) # # Requires YunoHost version 2.6.4 or higher. -ynh_replace_string () { +ynh_replace_string() { # Declare an array to define the options of this helper. local legacy_args=mrf - local -A args_array=( [m]=match_string= [r]=replace_string= [f]=target_file= ) + local -A args_array=([m]=match_string= [r]=replace_string= [f]=target_file=) local match_string local replace_string local target_file @@ -65,10 +65,10 @@ ynh_replace_string () { # characters, you can't use some regular expressions and sub-expressions. # # Requires YunoHost version 2.7.7 or higher. -ynh_replace_special_string () { +ynh_replace_special_string() { # Declare an array to define the options of this helper. local legacy_args=mrf - local -A args_array=( [m]=match_string= [r]=replace_string= [f]=target_file= ) + local -A args_array=([m]=match_string= [r]=replace_string= [f]=target_file=) local match_string local replace_string local target_file @@ -97,10 +97,10 @@ ynh_replace_special_string () { # Underscorify the string (replace - and . by _) # # Requires YunoHost version 2.2.4 or higher. -ynh_sanitize_dbid () { +ynh_sanitize_dbid() { # Declare an array to define the options of this helper. local legacy_args=n - local -A args_array=( [n]=db_name= ) + local -A args_array=([n]=db_name=) local db_name # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -127,20 +127,20 @@ ynh_sanitize_dbid () { # | arg: -p, --path_url= - URL path to normalize before using it # # Requires YunoHost version 2.6.4 or higher. -ynh_normalize_url_path () { +ynh_normalize_url_path() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=path_url= ) + local -A args_array=([p]=path_url=) local path_url # Manage arguments with getopts ynh_handle_getopts_args "$@" test -n "$path_url" || ynh_die --message="ynh_normalize_url_path expect a URL path as first argument and received nothing." - if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a / - path_url="/$path_url" # Add / at begin of path variable + if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a / + path_url="/$path_url" # Add / at begin of path variable fi - if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character. - path_url="${path_url:0:${#path_url}-1}" # Delete the last character + if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character. + path_url="${path_url:0:${#path_url}-1}" # Delete the last character fi echo $path_url } diff --git a/data/helpers.d/systemd b/data/helpers.d/systemd index d0f88b5f7..71b605181 100644 --- a/data/helpers.d/systemd +++ b/data/helpers.d/systemd @@ -12,10 +12,10 @@ # format and how placeholders are replaced with actual variables. # # Requires YunoHost version 4.1.0 or higher. -ynh_add_systemd_config () { +ynh_add_systemd_config() { # Declare an array to define the options of this helper. local legacy_args=stv - local -A args_array=( [s]=service= [t]=template= [v]=others_var=) + local -A args_array=([s]=service= [t]=template= [v]=others_var=) local service local template local others_var @@ -39,18 +39,17 @@ ynh_add_systemd_config () { # | arg: -s, --service= - Service name (optionnal, $app by default) # # Requires YunoHost version 2.7.2 or higher. -ynh_remove_systemd_config () { +ynh_remove_systemd_config() { # Declare an array to define the options of this helper. local legacy_args=s - local -A args_array=( [s]=service= ) + local -A args_array=([s]=service=) local service # Manage arguments with getopts ynh_handle_getopts_args "$@" local service="${service:-$app}" local finalsystemdconf="/etc/systemd/system/$service.service" - if [ -e "$finalsystemdconf" ] - then + if [ -e "$finalsystemdconf" ]; then ynh_systemd_action --service_name=$service --action=stop systemctl disable $service --quiet ynh_secure_remove --file="$finalsystemdconf" @@ -72,7 +71,7 @@ ynh_remove_systemd_config () { ynh_systemd_action() { # Declare an array to define the options of this helper. local legacy_args=nalpte - local -A args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= ) + local -A args_array=([n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length=) local service_name local action local line_match @@ -89,25 +88,22 @@ ynh_systemd_action() { timeout=${timeout:-300} # Manage case of service already stopped - if [ "$action" == "stop" ] && ! systemctl is-active --quiet $service_name - then + if [ "$action" == "stop" ] && ! systemctl is-active --quiet $service_name; then return 0 fi # Start to read the log - if [[ -n "$line_match" ]] - then + if [[ -n "$line_match" ]]; then local templog="$(mktemp)" # Following the starting of the app in its log - if [ "$log_path" == "systemd" ] - then + if [ "$log_path" == "systemd" ]; then # Read the systemd journal - journalctl --unit=$service_name --follow --since=-0 --quiet > "$templog" & + journalctl --unit=$service_name --follow --since=-0 --quiet >"$templog" & # Get the PID of the journalctl command local pid_tail=$! else # Read the specified log file - tail --follow=name --retry --lines=0 "$log_path" > "$templog" 2>&1 & + tail --follow=name --retry --lines=0 "$log_path" >"$templog" 2>&1 & # Get the PID of the tail command local pid_tail=$! fi @@ -119,13 +115,11 @@ ynh_systemd_action() { fi # If the service fails to perform the action - if ! systemctl $action $service_name - then + if ! systemctl $action $service_name; then # Show syslog for this service ynh_exec_err journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name # If a log is specified for this service, show also the content of this log - if [ -e "$log_path" ] - then + if [ -e "$log_path" ]; then ynh_exec_err tail --lines=$length "$log_path" fi ynh_clean_check_starting @@ -133,15 +127,12 @@ ynh_systemd_action() { fi # Start the timeout and try to find line_match - if [[ -n "${line_match:-}" ]] - then + if [[ -n "${line_match:-}" ]]; then set +x local i=0 - for i in $(seq 1 $timeout) - do + for i in $(seq 1 $timeout); do # Read the log until the sentence is found, that means the app finished to start. Or run until the timeout - if grep --extended-regexp --quiet "$line_match" "$templog" - then + if grep --extended-regexp --quiet "$line_match" "$templog"; then ynh_print_info --message="The service $service_name has correctly executed the action ${action}." break fi @@ -154,13 +145,11 @@ ynh_systemd_action() { if [ $i -ge 3 ]; then echo "" >&2 fi - if [ $i -eq $timeout ] - then + if [ $i -eq $timeout ]; then ynh_print_warn --message="The service $service_name didn't fully executed the action ${action} before the timeout." ynh_print_warn --message="Please find here an extract of the end of the log of the service $service_name:" ynh_exec_warn journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name - if [ -e "$log_path" ] - then + if [ -e "$log_path" ]; then ynh_print_warn --message="\-\-\-" ynh_exec_warn tail --lines=$length "$log_path" fi @@ -174,14 +163,12 @@ ynh_systemd_action() { # [internal] # # Requires YunoHost version 3.5.0 or higher. -ynh_clean_check_starting () { - if [ -n "${pid_tail:-}" ] - then +ynh_clean_check_starting() { + if [ -n "${pid_tail:-}" ]; then # Stop the execution of tail. kill -SIGTERM $pid_tail 2>&1 fi - if [ -n "${templog:-}" ] - then + if [ -n "${templog:-}" ]; then ynh_secure_remove --file="$templog" 2>&1 fi } diff --git a/data/helpers.d/user b/data/helpers.d/user index d5ede9f73..aecbd740e 100644 --- a/data/helpers.d/user +++ b/data/helpers.d/user @@ -12,7 +12,7 @@ ynh_user_exists() { # Declare an array to define the options of this helper. local legacy_args=u - local -A args_array=( [u]=username= ) + local -A args_array=([u]=username=) local username # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -33,7 +33,7 @@ ynh_user_exists() { ynh_user_get_info() { # Declare an array to define the options of this helper. local legacy_args=uk - local -A args_array=( [u]=username= [k]=key= ) + local -A args_array=([u]=username= [k]=key=) local username local key # Manage arguments with getopts @@ -64,7 +64,7 @@ ynh_user_list() { ynh_system_user_exists() { # Declare an array to define the options of this helper. local legacy_args=u - local -A args_array=( [u]=username= ) + local -A args_array=([u]=username=) local username # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -82,7 +82,7 @@ ynh_system_user_exists() { ynh_system_group_exists() { # Declare an array to define the options of this helper. local legacy_args=g - local -A args_array=( [g]=group= ) + local -A args_array=([g]=group=) local group # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -108,10 +108,10 @@ ynh_system_group_exists() { # ``` # # Requires YunoHost version 2.6.4 or higher. -ynh_system_user_create () { +ynh_system_user_create() { # Declare an array to define the options of this helper. local legacy_args=uhs - local -A args_array=( [u]=username= [h]=home_dir= [s]=use_shell [g]=groups= ) + local -A args_array=([u]=username= [h]=home_dir= [s]=use_shell [g]=groups=) local username local home_dir local use_shell @@ -123,17 +123,15 @@ ynh_system_user_create () { home_dir="${home_dir:-}" groups="${groups:-}" - if ! ynh_system_user_exists "$username" # Check if the user exists on the system - then # If the user doesn't exist - if [ -n "$home_dir" ] - then # If a home dir is mentioned + if ! ynh_system_user_exists "$username"; then # Check if the user exists on the system + # If the user doesn't exist + if [ -n "$home_dir" ]; then # If a home dir is mentioned local user_home_dir="--home-dir $home_dir" else local user_home_dir="--no-create-home" fi - if [ $use_shell -eq 1 ] - then # If we want a shell for the user - local shell="" # Use default shell + if [ $use_shell -eq 1 ]; then # If we want a shell for the user + local shell="" # Use default shell else local shell="--shell /usr/sbin/nologin" fi @@ -141,8 +139,7 @@ ynh_system_user_create () { fi local group - for group in $groups - do + for group in $groups; do usermod -a -G "$group" "$username" done } @@ -153,25 +150,23 @@ ynh_system_user_create () { # | arg: -u, --username= - Name of the system user that will be create # # Requires YunoHost version 2.6.4 or higher. -ynh_system_user_delete () { +ynh_system_user_delete() { # Declare an array to define the options of this helper. local legacy_args=u - local -A args_array=( [u]=username= ) + local -A args_array=([u]=username=) local username # Manage arguments with getopts ynh_handle_getopts_args "$@" # Check if the user exists on the system - if ynh_system_user_exists "$username" - then + if ynh_system_user_exists "$username"; then deluser $username else ynh_print_warn --message="The user $username was not found" fi # Check if the group exists on the system - if ynh_system_group_exists "$username" - then + if ynh_system_group_exists "$username"; then delgroup $username fi } diff --git a/data/helpers.d/utils b/data/helpers.d/utils index 061ff324d..eb823b5f0 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -19,25 +19,25 @@ YNH_APP_BASEDIR=${YNH_APP_BASEDIR:-$(realpath ..)} # It prints a warning to inform that the script was failed, and execute the ynh_clean_setup function if used in the app script # # Requires YunoHost version 2.6.4 or higher. -ynh_exit_properly () { +ynh_exit_properly() { local exit_code=$? rm -rf "/var/cache/yunohost/download/" if [ "$exit_code" -eq 0 ]; then - exit 0 # Exit without error if the script ended correctly + exit 0 # Exit without error if the script ended correctly fi - trap '' EXIT # Ignore new exit signals + trap '' EXIT # Ignore new exit signals # Do not exit anymore if a command fail or if a variable is empty - set +o errexit # set +e - set +o nounset # set +u + set +o errexit # set +e + set +o nounset # set +u # Small tempo to avoid the next message being mixed up with other DEBUG messages sleep 0.5 - if type -t ynh_clean_setup > /dev/null; then # Check if the function exist in the app script. - ynh_clean_setup # Call the function to do specific cleaning for the app. + if type -t ynh_clean_setup >/dev/null; then # Check if the function exist in the app script. + ynh_clean_setup # Call the function to do specific cleaning for the app. fi # Exit with error status @@ -55,10 +55,10 @@ ynh_exit_properly () { # and a call to `ynh_clean_setup` is triggered if it has been defined by your script. # # Requires YunoHost version 2.6.4 or higher. -ynh_abort_if_errors () { - set -o errexit # set -e; Exit if a command fail - set -o nounset # set -u; And if a variable is used unset - trap ynh_exit_properly EXIT # Capturing exit signals on shell script +ynh_abort_if_errors() { + set -o errexit # set -e; Exit if a command fail + set -o nounset # set -u; And if a variable is used unset + trap ynh_exit_properly EXIT # Capturing exit signals on shell script } # Download, check integrity, uncompress and patch the source from app.src @@ -99,10 +99,10 @@ ynh_abort_if_errors () { # - Extra files in `sources/extra_files/$src_id` will be copied to dest_dir # # Requires YunoHost version 2.6.4 or higher. -ynh_setup_source () { +ynh_setup_source() { # Declare an array to define the options of this helper. local legacy_args=dsk - local -A args_array=( [d]=dest_dir= [s]=source_id= [k]=keep= ) + local -A args_array=([d]=dest_dir= [s]=source_id= [k]=keep=) local dest_dir local source_id local keep @@ -133,15 +133,13 @@ ynh_setup_source () { src_filename="${source_id}.${src_format}" fi - # (Unused?) mecanism where one can have the file in a special local cache to not have to download it... local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}" mkdir -p /var/cache/yunohost/download/${YNH_APP_ID}/ src_filename="/var/cache/yunohost/download/${YNH_APP_ID}/${src_filename}" - if test -e "$local_src" - then + if test -e "$local_src"; then cp $local_src $src_filename else [ -n "$src_url" ] || ynh_die "Couldn't parse SOURCE_URL from $src_file_path ?" @@ -162,15 +160,12 @@ ynh_setup_source () { # Keep files to be backup/restored at the end of the helper # Assuming $dest_dir already exists rm -rf /var/cache/yunohost/files_to_keep_during_setup_source/ - if [ -n "$keep" ] && [ -e "$dest_dir" ] - then + if [ -n "$keep" ] && [ -e "$dest_dir" ]; then local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID} mkdir -p $keep_dir local stuff_to_keep - for stuff_to_keep in $keep - do - if [ -e "$dest_dir/$stuff_to_keep" ] - then + for stuff_to_keep in $keep; do + if [ -e "$dest_dir/$stuff_to_keep" ]; then mkdir --parents "$(dirname "$keep_dir/$stuff_to_keep")" cp --archive "$dest_dir/$stuff_to_keep" "$keep_dir/$stuff_to_keep" fi @@ -180,20 +175,16 @@ ynh_setup_source () { # Extract source into the app dir mkdir --parents "$dest_dir" - if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ] - then + if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ]; then _ynh_apply_default_permissions $dest_dir fi - if ! "$src_extract" - then + if ! "$src_extract"; then mv $src_filename $dest_dir - elif [ "$src_format" = "zip" ] - then + elif [ "$src_format" = "zip" ]; then # Zip format # Using of a temp directory, because unzip doesn't manage --strip-components - if $src_in_subdir - then + if $src_in_subdir; then local tmp_dir=$(mktemp --directory) unzip -quo $src_filename -d "$tmp_dir" cp --archive $tmp_dir/*/. "$dest_dir" @@ -204,18 +195,15 @@ ynh_setup_source () { ynh_secure_remove --file="$src_filename" else local strip="" - if [ "$src_in_subdir" != "false" ] - then - if [ "$src_in_subdir" == "true" ] - then + if [ "$src_in_subdir" != "false" ]; then + if [ "$src_in_subdir" == "true" ]; then local sub_dirs=1 else local sub_dirs="$src_in_subdir" fi strip="--strip-components $sub_dirs" fi - if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] - then + if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]]; then tar --extract --file=$src_filename --directory="$dest_dir" $strip else ynh_die --message="Archive format unrecognized." @@ -224,17 +212,16 @@ ynh_setup_source () { fi # Apply patches - if [ -d "$YNH_APP_BASEDIR/sources/patches/" ] - then + if [ -d "$YNH_APP_BASEDIR/sources/patches/" ]; then local patches_folder=$(realpath $YNH_APP_BASEDIR/sources/patches/) - if (( $(find $patches_folder -type f -name "${source_id}-*.patch" 2> /dev/null | wc --lines) > "0" )) - then - (cd "$dest_dir" - for p in $patches_folder/${source_id}-*.patch - do - echo $p - patch --strip=1 < $p - done) || ynh_die --message="Unable to apply patches" + if (($(find $patches_folder -type f -name "${source_id}-*.patch" 2>/dev/null | wc --lines) > "0")); then + ( + cd "$dest_dir" + for p in $patches_folder/${source_id}-*.patch; do + echo $p + patch --strip=1 <$p + done + ) || ynh_die --message="Unable to apply patches" fi fi @@ -245,14 +232,11 @@ ynh_setup_source () { # Keep files to be backup/restored at the end of the helper # Assuming $dest_dir already exists - if [ -n "$keep" ] - then + if [ -n "$keep" ]; then local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID} local stuff_to_keep - for stuff_to_keep in $keep - do - if [ -e "$keep_dir/$stuff_to_keep" ] - then + for stuff_to_keep in $keep; do + if [ -e "$keep_dir/$stuff_to_keep" ]; then mkdir --parents "$(dirname "$dest_dir/$stuff_to_keep")" cp --archive "$keep_dir/$stuff_to_keep" "$dest_dir/$stuff_to_keep" fi @@ -276,7 +260,7 @@ ynh_setup_source () { # `$domain` and `$path_url` should be defined externally (and correspond to the domain.tld and the /path (of the app?)) # # Requires YunoHost version 2.6.4 or higher. -ynh_local_curl () { +ynh_local_curl() { # Define url of page to curl local local_page=$(ynh_normalize_url_path $1) local full_path=$path_url$local_page @@ -290,12 +274,10 @@ ynh_local_curl () { # Concatenate all other arguments with '&' to prepare POST data local POST_data="" local arg="" - for arg in "${@:2}" - do + for arg in "${@:2}"; do POST_data="${POST_data}${arg}&" done - if [ -n "$POST_data" ] - then + if [ -n "$POST_data" ]; then # Add --data arg and remove the last character, which is an unecessary '&' POST_data="--data ${POST_data::-1}" fi @@ -353,10 +335,10 @@ ynh_local_curl () { # into the app settings when configuration is done. # # Requires YunoHost version 4.1.0 or higher. -ynh_add_config () { +ynh_add_config() { # Declare an array to define the options of this helper. local legacy_args=tdv - local -A args_array=( [t]=template= [d]=destination= ) + local -A args_array=([t]=template= [d]=destination=) local template local destination # Manage arguments with getopts @@ -414,17 +396,16 @@ ynh_add_config () { # __VAR_2__ by $var_2 # # Requires YunoHost version 4.1.0 or higher. -ynh_replace_vars () { +ynh_replace_vars() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= ) + local -A args_array=([f]=file=) local file # Manage arguments with getopts ynh_handle_getopts_args "$@" # Replace specific YunoHost variables - if test -n "${path_url:-}" - then + if test -n "${path_url:-}"; then # path_url_slash_less is path_url, or a blank value if path_url is only '/' local path_url_slash_less=${path_url%/} ynh_replace_string --match_string="__PATH__/" --replace_string="$path_url_slash_less/" --target_file="$file" @@ -448,12 +429,11 @@ ynh_replace_vars () { # Replace others variables # List other unique (__ __) variables in $file - local uniques_vars=( $(grep -oP '__[A-Z0-9]+?[A-Z0-9_]*?[A-Z0-9]*?__' $file | sort --unique | sed "s@__\([^.]*\)__@\L\1@g" )) + local uniques_vars=($(grep -oP '__[A-Z0-9]+?[A-Z0-9_]*?[A-Z0-9]*?__' $file | sort --unique | sed "s@__\([^.]*\)__@\L\1@g")) # Do the replacement local delimit=@ - for one_var in "${uniques_vars[@]}" - do + for one_var in "${uniques_vars[@]}"; do # Validate that one_var is indeed defined # -v checks if the variable is defined, for example: # -v FOO tests if $FOO is defined @@ -509,7 +489,7 @@ ynh_replace_vars () { ynh_read_var_in_file() { # Declare an array to define the options of this helper. local legacy_args=fka - local -A args_array=( [f]=file= [k]=key= [a]=after=) + local -A args_array=([f]=file= [k]=key= [a]=after=) local file local key local after @@ -523,11 +503,9 @@ ynh_read_var_in_file() { # Get the line number after which we search for the variable local line_number=1 - if [[ -n "$after" ]]; - then + if [[ -n "$after" ]]; then line_number=$(grep -n $after $file | cut -d: -f1) - if [[ -z "$line_number" ]]; - then + if [[ -z "$line_number" ]]; then set -o xtrace # set -x return 1 fi @@ -545,7 +523,7 @@ ynh_read_var_in_file() { if [[ "$ext" =~ ^ini|env$ ]]; then comments="[;#]" fi - if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then + if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then comments="//" fi local list='\[\s*['$string']?\w+['$string']?\]' @@ -567,10 +545,10 @@ ynh_read_var_in_file() { local expression="$(echo "$expression_with_comment" | sed "s@$comments[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" local first_char="${expression:0:1}" - if [[ "$first_char" == '"' ]] ; then - echo "$expression" | grep -m1 -o -P '"\K([^"](\\")?)*[^\\](?=")' | head -n1 | sed 's/\\"/"/g' - elif [[ "$first_char" == "'" ]] ; then - echo "$expression" | grep -m1 -o -P "'\K([^'](\\\\')?)*[^\\\\](?=')" | head -n1 | sed "s/\\\\'/'/g" + if [[ "$first_char" == '"' ]]; then + echo "$expression" | grep -m1 -o -P '"\K([^"](\\")?)*[^\\](?=")' | head -n1 | sed 's/\\"/"/g' + elif [[ "$first_char" == "'" ]]; then + echo "$expression" | grep -m1 -o -P "'\K([^'](\\\\')?)*[^\\\\](?=')" | head -n1 | sed "s/\\\\'/'/g" else echo "$expression" fi @@ -588,7 +566,7 @@ ynh_read_var_in_file() { ynh_write_var_in_file() { # Declare an array to define the options of this helper. local legacy_args=fkva - local -A args_array=( [f]=file= [k]=key= [v]=value= [a]=after=) + local -A args_array=([f]=file= [k]=key= [v]=value= [a]=after=) local file local key local value @@ -603,11 +581,9 @@ ynh_write_var_in_file() { # Get the line number after which we search for the variable local line_number=1 - if [[ -n "$after" ]]; - then + if [[ -n "$after" ]]; then line_number=$(grep -n $after $file | cut -d: -f1) - if [[ -z "$line_number" ]]; - then + if [[ -z "$line_number" ]]; then set -o xtrace # set -x return 1 fi @@ -626,7 +602,7 @@ ynh_write_var_in_file() { if [[ "$ext" =~ ^ini|env$ ]]; then comments="[;#]" fi - if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then + if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then comments="//" fi local list='\[\s*['$string']?\w+['$string']?\]' @@ -650,22 +626,22 @@ ynh_write_var_in_file() { value="$(echo "$value" | sed 's/\\/\\\\/g')" local first_char="${expression:0:1}" delimiter=$'\001' - if [[ "$first_char" == '"' ]] ; then + if [[ "$first_char" == '"' ]]; then # \ and sed is quite complex you need 2 \\ to get one in a sed # So we need \\\\ to go through 2 sed value="$(echo "$value" | sed 's/"/\\\\"/g')" sed -ri "${range}s$delimiter"'(^'"${var_part}"'")([^"]|\\")*("[\s;,]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}"'"'"${endline}${delimiter}i" ${file} - elif [[ "$first_char" == "'" ]] ; then + elif [[ "$first_char" == "'" ]]; then # \ and sed is quite complex you need 2 \\ to get one in a sed # However double quotes implies to double \\ to # So we need \\\\\\\\ to go through 2 sed and 1 double quotes str value="$(echo "$value" | sed "s/'/\\\\\\\\'/g")" sed -ri "${range}s$delimiter(^${var_part}')([^']|\\')*('"'[\s,;]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}'${endline}${delimiter}i" ${file} else - if [[ "$value" == *"'"* ]] || [[ "$value" == *'"'* ]] || [[ "$ext" =~ ^php|py|json|js$ ]] ; then + if [[ "$value" == *"'"* ]] || [[ "$value" == *'"'* ]] || [[ "$ext" =~ ^php|py|json|js$ ]]; then value='\"'"$(echo "$value" | sed 's/"/\\\\"/g')"'\"' fi - if [[ "$ext" =~ ^yaml|yml$ ]] ; then + if [[ "$ext" =~ ^yaml|yml$ ]]; then value=" $value" fi sed -ri "${range}s$delimiter(^${var_part}).*\$$delimiter\1${value}${endline}${delimiter}i" ${file} @@ -673,7 +649,6 @@ ynh_write_var_in_file() { set -o xtrace # set -x } - # Render templates with Jinja2 # # [internal] @@ -691,7 +666,7 @@ ynh_render_template() { # Taken from https://stackoverflow.com/a/35009576 python3 -c 'import os, sys, jinja2; sys.stdout.write( jinja2.Template(sys.stdin.read() - ).render(os.environ));' < $template_path > $output_path + ).render(os.environ));' <$template_path >$output_path } # Fetch the Debian release codename @@ -700,7 +675,7 @@ ynh_render_template() { # | ret: The Debian release codename (i.e. jessie, stretch, ...) # # Requires YunoHost version 2.7.12 or higher. -ynh_get_debian_release () { +ynh_get_debian_release() { echo $(lsb_release --codename --short) } @@ -730,10 +705,10 @@ properly with chmod/chown." # | arg: -f, --file= - File or directory to remove # # Requires YunoHost version 2.6.4 or higher. -ynh_secure_remove () { +ynh_secure_remove() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= ) + local -A args_array=([f]=file=) local file # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -743,24 +718,21 @@ ynh_secure_remove () { /var/www \ /home/yunohost.app" - if [ $# -ge 2 ] - then + if [ $# -ge 2 ]; then ynh_print_warn --message="/!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time." fi - if [[ -z "$file" ]] - then + if [[ -z "$file" ]]; then ynh_print_warn --message="ynh_secure_remove called with empty argument, ignoring." - elif [[ "$forbidden_path" =~ "$file" \ - # Match all paths or subpaths in $forbidden_path - || "$file" =~ ^/[[:alnum:]]+$ \ + elif [[ "$forbidden_path" =~ "$file" || + + "$file" =~ ^/[[:alnum:]]+$ || + + "${file:${#file}-1}" = "/" ]]; then # Match all paths or subpaths in $forbidden_path # Match all first level paths from / (Like /var, /root, etc...) - || "${file:${#file}-1}" = "/" ]] # Match if the path finishes by /. Because it seems there is an empty variable - then ynh_print_warn --message="Not deleting '$file' because it is not an acceptable path to delete." - elif [ -e "$file" ] - then + elif [ -e "$file" ]; then rm --recursive "$file" else ynh_print_info --message="'$file' wasn't deleted because it doesn't exist." @@ -781,16 +753,12 @@ ynh_get_plain_key() { # an info to be redacted by the core local key_=$1 shift - while read line - do - if [[ "$founded" == "1" ]] - then + while read line; do + if [[ "$founded" == "1" ]]; then [[ "$line" =~ ^${prefix}[^#] ]] && return echo $line - elif [[ "$line" =~ ^${prefix}${key_}$ ]] - then - if [[ -n "${1:-}" ]] - then + elif [[ "$line" =~ ^${prefix}${key_}$ ]]; then + if [[ -n "${1:-}" ]]; then prefix+="#" key_=$1 shift @@ -809,10 +777,10 @@ ynh_get_plain_key() { # | ret: the value associate to that key # # Requires YunoHost version 3.5.0 or higher. -ynh_read_manifest () { +ynh_read_manifest() { # Declare an array to define the options of this helper. local legacy_args=mk - local -A args_array=( [m]=manifest= [k]=manifest_key= ) + local -A args_array=([m]=manifest= [k]=manifest_key=) local manifest local manifest_key # Manage arguments with getopts @@ -839,20 +807,19 @@ ynh_read_manifest () { # For example, if the manifest contains `4.3-2~ynh3` the function will return `4.3-2` # # Requires YunoHost version 3.5.0 or higher. -ynh_app_upstream_version () { +ynh_app_upstream_version() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=manifest= ) + local -A args_array=([m]=manifest=) local manifest # Manage arguments with getopts ynh_handle_getopts_args "$@" manifest="${manifest:-}" - if [[ "$manifest" != "" ]] && [[ -e "$manifest" ]]; - then - version_key_=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version") + if [[ "$manifest" != "" ]] && [[ -e "$manifest" ]]; then + version_key_=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version") else - version_key_=$YNH_APP_MANIFEST_VERSION + version_key_=$YNH_APP_MANIFEST_VERSION fi echo "${version_key_/~ynh*/}" @@ -869,10 +836,10 @@ ynh_app_upstream_version () { # For example, if the manifest contains `4.3-2~ynh3` the function will return `3` # # Requires YunoHost version 3.5.0 or higher. -ynh_app_package_version () { +ynh_app_package_version() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=manifest= ) + local -A args_array=([m]=manifest=) local manifest # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -894,11 +861,10 @@ ynh_app_package_version () { # sudo yunohost app upgrade --force # ``` # Requires YunoHost version 3.5.0 or higher. -ynh_check_app_version_changed () { +ynh_check_app_version_changed() { local return_value=${YNH_APP_UPGRADE_TYPE} - if [ "$return_value" == "UPGRADE_FULL" ] || [ "$return_value" == "UPGRADE_FORCED" ] || [ "$return_value" == "DOWNGRADE_FORCED" ] - then + if [ "$return_value" == "UPGRADE_FULL" ] || [ "$return_value" == "UPGRADE_FORCED" ] || [ "$return_value" == "DOWNGRADE_FORCED" ]; then return_value="UPGRADE_APP" fi @@ -927,7 +893,7 @@ ynh_check_app_version_changed () { # Requires YunoHost version 3.8.0 or higher. ynh_compare_current_package_version() { local legacy_args=cv - declare -Ar args_array=( [c]=comparison= [v]=version= ) + declare -Ar args_array=([c]=comparison= [v]=version=) local version local comparison # Manage arguments with getopts @@ -936,8 +902,7 @@ ynh_compare_current_package_version() { local current_version=$YNH_APP_CURRENT_VERSION # Check the syntax of the versions - if [[ ! $version =~ '~ynh' ]] || [[ ! $current_version =~ '~ynh' ]] - then + if [[ ! $version =~ '~ynh' ]] || [[ ! $current_version =~ '~ynh' ]]; then ynh_die --message="Invalid argument for version." fi @@ -972,13 +937,11 @@ _ynh_apply_default_permissions() { local ynh_requirement=$(jq -r '.requirements.yunohost' $YNH_APP_BASEDIR/manifest.json | tr -d '>= ') - if [ -z "$ynh_requirement" ] || [ "$ynh_requirement" == "null" ] || dpkg --compare-versions $ynh_requirement ge 4.2 - then + if [ -z "$ynh_requirement" ] || [ "$ynh_requirement" == "null" ] || dpkg --compare-versions $ynh_requirement ge 4.2; then chmod o-rwx $target chmod g-w $target chown -R root:root $target - if ynh_system_user_exists $app - then + if ynh_system_user_exists $app; then chown $app:$app $target fi fi From 6048d1b0b35c7f1ad3618c5e4afbe5bf1ae4ff49 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 16:24:33 +0200 Subject: [PATCH 29/47] Typo ogod --- data/helpers.d/utils | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/data/helpers.d/utils b/data/helpers.d/utils index eb823b5f0..0e38423f2 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -748,13 +748,13 @@ ynh_secure_remove() { # (Deprecated, use --output-as json and jq instead) ynh_get_plain_key() { local prefix="#" - local founded=0 + local found=0 # We call this key_ so that it's not caught as # an info to be redacted by the core local key_=$1 shift while read line; do - if [[ "$founded" == "1" ]]; then + if [[ "$found" == "1" ]]; then [[ "$line" =~ ^${prefix}[^#] ]] && return echo $line elif [[ "$line" =~ ^${prefix}${key_}$ ]]; then @@ -763,7 +763,7 @@ ynh_get_plain_key() { key_=$1 shift else - founded=1 + found=1 fi fi done From 5a7a719661424fe7d283d253438f0ab4bd988c65 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 16:29:14 +0200 Subject: [PATCH 30/47] Also lint/reformat core bash hooks --- .../backup/50-conf_manually_modified_files | 7 +- data/hooks/conf_regen/01-yunohost | 314 +++++++++--------- data/hooks/conf_regen/02-ssl | 97 +++--- data/hooks/conf_regen/06-slapd | 260 +++++++-------- data/hooks/conf_regen/09-nslcd | 16 +- data/hooks/conf_regen/10-apt | 15 +- data/hooks/conf_regen/12-metronome | 102 +++--- data/hooks/conf_regen/15-nginx | 226 +++++++------ data/hooks/conf_regen/19-postfix | 114 ++++--- data/hooks/conf_regen/25-dovecot | 80 ++--- data/hooks/conf_regen/31-rspamd | 88 ++--- data/hooks/conf_regen/34-mysql | 94 +++--- data/hooks/conf_regen/35-redis | 8 +- data/hooks/conf_regen/37-mdns | 63 ++-- data/hooks/conf_regen/43-dnsmasq | 111 +++---- data/hooks/conf_regen/46-nsswitch | 16 +- data/hooks/conf_regen/52-fail2ban | 24 +- data/hooks/post_user_create/ynh_multimedia | 2 +- data/hooks/restore/05-conf_ldap | 12 +- .../restore/50-conf_manually_modified_files | 3 +- 20 files changed, 819 insertions(+), 833 deletions(-) diff --git a/data/hooks/backup/50-conf_manually_modified_files b/data/hooks/backup/50-conf_manually_modified_files index 2cca11afb..bdea14113 100644 --- a/data/hooks/backup/50-conf_manually_modified_files +++ b/data/hooks/backup/50-conf_manually_modified_files @@ -6,13 +6,12 @@ YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files" mkdir -p "$YNH_CWD" cd "$YNH_CWD" -yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" > ./manually_modified_files_list +yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" >./manually_modified_files_list ynh_backup --src_path="./manually_modified_files_list" -for file in $(cat ./manually_modified_files_list) -do +for file in $(cat ./manually_modified_files_list); do [[ -e $file ]] && ynh_backup --src_path="$file" done - + ynh_backup --src_path="/etc/ssowat/conf.json.persistent" diff --git a/data/hooks/conf_regen/01-yunohost b/data/hooks/conf_regen/01-yunohost index 14af66933..341efce9e 100755 --- a/data/hooks/conf_regen/01-yunohost +++ b/data/hooks/conf_regen/01-yunohost @@ -3,129 +3,128 @@ set -e do_init_regen() { - if [[ $EUID -ne 0 ]]; then - echo "You must be root to run this script" 1>&2 - exit 1 - fi + if [[ $EUID -ne 0 ]]; then + echo "You must be root to run this script" 1>&2 + exit 1 + fi - cd /usr/share/yunohost/templates/yunohost + cd /usr/share/yunohost/templates/yunohost - [[ -d /etc/yunohost ]] || mkdir -p /etc/yunohost + [[ -d /etc/yunohost ]] || mkdir -p /etc/yunohost - # set default current_host - [[ -f /etc/yunohost/current_host ]] \ - || echo "yunohost.org" > /etc/yunohost/current_host + # set default current_host + [[ -f /etc/yunohost/current_host ]] \ + || echo "yunohost.org" >/etc/yunohost/current_host - # copy default services and firewall - [[ -f /etc/yunohost/firewall.yml ]] \ - || cp firewall.yml /etc/yunohost/firewall.yml + # copy default services and firewall + [[ -f /etc/yunohost/firewall.yml ]] \ + || cp firewall.yml /etc/yunohost/firewall.yml - # allow users to access /media directory - [[ -d /etc/skel/media ]] \ - || (mkdir -p /media && ln -s /media /etc/skel/media) + # allow users to access /media directory + [[ -d /etc/skel/media ]] \ + || (mkdir -p /media && ln -s /media /etc/skel/media) - # Cert folders - mkdir -p /etc/yunohost/certs - chown -R root:ssl-cert /etc/yunohost/certs - chmod 750 /etc/yunohost/certs + # Cert folders + mkdir -p /etc/yunohost/certs + chown -R root:ssl-cert /etc/yunohost/certs + chmod 750 /etc/yunohost/certs - # App folders - mkdir -p /etc/yunohost/apps - chmod 700 /etc/yunohost/apps - mkdir -p /home/yunohost.app - chmod 755 /home/yunohost.app + # App folders + mkdir -p /etc/yunohost/apps + chmod 700 /etc/yunohost/apps + mkdir -p /home/yunohost.app + chmod 755 /home/yunohost.app - # Domain settings - mkdir -p /etc/yunohost/domains - chmod 700 /etc/yunohost/domains + # Domain settings + mkdir -p /etc/yunohost/domains + chmod 700 /etc/yunohost/domains - # Backup folders - mkdir -p /home/yunohost.backup/archives - chmod 750 /home/yunohost.backup/archives - chown root:root /home/yunohost.backup/archives # This is later changed to admin:root once admin user exists + # Backup folders + mkdir -p /home/yunohost.backup/archives + chmod 750 /home/yunohost.backup/archives + chown root:root /home/yunohost.backup/archives # This is later changed to admin:root once admin user exists - # Empty ssowat json persistent conf - echo "{}" > '/etc/ssowat/conf.json.persistent' - chmod 644 /etc/ssowat/conf.json.persistent - chown root:root /etc/ssowat/conf.json.persistent + # Empty ssowat json persistent conf + echo "{}" >'/etc/ssowat/conf.json.persistent' + chmod 644 /etc/ssowat/conf.json.persistent + chown root:root /etc/ssowat/conf.json.persistent - # Empty service conf - touch /etc/yunohost/services.yml + # Empty service conf + touch /etc/yunohost/services.yml - mkdir -p /var/cache/yunohost/repo - chown root:root /var/cache/yunohost - chmod 700 /var/cache/yunohost + mkdir -p /var/cache/yunohost/repo + chown root:root /var/cache/yunohost + chmod 700 /var/cache/yunohost - cp yunoprompt.service /etc/systemd/system/yunoprompt.service - cp dpkg-origins /etc/dpkg/origins/yunohost + cp yunoprompt.service /etc/systemd/system/yunoprompt.service + cp dpkg-origins /etc/dpkg/origins/yunohost - # Change dpkg vendor - # see https://wiki.debian.org/Derivatives/Guidelines#Vendor - readlink -f /etc/dpkg/origins/default | grep -q debian \ - && rm -f /etc/dpkg/origins/default \ - && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default + # Change dpkg vendor + # see https://wiki.debian.org/Derivatives/Guidelines#Vendor + readlink -f /etc/dpkg/origins/default | grep -q debian \ + && rm -f /etc/dpkg/origins/default \ + && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default } do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/yunohost + cd /usr/share/yunohost/templates/yunohost - # Legacy code that can be removed once on bullseye - touch /etc/yunohost/services.yml - yunohost tools shell -c "from yunohost.service import _get_services, _save_services; _save_services(_get_services())" + # Legacy code that can be removed once on bullseye + touch /etc/yunohost/services.yml + yunohost tools shell -c "from yunohost.service import _get_services, _save_services; _save_services(_get_services())" - mkdir -p $pending_dir/etc/systemd/system - mkdir -p $pending_dir/etc/cron.d/ - mkdir -p $pending_dir/etc/cron.daily/ + mkdir -p $pending_dir/etc/systemd/system + mkdir -p $pending_dir/etc/cron.d/ + mkdir -p $pending_dir/etc/cron.daily/ - # add cron job for diagnosis to be ran at 7h and 19h + a random delay between - # 0 and 20min, meant to avoid every instances running their diagnosis at - # exactly the same time, which may overload the diagnosis server. - cat > $pending_dir/etc/cron.d/yunohost-diagnosis << EOF + # add cron job for diagnosis to be ran at 7h and 19h + a random delay between + # 0 and 20min, meant to avoid every instances running their diagnosis at + # exactly the same time, which may overload the diagnosis server. + cat >$pending_dir/etc/cron.d/yunohost-diagnosis < /dev/null 2>/dev/null || echo "Running the automatic diagnosis failed miserably" EOF - # Cron job that upgrade the app list everyday - cat > $pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog << EOF + # Cron job that upgrade the app list everyday + cat >$pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog < /dev/null) & EOF - # Cron job that renew lets encrypt certificates if there's any that needs renewal - cat > $pending_dir/etc/cron.daily/yunohost-certificate-renew << EOF + # Cron job that renew lets encrypt certificates if there's any that needs renewal + cat >$pending_dir/etc/cron.daily/yunohost-certificate-renew </dev/null - then - cat > $pending_dir/etc/cron.d/yunohost-dyndns << EOF + # If we subscribed to a dyndns domain, add the corresponding cron + # - delay between 0 and 60 secs to spread the check over a 1 min window + # - do not run the command if some process already has the lock, to avoid queuing hundreds of commands... + if ls -l /etc/yunohost/dyndns/K*.private 2>/dev/null; then + cat >$pending_dir/etc/cron.d/yunohost-dyndns <> /dev/null EOF - fi + fi - # legacy stuff to avoid yunohost reporting etckeeper as manually modified - # (this make sure that the hash is null / file is flagged as to-delete) - mkdir -p $pending_dir/etc/etckeeper - touch $pending_dir/etc/etckeeper/etckeeper.conf + # legacy stuff to avoid yunohost reporting etckeeper as manually modified + # (this make sure that the hash is null / file is flagged as to-delete) + mkdir -p $pending_dir/etc/etckeeper + touch $pending_dir/etc/etckeeper/etckeeper.conf - # Skip ntp if inside a container (inspired from the conf of systemd-timesyncd) - mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/ - echo " + # Skip ntp if inside a container (inspired from the conf of systemd-timesyncd) + mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/ + echo " [Unit] ConditionCapability=CAP_SYS_TIME ConditionVirtualization=!container -" > ${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf +" >${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf - # Make nftable conflict with yunohost-firewall - mkdir -p ${pending_dir}/etc/systemd/system/nftables.service.d/ - cat > ${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf << EOF + # Make nftable conflict with yunohost-firewall + mkdir -p ${pending_dir}/etc/systemd/system/nftables.service.d/ + cat >${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf < ${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf << EOF + # Don't suspend computer on LidSwitch + mkdir -p ${pending_dir}/etc/systemd/logind.conf.d/ + cat >${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf </dev/null) - chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) + # Misc configuration / state files + chown root:root $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) + chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) - # Apps folder, custom hooks folder - [[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d) - [[ ! -e /etc/yunohost/apps ]] || (chown root /etc/yunohost/apps && chmod 700 /etc/yunohost/apps) - [[ ! -e /etc/yunohost/domains ]] || (chown root /etc/yunohost/domains && chmod 700 /etc/yunohost/domains) + # Apps folder, custom hooks folder + [[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d) + [[ ! -e /etc/yunohost/apps ]] || (chown root /etc/yunohost/apps && chmod 700 /etc/yunohost/apps) + [[ ! -e /etc/yunohost/domains ]] || (chown root /etc/yunohost/domains && chmod 700 /etc/yunohost/domains) - # Create ssh.app and sftp.app groups if they don't exist yet - grep -q '^ssh.app:' /etc/group || groupadd ssh.app - grep -q '^sftp.app:' /etc/group || groupadd sftp.app + # Create ssh.app and sftp.app groups if they don't exist yet + grep -q '^ssh.app:' /etc/group || groupadd ssh.app + grep -q '^sftp.app:' /etc/group || groupadd sftp.app - # Propagates changes in systemd service config overrides - [[ ! "$regen_conf_files" =~ "ntp.service.d/ynh-override.conf" ]] || { systemctl daemon-reload; systemctl restart ntp; } - [[ ! "$regen_conf_files" =~ "nftables.service.d/ynh-override.conf" ]] || systemctl daemon-reload - [[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] || systemctl daemon-reload - if [[ "$regen_conf_files" =~ "yunoprompt.service" ]] - then - systemctl daemon-reload - action=$([[ -e /etc/systemd/system/yunoprompt.service ]] && echo 'enable' || echo 'disable') - systemctl $action yunoprompt --quiet --now - fi - if [[ "$regen_conf_files" =~ "proc-hidepid.service" ]] - then - systemctl daemon-reload - action=$([[ -e /etc/systemd/system/proc-hidepid.service ]] && echo 'enable' || echo 'disable') - systemctl $action proc-hidepid --quiet --now - fi + # Propagates changes in systemd service config overrides + [[ ! "$regen_conf_files" =~ "ntp.service.d/ynh-override.conf" ]] || { + systemctl daemon-reload + systemctl restart ntp + } + [[ ! "$regen_conf_files" =~ "nftables.service.d/ynh-override.conf" ]] || systemctl daemon-reload + [[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] || systemctl daemon-reload + if [[ "$regen_conf_files" =~ "yunoprompt.service" ]]; then + systemctl daemon-reload + action=$([[ -e /etc/systemd/system/yunoprompt.service ]] && echo 'enable' || echo 'disable') + systemctl $action yunoprompt --quiet --now + fi + if [[ "$regen_conf_files" =~ "proc-hidepid.service" ]]; then + systemctl daemon-reload + action=$([[ -e /etc/systemd/system/proc-hidepid.service ]] && echo 'enable' || echo 'disable') + systemctl $action proc-hidepid --quiet --now + fi - # Change dpkg vendor - # see https://wiki.debian.org/Derivatives/Guidelines#Vendor - readlink -f /etc/dpkg/origins/default | grep -q debian \ - && rm -f /etc/dpkg/origins/default \ - && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default + # Change dpkg vendor + # see https://wiki.debian.org/Derivatives/Guidelines#Vendor + readlink -f /etc/dpkg/origins/default | grep -q debian \ + && rm -f /etc/dpkg/origins/default \ + && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/02-ssl b/data/hooks/conf_regen/02-ssl index 2b40c77a2..03478552c 100755 --- a/data/hooks/conf_regen/02-ssl +++ b/data/hooks/conf_regen/02-ssl @@ -23,7 +23,7 @@ regen_local_ca() { # (Update the serial so that it's specific to this very instance) # N.B. : the weird RANDFILE thing comes from: # https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - RANDFILE=.rnd openssl rand -hex 19 > serial + RANDFILE=.rnd openssl rand -hex 19 >serial rm -f index.txt touch index.txt cp /usr/share/yunohost/templates/ssl/openssl.cnf openssl.ca.cnf @@ -50,73 +50,72 @@ regen_local_ca() { do_init_regen() { - LOGFILE=/tmp/yunohost-ssl-init - echo "" > $LOGFILE - chown root:root $LOGFILE - chmod 640 $LOGFILE + LOGFILE=/tmp/yunohost-ssl-init + echo "" >$LOGFILE + chown root:root $LOGFILE + chmod 640 $LOGFILE - # Make sure this conf exists - mkdir -p ${ssl_dir} - cp /usr/share/yunohost/templates/ssl/openssl.cnf ${ssl_dir}/openssl.ca.cnf + # Make sure this conf exists + mkdir -p ${ssl_dir} + cp /usr/share/yunohost/templates/ssl/openssl.cnf ${ssl_dir}/openssl.ca.cnf - # create default certificates - if [[ ! -f "$ynh_ca" ]]; then - regen_local_ca yunohost.org >>$LOGFILE - fi + # create default certificates + if [[ ! -f "$ynh_ca" ]]; then + regen_local_ca yunohost.org >>$LOGFILE + fi - if [[ ! -f "$ynh_crt" ]]; then - echo -e "\n# Creating initial key and certificate \n" >>$LOGFILE + if [[ ! -f "$ynh_crt" ]]; then + echo -e "\n# Creating initial key and certificate \n" >>$LOGFILE - openssl req -new \ - -config "$openssl_conf" \ - -days 730 \ - -out "${ssl_dir}/certs/yunohost_csr.pem" \ - -keyout "${ssl_dir}/certs/yunohost_key.pem" \ - -nodes -batch &>>$LOGFILE + openssl req -new \ + -config "$openssl_conf" \ + -days 730 \ + -out "${ssl_dir}/certs/yunohost_csr.pem" \ + -keyout "${ssl_dir}/certs/yunohost_key.pem" \ + -nodes -batch &>>$LOGFILE - openssl ca \ - -config "$openssl_conf" \ - -days 730 \ - -in "${ssl_dir}/certs/yunohost_csr.pem" \ - -out "${ssl_dir}/certs/yunohost_crt.pem" \ - -batch &>>$LOGFILE + openssl ca \ + -config "$openssl_conf" \ + -days 730 \ + -in "${ssl_dir}/certs/yunohost_csr.pem" \ + -out "${ssl_dir}/certs/yunohost_crt.pem" \ + -batch &>>$LOGFILE - chmod 640 "${ssl_dir}/certs/yunohost_key.pem" - chmod 640 "${ssl_dir}/certs/yunohost_crt.pem" + chmod 640 "${ssl_dir}/certs/yunohost_key.pem" + chmod 640 "${ssl_dir}/certs/yunohost_crt.pem" - cp "${ssl_dir}/certs/yunohost_key.pem" "$ynh_key" - cp "${ssl_dir}/certs/yunohost_crt.pem" "$ynh_crt" - ln -sf "$ynh_crt" /etc/ssl/certs/yunohost_crt.pem - ln -sf "$ynh_key" /etc/ssl/private/yunohost_key.pem - fi + cp "${ssl_dir}/certs/yunohost_key.pem" "$ynh_key" + cp "${ssl_dir}/certs/yunohost_crt.pem" "$ynh_crt" + ln -sf "$ynh_crt" /etc/ssl/certs/yunohost_crt.pem + ln -sf "$ynh_key" /etc/ssl/private/yunohost_key.pem + fi - chown -R root:ssl-cert /etc/yunohost/certs/yunohost.org/ - chmod o-rwx /etc/yunohost/certs/yunohost.org/ + chown -R root:ssl-cert /etc/yunohost/certs/yunohost.org/ + chmod o-rwx /etc/yunohost/certs/yunohost.org/ - install -D -m 644 $openssl_conf "${ssl_dir}/openssl.cnf" + install -D -m 644 $openssl_conf "${ssl_dir}/openssl.cnf" } do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/ssl + cd /usr/share/yunohost/templates/ssl - install -D -m 644 openssl.cnf "${pending_dir}/${ssl_dir}/openssl.cnf" + install -D -m 644 openssl.cnf "${pending_dir}/${ssl_dir}/openssl.cnf" } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - current_local_ca_domain=$(openssl x509 -in $ynh_ca -text | tr ',' '\n' | grep Issuer | awk '{print $4}') - main_domain=$(cat /etc/yunohost/current_host) + current_local_ca_domain=$(openssl x509 -in $ynh_ca -text | tr ',' '\n' | grep Issuer | awk '{print $4}') + main_domain=$(cat /etc/yunohost/current_host) - if [[ "$current_local_ca_domain" != "$main_domain" ]] - then - regen_local_ca $main_domain - # Idk how useful this is, but this was in the previous python code (domain.main_domain()) - ln -sf /etc/yunohost/certs/$domain/crt.pem /etc/ssl/certs/yunohost_crt.pem - ln -sf /etc/yunohost/certs/$domain/key.pem /etc/ssl/private/yunohost_key.pem - fi + if [[ "$current_local_ca_domain" != "$main_domain" ]]; then + regen_local_ca $main_domain + # Idk how useful this is, but this was in the previous python code (domain.main_domain()) + ln -sf /etc/yunohost/certs/$domain/crt.pem /etc/ssl/certs/yunohost_crt.pem + ln -sf /etc/yunohost/certs/$domain/key.pem /etc/ssl/private/yunohost_key.pem + fi } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/06-slapd b/data/hooks/conf_regen/06-slapd index 49b1bf354..f7a7acf64 100755 --- a/data/hooks/conf_regen/06-slapd +++ b/data/hooks/conf_regen/06-slapd @@ -8,19 +8,19 @@ config="/usr/share/yunohost/templates/slapd/config.ldif" db_init="/usr/share/yunohost/templates/slapd/db_init.ldif" do_init_regen() { - if [[ $EUID -ne 0 ]]; then - echo "You must be root to run this script" 1>&2 - exit 1 - fi + if [[ $EUID -ne 0 ]]; then + echo "You must be root to run this script" 1>&2 + exit 1 + fi - do_pre_regen "" + do_pre_regen "" - # Drop current existing slapd data + # Drop current existing slapd data - rm -rf /var/backups/*.ldapdb - rm -rf /var/backups/slapd-* + rm -rf /var/backups/*.ldapdb + rm -rf /var/backups/slapd-* - debconf-set-selections << EOF + debconf-set-selections <&1 \ - | grep -v "none elapsed\|Closing DB" || true - chown -R openldap: /etc/ldap/slapd.d + rm -rf /etc/ldap/slapd.d + mkdir -p /etc/ldap/slapd.d + slapadd -F /etc/ldap/slapd.d -b cn=config -l "$config" 2>&1 \ + | grep -v "none elapsed\|Closing DB" || true + chown -R openldap: /etc/ldap/slapd.d - rm -rf /var/lib/ldap - mkdir -p /var/lib/ldap - slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "$db_init" 2>&1 \ - | grep -v "none elapsed\|Closing DB" || true - chown -R openldap: /var/lib/ldap + rm -rf /var/lib/ldap + mkdir -p /var/lib/ldap + slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "$db_init" 2>&1 \ + | grep -v "none elapsed\|Closing DB" || true + chown -R openldap: /var/lib/ldap - nscd -i group || true - nscd -i passwd || true + nscd -i group || true + nscd -i passwd || true - systemctl restart slapd + systemctl restart slapd - # We don't use mkhomedir_helper because 'admin' may not be recognized - # when this script is ran in a chroot (e.g. ISO install) - # We also refer to admin as uid 1007 for the same reason - if [ ! -d /home/admin ] - then - cp -r /etc/skel /home/admin - chown -R 1007:1007 /home/admin - fi + # We don't use mkhomedir_helper because 'admin' may not be recognized + # when this script is ran in a chroot (e.g. ISO install) + # We also refer to admin as uid 1007 for the same reason + if [ ! -d /home/admin ]; then + cp -r /etc/skel /home/admin + chown -R 1007:1007 /home/admin + fi } _regenerate_slapd_conf() { - # Validate the new slapd config - # To do so, we have to use the .ldif to generate the config directory - # so we use a temporary directory slapd_new.d - rm -Rf /etc/ldap/slapd_new.d - mkdir /etc/ldap/slapd_new.d - slapadd -b cn=config -l "$config" -F /etc/ldap/slapd_new.d/ 2>&1 \ - | grep -v "none elapsed\|Closing DB" || true - # Actual validation (-Q is for quiet, -u is for dry-run) - slaptest -Q -u -F /etc/ldap/slapd_new.d + # Validate the new slapd config + # To do so, we have to use the .ldif to generate the config directory + # so we use a temporary directory slapd_new.d + rm -Rf /etc/ldap/slapd_new.d + mkdir /etc/ldap/slapd_new.d + slapadd -b cn=config -l "$config" -F /etc/ldap/slapd_new.d/ 2>&1 \ + | grep -v "none elapsed\|Closing DB" || true + # Actual validation (-Q is for quiet, -u is for dry-run) + slaptest -Q -u -F /etc/ldap/slapd_new.d - # "Commit" / apply the new config (meaning we delete the old one and replace - # it with the new one) - rm -Rf /etc/ldap/slapd.d - mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d + # "Commit" / apply the new config (meaning we delete the old one and replace + # it with the new one) + rm -Rf /etc/ldap/slapd.d + mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d - chown -R openldap:openldap /etc/ldap/slapd.d/ + chown -R openldap:openldap /etc/ldap/slapd.d/ } do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - # remove temporary backup file - rm -f "$tmp_backup_dir_file" + # remove temporary backup file + rm -f "$tmp_backup_dir_file" - # Define if we need to migrate from hdb to mdb - curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}') - if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] && \ - [ $curr_backend != 'mdb' ]; then - backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)" - mkdir -p "$backup_dir" - slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" - echo "$backup_dir" > "$tmp_backup_dir_file" - fi + # Define if we need to migrate from hdb to mdb + curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}') + if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] \ + && [ $curr_backend != 'mdb' ]; then + backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)" + mkdir -p "$backup_dir" + slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" + echo "$backup_dir" >"$tmp_backup_dir_file" + fi - # create needed directories - ldap_dir="${pending_dir}/etc/ldap" - schema_dir="${ldap_dir}/schema" - mkdir -p "$ldap_dir" "$schema_dir" + # create needed directories + ldap_dir="${pending_dir}/etc/ldap" + schema_dir="${ldap_dir}/schema" + mkdir -p "$ldap_dir" "$schema_dir" - # remove legacy configuration file - [ ! -f /etc/ldap/slapd-yuno.conf ] || touch "${ldap_dir}/slapd-yuno.conf" - [ ! -f /etc/ldap/slapd.conf ] || touch "${ldap_dir}/slapd.conf" - [ ! -f /etc/ldap/schema/yunohost.schema ] || touch "${schema_dir}/yunohost.schema" + # remove legacy configuration file + [ ! -f /etc/ldap/slapd-yuno.conf ] || touch "${ldap_dir}/slapd-yuno.conf" + [ ! -f /etc/ldap/slapd.conf ] || touch "${ldap_dir}/slapd.conf" + [ ! -f /etc/ldap/schema/yunohost.schema ] || touch "${schema_dir}/yunohost.schema" - cd /usr/share/yunohost/templates/slapd + cd /usr/share/yunohost/templates/slapd - # copy configuration files - cp -a ldap.conf "$ldap_dir" - cp -a sudo.ldif mailserver.ldif permission.ldif "$schema_dir" + # copy configuration files + cp -a ldap.conf "$ldap_dir" + cp -a sudo.ldif mailserver.ldif permission.ldif "$schema_dir" - mkdir -p ${pending_dir}/etc/systemd/system/slapd.service.d/ - cp systemd-override.conf ${pending_dir}/etc/systemd/system/slapd.service.d/ynh-override.conf + mkdir -p ${pending_dir}/etc/systemd/system/slapd.service.d/ + cp systemd-override.conf ${pending_dir}/etc/systemd/system/slapd.service.d/ynh-override.conf - install -D -m 644 slapd.default "${pending_dir}/etc/default/slapd" + install -D -m 644 slapd.default "${pending_dir}/etc/default/slapd" } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - # fix some permissions - echo "Enforce permissions on ldap/slapd directories and certs ..." - # penldap user should be in the ssl-cert group to let it access the certificate for TLS - usermod -aG ssl-cert openldap - chown -R openldap:openldap /etc/ldap/schema/ - chown -R openldap:openldap /etc/ldap/slapd.d/ + # fix some permissions + echo "Enforce permissions on ldap/slapd directories and certs ..." + # penldap user should be in the ssl-cert group to let it access the certificate for TLS + usermod -aG ssl-cert openldap + chown -R openldap:openldap /etc/ldap/schema/ + chown -R openldap:openldap /etc/ldap/slapd.d/ - # If we changed the systemd ynh-override conf - if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$" - then - systemctl daemon-reload - systemctl restart slapd - sleep 3 - fi + # If we changed the systemd ynh-override conf + if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$"; then + systemctl daemon-reload + systemctl restart slapd + sleep 3 + fi - # For some reason, old setups don't have the admins group defined... - if ! slapcat | grep -q 'cn=admins,ou=groups,dc=yunohost,dc=org' - then - slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org <<< \ -"dn: cn=admins,ou=groups,dc=yunohost,dc=org + # For some reason, old setups don't have the admins group defined... + if ! slapcat | grep -q 'cn=admins,ou=groups,dc=yunohost,dc=org'; then + slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org <<< \ + "dn: cn=admins,ou=groups,dc=yunohost,dc=org cn: admins gidNumber: 4001 memberUid: admin objectClass: posixGroup objectClass: top" - chown -R openldap: /var/lib/ldap - systemctl restart slapd - nscd -i group - fi + chown -R openldap: /var/lib/ldap + systemctl restart slapd + nscd -i group + fi - [ -z "$regen_conf_files" ] && exit 0 + [ -z "$regen_conf_files" ] && exit 0 - # regenerate LDAP config directory from slapd.conf - echo "Regenerate LDAP config directory from config.ldif" - _regenerate_slapd_conf + # regenerate LDAP config directory from slapd.conf + echo "Regenerate LDAP config directory from config.ldif" + _regenerate_slapd_conf - # If there's a backup, re-import its data - backup_dir=$(cat "$tmp_backup_dir_file" 2>/dev/null || true) - if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then - # regenerate LDAP config directory and import database as root - echo "Import the database using slapadd" - slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" - chown -R openldap:openldap /var/lib/ldap 2>&1 - fi + # If there's a backup, re-import its data + backup_dir=$(cat "$tmp_backup_dir_file" 2>/dev/null || true) + if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then + # regenerate LDAP config directory and import database as root + echo "Import the database using slapadd" + slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" + chown -R openldap:openldap /var/lib/ldap 2>&1 + fi - echo "Running slapdindex" - su openldap -s "/bin/bash" -c "/usr/sbin/slapindex" + echo "Running slapdindex" + su openldap -s "/bin/bash" -c "/usr/sbin/slapindex" - echo "Reloading slapd" - systemctl force-reload slapd + echo "Reloading slapd" + systemctl force-reload slapd - # on slow hardware/vm this regen conf would exit before the admin user that - # is stored in ldap is available because ldap seems to slow to restart - # so we'll wait either until we are able to log as admin or until a timeout - # is reached - # we need to do this because the next hooks executed after this one during - # postinstall requires to run as admin thus breaking postinstall on slow - # hardware which mean yunohost can't be correctly installed on those hardware - # and this sucks - # wait a maximum time of 5 minutes - # yes, force-reload behave like a restart - number_of_wait=0 - while ! su admin -c '' && ((number_of_wait < 60)) - do - sleep 5 - ((number_of_wait += 1)) - done + # on slow hardware/vm this regen conf would exit before the admin user that + # is stored in ldap is available because ldap seems to slow to restart + # so we'll wait either until we are able to log as admin or until a timeout + # is reached + # we need to do this because the next hooks executed after this one during + # postinstall requires to run as admin thus breaking postinstall on slow + # hardware which mean yunohost can't be correctly installed on those hardware + # and this sucks + # wait a maximum time of 5 minutes + # yes, force-reload behave like a restart + number_of_wait=0 + while ! su admin -c '' && ((number_of_wait < 60)); do + sleep 5 + ((number_of_wait += 1)) + done } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/09-nslcd b/data/hooks/conf_regen/09-nslcd index cefd05cd3..ff1c05433 100755 --- a/data/hooks/conf_regen/09-nslcd +++ b/data/hooks/conf_regen/09-nslcd @@ -3,23 +3,23 @@ set -e do_init_regen() { - do_pre_regen "" - systemctl restart nslcd + do_pre_regen "" + systemctl restart nslcd } do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/nslcd + cd /usr/share/yunohost/templates/nslcd - install -D -m 644 nslcd.conf "${pending_dir}/etc/nslcd.conf" + install -D -m 644 nslcd.conf "${pending_dir}/etc/nslcd.conf" } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - [[ -z "$regen_conf_files" ]] \ - || systemctl restart nslcd + [[ -z "$regen_conf_files" ]] \ + || systemctl restart nslcd } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/10-apt b/data/hooks/conf_regen/10-apt index 1c80b6706..da0620e59 100755 --- a/data/hooks/conf_regen/10-apt +++ b/data/hooks/conf_regen/10-apt @@ -8,15 +8,14 @@ do_pre_regen() { mkdir --parents "${pending_dir}/etc/apt/preferences.d" packages_to_refuse_from_sury="php php-fpm php-mysql php-xml php-zip php-mbstring php-ldap php-gd php-curl php-bz2 php-json php-sqlite3 php-intl openssl libssl1.1 libssl-dev" - for package in $packages_to_refuse_from_sury - do + for package in $packages_to_refuse_from_sury; do echo " Package: $package Pin: origin \"packages.sury.org\" -Pin-Priority: -1" >> "${pending_dir}/etc/apt/preferences.d/extra_php_version" +Pin-Priority: -1" >>"${pending_dir}/etc/apt/preferences.d/extra_php_version" done - echo " + echo " # PLEASE READ THIS WARNING AND DON'T EDIT THIS FILE @@ -43,15 +42,15 @@ Pin-Priority: -1 Package: bind9 Pin: release * Pin-Priority: -1 -" >> "${pending_dir}/etc/apt/preferences.d/ban_packages" +" >>"${pending_dir}/etc/apt/preferences.d/ban_packages" } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - # Make sure php7.3 is the default version when using php in cli - update-alternatives --set php /usr/bin/php7.3 + # Make sure php7.3 is the default version when using php in cli + update-alternatives --set php /usr/bin/php7.3 } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/12-metronome b/data/hooks/conf_regen/12-metronome index ab9fca173..5dfa7b5dc 100755 --- a/data/hooks/conf_regen/12-metronome +++ b/data/hooks/conf_regen/12-metronome @@ -3,71 +3,71 @@ set -e do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/metronome + cd /usr/share/yunohost/templates/metronome - # create directories for pending conf - metronome_dir="${pending_dir}/etc/metronome" - metronome_conf_dir="${metronome_dir}/conf.d" - mkdir -p "$metronome_conf_dir" + # create directories for pending conf + metronome_dir="${pending_dir}/etc/metronome" + metronome_conf_dir="${metronome_dir}/conf.d" + mkdir -p "$metronome_conf_dir" - # retrieve variables - main_domain=$(cat /etc/yunohost/current_host) + # retrieve variables + main_domain=$(cat /etc/yunohost/current_host) - # install main conf file - cat metronome.cfg.lua \ - | sed "s/{{ main_domain }}/${main_domain}/g" \ - > "${metronome_dir}/metronome.cfg.lua" + # install main conf file + cat metronome.cfg.lua \ + | sed "s/{{ main_domain }}/${main_domain}/g" \ + >"${metronome_dir}/metronome.cfg.lua" - # add domain conf files - for domain in $YNH_DOMAINS; do - cat domain.tpl.cfg.lua \ - | sed "s/{{ domain }}/${domain}/g" \ - > "${metronome_conf_dir}/${domain}.cfg.lua" - done + # add domain conf files + for domain in $YNH_DOMAINS; do + cat domain.tpl.cfg.lua \ + | sed "s/{{ domain }}/${domain}/g" \ + >"${metronome_conf_dir}/${domain}.cfg.lua" + done - # remove old domain conf files - conf_files=$(ls -1 /etc/metronome/conf.d \ - | awk '/^[^\.]+\.[^\.]+.*\.cfg\.lua$/ { print $1 }') - for file in $conf_files; do - domain=${file%.cfg.lua} - [[ $YNH_DOMAINS =~ $domain ]] \ - || touch "${metronome_conf_dir}/${file}" - done + # remove old domain conf files + conf_files=$(ls -1 /etc/metronome/conf.d \ + | awk '/^[^\.]+\.[^\.]+.*\.cfg\.lua$/ { print $1 }') + for file in $conf_files; do + domain=${file%.cfg.lua} + [[ $YNH_DOMAINS =~ $domain ]] \ + || touch "${metronome_conf_dir}/${file}" + done } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - # retrieve variables - main_domain=$(cat /etc/yunohost/current_host) - - # FIXME : small optimization to do to avoid calling a yunohost command ... - # maybe another env variable like YNH_MAIN_DOMAINS idk - domain_list=$(yunohost domain list --exclude-subdomains --output-as plain --quiet) + # retrieve variables + main_domain=$(cat /etc/yunohost/current_host) - # create metronome directories for domains - for domain in $domain_list; do - mkdir -p "/var/lib/metronome/${domain//./%2e}/pep" - # http_upload directory must be writable by metronome and readable by nginx - mkdir -p "/var/xmpp-upload/${domain}/upload" - # sgid bit allows that file created in that dir will be owned by www-data - # despite the fact that metronome ain't in the www-data group - chmod g+s "/var/xmpp-upload/${domain}/upload" - done + # FIXME : small optimization to do to avoid calling a yunohost command ... + # maybe another env variable like YNH_MAIN_DOMAINS idk + domain_list=$(yunohost domain list --exclude-subdomains --output-as plain --quiet) - # fix some permissions - [ ! -e '/var/xmpp-upload' ] || chown -R metronome:www-data "/var/xmpp-upload/" - [ ! -e '/var/xmpp-upload' ] || chmod 750 "/var/xmpp-upload/" + # create metronome directories for domains + for domain in $domain_list; do + mkdir -p "/var/lib/metronome/${domain//./%2e}/pep" + # http_upload directory must be writable by metronome and readable by nginx + mkdir -p "/var/xmpp-upload/${domain}/upload" + # sgid bit allows that file created in that dir will be owned by www-data + # despite the fact that metronome ain't in the www-data group + chmod g+s "/var/xmpp-upload/${domain}/upload" + done - # metronome should be in ssl-cert group to let it access SSL certificates - usermod -aG ssl-cert metronome - chown -R metronome: /var/lib/metronome/ - chown -R metronome: /etc/metronome/conf.d/ + # fix some permissions + [ ! -e '/var/xmpp-upload' ] || chown -R metronome:www-data "/var/xmpp-upload/" + [ ! -e '/var/xmpp-upload' ] || chmod 750 "/var/xmpp-upload/" - [[ -z "$regen_conf_files" ]] \ - || systemctl restart metronome + # metronome should be in ssl-cert group to let it access SSL certificates + usermod -aG ssl-cert metronome + chown -R metronome: /var/lib/metronome/ + chown -R metronome: /etc/metronome/conf.d/ + + [[ -z "$regen_conf_files" ]] \ + || systemctl restart metronome } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/15-nginx b/data/hooks/conf_regen/15-nginx index c158ecd09..dd47651e8 100755 --- a/data/hooks/conf_regen/15-nginx +++ b/data/hooks/conf_regen/15-nginx @@ -5,148 +5,156 @@ set -e . /usr/share/yunohost/helpers do_init_regen() { - if [[ $EUID -ne 0 ]]; then - echo "You must be root to run this script" 1>&2 - exit 1 - fi + if [[ $EUID -ne 0 ]]; then + echo "You must be root to run this script" 1>&2 + exit 1 + fi - cd /usr/share/yunohost/templates/nginx + cd /usr/share/yunohost/templates/nginx - nginx_dir="/etc/nginx" - nginx_conf_dir="${nginx_dir}/conf.d" - mkdir -p "$nginx_conf_dir" + nginx_dir="/etc/nginx" + nginx_conf_dir="${nginx_dir}/conf.d" + mkdir -p "$nginx_conf_dir" - # install plain conf files - cp plain/* "$nginx_conf_dir" + # install plain conf files + cp plain/* "$nginx_conf_dir" - # probably run with init: just disable default site, restart NGINX and exit - rm -f "${nginx_dir}/sites-enabled/default" + # probably run with init: just disable default site, restart NGINX and exit + rm -f "${nginx_dir}/sites-enabled/default" - export compatibility="intermediate" - ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" - ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" - ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" - ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" + export compatibility="intermediate" + ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" + ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" + ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" + ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" - mkdir -p $nginx_conf_dir/default.d/ - cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/ + mkdir -p $nginx_conf_dir/default.d/ + cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/ - # Restart nginx if conf looks good, otherwise display error and exit unhappy - nginx -t 2>/dev/null || { nginx -t; exit 1; } - systemctl restart nginx || { journalctl --no-pager --lines=10 -u nginx >&2; exit 1; } + # Restart nginx if conf looks good, otherwise display error and exit unhappy + nginx -t 2>/dev/null || { + nginx -t + exit 1 + } + systemctl restart nginx || { + journalctl --no-pager --lines=10 -u nginx >&2 + exit 1 + } - exit 0 + exit 0 } do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/nginx + cd /usr/share/yunohost/templates/nginx - nginx_dir="${pending_dir}/etc/nginx" - nginx_conf_dir="${nginx_dir}/conf.d" - mkdir -p "$nginx_conf_dir" + nginx_dir="${pending_dir}/etc/nginx" + nginx_conf_dir="${nginx_dir}/conf.d" + mkdir -p "$nginx_conf_dir" - # install / update plain conf files - cp plain/* "$nginx_conf_dir" - # remove the panel overlay if this is specified in settings - panel_overlay=$(yunohost settings get 'ssowat.panel_overlay.enabled') - if [ "$panel_overlay" == "false" ] || [ "$panel_overlay" == "False" ] - then - echo "#" > "${nginx_conf_dir}/yunohost_panel.conf.inc" - fi + # install / update plain conf files + cp plain/* "$nginx_conf_dir" + # remove the panel overlay if this is specified in settings + panel_overlay=$(yunohost settings get 'ssowat.panel_overlay.enabled') + if [ "$panel_overlay" == "false" ] || [ "$panel_overlay" == "False" ]; then + echo "#" >"${nginx_conf_dir}/yunohost_panel.conf.inc" + fi - # retrieve variables - main_domain=$(cat /etc/yunohost/current_host) + # retrieve variables + main_domain=$(cat /etc/yunohost/current_host) - # Support different strategy for security configurations - export redirect_to_https="$(yunohost settings get 'security.nginx.redirect_to_https')" - export compatibility="$(yunohost settings get 'security.nginx.compatibility')" - export experimental="$(yunohost settings get 'security.experimental.enabled')" - ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" + # Support different strategy for security configurations + export redirect_to_https="$(yunohost settings get 'security.nginx.redirect_to_https')" + export compatibility="$(yunohost settings get 'security.nginx.compatibility')" + export experimental="$(yunohost settings get 'security.experimental.enabled')" + ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" - cert_status=$(yunohost domain cert status --json) + cert_status=$(yunohost domain cert status --json) - # add domain conf files - for domain in $YNH_DOMAINS; do - domain_conf_dir="${nginx_conf_dir}/${domain}.d" - mkdir -p "$domain_conf_dir" - mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/" - mkdir -p "$mail_autoconfig_dir" + # add domain conf files + for domain in $YNH_DOMAINS; do + domain_conf_dir="${nginx_conf_dir}/${domain}.d" + mkdir -p "$domain_conf_dir" + mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/" + mkdir -p "$mail_autoconfig_dir" - # NGINX server configuration - export domain - export domain_cert_ca=$(echo $cert_status \ - | jq ".certificates.\"$domain\".CA_type" \ - | tr -d '"') + # NGINX server configuration + export domain + export domain_cert_ca=$(echo $cert_status \ + | jq ".certificates.\"$domain\".CA_type" \ + | tr -d '"') - ynh_render_template "server.tpl.conf" "${nginx_conf_dir}/${domain}.conf" - ynh_render_template "autoconfig.tpl.xml" "${mail_autoconfig_dir}/config-v1.1.xml" + ynh_render_template "server.tpl.conf" "${nginx_conf_dir}/${domain}.conf" + ynh_render_template "autoconfig.tpl.xml" "${mail_autoconfig_dir}/config-v1.1.xml" - touch "${domain_conf_dir}/yunohost_local.conf" # Clean legacy conf files + touch "${domain_conf_dir}/yunohost_local.conf" # Clean legacy conf files - done + done - export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.allowlist.enabled) - if [ "$webadmin_allowlist_enabled" == "True" ] - then - export webadmin_allowlist=$(yunohost settings get security.webadmin.allowlist) - fi - ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" - ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" - ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" - mkdir -p $nginx_conf_dir/default.d/ - cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/ + export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.allowlist.enabled) + if [ "$webadmin_allowlist_enabled" == "True" ]; then + export webadmin_allowlist=$(yunohost settings get security.webadmin.allowlist) + fi + ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" + ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" + ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" + mkdir -p $nginx_conf_dir/default.d/ + cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/ - # remove old domain conf files - conf_files=$(ls -1 /etc/nginx/conf.d \ - | awk '/^[^\.]+\.[^\.]+.*\.conf$/ { print $1 }') - for file in $conf_files; do - domain=${file%.conf} - [[ $YNH_DOMAINS =~ $domain ]] \ - || touch "${nginx_conf_dir}/${file}" - done + # remove old domain conf files + conf_files=$(ls -1 /etc/nginx/conf.d \ + | awk '/^[^\.]+\.[^\.]+.*\.conf$/ { print $1 }') + for file in $conf_files; do + domain=${file%.conf} + [[ $YNH_DOMAINS =~ $domain ]] \ + || touch "${nginx_conf_dir}/${file}" + done - # remove old mail-autoconfig files - autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true) - for file in $autoconfig_files; do - domain=$(basename $(readlink -f $(dirname $file)/../..)) - [[ $YNH_DOMAINS =~ $domain ]] \ - || (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}") - done + # remove old mail-autoconfig files + autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true) + for file in $autoconfig_files; do + domain=$(basename $(readlink -f $(dirname $file)/../..)) + [[ $YNH_DOMAINS =~ $domain ]] \ + || (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}") + done - # disable default site - mkdir -p "${nginx_dir}/sites-enabled" - touch "${nginx_dir}/sites-enabled/default" + # disable default site + mkdir -p "${nginx_dir}/sites-enabled" + touch "${nginx_dir}/sites-enabled/default" } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - [ -z "$regen_conf_files" ] && exit 0 + [ -z "$regen_conf_files" ] && exit 0 - # create NGINX conf directories for domains - for domain in $YNH_DOMAINS; do - mkdir -p "/etc/nginx/conf.d/${domain}.d" - done + # create NGINX conf directories for domains + for domain in $YNH_DOMAINS; do + mkdir -p "/etc/nginx/conf.d/${domain}.d" + done - # Get rid of legacy lets encrypt snippets - for domain in $YNH_DOMAINS; do - # If the legacy letsencrypt / acme-challenge domain-specific snippet is still there - if [ -e /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf ] - then - # And if we're effectively including the new domain-independant snippet now - if grep -q "include /etc/nginx/conf.d/acme-challenge.conf.inc;" /etc/nginx/conf.d/${domain}.conf - then - # Delete the old domain-specific snippet - rm /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf - fi - fi - done + # Get rid of legacy lets encrypt snippets + for domain in $YNH_DOMAINS; do + # If the legacy letsencrypt / acme-challenge domain-specific snippet is still there + if [ -e /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf ]; then + # And if we're effectively including the new domain-independant snippet now + if grep -q "include /etc/nginx/conf.d/acme-challenge.conf.inc;" /etc/nginx/conf.d/${domain}.conf; then + # Delete the old domain-specific snippet + rm /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf + fi + fi + done - # Reload nginx if conf looks good, otherwise display error and exit unhappy - nginx -t 2>/dev/null || { nginx -t; exit 1; } - pgrep nginx && systemctl reload nginx || { journalctl --no-pager --lines=10 -u nginx >&2; exit 1; } + # Reload nginx if conf looks good, otherwise display error and exit unhappy + nginx -t 2>/dev/null || { + nginx -t + exit 1 + } + pgrep nginx && systemctl reload nginx || { + journalctl --no-pager --lines=10 -u nginx >&2 + exit 1 + } } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/19-postfix b/data/hooks/conf_regen/19-postfix index c569e1ca1..7865cd312 100755 --- a/data/hooks/conf_regen/19-postfix +++ b/data/hooks/conf_regen/19-postfix @@ -5,78 +5,76 @@ set -e . /usr/share/yunohost/helpers do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/postfix + cd /usr/share/yunohost/templates/postfix - postfix_dir="${pending_dir}/etc/postfix" - mkdir -p "$postfix_dir" + postfix_dir="${pending_dir}/etc/postfix" + mkdir -p "$postfix_dir" - default_dir="${pending_dir}/etc/default/" - mkdir -p "$default_dir" + default_dir="${pending_dir}/etc/default/" + mkdir -p "$default_dir" - # install plain conf files - cp plain/* "$postfix_dir" + # install plain conf files + cp plain/* "$postfix_dir" - # prepare main.cf conf file - main_domain=$(cat /etc/yunohost/current_host) + # prepare main.cf conf file + main_domain=$(cat /etc/yunohost/current_host) - # Support different strategy for security configurations - export compatibility="$(yunohost settings get 'security.postfix.compatibility')" - - # Add possibility to specify a relay - # Could be useful with some isp with no 25 port open or more complex setup - export relay_port="" - export relay_user="" - export relay_host="$(yunohost settings get 'smtp.relay.host')" - if [ -n "${relay_host}" ] - then - relay_port="$(yunohost settings get 'smtp.relay.port')" - relay_user="$(yunohost settings get 'smtp.relay.user')" - relay_password="$(yunohost settings get 'smtp.relay.password')" - - # Avoid to display "Relay account paswword" to other users - touch ${postfix_dir}/sasl_passwd - chmod 750 ${postfix_dir}/sasl_passwd - # Avoid "postmap: warning: removing zero-length database file" - chown postfix ${pending_dir}/etc/postfix - chown postfix ${pending_dir}/etc/postfix/sasl_passwd + # Support different strategy for security configurations + export compatibility="$(yunohost settings get 'security.postfix.compatibility')" - cat <<< "[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" > ${postfix_dir}/sasl_passwd - postmap ${postfix_dir}/sasl_passwd - fi - export main_domain - export domain_list="$YNH_DOMAINS" - ynh_render_template "main.cf" "${postfix_dir}/main.cf" + # Add possibility to specify a relay + # Could be useful with some isp with no 25 port open or more complex setup + export relay_port="" + export relay_user="" + export relay_host="$(yunohost settings get 'smtp.relay.host')" + if [ -n "${relay_host}" ]; then + relay_port="$(yunohost settings get 'smtp.relay.port')" + relay_user="$(yunohost settings get 'smtp.relay.user')" + relay_password="$(yunohost settings get 'smtp.relay.password')" - cat postsrsd \ - | sed "s/{{ main_domain }}/${main_domain}/g" \ - | sed "s/{{ domain_list }}/${YNH_DOMAINS}/g" \ - > "${default_dir}/postsrsd" + # Avoid to display "Relay account paswword" to other users + touch ${postfix_dir}/sasl_passwd + chmod 750 ${postfix_dir}/sasl_passwd + # Avoid "postmap: warning: removing zero-length database file" + chown postfix ${pending_dir}/etc/postfix + chown postfix ${pending_dir}/etc/postfix/sasl_passwd - # adapt it for IPv4-only hosts - ipv6="$(yunohost settings get 'smtp.allow_ipv6')" - if [ "$ipv6" == "False" ] || [ ! -f /proc/net/if_inet6 ]; then - sed -i \ - 's/ \[::ffff:127.0.0.0\]\/104 \[::1\]\/128//g' \ - "${postfix_dir}/main.cf" - sed -i \ - 's/inet_interfaces = all/&\ninet_protocols = ipv4/' \ - "${postfix_dir}/main.cf" - fi + cat <<<"[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" >${postfix_dir}/sasl_passwd + postmap ${postfix_dir}/sasl_passwd + fi + export main_domain + export domain_list="$YNH_DOMAINS" + ynh_render_template "main.cf" "${postfix_dir}/main.cf" + + cat postsrsd \ + | sed "s/{{ main_domain }}/${main_domain}/g" \ + | sed "s/{{ domain_list }}/${YNH_DOMAINS}/g" \ + >"${default_dir}/postsrsd" + + # adapt it for IPv4-only hosts + ipv6="$(yunohost settings get 'smtp.allow_ipv6')" + if [ "$ipv6" == "False" ] || [ ! -f /proc/net/if_inet6 ]; then + sed -i \ + 's/ \[::ffff:127.0.0.0\]\/104 \[::1\]\/128//g' \ + "${postfix_dir}/main.cf" + sed -i \ + 's/inet_interfaces = all/&\ninet_protocols = ipv4/' \ + "${postfix_dir}/main.cf" + fi } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - if [ -e /etc/postfix/sasl_passwd ] - then - chmod 750 /etc/postfix/sasl_passwd* - chown postfix:root /etc/postfix/sasl_passwd* - fi + if [ -e /etc/postfix/sasl_passwd ]; then + chmod 750 /etc/postfix/sasl_passwd* + chown postfix:root /etc/postfix/sasl_passwd* + fi - [[ -z "$regen_conf_files" ]] \ - || { systemctl restart postfix && systemctl restart postsrsd; } + [[ -z "$regen_conf_files" ]] \ + || { systemctl restart postfix && systemctl restart postsrsd; } } diff --git a/data/hooks/conf_regen/25-dovecot b/data/hooks/conf_regen/25-dovecot index a0663a4a6..e95816604 100755 --- a/data/hooks/conf_regen/25-dovecot +++ b/data/hooks/conf_regen/25-dovecot @@ -5,62 +5,62 @@ set -e . /usr/share/yunohost/helpers do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/dovecot + cd /usr/share/yunohost/templates/dovecot - dovecot_dir="${pending_dir}/etc/dovecot" - mkdir -p "${dovecot_dir}/global_script" + dovecot_dir="${pending_dir}/etc/dovecot" + mkdir -p "${dovecot_dir}/global_script" - # copy simple conf files - cp dovecot-ldap.conf "${dovecot_dir}/dovecot-ldap.conf" - cp dovecot.sieve "${dovecot_dir}/global_script/dovecot.sieve" + # copy simple conf files + cp dovecot-ldap.conf "${dovecot_dir}/dovecot-ldap.conf" + cp dovecot.sieve "${dovecot_dir}/global_script/dovecot.sieve" - export pop3_enabled="$(yunohost settings get 'pop3.enabled')" - export main_domain=$(cat /etc/yunohost/current_host) + export pop3_enabled="$(yunohost settings get 'pop3.enabled')" + export main_domain=$(cat /etc/yunohost/current_host) - ynh_render_template "dovecot.conf" "${dovecot_dir}/dovecot.conf" + ynh_render_template "dovecot.conf" "${dovecot_dir}/dovecot.conf" - # adapt it for IPv4-only hosts - if [ ! -f /proc/net/if_inet6 ]; then - sed -i \ - 's/^\(listen =\).*/\1 */' \ - "${dovecot_dir}/dovecot.conf" - fi + # adapt it for IPv4-only hosts + if [ ! -f /proc/net/if_inet6 ]; then + sed -i \ + 's/^\(listen =\).*/\1 */' \ + "${dovecot_dir}/dovecot.conf" + fi - mkdir -p "${dovecot_dir}/yunohost.d" - cp pre-ext.conf "${dovecot_dir}/yunohost.d" - cp post-ext.conf "${dovecot_dir}/yunohost.d" + mkdir -p "${dovecot_dir}/yunohost.d" + cp pre-ext.conf "${dovecot_dir}/yunohost.d" + cp post-ext.conf "${dovecot_dir}/yunohost.d" } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - mkdir -p "/etc/dovecot/yunohost.d/pre-ext.d" - mkdir -p "/etc/dovecot/yunohost.d/post-ext.d" + mkdir -p "/etc/dovecot/yunohost.d/pre-ext.d" + mkdir -p "/etc/dovecot/yunohost.d/post-ext.d" - # create vmail user - id vmail > /dev/null 2>&1 \ - || adduser --system --ingroup mail --uid 500 vmail --home /var/vmail --no-create-home + # create vmail user + id vmail >/dev/null 2>&1 \ + || adduser --system --ingroup mail --uid 500 vmail --home /var/vmail --no-create-home - # Delete legacy home for vmail that existed in the past but was empty, poluting /home/ - [ ! -e /home/vmail ] || rmdir --ignore-fail-on-non-empty /home/vmail + # Delete legacy home for vmail that existed in the past but was empty, poluting /home/ + [ ! -e /home/vmail ] || rmdir --ignore-fail-on-non-empty /home/vmail - # fix permissions - chown -R vmail:mail /etc/dovecot/global_script - chmod 770 /etc/dovecot/global_script - chown root:mail /var/mail - chmod 1775 /var/mail - - [ -z "$regen_conf_files" ] && exit 0 - - # compile sieve script - [[ "$regen_conf_files" =~ dovecot\.sieve ]] && { - sievec /etc/dovecot/global_script/dovecot.sieve + # fix permissions chown -R vmail:mail /etc/dovecot/global_script - } + chmod 770 /etc/dovecot/global_script + chown root:mail /var/mail + chmod 1775 /var/mail - systemctl restart dovecot + [ -z "$regen_conf_files" ] && exit 0 + + # compile sieve script + [[ "$regen_conf_files" =~ dovecot\.sieve ]] && { + sievec /etc/dovecot/global_script/dovecot.sieve + chown -R vmail:mail /etc/dovecot/global_script + } + + systemctl restart dovecot } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/31-rspamd b/data/hooks/conf_regen/31-rspamd index da9b35dfe..72a35fdcc 100755 --- a/data/hooks/conf_regen/31-rspamd +++ b/data/hooks/conf_regen/31-rspamd @@ -3,60 +3,60 @@ set -e do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/rspamd + cd /usr/share/yunohost/templates/rspamd - install -D -m 644 metrics.local.conf \ - "${pending_dir}/etc/rspamd/local.d/metrics.conf" - install -D -m 644 dkim_signing.conf \ - "${pending_dir}/etc/rspamd/local.d/dkim_signing.conf" - install -D -m 644 rspamd.sieve \ - "${pending_dir}/etc/dovecot/global_script/rspamd.sieve" + install -D -m 644 metrics.local.conf \ + "${pending_dir}/etc/rspamd/local.d/metrics.conf" + install -D -m 644 dkim_signing.conf \ + "${pending_dir}/etc/rspamd/local.d/dkim_signing.conf" + install -D -m 644 rspamd.sieve \ + "${pending_dir}/etc/dovecot/global_script/rspamd.sieve" } do_post_regen() { - ## - ## DKIM key generation - ## + ## + ## DKIM key generation + ## - # create DKIM directory with proper permission - mkdir -p /etc/dkim - chown _rspamd /etc/dkim + # create DKIM directory with proper permission + mkdir -p /etc/dkim + chown _rspamd /etc/dkim - # create DKIM key for domains - for domain in $YNH_DOMAINS; do - domain_key="/etc/dkim/${domain}.mail.key" - [ ! -f "$domain_key" ] && { - # We use a 1024 bit size because nsupdate doesn't seem to be able to - # handle 2048... - opendkim-genkey --domain="$domain" \ - --selector=mail --directory=/etc/dkim -b 1024 - mv /etc/dkim/mail.private "$domain_key" - mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt" + # create DKIM key for domains + for domain in $YNH_DOMAINS; do + domain_key="/etc/dkim/${domain}.mail.key" + [ ! -f "$domain_key" ] && { + # We use a 1024 bit size because nsupdate doesn't seem to be able to + # handle 2048... + opendkim-genkey --domain="$domain" \ + --selector=mail --directory=/etc/dkim -b 1024 + mv /etc/dkim/mail.private "$domain_key" + mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt" + } + done + + # fix DKIM keys permissions + chown _rspamd /etc/dkim/*.mail.key + chmod 400 /etc/dkim/*.mail.key + + [ ! -e /var/log/rspamd ] || chown -R _rspamd:_rspamd /var/log/rspamd + + regen_conf_files=$1 + [ -z "$regen_conf_files" ] && exit 0 + + # compile sieve script + [[ "$regen_conf_files" =~ rspamd\.sieve ]] && { + sievec /etc/dovecot/global_script/rspamd.sieve + chown -R vmail:mail /etc/dovecot/global_script + systemctl restart dovecot } - done - # fix DKIM keys permissions - chown _rspamd /etc/dkim/*.mail.key - chmod 400 /etc/dkim/*.mail.key - - [ ! -e /var/log/rspamd ] || chown -R _rspamd:_rspamd /var/log/rspamd - - regen_conf_files=$1 - [ -z "$regen_conf_files" ] && exit 0 - - # compile sieve script - [[ "$regen_conf_files" =~ rspamd\.sieve ]] && { - sievec /etc/dovecot/global_script/rspamd.sieve - chown -R vmail:mail /etc/dovecot/global_script - systemctl restart dovecot - } - - # Restart rspamd due to the upgrade - # https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html - systemctl -q restart rspamd.service + # Restart rspamd due to the upgrade + # https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html + systemctl -q restart rspamd.service } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/34-mysql b/data/hooks/conf_regen/34-mysql index 41afda110..8b4d59288 100755 --- a/data/hooks/conf_regen/34-mysql +++ b/data/hooks/conf_regen/34-mysql @@ -4,69 +4,65 @@ set -e . /usr/share/yunohost/helpers do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/mysql + cd /usr/share/yunohost/templates/mysql - install -D -m 644 my.cnf "${pending_dir}/etc/mysql/my.cnf" + install -D -m 644 my.cnf "${pending_dir}/etc/mysql/my.cnf" } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - if [[ ! -d /var/lib/mysql/mysql ]] - then - # dpkg-reconfigure will initialize mysql (if it ain't already) - # It enabled auth_socket for root, so no need to define any root password... - # c.f. : cat /var/lib/dpkg/info/mariadb-server-10.3.postinst | grep install_db -C3 - MYSQL_PKG="$(dpkg --list | sed -ne 's/^ii \(mariadb-server-[[:digit:].]\+\) .*$/\1/p')" - dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1 + if [[ ! -d /var/lib/mysql/mysql ]]; then + # dpkg-reconfigure will initialize mysql (if it ain't already) + # It enabled auth_socket for root, so no need to define any root password... + # c.f. : cat /var/lib/dpkg/info/mariadb-server-10.3.postinst | grep install_db -C3 + MYSQL_PKG="$(dpkg --list | sed -ne 's/^ii \(mariadb-server-[[:digit:].]\+\) .*$/\1/p')" + dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1 - systemctl -q is-active mariadb.service \ - || systemctl start mariadb + systemctl -q is-active mariadb.service \ + || systemctl start mariadb - sleep 5 + sleep 5 - echo "" | mysql && echo "Can't connect to mysql using unix_socket auth ... something went wrong during initial configuration of mysql !?" >&2 - fi + echo "" | mysql && echo "Can't connect to mysql using unix_socket auth ... something went wrong during initial configuration of mysql !?" >&2 + fi - # Legacy code to get rid of /etc/yunohost/mysql ... - # Nowadays, we can simply run mysql while being run as root of unix_socket/auth_socket is enabled... - if [ -f /etc/yunohost/mysql ]; then + # Legacy code to get rid of /etc/yunohost/mysql ... + # Nowadays, we can simply run mysql while being run as root of unix_socket/auth_socket is enabled... + if [ -f /etc/yunohost/mysql ]; then - # This is a trick to check if we're able to use mysql without password - # Expect instances installed in stretch to already have unix_socket - #configured, but not old instances from the jessie/wheezy era - if ! echo "" | mysql 2>/dev/null - then - password="$(cat /etc/yunohost/mysql)" - # Enable plugin unix_socket for root on localhost - mysql -u root -p"$password" <<< "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED WITH unix_socket WITH GRANT OPTION;" - fi + # This is a trick to check if we're able to use mysql without password + # Expect instances installed in stretch to already have unix_socket + #configured, but not old instances from the jessie/wheezy era + if ! echo "" | mysql 2>/dev/null; then + password="$(cat /etc/yunohost/mysql)" + # Enable plugin unix_socket for root on localhost + mysql -u root -p"$password" <<<"GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED WITH unix_socket WITH GRANT OPTION;" + fi - # If now we're able to login without password, drop the mysql password - if echo "" | mysql 2>/dev/null - then - rm /etc/yunohost/mysql - else - echo "Can't connect to mysql using unix_socket auth ... something went wrong while trying to get rid of mysql password !?" >&2 - fi - fi + # If now we're able to login without password, drop the mysql password + if echo "" | mysql 2>/dev/null; then + rm /etc/yunohost/mysql + else + echo "Can't connect to mysql using unix_socket auth ... something went wrong while trying to get rid of mysql password !?" >&2 + fi + fi - # mysql is supposed to be an alias to mariadb... but in some weird case is not - # c.f. https://forum.yunohost.org/t/mysql-ne-fonctionne-pas/11661 - # Playing with enable/disable allows to recreate the proper symlinks. - if [ ! -e /etc/systemd/system/mysql.service ] - then - systemctl stop mysql -q - systemctl disable mysql -q - systemctl disable mariadb -q - systemctl enable mariadb -q - systemctl is-active mariadb -q || systemctl start mariadb - fi + # mysql is supposed to be an alias to mariadb... but in some weird case is not + # c.f. https://forum.yunohost.org/t/mysql-ne-fonctionne-pas/11661 + # Playing with enable/disable allows to recreate the proper symlinks. + if [ ! -e /etc/systemd/system/mysql.service ]; then + systemctl stop mysql -q + systemctl disable mysql -q + systemctl disable mariadb -q + systemctl enable mariadb -q + systemctl is-active mariadb -q || systemctl start mariadb + fi - [[ -z "$regen_conf_files" ]] \ - || systemctl restart mysql + [[ -z "$regen_conf_files" ]] \ + || systemctl restart mysql } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/35-redis b/data/hooks/conf_regen/35-redis index da5eac4c9..ac486f373 100755 --- a/data/hooks/conf_regen/35-redis +++ b/data/hooks/conf_regen/35-redis @@ -1,13 +1,13 @@ #!/bin/bash do_pre_regen() { - : + : } do_post_regen() { - # Enforce these damn permissions because for some reason in some weird cases - # they are spontaneously replaced by root:root -_- - chown -R redis:adm /var/log/redis + # Enforce these damn permissions because for some reason in some weird cases + # they are spontaneously replaced by root:root -_- + chown -R redis:adm /var/log/redis } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/37-mdns b/data/hooks/conf_regen/37-mdns index b8112a6c1..8cb364084 100755 --- a/data/hooks/conf_regen/37-mdns +++ b/data/hooks/conf_regen/37-mdns @@ -3,55 +3,52 @@ set -e _generate_config() { - echo "domains:" - echo " - yunohost.local" - for domain in $YNH_DOMAINS - do - # Only keep .local domains (don't keep - [[ "$domain" =~ [^.]+\.[^.]+\.local$ ]] && echo "Subdomain $domain cannot be handled by Bonjour/Zeroconf/mDNS" >&2 - [[ "$domain" =~ ^[^.]+\.local$ ]] || continue - echo " - $domain" - done + echo "domains:" + echo " - yunohost.local" + for domain in $YNH_DOMAINS; do + # Only keep .local domains (don't keep + [[ "$domain" =~ [^.]+\.[^.]+\.local$ ]] && echo "Subdomain $domain cannot be handled by Bonjour/Zeroconf/mDNS" >&2 + [[ "$domain" =~ ^[^.]+\.local$ ]] || continue + echo " - $domain" + done } do_init_regen() { - do_pre_regen - do_post_regen /etc/systemd/system/yunomdns.service - systemctl enable yunomdns + do_pre_regen + do_post_regen /etc/systemd/system/yunomdns.service + systemctl enable yunomdns } do_pre_regen() { - pending_dir="$1" + pending_dir="$1" - cd /usr/share/yunohost/templates/mdns - mkdir -p ${pending_dir}/etc/systemd/system/ - cp yunomdns.service ${pending_dir}/etc/systemd/system/ + cd /usr/share/yunohost/templates/mdns + mkdir -p ${pending_dir}/etc/systemd/system/ + cp yunomdns.service ${pending_dir}/etc/systemd/system/ - getent passwd mdns &>/dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns + getent passwd mdns &>/dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns - mkdir -p ${pending_dir}/etc/yunohost - _generate_config > ${pending_dir}/etc/yunohost/mdns.yml + mkdir -p ${pending_dir}/etc/yunohost + _generate_config >${pending_dir}/etc/yunohost/mdns.yml } do_post_regen() { - regen_conf_files="$1" + regen_conf_files="$1" - chown mdns:mdns /etc/yunohost/mdns.yml + chown mdns:mdns /etc/yunohost/mdns.yml - # If we changed the systemd ynh-override conf - if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/yunomdns.service$" - then - systemctl daemon-reload - fi + # If we changed the systemd ynh-override conf + if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/yunomdns.service$"; then + systemctl daemon-reload + fi - # Legacy stuff to enable the new yunomdns service on legacy systems - if [[ -e /etc/avahi/avahi-daemon.conf ]] && grep -q 'yunohost' /etc/avahi/avahi-daemon.conf - then - systemctl enable yunomdns - fi + # Legacy stuff to enable the new yunomdns service on legacy systems + if [[ -e /etc/avahi/avahi-daemon.conf ]] && grep -q 'yunohost' /etc/avahi/avahi-daemon.conf; then + systemctl enable yunomdns + fi - [[ -z "$regen_conf_files" ]] \ - || systemctl restart yunomdns + [[ -z "$regen_conf_files" ]] \ + || systemctl restart yunomdns } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/43-dnsmasq b/data/hooks/conf_regen/43-dnsmasq index f3bed7b04..0c016bcb9 100755 --- a/data/hooks/conf_regen/43-dnsmasq +++ b/data/hooks/conf_regen/43-dnsmasq @@ -4,80 +4,77 @@ set -e . /usr/share/yunohost/helpers do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/dnsmasq + cd /usr/share/yunohost/templates/dnsmasq - # create directory for pending conf - dnsmasq_dir="${pending_dir}/etc/dnsmasq.d" - mkdir -p "$dnsmasq_dir" - etcdefault_dir="${pending_dir}/etc/default" - mkdir -p "$etcdefault_dir" + # create directory for pending conf + dnsmasq_dir="${pending_dir}/etc/dnsmasq.d" + mkdir -p "$dnsmasq_dir" + etcdefault_dir="${pending_dir}/etc/default" + mkdir -p "$etcdefault_dir" - # add general conf files - cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq - cp plain/dnsmasq.conf ${pending_dir}/etc/dnsmasq.conf + # add general conf files + cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq + cp plain/dnsmasq.conf ${pending_dir}/etc/dnsmasq.conf - # add resolver file - cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf > ${pending_dir}/etc/resolv.dnsmasq.conf + # add resolver file + cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf >${pending_dir}/etc/resolv.dnsmasq.conf - # retrieve variables - ipv4=$(curl -s -4 https://ip.yunohost.org 2>/dev/null || true) - ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1' - ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true) - ynh_validate_ip6 "$ipv6" || ipv6='' + # retrieve variables + ipv4=$(curl -s -4 https://ip.yunohost.org 2>/dev/null || true) + ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1' + ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true) + ynh_validate_ip6 "$ipv6" || ipv6='' - export ipv4 - export ipv6 + export ipv4 + export ipv6 - # add domain conf files - for domain in $YNH_DOMAINS; do - export domain - ynh_render_template "domain.tpl" "${dnsmasq_dir}/${domain}" - done + # add domain conf files + for domain in $YNH_DOMAINS; do + export domain + ynh_render_template "domain.tpl" "${dnsmasq_dir}/${domain}" + done - # remove old domain conf files - conf_files=$(ls -1 /etc/dnsmasq.d \ - | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }') - for domain in $conf_files; do - [[ $YNH_DOMAINS =~ $domain ]] \ - || touch "${dnsmasq_dir}/${domain}" - done + # remove old domain conf files + conf_files=$(ls -1 /etc/dnsmasq.d \ + | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }') + for domain in $conf_files; do + [[ $YNH_DOMAINS =~ $domain ]] \ + || touch "${dnsmasq_dir}/${domain}" + done } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - # Fuck it, those domain/search entries from dhclient are usually annoying - # lying shit from the ISP trying to MiTM - if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf - then - if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null - then - sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient - fi + # Fuck it, those domain/search entries from dhclient are usually annoying + # lying shit from the ISP trying to MiTM + if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf; then + if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null; then + sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient + fi - grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-name "";' >> /etc/dhcp/dhclient.conf - grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-search "";' >> /etc/dhcp/dhclient.conf - grep -q '^supersede name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede name "";' >> /etc/dhcp/dhclient.conf - systemctl restart resolvconf - fi + grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-name "";' >>/etc/dhcp/dhclient.conf + grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-search "";' >>/etc/dhcp/dhclient.conf + grep -q '^supersede name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede name "";' >>/etc/dhcp/dhclient.conf + systemctl restart resolvconf + fi - # Some stupid things like rabbitmq-server used by onlyoffice won't work if - # the *short* hostname doesn't exists in /etc/hosts -_- - short_hostname=$(hostname -s) - grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts + # Some stupid things like rabbitmq-server used by onlyoffice won't work if + # the *short* hostname doesn't exists in /etc/hosts -_- + short_hostname=$(hostname -s) + grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts - [[ -n "$regen_conf_files" ]] || return + [[ -n "$regen_conf_files" ]] || return - # Remove / disable services likely to conflict with dnsmasq - for SERVICE in systemd-resolved bind9 - do - systemctl is-enabled $SERVICE &>/dev/null && systemctl disable $SERVICE 2>/dev/null - systemctl is-active $SERVICE &>/dev/null && systemctl stop $SERVICE - done + # Remove / disable services likely to conflict with dnsmasq + for SERVICE in systemd-resolved bind9; do + systemctl is-enabled $SERVICE &>/dev/null && systemctl disable $SERVICE 2>/dev/null + systemctl is-active $SERVICE &>/dev/null && systemctl stop $SERVICE + done - systemctl restart dnsmasq + systemctl restart dnsmasq } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/46-nsswitch b/data/hooks/conf_regen/46-nsswitch index be5cb2b86..2c984a905 100755 --- a/data/hooks/conf_regen/46-nsswitch +++ b/data/hooks/conf_regen/46-nsswitch @@ -3,23 +3,23 @@ set -e do_init_regen() { - do_pre_regen "" - systemctl restart unscd + do_pre_regen "" + systemctl restart unscd } do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/nsswitch + cd /usr/share/yunohost/templates/nsswitch - install -D -m 644 nsswitch.conf "${pending_dir}/etc/nsswitch.conf" + install -D -m 644 nsswitch.conf "${pending_dir}/etc/nsswitch.conf" } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - [[ -z "$regen_conf_files" ]] \ - || systemctl restart unscd + [[ -z "$regen_conf_files" ]] \ + || systemctl restart unscd } do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/52-fail2ban b/data/hooks/conf_regen/52-fail2ban index 7aef72ebc..6cbebbfb1 100755 --- a/data/hooks/conf_regen/52-fail2ban +++ b/data/hooks/conf_regen/52-fail2ban @@ -5,26 +5,26 @@ set -e . /usr/share/yunohost/helpers do_pre_regen() { - pending_dir=$1 + pending_dir=$1 - cd /usr/share/yunohost/templates/fail2ban + cd /usr/share/yunohost/templates/fail2ban - fail2ban_dir="${pending_dir}/etc/fail2ban" - mkdir -p "${fail2ban_dir}/filter.d" - mkdir -p "${fail2ban_dir}/jail.d" + fail2ban_dir="${pending_dir}/etc/fail2ban" + mkdir -p "${fail2ban_dir}/filter.d" + mkdir -p "${fail2ban_dir}/jail.d" - cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf" - cp jail.conf "${fail2ban_dir}/jail.conf" + cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf" + cp jail.conf "${fail2ban_dir}/jail.conf" - export ssh_port="$(yunohost settings get 'security.ssh.port')" - ynh_render_template "yunohost-jails.conf" "${fail2ban_dir}/jail.d/yunohost-jails.conf" + export ssh_port="$(yunohost settings get 'security.ssh.port')" + ynh_render_template "yunohost-jails.conf" "${fail2ban_dir}/jail.d/yunohost-jails.conf" } do_post_regen() { - regen_conf_files=$1 + regen_conf_files=$1 - [[ -z "$regen_conf_files" ]] \ - || systemctl reload fail2ban + [[ -z "$regen_conf_files" ]] \ + || systemctl reload fail2ban } do_$1_regen ${@:2} diff --git a/data/hooks/post_user_create/ynh_multimedia b/data/hooks/post_user_create/ynh_multimedia index 26282cdc9..5b4b31b88 100644 --- a/data/hooks/post_user_create/ynh_multimedia +++ b/data/hooks/post_user_create/ynh_multimedia @@ -1,7 +1,7 @@ #!/bin/bash user=$1 - + readonly MEDIA_GROUP=multimedia readonly MEDIA_DIRECTORY=/home/yunohost.multimedia diff --git a/data/hooks/restore/05-conf_ldap b/data/hooks/restore/05-conf_ldap index c2debe018..a9eb10b1c 100644 --- a/data/hooks/restore/05-conf_ldap +++ b/data/hooks/restore/05-conf_ldap @@ -14,11 +14,11 @@ die() { # Restore saved configuration and database [[ $state -ge 1 ]] \ - && (rm -rf /etc/ldap/slapd.d && - mv "${TMPDIR}/slapd.d" /etc/ldap/slapd.d) + && (rm -rf /etc/ldap/slapd.d \ + && mv "${TMPDIR}/slapd.d" /etc/ldap/slapd.d) [[ $state -ge 2 ]] \ - && (rm -rf /var/lib/ldap && - mv "${TMPDIR}/ldap" /var/lib/ldap) + && (rm -rf /var/lib/ldap \ + && mv "${TMPDIR}/ldap" /var/lib/ldap) chown -R openldap: /etc/ldap/slapd.d /var/lib/ldap systemctl start slapd @@ -38,7 +38,7 @@ cp -a "${backup_dir}/ldap.conf" /etc/ldap/ldap.conf || cp -a "${backup_dir}/slapd.conf" /etc/ldap/slapd.conf slapadd -F /etc/ldap/slapd.d -b cn=config \ -l "${backup_dir}/cn=config.master.ldif" \ - || die 1 "Unable to restore LDAP configuration" + || die 1 "Unable to restore LDAP configuration" chown -R openldap: /etc/ldap/slapd.d # Restore the database @@ -46,7 +46,7 @@ mv /var/lib/ldap "$TMPDIR" mkdir -p /var/lib/ldap slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org \ -l "${backup_dir}/dc=yunohost-dc=org.ldif" \ - || die 2 "Unable to restore LDAP database" + || die 2 "Unable to restore LDAP database" chown -R openldap: /var/lib/ldap systemctl start slapd diff --git a/data/hooks/restore/50-conf_manually_modified_files b/data/hooks/restore/50-conf_manually_modified_files index 2d0943043..b23b95ec9 100644 --- a/data/hooks/restore/50-conf_manually_modified_files +++ b/data/hooks/restore/50-conf_manually_modified_files @@ -5,8 +5,7 @@ ynh_abort_if_errors YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files" cd "$YNH_CWD" -for file in $(cat ./manually_modified_files_list) -do +for file in $(cat ./manually_modified_files_list); do ynh_restore_file --origin_path="$file" --not_mandatory done From 28b1bbcc86ab1557c500c22636137b003585e538 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 16:36:08 +0200 Subject: [PATCH 31/47] Also lint/reformat debian scripts --- debian/postinst | 59 ++++++++++++++++++++++++------------------------- debian/postrm | 6 ++--- 2 files changed, 32 insertions(+), 33 deletions(-) diff --git a/debian/postinst b/debian/postinst index ceeed3cdf..0dd1dedd0 100644 --- a/debian/postinst +++ b/debian/postinst @@ -3,36 +3,35 @@ set -e do_configure() { - rm -rf /var/cache/moulinette/* + rm -rf /var/cache/moulinette/* - mkdir -p /usr/share/moulinette/actionsmap/ - ln -sf /usr/share/yunohost/actionsmap/yunohost.yml /usr/share/moulinette/actionsmap/yunohost.yml + mkdir -p /usr/share/moulinette/actionsmap/ + ln -sf /usr/share/yunohost/actionsmap/yunohost.yml /usr/share/moulinette/actionsmap/yunohost.yml - if [ ! -f /etc/yunohost/installed ]; then - # If apps/ is not empty, we're probably already installed in the past and - # something funky happened ... - if [ -d /etc/yunohost/apps/ ] && ls /etc/yunohost/apps/* >/dev/null 2>&1 - then - echo "Sounds like /etc/yunohost/installed mysteriously disappeared ... You should probably contact the Yunohost support ..." - else - bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init - bash /usr/share/yunohost/hooks/conf_regen/02-ssl init - bash /usr/share/yunohost/hooks/conf_regen/09-nslcd init - bash /usr/share/yunohost/hooks/conf_regen/46-nsswitch init - bash /usr/share/yunohost/hooks/conf_regen/06-slapd init - bash /usr/share/yunohost/hooks/conf_regen/15-nginx init - bash /usr/share/yunohost/hooks/conf_regen/37-mdns init - fi - else - echo "Regenerating configuration, this might take a while..." - yunohost tools regen-conf --output-as none + if [ ! -f /etc/yunohost/installed ]; then + # If apps/ is not empty, we're probably already installed in the past and + # something funky happened ... + if [ -d /etc/yunohost/apps/ ] && ls /etc/yunohost/apps/* >/dev/null 2>&1; then + echo "Sounds like /etc/yunohost/installed mysteriously disappeared ... You should probably contact the Yunohost support ..." + else + bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init + bash /usr/share/yunohost/hooks/conf_regen/02-ssl init + bash /usr/share/yunohost/hooks/conf_regen/09-nslcd init + bash /usr/share/yunohost/hooks/conf_regen/46-nsswitch init + bash /usr/share/yunohost/hooks/conf_regen/06-slapd init + bash /usr/share/yunohost/hooks/conf_regen/15-nginx init + bash /usr/share/yunohost/hooks/conf_regen/37-mdns init + fi + else + echo "Regenerating configuration, this might take a while..." + yunohost tools regen-conf --output-as none - echo "Launching migrations..." - yunohost tools migrations run --auto + echo "Launching migrations..." + yunohost tools migrations run --auto - echo "Re-diagnosing server health..." - yunohost diagnosis run --force - fi + echo "Re-diagnosing server health..." + yunohost diagnosis run --force + fi } @@ -50,13 +49,13 @@ do_configure() { case "$1" in configure) do_configure - ;; - abort-upgrade|abort-remove|abort-deconfigure) - ;; + ;; + abort-upgrade | abort-remove | abort-deconfigure) ;; + *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 - ;; + ;; esac #DEBHELPER# diff --git a/debian/postrm b/debian/postrm index 63e42b4d4..ceadd5bce 100644 --- a/debian/postrm +++ b/debian/postrm @@ -6,12 +6,12 @@ set -e if [ "$1" = "purge" ]; then - update-rc.d yunohost-firewall remove >/dev/null - rm -f /etc/yunohost/installed + update-rc.d yunohost-firewall remove >/dev/null + rm -f /etc/yunohost/installed fi if [ "$1" = "remove" ]; then - rm -f /etc/yunohost/installed + rm -f /etc/yunohost/installed fi # Reset dpkg vendor to debian From c9cdfc6b0f9417578704c1cfd32c69d5460129ff Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 16:56:47 +0200 Subject: [PATCH 32/47] Typo :| --- data/helpers.d/apt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 235cc0067..f563757fb 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -333,7 +333,7 @@ EOF # Integrate new php-fpm service in yunohost yunohost service add php${specific_php_version}-fpm --log "/var/log/php${phpversion}-fpm.log" - elif grep --quiet 'php' <<< "$dependencies" + elif grep --quiet 'php' <<< "$dependencies"; then # Store phpversion into the config of this app ynh_app_setting_set --app=$app --key=phpversion --value=$YNH_DEFAULT_PHP_VERSION fi From fd1cc5e6ce7544e6d1f7bf51e70e73e6b2399bdf Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 18:56:17 +0200 Subject: [PATCH 33/47] Fix stuff reported by shellcheck --- data/helpers.d/config | 2 +- data/helpers.d/utils | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/data/helpers.d/config b/data/helpers.d/config index 247d12d6f..5999387db 100644 --- a/data/helpers.d/config +++ b/data/helpers.d/config @@ -66,7 +66,7 @@ _ynh_app_config_apply_one() { "set__${bind%%(*}" $short_setting $type $bind elif [[ "$bind" == "null" ]]; then - continue + return # Save in a file elif [[ "$type" == "file" ]]; then diff --git a/data/helpers.d/utils b/data/helpers.d/utils index 0e38423f2..a4afdaf88 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -542,7 +542,7 @@ ynh_read_var_in_file() { fi # Remove comments if needed - local expression="$(echo "$expression_with_comment" | sed "s@$comments[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" + local expression="$(echo "$expression_with_comment" | sed "s@${comments}[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" local first_char="${expression:0:1}" if [[ "$first_char" == '"' ]]; then @@ -620,7 +620,7 @@ ynh_write_var_in_file() { fi # Remove comments if needed - local expression="$(echo "$expression_with_comment" | sed "s@$comments[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" + local expression="$(echo "$expression_with_comment" | sed "s@${comments}[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" endline=${expression_with_comment#"$expression"} endline="$(echo "$endline" | sed 's/\\/\\\\/g')" value="$(echo "$value" | sed 's/\\/\\\\/g')" From 1d2e4e78f24b891e6cbe2a6d6e2f7a437f280759 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 Oct 2021 18:57:56 +0200 Subject: [PATCH 34/47] Safer, clearer ynh_secure_remove --- data/helpers.d/utils | 49 +++++++------ tests/test_helpers.d/ynhtest_secure_remove.sh | 71 +++++++++++++++++++ 2 files changed, 100 insertions(+), 20 deletions(-) create mode 100644 tests/test_helpers.d/ynhtest_secure_remove.sh diff --git a/data/helpers.d/utils b/data/helpers.d/utils index 061ff324d..a2d7855b9 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -724,6 +724,28 @@ properly with chmod/chown." echo $TMP_DIR } +_acceptable_path_to_delete() { + local file=$1 + + local forbidden_paths=$(ls -d / /* /{var,home,usr}/* /etc/{default,sudoers.d,yunohost,cron*}) + + # Legacy : A couple apps still have data in /home/$app ... + if [[ -n "$app" ]] + then + forbidden_paths=$(echo "$forbidden_paths" | grep -v "/home/$app") + fi + + # Use realpath to normalize the path .. + # i.e convert ///foo//bar//..///baz//// to /foo/baz + file=$(realpath --no-symlinks $file) + if [ -z "$file" ] || grep -q -x -F "$file" <<< "$forbidden_paths"; then + return 1 + else + return 0 + fi +} + + # Remove a file or a directory securely # # usage: ynh_secure_remove --file=path_to_remove @@ -739,31 +761,18 @@ ynh_secure_remove () { ynh_handle_getopts_args "$@" set +o xtrace # set +x - local forbidden_path=" \ - /var/www \ - /home/yunohost.app" - - if [ $# -ge 2 ] - then + if [ $# -ge 2 ]; then ynh_print_warn --message="/!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time." fi - if [[ -z "$file" ]] - then + if [[ -z "$file" ]]; then ynh_print_warn --message="ynh_secure_remove called with empty argument, ignoring." - elif [[ "$forbidden_path" =~ "$file" \ - # Match all paths or subpaths in $forbidden_path - || "$file" =~ ^/[[:alnum:]]+$ \ - # Match all first level paths from / (Like /var, /root, etc...) - || "${file:${#file}-1}" = "/" ]] - # Match if the path finishes by /. Because it seems there is an empty variable - then - ynh_print_warn --message="Not deleting '$file' because it is not an acceptable path to delete." - elif [ -e "$file" ] - then - rm --recursive "$file" - else + elif [[ ! -e $file ]]; then ynh_print_info --message="'$file' wasn't deleted because it doesn't exist." + elif ! _acceptable_path_to_delete "$file"; then + ynh_print_warn --message="Not deleting '$file' because it is not an acceptable path to delete." + else + rm --recursive "$file" fi set -o xtrace # set -x diff --git a/tests/test_helpers.d/ynhtest_secure_remove.sh b/tests/test_helpers.d/ynhtest_secure_remove.sh new file mode 100644 index 000000000..04d85fa7a --- /dev/null +++ b/tests/test_helpers.d/ynhtest_secure_remove.sh @@ -0,0 +1,71 @@ +ynhtest_acceptable_path_to_delete() { + + mkdir -p /home/someuser + mkdir -p /home/$app + mkdir -p /home/yunohost.app/$app + mkdir -p /var/www/$app + touch /var/www/$app/bar + touch /etc/cron.d/$app + + ! _acceptable_path_to_delete / + ! _acceptable_path_to_delete //// + ! _acceptable_path_to_delete " //// " + ! _acceptable_path_to_delete /var + ! _acceptable_path_to_delete /var/www + ! _acceptable_path_to_delete /var/cache + ! _acceptable_path_to_delete /usr + ! _acceptable_path_to_delete /usr/bin + ! _acceptable_path_to_delete /home + ! _acceptable_path_to_delete /home/yunohost.backup + ! _acceptable_path_to_delete /home/yunohost.app + ! _acceptable_path_to_delete /home/yunohost.app/ + ! _acceptable_path_to_delete ///home///yunohost.app/// + ! _acceptable_path_to_delete /home/yunohost.app/$app/.. + ! _acceptable_path_to_delete ///home///yunohost.app///$app///..// + ! _acceptable_path_to_delete /home/yunohost.app/../$app/.. + ! _acceptable_path_to_delete /home/someuser + ! _acceptable_path_to_delete /home/yunohost.app//../../$app + ! _acceptable_path_to_delete " /home/yunohost.app/// " + ! _acceptable_path_to_delete /etc/cron.d/ + ! _acceptable_path_to_delete /etc/yunohost/ + + _acceptable_path_to_delete /home/yunohost.app/$app + _acceptable_path_to_delete /home/yunohost.app/$app/bar + _acceptable_path_to_delete /etc/cron.d/$app + _acceptable_path_to_delete /var/www/$app/bar + _acceptable_path_to_delete /var/www/$app + + rm /var/www/$app/bar + rm /etc/cron.d/$app + rmdir /home/yunohost.app/$app + rmdir /home/$app + rmdir /home/someuser + rmdir /var/www/$app +} + +ynhtest_secure_remove() { + + mkdir -p /home/someuser + mkdir -p /home/yunohost.app/$app + mkdir -p /var/www/$app + mkdir -p /var/whatever + touch /var/www/$app/bar + touch /etc/cron.d/$app + + ! ynh_secure_remove --file="/home/someuser" + ! ynh_secure_remove --file="/home/yunohost.app/" + ! ynh_secure_remove --file="/var/whatever" + ynh_secure_remove --file="/home/yunohost.app/$app" + ynh_secure_remove --file="/var/www/$app" + ynh_secure_remove --file="/etc/cron.d/$app" + + test -e /home/someuser + test -e /home/yunohost.app + test -e /var/whatever + ! test -e /home/yunohost.app/$app + ! test -e /var/www/$app + ! test -e /etc/cron.d/$app + + rmdir /home/someuser + rmdir /var/whatever +} From e563a366ef5eb85ed9e90dc39fea6a2bbb670018 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 Oct 2021 01:46:09 +0200 Subject: [PATCH 35/47] helpers apt: Use smarter grep with lookbehind to extract php version from dependency list Co-authored-by: Florent --- data/helpers.d/apt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index f563757fb..46b769804 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -252,7 +252,8 @@ ynh_install_app_dependencies () { # Check for specific php dependencies which requires sury # This grep will for example return "7.4" if dependencies is "foo bar php7.4-pwet php-gni" - local specific_php_version=$(echo $dependencies | tr '-' ' ' | grep -o -E "\" | sed 's/php//g' | sort | uniq) + # The (?<=php) syntax corresponds to lookbehind ;) + local specific_php_version=$(echo $dependencies | grep -oP '(?<=php)[0-9.]+(?=-|\>)' | sort -u) # Ignore case where the php version found is the one available in debian vanilla [[ "$specific_php_version" != "$YNH_DEFAULT_PHP_VERSION" ]] || specific_php_version="" From 560162dd96e47aca8e49bbe0bbd7351a5c772cf3 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 Oct 2021 10:29:03 +0200 Subject: [PATCH 36/47] Sury pinning is managed in the core, c.f. 346728e5 --- data/helpers.d/apt | 6 ------ 1 file changed, 6 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 46b769804..2f5df175c 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -351,12 +351,6 @@ ynh_add_sury() { # Add an extra repository for those packages ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(ynh_get_debian_release) main" --key="https://packages.sury.org/php/apt.gpg" --name=extra_php_version --priority=600 - # Pin this extra repository after packages are installed to prevent sury from doing shit - for package_to_not_upgrade in "php" "php-fpm" "php-mysql" "php-xml" "php-zip" "php-mbstring" "php-ldap" "php-gd" "php-curl" "php-bz2" "php-json" "php-sqlite3" "php-intl" "openssl" "libssl1.1" "libssl-dev" - do - ynh_pin_repo --package="$package_to_not_upgrade" --pin="origin \"packages.sury.org\"" --priority="-1" --name=extra_php_version --append - done - } From bde5590783f1e9a81b5b9ae33b1101c217fcf000 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 Oct 2021 10:33:33 +0200 Subject: [PATCH 37/47] Update data/helpers.d/logrotate --- data/helpers.d/logrotate | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/logrotate b/data/helpers.d/logrotate index a4548512d..1844cc5c7 100644 --- a/data/helpers.d/logrotate +++ b/data/helpers.d/logrotate @@ -97,8 +97,10 @@ EOF mkdir --parents $(dirname "$logfile") # Create the log directory, if not exist cat ${app}-logrotate | $customtee /etc/logrotate.d/$app > /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee) - ynh_user_exists --username="$app" || chown $app:$app "$logfile" - chmod o-rwx "$logfile" + if ynh_user_exists --username="$app"; then + chown $app:$app "$logfile" + chmod o-rwx "$logfile" + fi } From f769c40f9602d9ae85eb4c99d332ee6da9781f95 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 Oct 2021 10:37:05 +0200 Subject: [PATCH 38/47] Double quotes to prevent bash apocalypse --- data/helpers.d/utils | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/utils b/data/helpers.d/utils index a2d7855b9..1e1930010 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -737,7 +737,7 @@ _acceptable_path_to_delete() { # Use realpath to normalize the path .. # i.e convert ///foo//bar//..///baz//// to /foo/baz - file=$(realpath --no-symlinks $file) + file=$(realpath --no-symlinks "$file") if [ -z "$file" ] || grep -q -x -F "$file" <<< "$forbidden_paths"; then return 1 else From c8e14133d5757cefec3236a41c2914cb0a4feddd Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 Oct 2021 10:46:18 +0200 Subject: [PATCH 39/47] Update changelog for 4.3.1.2 --- debian/changelog | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/debian/changelog b/debian/changelog index a10c83888..f778e0e5d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +yunohost (4.3.1.2) testing; urgency=low + + - [fix] apps: upgrade was broken because of typo ([#1350](https://github.com/YunoHost/yunohost/pull/1350)) + - [enh] apps: in app_info, return a new is_webapp info meant to be used by API/webadmin (4cd5e9b6) + - [fix] configpanel: handle case where file question didnt get modified from webadmin, in which case self.value contains a path (54d901ad) + - [fix] configpanel: bind_key -> bind_key_ to prevent yunohost from redacting key names which leads to broken log metadata.yml somehow (941cc294) + - [enh] questions: Add visible attribute support in cli (74256845) + - [enh] helpers: Simplify apt/php dependencies helpers ([#1018](https://github.com/YunoHost/yunohost/pull/1018)) + - [enh] helpers: In logrotate helper, enforce decent permissions on log file if app user exists ([#1352](https://github.com/YunoHost/yunohost/pull/1352)) + + Thanks to all contributors <3 ! (Éric Gaspar, Kay0u, ljf) + + -- Alexandre Aubin Thu, 07 Oct 2021 10:42:06 +0200 + yunohost (4.3.1.1) testing; urgency=low - [enh] app helpers: Update n version ([#1347](https://github.com/YunoHost/yunohost/pull/1347)) From 38cff4a98e9d52668a7360b53e0e685cfd77b612 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 Oct 2021 11:24:46 +0200 Subject: [PATCH 40/47] Fix app url regex, branch names may contain dots --- src/yunohost/app.py | 2 +- src/yunohost/tests/test_appurl.py | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index fe5281384..fb544cab2 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -79,7 +79,7 @@ re_app_instance_name = re.compile( ) APP_REPO_URL = re.compile( - r"^https://[a-zA-Z0-9-_.]+/[a-zA-Z0-9-_./]+/[a-zA-Z0-9-_.]+_ynh(/?(-/)?tree/[a-zA-Z0-9-_]+)?(\.git)?/?$" + r"^https://[a-zA-Z0-9-_.]+/[a-zA-Z0-9-_./]+/[a-zA-Z0-9-_.]+_ynh(/?(-/)?tree/[a-zA-Z0-9-_.]+)?(\.git)?/?$" ) APP_FILES_TO_COPY = [ diff --git a/src/yunohost/tests/test_appurl.py b/src/yunohost/tests/test_appurl.py index cf2c6c2c3..28f33d998 100644 --- a/src/yunohost/tests/test_appurl.py +++ b/src/yunohost/tests/test_appurl.py @@ -68,6 +68,7 @@ def test_repo_url_definition(): assert _is_app_repo_url( "https://gitlab.domainepublic.net/Neutrinet/neutrinet_ynh/-/tree/unstable" ) + assert _is_app_repo_url("https://github.com/YunoHost-Apps/foobar/tree/1.23.4") assert _is_app_repo_url("git@github.com:YunoHost-Apps/foobar_ynh.git") assert not _is_app_repo_url("github.com/YunoHost-Apps/foobar_ynh") From 0b2ef5d16fa2f3be229bdd3ae211390ff388ae7b Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 Oct 2021 18:31:59 +0200 Subject: [PATCH 41/47] Update changelog for 4.3.1.3 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index f778e0e5d..def37d6b2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +yunohost (4.3.1.3) testing; urgency=low + + - [fix] app: repo url branch names may contain dots (38cff4a9) + + -- Alexandre Aubin Thu, 07 Oct 2021 18:31:09 +0200 + yunohost (4.3.1.2) testing; urgency=low - [fix] apps: upgrade was broken because of typo ([#1350](https://github.com/YunoHost/yunohost/pull/1350)) From df02f898ee2ee5fe9260d0875e40dc490ec72926 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 9 Oct 2021 00:32:49 +0200 Subject: [PATCH 42/47] [enh] Don't generate dnsmasq conf for .local domains --- data/hooks/conf_regen/43-dnsmasq | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/data/hooks/conf_regen/43-dnsmasq b/data/hooks/conf_regen/43-dnsmasq index f3bed7b04..687fc704f 100755 --- a/data/hooks/conf_regen/43-dnsmasq +++ b/data/hooks/conf_regen/43-dnsmasq @@ -32,6 +32,7 @@ do_pre_regen() { # add domain conf files for domain in $YNH_DOMAINS; do + [[ ! $domain =~ \.local$ ]] || continue export domain ynh_render_template "domain.tpl" "${dnsmasq_dir}/${domain}" done @@ -40,8 +41,10 @@ do_pre_regen() { conf_files=$(ls -1 /etc/dnsmasq.d \ | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }') for domain in $conf_files; do - [[ $YNH_DOMAINS =~ $domain ]] \ - || touch "${dnsmasq_dir}/${domain}" + if [[ ! $YNH_DOMAINS =~ $domain ]] && [[ ! $domain =~ \.local$ ]] + then + touch "${dnsmasq_dir}/${domain}" + fi done } From e521fef23d204570735b2cf97382deb9f72902a5 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 9 Oct 2021 02:20:08 +0200 Subject: [PATCH 43/47] Fix typo in tests @_@ --- src/yunohost/tests/test_appurl.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/tests/test_appurl.py b/src/yunohost/tests/test_appurl.py index 28f33d998..7b4c6e2e3 100644 --- a/src/yunohost/tests/test_appurl.py +++ b/src/yunohost/tests/test_appurl.py @@ -68,7 +68,7 @@ def test_repo_url_definition(): assert _is_app_repo_url( "https://gitlab.domainepublic.net/Neutrinet/neutrinet_ynh/-/tree/unstable" ) - assert _is_app_repo_url("https://github.com/YunoHost-Apps/foobar/tree/1.23.4") + assert _is_app_repo_url("https://github.com/YunoHost-Apps/foobar_ynh/tree/1.23.4") assert _is_app_repo_url("git@github.com:YunoHost-Apps/foobar_ynh.git") assert not _is_app_repo_url("github.com/YunoHost-Apps/foobar_ynh") From dab3dc6f370e262ed427a3459aebde35f4f92da6 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 11 Oct 2021 19:42:39 +0200 Subject: [PATCH 44/47] dovecot: add conf snippet to get rid of stupid stats-writer errors in mail.log --- data/templates/dovecot/dovecot.conf | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/data/templates/dovecot/dovecot.conf b/data/templates/dovecot/dovecot.conf index ee8511f83..c7e937979 100644 --- a/data/templates/dovecot/dovecot.conf +++ b/data/templates/dovecot/dovecot.conf @@ -78,6 +78,20 @@ service quota-warning { } } +service stats { + unix_listener stats-reader { + user = vmail + group = mail + mode = 0660 + } + + unix_listener stats-writer { + user = vmail + group = mail + mode = 0660 + } +} + plugin { sieve = /var/mail/sievescript/%n/.dovecot.sieve sieve_dir = /var/mail/sievescript/%n/scripts/ From 910364f9c4a3309e0411a87b15e8987996bd4cfc Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 12 Oct 2021 15:49:08 +0200 Subject: [PATCH 45/47] helpers: Drop obsolete/unused/weird logging helpers --- data/helpers.d/logging | 86 ------------------------------------------ data/helpers.d/php | 24 ++++++------ 2 files changed, 12 insertions(+), 98 deletions(-) diff --git a/data/helpers.d/logging b/data/helpers.d/logging index 71998763e..9075fc7aa 100644 --- a/data/helpers.d/logging +++ b/data/helpers.d/logging @@ -38,25 +38,6 @@ ynh_print_info() { echo "$message" >&$YNH_STDINFO } -# Ignore the yunohost-cli log to prevent errors with conditional commands -# -# [internal] -# -# usage: ynh_no_log COMMAND -# -# Simply duplicate the log, execute the yunohost command and replace the log without the result of this command -# It's a very badly hack... -# -# Requires YunoHost version 2.6.4 or higher. -ynh_no_log() { - local ynh_cli_log=/var/log/yunohost/yunohost-cli.log - cp --archive ${ynh_cli_log} ${ynh_cli_log}-move - eval $@ - local exit_code=$? - mv ${ynh_cli_log}-move ${ynh_cli_log} - return $exit_code -} - # Main printer, just in case in the future we have to change anything about that. # # [internal] @@ -302,70 +283,3 @@ ynh_script_progression () { ynh_return () { echo "$1" >> "$YNH_STDRETURN" } - -# Debugger for app packagers -# -# usage: ynh_debug [--message=message] [--trace=1/0] -# | arg: -m, --message= - The text to print -# | arg: -t, --trace= - Turn on or off the trace of the script. Usefull to trace nonly a small part of a script. -# -# Requires YunoHost version 3.5.0 or higher. -ynh_debug () { - # Disable set xtrace for the helper itself, to not pollute the debug log - set +o xtrace # set +x - # Declare an array to define the options of this helper. - local legacy_args=mt - local -A args_array=( [m]=message= [t]=trace= ) - local message - local trace - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - # Re-disable xtrace, ynh_handle_getopts_args set it back - set +o xtrace # set +x - message=${message:-} - trace=${trace:-} - - if [ -n "$message" ] - then - ynh_print_log "[Debug] ${message}" >&2 - fi - - if [ "$trace" == "1" ] - then - ynh_debug --message="Enable debugging" - set +o xtrace # set +x - # Get the current file descriptor of xtrace - old_bash_xtracefd=$BASH_XTRACEFD - # Add the current file name and the line number of any command currently running while tracing. - PS4='$(basename ${BASH_SOURCE[0]})-L${LINENO}: ' - # Force xtrace to stderr - BASH_XTRACEFD=2 - # Force stdout to stderr - exec 1>&2 - fi - if [ "$trace" == "0" ] - then - ynh_debug --message="Disable debugging" - set +o xtrace # set +x - # Put xtrace back to its original fild descriptor - BASH_XTRACEFD=$old_bash_xtracefd - # Restore stdout - exec 1>&1 - fi - # Renable set xtrace - set -o xtrace # set -x -} - -# Execute a command and print the result as debug -# -# usage: ynh_debug_exec "your_command [ | other_command ]" -# | arg: command - command to execute -# -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. -# -# Requires YunoHost version 3.5.0 or higher. -ynh_debug_exec () { - ynh_debug --message="$(eval $@)" -} diff --git a/data/helpers.d/php b/data/helpers.d/php index d383c1e4f..63f3af653 100644 --- a/data/helpers.d/php +++ b/data/helpers.d/php @@ -478,28 +478,28 @@ ynh_get_scalable_phpfpm () { if [ $print -eq 1 ] then - ynh_debug --message="Footprint=${footprint}Mb by pool." - ynh_debug --message="Process manager=$php_pm" - ynh_debug --message="Max RAM=${max_ram}Mb" + ynh_print_warn --message="Footprint=${footprint}Mb by pool." + ynh_print_warn --message="Process manager=$php_pm" + ynh_print_warn --message="Max RAM=${max_ram}Mb" if [ "$php_pm" != "static" ] then - ynh_debug --message="\nMax estimated footprint=$(( $php_max_children * $footprint ))" - ynh_debug --message="Min estimated footprint=$(( $php_min_spare_servers * $footprint ))" + ynh_print_warn --message="\nMax estimated footprint=$(( $php_max_children * $footprint ))" + ynh_print_warn --message="Min estimated footprint=$(( $php_min_spare_servers * $footprint ))" fi if [ "$php_pm" = "dynamic" ] then - ynh_debug --message="Estimated average footprint=$(( $php_max_spare_servers * $footprint ))" + ynh_print_warn --message="Estimated average footprint=$(( $php_max_spare_servers * $footprint ))" elif [ "$php_pm" = "static" ] then - ynh_debug --message="Estimated footprint=$(( $php_max_children * $footprint ))" + ynh_print_warn --message="Estimated footprint=$(( $php_max_children * $footprint ))" fi - ynh_debug --message="\nRaw php-fpm values:" - ynh_debug --message="pm.max_children = $php_max_children" + ynh_print_warn --message="\nRaw php-fpm values:" + ynh_print_warn --message="pm.max_children = $php_max_children" if [ "$php_pm" = "dynamic" ] then - ynh_debug --message="pm.start_servers = $php_start_servers" - ynh_debug --message="pm.min_spare_servers = $php_min_spare_servers" - ynh_debug --message="pm.max_spare_servers = $php_max_spare_servers" + ynh_print_warn --message="pm.start_servers = $php_start_servers" + ynh_print_warn --message="pm.min_spare_servers = $php_min_spare_servers" + ynh_print_warn --message="pm.max_spare_servers = $php_max_spare_servers" fi fi } From a3c0ca4da69525eee6045c63b3dfaecbf9f4f032 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 12 Oct 2021 15:49:46 +0200 Subject: [PATCH 46/47] helpers: Don't use eval in ynh_exec_* helpers to prevent issues with special chars --- data/helpers.d/logging | 85 ++++++++++++++++------- tests/test_helpers.d/ynhtest_logging.sh | 92 +++++++++++++++++++++++++ 2 files changed, 152 insertions(+), 25 deletions(-) create mode 100644 tests/test_helpers.d/ynhtest_logging.sh diff --git a/data/helpers.d/logging b/data/helpers.d/logging index 9075fc7aa..b8deef26e 100644 --- a/data/helpers.d/logging +++ b/data/helpers.d/logging @@ -83,72 +83,107 @@ ynh_print_err () { # Execute a command and print the result as an error # -# usage: ynh_exec_err "your_command [ | other_command ]" +# usage: ynh_exec_err your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_err # # Requires YunoHost version 3.2.0 or higher. ynh_exec_err () { - ynh_print_err "$(eval $@)" + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + ynh_print_err "$(eval $@)" + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + ynh_print_err "$("$@")" + fi } # Execute a command and print the result as a warning # -# usage: ynh_exec_warn "your_command [ | other_command ]" +# usage: ynh_exec_warn your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_warn # # Requires YunoHost version 3.2.0 or higher. ynh_exec_warn () { - ynh_print_warn "$(eval $@)" + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + ynh_print_warn "$(eval $@)" + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + ynh_print_warn "$("$@")" + fi } # Execute a command and force the result to be printed on stdout # -# usage: ynh_exec_warn_less "your_command [ | other_command ]" +# usage: ynh_exec_warn_less your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_warn # # Requires YunoHost version 3.2.0 or higher. ynh_exec_warn_less () { - eval $@ 2>&1 + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + eval $@ 2>&1 + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + "$@" 2>&1 + fi } # Execute a command and redirect stdout in /dev/null # -# usage: ynh_exec_quiet "your_command [ | other_command ]" +# usage: ynh_exec_quiet your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_warn # # Requires YunoHost version 3.2.0 or higher. ynh_exec_quiet () { - eval $@ > /dev/null + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + eval $@ > /dev/null + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + "$@" > /dev/null + fi } # Execute a command and redirect stdout and stderr in /dev/null # -# usage: ynh_exec_fully_quiet "your_command [ | other_command ]" +# usage: ynh_exec_quiet your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_quiet # # Requires YunoHost version 3.2.0 or higher. ynh_exec_fully_quiet () { - eval $@ > /dev/null 2>&1 + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + eval $@ > /dev/null 2>&1 + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + "$@" > /dev/null 2>&1 + fi } # Remove any logs for all the following commands. diff --git a/tests/test_helpers.d/ynhtest_logging.sh b/tests/test_helpers.d/ynhtest_logging.sh new file mode 100644 index 000000000..bb1241614 --- /dev/null +++ b/tests/test_helpers.d/ynhtest_logging.sh @@ -0,0 +1,92 @@ +ynhtest_exec_warn_less() { + + FOO='foo' + bar="" + BAR='$bar' + FOOBAR="foo bar" + + # These looks like stupid edge case + # but in fact happens when dealing with passwords + # (which could also contain bash chars like [], {}, ...) + # or urls containing &, ... + FOOANDBAR="foo&bar" + FOO1QUOTEBAR="foo'bar" + FOO2QUOTEBAR="foo\"bar" + + ynh_exec_warn_less uptime + + test ! -e $FOO + ynh_exec_warn_less touch $FOO + test -e $FOO + rm $FOO + + test ! -e $FOO1QUOTEBAR + ynh_exec_warn_less touch $FOO1QUOTEBAR + test -e $FOO1QUOTEBAR + rm $FOO1QUOTEBAR + + test ! -e $FOO2QUOTEBAR + ynh_exec_warn_less touch $FOO2QUOTEBAR + test -e $FOO2QUOTEBAR + rm $FOO2QUOTEBAR + + test ! -e $BAR + ynh_exec_warn_less touch $BAR + test -e $BAR + rm $BAR + + test ! -e "$FOOBAR" + ynh_exec_warn_less touch "$FOOBAR" + test -e "$FOOBAR" + rm "$FOOBAR" + + test ! -e "$FOOANDBAR" + ynh_exec_warn_less touch $FOOANDBAR + test -e "$FOOANDBAR" + rm "$FOOANDBAR" + + ########################### + # Legacy stuff using eval # + ########################### + + test ! -e $FOO + ynh_exec_warn_less "touch $FOO" + test -e $FOO + rm $FOO + + test ! -e $FOO1QUOTEBAR + ynh_exec_warn_less "touch \"$FOO1QUOTEBAR\"" + # (this works but expliciy *double* quotes have to be provided) + test -e $FOO1QUOTEBAR + rm $FOO1QUOTEBAR + + #test ! -e $FOO2QUOTEBAR + #ynh_exec_warn_less "touch \'$FOO2QUOTEBAR\'" + ## (this doesn't work with simple or double quotes) + #test -e $FOO2QUOTEBAR + #rm $FOO2QUOTEBAR + + test ! -e $BAR + ynh_exec_warn_less 'touch $BAR' + # That one works because $BAR is only interpreted during eval + test -e $BAR + rm $BAR + + #test ! -e $BAR + #ynh_exec_warn_less "touch $BAR" + # That one doesn't work because $bar gets interpreted as empty var by eval... + #test -e $BAR + #rm $BAR + + test ! -e "$FOOBAR" + ynh_exec_warn_less "touch \"$FOOBAR\"" + # (works but requires explicit double quotes otherwise eval would interpret 'foo bar' as two separate args..) + test -e "$FOOBAR" + rm "$FOOBAR" + + test ! -e "$FOOANDBAR" + ynh_exec_warn_less "touch \"$FOOANDBAR\"" + # (works but requires explicit double quotes otherwise eval would interpret '&' as a "run command in background" and also bar is not a valid command) + test -e "$FOOANDBAR" + rm "$FOOANDBAR" +} From fe959bd7faee506c4691ac78813256f1e2ed1e68 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 12 Oct 2021 16:53:01 +0200 Subject: [PATCH 47/47] helpers: Flag ynh_print_ON/OFF as internal to not advertise them in the doc --- data/helpers.d/logging | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/data/helpers.d/logging b/data/helpers.d/logging index 7a8be30e9..72403e7e1 100644 --- a/data/helpers.d/logging +++ b/data/helpers.d/logging @@ -174,6 +174,8 @@ ynh_exec_fully_quiet() { # # usage: ynh_print_OFF # +# [internal] +# # WARNING: You should be careful with this helper, and never forget to use ynh_print_ON as soon as possible to restore the logging. # # Requires YunoHost version 3.2.0 or higher. @@ -185,6 +187,8 @@ ynh_print_OFF() { # # usage: ynh_print_ON # +# [internal] +# # Requires YunoHost version 3.2.0 or higher. ynh_print_ON() { exec {BASH_XTRACEFD}>&1