YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'migrate_to_bullseye' into bullseye

Browse source
This commit is contained in:
Alexandre Aubin 2021-10-13 15:12:56 +02:00
commit 0b4aa81f8c
57 changed files with 2126 additions and 1939 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

243
data/helpers.d/apt
View file

@ -12,31 +12,27 @@ ynh_wait_dpkg_free() {
local try local try
set +o xtrace # set +x set +o xtrace # set +x
# With seq 1 17, timeout will be almost 30 minutes # With seq 1 17, timeout will be almost 30 minutes
for try in `seq 1 17` for try in $(seq 1 17); do
do
# Check if /var/lib/dpkg/lock is used by another process # Check if /var/lib/dpkg/lock is used by another process
if lsof /var/lib/dpkg/lock > /dev/null if lsof /var/lib/dpkg/lock >/dev/null; then
then
echo "apt is already in use..." echo "apt is already in use..."
# Sleep an exponential time at each round # Sleep an exponential time at each round
sleep $(( try * try )) sleep $((try * try))
else else
# Check if dpkg hasn't been interrupted and is fully available. # Check if dpkg hasn't been interrupted and is fully available.
# See this for more information: https://sources.debian.org/src/apt/1.4.9/apt-pkg/deb/debsystem.cc/#L141-L174 # See this for more information: https://sources.debian.org/src/apt/1.4.9/apt-pkg/deb/debsystem.cc/#L141-L174
local dpkg_dir="/var/lib/dpkg/updates/" local dpkg_dir="/var/lib/dpkg/updates/"
# For each file in $dpkg_dir # For each file in $dpkg_dir
while read dpkg_file <&9 while read dpkg_file <&9; do
do
# Check if the name of this file contains only numbers. # Check if the name of this file contains only numbers.
if echo "$dpkg_file" | grep --perl-regexp --quiet "^[[:digit:]]+$" if echo "$dpkg_file" | grep --perl-regexp --quiet "^[[:digit:]]+$"; then
then
# If so, that a remaining of dpkg. # If so, that a remaining of dpkg.
ynh_print_err "dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem." ynh_print_err "dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem."
set -o xtrace # set -x set -o xtrace # set -x
return 1 return 1
fi fi
done 9<<< "$(ls -1 $dpkg_dir)" done 9<<<"$(ls -1 $dpkg_dir)"
set -o xtrace # set -x set -o xtrace # set -x
return 0 return 0
fi fi
@ -57,7 +53,7 @@ ynh_wait_dpkg_free() {
ynh_package_is_installed() { ynh_package_is_installed() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=p local legacy_args=p
local -A args_array=( [p]=package= ) local -A args_array=([p]=package=)
local package local package
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -79,13 +75,12 @@ ynh_package_is_installed() {
ynh_package_version() { ynh_package_version() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=p local legacy_args=p
local -A args_array=( [p]=package= ) local -A args_array=([p]=package=)
local package local package
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
if ynh_package_is_installed "$package" if ynh_package_is_installed "$package"; then
then
dpkg-query --show --showformat='${Version}' "$package" 2>/dev/null dpkg-query --show --showformat='${Version}' "$package" 2>/dev/null
else else
echo '' echo ''
@ -166,14 +161,14 @@ ynh_package_autopurge() {
# | arg: controlfile - path of the equivs control file # | arg: controlfile - path of the equivs control file
# #
# Requires YunoHost version 2.2.4 or higher. # Requires YunoHost version 2.2.4 or higher.
ynh_package_install_from_equivs () { ynh_package_install_from_equivs() {
local controlfile=$1 local controlfile=$1
# retrieve package information # retrieve package information
local pkgname=$(grep '^Package: ' $controlfile | cut --delimiter=' ' --fields=2) # Retrieve the name of the debian package local pkgname=$(grep '^Package: ' $controlfile | cut --delimiter=' ' --fields=2) # Retrieve the name of the debian package
local pkgversion=$(grep '^Version: ' $controlfile | cut --delimiter=' ' --fields=2) # And its version number local pkgversion=$(grep '^Version: ' $controlfile | cut --delimiter=' ' --fields=2) # And its version number
[[ -z "$pkgname" || -z "$pkgversion" ]] \ [[ -z "$pkgname" || -z "$pkgversion" ]] \
&& ynh_die --message="Invalid control file" # Check if this 2 variables aren't empty. && ynh_die --message="Invalid control file" # Check if this 2 variables aren't empty.
# Update packages cache # Update packages cache
ynh_package_update ynh_package_update
@ -191,26 +186,31 @@ ynh_package_install_from_equivs () {
# Install missing dependencies with ynh_package_install # Install missing dependencies with ynh_package_install
ynh_wait_dpkg_free ynh_wait_dpkg_free
cp "$controlfile" "${TMPDIR}/control" cp "$controlfile" "${TMPDIR}/control"
(cd "$TMPDIR" (
LC_ALL=C equivs-build ./control 2>&1 cd "$TMPDIR"
LC_ALL=C dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1 | tee ./dpkg_log) LC_ALL=C equivs-build ./control 2>&1
LC_ALL=C dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1 | tee ./dpkg_log
)
ynh_package_install --fix-broken || \ ynh_package_install --fix-broken \
{ # If the installation failed || { # If the installation failed
# (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process) # (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process)
# Parse the list of problematic dependencies from dpkg's log ... # Parse the list of problematic dependencies from dpkg's log ...
# (relevant lines look like: "foo-ynh-deps depends on bar; however:") # (relevant lines look like: "foo-ynh-deps depends on bar; however:")
local problematic_dependencies="$(cat $TMPDIR/dpkg_log | grep -oP '(?<=-ynh-deps depends on ).*(?=; however)' | tr '\n' ' ')" local problematic_dependencies="$(cat $TMPDIR/dpkg_log | grep -oP '(?<=-ynh-deps depends on ).*(?=; however)' | tr '\n' ' ')"
# Fake an install of those dependencies to see the errors # Fake an install of those dependencies to see the errors
# The sed command here is, Print only from 'Reading state info' to the end. # The sed command here is, Print only from 'Reading state info' to the end.
[[ -n "$problematic_dependencies" ]] && ynh_package_install $problematic_dependencies --dry-run 2>&1 | sed --quiet '/Reading state info/,$p' | grep -v "fix-broken\|Reading state info" >&2 [[ -n "$problematic_dependencies" ]] && ynh_package_install $problematic_dependencies --dry-run 2>&1 | sed --quiet '/Reading state info/,$p' | grep -v "fix-broken\|Reading state info" >&2
ynh_die --message="Unable to install dependencies"; } ynh_die --message="Unable to install dependencies"
[[ -n "$TMPDIR" ]] && rm --recursive --force $TMPDIR # Remove the temp dir. }
[[ -n "$TMPDIR" ]] && rm --recursive --force $TMPDIR # Remove the temp dir.
# check if the package is actually installed # check if the package is actually installed
ynh_package_is_installed "$pkgname" ynh_package_is_installed "$pkgname"
} }
YNH_INSTALL_APP_DEPENDENCIES_REPLACE="true"
# Define and install dependencies with a equivs control file # Define and install dependencies with a equivs control file
# #
# This helper can/should only be called once per app # This helper can/should only be called once per app
@ -222,7 +222,7 @@ ynh_package_install_from_equivs () {
# | arg: "dep1|dep2|…" - You can specify alternatives. It will require to install (dep1 or dep2, etc). # | arg: "dep1|dep2|…" - You can specify alternatives. It will require to install (dep1 or dep2, etc).
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_install_app_dependencies () { ynh_install_app_dependencies() {
local dependencies=$@ local dependencies=$@
# Add a comma for each space between packages. But not add a comma if the space separate a version specification. (See below) # Add a comma for each space between packages. But not add a comma if the space separate a version specification. (See below)
dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')" dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')"
@ -233,11 +233,10 @@ ynh_install_app_dependencies () {
if [ -z "${version}" ] || [ "$version" == "null" ]; then if [ -z "${version}" ] || [ "$version" == "null" ]; then
version="1.0" version="1.0"
fi fi
local dep_app=${app//_/-} # Replace all '_' by '-' local dep_app=${app//_/-} # Replace all '_' by '-'
# Handle specific versions # Handle specific versions
if [[ "$dependencies" =~ [\<=\>] ]] if [[ "$dependencies" =~ [\<=\>] ]]; then
then
# Replace version specifications by relationships syntax # Replace version specifications by relationships syntax
# https://www.debian.org/doc/debian-policy/ch-relationships.html # https://www.debian.org/doc/debian-policy/ch-relationships.html
# Sed clarification # Sed clarification
@ -249,27 +248,62 @@ ynh_install_app_dependencies () {
dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')" dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')"
fi fi
# Check for specific php dependencies which requires sury
# This grep will for example return "7.4" if dependencies is "foo bar php7.4-pwet php-gni"
# The (?<=php) syntax corresponds to lookbehind ;)
local specific_php_version=$(echo $dependencies | grep -oP '(?<=php)[0-9.]+(?=-|\>)' | sort -u)
# Ignore case where the php version found is the one available in debian vanilla
[[ "$specific_php_version" != "$YNH_DEFAULT_PHP_VERSION" ]] || specific_php_version=""
if [[ -n "$specific_php_version" ]]
then
# Cover a small edge case where a packager could have specified "php7.4-pwet php5-gni" which is confusing
[[ $(echo $specific_php_version | wc -l) -eq 1 ]] \
|| ynh_die --message="Inconsistent php versions in dependencies ... found : $specific_php_version"
dependencies+=", php${specific_php_version}, php${specific_php_version}-fpm, php${specific_php_version}-common"
ynh_add_sury
fi
# The first time we run ynh_install_app_dependencies, we will replace the
# entire control file (This is in particular meant to cover the case of
# upgrade script where ynh_install_app_dependencies is called with this
# expected effect) Otherwise, any subsequent call will add dependencies
# to those already present in the equivs control file.
if [[ $YNH_INSTALL_APP_DEPENDENCIES_REPLACE == "true" ]]
then
YNH_INSTALL_APP_DEPENDENCIES_REPLACE="false"
else
local current_dependencies=""
if ynh_package_is_installed --package="${dep_app}-ynh-deps"
then
current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) "
current_dependencies=${current_dependencies// | /|}
fi
dependencies="$current_dependencies, $dependencies"
fi
# #
# Epic ugly hack to fix the goddamn dependency nightmare of sury # Epic ugly hack to fix the goddamn dependency nightmare of sury
# Sponsored by the "Djeezusse Fokin Kraiste Why Do Adminsys Has To Be So Fucking Complicated I Should Go Grow Potatoes Instead Of This Shit" collective # Sponsored by the "Djeezusse Fokin Kraiste Why Do Adminsys Has To Be So Fucking Complicated I Should Go Grow Potatoes Instead Of This Shit" collective
# https://github.com/YunoHost/issues/issues/1407 # https://github.com/YunoHost/issues/issues/1407
# #
# If we require to install php dependency # If we require to install php dependency
if echo $dependencies | grep --quiet 'php' if grep --quiet 'php' <<< "$dependencies"; then
then
# And we have packages from sury installed (7.0.33-10+weirdshiftafter instead of 7.0.33-0 on debian) # And we have packages from sury installed (7.0.33-10+weirdshiftafter instead of 7.0.33-0 on debian)
if dpkg --list | grep "php7.0" | grep --quiet --invert-match "7.0.33-0+deb9" if dpkg --list | grep "php7.0" | grep --quiet --invert-match "7.0.33-0+deb9"; then
then
# And sury ain't already in sources.lists # And sury ain't already in sources.lists
if ! grep --recursive --quiet "^ *deb.*sury" /etc/apt/sources.list* if ! grep --recursive --quiet "^ *deb.*sury" /etc/apt/sources.list*; then
then
# Re-add sury # Re-add sury
ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(ynh_get_debian_release) main" --key="https://packages.sury.org/php/apt.gpg" --name=extra_php_version --priority=600 ynh_add_sury
fi fi
fi fi
fi fi
cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build cat >/tmp/${dep_app}-ynh-deps.control <<EOF # Make a control file for equivs-build
Section: misc Section: misc
Priority: optional Priority: optional
Package: ${dep_app}-ynh-deps Package: ${dep_app}-ynh-deps
@ -280,41 +314,57 @@ Description: Fake package for ${app} (YunoHost app) dependencies
This meta-package is only responsible of installing its dependencies. This meta-package is only responsible of installing its dependencies.
EOF EOF
ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \ ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \
|| ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies || ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies
rm /tmp/${dep_app}-ynh-deps.control rm /tmp/${dep_app}-ynh-deps.control
ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies" ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies"
if [[ -n "$specific_php_version" ]]
then
# Set the default php version back as the default version for php-cli.
update-alternatives --set php /usr/bin/php$YNH_DEFAULT_PHP_VERSION
# Store phpversion into the config of this app
ynh_app_setting_set --app=$app --key=phpversion --value=$specific_php_version
# Integrate new php-fpm service in yunohost
yunohost service add php${specific_php_version}-fpm --log "/var/log/php${phpversion}-fpm.log"
elif grep --quiet 'php' <<< "$dependencies"; then
# Store phpversion into the config of this app
ynh_app_setting_set --app=$app --key=phpversion --value=$YNH_DEFAULT_PHP_VERSION
fi
} }
# Add sury repository with adequate pin strategy
#
# [internal]
#
# usage: ynh_add_sury
#
ynh_add_sury() {
# Add an extra repository for those packages
ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(ynh_get_debian_release) main" --key="https://packages.sury.org/php/apt.gpg" --name=extra_php_version --priority=600
}
# Add dependencies to install with ynh_install_app_dependencies # Add dependencies to install with ynh_install_app_dependencies
# #
# usage: ynh_add_app_dependencies --package=phpversion [--replace] # usage: ynh_add_app_dependencies --package=phpversion [--replace]
# | arg: -p, --package= - Packages to add as dependencies for the app. # | arg: -p, --package= - Packages to add as dependencies for the app.
# | arg: -r, --replace - Replace dependencies instead of adding to existing ones.
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_add_app_dependencies () { ynh_add_app_dependencies() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=pr local legacy_args=pr
local -A args_array=( [p]=package= [r]=replace) local -A args_array=([p]=package= [r]=replace)
local package local package
local replace
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
replace=${replace:-0}
local current_dependencies="" ynh_print_warn --message="Packagers: ynh_add_app_dependencies is deprecated and is now only an alias to ynh_install_app_dependencies"
if [ $replace -eq 0 ] ynh_install_app_dependencies "${package}"
then
local dep_app=${app//_/-} # Replace all '_' by '-'
if ynh_package_is_installed --package="${dep_app}-ynh-deps"
then
current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) "
fi
current_dependencies=${current_dependencies// | /|}
fi
ynh_install_app_dependencies "${current_dependencies}${package}"
} }
# Remove fake package and its dependencies # Remove fake package and its dependencies
@ -324,9 +374,26 @@ ynh_add_app_dependencies () {
# usage: ynh_remove_app_dependencies # usage: ynh_remove_app_dependencies
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_remove_app_dependencies () { ynh_remove_app_dependencies() {
local dep_app=${app//_/-} # Replace all '_' by '-' local dep_app=${app//_/-} # Replace all '_' by '-'
local current_dependencies=""
if ynh_package_is_installed --package="${dep_app}-ynh-deps"; then
current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) "
current_dependencies=${current_dependencies// | /|}
fi
ynh_package_autopurge ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used. ynh_package_autopurge ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used.
# Check if this app used a specific php version ... in which case we check
# if the corresponding php-fpm is still there. Otherwise, we remove the
# service from yunohost as well
local specific_php_version=$(echo $current_dependencies | tr '-' ' ' | grep -o -E "\<php[0-9.]+\>" | sed 's/php//g' | sort | uniq)
[[ "$specific_php_version" != "$YNH_DEFAULT_PHP_VERSION" ]] || specific_php_version=""
if [[ -n "$specific_php_version" ]] && ! ynh_package_is_installed --package="php${specific_php_version}-fpm"; then
yunohost service remove php${specific_php_version}-fpm
fi
} }
# Install packages from an extra repository properly. # Install packages from an extra repository properly.
@ -338,10 +405,10 @@ ynh_remove_app_dependencies () {
# | arg: -n, --name= - Name for the files for this repo, $app as default value. # | arg: -n, --name= - Name for the files for this repo, $app as default value.
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_install_extra_app_dependencies () { ynh_install_extra_app_dependencies() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=rpkn local legacy_args=rpkn
local -A args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= ) local -A args_array=([r]=repo= [p]=package= [k]=key= [n]=name=)
local repo local repo
local package local package
local key local key
@ -352,15 +419,14 @@ ynh_install_extra_app_dependencies () {
key=${key:-} key=${key:-}
# Set a key only if asked # Set a key only if asked
if [ -n "$key" ] if [ -n "$key" ]; then
then
key="--key=$key" key="--key=$key"
fi fi
# Add an extra repository for those packages # Add an extra repository for those packages
ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name
# Install requested dependencies from this extra repository. # Install requested dependencies from this extra repository.
ynh_add_app_dependencies --package="$package" ynh_install_app_dependencies "$package"
# Remove this extra repository after packages are installed # Remove this extra repository after packages are installed
ynh_remove_extra_repo --name=$app ynh_remove_extra_repo --name=$app
@ -378,10 +444,10 @@ ynh_install_extra_app_dependencies () {
# | arg: -a, --append - Do not overwrite existing files. # | arg: -a, --append - Do not overwrite existing files.
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_install_extra_repo () { ynh_install_extra_repo() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=rkpna local legacy_args=rkpna
local -A args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append ) local -A args_array=([r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append)
local repo local repo
local key local key
local priority local priority
@ -394,8 +460,7 @@ ynh_install_extra_repo () {
key=${key:-} key=${key:-}
priority=${priority:-} priority=${priority:-}
if [ $append -eq 1 ] if [ $append -eq 1 ]; then
then
append="--append" append="--append"
wget_append="tee --append" wget_append="tee --append"
else else
@ -424,18 +489,16 @@ ynh_install_extra_repo () {
local pin="${uri#*://}" local pin="${uri#*://}"
pin="${pin%%/*}" pin="${pin%%/*}"
# Set a priority only if asked # Set a priority only if asked
if [ -n "$priority" ] if [ -n "$priority" ]; then
then
priority="--priority=$priority" priority="--priority=$priority"
fi fi
ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append
# Get the public key for the repo # Get the public key for the repo
if [ -n "$key" ] if [ -n "$key" ]; then
then
mkdir --parents "/etc/apt/trusted.gpg.d" mkdir --parents "/etc/apt/trusted.gpg.d"
# Timeout option is here to enforce the timeout on dns query and tcp connect (c.f. man wget) # Timeout option is here to enforce the timeout on dns query and tcp connect (c.f. man wget)
wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg >/dev/null
fi fi
# Update the list of package with the new repo # Update the list of package with the new repo
@ -450,10 +513,10 @@ ynh_install_extra_repo () {
# | arg: -n, --name= - Name for the files for this repo, $app as default value. # | arg: -n, --name= - Name for the files for this repo, $app as default value.
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_remove_extra_repo () { ynh_remove_extra_repo() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=n local legacy_args=n
local -A args_array=( [n]=name= ) local -A args_array=([n]=name=)
local name local name
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -462,8 +525,8 @@ ynh_remove_extra_repo () {
ynh_secure_remove --file="/etc/apt/sources.list.d/$name.list" ynh_secure_remove --file="/etc/apt/sources.list.d/$name.list"
# Sury pinning is managed by the regenconf in the core... # Sury pinning is managed by the regenconf in the core...
[[ "$name" == "extra_php_version" ]] || ynh_secure_remove "/etc/apt/preferences.d/$name" [[ "$name" == "extra_php_version" ]] || ynh_secure_remove "/etc/apt/preferences.d/$name"
ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.gpg" > /dev/null ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.gpg" >/dev/null
ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.asc" > /dev/null ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.asc" >/dev/null
# Update the list of package to exclude the old repo # Update the list of package to exclude the old repo
ynh_package_update ynh_package_update
@ -485,10 +548,10 @@ ynh_remove_extra_repo () {
# ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable # ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_add_repo () { ynh_add_repo() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=uscna local legacy_args=uscna
local -A args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append ) local -A args_array=([u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append)
local uri local uri
local suite local suite
local component local component
@ -499,8 +562,7 @@ ynh_add_repo () {
name="${name:-$app}" name="${name:-$app}"
append=${append:-0} append=${append:-0}
if [ $append -eq 1 ] if [ $append -eq 1 ]; then
then
append="tee --append" append="tee --append"
else else
append="tee" append="tee"
@ -526,10 +588,10 @@ ynh_add_repo () {
# See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html#How_APT_Interprets_Priorities for information about pinning. # See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html#How_APT_Interprets_Priorities for information about pinning.
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_pin_repo () { ynh_pin_repo() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=pirna local legacy_args=pirna
local -A args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append ) local -A args_array=([p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append)
local package local package
local pin local pin
local priority local priority
@ -542,8 +604,7 @@ ynh_pin_repo () {
name="${name:-$app}" name="${name:-$app}"
append=${append:-0} append=${append:-0}
if [ $append -eq 1 ] if [ $append -eq 1 ]; then
then
append="tee --append" append="tee --append"
else else
append="tee" append="tee"
@ -557,5 +618,5 @@ ynh_pin_repo () {
Pin: $pin Pin: $pin
Pin-Priority: $priority Pin-Priority: $priority
" \ " \
| $append "/etc/apt/preferences.d/$name" | $append "/etc/apt/preferences.d/$name"
} }

139
data/helpers.d/backup
View file

@ -66,7 +66,7 @@ ynh_backup() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=sdbm local legacy_args=sdbm
local -A args_array=( [s]=src_path= [d]=dest_path= [b]=is_big [m]=not_mandatory ) local -A args_array=([s]=src_path= [d]=dest_path= [b]=is_big [m]=not_mandatory)
local src_path local src_path
local dest_path local dest_path
local is_big local is_big
@ -82,10 +82,8 @@ ynh_backup() {
# If backing up core only (used by ynh_backup_before_upgrade), # If backing up core only (used by ynh_backup_before_upgrade),
# don't backup big data items # don't backup big data items
if [ $is_big -eq 1 ] && ( [ ${do_not_backup_data:-0} -eq 1 ] || [ $BACKUP_CORE_ONLY -eq 1 ] ) if [ $is_big -eq 1 ] && ([ ${do_not_backup_data:-0} -eq 1 ] || [ $BACKUP_CORE_ONLY -eq 1 ]); then
then if [ $BACKUP_CORE_ONLY -eq 1 ]; then
if [ $BACKUP_CORE_ONLY -eq 1 ]
then
ynh_print_info --message="$src_path will not be saved, because 'BACKUP_CORE_ONLY' is set." ynh_print_info --message="$src_path will not be saved, because 'BACKUP_CORE_ONLY' is set."
else else
ynh_print_info --message="$src_path will not be saved, because 'do_not_backup_data' is set." ynh_print_info --message="$src_path will not be saved, because 'do_not_backup_data' is set."
@ -97,14 +95,11 @@ ynh_backup() {
# Format correctly source and destination paths # Format correctly source and destination paths
# ============================================================================== # ==============================================================================
# Be sure the source path is not empty # Be sure the source path is not empty
if [ ! -e "$src_path" ] if [ ! -e "$src_path" ]; then
then
ynh_print_warn --message="Source path '${src_path}' does not exist" ynh_print_warn --message="Source path '${src_path}' does not exist"
if [ "$not_mandatory" == "0" ] if [ "$not_mandatory" == "0" ]; then
then
# This is a temporary fix for fail2ban config files missing after the migration to stretch. # This is a temporary fix for fail2ban config files missing after the migration to stretch.
if echo "${src_path}" | grep --quiet "/etc/fail2ban" if echo "${src_path}" | grep --quiet "/etc/fail2ban"; then
then
touch "${src_path}" touch "${src_path}"
ynh_print_info --message="The missing file will be replaced by a dummy one for the backup !!!" ynh_print_info --message="The missing file will be replaced by a dummy one for the backup !!!"
else else
@ -122,13 +117,11 @@ ynh_backup() {
# If there is no destination path, initialize it with the source path # If there is no destination path, initialize it with the source path
# relative to "/". # relative to "/".
# eg: src_path=/etc/yunohost -> dest_path=etc/yunohost # eg: src_path=/etc/yunohost -> dest_path=etc/yunohost
if [[ -z "$dest_path" ]] if [[ -z "$dest_path" ]]; then
then
dest_path="${src_path#/}" dest_path="${src_path#/}"
else else
if [[ "${dest_path:0:1}" == "/" ]] if [[ "${dest_path:0:1}" == "/" ]]; then
then
# If the destination path is an absolute path, transform it as a path # If the destination path is an absolute path, transform it as a path
# relative to the current working directory ($YNH_CWD) # relative to the current working directory ($YNH_CWD)
@ -152,8 +145,7 @@ ynh_backup() {
fi fi
# Check if dest_path already exists in tmp archive # Check if dest_path already exists in tmp archive
if [[ -e "${dest_path}" ]] if [[ -e "${dest_path}" ]]; then
then
ynh_print_err --message="Destination path '${dest_path}' already exist" ynh_print_err --message="Destination path '${dest_path}' already exist"
return 1 return 1
fi fi
@ -170,7 +162,7 @@ ynh_backup() {
# ============================================================================== # ==============================================================================
local src=$(echo "${src_path}" | sed --regexp-extended 's/"/\"\"/g') local src=$(echo "${src_path}" | sed --regexp-extended 's/"/\"\"/g')
local dest=$(echo "${dest_path}" | sed --regexp-extended 's/"/\"\"/g') local dest=$(echo "${dest_path}" | sed --regexp-extended 's/"/\"\"/g')
echo "\"${src}\",\"${dest}\"" >> "${YNH_BACKUP_CSV}" echo "\"${src}\",\"${dest}\"" >>"${YNH_BACKUP_CSV}"
# ============================================================================== # ==============================================================================
@ -184,19 +176,18 @@ ynh_backup() {
# usage: ynh_restore # usage: ynh_restore
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_restore () { ynh_restore() {
# Deduce the relative path of $YNH_CWD # Deduce the relative path of $YNH_CWD
local REL_DIR="${YNH_CWD#$YNH_BACKUP_DIR/}" local REL_DIR="${YNH_CWD#$YNH_BACKUP_DIR/}"
REL_DIR="${REL_DIR%/}/" REL_DIR="${REL_DIR%/}/"
# For each destination path begining by $REL_DIR # For each destination path begining by $REL_DIR
cat ${YNH_BACKUP_CSV} | tr --delete $'\r' | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR.*\"$" | \ cat ${YNH_BACKUP_CSV} | tr --delete $'\r' | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR.*\"$" \
while read line | while read line; do
do local ORIGIN_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\"\K.*(?=\",\".*\"$)")
local ORIGIN_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\"\K.*(?=\",\".*\"$)") local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR\K.*(?=\"$)")
local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR\K.*(?=\"$)") ynh_restore_file --origin_path="$ARCHIVE_PATH" --dest_path="$ORIGIN_PATH"
ynh_restore_file --origin_path="$ARCHIVE_PATH" --dest_path="$ORIGIN_PATH" done
done
} }
# Return the path in the archive where has been stocked the origin path # Return the path in the archive where has been stocked the origin path
@ -204,7 +195,7 @@ ynh_restore () {
# [internal] # [internal]
# #
# usage: _get_archive_path ORIGIN_PATH # usage: _get_archive_path ORIGIN_PATH
_get_archive_path () { _get_archive_path() {
# For security reasons we use csv python library to read the CSV # For security reasons we use csv python library to read the CSV
python3 -c " python3 -c "
import sys import sys
@ -216,7 +207,7 @@ with open(sys.argv[1], 'r') as backup_file:
print(row['dest']) print(row['dest'])
sys.exit(0) sys.exit(0)
raise Exception('Original path for %s not found' % sys.argv[2]) raise Exception('Original path for %s not found' % sys.argv[2])
" "${YNH_BACKUP_CSV}" "$1" " "${YNH_BACKUP_CSV}" "$1"
return $? return $?
} }
@ -244,10 +235,10 @@ with open(sys.argv[1], 'r') as backup_file:
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
# Requires YunoHost version 3.5.0 or higher for the argument --not_mandatory # Requires YunoHost version 3.5.0 or higher for the argument --not_mandatory
ynh_restore_file () { ynh_restore_file() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=odm local legacy_args=odm
local -A args_array=( [o]=origin_path= [d]=dest_path= [m]=not_mandatory ) local -A args_array=([o]=origin_path= [d]=dest_path= [m]=not_mandatory)
local origin_path local origin_path
local dest_path local dest_path
local not_mandatory local not_mandatory
@ -260,10 +251,8 @@ ynh_restore_file () {
local archive_path="$YNH_CWD${origin_path}" local archive_path="$YNH_CWD${origin_path}"
# If archive_path doesn't exist, search for a corresponding path in CSV # If archive_path doesn't exist, search for a corresponding path in CSV
if [ ! -d "$archive_path" ] && [ ! -f "$archive_path" ] && [ ! -L "$archive_path" ] if [ ! -d "$archive_path" ] && [ ! -f "$archive_path" ] && [ ! -L "$archive_path" ]; then
then if [ "$not_mandatory" == "0" ]; then
if [ "$not_mandatory" == "0" ]
then
archive_path="$YNH_BACKUP_DIR/$(_get_archive_path \"$origin_path\")" archive_path="$YNH_BACKUP_DIR/$(_get_archive_path \"$origin_path\")"
else else
return 0 return 0
@ -271,14 +260,12 @@ ynh_restore_file () {
fi fi
# Move the old directory if it already exists # Move the old directory if it already exists
if [[ -e "${dest_path}" ]] if [[ -e "${dest_path}" ]]; then
then
# Check if the file/dir size is less than 500 Mo # Check if the file/dir size is less than 500 Mo
if [[ $(du --summarize --bytes ${dest_path} | cut --delimiter="/" --fields=1) -le "500000000" ]] if [[ $(du --summarize --bytes ${dest_path} | cut --delimiter="/" --fields=1) -le "500000000" ]]; then
then
local backup_file="/home/yunohost.conf/backup/${dest_path}.backup.$(date '+%Y%m%d.%H%M%S')" local backup_file="/home/yunohost.conf/backup/${dest_path}.backup.$(date '+%Y%m%d.%H%M%S')"
mkdir --parents "$(dirname "$backup_file")" mkdir --parents "$(dirname "$backup_file")"
mv "${dest_path}" "$backup_file" # Move the current file or directory mv "${dest_path}" "$backup_file" # Move the current file or directory
else else
ynh_secure_remove --file=${dest_path} ynh_secure_remove --file=${dest_path}
fi fi
@ -288,10 +275,8 @@ ynh_restore_file () {
mkdir --parents $(dirname "$dest_path") mkdir --parents $(dirname "$dest_path")
# Do a copy if it's just a mounting point # Do a copy if it's just a mounting point
if mountpoint --quiet $YNH_BACKUP_DIR if mountpoint --quiet $YNH_BACKUP_DIR; then
then if [[ -d "${archive_path}" ]]; then
if [[ -d "${archive_path}" ]]
then
archive_path="${archive_path}/." archive_path="${archive_path}/."
mkdir --parents "$dest_path" mkdir --parents "$dest_path"
fi fi
@ -310,10 +295,10 @@ ynh_restore_file () {
# $app should be defined when calling this helper # $app should be defined when calling this helper
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_store_file_checksum () { ynh_store_file_checksum() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=f local legacy_args=f
local -A args_array=( [f]=file= [u]=update_only ) local -A args_array=([f]=file= [u]=update_only)
local file local file
local update_only local update_only
update_only="${update_only:-0}" update_only="${update_only:-0}"
@ -321,12 +306,12 @@ ynh_store_file_checksum () {
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
# If update only, we don't save the new checksum if no old checksum exist # If update only, we don't save the new checksum if no old checksum exist
if [ $update_only -eq 1 ] ; then if [ $update_only -eq 1 ]; then
local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name) local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name)
if [ -z "${checksum_value}" ] ; then if [ -z "${checksum_value}" ]; then
unset backup_file_checksum unset backup_file_checksum
return 0 return 0
fi fi
@ -335,8 +320,7 @@ ynh_store_file_checksum () {
ynh_app_setting_set --app=$app --key=$checksum_setting_name --value=$(md5sum "$file" | cut --delimiter=' ' --fields=1) ynh_app_setting_set --app=$app --key=$checksum_setting_name --value=$(md5sum "$file" | cut --delimiter=' ' --fields=1)
# If backup_file_checksum isn't empty, ynh_backup_if_checksum_is_different has made a backup # If backup_file_checksum isn't empty, ynh_backup_if_checksum_is_different has made a backup
if [ -n "${backup_file_checksum-}" ] if [ -n "${backup_file_checksum-}" ]; then
then
# Print the diff between the previous file and the new one. # Print the diff between the previous file and the new one.
# diff return 1 if the files are different, so the || true # diff return 1 if the files are different, so the || true
diff --report-identical-files --unified --color=always $backup_file_checksum $file >&2 || true diff --report-identical-files --unified --color=always $backup_file_checksum $file >&2 || true
@ -355,27 +339,25 @@ ynh_store_file_checksum () {
# modified config files. # modified config files.
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_backup_if_checksum_is_different () { ynh_backup_if_checksum_is_different() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=f local legacy_args=f
local -A args_array=( [f]=file= ) local -A args_array=([f]=file=)
local file local file
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name) local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name)
# backup_file_checksum isn't declare as local, so it can be reuse by ynh_store_file_checksum # backup_file_checksum isn't declare as local, so it can be reuse by ynh_store_file_checksum
backup_file_checksum="" backup_file_checksum=""
if [ -n "$checksum_value" ] if [ -n "$checksum_value" ]; then # Proceed only if a value was stored into the app settings
then # Proceed only if a value was stored into the app settings if [ -e $file ] && ! echo "$checksum_value $file" | md5sum --check --status; then # If the checksum is now different
if [ -e $file ] && ! echo "$checksum_value $file" | md5sum --check --status
then # If the checksum is now different
backup_file_checksum="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')" backup_file_checksum="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')"
mkdir --parents "$(dirname "$backup_file_checksum")" mkdir --parents "$(dirname "$backup_file_checksum")"
cp --archive "$file" "$backup_file_checksum" # Backup the current file cp --archive "$file" "$backup_file_checksum" # Backup the current file
ynh_print_warn "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file_checksum" ynh_print_warn "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file_checksum"
echo "$backup_file_checksum" # Return the name of the backup file echo "$backup_file_checksum" # Return the name of the backup file
fi fi
fi fi
} }
@ -388,15 +370,15 @@ ynh_backup_if_checksum_is_different () {
# $app should be defined when calling this helper # $app should be defined when calling this helper
# #
# Requires YunoHost version 3.3.1 or higher. # Requires YunoHost version 3.3.1 or higher.
ynh_delete_file_checksum () { ynh_delete_file_checksum() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=f local legacy_args=f
local -A args_array=( [f]=file= ) local -A args_array=([f]=file=)
local file local file
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete --app=$app --key=$checksum_setting_name ynh_app_setting_delete --app=$app --key=$checksum_setting_name
} }
@ -404,7 +386,7 @@ ynh_delete_file_checksum () {
# #
# [internal] # [internal]
# #
ynh_backup_archive_exists () { ynh_backup_archive_exists() {
yunohost backup list --output-as json --quiet \ yunohost backup list --output-as json --quiet \
| jq -e --arg archive "$1" '.archives | index($archive)' >/dev/null | jq -e --arg archive "$1" '.archives | index($archive)' >/dev/null
} }
@ -423,22 +405,19 @@ ynh_backup_archive_exists () {
# ``` # ```
# #
# Requires YunoHost version 2.7.2 or higher. # Requires YunoHost version 2.7.2 or higher.
ynh_backup_before_upgrade () { ynh_backup_before_upgrade() {
if [ ! -e "/etc/yunohost/apps/$app/scripts/backup" ] if [ ! -e "/etc/yunohost/apps/$app/scripts/backup" ]; then
then
ynh_print_warn --message="This app doesn't have any backup script." ynh_print_warn --message="This app doesn't have any backup script."
return return
fi fi
backup_number=1 backup_number=1
local old_backup_number=2 local old_backup_number=2
local app_bck=${app//_/-} # Replace all '_' by '-' local app_bck=${app//_/-} # Replace all '_' by '-'
NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0} NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0}
if [ "$NO_BACKUP_UPGRADE" -eq 0 ] if [ "$NO_BACKUP_UPGRADE" -eq 0 ]; then
then
# Check if a backup already exists with the prefix 1 # Check if a backup already exists with the prefix 1
if ynh_backup_archive_exists "$app_bck-pre-upgrade1" if ynh_backup_archive_exists "$app_bck-pre-upgrade1"; then
then
# Prefix becomes 2 to preserve the previous backup # Prefix becomes 2 to preserve the previous backup
backup_number=2 backup_number=2
old_backup_number=1 old_backup_number=1
@ -446,13 +425,11 @@ ynh_backup_before_upgrade () {
# Create backup # Create backup
BACKUP_CORE_ONLY=1 yunohost backup create --apps $app --name $app_bck-pre-upgrade$backup_number --debug BACKUP_CORE_ONLY=1 yunohost backup create --apps $app --name $app_bck-pre-upgrade$backup_number --debug
if [ "$?" -eq 0 ] if [ "$?" -eq 0 ]; then
then
# If the backup succeeded, remove the previous backup # If the backup succeeded, remove the previous backup
if ynh_backup_archive_exists "$app_bck-pre-upgrade$old_backup_number" if ynh_backup_archive_exists "$app_bck-pre-upgrade$old_backup_number"; then
then
# Remove the previous backup only if it exists # Remove the previous backup only if it exists
yunohost backup delete $app_bck-pre-upgrade$old_backup_number > /dev/null yunohost backup delete $app_bck-pre-upgrade$old_backup_number >/dev/null
fi fi
else else
ynh_die --message="Backup failed, the upgrade process was aborted." ynh_die --message="Backup failed, the upgrade process was aborted."
@ -476,17 +453,15 @@ ynh_backup_before_upgrade () {
# ``` # ```
# #
# Requires YunoHost version 2.7.2 or higher. # Requires YunoHost version 2.7.2 or higher.
ynh_restore_upgradebackup () { ynh_restore_upgradebackup() {
ynh_print_err --message="Upgrade failed." ynh_print_err --message="Upgrade failed."
local app_bck=${app//_/-} # Replace all '_' by '-' local app_bck=${app//_/-} # Replace all '_' by '-'
NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0} NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0}
if [ "$NO_BACKUP_UPGRADE" -eq 0 ] if [ "$NO_BACKUP_UPGRADE" -eq 0 ]; then
then
# Check if an existing backup can be found before removing and restoring the application. # Check if an existing backup can be found before removing and restoring the application.
if ynh_backup_archive_exists "$app_bck-pre-upgrade$backup_number" if ynh_backup_archive_exists "$app_bck-pre-upgrade$backup_number"; then
then
# Remove the application then restore it # Remove the application then restore it
yunohost app remove $app yunohost app remove $app
# Restore the backup # Restore the backup

196
data/helpers.d/config
View file

@ -1,65 +1,54 @@
#!/bin/bash #!/bin/bash
_ynh_app_config_get_one() { _ynh_app_config_get_one() {
local short_setting="$1" local short_setting="$1"
local type="$2" local type="$2"
local bind="$3" local bind="$3"
local getter="get__${short_setting}" local getter="get__${short_setting}"
# Get value from getter if exists # Get value from getter if exists
if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null; if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null; then
then
old[$short_setting]="$($getter)" old[$short_setting]="$($getter)"
formats[${short_setting}]="yaml" formats[${short_setting}]="yaml"
elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
then
old[$short_setting]="$("get__${bind%%(*}" $short_setting $type $bind)" old[$short_setting]="$("get__${bind%%(*}" $short_setting $type $bind)"
formats[${short_setting}]="yaml" formats[${short_setting}]="yaml"
elif [[ "$bind" == "null" ]] elif [[ "$bind" == "null" ]]; then
then
old[$short_setting]="YNH_NULL" old[$short_setting]="YNH_NULL"
# Get value from app settings or from another file # Get value from app settings or from another file
elif [[ "$type" == "file" ]] elif [[ "$type" == "file" ]]; then
then if [[ "$bind" == "settings" ]]; then
if [[ "$bind" == "settings" ]]
then
ynh_die --message="File '${short_setting}' can't be stored in settings" ynh_die --message="File '${short_setting}' can't be stored in settings"
fi fi
old[$short_setting]="$(ls "$(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" 2> /dev/null || echo YNH_NULL)" old[$short_setting]="$(ls "$(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" 2>/dev/null || echo YNH_NULL)"
file_hash[$short_setting]="true" file_hash[$short_setting]="true"
# Get multiline text from settings or from a full file # Get multiline text from settings or from a full file
elif [[ "$type" == "text" ]] elif [[ "$type" == "text" ]]; then
then if [[ "$bind" == "settings" ]]; then
if [[ "$bind" == "settings" ]]
then
old[$short_setting]="$(ynh_app_setting_get $app $short_setting)" old[$short_setting]="$(ynh_app_setting_get $app $short_setting)"
elif [[ "$bind" == *":"* ]] elif [[ "$bind" == *":"* ]]; then
then
ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically in a variable file, you have to create custom getter/setter" ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically in a variable file, you have to create custom getter/setter"
else else
old[$short_setting]="$(cat $(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/) 2> /dev/null || echo YNH_NULL)" old[$short_setting]="$(cat $(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/) 2>/dev/null || echo YNH_NULL)"
fi fi
# Get value from a kind of key/value file # Get value from a kind of key/value file
else else
local bind_after="" local bind_after=""
if [[ "$bind" == "settings" ]] if [[ "$bind" == "settings" ]]; then
then
bind=":/etc/yunohost/apps/$app/settings.yml" bind=":/etc/yunohost/apps/$app/settings.yml"
fi fi
local bind_key="$(echo "$bind" | cut -d: -f1)" local bind_key_="$(echo "$bind" | cut -d: -f1)"
bind_key=${bind_key:-$short_setting} bind_key_=${bind_key_:-$short_setting}
if [[ "$bind_key" == *">"* ]]; if [[ "$bind_key_" == *">"* ]]; then
then bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)"
bind_after="$(echo "${bind_key}" | cut -d'>' -f1)" bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)"
bind_key="$(echo "${bind_key}" | cut -d'>' -f2)"
fi fi
local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
old[$short_setting]="$(ynh_read_var_in_file --file="${bind_file}" --key="${bind_key}" --after="${bind_after}")" old[$short_setting]="$(ynh_read_var_in_file --file="${bind_file}" --key="${bind_key_}" --after="${bind_after}")"
fi fi
} }
@ -68,83 +57,71 @@ _ynh_app_config_apply_one() {
local setter="set__${short_setting}" local setter="set__${short_setting}"
local bind="${binds[$short_setting]}" local bind="${binds[$short_setting]}"
local type="${types[$short_setting]}" local type="${types[$short_setting]}"
if [ "${changed[$short_setting]}" == "true" ] if [ "${changed[$short_setting]}" == "true" ]; then
then
# Apply setter if exists # Apply setter if exists
if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null; if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null; then
then
$setter $setter
elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
then
"set__${bind%%(*}" $short_setting $type $bind "set__${bind%%(*}" $short_setting $type $bind
elif [[ "$bind" == "null" ]] elif [[ "$bind" == "null" ]]; then
then return
continue
# Save in a file # Save in a file
elif [[ "$type" == "file" ]] elif [[ "$type" == "file" ]]; then
then if [[ "$bind" == "settings" ]]; then
if [[ "$bind" == "settings" ]]
then
ynh_die --message="File '${short_setting}' can't be stored in settings" ynh_die --message="File '${short_setting}' can't be stored in settings"
fi fi
local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
if [[ "${!short_setting}" == "" ]] if [[ "${!short_setting}" == "" ]]; then
then
ynh_backup_if_checksum_is_different --file="$bind_file" ynh_backup_if_checksum_is_different --file="$bind_file"
ynh_secure_remove --file="$bind_file" ynh_secure_remove --file="$bind_file"
ynh_delete_file_checksum --file="$bind_file" --update_only ynh_delete_file_checksum --file="$bind_file" --update_only
ynh_print_info --message="File '$bind_file' removed" ynh_print_info --message="File '$bind_file' removed"
else else
ynh_backup_if_checksum_is_different --file="$bind_file" ynh_backup_if_checksum_is_different --file="$bind_file"
if [[ "${!short_setting}" != "$bind_file" ]] if [[ "${!short_setting}" != "$bind_file" ]]; then
then
cp "${!short_setting}" "$bind_file" cp "${!short_setting}" "$bind_file"
fi fi
ynh_store_file_checksum --file="$bind_file" --update_only ynh_store_file_checksum --file="$bind_file" --update_only
ynh_print_info --message="File '$bind_file' overwrited with ${!short_setting}" ynh_print_info --message="File '$bind_file' overwritten with ${!short_setting}"
fi fi
# Save value in app settings # Save value in app settings
elif [[ "$bind" == "settings" ]] elif [[ "$bind" == "settings" ]]; then
then
ynh_app_setting_set --app=$app --key=$short_setting --value="${!short_setting}" ynh_app_setting_set --app=$app --key=$short_setting --value="${!short_setting}"
ynh_print_info --message="Configuration key '$short_setting' edited in app settings" ynh_print_info --message="Configuration key '$short_setting' edited in app settings"
# Save multiline text in a file # Save multiline text in a file
elif [[ "$type" == "text" ]] elif [[ "$type" == "text" ]]; then
then if [[ "$bind" == *":"* ]]; then
if [[ "$bind" == *":"* ]]
then
ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically in a variable file, you have to create custom getter/setter" ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically in a variable file, you have to create custom getter/setter"
fi fi
local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
ynh_backup_if_checksum_is_different --file="$bind_file" ynh_backup_if_checksum_is_different --file="$bind_file"
echo "${!short_setting}" > "$bind_file" echo "${!short_setting}" >"$bind_file"
ynh_store_file_checksum --file="$bind_file" --update_only ynh_store_file_checksum --file="$bind_file" --update_only
ynh_print_info --message="File '$bind_file' overwrited with the content you provieded in '${short_setting}' question" ynh_print_info --message="File '$bind_file' overwritten with the content provided in question '${short_setting}'"
# Set value into a kind of key/value file # Set value into a kind of key/value file
else else
local bind_after="" local bind_after=""
local bind_key="$(echo "$bind" | cut -d: -f1)" local bind_key_="$(echo "$bind" | cut -d: -f1)"
bind_key=${bind_key:-$short_setting} bind_key_=${bind_key_:-$short_setting}
if [[ "$bind_key" == *">"* ]]; if [[ "$bind_key_" == *">"* ]]; then
then bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)"
bind_after="$(echo "${bind_key}" | cut -d'>' -f1)" bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)"
bind_key="$(echo "${bind_key}" | cut -d'>' -f2)"
fi fi
local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
ynh_backup_if_checksum_is_different --file="$bind_file" ynh_backup_if_checksum_is_different --file="$bind_file"
ynh_write_var_in_file --file="${bind_file}" --key="${bind_key}" --value="${!short_setting}" --after="${bind_after}" ynh_write_var_in_file --file="${bind_file}" --key="${bind_key_}" --value="${!short_setting}" --after="${bind_after}"
ynh_store_file_checksum --file="$bind_file" --update_only ynh_store_file_checksum --file="$bind_file" --update_only
# We stored the info in settings in order to be able to upgrade the app # We stored the info in settings in order to be able to upgrade the app
ynh_app_setting_set --app=$app --key=$short_setting --value="${!short_setting}" ynh_app_setting_set --app=$app --key=$short_setting --value="${!short_setting}"
ynh_print_info --message="Configuration key '$bind_key' edited into $bind_file" ynh_print_info --message="Configuration key '$bind_key_' edited into $bind_file"
fi fi
fi fi
@ -152,7 +129,8 @@ _ynh_app_config_apply_one() {
_ynh_app_config_get() { _ynh_app_config_get() {
# From settings # From settings
local lines local lines
lines=$(python3 << EOL lines=$(
python3 <<EOL
import toml import toml
from collections import OrderedDict from collections import OrderedDict
with open("../config_panel.toml", "r") as f: with open("../config_panel.toml", "r") as f:
@ -172,11 +150,10 @@ for panel_name, panel in loaded_toml.items():
param.get('bind', 'settings' if param.get('type', 'string') != 'file' else 'null') param.get('bind', 'settings' if param.get('type', 'string') != 'file' else 'null')
])) ]))
EOL EOL
) )
for line in $lines for line in $lines; do
do
# Split line into short_setting, type and bind # Split line into short_setting, type and bind
IFS=';' read short_setting type bind <<< "$line" IFS=';' read short_setting type bind <<<"$line"
binds[${short_setting}]="$bind" binds[${short_setting}]="$bind"
types[${short_setting}]="$type" types[${short_setting}]="$type"
file_hash[${short_setting}]="" file_hash[${short_setting}]=""
@ -184,23 +161,18 @@ EOL
ynh_app_config_get_one $short_setting $type $bind ynh_app_config_get_one $short_setting $type $bind
done done
} }
_ynh_app_config_apply() { _ynh_app_config_apply() {
for short_setting in "${!old[@]}" for short_setting in "${!old[@]}"; do
do
ynh_app_config_apply_one $short_setting ynh_app_config_apply_one $short_setting
done done
} }
_ynh_app_config_show() { _ynh_app_config_show() {
for short_setting in "${!old[@]}" for short_setting in "${!old[@]}"; do
do if [[ "${old[$short_setting]}" != YNH_NULL ]]; then
if [[ "${old[$short_setting]}" != YNH_NULL ]] if [[ "${formats[$short_setting]}" == "yaml" ]]; then
then
if [[ "${formats[$short_setting]}" == "yaml" ]]
then
ynh_return "${short_setting}:" ynh_return "${short_setting}:"
ynh_return "$(echo "${old[$short_setting]}" | sed 's/^/ /g')" ynh_return "$(echo "${old[$short_setting]}" | sed 's/^/ /g')"
else else
@ -216,48 +188,39 @@ _ynh_app_config_validate() {
ynh_script_progression --message="Checking what changed in the new configuration..." --weight=1 ynh_script_progression --message="Checking what changed in the new configuration..." --weight=1
local nothing_changed=true local nothing_changed=true
local changes_validated=true local changes_validated=true
for short_setting in "${!old[@]}" for short_setting in "${!old[@]}"; do
do
changed[$short_setting]=false changed[$short_setting]=false
if [ -z ${!short_setting+x} ] if [ -z ${!short_setting+x} ]; then
then
# Assign the var with the old value in order to allows multiple # Assign the var with the old value in order to allows multiple
# args validation # args validation
declare "$short_setting"="${old[$short_setting]}" declare "$short_setting"="${old[$short_setting]}"
continue continue
fi fi
if [ ! -z "${file_hash[${short_setting}]}" ] if [ ! -z "${file_hash[${short_setting}]}" ]; then
then
file_hash[old__$short_setting]="" file_hash[old__$short_setting]=""
file_hash[new__$short_setting]="" file_hash[new__$short_setting]=""
if [ -f "${old[$short_setting]}" ] if [ -f "${old[$short_setting]}" ]; then
then
file_hash[old__$short_setting]=$(sha256sum "${old[$short_setting]}" | cut -d' ' -f1) file_hash[old__$short_setting]=$(sha256sum "${old[$short_setting]}" | cut -d' ' -f1)
if [ -z "${!short_setting}" ] if [ -z "${!short_setting}" ]; then
then
changed[$short_setting]=true changed[$short_setting]=true
nothing_changed=false nothing_changed=false
fi fi
fi fi
if [ -f "${!short_setting}" ] if [ -f "${!short_setting}" ]; then
then
file_hash[new__$short_setting]=$(sha256sum "${!short_setting}" | cut -d' ' -f1) file_hash[new__$short_setting]=$(sha256sum "${!short_setting}" | cut -d' ' -f1)
if [[ "${file_hash[old__$short_setting]}" != "${file_hash[new__$short_setting]}" ]] if [[ "${file_hash[old__$short_setting]}" != "${file_hash[new__$short_setting]}" ]]; then
then
changed[$short_setting]=true changed[$short_setting]=true
nothing_changed=false nothing_changed=false
fi fi
fi fi
else else
if [[ "${!short_setting}" != "${old[$short_setting]}" ]] if [[ "${!short_setting}" != "${old[$short_setting]}" ]]; then
then
changed[$short_setting]=true changed[$short_setting]=true
nothing_changed=false nothing_changed=false
fi fi
fi fi
done done
if [[ "$nothing_changed" == "true" ]] if [[ "$nothing_changed" == "true" ]]; then
then
ynh_print_info --message="Nothing has changed" ynh_print_info --message="Nothing has changed"
exit 0 exit 0
fi fi
@ -265,19 +228,15 @@ _ynh_app_config_validate() {
# Run validation if something is changed # Run validation if something is changed
ynh_script_progression --message="Validating the new configuration..." --weight=1 ynh_script_progression --message="Validating the new configuration..." --weight=1
for short_setting in "${!old[@]}" for short_setting in "${!old[@]}"; do
do
[[ "${changed[$short_setting]}" == "false" ]] && continue [[ "${changed[$short_setting]}" == "false" ]] && continue
local result="" local result=""
if type -t validate__$short_setting | grep -q '^function$' 2>/dev/null; if type -t validate__$short_setting | grep -q '^function$' 2>/dev/null; then
then
result="$(validate__$short_setting)" result="$(validate__$short_setting)"
elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
then
"validate__${bind%%(*}" $short_setting "validate__${bind%%(*}" $short_setting
fi fi
if [ -n "$result" ] if [ -n "$result" ]; then
then
# #
# Return a yaml such as: # Return a yaml such as:
# #
@ -287,8 +246,7 @@ _ynh_app_config_validate() {
# #
# We use changes_validated to know if this is # We use changes_validated to know if this is
# the first validation error # the first validation error
if [[ "$changes_validated" == true ]] if [[ "$changes_validated" == true ]]; then
then
ynh_return "validation_errors:" ynh_return "validation_errors:"
fi fi
ynh_return " ${short_setting}: \"$result\"" ynh_return " ${short_setting}: \"$result\""
@ -298,8 +256,7 @@ _ynh_app_config_validate() {
# If validation failed, exit the script right now (instead of going into apply) # If validation failed, exit the script right now (instead of going into apply)
# Yunohost core will pick up the errors returned via ynh_return previously # Yunohost core will pick up the errors returned via ynh_return previously
if [[ "$changes_validated" == "false" ]] if [[ "$changes_validated" == "false" ]]; then
then
exit 0 exit 0
fi fi
@ -337,21 +294,20 @@ ynh_app_config_run() {
declare -Ag formats=() declare -Ag formats=()
case $1 in case $1 in
show) show)
ynh_app_config_get ynh_app_config_get
ynh_app_config_show ynh_app_config_show
;; ;;
apply) apply)
max_progression=4 max_progression=4
ynh_script_progression --message="Reading config panel description and current configuration..." ynh_script_progression --message="Reading config panel description and current configuration..."
ynh_app_config_get ynh_app_config_get
ynh_app_config_validate ynh_app_config_validate
ynh_script_progression --message="Applying the new configuration..." ynh_script_progression --message="Applying the new configuration..."
ynh_app_config_apply ynh_app_config_apply
ynh_script_progression --message="Configuration of $app completed" --last ynh_script_progression --message="Configuration of $app completed" --last
;; ;;
esac esac
} }

18
data/helpers.d/fail2ban
View file

@ -61,10 +61,10 @@
# ``` # ```
# #
# Requires YunoHost version 4.1.0 or higher. # Requires YunoHost version 4.1.0 or higher.
ynh_add_fail2ban_config () { ynh_add_fail2ban_config() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=lrmptv local legacy_args=lrmptv
local -A args_array=( [l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template) local -A args_array=([l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template)
local logpath local logpath
local failregex local failregex
local max_retry local max_retry
@ -76,8 +76,7 @@ ynh_add_fail2ban_config () {
ports=${ports:-http,https} ports=${ports:-http,https}
use_template="${use_template:-0}" use_template="${use_template:-0}"
if [ $use_template -ne 1 ] if [ $use_template -ne 1 ]; then
then
# Usage 1, no template. Build a config file from scratch. # Usage 1, no template. Build a config file from scratch.
test -n "$logpath" || ynh_die --message="ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." test -n "$logpath" || ynh_die --message="ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
test -n "$failregex" || ynh_die --message="ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." test -n "$failregex" || ynh_die --message="ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
@ -89,15 +88,15 @@ port = __PORTS__
filter = __APP__ filter = __APP__
logpath = __LOGPATH__ logpath = __LOGPATH__
maxretry = __MAX_RETRY__ maxretry = __MAX_RETRY__
" > $YNH_APP_BASEDIR/conf/f2b_jail.conf " >$YNH_APP_BASEDIR/conf/f2b_jail.conf
echo " echo "
[INCLUDES] [INCLUDES]
before = common.conf before = common.conf
[Definition] [Definition]
failregex = __FAILREGEX__ failregex = __FAILREGEX__
ignoreregex = ignoreregex =
" > $YNH_APP_BASEDIR/conf/f2b_filter.conf " >$YNH_APP_BASEDIR/conf/f2b_filter.conf
fi fi
ynh_add_config --template="$YNH_APP_BASEDIR/conf/f2b_jail.conf" --destination="/etc/fail2ban/jail.d/$app.conf" ynh_add_config --template="$YNH_APP_BASEDIR/conf/f2b_jail.conf" --destination="/etc/fail2ban/jail.d/$app.conf"
@ -106,8 +105,7 @@ ignoreregex =
ynh_systemd_action --service_name=fail2ban --action=reload --line_match="(Started|Reloaded) Fail2Ban Service" --log_path=systemd ynh_systemd_action --service_name=fail2ban --action=reload --line_match="(Started|Reloaded) Fail2Ban Service" --log_path=systemd
local fail2ban_error="$(journalctl --no-hostname --unit=fail2ban | tail --lines=50 | grep "WARNING.*$app.*")" local fail2ban_error="$(journalctl --no-hostname --unit=fail2ban | tail --lines=50 | grep "WARNING.*$app.*")"
if [[ -n "$fail2ban_error" ]] if [[ -n "$fail2ban_error" ]]; then
then
ynh_print_err --message="Fail2ban failed to load the jail for $app" ynh_print_err --message="Fail2ban failed to load the jail for $app"
ynh_print_warn --message="${fail2ban_error#*WARNING}" ynh_print_warn --message="${fail2ban_error#*WARNING}"
fi fi
@ -118,7 +116,7 @@ ignoreregex =
# usage: ynh_remove_fail2ban_config # usage: ynh_remove_fail2ban_config
# #
# Requires YunoHost version 3.5.0 or higher. # Requires YunoHost version 3.5.0 or higher.
ynh_remove_fail2ban_config () { ynh_remove_fail2ban_config() {
ynh_secure_remove --file="/etc/fail2ban/jail.d/$app.conf" ynh_secure_remove --file="/etc/fail2ban/jail.d/$app.conf"
ynh_secure_remove --file="/etc/fail2ban/filter.d/$app.conf" ynh_secure_remove --file="/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --service_name=fail2ban --action=reload ynh_systemd_action --service_name=fail2ban --action=reload

69
data/helpers.d/getopts
View file

@ -45,11 +45,10 @@
# e.g. for `my_helper "val1" val2`, arg1 will be filled with val1, and arg2 with val2. # e.g. for `my_helper "val1" val2`, arg1 will be filled with val1, and arg2 with val2.
# #
# Requires YunoHost version 3.2.2 or higher. # Requires YunoHost version 3.2.2 or higher.
ynh_handle_getopts_args () { ynh_handle_getopts_args() {
# Manage arguments only if there's some provided # Manage arguments only if there's some provided
set +o xtrace # set +x set +o xtrace # set +x
if [ $# -ne 0 ] if [ $# -ne 0 ]; then
then
# Store arguments in an array to keep each argument separated # Store arguments in an array to keep each argument separated
local arguments=("$@") local arguments=("$@")
@ -58,14 +57,12 @@ ynh_handle_getopts_args () {
# ${!args_array[@]} is the list of all option_flags in the array (An option_flag is 'u' in [u]=user, user is a value) # ${!args_array[@]} is the list of all option_flags in the array (An option_flag is 'u' in [u]=user, user is a value)
local getopts_parameters="" local getopts_parameters=""
local option_flag="" local option_flag=""
for option_flag in "${!args_array[@]}" for option_flag in "${!args_array[@]}"; do
do
# Concatenate each option_flags of the array to build the string of arguments for getopts # Concatenate each option_flags of the array to build the string of arguments for getopts
# Will looks like 'abcd' for -a -b -c -d # Will looks like 'abcd' for -a -b -c -d
# If the value of an option_flag finish by =, it's an option with additionnal values. (e.g. --user bob or -u bob) # If the value of an option_flag finish by =, it's an option with additionnal values. (e.g. --user bob or -u bob)
# Check the last character of the value associate to the option_flag # Check the last character of the value associate to the option_flag
if [ "${args_array[$option_flag]: -1}" = "=" ] if [ "${args_array[$option_flag]: -1}" = "=" ]; then
then
# For an option with additionnal values, add a ':' after the letter for getopts. # For an option with additionnal values, add a ':' after the letter for getopts.
getopts_parameters="${getopts_parameters}${option_flag}:" getopts_parameters="${getopts_parameters}${option_flag}:"
else else
@ -74,8 +71,7 @@ ynh_handle_getopts_args () {
# Check each argument given to the function # Check each argument given to the function
local arg="" local arg=""
# ${#arguments[@]} is the size of the array # ${#arguments[@]} is the size of the array
for arg in `seq 0 $(( ${#arguments[@]} - 1 ))` for arg in $(seq 0 $((${#arguments[@]} - 1))); do
do
# Escape options' values starting with -. Otherwise the - will be considered as another option. # Escape options' values starting with -. Otherwise the - will be considered as another option.
arguments[arg]="${arguments[arg]//--${args_array[$option_flag]}-/--${args_array[$option_flag]}\\TOBEREMOVED\\-}" arguments[arg]="${arguments[arg]//--${args_array[$option_flag]}-/--${args_array[$option_flag]}\\TOBEREMOVED\\-}"
# And replace long option (value of the option_flag) by the short option, the option_flag itself # And replace long option (value of the option_flag) by the short option, the option_flag itself
@ -89,10 +85,9 @@ ynh_handle_getopts_args () {
# Read and parse all the arguments # Read and parse all the arguments
# Use a function here, to use standart arguments $@ and be able to use shift. # Use a function here, to use standart arguments $@ and be able to use shift.
parse_arg () { parse_arg() {
# Read all arguments, until no arguments are left # Read all arguments, until no arguments are left
while [ $# -ne 0 ] while [ $# -ne 0 ]; do
do
# Initialize the index of getopts # Initialize the index of getopts
OPTIND=1 OPTIND=1
# Parse with getopts only if the argument begin by -, that means the argument is an option # Parse with getopts only if the argument begin by -, that means the argument is an option
@ -100,11 +95,9 @@ ynh_handle_getopts_args () {
local parameter="" local parameter=""
getopts ":$getopts_parameters" parameter || true getopts ":$getopts_parameters" parameter || true
if [ "$parameter" = "?" ] if [ "$parameter" = "?" ]; then
then
ynh_die --message="Invalid argument: -${OPTARG:-}" ynh_die --message="Invalid argument: -${OPTARG:-}"
elif [ "$parameter" = ":" ] elif [ "$parameter" = ":" ]; then
then
ynh_die --message="-$OPTARG parameter requires an argument." ynh_die --message="-$OPTARG parameter requires an argument."
else else
local shift_value=1 local shift_value=1
@ -115,8 +108,7 @@ ynh_handle_getopts_args () {
local option_var="${args_array[$parameter]%=}" local option_var="${args_array[$parameter]%=}"
# If this option doesn't take values # If this option doesn't take values
# if there's a '=' at the end of the long option name, this option takes values # if there's a '=' at the end of the long option name, this option takes values
if [ "${args_array[$parameter]: -1}" != "=" ] if [ "${args_array[$parameter]: -1}" != "=" ]; then
then
# 'eval ${option_var}' will use the content of 'option_var' # 'eval ${option_var}' will use the content of 'option_var'
eval ${option_var}=1 eval ${option_var}=1
else else
@ -126,41 +118,35 @@ ynh_handle_getopts_args () {
# If the first argument is longer than 2 characters, # If the first argument is longer than 2 characters,
# There's a value attached to the option, in the same array cell # There's a value attached to the option, in the same array cell
if [ ${#all_args[0]} -gt 2 ] if [ ${#all_args[0]} -gt 2 ]; then
then
# Remove the option and the space, so keep only the value itself. # Remove the option and the space, so keep only the value itself.
all_args[0]="${all_args[0]#-${parameter} }" all_args[0]="${all_args[0]#-${parameter} }"
# At this point, if all_args[0] start with "-", then the argument is not well formed # At this point, if all_args[0] start with "-", then the argument is not well formed
if [ "${all_args[0]:0:1}" == "-" ] if [ "${all_args[0]:0:1}" == "-" ]; then
then
ynh_die --message="Argument \"${all_args[0]}\" not valid! Did you use a single \"-\" instead of two?" ynh_die --message="Argument \"${all_args[0]}\" not valid! Did you use a single \"-\" instead of two?"
fi fi
# Reduce the value of shift, because the option has been removed manually # Reduce the value of shift, because the option has been removed manually
shift_value=$(( shift_value - 1 )) shift_value=$((shift_value - 1))
fi fi
# Declare the content of option_var as a variable. # Declare the content of option_var as a variable.
eval ${option_var}="" eval ${option_var}=""
# Then read the array value per value # Then read the array value per value
local i local i
for i in `seq 0 $(( ${#all_args[@]} - 1 ))` for i in $(seq 0 $((${#all_args[@]} - 1))); do
do
# If this argument is an option, end here. # If this argument is an option, end here.
if [ "${all_args[$i]:0:1}" == "-" ] if [ "${all_args[$i]:0:1}" == "-" ]; then
then
# Ignore the first value of the array, which is the option itself # Ignore the first value of the array, which is the option itself
if [ "$i" -ne 0 ]; then if [ "$i" -ne 0 ]; then
break break
fi fi
else else
# Ignore empty parameters # Ignore empty parameters
if [ -n "${all_args[$i]}" ] if [ -n "${all_args[$i]}" ]; then
then
# Else, add this value to this option # Else, add this value to this option
# Each value will be separated by ';' # Each value will be separated by ';'
if [ -n "${!option_var}" ] if [ -n "${!option_var}" ]; then
then
# If there's already another value for this option, add a ; before adding the new value # If there's already another value for this option, add a ; before adding the new value
eval ${option_var}+="\;" eval ${option_var}+="\;"
fi fi
@ -177,7 +163,7 @@ ynh_handle_getopts_args () {
eval ${option_var}+='"${all_args[$i]}"' eval ${option_var}+='"${all_args[$i]}"'
fi fi
shift_value=$(( shift_value + 1 )) shift_value=$((shift_value + 1))
fi fi
done done
fi fi
@ -190,24 +176,23 @@ ynh_handle_getopts_args () {
# LEGACY MODE # LEGACY MODE
# Check if there's getopts arguments # Check if there's getopts arguments
if [ "${arguments[0]:0:1}" != "-" ] if [ "${arguments[0]:0:1}" != "-" ]; then
then
# If not, enter in legacy mode and manage the arguments as positionnal ones.. # If not, enter in legacy mode and manage the arguments as positionnal ones..
# Dot not echo, to prevent to go through a helper output. But print only in the log. # Dot not echo, to prevent to go through a helper output. But print only in the log.
set -x; echo "! Helper used in legacy mode !" > /dev/null; set +x set -x
echo "! Helper used in legacy mode !" >/dev/null
set +x
local i local i
for i in `seq 0 $(( ${#arguments[@]} -1 ))` for i in $(seq 0 $((${#arguments[@]} - 1))); do
do
# Try to use legacy_args as a list of option_flag of the array args_array # Try to use legacy_args as a list of option_flag of the array args_array
# Otherwise, fallback to getopts_parameters to get the option_flag. But an associative arrays isn't always sorted in the correct order... # Otherwise, fallback to getopts_parameters to get the option_flag. But an associative arrays isn't always sorted in the correct order...
# Remove all ':' in getopts_parameters # Remove all ':' in getopts_parameters
getopts_parameters=${legacy_args:-${getopts_parameters//:}} getopts_parameters=${legacy_args:-${getopts_parameters//:/}}
# Get the option_flag from getopts_parameters, by using the option_flag according to the position of the argument. # Get the option_flag from getopts_parameters, by using the option_flag according to the position of the argument.
option_flag=${getopts_parameters:$i:1} option_flag=${getopts_parameters:$i:1}
if [ -z "$option_flag" ] if [ -z "$option_flag" ]; then
then ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored."
ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored." continue
continue
fi fi
# Use the long option, corresponding to the option_flag, as a variable # Use the long option, corresponding to the option_flag, as a variable
# (e.g. for [u]=user, 'user' will be used as a variable) # (e.g. for [u]=user, 'user' will be used as a variable)

36
data/helpers.d/hardware
View file

@ -10,10 +10,10 @@
# | ret: the amount of free ram, in MB (MegaBytes) # | ret: the amount of free ram, in MB (MegaBytes)
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_get_ram () { ynh_get_ram() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=ftso local legacy_args=ftso
local -A args_array=( [f]=free [t]=total [s]=ignore_swap [o]=only_swap ) local -A args_array=([f]=free [t]=total [s]=ignore_swap [o]=only_swap)
local free local free
local total local total
local ignore_swap local ignore_swap
@ -25,41 +25,34 @@ ynh_get_ram () {
free=${free:-0} free=${free:-0}
total=${total:-0} total=${total:-0}
if [ $free -eq $total ] if [ $free -eq $total ]; then
then
ynh_print_warn --message="You have to choose --free or --total when using ynh_get_ram" ynh_print_warn --message="You have to choose --free or --total when using ynh_get_ram"
ram=0 ram=0
# Use the total amount of ram # Use the total amount of ram
elif [ $free -eq 1 ] elif [ $free -eq 1 ]; then
then
local free_ram=$(vmstat --stats --unit M | grep "free memory" | awk '{print $1}') local free_ram=$(vmstat --stats --unit M | grep "free memory" | awk '{print $1}')
local free_swap=$(vmstat --stats --unit M | grep "free swap" | awk '{print $1}') local free_swap=$(vmstat --stats --unit M | grep "free swap" | awk '{print $1}')
local free_ram_swap=$(( free_ram + free_swap )) local free_ram_swap=$((free_ram + free_swap))
# Use the total amount of free ram # Use the total amount of free ram
local ram=$free_ram_swap local ram=$free_ram_swap
if [ $ignore_swap -eq 1 ] if [ $ignore_swap -eq 1 ]; then
then
# Use only the amount of free ram # Use only the amount of free ram
ram=$free_ram ram=$free_ram
elif [ $only_swap -eq 1 ] elif [ $only_swap -eq 1 ]; then
then
# Use only the amount of free swap # Use only the amount of free swap
ram=$free_swap ram=$free_swap
fi fi
elif [ $total -eq 1 ] elif [ $total -eq 1 ]; then
then
local total_ram=$(vmstat --stats --unit M | grep "total memory" | awk '{print $1}') local total_ram=$(vmstat --stats --unit M | grep "total memory" | awk '{print $1}')
local total_swap=$(vmstat --stats --unit M | grep "total swap" | awk '{print $1}') local total_swap=$(vmstat --stats --unit M | grep "total swap" | awk '{print $1}')
local total_ram_swap=$(( total_ram + total_swap )) local total_ram_swap=$((total_ram + total_swap))
local ram=$total_ram_swap local ram=$total_ram_swap
if [ $ignore_swap -eq 1 ] if [ $ignore_swap -eq 1 ]; then
then
# Use only the amount of free ram # Use only the amount of free ram
ram=$total_ram ram=$total_ram
elif [ $only_swap -eq 1 ] elif [ $only_swap -eq 1 ]; then
then
# Use only the amount of free swap # Use only the amount of free swap
ram=$total_swap ram=$total_swap
fi fi
@ -79,10 +72,10 @@ ynh_get_ram () {
# | ret: 1 if the ram is under the requirement, 0 otherwise. # | ret: 1 if the ram is under the requirement, 0 otherwise.
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_require_ram () { ynh_require_ram() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=rftso local legacy_args=rftso
local -A args_array=( [r]=required= [f]=free [t]=total [s]=ignore_swap [o]=only_swap ) local -A args_array=([r]=required= [f]=free [t]=total [s]=ignore_swap [o]=only_swap)
local required local required
local free local free
local total local total
@ -100,8 +93,7 @@ ynh_require_ram () {
local ram=$(ynh_get_ram $free $total $ignore_swap $only_swap) local ram=$(ynh_get_ram $free $total $ignore_swap $only_swap)
if [ $ram -lt $required ] if [ $ram -lt $required ]; then
then
return 1 return 1
else else
return 0 return 0

239
data/helpers.d/logging
View file

@ -10,7 +10,7 @@
ynh_die() { ynh_die() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=mc local legacy_args=mc
local -A args_array=( [m]=message= [c]=ret_code= ) local -A args_array=([m]=message= [c]=ret_code=)
local message local message
local ret_code local ret_code
# Manage arguments with getopts # Manage arguments with getopts
@ -30,7 +30,7 @@ ynh_die() {
ynh_print_info() { ynh_print_info() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=m local legacy_args=m
local -A args_array=( [m]=message= ) local -A args_array=([m]=message=)
local message local message
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -38,31 +38,12 @@ ynh_print_info() {
echo "$message" >&$YNH_STDINFO echo "$message" >&$YNH_STDINFO
} }
# Ignore the yunohost-cli log to prevent errors with conditional commands
#
# [internal]
#
# usage: ynh_no_log COMMAND
#
# Simply duplicate the log, execute the yunohost command and replace the log without the result of this command
# It's a very badly hack...
#
# Requires YunoHost version 2.6.4 or higher.
ynh_no_log() {
local ynh_cli_log=/var/log/yunohost/yunohost-cli.log
cp --archive ${ynh_cli_log} ${ynh_cli_log}-move
eval $@
local exit_code=$?
mv ${ynh_cli_log}-move ${ynh_cli_log}
return $exit_code
}
# Main printer, just in case in the future we have to change anything about that. # Main printer, just in case in the future we have to change anything about that.
# #
# [internal] # [internal]
# #
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_print_log () { ynh_print_log() {
echo -e "${1}" echo -e "${1}"
} }
@ -72,10 +53,10 @@ ynh_print_log () {
# | arg: -m, --message= - The text to print # | arg: -m, --message= - The text to print
# #
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_print_warn () { ynh_print_warn() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=m local legacy_args=m
local -A args_array=( [m]=message= ) local -A args_array=([m]=message=)
local message local message
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -89,10 +70,10 @@ ynh_print_warn () {
# | arg: -m, --message= - The text to print # | arg: -m, --message= - The text to print
# #
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_print_err () { ynh_print_err() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=m local legacy_args=m
local -A args_array=( [m]=message= ) local -A args_array=([m]=message=)
local message local message
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -102,82 +83,119 @@ ynh_print_err () {
# Execute a command and print the result as an error # Execute a command and print the result as an error
# #
# usage: ynh_exec_err "your_command [ | other_command ]" # usage: ynh_exec_err your command and args
# | arg: command - command to execute # | arg: command - command to execute
# #
# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. # Note that you should NOT quote the command but only prefix it with ynh_exec_err
#
# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed.
# #
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_exec_err () { ynh_exec_err() {
ynh_print_err "$(eval $@)" # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
# (because in the past eval was used) ...
# we detect this by checking that there's no 2nd arg, and $1 contains a space
if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
then
ynh_print_err "$(eval $@)"
else
# Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
ynh_print_err "$("$@")"
fi
} }
# Execute a command and print the result as a warning # Execute a command and print the result as a warning
# #
# usage: ynh_exec_warn "your_command [ | other_command ]" # usage: ynh_exec_warn your command and args
# | arg: command - command to execute # | arg: command - command to execute
# #
# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. # Note that you should NOT quote the command but only prefix it with ynh_exec_warn
#
# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed.
# #
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_exec_warn () { ynh_exec_warn() {
ynh_print_warn "$(eval $@)" # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
# (because in the past eval was used) ...
# we detect this by checking that there's no 2nd arg, and $1 contains a space
if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
then
ynh_print_warn "$(eval $@)"
else
# Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
ynh_print_warn "$("$@")"
fi
} }
# Execute a command and force the result to be printed on stdout # Execute a command and force the result to be printed on stdout
# #
# usage: ynh_exec_warn_less "your_command [ | other_command ]" # usage: ynh_exec_warn_less your command and args
# | arg: command - command to execute # | arg: command - command to execute
# #
# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. # Note that you should NOT quote the command but only prefix it with ynh_exec_warn
#
# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed.
# #
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_exec_warn_less () { ynh_exec_warn_less() {
eval $@ 2>&1 # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
# (because in the past eval was used) ...
# we detect this by checking that there's no 2nd arg, and $1 contains a space
if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
then
eval $@ 2>&1
else
# Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
"$@" 2>&1
fi
} }
# Execute a command and redirect stdout in /dev/null # Execute a command and redirect stdout in /dev/null
# #
# usage: ynh_exec_quiet "your_command [ | other_command ]" # usage: ynh_exec_quiet your command and args
# | arg: command - command to execute # | arg: command - command to execute
# #
# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. # Note that you should NOT quote the command but only prefix it with ynh_exec_warn
#
# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed.
# #
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_exec_quiet () { ynh_exec_quiet() {
eval $@ > /dev/null # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
# (because in the past eval was used) ...
# we detect this by checking that there's no 2nd arg, and $1 contains a space
if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
then
eval $@ > /dev/null
else
# Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
"$@" > /dev/null
fi
} }
# Execute a command and redirect stdout and stderr in /dev/null # Execute a command and redirect stdout and stderr in /dev/null
# #
# usage: ynh_exec_fully_quiet "your_command [ | other_command ]" # usage: ynh_exec_quiet your command and args
# | arg: command - command to execute # | arg: command - command to execute
# #
# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. # Note that you should NOT quote the command but only prefix it with ynh_exec_quiet
#
# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed.
# #
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_exec_fully_quiet () { ynh_exec_fully_quiet() {
eval $@ > /dev/null 2>&1 # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
# (because in the past eval was used) ...
# we detect this by checking that there's no 2nd arg, and $1 contains a space
if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
then
eval $@ > /dev/null 2>&1
else
# Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
"$@" > /dev/null 2>&1
fi
} }
# Remove any logs for all the following commands. # Remove any logs for all the following commands.
# #
# usage: ynh_print_OFF # usage: ynh_print_OFF
# #
# [internal]
#
# WARNING: You should be careful with this helper, and never forget to use ynh_print_ON as soon as possible to restore the logging. # WARNING: You should be careful with this helper, and never forget to use ynh_print_ON as soon as possible to restore the logging.
# #
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_print_OFF () { ynh_print_OFF() {
exec {BASH_XTRACEFD}>/dev/null exec {BASH_XTRACEFD}>/dev/null
} }
@ -185,11 +203,13 @@ ynh_print_OFF () {
# #
# usage: ynh_print_ON # usage: ynh_print_ON
# #
# [internal]
#
# Requires YunoHost version 3.2.0 or higher. # Requires YunoHost version 3.2.0 or higher.
ynh_print_ON () { ynh_print_ON() {
exec {BASH_XTRACEFD}>&1 exec {BASH_XTRACEFD}>&1
# Print an echo only for the log, to be able to know that ynh_print_ON has been called. # Print an echo only for the log, to be able to know that ynh_print_ON has been called.
echo ynh_print_ON > /dev/null echo ynh_print_ON >/dev/null
} }
# Initial definitions for ynh_script_progression # Initial definitions for ynh_script_progression
@ -214,11 +234,11 @@ base_time=$(date +%s)
# | arg: -l, --last - Use for the last call of the helper, to fill the progression bar. # | arg: -l, --last - Use for the last call of the helper, to fill the progression bar.
# #
# Requires YunoHost version 3.5.0 or higher. # Requires YunoHost version 3.5.0 or higher.
ynh_script_progression () { ynh_script_progression() {
set +o xtrace # set +x set +o xtrace # set +x
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=mwtl local legacy_args=mwtl
local -A args_array=( [m]=message= [w]=weight= [t]=time [l]=last ) local -A args_array=([m]=message= [w]=weight= [t]=time [l]=last)
local message local message
local weight local weight
local time local time
@ -232,12 +252,11 @@ ynh_script_progression () {
last=${last:-0} last=${last:-0}
# Get execution time since the last $base_time # Get execution time since the last $base_time
local exec_time=$(( $(date +%s) - $base_time )) local exec_time=$(($(date +%s) - $base_time))
base_time=$(date +%s) base_time=$(date +%s)
# Compute $max_progression (if we didn't already) # Compute $max_progression (if we didn't already)
if [ "$max_progression" = -1 ] if [ "$max_progression" = -1 ]; then
then
# Get the number of occurrences of 'ynh_script_progression' in the script. Except those are commented. # Get the number of occurrences of 'ynh_script_progression' in the script. Except those are commented.
local helper_calls="$(grep --count "^[^#]*ynh_script_progression" $0)" local helper_calls="$(grep --count "^[^#]*ynh_script_progression" $0)"
# Get the number of call with a weight value # Get the number of call with a weight value
@ -249,23 +268,22 @@ ynh_script_progression () {
local weight_valuesB="$(grep --perl-regexp "^[^#]*ynh_script_progression.*-w " $0 | sed 's/.*-w[= ]\([[:digit:]]*\).*/\1/g')" local weight_valuesB="$(grep --perl-regexp "^[^#]*ynh_script_progression.*-w " $0 | sed 's/.*-w[= ]\([[:digit:]]*\).*/\1/g')"
# Each value will be on a different line. # Each value will be on a different line.
# Remove each 'end of line' and replace it by a '+' to sum the values. # Remove each 'end of line' and replace it by a '+' to sum the values.
local weight_values=$(( $(echo "$weight_valuesA" | tr '\n' '+') + $(echo "$weight_valuesB" | tr '\n' '+') 0 )) local weight_values=$(($(echo "$weight_valuesA" "$weight_valuesB" | grep -v -E '^\s*$' | tr '\n' '+' | sed 's/+$/+0/g')))
# max_progression is a total number of calls to this helper. # max_progression is a total number of calls to this helper.
# Less the number of calls with a weight value. # Less the number of calls with a weight value.
# Plus the total of weight values # Plus the total of weight values
max_progression=$(( $helper_calls - $weight_calls + $weight_values )) max_progression=$(($helper_calls - $weight_calls + $weight_values))
fi fi
# Increment each execution of ynh_script_progression in this script by the weight of the previous call. # Increment each execution of ynh_script_progression in this script by the weight of the previous call.
increment_progression=$(( $increment_progression + $previous_weight )) increment_progression=$(($increment_progression + $previous_weight))
# Store the weight of the current call in $previous_weight for next call # Store the weight of the current call in $previous_weight for next call
previous_weight=$weight previous_weight=$weight
# Reduce $increment_progression to the size of the scale # Reduce $increment_progression to the size of the scale
if [ $last -eq 0 ] if [ $last -eq 0 ]; then
then local effective_progression=$(($increment_progression * $progress_scale / $max_progression))
local effective_progression=$(( $increment_progression * $progress_scale / $max_progression ))
# If last is specified, fill immediately the progression_bar # If last is specified, fill immediately the progression_bar
else else
local effective_progression=$progress_scale local effective_progression=$progress_scale
@ -273,19 +291,17 @@ ynh_script_progression () {
# Build $progression_bar from progress_string(0,1,2) according to $effective_progression and the weight of the current task # Build $progression_bar from progress_string(0,1,2) according to $effective_progression and the weight of the current task
# expected_progression is the progression expected after the current task # expected_progression is the progression expected after the current task
local expected_progression="$(( ( $increment_progression + $weight ) * $progress_scale / $max_progression - $effective_progression ))" local expected_progression="$((($increment_progression + $weight) * $progress_scale / $max_progression - $effective_progression))"
if [ $last -eq 1 ] if [ $last -eq 1 ]; then
then
expected_progression=0 expected_progression=0
fi fi
# left_progression is the progression not yet done # left_progression is the progression not yet done
local left_progression="$(( $progress_scale - $effective_progression - $expected_progression ))" local left_progression="$(($progress_scale - $effective_progression - $expected_progression))"
# Build the progression bar with $effective_progression, work done, $expected_progression, current work and $left_progression, work to be done. # Build the progression bar with $effective_progression, work done, $expected_progression, current work and $left_progression, work to be done.
local progression_bar="${progress_string2:0:$effective_progression}${progress_string1:0:$expected_progression}${progress_string0:0:$left_progression}" local progression_bar="${progress_string2:0:$effective_progression}${progress_string1:0:$expected_progression}${progress_string0:0:$left_progression}"
local print_exec_time="" local print_exec_time=""
if [ $time -eq 1 ] if [ $time -eq 1 ]; then
then
print_exec_time=" [$(date +%Hh%Mm,%Ss --date="0 + $exec_time sec")]" print_exec_time=" [$(date +%Hh%Mm,%Ss --date="0 + $exec_time sec")]"
fi fi
@ -299,73 +315,6 @@ ynh_script_progression () {
# usage: ynh_return somedata # usage: ynh_return somedata
# #
# Requires YunoHost version 3.6.0 or higher. # Requires YunoHost version 3.6.0 or higher.
ynh_return () { ynh_return() {
echo "$1" >> "$YNH_STDRETURN" echo "$1" >>"$YNH_STDRETURN"
}
# Debugger for app packagers
#
# usage: ynh_debug [--message=message] [--trace=1/0]
# | arg: -m, --message= - The text to print
# | arg: -t, --trace= - Turn on or off the trace of the script. Usefull to trace nonly a small part of a script.
#
# Requires YunoHost version 3.5.0 or higher.
ynh_debug () {
# Disable set xtrace for the helper itself, to not pollute the debug log
set +o xtrace # set +x
# Declare an array to define the options of this helper.
local legacy_args=mt
local -A args_array=( [m]=message= [t]=trace= )
local message
local trace
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
# Re-disable xtrace, ynh_handle_getopts_args set it back
set +o xtrace # set +x
message=${message:-}
trace=${trace:-}
if [ -n "$message" ]
then
ynh_print_log "[Debug] ${message}" >&2
fi
if [ "$trace" == "1" ]
then
ynh_debug --message="Enable debugging"
set +o xtrace # set +x
# Get the current file descriptor of xtrace
old_bash_xtracefd=$BASH_XTRACEFD
# Add the current file name and the line number of any command currently running while tracing.
PS4='$(basename ${BASH_SOURCE[0]})-L${LINENO}: '
# Force xtrace to stderr
BASH_XTRACEFD=2
# Force stdout to stderr
exec 1>&2
fi
if [ "$trace" == "0" ]
then
ynh_debug --message="Disable debugging"
set +o xtrace # set +x
# Put xtrace back to its original fild descriptor
BASH_XTRACEFD=$old_bash_xtracefd
# Restore stdout
exec 1>&1
fi
# Renable set xtrace
set -o xtrace # set -x
}
# Execute a command and print the result as debug
#
# usage: ynh_debug_exec "your_command [ | other_command ]"
# | arg: command - command to execute
#
# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe.
#
# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed.
#
# Requires YunoHost version 3.5.0 or higher.
ynh_debug_exec () {
ynh_debug --message="$(eval $@)"
} }

39
data/helpers.d/logrotate
View file

@ -15,10 +15,10 @@
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
# Requires YunoHost version 3.2.0 or higher for the argument `--specific_user` # Requires YunoHost version 3.2.0 or higher for the argument `--specific_user`
ynh_use_logrotate () { ynh_use_logrotate() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=lnuya local legacy_args=lnuya
local -A args_array=( [l]=logfile= [n]=nonappend [u]=specific_user= [y]=non [a]=append ) local -A args_array=([l]=logfile= [n]=nonappend [u]=specific_user= [y]=non [a]=append)
# [y]=non [a]=append are only for legacy purpose, to not fail on the old option '--non-append' # [y]=non [a]=append are only for legacy purpose, to not fail on the old option '--non-append'
local logfile local logfile
local nonappend local nonappend
@ -30,22 +30,18 @@ ynh_use_logrotate () {
specific_user="${specific_user:-}" specific_user="${specific_user:-}"
# LEGACY CODE - PRE GETOPTS # LEGACY CODE - PRE GETOPTS
if [ $# -gt 0 ] && [ "$1" == "--non-append" ] if [ $# -gt 0 ] && [ "$1" == "--non-append" ]; then
then
nonappend=1 nonappend=1
# Destroy this argument for the next command. # Destroy this argument for the next command.
shift shift
elif [ $# -gt 1 ] && [ "$2" == "--non-append" ] elif [ $# -gt 1 ] && [ "$2" == "--non-append" ]; then
then
nonappend=1 nonappend=1
fi fi
if [ $# -gt 0 ] && [ "$(echo ${1:0:1})" != "-" ] if [ $# -gt 0 ] && [ "$(echo ${1:0:1})" != "-" ]; then
then
# If the given logfile parameter already exists as a file, or if it ends up with ".log", # If the given logfile parameter already exists as a file, or if it ends up with ".log",
# we just want to manage a single file # we just want to manage a single file
if [ -f "$1" ] || [ "$(echo ${1##*.})" == "log" ] if [ -f "$1" ] || [ "$(echo ${1##*.})" == "log" ]; then
then
local logfile=$1 local logfile=$1
# Otherwise we assume we want to manage a directory and all its .log file inside # Otherwise we assume we want to manage a directory and all its .log file inside
else else
@ -58,22 +54,20 @@ ynh_use_logrotate () {
if [ "$nonappend" -eq 1 ]; then if [ "$nonappend" -eq 1 ]; then
customtee="tee" customtee="tee"
fi fi
if [ -n "$logfile" ] if [ -n "$logfile" ]; then
then if [ ! -f "$1" ] && [ "$(echo ${logfile##*.})" != "log" ]; then # Keep only the extension to check if it's a logfile
if [ ! -f "$1" ] && [ "$(echo ${logfile##*.})" != "log" ]; then # Keep only the extension to check if it's a logfile local logfile="$logfile/*.log" # Else, uses the directory and all logfile into it.
local logfile="$logfile/*.log" # Else, uses the directory and all logfile into it.
fi fi
else else
logfile="/var/log/${app}/*.log" # Without argument, use a defaut directory in /var/log logfile="/var/log/${app}/*.log" # Without argument, use a defaut directory in /var/log
fi fi
local su_directive="" local su_directive=""
if [[ -n $specific_user ]] if [[ -n $specific_user ]]; then
then
su_directive=" # Run logorotate as specific user - group su_directive=" # Run logorotate as specific user - group
su ${specific_user%/*} ${specific_user#*/}" su ${specific_user%/*} ${specific_user#*/}"
fi fi
cat > ./${app}-logrotate << EOF # Build a config file for logrotate cat >./${app}-logrotate <<EOF # Build a config file for logrotate
$logfile { $logfile {
# Rotate if the logfile exceeds 100Mo # Rotate if the logfile exceeds 100Mo
size 100M size 100M
@ -94,8 +88,13 @@ $logfile {
$su_directive $su_directive
} }
EOF EOF
mkdir --parents $(dirname "$logfile") # Create the log directory, if not exist mkdir --parents $(dirname "$logfile") # Create the log directory, if not exist
cat ${app}-logrotate | $customtee /etc/logrotate.d/$app > /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee) cat ${app}-logrotate | $customtee /etc/logrotate.d/$app >/dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee)
if ynh_user_exists --username="$app"; then
chown $app:$app "$logfile"
chmod o-rwx "$logfile"
fi
} }
# Remove the app's logrotate config. # Remove the app's logrotate config.
@ -103,7 +102,7 @@ EOF
# usage: ynh_remove_logrotate # usage: ynh_remove_logrotate
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_remove_logrotate () { ynh_remove_logrotate() {
if [ -e "/etc/logrotate.d/$app" ]; then if [ -e "/etc/logrotate.d/$app" ]; then
rm "/etc/logrotate.d/$app" rm "/etc/logrotate.d/$app"
fi fi

41
data/helpers.d/multimedia
View file

@ -22,8 +22,7 @@ ynh_multimedia_build_main_dir() {
mkdir -p "$MEDIA_DIRECTORY/share/eBook" mkdir -p "$MEDIA_DIRECTORY/share/eBook"
## Création des dossiers utilisateurs ## Création des dossiers utilisateurs
for user in $(yunohost user list --output-as json | jq -r '.users | keys[]') for user in $(yunohost user list --output-as json | jq -r '.users | keys[]'); do
do
mkdir -p "$MEDIA_DIRECTORY/$user" mkdir -p "$MEDIA_DIRECTORY/$user"
mkdir -p "$MEDIA_DIRECTORY/$user/Music" mkdir -p "$MEDIA_DIRECTORY/$user/Music"
mkdir -p "$MEDIA_DIRECTORY/$user/Picture" mkdir -p "$MEDIA_DIRECTORY/$user/Picture"
@ -66,22 +65,22 @@ ynh_multimedia_addfolder() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=sd local legacy_args=sd
local -A args_array=( [s]=source_dir= [d]=dest_dir= ) local -A args_array=([s]=source_dir= [d]=dest_dir=)
local source_dir local source_dir
local dest_dir local dest_dir
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
# Ajout d'un lien symbolique vers le dossier à partager # Ajout d'un lien symbolique vers le dossier à partager
ln -sfn "$source_dir" "$MEDIA_DIRECTORY/$dest_dir" ln -sfn "$source_dir" "$MEDIA_DIRECTORY/$dest_dir"
## Application des droits étendus sur le dossier ajouté ## Application des droits étendus sur le dossier ajouté
# Droit d'écriture pour le groupe et le groupe multimedia en acl et droit de lecture pour other: # Droit d'écriture pour le groupe et le groupe multimedia en acl et droit de lecture pour other:
setfacl -RnL -m g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" setfacl -RnL -m g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir"
# Application de la même règle que précédemment, mais par défaut pour les nouveaux fichiers. # Application de la même règle que précédemment, mais par défaut pour les nouveaux fichiers.
setfacl -RnL -m d:g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" setfacl -RnL -m d:g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir"
# Réglage du masque par défaut. Qui garantie (en principe...) un droit maximal à rwx. Donc pas de restriction de droits par l'acl. # Réglage du masque par défaut. Qui garantie (en principe...) un droit maximal à rwx. Donc pas de restriction de droits par l'acl.
setfacl -RL -m m::rwx "$source_dir" setfacl -RL -m m::rwx "$source_dir"
} }
# Allow an user to have an write authorisation in multimedia directories # Allow an user to have an write authorisation in multimedia directories
@ -91,14 +90,14 @@ ynh_multimedia_addfolder() {
# | arg: -u, --user_name= - The name of the user which gain this access. # | arg: -u, --user_name= - The name of the user which gain this access.
# #
# Requires YunoHost version 4.2 or higher. # Requires YunoHost version 4.2 or higher.
ynh_multimedia_addaccess () { ynh_multimedia_addaccess() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=u local legacy_args=u
declare -Ar args_array=( [u]=user_name=) declare -Ar args_array=([u]=user_name=)
local user_name local user_name
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
groupadd -f multimedia groupadd -f multimedia
usermod -a -G multimedia $user_name usermod -a -G multimedia $user_name
} }

37
data/helpers.d/mysql
View file

@ -15,7 +15,7 @@
ynh_mysql_connect_as() { ynh_mysql_connect_as() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=upd local legacy_args=upd
local -A args_array=( [u]=user= [p]=password= [d]=database= ) local -A args_array=([u]=user= [p]=password= [d]=database=)
local user local user
local password local password
local database local database
@ -36,19 +36,18 @@ ynh_mysql_connect_as() {
ynh_mysql_execute_as_root() { ynh_mysql_execute_as_root() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=sd local legacy_args=sd
local -A args_array=( [s]=sql= [d]=database= ) local -A args_array=([s]=sql= [d]=database=)
local sql local sql
local database local database
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
database="${database:-}" database="${database:-}"
if [ -n "$database" ] if [ -n "$database" ]; then
then
database="--database=$database" database="--database=$database"
fi fi
mysql -B "$database" <<< "$sql" mysql -B "$database" <<<"$sql"
} }
# Execute a command from a file as root user # Execute a command from a file as root user
@ -61,19 +60,18 @@ ynh_mysql_execute_as_root() {
ynh_mysql_execute_file_as_root() { ynh_mysql_execute_file_as_root() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=fd local legacy_args=fd
local -A args_array=( [f]=file= [d]=database= ) local -A args_array=([f]=file= [d]=database=)
local file local file
local database local database
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
database="${database:-}" database="${database:-}"
if [ -n "$database" ] if [ -n "$database" ]; then
then
database="--database=$database" database="--database=$database"
fi fi
mysql -B "$database" < "$file" mysql -B "$database" <"$file"
} }
# Create a database and grant optionnaly privilegies to a user # Create a database and grant optionnaly privilegies to a user
@ -92,8 +90,7 @@ ynh_mysql_create_db() {
local sql="CREATE DATABASE ${db};" local sql="CREATE DATABASE ${db};"
# grant all privilegies to user # grant all privilegies to user
if [[ $# -gt 1 ]] if [[ $# -gt 1 ]]; then
then
sql+=" GRANT ALL PRIVILEGES ON ${db}.* TO '${2}'@'localhost'" sql+=" GRANT ALL PRIVILEGES ON ${db}.* TO '${2}'@'localhost'"
if [[ -n ${3:-} ]]; then if [[ -n ${3:-} ]]; then
sql+=" IDENTIFIED BY '${3}'" sql+=" IDENTIFIED BY '${3}'"
@ -131,7 +128,7 @@ ynh_mysql_drop_db() {
ynh_mysql_dump_db() { ynh_mysql_dump_db() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=d local legacy_args=d
local -A args_array=( [d]=database= ) local -A args_array=([d]=database=)
local database local database
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -160,17 +157,15 @@ ynh_mysql_create_user() {
# | ret: 0 if the user exists, 1 otherwise. # | ret: 0 if the user exists, 1 otherwise.
# #
# Requires YunoHost version 2.2.4 or higher. # Requires YunoHost version 2.2.4 or higher.
ynh_mysql_user_exists() ynh_mysql_user_exists() {
{
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=u local legacy_args=u
local -A args_array=( [u]=user= ) local -A args_array=([u]=user=)
local user local user
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
if [[ -z $(ynh_mysql_execute_as_root --sql="SELECT User from mysql.user WHERE User = '$user';") ]] if [[ -z $(ynh_mysql_execute_as_root --sql="SELECT User from mysql.user WHERE User = '$user';") ]]; then
then
return 1 return 1
else else
return 0 return 0
@ -200,10 +195,10 @@ ynh_mysql_drop_user() {
# It will also be stored as "`mysqlpwd`" into the app settings. # It will also be stored as "`mysqlpwd`" into the app settings.
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_mysql_setup_db () { ynh_mysql_setup_db() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=unp local legacy_args=unp
local -A args_array=( [u]=db_user= [n]=db_name= [p]=db_pwd= ) local -A args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=)
local db_user local db_user
local db_name local db_name
db_pwd="" db_pwd=""
@ -226,10 +221,10 @@ ynh_mysql_setup_db () {
# | arg: -n, --db_name= - Name of the database # | arg: -n, --db_name= - Name of the database
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_mysql_remove_db () { ynh_mysql_remove_db() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=un local legacy_args=un
local -Ar args_array=( [u]=db_user= [n]=db_name= ) local -Ar args_array=([u]=db_user= [n]=db_name=)
local db_user local db_user
local db_name local db_name
# Manage arguments with getopts # Manage arguments with getopts

38
data/helpers.d/network
View file

@ -9,18 +9,17 @@
# example: port=$(ynh_find_port --port=8080) # example: port=$(ynh_find_port --port=8080)
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_find_port () { ynh_find_port() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=p local legacy_args=p
local -A args_array=( [p]=port= ) local -A args_array=([p]=port=)
local port local port
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
test -n "$port" || ynh_die --message="The argument of ynh_find_port must be a valid port." test -n "$port" || ynh_die --message="The argument of ynh_find_port must be a valid port."
while ! ynh_port_available --port=$port while ! ynh_port_available --port=$port; do
do port=$((port + 1))
port=$((port+1))
done done
echo $port echo $port
} }
@ -34,28 +33,25 @@ ynh_find_port () {
# example: ynh_port_available --port=1234 || ynh_die --message="Port 1234 is needs to be available for this app" # example: ynh_port_available --port=1234 || ynh_die --message="Port 1234 is needs to be available for this app"
# #
# Requires YunoHost version 3.8.0 or higher. # Requires YunoHost version 3.8.0 or higher.
ynh_port_available () { ynh_port_available() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=p local legacy_args=p
local -A args_array=( [p]=port= ) local -A args_array=([p]=port=)
local port local port
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
# Check if the port is free # Check if the port is free
if ss --numeric --listening --tcp --udp | awk '{print$5}' | grep --quiet --extended-regexp ":$port$" if ss --numeric --listening --tcp --udp | awk '{print$5}' | grep --quiet --extended-regexp ":$port$"; then
then
return 1 return 1
# This is to cover (most) case where an app is using a port yet ain't currently using it for some reason (typically service ain't up) # This is to cover (most) case where an app is using a port yet ain't currently using it for some reason (typically service ain't up)
elif grep -q "port: '$port'" /etc/yunohost/apps/*/settings.yml elif grep -q "port: '$port'" /etc/yunohost/apps/*/settings.yml; then
then
return 1 return 1
else else
return 0 return 0
fi fi
} }
# Validate an IP address # Validate an IP address
# #
# [internal] # [internal]
@ -66,13 +62,12 @@ ynh_port_available () {
# example: ynh_validate_ip 4 111.222.333.444 # example: ynh_validate_ip 4 111.222.333.444
# #
# Requires YunoHost version 2.2.4 or higher. # Requires YunoHost version 2.2.4 or higher.
ynh_validate_ip() ynh_validate_ip() {
{
# http://stackoverflow.com/questions/319279/how-to-validate-ip-address-in-python#319298 # http://stackoverflow.com/questions/319279/how-to-validate-ip-address-in-python#319298
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=fi local legacy_args=fi
local -A args_array=( [f]=family= [i]=ip_address= ) local -A args_array=([f]=family= [i]=ip_address=)
local family local family
local ip_address local ip_address
# Manage arguments with getopts # Manage arguments with getopts
@ -80,7 +75,7 @@ ynh_validate_ip()
[ "$family" == "4" ] || [ "$family" == "6" ] || return 1 [ "$family" == "4" ] || [ "$family" == "6" ] || return 1
python3 /dev/stdin << EOF python3 /dev/stdin <<EOF
import socket import socket
import sys import sys
family = { "4" : socket.AF_INET, "6" : socket.AF_INET6 } family = { "4" : socket.AF_INET, "6" : socket.AF_INET6 }
@ -101,11 +96,10 @@ EOF
# example: ynh_validate_ip4 111.222.333.444 # example: ynh_validate_ip4 111.222.333.444
# #
# Requires YunoHost version 2.2.4 or higher. # Requires YunoHost version 2.2.4 or higher.
ynh_validate_ip4() ynh_validate_ip4() {
{
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=i local legacy_args=i
local -A args_array=( [i]=ip_address= ) local -A args_array=([i]=ip_address=)
local ip_address local ip_address
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -113,7 +107,6 @@ ynh_validate_ip4()
ynh_validate_ip --family=4 --ip_address=$ip_address ynh_validate_ip --family=4 --ip_address=$ip_address
} }
# Validate an IPv6 address # Validate an IPv6 address
# #
# usage: ynh_validate_ip6 --ip_address=ip_address # usage: ynh_validate_ip6 --ip_address=ip_address
@ -123,11 +116,10 @@ ynh_validate_ip4()
# example: ynh_validate_ip6 2000:dead:beef::1 # example: ynh_validate_ip6 2000:dead:beef::1
# #
# Requires YunoHost version 2.2.4 or higher. # Requires YunoHost version 2.2.4 or higher.
ynh_validate_ip6() ynh_validate_ip6() {
{
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=i local legacy_args=i
local -A args_array=( [i]=ip_address= ) local -A args_array=([i]=ip_address=)
local ip_address local ip_address
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"

8
data/helpers.d/nginx
View file

@ -16,12 +16,11 @@
# location # location
# #
# Requires YunoHost version 4.1.0 or higher. # Requires YunoHost version 4.1.0 or higher.
ynh_add_nginx_config () { ynh_add_nginx_config() {
local finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" local finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf"
if [ "${path_url:-}" != "/" ] if [ "${path_url:-}" != "/" ]; then
then
ynh_replace_string --match_string="^#sub_path_only" --replace_string="" --target_file="$YNH_APP_BASEDIR/conf/nginx.conf" ynh_replace_string --match_string="^#sub_path_only" --replace_string="" --target_file="$YNH_APP_BASEDIR/conf/nginx.conf"
else else
ynh_replace_string --match_string="^#root_path_only" --replace_string="" --target_file="$YNH_APP_BASEDIR/conf/nginx.conf" ynh_replace_string --match_string="^#root_path_only" --replace_string="" --target_file="$YNH_APP_BASEDIR/conf/nginx.conf"
@ -29,7 +28,6 @@ ynh_add_nginx_config () {
ynh_add_config --template="$YNH_APP_BASEDIR/conf/nginx.conf" --destination="$finalnginxconf" ynh_add_config --template="$YNH_APP_BASEDIR/conf/nginx.conf" --destination="$finalnginxconf"
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
} }
@ -38,7 +36,7 @@ ynh_add_nginx_config () {
# usage: ynh_remove_nginx_config # usage: ynh_remove_nginx_config
# #
# Requires YunoHost version 2.7.2 or higher. # Requires YunoHost version 2.7.2 or higher.
ynh_remove_nginx_config () { ynh_remove_nginx_config() {
ynh_secure_remove --file="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_secure_remove --file="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
} }

42
data/helpers.d/nodejs
View file

@ -13,16 +13,18 @@ export N_PREFIX="$n_install_dir"
# usage: ynh_install_n # usage: ynh_install_n
# #
# Requires YunoHost version 2.7.12 or higher. # Requires YunoHost version 2.7.12 or higher.
ynh_install_n () { ynh_install_n() {
ynh_print_info --message="Installation of N - Node.js version management" ynh_print_info --message="Installation of N - Node.js version management"
# Build an app.src for n # Build an app.src for n
echo "SOURCE_URL=https://github.com/tj/n/archive/v${n_version}.tar.gz echo "SOURCE_URL=https://github.com/tj/n/archive/v${n_version}.tar.gz
SOURCE_SUM=d4da7ea91f680de0c9b5876e097e2a793e8234fcd0f7ca87a0599b925be087a3" > "$YNH_APP_BASEDIR/conf/n.src" SOURCE_SUM=d4da7ea91f680de0c9b5876e097e2a793e8234fcd0f7ca87a0599b925be087a3" >"$YNH_APP_BASEDIR/conf/n.src"
# Download and extract n # Download and extract n
ynh_setup_source --dest_dir="$n_install_dir/git" --source_id=n ynh_setup_source --dest_dir="$n_install_dir/git" --source_id=n
# Install n # Install n
(cd "$n_install_dir/git" (
PREFIX=$N_PREFIX make install 2>&1) cd "$n_install_dir/git"
PREFIX=$N_PREFIX make install 2>&1
)
} }
# Load the version of node for an app, and set variables. # Load the version of node for an app, and set variables.
@ -69,7 +71,7 @@ SOURCE_SUM=d4da7ea91f680de0c9b5876e097e2a793e8234fcd0f7ca87a0599b925be087a3" > "
# - $nodejs_version: Just the version number of node for this app. Stored as 'nodejs_version' in settings.yml. # - $nodejs_version: Just the version number of node for this app. Stored as 'nodejs_version' in settings.yml.
# #
# Requires YunoHost version 2.7.12 or higher. # Requires YunoHost version 2.7.12 or higher.
ynh_use_nodejs () { ynh_use_nodejs() {
nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version) nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version)
# Get the absolute path of this version of node # Get the absolute path of this version of node
@ -109,12 +111,12 @@ ynh_use_nodejs () {
# Refer to `ynh_use_nodejs` for more information about available commands and variables # Refer to `ynh_use_nodejs` for more information about available commands and variables
# #
# Requires YunoHost version 2.7.12 or higher. # Requires YunoHost version 2.7.12 or higher.
ynh_install_nodejs () { ynh_install_nodejs() {
# Use n, https://github.com/tj/n to manage the nodejs versions # Use n, https://github.com/tj/n to manage the nodejs versions
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=n local legacy_args=n
local -A args_array=( [n]=nodejs_version= ) local -A args_array=([n]=nodejs_version=)
local nodejs_version local nodejs_version
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -132,11 +134,9 @@ ynh_install_nodejs () {
test -x /usr/bin/npm && mv /usr/bin/npm /usr/bin/npm_n test -x /usr/bin/npm && mv /usr/bin/npm /usr/bin/npm_n
# If n is not previously setup, install it # If n is not previously setup, install it
if ! $n_install_dir/bin/n --version > /dev/null 2>&1 if ! $n_install_dir/bin/n --version >/dev/null 2>&1; then
then
ynh_install_n ynh_install_n
elif dpkg --compare-versions "$($n_install_dir/bin/n --version)" lt $n_version elif dpkg --compare-versions "$($n_install_dir/bin/n --version)" lt $n_version; then
then
ynh_install_n ynh_install_n
fi fi
@ -152,8 +152,7 @@ ynh_install_nodejs () {
# Install the requested version of nodejs # Install the requested version of nodejs
uname=$(uname --machine) uname=$(uname --machine)
if [[ $uname =~ aarch64 || $uname =~ arm64 ]] if [[ $uname =~ aarch64 || $uname =~ arm64 ]]; then
then
n $nodejs_version --arch=arm64 n $nodejs_version --arch=arm64
else else
n $nodejs_version n $nodejs_version
@ -164,8 +163,7 @@ ynh_install_nodejs () {
real_nodejs_version=$(basename $real_nodejs_version) real_nodejs_version=$(basename $real_nodejs_version)
# Create a symbolic link for this major version if the file doesn't already exist # Create a symbolic link for this major version if the file doesn't already exist
if [ ! -e "$node_version_path/$nodejs_version" ] if [ ! -e "$node_version_path/$nodejs_version" ]; then
then
ln --symbolic --force --no-target-directory $node_version_path/$real_nodejs_version $node_version_path/$nodejs_version ln --symbolic --force --no-target-directory $node_version_path/$real_nodejs_version $node_version_path/$nodejs_version
fi fi
@ -190,21 +188,19 @@ ynh_install_nodejs () {
# - If no other app uses node, n will be also removed. # - If no other app uses node, n will be also removed.
# #
# Requires YunoHost version 2.7.12 or higher. # Requires YunoHost version 2.7.12 or higher.
ynh_remove_nodejs () { ynh_remove_nodejs() {
nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version) nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version)
# Remove the line for this app # Remove the line for this app
sed --in-place "/$YNH_APP_INSTANCE_NAME:$nodejs_version/d" "$n_install_dir/ynh_app_version" sed --in-place "/$YNH_APP_INSTANCE_NAME:$nodejs_version/d" "$n_install_dir/ynh_app_version"
# If no other app uses this version of nodejs, remove it. # If no other app uses this version of nodejs, remove it.
if ! grep --quiet "$nodejs_version" "$n_install_dir/ynh_app_version" if ! grep --quiet "$nodejs_version" "$n_install_dir/ynh_app_version"; then
then
$n_install_dir/bin/n rm $nodejs_version $n_install_dir/bin/n rm $nodejs_version
fi fi
# If no other app uses n, remove n # If no other app uses n, remove n
if [ ! -s "$n_install_dir/ynh_app_version" ] if [ ! -s "$n_install_dir/ynh_app_version" ]; then
then
ynh_secure_remove --file="$n_install_dir" ynh_secure_remove --file="$n_install_dir"
ynh_secure_remove --file="/usr/local/n" ynh_secure_remove --file="/usr/local/n"
sed --in-place "/N_PREFIX/d" /root/.bashrc sed --in-place "/N_PREFIX/d" /root/.bashrc
@ -221,9 +217,9 @@ ynh_remove_nodejs () {
# usage: ynh_cron_upgrade_node # usage: ynh_cron_upgrade_node
# #
# Requires YunoHost version 2.7.12 or higher. # Requires YunoHost version 2.7.12 or higher.
ynh_cron_upgrade_node () { ynh_cron_upgrade_node() {
# Build the update script # Build the update script
cat > "$n_install_dir/node_update.sh" << EOF cat >"$n_install_dir/node_update.sh" <<EOF
#!/bin/bash #!/bin/bash
version_path="$node_version_path" version_path="$node_version_path"
@ -259,7 +255,7 @@ EOF
chmod +x "$n_install_dir/node_update.sh" chmod +x "$n_install_dir/node_update.sh"
# Build the cronjob # Build the cronjob
cat > "/etc/cron.daily/node_update" << EOF cat >"/etc/cron.daily/node_update" <<EOF
#!/bin/bash #!/bin/bash
$n_install_dir/node_update.sh >> $n_install_dir/node_update.log $n_install_dir/node_update.sh >> $n_install_dir/node_update.log

95
data/helpers.d/permission
View file

@ -66,7 +66,7 @@
ynh_permission_create() { ynh_permission_create() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=puAhaltP local legacy_args=puAhaltP
local -A args_array=( [p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected= ) local -A args_array=([p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected=)
local permission local permission
local url local url
local additional_urls local additional_urls
@ -84,13 +84,11 @@ ynh_permission_create() {
show_tile=${show_tile:-} show_tile=${show_tile:-}
protected=${protected:-} protected=${protected:-}
if [[ -n $url ]] if [[ -n $url ]]; then
then
url=",url='$url'" url=",url='$url'"
fi fi
if [[ -n $additional_urls ]] if [[ -n $additional_urls ]]; then
then
# Convert a list from getopts to python list # Convert a list from getopts to python list
# Note that getopts separate the args with ';' # Note that getopts separate the args with ';'
# By example: # By example:
@ -100,18 +98,15 @@ ynh_permission_create() {
additional_urls=",additional_urls=['${additional_urls//;/\',\'}']" additional_urls=",additional_urls=['${additional_urls//;/\',\'}']"
fi fi
if [[ -n $auth_header ]] if [[ -n $auth_header ]]; then
then if [ $auth_header == "true" ]; then
if [ $auth_header == "true" ]
then
auth_header=",auth_header=True" auth_header=",auth_header=True"
else else
auth_header=",auth_header=False" auth_header=",auth_header=False"
fi fi
fi fi
if [[ -n $allowed ]] if [[ -n $allowed ]]; then
then
# Convert a list from getopts to python list # Convert a list from getopts to python list
# Note that getopts separate the args with ';' # Note that getopts separate the args with ';'
# By example: # By example:
@ -127,20 +122,16 @@ ynh_permission_create() {
label=",label='$permission'" label=",label='$permission'"
fi fi
if [[ -n ${show_tile:-} ]] if [[ -n ${show_tile:-} ]]; then
then if [ $show_tile == "true" ]; then
if [ $show_tile == "true" ]
then
show_tile=",show_tile=True" show_tile=",show_tile=True"
else else
show_tile=",show_tile=False" show_tile=",show_tile=False"
fi fi
fi fi
if [[ -n ${protected:-} ]] if [[ -n ${protected:-} ]]; then
then if [ $protected == "true" ]; then
if [ $protected == "true" ]
then
protected=",protected=True" protected=",protected=True"
else else
protected=",protected=False" protected=",protected=False"
@ -161,7 +152,7 @@ ynh_permission_create() {
ynh_permission_delete() { ynh_permission_delete() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=p local legacy_args=p
local -A args_array=( [p]=permission= ) local -A args_array=([p]=permission=)
local permission local permission
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -178,7 +169,7 @@ ynh_permission_delete() {
ynh_permission_exists() { ynh_permission_exists() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=p local legacy_args=p
local -A args_array=( [p]=permission= ) local -A args_array=([p]=permission=)
local permission local permission
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -201,7 +192,7 @@ ynh_permission_exists() {
ynh_permission_url() { ynh_permission_url() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=puarhc local legacy_args=puarhc
local -A args_array=( [p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls ) local -A args_array=([p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls)
local permission local permission
local url local url
local add_url local add_url
@ -215,13 +206,11 @@ ynh_permission_url() {
auth_header=${auth_header:-} auth_header=${auth_header:-}
clear_urls=${clear_urls:-} clear_urls=${clear_urls:-}
if [[ -n $url ]] if [[ -n $url ]]; then
then
url=",url='$url'" url=",url='$url'"
fi fi
if [[ -n $add_url ]] if [[ -n $add_url ]]; then
then
# Convert a list from getopts to python list # Convert a list from getopts to python list
# Note that getopts separate the args with ';' # Note that getopts separate the args with ';'
# For example: # For example:
@ -231,8 +220,7 @@ ynh_permission_url() {
add_url=",add_url=['${add_url//;/\',\'}']" add_url=",add_url=['${add_url//;/\',\'}']"
fi fi
if [[ -n $remove_url ]] if [[ -n $remove_url ]]; then
then
# Convert a list from getopts to python list # Convert a list from getopts to python list
# Note that getopts separate the args with ';' # Note that getopts separate the args with ';'
# For example: # For example:
@ -242,25 +230,21 @@ ynh_permission_url() {
remove_url=",remove_url=['${remove_url//;/\',\'}']" remove_url=",remove_url=['${remove_url//;/\',\'}']"
fi fi
if [[ -n $auth_header ]] if [[ -n $auth_header ]]; then
then if [ $auth_header == "true" ]; then
if [ $auth_header == "true" ]
then
auth_header=",auth_header=True" auth_header=",auth_header=True"
else else
auth_header=",auth_header=False" auth_header=",auth_header=False"
fi fi
fi fi
if [[ -n $clear_urls ]] && [ $clear_urls -eq 1 ] if [[ -n $clear_urls ]] && [ $clear_urls -eq 1 ]; then
then
clear_urls=",clear_urls=True" clear_urls=",clear_urls=True"
fi fi
yunohost tools shell -c "from yunohost.permission import permission_url; permission_url('$app.$permission' $url $add_url $remove_url $auth_header $clear_urls)" yunohost tools shell -c "from yunohost.permission import permission_url; permission_url('$app.$permission' $url $add_url $remove_url $auth_header $clear_urls)"
} }
# Update a permission for the app # Update a permission for the app
# #
# usage: ynh_permission_update --permission "permission" [--add="group" ["group" ...]] [--remove="group" ["group" ...]] # usage: ynh_permission_update --permission "permission" [--add="group" ["group" ...]] [--remove="group" ["group" ...]]
@ -276,7 +260,7 @@ ynh_permission_url() {
ynh_permission_update() { ynh_permission_update() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=parltP local legacy_args=parltP
local -A args_array=( [p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected= ) local -A args_array=([p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected=)
local permission local permission
local add local add
local remove local remove
@ -290,8 +274,7 @@ ynh_permission_update() {
show_tile=${show_tile:-} show_tile=${show_tile:-}
protected=${protected:-} protected=${protected:-}
if [[ -n $add ]] if [[ -n $add ]]; then
then
# Convert a list from getopts to python list # Convert a list from getopts to python list
# Note that getopts separate the args with ';' # Note that getopts separate the args with ';'
# For example: # For example:
@ -300,8 +283,7 @@ ynh_permission_update() {
# add=['alice', 'bob'] # add=['alice', 'bob']
add=",add=['${add//';'/"','"}']" add=",add=['${add//';'/"','"}']"
fi fi
if [[ -n $remove ]] if [[ -n $remove ]]; then
then
# Convert a list from getopts to python list # Convert a list from getopts to python list
# Note that getopts separate the args with ';' # Note that getopts separate the args with ';'
# For example: # For example:
@ -311,15 +293,12 @@ ynh_permission_update() {
remove=",remove=['${remove//';'/"','"}']" remove=",remove=['${remove//';'/"','"}']"
fi fi
if [[ -n $label ]] if [[ -n $label ]]; then
then
label=",label='$label'" label=",label='$label'"
fi fi
if [[ -n $show_tile ]] if [[ -n $show_tile ]]; then
then if [ $show_tile == "true" ]; then
if [ $show_tile == "true" ]
then
show_tile=",show_tile=True" show_tile=",show_tile=True"
else else
show_tile=",show_tile=False" show_tile=",show_tile=False"
@ -327,8 +306,7 @@ ynh_permission_update() {
fi fi
if [[ -n $protected ]]; then if [[ -n $protected ]]; then
if [ $protected == "true" ] if [ $protected == "true" ]; then
then
protected=",protected=True" protected=",protected=True"
else else
protected=",protected=False" protected=",protected=False"
@ -351,23 +329,20 @@ ynh_permission_update() {
ynh_permission_has_user() { ynh_permission_has_user() {
local legacy_args=pu local legacy_args=pu
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local -A args_array=( [p]=permission= [u]=user= ) local -A args_array=([p]=permission= [u]=user=)
local permission local permission
local user local user
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
if ! ynh_permission_exists --permission=$permission if ! ynh_permission_exists --permission=$permission; then
then
return 1 return 1
fi fi
# Check both allowed and corresponding_users sections in the json # Check both allowed and corresponding_users sections in the json
for section in "allowed" "corresponding_users" for section in "allowed" "corresponding_users"; do
do
if yunohost user permission info "$app.$permission" --output-as json --quiet \ if yunohost user permission info "$app.$permission" --output-as json --quiet \
| jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null | jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null; then
then
return 0 return 0
fi fi
done done
@ -381,9 +356,8 @@ ynh_permission_has_user() {
# | exit: Return 1 if the permission doesn't exist, 0 otherwise # | exit: Return 1 if the permission doesn't exist, 0 otherwise
# #
# Requires YunoHost version 4.1.2 or higher. # Requires YunoHost version 4.1.2 or higher.
ynh_legacy_permissions_exists () { ynh_legacy_permissions_exists() {
for permission in "skipped" "unprotected" "protected" for permission in "skipped" "unprotected" "protected"; do
do
if ynh_permission_exists --permission="legacy_${permission}_uris"; then if ynh_permission_exists --permission="legacy_${permission}_uris"; then
return 0 return 0
fi fi
@ -402,9 +376,8 @@ ynh_legacy_permissions_exists () {
# # You can recreate the required permissions here with ynh_permission_create # # You can recreate the required permissions here with ynh_permission_create
# fi # fi
# Requires YunoHost version 4.1.2 or higher. # Requires YunoHost version 4.1.2 or higher.
ynh_legacy_permissions_delete_all () { ynh_legacy_permissions_delete_all() {
for permission in "skipped" "unprotected" "protected" for permission in "skipped" "unprotected" "protected"; do
do
if ynh_permission_exists --permission="legacy_${permission}_uris"; then if ynh_permission_exists --permission="legacy_${permission}_uris"; then
ynh_permission_delete --permission="legacy_${permission}_uris" ynh_permission_delete --permission="legacy_${permission}_uris"
fi fi

239
data/helpers.d/php
View file

@ -56,10 +56,10 @@ YNH_PHP_VERSION=${YNH_PHP_VERSION:-$YNH_DEFAULT_PHP_VERSION}
# children ready to answer. # children ready to answer.
# #
# Requires YunoHost version 4.1.0 or higher. # Requires YunoHost version 4.1.0 or higher.
ynh_add_fpm_config () { ynh_add_fpm_config() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=vtufpd local legacy_args=vtufpd
local -A args_array=( [v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= [p]=package= [d]=dedicated_service ) local -A args_array=([v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= [p]=package= [d]=dedicated_service)
local phpversion local phpversion
local use_template local use_template
local usage local usage
@ -86,8 +86,7 @@ ynh_add_fpm_config () {
local old_phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) local old_phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
# If the PHP version changed, remove the old fpm conf # If the PHP version changed, remove the old fpm conf
if [ -n "$old_phpversion" ] && [ "$old_phpversion" != "$phpversion" ] if [ -n "$old_phpversion" ] && [ "$old_phpversion" != "$phpversion" ]; then
then
local old_php_fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) local old_php_fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir)
local old_php_finalphpconf="$old_php_fpm_config_dir/pool.d/$app.conf" local old_php_finalphpconf="$old_php_fpm_config_dir/pool.d/$app.conf"
@ -97,25 +96,21 @@ ynh_add_fpm_config () {
fi fi
# If the requested PHP version is not the default version for YunoHost # If the requested PHP version is not the default version for YunoHost
if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ] if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ]; then
then
# If the argument --package is used, add the packages to ynh_install_php to install them from sury # If the argument --package is used, add the packages to ynh_install_php to install them from sury
if [ -n "$package" ] if [ -n "$package" ]; then
then
local additionnal_packages="--package=$package" local additionnal_packages="--package=$package"
else else
local additionnal_packages="" local additionnal_packages=""
fi fi
# Install this specific version of PHP. # Install this specific version of PHP.
ynh_install_php --phpversion="$phpversion" "$additionnal_packages" ynh_install_php --phpversion="$phpversion" "$additionnal_packages"
elif [ -n "$package" ] elif [ -n "$package" ]; then
then
# Install the additionnal packages from the default repository # Install the additionnal packages from the default repository
ynh_add_app_dependencies --package="$package" ynh_install_app_dependencies "$package"
fi fi
if [ $dedicated_service -eq 1 ] if [ $dedicated_service -eq 1 ]; then
then
local fpm_service="${app}-phpfpm" local fpm_service="${app}-phpfpm"
local fpm_config_dir="/etc/php/$phpversion/dedicated-fpm" local fpm_config_dir="/etc/php/$phpversion/dedicated-fpm"
else else
@ -132,12 +127,10 @@ ynh_add_fpm_config () {
ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion
# Migrate from mutual PHP service to dedicated one. # Migrate from mutual PHP service to dedicated one.
if [ $dedicated_service -eq 1 ] if [ $dedicated_service -eq 1 ]; then
then
local old_fpm_config_dir="/etc/php/$phpversion/fpm" local old_fpm_config_dir="/etc/php/$phpversion/fpm"
# If a config file exist in the common pool, move it. # If a config file exist in the common pool, move it.
if [ -e "$old_fpm_config_dir/pool.d/$app.conf" ] if [ -e "$old_fpm_config_dir/pool.d/$app.conf" ]; then
then
ynh_print_info --message="Migrate to a dedicated php-fpm service for $app." ynh_print_info --message="Migrate to a dedicated php-fpm service for $app."
# Create a backup of the old file before migration # Create a backup of the old file before migration
ynh_backup_if_checksum_is_different --file="$old_fpm_config_dir/pool.d/$app.conf" ynh_backup_if_checksum_is_different --file="$old_fpm_config_dir/pool.d/$app.conf"
@ -148,8 +141,7 @@ ynh_add_fpm_config () {
fi fi
fi fi
if [ $use_template -eq 1 ] if [ $use_template -eq 1 ]; then
then
# Usage 1, use the template in conf/php-fpm.conf # Usage 1, use the template in conf/php-fpm.conf
local phpfpm_path="$YNH_APP_BASEDIR/conf/php-fpm.conf" local phpfpm_path="$YNH_APP_BASEDIR/conf/php-fpm.conf"
# Make sure now that the template indeed exists # Make sure now that the template indeed exists
@ -181,49 +173,45 @@ pm = __PHP_PM__
pm.max_children = __PHP_MAX_CHILDREN__ pm.max_children = __PHP_MAX_CHILDREN__
pm.max_requests = 500 pm.max_requests = 500
request_terminate_timeout = 1d request_terminate_timeout = 1d
" > $phpfpm_path " >$phpfpm_path
if [ "$php_pm" = "dynamic" ] if [ "$php_pm" = "dynamic" ]; then
then
echo " echo "
pm.start_servers = __PHP_START_SERVERS__ pm.start_servers = __PHP_START_SERVERS__
pm.min_spare_servers = __PHP_MIN_SPARE_SERVERS__ pm.min_spare_servers = __PHP_MIN_SPARE_SERVERS__
pm.max_spare_servers = __PHP_MAX_SPARE_SERVERS__ pm.max_spare_servers = __PHP_MAX_SPARE_SERVERS__
" >> $phpfpm_path " >>$phpfpm_path
elif [ "$php_pm" = "ondemand" ] elif [ "$php_pm" = "ondemand" ]; then
then
echo " echo "
pm.process_idle_timeout = 10s pm.process_idle_timeout = 10s
" >> $phpfpm_path " >>$phpfpm_path
fi fi
# Concatene the extra config. # Concatene the extra config.
if [ -e $YNH_APP_BASEDIR/conf/extra_php-fpm.conf ]; then if [ -e $YNH_APP_BASEDIR/conf/extra_php-fpm.conf ]; then
cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >> "$phpfpm_path" cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >>"$phpfpm_path"
fi fi
fi fi
local finalphpconf="$fpm_config_dir/pool.d/$app.conf" local finalphpconf="$fpm_config_dir/pool.d/$app.conf"
ynh_add_config --template="$phpfpm_path" --destination="$finalphpconf" ynh_add_config --template="$phpfpm_path" --destination="$finalphpconf"
if [ -e "$YNH_APP_BASEDIR/conf/php-fpm.ini" ] if [ -e "$YNH_APP_BASEDIR/conf/php-fpm.ini" ]; then
then
ynh_print_warn --message="Packagers ! Please do not use a separate php ini file, merge your directives in the pool file instead." ynh_print_warn --message="Packagers ! Please do not use a separate php ini file, merge your directives in the pool file instead."
ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm.ini" --destination="$fpm_config_dir/conf.d/20-$app.ini" ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm.ini" --destination="$fpm_config_dir/conf.d/20-$app.ini"
fi fi
if [ $dedicated_service -eq 1 ] if [ $dedicated_service -eq 1 ]; then
then
# Create a dedicated php-fpm.conf for the service # Create a dedicated php-fpm.conf for the service
local globalphpconf=$fpm_config_dir/php-fpm-$app.conf local globalphpconf=$fpm_config_dir/php-fpm-$app.conf
echo "[global] echo "[global]
pid = /run/php/php__PHPVERSION__-fpm-__APP__.pid pid = /run/php/php__PHPVERSION__-fpm-__APP__.pid
error_log = /var/log/php/fpm-php.__APP__.log error_log = /var/log/php/fpm-php.__APP__.log
syslog.ident = php-fpm-__APP__ syslog.ident = php-fpm-__APP__
include = __FINALPHPCONF__ include = __FINALPHPCONF__
" > $YNH_APP_BASEDIR/conf/php-fpm-$app.conf " >$YNH_APP_BASEDIR/conf/php-fpm-$app.conf
ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm-$app.conf" --destination="$globalphpconf" ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm-$app.conf" --destination="$globalphpconf"
@ -240,7 +228,7 @@ ExecReload=/bin/kill -USR2 \$MAINPID
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
" > $YNH_APP_BASEDIR/conf/$fpm_service " >$YNH_APP_BASEDIR/conf/$fpm_service
# Create this dedicated PHP-FPM service # Create this dedicated PHP-FPM service
ynh_add_systemd_config --service=$fpm_service --template=$fpm_service ynh_add_systemd_config --service=$fpm_service --template=$fpm_service
@ -252,8 +240,7 @@ WantedBy=multi-user.target
ynh_systemd_action --service_name=$fpm_service --action=restart ynh_systemd_action --service_name=$fpm_service --action=restart
else else
# Validate that the new php conf doesn't break php-fpm entirely # Validate that the new php conf doesn't break php-fpm entirely
if ! php-fpm${phpversion} --test 2>/dev/null if ! php-fpm${phpversion} --test 2>/dev/null; then
then
php-fpm${phpversion} --test || true php-fpm${phpversion} --test || true
ynh_secure_remove --file="$finalphpconf" ynh_secure_remove --file="$finalphpconf"
ynh_die --message="The new configuration broke php-fpm?" ynh_die --message="The new configuration broke php-fpm?"
@ -267,7 +254,7 @@ WantedBy=multi-user.target
# usage: ynh_remove_fpm_config # usage: ynh_remove_fpm_config
# #
# Requires YunoHost version 2.7.2 or higher. # Requires YunoHost version 2.7.2 or higher.
ynh_remove_fpm_config () { ynh_remove_fpm_config() {
local fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) local fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir)
local fpm_service=$(ynh_app_setting_get --app=$app --key=fpm_service) local fpm_service=$(ynh_app_setting_get --app=$app --key=fpm_service)
local dedicated_service=$(ynh_app_setting_get --app=$app --key=fpm_dedicated_service) local dedicated_service=$(ynh_app_setting_get --app=$app --key=fpm_dedicated_service)
@ -279,20 +266,17 @@ ynh_remove_fpm_config () {
phpversion="${phpversion:-$YNH_DEFAULT_PHP_VERSION}" phpversion="${phpversion:-$YNH_DEFAULT_PHP_VERSION}"
# Assume default PHP files if not set # Assume default PHP files if not set
if [ -z "$fpm_config_dir" ] if [ -z "$fpm_config_dir" ]; then
then
fpm_config_dir="/etc/php/$YNH_DEFAULT_PHP_VERSION/fpm" fpm_config_dir="/etc/php/$YNH_DEFAULT_PHP_VERSION/fpm"
fpm_service="php$YNH_DEFAULT_PHP_VERSION-fpm" fpm_service="php$YNH_DEFAULT_PHP_VERSION-fpm"
fi fi
ynh_secure_remove --file="$fpm_config_dir/pool.d/$app.conf" ynh_secure_remove --file="$fpm_config_dir/pool.d/$app.conf"
if [ -e $fpm_config_dir/conf.d/20-$app.ini ] if [ -e $fpm_config_dir/conf.d/20-$app.ini ]; then
then
ynh_secure_remove --file="$fpm_config_dir/conf.d/20-$app.ini" ynh_secure_remove --file="$fpm_config_dir/conf.d/20-$app.ini"
fi fi
if [ $dedicated_service -eq 1 ] if [ $dedicated_service -eq 1 ]; then
then
# Remove the dedicated service PHP-FPM service for the app # Remove the dedicated service PHP-FPM service for the app
ynh_remove_systemd_config --service=$fpm_service ynh_remove_systemd_config --service=$fpm_service
# Remove the global PHP-FPM conf # Remove the global PHP-FPM conf
@ -304,8 +288,7 @@ ynh_remove_fpm_config () {
fi fi
# If the PHP version used is not the default version for YunoHost # If the PHP version used is not the default version for YunoHost
if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ] if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ]; then
then
# Remove this specific version of PHP # Remove this specific version of PHP
ynh_remove_php ynh_remove_php
fi fi
@ -320,47 +303,22 @@ ynh_remove_fpm_config () {
# | arg: -p, --package= - Additionnal PHP packages to install # | arg: -p, --package= - Additionnal PHP packages to install
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_install_php () { ynh_install_php() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=vp local legacy_args=vp
local -A args_array=( [v]=phpversion= [p]=package= ) local -A args_array=([v]=phpversion= [p]=package=)
local phpversion local phpversion
local package local package
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
package=${package:-} package=${package:-}
# Store phpversion into the config of this app if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ]; then
ynh_app_setting_set $app phpversion $phpversion
if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ]
then
ynh_die --message="Do not use ynh_install_php to install php$YNH_DEFAULT_PHP_VERSION" ynh_die --message="Do not use ynh_install_php to install php$YNH_DEFAULT_PHP_VERSION"
fi fi
# Create the file if doesn't exist already ynh_install_app_dependencies "$package"
touch /etc/php/ynh_app_version ynh_app_setting_set --app=$app --key=phpversion --value=$specific_php_version
# Do not add twice the same line
if ! grep --quiet "$YNH_APP_INSTANCE_NAME:" "/etc/php/ynh_app_version"
then
# Store the ID of this app and the version of PHP requested for it
echo "$YNH_APP_INSTANCE_NAME:$phpversion" | tee --append "/etc/php/ynh_app_version"
fi
# Add an extra repository for those packages
ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(ynh_get_debian_release) main" --key="https://packages.sury.org/php/apt.gpg" --name=extra_php_version --priority=600
# Install requested dependencies from this extra repository.
# Install PHP-FPM first, otherwise PHP will install apache as a dependency.
ynh_add_app_dependencies --package="php${phpversion}-fpm"
ynh_add_app_dependencies --package="php$phpversion php${phpversion}-common $package"
# Set the default PHP version back as the default version for php-cli.
update-alternatives --set php /usr/bin/php$YNH_DEFAULT_PHP_VERSION
# Advertise service in admin panel
yunohost service add php${phpversion}-fpm --log "/var/log/php${phpversion}-fpm.log"
} }
# Remove the specific version of PHP used by the app. # Remove the specific version of PHP used by the app.
@ -371,35 +329,7 @@ ynh_install_php () {
# #
# Requires YunoHost version 3.8.1 or higher. # Requires YunoHost version 3.8.1 or higher.
ynh_remove_php () { ynh_remove_php () {
# Get the version of PHP used by this app ynh_remove_app_dependencies
local phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ] || [ -z "$phpversion" ]
then
if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ]
then
ynh_print_err "Do not use ynh_remove_php to remove php$YNH_DEFAULT_PHP_VERSION !"
fi
return 0
fi
# Create the file if doesn't exist already
touch /etc/php/ynh_app_version
# Remove the line for this app
sed --in-place "/$YNH_APP_INSTANCE_NAME:$phpversion/d" "/etc/php/ynh_app_version"
# If no other app uses this version of PHP, remove it.
if ! grep --quiet "$phpversion" "/etc/php/ynh_app_version"
then
# Remove the service from the admin panel
if ynh_package_is_installed --package="php${phpversion}-fpm"; then
yunohost service remove php${phpversion}-fpm
fi
# Purge PHP dependencies for this version.
ynh_package_autopurge "php$phpversion php${phpversion}-fpm php${phpversion}-common"
fi
} }
# Define the values to configure PHP-FPM # Define the values to configure PHP-FPM
@ -421,10 +351,10 @@ ynh_remove_php () {
# high - High usage, frequently visited website. # high - High usage, frequently visited website.
# #
# | arg: -p, --print - Print the result (intended for debug purpose only when packaging the app) # | arg: -p, --print - Print the result (intended for debug purpose only when packaging the app)
ynh_get_scalable_phpfpm () { ynh_get_scalable_phpfpm() {
local legacy_args=ufp local legacy_args=ufp
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local -A args_array=( [u]=usage= [f]=footprint= [p]=print ) local -A args_array=([u]=usage= [f]=footprint= [p]=print)
local usage local usage
local footprint local footprint
local print local print
@ -435,38 +365,30 @@ ynh_get_scalable_phpfpm () {
usage=${usage,,} usage=${usage,,}
print=${print:-0} print=${print:-0}
if [ "$footprint" = "low" ] if [ "$footprint" = "low" ]; then
then
footprint=20 footprint=20
elif [ "$footprint" = "medium" ] elif [ "$footprint" = "medium" ]; then
then
footprint=35 footprint=35
elif [ "$footprint" = "high" ] elif [ "$footprint" = "high" ]; then
then
footprint=50 footprint=50
fi fi
# Define the factor to determine min_spare_servers # Define the factor to determine min_spare_servers
# to avoid having too few children ready to start for heavy apps # to avoid having too few children ready to start for heavy apps
if [ $footprint -le 20 ] if [ $footprint -le 20 ]; then
then
min_spare_servers_factor=8 min_spare_servers_factor=8
elif [ $footprint -le 35 ] elif [ $footprint -le 35 ]; then
then
min_spare_servers_factor=5 min_spare_servers_factor=5
else else
min_spare_servers_factor=3 min_spare_servers_factor=3
fi fi
# Define the way the process manager handle child processes. # Define the way the process manager handle child processes.
if [ "$usage" = "low" ] if [ "$usage" = "low" ]; then
then
php_pm=ondemand php_pm=ondemand
elif [ "$usage" = "medium" ] elif [ "$usage" = "medium" ]; then
then
php_pm=dynamic php_pm=dynamic
elif [ "$usage" = "high" ] elif [ "$usage" = "high" ]; then
then
php_pm=static php_pm=static
else else
ynh_die --message="Does not recognize '$usage' as an usage value." ynh_die --message="Does not recognize '$usage' as an usage value."
@ -477,8 +399,7 @@ ynh_get_scalable_phpfpm () {
at_least_one() { at_least_one() {
# Do not allow value below 1 # Do not allow value below 1
if [ $1 -le 0 ] if [ $1 -le 0 ]; then
then
echo 1 echo 1
else else
echo $1 echo $1
@ -488,20 +409,18 @@ ynh_get_scalable_phpfpm () {
# Define pm.max_children # Define pm.max_children
# The value of pm.max_children is the total amount of ram divide by 2 and divide again by the footprint of a pool for this app. # The value of pm.max_children is the total amount of ram divide by 2 and divide again by the footprint of a pool for this app.
# So if PHP-FPM start the maximum of children, it won't exceed half of the ram. # So if PHP-FPM start the maximum of children, it won't exceed half of the ram.
php_max_children=$(( $max_ram / 2 / $footprint )) php_max_children=$(($max_ram / 2 / $footprint))
# If process manager is set as static, use half less children. # If process manager is set as static, use half less children.
# Used as static, there's always as many children as the value of pm.max_children # Used as static, there's always as many children as the value of pm.max_children
if [ "$php_pm" = "static" ] if [ "$php_pm" = "static" ]; then
then php_max_children=$(($php_max_children / 2))
php_max_children=$(( $php_max_children / 2 ))
fi fi
php_max_children=$(at_least_one $php_max_children) php_max_children=$(at_least_one $php_max_children)
# To not overload the proc, limit the number of children to 4 times the number of cores. # To not overload the proc, limit the number of children to 4 times the number of cores.
local core_number=$(nproc) local core_number=$(nproc)
local max_proc=$(( $core_number * 4 )) local max_proc=$(($core_number * 4))
if [ $php_max_children -gt $max_proc ] if [ $php_max_children -gt $max_proc ]; then
then
php_max_children=$max_proc php_max_children=$max_proc
fi fi
@ -511,16 +430,15 @@ ynh_get_scalable_phpfpm () {
php_max_children=$php_forced_max_children php_max_children=$php_forced_max_children
fi fi
if [ "$php_pm" = "dynamic" ] if [ "$php_pm" = "dynamic" ]; then
then
# Define pm.start_servers, pm.min_spare_servers and pm.max_spare_servers for a dynamic process manager # Define pm.start_servers, pm.min_spare_servers and pm.max_spare_servers for a dynamic process manager
php_min_spare_servers=$(( $php_max_children / $min_spare_servers_factor )) php_min_spare_servers=$(($php_max_children / $min_spare_servers_factor))
php_min_spare_servers=$(at_least_one $php_min_spare_servers) php_min_spare_servers=$(at_least_one $php_min_spare_servers)
php_max_spare_servers=$(( $php_max_children / 2 )) php_max_spare_servers=$(($php_max_children / 2))
php_max_spare_servers=$(at_least_one $php_max_spare_servers) php_max_spare_servers=$(at_least_one $php_max_spare_servers)
php_start_servers=$(( $php_min_spare_servers + ( $php_max_spare_servers - $php_min_spare_servers ) /2 )) php_start_servers=$(($php_min_spare_servers + ($php_max_spare_servers - $php_min_spare_servers) / 2))
php_start_servers=$(at_least_one $php_start_servers) php_start_servers=$(at_least_one $php_start_servers)
else else
php_min_spare_servers=0 php_min_spare_servers=0
@ -528,30 +446,25 @@ ynh_get_scalable_phpfpm () {
php_start_servers=0 php_start_servers=0
fi fi
if [ $print -eq 1 ] if [ $print -eq 1 ]; then
then ynh_print_warn --message="Footprint=${footprint}Mb by pool."
ynh_debug --message="Footprint=${footprint}Mb by pool." ynh_print_warn --message="Process manager=$php_pm"
ynh_debug --message="Process manager=$php_pm" ynh_print_warn --message="Max RAM=${max_ram}Mb"
ynh_debug --message="Max RAM=${max_ram}Mb" if [ "$php_pm" != "static" ]; then
if [ "$php_pm" != "static" ] ynh_print_warn --message="\nMax estimated footprint=$(($php_max_children * $footprint))"
then ynh_print_warn --message="Min estimated footprint=$(($php_min_spare_servers * $footprint))"
ynh_debug --message="\nMax estimated footprint=$(( $php_max_children * $footprint ))"
ynh_debug --message="Min estimated footprint=$(( $php_min_spare_servers * $footprint ))"
fi fi
if [ "$php_pm" = "dynamic" ] if [ "$php_pm" = "dynamic" ]; then
then ynh_print_warn --message="Estimated average footprint=$(($php_max_spare_servers * $footprint))"
ynh_debug --message="Estimated average footprint=$(( $php_max_spare_servers * $footprint ))" elif [ "$php_pm" = "static" ]; then
elif [ "$php_pm" = "static" ] ynh_print_warn --message="Estimated footprint=$(($php_max_children * $footprint))"
then
ynh_debug --message="Estimated footprint=$(( $php_max_children * $footprint ))"
fi fi
ynh_debug --message="\nRaw php-fpm values:" ynh_print_warn --message="\nRaw php-fpm values:"
ynh_debug --message="pm.max_children = $php_max_children" ynh_print_warn --message="pm.max_children = $php_max_children"
if [ "$php_pm" = "dynamic" ] if [ "$php_pm" = "dynamic" ]; then
then ynh_print_warn --message="pm.start_servers = $php_start_servers"
ynh_debug --message="pm.start_servers = $php_start_servers" ynh_print_warn --message="pm.min_spare_servers = $php_min_spare_servers"
ynh_debug --message="pm.min_spare_servers = $php_min_spare_servers" ynh_print_warn --message="pm.max_spare_servers = $php_max_spare_servers"
ynh_debug --message="pm.max_spare_servers = $php_max_spare_servers"
fi fi
fi fi
} }
@ -569,10 +482,10 @@ YNH_COMPOSER_VERSION=${YNH_COMPOSER_VERSION:-$YNH_DEFAULT_COMPOSER_VERSION}
# | arg: -c, --commands - Commands to execute. # | arg: -c, --commands - Commands to execute.
# #
# Requires YunoHost version 4.2 or higher. # Requires YunoHost version 4.2 or higher.
ynh_composer_exec () { ynh_composer_exec() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=vwc local legacy_args=vwc
declare -Ar args_array=( [v]=phpversion= [w]=workdir= [c]=commands= ) declare -Ar args_array=([v]=phpversion= [w]=workdir= [c]=commands=)
local phpversion local phpversion
local workdir local workdir
local commands local commands
@ -595,10 +508,10 @@ ynh_composer_exec () {
# | arg: -c, --composerversion - Composer version to install # | arg: -c, --composerversion - Composer version to install
# #
# Requires YunoHost version 4.2 or higher. # Requires YunoHost version 4.2 or higher.
ynh_install_composer () { ynh_install_composer() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=vwac local legacy_args=vwac
declare -Ar args_array=( [v]=phpversion= [w]=workdir= [a]=install_args= [c]=composerversion=) declare -Ar args_array=([v]=phpversion= [w]=workdir= [a]=install_args= [c]=composerversion=)
local phpversion local phpversion
local workdir local workdir
local install_args local install_args
@ -612,7 +525,7 @@ ynh_install_composer () {
curl -sS https://getcomposer.org/installer \ curl -sS https://getcomposer.org/installer \
| COMPOSER_HOME="$workdir/.composer" \ | COMPOSER_HOME="$workdir/.composer" \
php${phpversion} -- --quiet --install-dir="$workdir" --version=$composerversion \ php${phpversion} -- --quiet --install-dir="$workdir" --version=$composerversion \
|| ynh_die --message="Unable to install Composer." || ynh_die --message="Unable to install Composer."
# install dependencies # install dependencies

23
data/helpers.d/postgresql
View file

@ -46,8 +46,7 @@ ynh_psql_execute_as_root() {
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
database="${database:-}" database="${database:-}"
if [ -n "$database" ] if [ -n "$database" ]; then
then
database="--database=$database" database="--database=$database"
fi fi
@ -72,8 +71,7 @@ ynh_psql_execute_file_as_root() {
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
database="${database:-}" database="${database:-}"
if [ -n "$database" ] if [ -n "$database" ]; then
then
database="--database=$database" database="--database=$database"
fi fi
@ -175,8 +173,7 @@ ynh_psql_user_exists() {
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user" if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user"; then
then
return 1 return 1
else else
return 0 return 0
@ -198,8 +195,7 @@ ynh_psql_database_exists() {
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database" if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database"; then
then
return 1 return 1
else else
return 0 return 0
@ -269,16 +265,14 @@ ynh_psql_remove_db() {
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
if ynh_psql_database_exists --database=$db_name if ynh_psql_database_exists --database=$db_name; then # Check if the database exists
then # Check if the database exists ynh_psql_drop_db $db_name # Remove the database
ynh_psql_drop_db $db_name # Remove the database
else else
ynh_print_warn --message="Database $db_name not found" ynh_print_warn --message="Database $db_name not found"
fi fi
# Remove psql user if it exists # Remove psql user if it exists
if ynh_psql_user_exists --user=$db_user if ynh_psql_user_exists --user=$db_user; then
then
ynh_psql_drop_user $db_user ynh_psql_drop_user $db_user
else else
ynh_print_warn --message="User $db_user not found" ynh_print_warn --message="User $db_user not found"
@ -310,8 +304,7 @@ ynh_psql_test_if_first_run() {
# If this is the very first time, we define the root password # If this is the very first time, we define the root password
# and configure a few things # and configure a few things
if [ ! -f "$PSQL_ROOT_PWD_FILE" ] if [ ! -f "$PSQL_ROOT_PWD_FILE" ]; then
then
local pg_hba=/etc/postgresql/$PSQL_VERSION/main/pg_hba.conf local pg_hba=/etc/postgresql/$PSQL_VERSION/main/pg_hba.conf
local psql_root_password="$(ynh_string_random)" local psql_root_password="$(ynh_string_random)"

17
data/helpers.d/setting
View file

@ -10,7 +10,7 @@
ynh_app_setting_get() { ynh_app_setting_get() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=ak local legacy_args=ak
local -A args_array=( [a]=app= [k]=key= ) local -A args_array=([a]=app= [k]=key=)
local app local app
local key local key
# Manage arguments with getopts # Manage arguments with getopts
@ -34,7 +34,7 @@ ynh_app_setting_get() {
ynh_app_setting_set() { ynh_app_setting_set() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=akv local legacy_args=akv
local -A args_array=( [a]=app= [k]=key= [v]=value= ) local -A args_array=([a]=app= [k]=key= [v]=value=)
local app local app
local key local key
local value local value
@ -58,7 +58,7 @@ ynh_app_setting_set() {
ynh_app_setting_delete() { ynh_app_setting_delete() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=ak local legacy_args=ak
local -A args_array=( [a]=app= [k]=key= ) local -A args_array=([a]=app= [k]=key=)
local app local app
local key local key
# Manage arguments with getopts # Manage arguments with getopts
@ -76,8 +76,7 @@ ynh_app_setting_delete() {
# #
# [internal] # [internal]
# #
ynh_app_setting() ynh_app_setting() {
{
set +o xtrace # set +x set +o xtrace # set +x
ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python3 - <<EOF ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python3 - <<EOF
import os, yaml, sys import os, yaml, sys
@ -115,10 +114,10 @@ EOF
# example: ynh_webpath_available --domain=some.domain.tld --path_url=/coffee # example: ynh_webpath_available --domain=some.domain.tld --path_url=/coffee
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_webpath_available () { ynh_webpath_available() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=dp local legacy_args=dp
local -A args_array=( [d]=domain= [p]=path_url= ) local -A args_array=([d]=domain= [p]=path_url=)
local domain local domain
local path_url local path_url
# Manage arguments with getopts # Manage arguments with getopts
@ -137,10 +136,10 @@ ynh_webpath_available () {
# example: ynh_webpath_register --app=wordpress --domain=some.domain.tld --path_url=/coffee # example: ynh_webpath_register --app=wordpress --domain=some.domain.tld --path_url=/coffee
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_webpath_register () { ynh_webpath_register() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=adp local legacy_args=adp
local -A args_array=( [a]=app= [d]=domain= [p]=path_url= ) local -A args_array=([a]=app= [d]=domain= [p]=path_url=)
local app local app
local domain local domain
local path_url local path_url

28
data/helpers.d/string
View file

@ -12,13 +12,13 @@
ynh_string_random() { ynh_string_random() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=l local legacy_args=l
local -A args_array=( [l]=length= ) local -A args_array=([l]=length=)
local length local length
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
length=${length:-24} length=${length:-24}
dd if=/dev/urandom bs=1 count=1000 2> /dev/null \ dd if=/dev/urandom bs=1 count=1000 2>/dev/null \
| tr --complement --delete 'A-Za-z0-9' \ | tr --complement --delete 'A-Za-z0-9' \
| sed --quiet 's/\(.\{'"$length"'\}\).*/\1/p' | sed --quiet 's/\(.\{'"$length"'\}\).*/\1/p'
} }
@ -34,10 +34,10 @@ ynh_string_random() {
# sub-expressions can be used (see sed manual page for more information) # sub-expressions can be used (see sed manual page for more information)
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_replace_string () { ynh_replace_string() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=mrf local legacy_args=mrf
local -A args_array=( [m]=match_string= [r]=replace_string= [f]=target_file= ) local -A args_array=([m]=match_string= [r]=replace_string= [f]=target_file=)
local match_string local match_string
local replace_string local replace_string
local target_file local target_file
@ -65,10 +65,10 @@ ynh_replace_string () {
# characters, you can't use some regular expressions and sub-expressions. # characters, you can't use some regular expressions and sub-expressions.
# #
# Requires YunoHost version 2.7.7 or higher. # Requires YunoHost version 2.7.7 or higher.
ynh_replace_special_string () { ynh_replace_special_string() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=mrf local legacy_args=mrf
local -A args_array=( [m]=match_string= [r]=replace_string= [f]=target_file= ) local -A args_array=([m]=match_string= [r]=replace_string= [f]=target_file=)
local match_string local match_string
local replace_string local replace_string
local target_file local target_file
@ -97,10 +97,10 @@ ynh_replace_special_string () {
# Underscorify the string (replace - and . by _) # Underscorify the string (replace - and . by _)
# #
# Requires YunoHost version 2.2.4 or higher. # Requires YunoHost version 2.2.4 or higher.
ynh_sanitize_dbid () { ynh_sanitize_dbid() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=n local legacy_args=n
local -A args_array=( [n]=db_name= ) local -A args_array=([n]=db_name=)
local db_name local db_name
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -127,20 +127,20 @@ ynh_sanitize_dbid () {
# | arg: -p, --path_url= - URL path to normalize before using it # | arg: -p, --path_url= - URL path to normalize before using it
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_normalize_url_path () { ynh_normalize_url_path() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=p local legacy_args=p
local -A args_array=( [p]=path_url= ) local -A args_array=([p]=path_url=)
local path_url local path_url
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
test -n "$path_url" || ynh_die --message="ynh_normalize_url_path expect a URL path as first argument and received nothing." test -n "$path_url" || ynh_die --message="ynh_normalize_url_path expect a URL path as first argument and received nothing."
if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a / if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a /
path_url="/$path_url" # Add / at begin of path variable path_url="/$path_url" # Add / at begin of path variable
fi fi
if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character. if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character.
path_url="${path_url:0:${#path_url}-1}" # Delete the last character path_url="${path_url:0:${#path_url}-1}" # Delete the last character
fi fi
echo $path_url echo $path_url
} }

55
data/helpers.d/systemd
View file

@ -12,10 +12,10 @@
# format and how placeholders are replaced with actual variables. # format and how placeholders are replaced with actual variables.
# #
# Requires YunoHost version 4.1.0 or higher. # Requires YunoHost version 4.1.0 or higher.
ynh_add_systemd_config () { ynh_add_systemd_config() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=stv local legacy_args=stv
local -A args_array=( [s]=service= [t]=template=) local -A args_array=([s]=service= [t]=template=)
local service local service
local template local template
# Manage arguments with getopts # Manage arguments with getopts
@ -35,18 +35,17 @@ ynh_add_systemd_config () {
# | arg: -s, --service= - Service name (optionnal, $app by default) # | arg: -s, --service= - Service name (optionnal, $app by default)
# #
# Requires YunoHost version 2.7.2 or higher. # Requires YunoHost version 2.7.2 or higher.
ynh_remove_systemd_config () { ynh_remove_systemd_config() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=s local legacy_args=s
local -A args_array=( [s]=service= ) local -A args_array=([s]=service=)
local service local service
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
local service="${service:-$app}" local service="${service:-$app}"
local finalsystemdconf="/etc/systemd/system/$service.service" local finalsystemdconf="/etc/systemd/system/$service.service"
if [ -e "$finalsystemdconf" ] if [ -e "$finalsystemdconf" ]; then
then
ynh_systemd_action --service_name=$service --action=stop ynh_systemd_action --service_name=$service --action=stop
systemctl disable $service --quiet systemctl disable $service --quiet
ynh_secure_remove --file="$finalsystemdconf" ynh_secure_remove --file="$finalsystemdconf"
@ -68,7 +67,7 @@ ynh_remove_systemd_config () {
ynh_systemd_action() { ynh_systemd_action() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=nalpte local legacy_args=nalpte
local -A args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= ) local -A args_array=([n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length=)
local service_name local service_name
local action local action
local line_match local line_match
@ -85,25 +84,22 @@ ynh_systemd_action() {
timeout=${timeout:-300} timeout=${timeout:-300}
# Manage case of service already stopped # Manage case of service already stopped
if [ "$action" == "stop" ] && ! systemctl is-active --quiet $service_name if [ "$action" == "stop" ] && ! systemctl is-active --quiet $service_name; then
then
return 0 return 0
fi fi
# Start to read the log # Start to read the log
if [[ -n "$line_match" ]] if [[ -n "$line_match" ]]; then
then
local templog="$(mktemp)" local templog="$(mktemp)"
# Following the starting of the app in its log # Following the starting of the app in its log
if [ "$log_path" == "systemd" ] if [ "$log_path" == "systemd" ]; then
then
# Read the systemd journal # Read the systemd journal
journalctl --unit=$service_name --follow --since=-0 --quiet > "$templog" & journalctl --unit=$service_name --follow --since=-0 --quiet >"$templog" &
# Get the PID of the journalctl command # Get the PID of the journalctl command
local pid_tail=$! local pid_tail=$!
else else
# Read the specified log file # Read the specified log file
tail --follow=name --retry --lines=0 "$log_path" > "$templog" 2>&1 & tail --follow=name --retry --lines=0 "$log_path" >"$templog" 2>&1 &
# Get the PID of the tail command # Get the PID of the tail command
local pid_tail=$! local pid_tail=$!
fi fi
@ -115,13 +111,11 @@ ynh_systemd_action() {
fi fi
# If the service fails to perform the action # If the service fails to perform the action
if ! systemctl $action $service_name if ! systemctl $action $service_name; then
then
# Show syslog for this service # Show syslog for this service
ynh_exec_err journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name ynh_exec_err journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name
# If a log is specified for this service, show also the content of this log # If a log is specified for this service, show also the content of this log
if [ -e "$log_path" ] if [ -e "$log_path" ]; then
then
ynh_exec_err tail --lines=$length "$log_path" ynh_exec_err tail --lines=$length "$log_path"
fi fi
ynh_clean_check_starting ynh_clean_check_starting
@ -129,15 +123,12 @@ ynh_systemd_action() {
fi fi
# Start the timeout and try to find line_match # Start the timeout and try to find line_match
if [[ -n "${line_match:-}" ]] if [[ -n "${line_match:-}" ]]; then
then
set +x set +x
local i=0 local i=0
for i in $(seq 1 $timeout) for i in $(seq 1 $timeout); do
do
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout # Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
if grep --extended-regexp --quiet "$line_match" "$templog" if grep --extended-regexp --quiet "$line_match" "$templog"; then
then
ynh_print_info --message="The service $service_name has correctly executed the action ${action}." ynh_print_info --message="The service $service_name has correctly executed the action ${action}."
break break
fi fi
@ -150,13 +141,11 @@ ynh_systemd_action() {
if [ $i -ge 3 ]; then if [ $i -ge 3 ]; then
echo "" >&2 echo "" >&2
fi fi
if [ $i -eq $timeout ] if [ $i -eq $timeout ]; then
then
ynh_print_warn --message="The service $service_name didn't fully executed the action ${action} before the timeout." ynh_print_warn --message="The service $service_name didn't fully executed the action ${action} before the timeout."
ynh_print_warn --message="Please find here an extract of the end of the log of the service $service_name:" ynh_print_warn --message="Please find here an extract of the end of the log of the service $service_name:"
ynh_exec_warn journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name ynh_exec_warn journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name
if [ -e "$log_path" ] if [ -e "$log_path" ]; then
then
ynh_print_warn --message="\-\-\-" ynh_print_warn --message="\-\-\-"
ynh_exec_warn tail --lines=$length "$log_path" ynh_exec_warn tail --lines=$length "$log_path"
fi fi
@ -170,14 +159,12 @@ ynh_systemd_action() {
# [internal] # [internal]
# #
# Requires YunoHost version 3.5.0 or higher. # Requires YunoHost version 3.5.0 or higher.
ynh_clean_check_starting () { ynh_clean_check_starting() {
if [ -n "${pid_tail:-}" ] if [ -n "${pid_tail:-}" ]; then
then
# Stop the execution of tail. # Stop the execution of tail.
kill -SIGTERM $pid_tail 2>&1 kill -SIGTERM $pid_tail 2>&1
fi fi
if [ -n "${templog:-}" ] if [ -n "${templog:-}" ]; then
then
ynh_secure_remove --file="$templog" 2>&1 ynh_secure_remove --file="$templog" 2>&1
fi fi
} }

37
data/helpers.d/user
View file

@ -12,7 +12,7 @@
ynh_user_exists() { ynh_user_exists() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=u local legacy_args=u
local -A args_array=( [u]=username= ) local -A args_array=([u]=username=)
local username local username
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -33,7 +33,7 @@ ynh_user_exists() {
ynh_user_get_info() { ynh_user_get_info() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=uk local legacy_args=uk
local -A args_array=( [u]=username= [k]=key= ) local -A args_array=([u]=username= [k]=key=)
local username local username
local key local key
# Manage arguments with getopts # Manage arguments with getopts
@ -64,7 +64,7 @@ ynh_user_list() {
ynh_system_user_exists() { ynh_system_user_exists() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=u local legacy_args=u
local -A args_array=( [u]=username= ) local -A args_array=([u]=username=)
local username local username
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -82,7 +82,7 @@ ynh_system_user_exists() {
ynh_system_group_exists() { ynh_system_group_exists() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=g local legacy_args=g
local -A args_array=( [g]=group= ) local -A args_array=([g]=group=)
local group local group
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -108,10 +108,10 @@ ynh_system_group_exists() {
# ``` # ```
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_system_user_create () { ynh_system_user_create() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=uhs local legacy_args=uhs
local -A args_array=( [u]=username= [h]=home_dir= [s]=use_shell [g]=groups= ) local -A args_array=([u]=username= [h]=home_dir= [s]=use_shell [g]=groups=)
local username local username
local home_dir local home_dir
local use_shell local use_shell
@ -123,17 +123,15 @@ ynh_system_user_create () {
home_dir="${home_dir:-}" home_dir="${home_dir:-}"
groups="${groups:-}" groups="${groups:-}"
if ! ynh_system_user_exists "$username" # Check if the user exists on the system if ! ynh_system_user_exists "$username"; then # Check if the user exists on the system
then # If the user doesn't exist # If the user doesn't exist
if [ -n "$home_dir" ] if [ -n "$home_dir" ]; then # If a home dir is mentioned
then # If a home dir is mentioned
local user_home_dir="--home-dir $home_dir" local user_home_dir="--home-dir $home_dir"
else else
local user_home_dir="--no-create-home" local user_home_dir="--no-create-home"
fi fi
if [ $use_shell -eq 1 ] if [ $use_shell -eq 1 ]; then # If we want a shell for the user
then # If we want a shell for the user local shell="" # Use default shell
local shell="" # Use default shell
else else
local shell="--shell /usr/sbin/nologin" local shell="--shell /usr/sbin/nologin"
fi fi
@ -141,8 +139,7 @@ ynh_system_user_create () {
fi fi
local group local group
for group in $groups for group in $groups; do
do
usermod -a -G "$group" "$username" usermod -a -G "$group" "$username"
done done
} }
@ -153,25 +150,23 @@ ynh_system_user_create () {
# | arg: -u, --username= - Name of the system user that will be create # | arg: -u, --username= - Name of the system user that will be create
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_system_user_delete () { ynh_system_user_delete() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=u local legacy_args=u
local -A args_array=( [u]=username= ) local -A args_array=([u]=username=)
local username local username
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
# Check if the user exists on the system # Check if the user exists on the system
if ynh_system_user_exists "$username" if ynh_system_user_exists "$username"; then
then
deluser $username deluser $username
else else
ynh_print_warn --message="The user $username was not found" ynh_print_warn --message="The user $username was not found"
fi fi
# Check if the group exists on the system # Check if the group exists on the system
if ynh_system_group_exists "$username" if ynh_system_group_exists "$username"; then
then
delgroup $username delgroup $username
fi fi
} }

244
data/helpers.d/utils
View file

@ -19,25 +19,25 @@ YNH_APP_BASEDIR=${YNH_APP_BASEDIR:-$(realpath ..)}
# It prints a warning to inform that the script was failed, and execute the ynh_clean_setup function if used in the app script # It prints a warning to inform that the script was failed, and execute the ynh_clean_setup function if used in the app script
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_exit_properly () { ynh_exit_properly() {
local exit_code=$? local exit_code=$?
rm -rf "/var/cache/yunohost/download/" rm -rf "/var/cache/yunohost/download/"
if [ "$exit_code" -eq 0 ]; then if [ "$exit_code" -eq 0 ]; then
exit 0 # Exit without error if the script ended correctly exit 0 # Exit without error if the script ended correctly
fi fi
trap '' EXIT # Ignore new exit signals trap '' EXIT # Ignore new exit signals
# Do not exit anymore if a command fail or if a variable is empty # Do not exit anymore if a command fail or if a variable is empty
set +o errexit # set +e set +o errexit # set +e
set +o nounset # set +u set +o nounset # set +u
# Small tempo to avoid the next message being mixed up with other DEBUG messages # Small tempo to avoid the next message being mixed up with other DEBUG messages
sleep 0.5 sleep 0.5
if type -t ynh_clean_setup > /dev/null; then # Check if the function exist in the app script. if type -t ynh_clean_setup >/dev/null; then # Check if the function exist in the app script.
ynh_clean_setup # Call the function to do specific cleaning for the app. ynh_clean_setup # Call the function to do specific cleaning for the app.
fi fi
# Exit with error status # Exit with error status
@ -55,10 +55,10 @@ ynh_exit_properly () {
# and a call to `ynh_clean_setup` is triggered if it has been defined by your script. # and a call to `ynh_clean_setup` is triggered if it has been defined by your script.
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_abort_if_errors () { ynh_abort_if_errors() {
set -o errexit # set -e; Exit if a command fail set -o errexit # set -e; Exit if a command fail
set -o nounset # set -u; And if a variable is used unset set -o nounset # set -u; And if a variable is used unset
trap ynh_exit_properly EXIT # Capturing exit signals on shell script trap ynh_exit_properly EXIT # Capturing exit signals on shell script
} }
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
@ -99,10 +99,10 @@ ynh_abort_if_errors () {
# - Extra files in `sources/extra_files/$src_id` will be copied to dest_dir # - Extra files in `sources/extra_files/$src_id` will be copied to dest_dir
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_setup_source () { ynh_setup_source() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=dsk local legacy_args=dsk
local -A args_array=( [d]=dest_dir= [s]=source_id= [k]=keep= ) local -A args_array=([d]=dest_dir= [s]=source_id= [k]=keep=)
local dest_dir local dest_dir
local source_id local source_id
local keep local keep
@ -133,15 +133,13 @@ ynh_setup_source () {
src_filename="${source_id}.${src_format}" src_filename="${source_id}.${src_format}"
fi fi
# (Unused?) mecanism where one can have the file in a special local cache to not have to download it... # (Unused?) mecanism where one can have the file in a special local cache to not have to download it...
local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}" local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}"
mkdir -p /var/cache/yunohost/download/${YNH_APP_ID}/ mkdir -p /var/cache/yunohost/download/${YNH_APP_ID}/
src_filename="/var/cache/yunohost/download/${YNH_APP_ID}/${src_filename}" src_filename="/var/cache/yunohost/download/${YNH_APP_ID}/${src_filename}"
if test -e "$local_src" if test -e "$local_src"; then
then
cp $local_src $src_filename cp $local_src $src_filename
else else
[ -n "$src_url" ] || ynh_die "Couldn't parse SOURCE_URL from $src_file_path ?" [ -n "$src_url" ] || ynh_die "Couldn't parse SOURCE_URL from $src_file_path ?"
@ -162,15 +160,12 @@ ynh_setup_source () {
# Keep files to be backup/restored at the end of the helper # Keep files to be backup/restored at the end of the helper
# Assuming $dest_dir already exists # Assuming $dest_dir already exists
rm -rf /var/cache/yunohost/files_to_keep_during_setup_source/ rm -rf /var/cache/yunohost/files_to_keep_during_setup_source/
if [ -n "$keep" ] && [ -e "$dest_dir" ] if [ -n "$keep" ] && [ -e "$dest_dir" ]; then
then
local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID} local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID}
mkdir -p $keep_dir mkdir -p $keep_dir
local stuff_to_keep local stuff_to_keep
for stuff_to_keep in $keep for stuff_to_keep in $keep; do
do if [ -e "$dest_dir/$stuff_to_keep" ]; then
if [ -e "$dest_dir/$stuff_to_keep" ]
then
mkdir --parents "$(dirname "$keep_dir/$stuff_to_keep")" mkdir --parents "$(dirname "$keep_dir/$stuff_to_keep")"
cp --archive "$dest_dir/$stuff_to_keep" "$keep_dir/$stuff_to_keep" cp --archive "$dest_dir/$stuff_to_keep" "$keep_dir/$stuff_to_keep"
fi fi
@ -180,20 +175,16 @@ ynh_setup_source () {
# Extract source into the app dir # Extract source into the app dir
mkdir --parents "$dest_dir" mkdir --parents "$dest_dir"
if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ] if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ]; then
then
_ynh_apply_default_permissions $dest_dir _ynh_apply_default_permissions $dest_dir
fi fi
if ! "$src_extract" if ! "$src_extract"; then
then
mv $src_filename $dest_dir mv $src_filename $dest_dir
elif [ "$src_format" = "zip" ] elif [ "$src_format" = "zip" ]; then
then
# Zip format # Zip format
# Using of a temp directory, because unzip doesn't manage --strip-components # Using of a temp directory, because unzip doesn't manage --strip-components
if $src_in_subdir if $src_in_subdir; then
then
local tmp_dir=$(mktemp --directory) local tmp_dir=$(mktemp --directory)
unzip -quo $src_filename -d "$tmp_dir" unzip -quo $src_filename -d "$tmp_dir"
cp --archive $tmp_dir/*/. "$dest_dir" cp --archive $tmp_dir/*/. "$dest_dir"
@ -204,18 +195,15 @@ ynh_setup_source () {
ynh_secure_remove --file="$src_filename" ynh_secure_remove --file="$src_filename"
else else
local strip="" local strip=""
if [ "$src_in_subdir" != "false" ] if [ "$src_in_subdir" != "false" ]; then
then if [ "$src_in_subdir" == "true" ]; then
if [ "$src_in_subdir" == "true" ]
then
local sub_dirs=1 local sub_dirs=1
else else
local sub_dirs="$src_in_subdir" local sub_dirs="$src_in_subdir"
fi fi
strip="--strip-components $sub_dirs" strip="--strip-components $sub_dirs"
fi fi
if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]]; then
then
tar --extract --file=$src_filename --directory="$dest_dir" $strip tar --extract --file=$src_filename --directory="$dest_dir" $strip
else else
ynh_die --message="Archive format unrecognized." ynh_die --message="Archive format unrecognized."
@ -224,17 +212,16 @@ ynh_setup_source () {
fi fi
# Apply patches # Apply patches
if [ -d "$YNH_APP_BASEDIR/sources/patches/" ] if [ -d "$YNH_APP_BASEDIR/sources/patches/" ]; then
then
local patches_folder=$(realpath $YNH_APP_BASEDIR/sources/patches/) local patches_folder=$(realpath $YNH_APP_BASEDIR/sources/patches/)
if (( $(find $patches_folder -type f -name "${source_id}-*.patch" 2> /dev/null | wc --lines) > "0" )) if (($(find $patches_folder -type f -name "${source_id}-*.patch" 2>/dev/null | wc --lines) > "0")); then
then (
(cd "$dest_dir" cd "$dest_dir"
for p in $patches_folder/${source_id}-*.patch for p in $patches_folder/${source_id}-*.patch; do
do echo $p
echo $p patch --strip=1 <$p
patch --strip=1 < $p done
done) || ynh_die --message="Unable to apply patches" ) || ynh_die --message="Unable to apply patches"
fi fi
fi fi
@ -245,14 +232,11 @@ ynh_setup_source () {
# Keep files to be backup/restored at the end of the helper # Keep files to be backup/restored at the end of the helper
# Assuming $dest_dir already exists # Assuming $dest_dir already exists
if [ -n "$keep" ] if [ -n "$keep" ]; then
then
local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID} local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID}
local stuff_to_keep local stuff_to_keep
for stuff_to_keep in $keep for stuff_to_keep in $keep; do
do if [ -e "$keep_dir/$stuff_to_keep" ]; then
if [ -e "$keep_dir/$stuff_to_keep" ]
then
mkdir --parents "$(dirname "$dest_dir/$stuff_to_keep")" mkdir --parents "$(dirname "$dest_dir/$stuff_to_keep")"
cp --archive "$keep_dir/$stuff_to_keep" "$dest_dir/$stuff_to_keep" cp --archive "$keep_dir/$stuff_to_keep" "$dest_dir/$stuff_to_keep"
fi fi
@ -276,7 +260,7 @@ ynh_setup_source () {
# `$domain` and `$path_url` should be defined externally (and correspond to the domain.tld and the /path (of the app?)) # `$domain` and `$path_url` should be defined externally (and correspond to the domain.tld and the /path (of the app?))
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_local_curl () { ynh_local_curl() {
# Define url of page to curl # Define url of page to curl
local local_page=$(ynh_normalize_url_path $1) local local_page=$(ynh_normalize_url_path $1)
local full_path=$path_url$local_page local full_path=$path_url$local_page
@ -290,12 +274,10 @@ ynh_local_curl () {
# Concatenate all other arguments with '&' to prepare POST data # Concatenate all other arguments with '&' to prepare POST data
local POST_data="" local POST_data=""
local arg="" local arg=""
for arg in "${@:2}" for arg in "${@:2}"; do
do
POST_data="${POST_data}${arg}&" POST_data="${POST_data}${arg}&"
done done
if [ -n "$POST_data" ] if [ -n "$POST_data" ]; then
then
# Add --data arg and remove the last character, which is an unecessary '&' # Add --data arg and remove the last character, which is an unecessary '&'
POST_data="--data ${POST_data::-1}" POST_data="--data ${POST_data::-1}"
fi fi
@ -353,10 +335,10 @@ ynh_local_curl () {
# into the app settings when configuration is done. # into the app settings when configuration is done.
# #
# Requires YunoHost version 4.1.0 or higher. # Requires YunoHost version 4.1.0 or higher.
ynh_add_config () { ynh_add_config() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=tdv local legacy_args=tdv
local -A args_array=( [t]=template= [d]=destination= ) local -A args_array=([t]=template= [d]=destination=)
local template local template
local destination local destination
# Manage arguments with getopts # Manage arguments with getopts
@ -414,17 +396,16 @@ ynh_add_config () {
# __VAR_2__ by $var_2 # __VAR_2__ by $var_2
# #
# Requires YunoHost version 4.1.0 or higher. # Requires YunoHost version 4.1.0 or higher.
ynh_replace_vars () { ynh_replace_vars() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=f local legacy_args=f
local -A args_array=( [f]=file= ) local -A args_array=([f]=file=)
local file local file
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
# Replace specific YunoHost variables # Replace specific YunoHost variables
if test -n "${path_url:-}" if test -n "${path_url:-}"; then
then
# path_url_slash_less is path_url, or a blank value if path_url is only '/' # path_url_slash_less is path_url, or a blank value if path_url is only '/'
local path_url_slash_less=${path_url%/} local path_url_slash_less=${path_url%/}
ynh_replace_string --match_string="__PATH__/" --replace_string="$path_url_slash_less/" --target_file="$file" ynh_replace_string --match_string="__PATH__/" --replace_string="$path_url_slash_less/" --target_file="$file"
@ -448,12 +429,11 @@ ynh_replace_vars () {
# Replace others variables # Replace others variables
# List other unique (__ __) variables in $file # List other unique (__ __) variables in $file
local uniques_vars=( $(grep -oP '__[A-Z0-9]+?[A-Z0-9_]*?[A-Z0-9]*?__' $file | sort --unique | sed "s@__\([^.]*\)__@\L\1@g" )) local uniques_vars=($(grep -oP '__[A-Z0-9]+?[A-Z0-9_]*?[A-Z0-9]*?__' $file | sort --unique | sed "s@__\([^.]*\)__@\L\1@g"))
# Do the replacement # Do the replacement
local delimit=@ local delimit=@
for one_var in "${uniques_vars[@]}" for one_var in "${uniques_vars[@]}"; do
do
# Validate that one_var is indeed defined # Validate that one_var is indeed defined
# -v checks if the variable is defined, for example: # -v checks if the variable is defined, for example:
# -v FOO tests if $FOO is defined # -v FOO tests if $FOO is defined
@ -509,7 +489,7 @@ ynh_replace_vars () {
ynh_read_var_in_file() { ynh_read_var_in_file() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=fka local legacy_args=fka
local -A args_array=( [f]=file= [k]=key= [a]=after=) local -A args_array=([f]=file= [k]=key= [a]=after=)
local file local file
local key local key
local after local after
@ -523,11 +503,9 @@ ynh_read_var_in_file() {
# Get the line number after which we search for the variable # Get the line number after which we search for the variable
local line_number=1 local line_number=1
if [[ -n "$after" ]]; if [[ -n "$after" ]]; then
then
line_number=$(grep -n $after $file | cut -d: -f1) line_number=$(grep -n $after $file | cut -d: -f1)
if [[ -z "$line_number" ]]; if [[ -z "$line_number" ]]; then
then
set -o xtrace # set -x set -o xtrace # set -x
return 1 return 1
fi fi
@ -545,7 +523,7 @@ ynh_read_var_in_file() {
if [[ "$ext" =~ ^ini|env$ ]]; then if [[ "$ext" =~ ^ini|env$ ]]; then
comments="[;#]" comments="[;#]"
fi fi
if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then
comments="//" comments="//"
fi fi
local list='\[\s*['$string']?\w+['$string']?\]' local list='\[\s*['$string']?\w+['$string']?\]'
@ -564,13 +542,13 @@ ynh_read_var_in_file() {
fi fi
# Remove comments if needed # Remove comments if needed
local expression="$(echo "$expression_with_comment" | sed "s@$comments[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" local expression="$(echo "$expression_with_comment" | sed "s@${comments}[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")"
local first_char="${expression:0:1}" local first_char="${expression:0:1}"
if [[ "$first_char" == '"' ]] ; then if [[ "$first_char" == '"' ]]; then
echo "$expression" | grep -m1 -o -P '"\K([^"](\\")?)*[^\\](?=")' | head -n1 | sed 's/\\"/"/g' echo "$expression" | grep -m1 -o -P '"\K([^"](\\")?)*[^\\](?=")' | head -n1 | sed 's/\\"/"/g'
elif [[ "$first_char" == "'" ]] ; then elif [[ "$first_char" == "'" ]]; then
echo "$expression" | grep -m1 -o -P "'\K([^'](\\\\')?)*[^\\\\](?=')" | head -n1 | sed "s/\\\\'/'/g" echo "$expression" | grep -m1 -o -P "'\K([^'](\\\\')?)*[^\\\\](?=')" | head -n1 | sed "s/\\\\'/'/g"
else else
echo "$expression" echo "$expression"
fi fi
@ -588,7 +566,7 @@ ynh_read_var_in_file() {
ynh_write_var_in_file() { ynh_write_var_in_file() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=fkva local legacy_args=fkva
local -A args_array=( [f]=file= [k]=key= [v]=value= [a]=after=) local -A args_array=([f]=file= [k]=key= [v]=value= [a]=after=)
local file local file
local key local key
local value local value
@ -603,11 +581,9 @@ ynh_write_var_in_file() {
# Get the line number after which we search for the variable # Get the line number after which we search for the variable
local line_number=1 local line_number=1
if [[ -n "$after" ]]; if [[ -n "$after" ]]; then
then
line_number=$(grep -n $after $file | cut -d: -f1) line_number=$(grep -n $after $file | cut -d: -f1)
if [[ -z "$line_number" ]]; if [[ -z "$line_number" ]]; then
then
set -o xtrace # set -x set -o xtrace # set -x
return 1 return 1
fi fi
@ -626,7 +602,7 @@ ynh_write_var_in_file() {
if [[ "$ext" =~ ^ini|env$ ]]; then if [[ "$ext" =~ ^ini|env$ ]]; then
comments="[;#]" comments="[;#]"
fi fi
if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then
comments="//" comments="//"
fi fi
local list='\[\s*['$string']?\w+['$string']?\]' local list='\[\s*['$string']?\w+['$string']?\]'
@ -644,28 +620,28 @@ ynh_write_var_in_file() {
fi fi
# Remove comments if needed # Remove comments if needed
local expression="$(echo "$expression_with_comment" | sed "s@$comments[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" local expression="$(echo "$expression_with_comment" | sed "s@${comments}[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")"
endline=${expression_with_comment#"$expression"} endline=${expression_with_comment#"$expression"}
endline="$(echo "$endline" | sed 's/\\/\\\\/g')" endline="$(echo "$endline" | sed 's/\\/\\\\/g')"
value="$(echo "$value" | sed 's/\\/\\\\/g')" value="$(echo "$value" | sed 's/\\/\\\\/g')"
local first_char="${expression:0:1}" local first_char="${expression:0:1}"
delimiter=$'\001' delimiter=$'\001'
if [[ "$first_char" == '"' ]] ; then if [[ "$first_char" == '"' ]]; then
# \ and sed is quite complex you need 2 \\ to get one in a sed # \ and sed is quite complex you need 2 \\ to get one in a sed
# So we need \\\\ to go through 2 sed # So we need \\\\ to go through 2 sed
value="$(echo "$value" | sed 's/"/\\\\"/g')" value="$(echo "$value" | sed 's/"/\\\\"/g')"
sed -ri "${range}s$delimiter"'(^'"${var_part}"'")([^"]|\\")*("[\s;,]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}"'"'"${endline}${delimiter}i" ${file} sed -ri "${range}s$delimiter"'(^'"${var_part}"'")([^"]|\\")*("[\s;,]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}"'"'"${endline}${delimiter}i" ${file}
elif [[ "$first_char" == "'" ]] ; then elif [[ "$first_char" == "'" ]]; then
# \ and sed is quite complex you need 2 \\ to get one in a sed # \ and sed is quite complex you need 2 \\ to get one in a sed
# However double quotes implies to double \\ to # However double quotes implies to double \\ to
# So we need \\\\\\\\ to go through 2 sed and 1 double quotes str # So we need \\\\\\\\ to go through 2 sed and 1 double quotes str
value="$(echo "$value" | sed "s/'/\\\\\\\\'/g")" value="$(echo "$value" | sed "s/'/\\\\\\\\'/g")"
sed -ri "${range}s$delimiter(^${var_part}')([^']|\\')*('"'[\s,;]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}'${endline}${delimiter}i" ${file} sed -ri "${range}s$delimiter(^${var_part}')([^']|\\')*('"'[\s,;]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}'${endline}${delimiter}i" ${file}
else else
if [[ "$value" == *"'"* ]] || [[ "$value" == *'"'* ]] || [[ "$ext" =~ ^php|py|json|js$ ]] ; then if [[ "$value" == *"'"* ]] || [[ "$value" == *'"'* ]] || [[ "$ext" =~ ^php|py|json|js$ ]]; then
value='\"'"$(echo "$value" | sed 's/"/\\\\"/g')"'\"' value='\"'"$(echo "$value" | sed 's/"/\\\\"/g')"'\"'
fi fi
if [[ "$ext" =~ ^yaml|yml$ ]] ; then if [[ "$ext" =~ ^yaml|yml$ ]]; then
value=" $value" value=" $value"
fi fi
sed -ri "${range}s$delimiter(^${var_part}).*\$$delimiter\1${value}${endline}${delimiter}i" ${file} sed -ri "${range}s$delimiter(^${var_part}).*\$$delimiter\1${value}${endline}${delimiter}i" ${file}
@ -673,7 +649,6 @@ ynh_write_var_in_file() {
set -o xtrace # set -x set -o xtrace # set -x
} }
# Render templates with Jinja2 # Render templates with Jinja2
# #
# [internal] # [internal]
@ -691,7 +666,7 @@ ynh_render_template() {
# Taken from https://stackoverflow.com/a/35009576 # Taken from https://stackoverflow.com/a/35009576
python3 -c 'import os, sys, jinja2; sys.stdout.write( python3 -c 'import os, sys, jinja2; sys.stdout.write(
jinja2.Template(sys.stdin.read() jinja2.Template(sys.stdin.read()
).render(os.environ));' < $template_path > $output_path ).render(os.environ));' <$template_path >$output_path
} }
# Fetch the Debian release codename # Fetch the Debian release codename
@ -700,50 +675,58 @@ ynh_render_template() {
# | ret: The Debian release codename (i.e. jessie, stretch, ...) # | ret: The Debian release codename (i.e. jessie, stretch, ...)
# #
# Requires YunoHost version 2.7.12 or higher. # Requires YunoHost version 2.7.12 or higher.
ynh_get_debian_release () { ynh_get_debian_release() {
echo $(lsb_release --codename --short) echo $(lsb_release --codename --short)
} }
_acceptable_path_to_delete() {
local file=$1
local forbidden_paths=$(ls -d / /* /{var,home,usr}/* /etc/{default,sudoers.d,yunohost,cron*})
# Legacy : A couple apps still have data in /home/$app ...
if [[ -n "$app" ]]
then
forbidden_paths=$(echo "$forbidden_paths" | grep -v "/home/$app")
fi
# Use realpath to normalize the path ..
# i.e convert ///foo//bar//..///baz//// to /foo/baz
file=$(realpath --no-symlinks "$file")
if [ -z "$file" ] || grep -q -x -F "$file" <<< "$forbidden_paths"; then
return 1
else
return 0
fi
}
# Remove a file or a directory securely # Remove a file or a directory securely
# #
# usage: ynh_secure_remove --file=path_to_remove # usage: ynh_secure_remove --file=path_to_remove
# | arg: -f, --file= - File or directory to remove # | arg: -f, --file= - File or directory to remove
# #
# Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 2.6.4 or higher.
ynh_secure_remove () { ynh_secure_remove() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=f local legacy_args=f
local -A args_array=( [f]=file= ) local -A args_array=([f]=file=)
local file local file
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
set +o xtrace # set +x set +o xtrace # set +x
local forbidden_path=" \ if [ $# -ge 2 ]; then
/var/www \
/home/yunohost.app"
if [ $# -ge 2 ]
then
ynh_print_warn --message="/!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time." ynh_print_warn --message="/!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time."
fi fi
if [[ -z "$file" ]] if [[ -z "$file" ]]; then
then
ynh_print_warn --message="ynh_secure_remove called with empty argument, ignoring." ynh_print_warn --message="ynh_secure_remove called with empty argument, ignoring."
elif [[ "$forbidden_path" =~ "$file" \ elif [[ ! -e $file ]]; then
# Match all paths or subpaths in $forbidden_path
|| "$file" =~ ^/[[:alnum:]]+$ \
# Match all first level paths from / (Like /var, /root, etc...)
|| "${file:${#file}-1}" = "/" ]]
# Match if the path finishes by /. Because it seems there is an empty variable
then
ynh_print_warn --message="Not deleting '$file' because it is not an acceptable path to delete."
elif [ -e "$file" ]
then
rm --recursive "$file"
else
ynh_print_info --message="'$file' wasn't deleted because it doesn't exist." ynh_print_info --message="'$file' wasn't deleted because it doesn't exist."
elif ! _acceptable_path_to_delete "$file"; then
ynh_print_warn --message="Not deleting '$file' because it is not an acceptable path to delete."
else
rm --recursive "$file"
fi fi
set -o xtrace # set -x set -o xtrace # set -x
@ -757,10 +740,10 @@ ynh_secure_remove () {
# | ret: the value associate to that key # | ret: the value associate to that key
# #
# Requires YunoHost version 3.5.0 or higher. # Requires YunoHost version 3.5.0 or higher.
ynh_read_manifest () { ynh_read_manifest() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=mk local legacy_args=mk
local -A args_array=( [m]=manifest= [k]=manifest_key= ) local -A args_array=([m]=manifest= [k]=manifest_key=)
local manifest local manifest
local manifest_key local manifest_key
# Manage arguments with getopts # Manage arguments with getopts
@ -787,20 +770,19 @@ ynh_read_manifest () {
# For example, if the manifest contains `4.3-2~ynh3` the function will return `4.3-2` # For example, if the manifest contains `4.3-2~ynh3` the function will return `4.3-2`
# #
# Requires YunoHost version 3.5.0 or higher. # Requires YunoHost version 3.5.0 or higher.
ynh_app_upstream_version () { ynh_app_upstream_version() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=m local legacy_args=m
local -A args_array=( [m]=manifest= ) local -A args_array=([m]=manifest=)
local manifest local manifest
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
manifest="${manifest:-}" manifest="${manifest:-}"
if [[ "$manifest" != "" ]] && [[ -e "$manifest" ]]; if [[ "$manifest" != "" ]] && [[ -e "$manifest" ]]; then
then version_key_=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version")
version_key_=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version")
else else
version_key_=$YNH_APP_MANIFEST_VERSION version_key_=$YNH_APP_MANIFEST_VERSION
fi fi
echo "${version_key_/~ynh*/}" echo "${version_key_/~ynh*/}"
@ -817,10 +799,10 @@ ynh_app_upstream_version () {
# For example, if the manifest contains `4.3-2~ynh3` the function will return `3` # For example, if the manifest contains `4.3-2~ynh3` the function will return `3`
# #
# Requires YunoHost version 3.5.0 or higher. # Requires YunoHost version 3.5.0 or higher.
ynh_app_package_version () { ynh_app_package_version() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=m local legacy_args=m
local -A args_array=( [m]=manifest= ) local -A args_array=([m]=manifest=)
local manifest local manifest
# Manage arguments with getopts # Manage arguments with getopts
ynh_handle_getopts_args "$@" ynh_handle_getopts_args "$@"
@ -842,11 +824,10 @@ ynh_app_package_version () {
# sudo yunohost app upgrade <appname> --force # sudo yunohost app upgrade <appname> --force
# ``` # ```
# Requires YunoHost version 3.5.0 or higher. # Requires YunoHost version 3.5.0 or higher.
ynh_check_app_version_changed () { ynh_check_app_version_changed() {
local return_value=${YNH_APP_UPGRADE_TYPE} local return_value=${YNH_APP_UPGRADE_TYPE}
if [ "$return_value" == "UPGRADE_FULL" ] || [ "$return_value" == "UPGRADE_FORCED" ] || [ "$return_value" == "DOWNGRADE_FORCED" ] if [ "$return_value" == "UPGRADE_FULL" ] || [ "$return_value" == "UPGRADE_FORCED" ] || [ "$return_value" == "DOWNGRADE_FORCED" ]; then
then
return_value="UPGRADE_APP" return_value="UPGRADE_APP"
fi fi
@ -875,7 +856,7 @@ ynh_check_app_version_changed () {
# Requires YunoHost version 3.8.0 or higher. # Requires YunoHost version 3.8.0 or higher.
ynh_compare_current_package_version() { ynh_compare_current_package_version() {
local legacy_args=cv local legacy_args=cv
declare -Ar args_array=( [c]=comparison= [v]=version= ) declare -Ar args_array=([c]=comparison= [v]=version=)
local version local version
local comparison local comparison
# Manage arguments with getopts # Manage arguments with getopts
@ -884,8 +865,7 @@ ynh_compare_current_package_version() {
local current_version=$YNH_APP_CURRENT_VERSION local current_version=$YNH_APP_CURRENT_VERSION
# Check the syntax of the versions # Check the syntax of the versions
if [[ ! $version =~ '~ynh' ]] || [[ ! $current_version =~ '~ynh' ]] if [[ ! $version =~ '~ynh' ]] || [[ ! $current_version =~ '~ynh' ]]; then
then
ynh_die --message="Invalid argument for version." ynh_die --message="Invalid argument for version."
fi fi
@ -920,13 +900,11 @@ _ynh_apply_default_permissions() {
local ynh_requirement=$(jq -r '.requirements.yunohost' $YNH_APP_BASEDIR/manifest.json | tr -d '>= ') local ynh_requirement=$(jq -r '.requirements.yunohost' $YNH_APP_BASEDIR/manifest.json | tr -d '>= ')
if [ -z "$ynh_requirement" ] || [ "$ynh_requirement" == "null" ] || dpkg --compare-versions $ynh_requirement ge 4.2 if [ -z "$ynh_requirement" ] || [ "$ynh_requirement" == "null" ] || dpkg --compare-versions $ynh_requirement ge 4.2; then
then
chmod o-rwx $target chmod o-rwx $target
chmod g-w $target chmod g-w $target
chown -R root:root $target chown -R root:root $target
if ynh_system_user_exists $app if ynh_system_user_exists $app; then
then
chown $app:$app $target chown $app:$app $target
fi fi
fi fi

5
data/hooks/backup/50-conf_manually_modified_files
View file

@ -6,12 +6,11 @@ YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files"
mkdir -p "$YNH_CWD" mkdir -p "$YNH_CWD"
cd "$YNH_CWD" cd "$YNH_CWD"
yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" > ./manually_modified_files_list yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" >./manually_modified_files_list
ynh_backup --src_path="./manually_modified_files_list" ynh_backup --src_path="./manually_modified_files_list"
for file in $(cat ./manually_modified_files_list) for file in $(cat ./manually_modified_files_list); do
do
[[ -e $file ]] && ynh_backup --src_path="$file" [[ -e $file ]] && ynh_backup --src_path="$file"
done done

300
data/hooks/conf_regen/01-yunohost
View file

@ -3,120 +3,119 @@
set -e set -e
do_init_regen() { do_init_regen() {
if [[ $EUID -ne 0 ]]; then if [[ $EUID -ne 0 ]]; then
echo "You must be root to run this script" 1>&2 echo "You must be root to run this script" 1>&2
exit 1 exit 1
fi fi
cd /usr/share/yunohost/templates/yunohost cd /usr/share/yunohost/templates/yunohost
[[ -d /etc/yunohost ]] || mkdir -p /etc/yunohost [[ -d /etc/yunohost ]] || mkdir -p /etc/yunohost
# set default current_host # set default current_host
[[ -f /etc/yunohost/current_host ]] \ [[ -f /etc/yunohost/current_host ]] \
|| echo "yunohost.org" > /etc/yunohost/current_host || echo "yunohost.org" >/etc/yunohost/current_host
# copy default services and firewall # copy default services and firewall
[[ -f /etc/yunohost/firewall.yml ]] \ [[ -f /etc/yunohost/firewall.yml ]] \
|| cp firewall.yml /etc/yunohost/firewall.yml || cp firewall.yml /etc/yunohost/firewall.yml
# allow users to access /media directory # allow users to access /media directory
[[ -d /etc/skel/media ]] \ [[ -d /etc/skel/media ]] \
|| (mkdir -p /media && ln -s /media /etc/skel/media) || (mkdir -p /media && ln -s /media /etc/skel/media)
# Cert folders # Cert folders
mkdir -p /etc/yunohost/certs mkdir -p /etc/yunohost/certs
chown -R root:ssl-cert /etc/yunohost/certs chown -R root:ssl-cert /etc/yunohost/certs
chmod 750 /etc/yunohost/certs chmod 750 /etc/yunohost/certs
# App folders # App folders
mkdir -p /etc/yunohost/apps mkdir -p /etc/yunohost/apps
chmod 700 /etc/yunohost/apps chmod 700 /etc/yunohost/apps
mkdir -p /home/yunohost.app mkdir -p /home/yunohost.app
chmod 755 /home/yunohost.app chmod 755 /home/yunohost.app
# Domain settings # Domain settings
mkdir -p /etc/yunohost/domains mkdir -p /etc/yunohost/domains
chmod 700 /etc/yunohost/domains chmod 700 /etc/yunohost/domains
# Backup folders # Backup folders
mkdir -p /home/yunohost.backup/archives mkdir -p /home/yunohost.backup/archives
chmod 750 /home/yunohost.backup/archives chmod 750 /home/yunohost.backup/archives
chown root:root /home/yunohost.backup/archives # This is later changed to admin:root once admin user exists chown root:root /home/yunohost.backup/archives # This is later changed to admin:root once admin user exists
# Empty ssowat json persistent conf # Empty ssowat json persistent conf
echo "{}" > '/etc/ssowat/conf.json.persistent' echo "{}" >'/etc/ssowat/conf.json.persistent'
chmod 644 /etc/ssowat/conf.json.persistent chmod 644 /etc/ssowat/conf.json.persistent
chown root:root /etc/ssowat/conf.json.persistent chown root:root /etc/ssowat/conf.json.persistent
# Empty service conf # Empty service conf
touch /etc/yunohost/services.yml touch /etc/yunohost/services.yml
mkdir -p /var/cache/yunohost/repo mkdir -p /var/cache/yunohost/repo
chown root:root /var/cache/yunohost chown root:root /var/cache/yunohost
chmod 700 /var/cache/yunohost chmod 700 /var/cache/yunohost
cp yunoprompt.service /etc/systemd/system/yunoprompt.service cp yunoprompt.service /etc/systemd/system/yunoprompt.service
cp dpkg-origins /etc/dpkg/origins/yunohost cp dpkg-origins /etc/dpkg/origins/yunohost
# Change dpkg vendor # Change dpkg vendor
# see https://wiki.debian.org/Derivatives/Guidelines#Vendor # see https://wiki.debian.org/Derivatives/Guidelines#Vendor
readlink -f /etc/dpkg/origins/default | grep -q debian \ readlink -f /etc/dpkg/origins/default | grep -q debian \
&& rm -f /etc/dpkg/origins/default \ && rm -f /etc/dpkg/origins/default \
&& ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default
} }
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/yunohost cd /usr/share/yunohost/templates/yunohost
mkdir -p $pending_dir/etc/systemd/system mkdir -p $pending_dir/etc/systemd/system
mkdir -p $pending_dir/etc/cron.d/ mkdir -p $pending_dir/etc/cron.d/
mkdir -p $pending_dir/etc/cron.daily/ mkdir -p $pending_dir/etc/cron.daily/
# add cron job for diagnosis to be ran at 7h and 19h + a random delay between # add cron job for diagnosis to be ran at 7h and 19h + a random delay between
# 0 and 20min, meant to avoid every instances running their diagnosis at # 0 and 20min, meant to avoid every instances running their diagnosis at
# exactly the same time, which may overload the diagnosis server. # exactly the same time, which may overload the diagnosis server.
cat > $pending_dir/etc/cron.d/yunohost-diagnosis << EOF cat >$pending_dir/etc/cron.d/yunohost-diagnosis <<EOF
SHELL=/bin/bash SHELL=/bin/bash
0 7,19 * * * root : YunoHost Automatic Diagnosis; sleep \$((RANDOM\\%1200)); yunohost diagnosis run --email > /dev/null 2>/dev/null || echo "Running the automatic diagnosis failed miserably" 0 7,19 * * * root : YunoHost Automatic Diagnosis; sleep \$((RANDOM\\%1200)); yunohost diagnosis run --email > /dev/null 2>/dev/null || echo "Running the automatic diagnosis failed miserably"
EOF EOF
# Cron job that upgrade the app list everyday # Cron job that upgrade the app list everyday
cat > $pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog << EOF cat >$pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog <<EOF
#!/bin/bash #!/bin/bash
(sleep \$((RANDOM%3600)); yunohost tools update --apps > /dev/null) & (sleep \$((RANDOM%3600)); yunohost tools update --apps > /dev/null) &
EOF EOF
# Cron job that renew lets encrypt certificates if there's any that needs renewal # Cron job that renew lets encrypt certificates if there's any that needs renewal
cat > $pending_dir/etc/cron.daily/yunohost-certificate-renew << EOF cat >$pending_dir/etc/cron.daily/yunohost-certificate-renew <<EOF
#!/bin/bash #!/bin/bash
yunohost domain cert renew --email yunohost domain cert renew --email
EOF EOF
# If we subscribed to a dyndns domain, add the corresponding cron # If we subscribed to a dyndns domain, add the corresponding cron
# - delay between 0 and 60 secs to spread the check over a 1 min window # - delay between 0 and 60 secs to spread the check over a 1 min window
# - do not run the command if some process already has the lock, to avoid queuing hundreds of commands... # - do not run the command if some process already has the lock, to avoid queuing hundreds of commands...
if ls -l /etc/yunohost/dyndns/K*.private 2>/dev/null if ls -l /etc/yunohost/dyndns/K*.private 2>/dev/null; then
then cat >$pending_dir/etc/cron.d/yunohost-dyndns <<EOF
cat > $pending_dir/etc/cron.d/yunohost-dyndns << EOF
SHELL=/bin/bash SHELL=/bin/bash
*/10 * * * * root : YunoHost DynDNS update; sleep \$((RANDOM\\%60)); test -e /var/run/moulinette_yunohost.lock || yunohost dyndns update >> /dev/null */10 * * * * root : YunoHost DynDNS update; sleep \$((RANDOM\\%60)); test -e /var/run/moulinette_yunohost.lock || yunohost dyndns update >> /dev/null
EOF EOF
fi fi
# Skip ntp if inside a container (inspired from the conf of systemd-timesyncd) # Skip ntp if inside a container (inspired from the conf of systemd-timesyncd)
mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/ mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/
echo " cat >${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf <<EOF
[Unit] [Unit]
ConditionCapability=CAP_SYS_TIME ConditionCapability=CAP_SYS_TIME
ConditionVirtualization=!container ConditionVirtualization=!container
" > ${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf EOF
# Make nftable conflict with yunohost-firewall # Make nftable conflict with yunohost-firewall
mkdir -p ${pending_dir}/etc/systemd/system/nftables.service.d/ mkdir -p ${pending_dir}/etc/systemd/system/nftables.service.d/
cat > ${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf << EOF cat >${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf <<EOF
[Unit] [Unit]
# yunohost-firewall and nftables conflict with each other # yunohost-firewall and nftables conflict with each other
Conflicts=yunohost-firewall.service Conflicts=yunohost-firewall.service
@ -124,108 +123,107 @@ ConditionFileIsExecutable=!/etc/init.d/yunohost-firewall
ConditionPathExists=!/etc/systemd/system/multi-user.target.wants/yunohost-firewall.service ConditionPathExists=!/etc/systemd/system/multi-user.target.wants/yunohost-firewall.service
EOF EOF
# Don't suspend computer on LidSwitch # Don't suspend computer on LidSwitch
mkdir -p ${pending_dir}/etc/systemd/logind.conf.d/ mkdir -p ${pending_dir}/etc/systemd/logind.conf.d/
cat > ${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf << EOF cat >${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf <<EOF
[Login] [Login]
HandleLidSwitch=ignore HandleLidSwitch=ignore
HandleLidSwitchDocked=ignore HandleLidSwitchDocked=ignore
HandleLidSwitchExternalPower=ignore HandleLidSwitchExternalPower=ignore
EOF EOF
cp yunoprompt.service ${pending_dir}/etc/systemd/system/yunoprompt.service cp yunoprompt.service ${pending_dir}/etc/systemd/system/yunoprompt.service
if [[ "$(yunohost settings get 'security.experimental.enabled')" == "True" ]] if [[ "$(yunohost settings get 'security.experimental.enabled')" == "True" ]]; then
then cp proc-hidepid.service ${pending_dir}/etc/systemd/system/proc-hidepid.service
cp proc-hidepid.service ${pending_dir}/etc/systemd/system/proc-hidepid.service else
else touch ${pending_dir}/etc/systemd/system/proc-hidepid.service
touch ${pending_dir}/etc/systemd/system/proc-hidepid.service fi
fi
mkdir -p ${pending_dir}/etc/dpkg/origins/ mkdir -p ${pending_dir}/etc/dpkg/origins/
cp dpkg-origins ${pending_dir}/etc/dpkg/origins/yunohost cp dpkg-origins ${pending_dir}/etc/dpkg/origins/yunohost
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
###################### ######################
# Enfore permissions # # Enfore permissions #
###################### ######################
chmod 750 /home/admin chmod 750 /home/admin
chmod 750 /home/yunohost.conf chmod 750 /home/yunohost.conf
chmod 750 /home/yunohost.backup chmod 750 /home/yunohost.backup
chmod 750 /home/yunohost.backup/archives chmod 750 /home/yunohost.backup/archives
chown root:root /home/yunohost.conf chown root:root /home/yunohost.conf
chown admin:root /home/yunohost.backup chown admin:root /home/yunohost.backup
chown admin:root /home/yunohost.backup/archives chown admin:root /home/yunohost.backup/archives
# Certs # Certs
# We do this with find because there could be a lot of them... # We do this with find because there could be a lot of them...
chown -R root:ssl-cert /etc/yunohost/certs chown -R root:ssl-cert /etc/yunohost/certs
chmod 750 /etc/yunohost/certs chmod 750 /etc/yunohost/certs
find /etc/yunohost/certs/ -type f -exec chmod 640 {} \; find /etc/yunohost/certs/ -type f -exec chmod 640 {} \;
find /etc/yunohost/certs/ -type d -exec chmod 750 {} \; find /etc/yunohost/certs/ -type d -exec chmod 750 {} \;
find /etc/cron.*/yunohost-* -type f -exec chmod 755 {} \; find /etc/cron.*/yunohost-* -type f -exec chmod 755 {} \;
find /etc/cron.d/yunohost-* -type f -exec chmod 644 {} \; find /etc/cron.d/yunohost-* -type f -exec chmod 644 {} \;
find /etc/cron.*/yunohost-* -type f -exec chown root:root {} \; find /etc/cron.*/yunohost-* -type f -exec chown root:root {} \;
chown root:root /var/cache/yunohost chown root:root /var/cache/yunohost
chmod 700 /var/cache/yunohost chmod 700 /var/cache/yunohost
chown root:root /var/cache/moulinette chown root:root /var/cache/moulinette
chmod 700 /var/cache/moulinette chmod 700 /var/cache/moulinette
setfacl -m g:all_users:--- /var/www setfacl -m g:all_users:--- /var/www
setfacl -m g:all_users:--- /var/log/nginx setfacl -m g:all_users:--- /var/log/nginx
setfacl -m g:all_users:--- /etc/yunohost setfacl -m g:all_users:--- /etc/yunohost
setfacl -m g:all_users:--- /etc/ssowat setfacl -m g:all_users:--- /etc/ssowat
for USER in $(yunohost user list --quiet --output-as json | jq -r '.users | .[] | .username') for USER in $(yunohost user list --quiet --output-as json | jq -r '.users | .[] | .username'); do
do [ ! -e "/home/$USER" ] || setfacl -m g:all_users:--- /home/$USER
[ ! -e "/home/$USER" ] || setfacl -m g:all_users:--- /home/$USER done
done
# Domain settings # Domain settings
mkdir -p /etc/yunohost/domains mkdir -p /etc/yunohost/domains
# Misc configuration / state files # Misc configuration / state files
chown root:root $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) chown root:root $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null)
chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null)
# Apps folder, custom hooks folder # Apps folder, custom hooks folder
[[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d) [[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d)
[[ ! -e /etc/yunohost/apps ]] || (chown root /etc/yunohost/apps && chmod 700 /etc/yunohost/apps) [[ ! -e /etc/yunohost/apps ]] || (chown root /etc/yunohost/apps && chmod 700 /etc/yunohost/apps)
[[ ! -e /etc/yunohost/domains ]] || (chown root /etc/yunohost/domains && chmod 700 /etc/yunohost/domains) [[ ! -e /etc/yunohost/domains ]] || (chown root /etc/yunohost/domains && chmod 700 /etc/yunohost/domains)
# Create ssh.app and sftp.app groups if they don't exist yet # Create ssh.app and sftp.app groups if they don't exist yet
grep -q '^ssh.app:' /etc/group || groupadd ssh.app grep -q '^ssh.app:' /etc/group || groupadd ssh.app
grep -q '^sftp.app:' /etc/group || groupadd sftp.app grep -q '^sftp.app:' /etc/group || groupadd sftp.app
# Propagates changes in systemd service config overrides # Propagates changes in systemd service config overrides
[[ ! "$regen_conf_files" =~ "ntp.service.d/ynh-override.conf" ]] || { systemctl daemon-reload; systemctl restart ntp; } [[ ! "$regen_conf_files" =~ "ntp.service.d/ynh-override.conf" ]] || {
[[ ! "$regen_conf_files" =~ "nftables.service.d/ynh-override.conf" ]] || systemctl daemon-reload systemctl daemon-reload
[[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] || systemctl daemon-reload systemctl restart ntp
if [[ "$regen_conf_files" =~ "yunoprompt.service" ]] }
then [[ ! "$regen_conf_files" =~ "nftables.service.d/ynh-override.conf" ]] || systemctl daemon-reload
systemctl daemon-reload [[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] || systemctl daemon-reload
action=$([[ -e /etc/systemd/system/yunoprompt.service ]] && echo 'enable' || echo 'disable') if [[ "$regen_conf_files" =~ "yunoprompt.service" ]]; then
systemctl $action yunoprompt --quiet --now systemctl daemon-reload
fi action=$([[ -e /etc/systemd/system/yunoprompt.service ]] && echo 'enable' || echo 'disable')
if [[ "$regen_conf_files" =~ "proc-hidepid.service" ]] systemctl $action yunoprompt --quiet --now
then fi
systemctl daemon-reload if [[ "$regen_conf_files" =~ "proc-hidepid.service" ]]; then
action=$([[ -e /etc/systemd/system/proc-hidepid.service ]] && echo 'enable' || echo 'disable') systemctl daemon-reload
systemctl $action proc-hidepid --quiet --now action=$([[ -e /etc/systemd/system/proc-hidepid.service ]] && echo 'enable' || echo 'disable')
fi systemctl $action proc-hidepid --quiet --now
fi
# Change dpkg vendor # Change dpkg vendor
# see https://wiki.debian.org/Derivatives/Guidelines#Vendor # see https://wiki.debian.org/Derivatives/Guidelines#Vendor
readlink -f /etc/dpkg/origins/default | grep -q debian \ readlink -f /etc/dpkg/origins/default | grep -q debian \
&& rm -f /etc/dpkg/origins/default \ && rm -f /etc/dpkg/origins/default \
&& ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

97
data/hooks/conf_regen/02-ssl
View file

@ -23,7 +23,7 @@ regen_local_ca() {
# (Update the serial so that it's specific to this very instance) # (Update the serial so that it's specific to this very instance)
# N.B. : the weird RANDFILE thing comes from: # N.B. : the weird RANDFILE thing comes from:
# https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean # https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean
RANDFILE=.rnd openssl rand -hex 19 > serial RANDFILE=.rnd openssl rand -hex 19 >serial
rm -f index.txt rm -f index.txt
touch index.txt touch index.txt
cp /usr/share/yunohost/templates/ssl/openssl.cnf openssl.ca.cnf cp /usr/share/yunohost/templates/ssl/openssl.cnf openssl.ca.cnf
@ -50,73 +50,72 @@ regen_local_ca() {
do_init_regen() { do_init_regen() {
LOGFILE=/tmp/yunohost-ssl-init LOGFILE=/tmp/yunohost-ssl-init
echo "" > $LOGFILE echo "" >$LOGFILE
chown root:root $LOGFILE chown root:root $LOGFILE
chmod 640 $LOGFILE chmod 640 $LOGFILE
# Make sure this conf exists # Make sure this conf exists
mkdir -p ${ssl_dir} mkdir -p ${ssl_dir}
cp /usr/share/yunohost/templates/ssl/openssl.cnf ${ssl_dir}/openssl.ca.cnf cp /usr/share/yunohost/templates/ssl/openssl.cnf ${ssl_dir}/openssl.ca.cnf
# create default certificates # create default certificates
if [[ ! -f "$ynh_ca" ]]; then if [[ ! -f "$ynh_ca" ]]; then
regen_local_ca yunohost.org >>$LOGFILE regen_local_ca yunohost.org >>$LOGFILE
fi fi
if [[ ! -f "$ynh_crt" ]]; then if [[ ! -f "$ynh_crt" ]]; then
echo -e "\n# Creating initial key and certificate \n" >>$LOGFILE echo -e "\n# Creating initial key and certificate \n" >>$LOGFILE
openssl req -new \ openssl req -new \
-config "$openssl_conf" \ -config "$openssl_conf" \
-days 730 \ -days 730 \
-out "${ssl_dir}/certs/yunohost_csr.pem" \ -out "${ssl_dir}/certs/yunohost_csr.pem" \
-keyout "${ssl_dir}/certs/yunohost_key.pem" \ -keyout "${ssl_dir}/certs/yunohost_key.pem" \
-nodes -batch &>>$LOGFILE -nodes -batch &>>$LOGFILE
openssl ca \ openssl ca \
-config "$openssl_conf" \ -config "$openssl_conf" \
-days 730 \ -days 730 \
-in "${ssl_dir}/certs/yunohost_csr.pem" \ -in "${ssl_dir}/certs/yunohost_csr.pem" \
-out "${ssl_dir}/certs/yunohost_crt.pem" \ -out "${ssl_dir}/certs/yunohost_crt.pem" \
-batch &>>$LOGFILE -batch &>>$LOGFILE
chmod 640 "${ssl_dir}/certs/yunohost_key.pem" chmod 640 "${ssl_dir}/certs/yunohost_key.pem"
chmod 640 "${ssl_dir}/certs/yunohost_crt.pem" chmod 640 "${ssl_dir}/certs/yunohost_crt.pem"
cp "${ssl_dir}/certs/yunohost_key.pem" "$ynh_key" cp "${ssl_dir}/certs/yunohost_key.pem" "$ynh_key"
cp "${ssl_dir}/certs/yunohost_crt.pem" "$ynh_crt" cp "${ssl_dir}/certs/yunohost_crt.pem" "$ynh_crt"
ln -sf "$ynh_crt" /etc/ssl/certs/yunohost_crt.pem ln -sf "$ynh_crt" /etc/ssl/certs/yunohost_crt.pem
ln -sf "$ynh_key" /etc/ssl/private/yunohost_key.pem ln -sf "$ynh_key" /etc/ssl/private/yunohost_key.pem
fi fi
chown -R root:ssl-cert /etc/yunohost/certs/yunohost.org/ chown -R root:ssl-cert /etc/yunohost/certs/yunohost.org/
chmod o-rwx /etc/yunohost/certs/yunohost.org/ chmod o-rwx /etc/yunohost/certs/yunohost.org/
install -D -m 644 $openssl_conf "${ssl_dir}/openssl.cnf" install -D -m 644 $openssl_conf "${ssl_dir}/openssl.cnf"
} }
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/ssl cd /usr/share/yunohost/templates/ssl
install -D -m 644 openssl.cnf "${pending_dir}/${ssl_dir}/openssl.cnf" install -D -m 644 openssl.cnf "${pending_dir}/${ssl_dir}/openssl.cnf"
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
current_local_ca_domain=$(openssl x509 -in $ynh_ca -text | tr ',' '\n' | grep Issuer | awk '{print $4}') current_local_ca_domain=$(openssl x509 -in $ynh_ca -text | tr ',' '\n' | grep Issuer | awk '{print $4}')
main_domain=$(cat /etc/yunohost/current_host) main_domain=$(cat /etc/yunohost/current_host)
if [[ "$current_local_ca_domain" != "$main_domain" ]] if [[ "$current_local_ca_domain" != "$main_domain" ]]; then
then regen_local_ca $main_domain
regen_local_ca $main_domain # Idk how useful this is, but this was in the previous python code (domain.main_domain())
# Idk how useful this is, but this was in the previous python code (domain.main_domain()) ln -sf /etc/yunohost/certs/$domain/crt.pem /etc/ssl/certs/yunohost_crt.pem
ln -sf /etc/yunohost/certs/$domain/crt.pem /etc/ssl/certs/yunohost_crt.pem ln -sf /etc/yunohost/certs/$domain/key.pem /etc/ssl/private/yunohost_key.pem
ln -sf /etc/yunohost/certs/$domain/key.pem /etc/ssl/private/yunohost_key.pem fi
fi
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

252
data/hooks/conf_regen/06-slapd
View file

@ -8,19 +8,19 @@ config="/usr/share/yunohost/templates/slapd/config.ldif"
db_init="/usr/share/yunohost/templates/slapd/db_init.ldif" db_init="/usr/share/yunohost/templates/slapd/db_init.ldif"
do_init_regen() { do_init_regen() {
if [[ $EUID -ne 0 ]]; then if [[ $EUID -ne 0 ]]; then
echo "You must be root to run this script" 1>&2 echo "You must be root to run this script" 1>&2
exit 1 exit 1
fi fi
do_pre_regen "" do_pre_regen ""
# Drop current existing slapd data # Drop current existing slapd data
rm -rf /var/backups/*.ldapdb rm -rf /var/backups/*.ldapdb
rm -rf /var/backups/slapd-* rm -rf /var/backups/slapd-*
debconf-set-selections << EOF debconf-set-selections <<EOF
slapd slapd/password1 password yunohost slapd slapd/password1 password yunohost
slapd slapd/password2 password yunohost slapd slapd/password2 password yunohost
slapd slapd/domain string yunohost.org slapd slapd/domain string yunohost.org
@ -33,165 +33,161 @@ slapd slapd/no_configuration boolean false
slapd slapd/purge_database boolean false slapd slapd/purge_database boolean false
EOF EOF
DEBIAN_FRONTEND=noninteractive dpkg-reconfigure slapd -u DEBIAN_FRONTEND=noninteractive dpkg-reconfigure slapd -u
# Enforce permissions # Enforce permissions
chown -R openldap:openldap /etc/ldap/schema/ chown -R openldap:openldap /etc/ldap/schema/
usermod -aG ssl-cert openldap usermod -aG ssl-cert openldap
# (Re-)init data according to default ldap entries # (Re-)init data according to default ldap entries
echo ' Initializing LDAP with YunoHost DB structure' echo ' Initializing LDAP with YunoHost DB structure'
rm -rf /etc/ldap/slapd.d rm -rf /etc/ldap/slapd.d
mkdir -p /etc/ldap/slapd.d mkdir -p /etc/ldap/slapd.d
slapadd -F /etc/ldap/slapd.d -b cn=config -l "$config" 2>&1 \ slapadd -F /etc/ldap/slapd.d -b cn=config -l "$config" 2>&1 \
| grep -v "none elapsed\|Closing DB" || true | grep -v "none elapsed\|Closing DB" || true
chown -R openldap: /etc/ldap/slapd.d chown -R openldap: /etc/ldap/slapd.d
rm -rf /var/lib/ldap rm -rf /var/lib/ldap
mkdir -p /var/lib/ldap mkdir -p /var/lib/ldap
slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "$db_init" 2>&1 \ slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "$db_init" 2>&1 \
| grep -v "none elapsed\|Closing DB" || true | grep -v "none elapsed\|Closing DB" || true
chown -R openldap: /var/lib/ldap chown -R openldap: /var/lib/ldap
nscd -i group || true nscd -i group || true
nscd -i passwd || true nscd -i passwd || true
systemctl restart slapd systemctl restart slapd
# We don't use mkhomedir_helper because 'admin' may not be recognized # We don't use mkhomedir_helper because 'admin' may not be recognized
# when this script is ran in a chroot (e.g. ISO install) # when this script is ran in a chroot (e.g. ISO install)
# We also refer to admin as uid 1007 for the same reason # We also refer to admin as uid 1007 for the same reason
if [ ! -d /home/admin ] if [ ! -d /home/admin ]; then
then cp -r /etc/skel /home/admin
cp -r /etc/skel /home/admin chown -R 1007:1007 /home/admin
chown -R 1007:1007 /home/admin fi
fi
} }
_regenerate_slapd_conf() { _regenerate_slapd_conf() {
# Validate the new slapd config # Validate the new slapd config
# To do so, we have to use the .ldif to generate the config directory # To do so, we have to use the .ldif to generate the config directory
# so we use a temporary directory slapd_new.d # so we use a temporary directory slapd_new.d
rm -Rf /etc/ldap/slapd_new.d rm -Rf /etc/ldap/slapd_new.d
mkdir /etc/ldap/slapd_new.d mkdir /etc/ldap/slapd_new.d
slapadd -b cn=config -l "$config" -F /etc/ldap/slapd_new.d/ 2>&1 \ slapadd -b cn=config -l "$config" -F /etc/ldap/slapd_new.d/ 2>&1 \
| grep -v "none elapsed\|Closing DB" || true | grep -v "none elapsed\|Closing DB" || true
# Actual validation (-Q is for quiet, -u is for dry-run) # Actual validation (-Q is for quiet, -u is for dry-run)
slaptest -Q -u -F /etc/ldap/slapd_new.d slaptest -Q -u -F /etc/ldap/slapd_new.d
# "Commit" / apply the new config (meaning we delete the old one and replace # "Commit" / apply the new config (meaning we delete the old one and replace
# it with the new one) # it with the new one)
rm -Rf /etc/ldap/slapd.d rm -Rf /etc/ldap/slapd.d
mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d
chown -R openldap:openldap /etc/ldap/slapd.d/ chown -R openldap:openldap /etc/ldap/slapd.d/
} }
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
# remove temporary backup file # remove temporary backup file
rm -f "$tmp_backup_dir_file" rm -f "$tmp_backup_dir_file"
# Define if we need to migrate from hdb to mdb # Define if we need to migrate from hdb to mdb
curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}') curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}')
if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] && \ if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] \
[ $curr_backend != 'mdb' ]; then && [ $curr_backend != 'mdb' ]; then
backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)" backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)"
mkdir -p "$backup_dir" mkdir -p "$backup_dir"
slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
echo "$backup_dir" > "$tmp_backup_dir_file" echo "$backup_dir" >"$tmp_backup_dir_file"
fi fi
# create needed directories # create needed directories
ldap_dir="${pending_dir}/etc/ldap" ldap_dir="${pending_dir}/etc/ldap"
schema_dir="${ldap_dir}/schema" schema_dir="${ldap_dir}/schema"
mkdir -p "$ldap_dir" "$schema_dir" mkdir -p "$ldap_dir" "$schema_dir"
cd /usr/share/yunohost/templates/slapd cd /usr/share/yunohost/templates/slapd
# copy configuration files # copy configuration files
cp -a ldap.conf "$ldap_dir" cp -a ldap.conf "$ldap_dir"
cp -a sudo.ldif mailserver.ldif permission.ldif "$schema_dir" cp -a sudo.ldif mailserver.ldif permission.ldif "$schema_dir"
mkdir -p ${pending_dir}/etc/systemd/system/slapd.service.d/ mkdir -p ${pending_dir}/etc/systemd/system/slapd.service.d/
cp systemd-override.conf ${pending_dir}/etc/systemd/system/slapd.service.d/ynh-override.conf cp systemd-override.conf ${pending_dir}/etc/systemd/system/slapd.service.d/ynh-override.conf
install -D -m 644 slapd.default "${pending_dir}/etc/default/slapd" install -D -m 644 slapd.default "${pending_dir}/etc/default/slapd"
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
# fix some permissions # fix some permissions
echo "Enforce permissions on ldap/slapd directories and certs ..." echo "Enforce permissions on ldap/slapd directories and certs ..."
# penldap user should be in the ssl-cert group to let it access the certificate for TLS # penldap user should be in the ssl-cert group to let it access the certificate for TLS
usermod -aG ssl-cert openldap usermod -aG ssl-cert openldap
chown -R openldap:openldap /etc/ldap/schema/ chown -R openldap:openldap /etc/ldap/schema/
chown -R openldap:openldap /etc/ldap/slapd.d/ chown -R openldap:openldap /etc/ldap/slapd.d/
# If we changed the systemd ynh-override conf # If we changed the systemd ynh-override conf
if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$" if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$"; then
then systemctl daemon-reload
systemctl daemon-reload systemctl restart slapd
systemctl restart slapd sleep 3
sleep 3 fi
fi
# For some reason, old setups don't have the admins group defined... # For some reason, old setups don't have the admins group defined...
if ! slapcat | grep -q 'cn=admins,ou=groups,dc=yunohost,dc=org' if ! slapcat | grep -q 'cn=admins,ou=groups,dc=yunohost,dc=org'; then
then slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org <<< \
slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org <<< \ "dn: cn=admins,ou=groups,dc=yunohost,dc=org
"dn: cn=admins,ou=groups,dc=yunohost,dc=org
cn: admins cn: admins
gidNumber: 4001 gidNumber: 4001
memberUid: admin memberUid: admin
objectClass: posixGroup objectClass: posixGroup
objectClass: top" objectClass: top"
chown -R openldap: /var/lib/ldap chown -R openldap: /var/lib/ldap
systemctl restart slapd systemctl restart slapd
nscd -i group nscd -i group
fi fi
[ -z "$regen_conf_files" ] && exit 0 [ -z "$regen_conf_files" ] && exit 0
# regenerate LDAP config directory from slapd.conf # regenerate LDAP config directory from slapd.conf
echo "Regenerate LDAP config directory from config.ldif" echo "Regenerate LDAP config directory from config.ldif"
_regenerate_slapd_conf _regenerate_slapd_conf
# If there's a backup, re-import its data # If there's a backup, re-import its data
backup_dir=$(cat "$tmp_backup_dir_file" 2>/dev/null || true) backup_dir=$(cat "$tmp_backup_dir_file" 2>/dev/null || true)
if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then
# regenerate LDAP config directory and import database as root # regenerate LDAP config directory and import database as root
echo "Import the database using slapadd" echo "Import the database using slapadd"
slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
chown -R openldap:openldap /var/lib/ldap 2>&1 chown -R openldap:openldap /var/lib/ldap 2>&1
fi fi
echo "Running slapdindex" echo "Running slapdindex"
su openldap -s "/bin/bash" -c "/usr/sbin/slapindex" su openldap -s "/bin/bash" -c "/usr/sbin/slapindex"
echo "Reloading slapd" echo "Reloading slapd"
systemctl force-reload slapd systemctl force-reload slapd
# on slow hardware/vm this regen conf would exit before the admin user that # on slow hardware/vm this regen conf would exit before the admin user that
# is stored in ldap is available because ldap seems to slow to restart # is stored in ldap is available because ldap seems to slow to restart
# so we'll wait either until we are able to log as admin or until a timeout # so we'll wait either until we are able to log as admin or until a timeout
# is reached # is reached
# we need to do this because the next hooks executed after this one during # we need to do this because the next hooks executed after this one during
# postinstall requires to run as admin thus breaking postinstall on slow # postinstall requires to run as admin thus breaking postinstall on slow
# hardware which mean yunohost can't be correctly installed on those hardware # hardware which mean yunohost can't be correctly installed on those hardware
# and this sucks # and this sucks
# wait a maximum time of 5 minutes # wait a maximum time of 5 minutes
# yes, force-reload behave like a restart # yes, force-reload behave like a restart
number_of_wait=0 number_of_wait=0
while ! su admin -c '' && ((number_of_wait < 60)) while ! su admin -c '' && ((number_of_wait < 60)); do
do sleep 5
sleep 5 ((number_of_wait += 1))
((number_of_wait += 1)) done
done
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

16
data/hooks/conf_regen/09-nslcd
View file

@ -3,23 +3,23 @@
set -e set -e
do_init_regen() { do_init_regen() {
do_pre_regen "" do_pre_regen ""
systemctl restart nslcd systemctl restart nslcd
} }
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/nslcd cd /usr/share/yunohost/templates/nslcd
install -D -m 644 nslcd.conf "${pending_dir}/etc/nslcd.conf" install -D -m 644 nslcd.conf "${pending_dir}/etc/nslcd.conf"
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
[[ -z "$regen_conf_files" ]] \ [[ -z "$regen_conf_files" ]] \
|| systemctl restart nslcd || systemctl restart nslcd
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

15
data/hooks/conf_regen/10-apt
View file

@ -8,15 +8,14 @@ do_pre_regen() {
mkdir --parents "${pending_dir}/etc/apt/preferences.d" mkdir --parents "${pending_dir}/etc/apt/preferences.d"
packages_to_refuse_from_sury="php php-fpm php-mysql php-xml php-zip php-mbstring php-ldap php-gd php-curl php-bz2 php-json php-sqlite3 php-intl openssl libssl1.1 libssl-dev" packages_to_refuse_from_sury="php php-fpm php-mysql php-xml php-zip php-mbstring php-ldap php-gd php-curl php-bz2 php-json php-sqlite3 php-intl openssl libssl1.1 libssl-dev"
for package in $packages_to_refuse_from_sury for package in $packages_to_refuse_from_sury; do
do
echo " echo "
Package: $package Package: $package
Pin: origin \"packages.sury.org\" Pin: origin \"packages.sury.org\"
Pin-Priority: -1" >> "${pending_dir}/etc/apt/preferences.d/extra_php_version" Pin-Priority: -1" >>"${pending_dir}/etc/apt/preferences.d/extra_php_version"
done done
echo " echo "
# PLEASE READ THIS WARNING AND DON'T EDIT THIS FILE # PLEASE READ THIS WARNING AND DON'T EDIT THIS FILE
@ -43,15 +42,15 @@ Pin-Priority: -1
Package: bind9 Package: bind9
Pin: release * Pin: release *
Pin-Priority: -1 Pin-Priority: -1
" >> "${pending_dir}/etc/apt/preferences.d/ban_packages" " >>"${pending_dir}/etc/apt/preferences.d/ban_packages"
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
# Make sure php7.4 is the default version when using php in cli # Make sure php7.4 is the default version when using php in cli
update-alternatives --set php /usr/bin/php7.4 update-alternatives --set php /usr/bin/php7.4
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

100
data/hooks/conf_regen/12-metronome
View file

@ -3,71 +3,71 @@
set -e set -e
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/metronome cd /usr/share/yunohost/templates/metronome
# create directories for pending conf # create directories for pending conf
metronome_dir="${pending_dir}/etc/metronome" metronome_dir="${pending_dir}/etc/metronome"
metronome_conf_dir="${metronome_dir}/conf.d" metronome_conf_dir="${metronome_dir}/conf.d"
mkdir -p "$metronome_conf_dir" mkdir -p "$metronome_conf_dir"
# retrieve variables # retrieve variables
main_domain=$(cat /etc/yunohost/current_host) main_domain=$(cat /etc/yunohost/current_host)
# install main conf file # install main conf file
cat metronome.cfg.lua \ cat metronome.cfg.lua \
| sed "s/{{ main_domain }}/${main_domain}/g" \ | sed "s/{{ main_domain }}/${main_domain}/g" \
> "${metronome_dir}/metronome.cfg.lua" >"${metronome_dir}/metronome.cfg.lua"
# add domain conf files # add domain conf files
for domain in $YNH_DOMAINS; do for domain in $YNH_DOMAINS; do
cat domain.tpl.cfg.lua \ cat domain.tpl.cfg.lua \
| sed "s/{{ domain }}/${domain}/g" \ | sed "s/{{ domain }}/${domain}/g" \
> "${metronome_conf_dir}/${domain}.cfg.lua" >"${metronome_conf_dir}/${domain}.cfg.lua"
done done
# remove old domain conf files # remove old domain conf files
conf_files=$(ls -1 /etc/metronome/conf.d \ conf_files=$(ls -1 /etc/metronome/conf.d \
| awk '/^[^\.]+\.[^\.]+.*\.cfg\.lua$/ { print $1 }') | awk '/^[^\.]+\.[^\.]+.*\.cfg\.lua$/ { print $1 }')
for file in $conf_files; do for file in $conf_files; do
domain=${file%.cfg.lua} domain=${file%.cfg.lua}
[[ $YNH_DOMAINS =~ $domain ]] \ [[ $YNH_DOMAINS =~ $domain ]] \
|| touch "${metronome_conf_dir}/${file}" || touch "${metronome_conf_dir}/${file}"
done done
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
# retrieve variables # retrieve variables
main_domain=$(cat /etc/yunohost/current_host) main_domain=$(cat /etc/yunohost/current_host)
# FIXME : small optimization to do to avoid calling a yunohost command ... # FIXME : small optimization to do to avoid calling a yunohost command ...
# maybe another env variable like YNH_MAIN_DOMAINS idk # maybe another env variable like YNH_MAIN_DOMAINS idk
domain_list=$(yunohost domain list --exclude-subdomains --output-as plain --quiet) domain_list=$(yunohost domain list --exclude-subdomains --output-as plain --quiet)
# create metronome directories for domains # create metronome directories for domains
for domain in $domain_list; do for domain in $domain_list; do
mkdir -p "/var/lib/metronome/${domain//./%2e}/pep" mkdir -p "/var/lib/metronome/${domain//./%2e}/pep"
# http_upload directory must be writable by metronome and readable by nginx # http_upload directory must be writable by metronome and readable by nginx
mkdir -p "/var/xmpp-upload/${domain}/upload" mkdir -p "/var/xmpp-upload/${domain}/upload"
# sgid bit allows that file created in that dir will be owned by www-data # sgid bit allows that file created in that dir will be owned by www-data
# despite the fact that metronome ain't in the www-data group # despite the fact that metronome ain't in the www-data group
chmod g+s "/var/xmpp-upload/${domain}/upload" chmod g+s "/var/xmpp-upload/${domain}/upload"
done done
# fix some permissions # fix some permissions
[ ! -e '/var/xmpp-upload' ] || chown -R metronome:www-data "/var/xmpp-upload/" [ ! -e '/var/xmpp-upload' ] || chown -R metronome:www-data "/var/xmpp-upload/"
[ ! -e '/var/xmpp-upload' ] || chmod 750 "/var/xmpp-upload/" [ ! -e '/var/xmpp-upload' ] || chmod 750 "/var/xmpp-upload/"
# metronome should be in ssl-cert group to let it access SSL certificates # metronome should be in ssl-cert group to let it access SSL certificates
usermod -aG ssl-cert metronome usermod -aG ssl-cert metronome
chown -R metronome: /var/lib/metronome/ chown -R metronome: /var/lib/metronome/
chown -R metronome: /etc/metronome/conf.d/ chown -R metronome: /etc/metronome/conf.d/
[[ -z "$regen_conf_files" ]] \ [[ -z "$regen_conf_files" ]] \
|| systemctl restart metronome || systemctl restart metronome
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

202
data/hooks/conf_regen/15-nginx
View file

@ -5,134 +5,144 @@ set -e
. /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
do_init_regen() { do_init_regen() {
if [[ $EUID -ne 0 ]]; then if [[ $EUID -ne 0 ]]; then
echo "You must be root to run this script" 1>&2 echo "You must be root to run this script" 1>&2
exit 1 exit 1
fi fi
cd /usr/share/yunohost/templates/nginx cd /usr/share/yunohost/templates/nginx
nginx_dir="/etc/nginx" nginx_dir="/etc/nginx"
nginx_conf_dir="${nginx_dir}/conf.d" nginx_conf_dir="${nginx_dir}/conf.d"
mkdir -p "$nginx_conf_dir" mkdir -p "$nginx_conf_dir"
# install plain conf files # install plain conf files
cp plain/* "$nginx_conf_dir" cp plain/* "$nginx_conf_dir"
# probably run with init: just disable default site, restart NGINX and exit # probably run with init: just disable default site, restart NGINX and exit
rm -f "${nginx_dir}/sites-enabled/default" rm -f "${nginx_dir}/sites-enabled/default"
export compatibility="intermediate" export compatibility="intermediate"
ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc"
ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf"
ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc"
ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc"
mkdir -p $nginx_conf_dir/default.d/ mkdir -p $nginx_conf_dir/default.d/
cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/ cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/
# Restart nginx if conf looks good, otherwise display error and exit unhappy # Restart nginx if conf looks good, otherwise display error and exit unhappy
nginx -t 2>/dev/null || { nginx -t; exit 1; } nginx -t 2>/dev/null || {
systemctl restart nginx || { journalctl --no-pager --lines=10 -u nginx >&2; exit 1; } nginx -t
exit 1
}
systemctl restart nginx || {
journalctl --no-pager --lines=10 -u nginx >&2
exit 1
}
exit 0 exit 0
} }
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/nginx cd /usr/share/yunohost/templates/nginx
nginx_dir="${pending_dir}/etc/nginx" nginx_dir="${pending_dir}/etc/nginx"
nginx_conf_dir="${nginx_dir}/conf.d" nginx_conf_dir="${nginx_dir}/conf.d"
mkdir -p "$nginx_conf_dir" mkdir -p "$nginx_conf_dir"
# install / update plain conf files # install / update plain conf files
cp plain/* "$nginx_conf_dir" cp plain/* "$nginx_conf_dir"
# remove the panel overlay if this is specified in settings # remove the panel overlay if this is specified in settings
panel_overlay=$(yunohost settings get 'ssowat.panel_overlay.enabled') panel_overlay=$(yunohost settings get 'ssowat.panel_overlay.enabled')
if [ "$panel_overlay" == "false" ] || [ "$panel_overlay" == "False" ] if [ "$panel_overlay" == "false" ] || [ "$panel_overlay" == "False" ]; then
then echo "#" >"${nginx_conf_dir}/yunohost_panel.conf.inc"
echo "#" > "${nginx_conf_dir}/yunohost_panel.conf.inc" fi
fi
# retrieve variables # retrieve variables
main_domain=$(cat /etc/yunohost/current_host) main_domain=$(cat /etc/yunohost/current_host)
# Support different strategy for security configurations # Support different strategy for security configurations
export redirect_to_https="$(yunohost settings get 'security.nginx.redirect_to_https')" export redirect_to_https="$(yunohost settings get 'security.nginx.redirect_to_https')"
export compatibility="$(yunohost settings get 'security.nginx.compatibility')" export compatibility="$(yunohost settings get 'security.nginx.compatibility')"
export experimental="$(yunohost settings get 'security.experimental.enabled')" export experimental="$(yunohost settings get 'security.experimental.enabled')"
ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc"
cert_status=$(yunohost domain cert status --json) cert_status=$(yunohost domain cert status --json)
# add domain conf files # add domain conf files
for domain in $YNH_DOMAINS; do for domain in $YNH_DOMAINS; do
domain_conf_dir="${nginx_conf_dir}/${domain}.d" domain_conf_dir="${nginx_conf_dir}/${domain}.d"
mkdir -p "$domain_conf_dir" mkdir -p "$domain_conf_dir"
mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/" mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/"
mkdir -p "$mail_autoconfig_dir" mkdir -p "$mail_autoconfig_dir"
# NGINX server configuration # NGINX server configuration
export domain export domain
export domain_cert_ca=$(echo $cert_status \ export domain_cert_ca=$(echo $cert_status \
| jq ".certificates.\"$domain\".CA_type" \ | jq ".certificates.\"$domain\".CA_type" \
| tr -d '"') | tr -d '"')
ynh_render_template "server.tpl.conf" "${nginx_conf_dir}/${domain}.conf" ynh_render_template "server.tpl.conf" "${nginx_conf_dir}/${domain}.conf"
ynh_render_template "autoconfig.tpl.xml" "${mail_autoconfig_dir}/config-v1.1.xml" ynh_render_template "autoconfig.tpl.xml" "${mail_autoconfig_dir}/config-v1.1.xml"
touch "${domain_conf_dir}/yunohost_local.conf" # Clean legacy conf files touch "${domain_conf_dir}/yunohost_local.conf" # Clean legacy conf files
done done
export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.allowlist.enabled) export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.allowlist.enabled)
if [ "$webadmin_allowlist_enabled" == "True" ] if [ "$webadmin_allowlist_enabled" == "True" ]; then
then export webadmin_allowlist=$(yunohost settings get security.webadmin.allowlist)
export webadmin_allowlist=$(yunohost settings get security.webadmin.allowlist) fi
fi ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc"
ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc"
ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf"
ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" mkdir -p $nginx_conf_dir/default.d/
mkdir -p $nginx_conf_dir/default.d/ cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/
cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/
# remove old domain conf files # remove old domain conf files
conf_files=$(ls -1 /etc/nginx/conf.d \ conf_files=$(ls -1 /etc/nginx/conf.d \
| awk '/^[^\.]+\.[^\.]+.*\.conf$/ { print $1 }') | awk '/^[^\.]+\.[^\.]+.*\.conf$/ { print $1 }')
for file in $conf_files; do for file in $conf_files; do
domain=${file%.conf} domain=${file%.conf}
[[ $YNH_DOMAINS =~ $domain ]] \ [[ $YNH_DOMAINS =~ $domain ]] \
|| touch "${nginx_conf_dir}/${file}" || touch "${nginx_conf_dir}/${file}"
done done
# remove old mail-autoconfig files # remove old mail-autoconfig files
autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true) autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true)
for file in $autoconfig_files; do for file in $autoconfig_files; do
domain=$(basename $(readlink -f $(dirname $file)/../..)) domain=$(basename $(readlink -f $(dirname $file)/../..))
[[ $YNH_DOMAINS =~ $domain ]] \ [[ $YNH_DOMAINS =~ $domain ]] \
|| (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}") || (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}")
done done
# disable default site # disable default site
mkdir -p "${nginx_dir}/sites-enabled" mkdir -p "${nginx_dir}/sites-enabled"
touch "${nginx_dir}/sites-enabled/default" touch "${nginx_dir}/sites-enabled/default"
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
[ -z "$regen_conf_files" ] && exit 0 [ -z "$regen_conf_files" ] && exit 0
# create NGINX conf directories for domains # create NGINX conf directories for domains
for domain in $YNH_DOMAINS; do for domain in $YNH_DOMAINS; do
mkdir -p "/etc/nginx/conf.d/${domain}.d" mkdir -p "/etc/nginx/conf.d/${domain}.d"
done done
# Reload nginx if conf looks good, otherwise display error and exit unhappy # Reload nginx if conf looks good, otherwise display error and exit unhappy
nginx -t 2>/dev/null || { nginx -t; exit 1; } nginx -t 2>/dev/null || {
pgrep nginx && systemctl reload nginx || { journalctl --no-pager --lines=10 -u nginx >&2; exit 1; } nginx -t
exit 1
}
pgrep nginx && systemctl reload nginx || {
journalctl --no-pager --lines=10 -u nginx >&2
exit 1
}
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

110
data/hooks/conf_regen/19-postfix
View file

@ -5,78 +5,76 @@ set -e
. /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/postfix cd /usr/share/yunohost/templates/postfix
postfix_dir="${pending_dir}/etc/postfix" postfix_dir="${pending_dir}/etc/postfix"
mkdir -p "$postfix_dir" mkdir -p "$postfix_dir"
default_dir="${pending_dir}/etc/default/" default_dir="${pending_dir}/etc/default/"
mkdir -p "$default_dir" mkdir -p "$default_dir"
# install plain conf files # install plain conf files
cp plain/* "$postfix_dir" cp plain/* "$postfix_dir"
# prepare main.cf conf file # prepare main.cf conf file
main_domain=$(cat /etc/yunohost/current_host) main_domain=$(cat /etc/yunohost/current_host)
# Support different strategy for security configurations # Support different strategy for security configurations
export compatibility="$(yunohost settings get 'security.postfix.compatibility')" export compatibility="$(yunohost settings get 'security.postfix.compatibility')"
# Add possibility to specify a relay # Add possibility to specify a relay
# Could be useful with some isp with no 25 port open or more complex setup # Could be useful with some isp with no 25 port open or more complex setup
export relay_port="" export relay_port=""
export relay_user="" export relay_user=""
export relay_host="$(yunohost settings get 'smtp.relay.host')" export relay_host="$(yunohost settings get 'smtp.relay.host')"
if [ -n "${relay_host}" ] if [ -n "${relay_host}" ]; then
then relay_port="$(yunohost settings get 'smtp.relay.port')"
relay_port="$(yunohost settings get 'smtp.relay.port')" relay_user="$(yunohost settings get 'smtp.relay.user')"
relay_user="$(yunohost settings get 'smtp.relay.user')" relay_password="$(yunohost settings get 'smtp.relay.password')"
relay_password="$(yunohost settings get 'smtp.relay.password')"
# Avoid to display "Relay account paswword" to other users # Avoid to display "Relay account paswword" to other users
touch ${postfix_dir}/sasl_passwd touch ${postfix_dir}/sasl_passwd
chmod 750 ${postfix_dir}/sasl_passwd chmod 750 ${postfix_dir}/sasl_passwd
# Avoid "postmap: warning: removing zero-length database file" # Avoid "postmap: warning: removing zero-length database file"
chown postfix ${pending_dir}/etc/postfix chown postfix ${pending_dir}/etc/postfix
chown postfix ${pending_dir}/etc/postfix/sasl_passwd chown postfix ${pending_dir}/etc/postfix/sasl_passwd
cat <<< "[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" > ${postfix_dir}/sasl_passwd cat <<<"[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" >${postfix_dir}/sasl_passwd
postmap ${postfix_dir}/sasl_passwd postmap ${postfix_dir}/sasl_passwd
fi fi
export main_domain export main_domain
export domain_list="$YNH_DOMAINS" export domain_list="$YNH_DOMAINS"
ynh_render_template "main.cf" "${postfix_dir}/main.cf" ynh_render_template "main.cf" "${postfix_dir}/main.cf"
cat postsrsd \ cat postsrsd \
| sed "s/{{ main_domain }}/${main_domain}/g" \ | sed "s/{{ main_domain }}/${main_domain}/g" \
| sed "s/{{ domain_list }}/${YNH_DOMAINS}/g" \ | sed "s/{{ domain_list }}/${YNH_DOMAINS}/g" \
> "${default_dir}/postsrsd" >"${default_dir}/postsrsd"
# adapt it for IPv4-only hosts # adapt it for IPv4-only hosts
ipv6="$(yunohost settings get 'smtp.allow_ipv6')" ipv6="$(yunohost settings get 'smtp.allow_ipv6')"
if [ "$ipv6" == "False" ] || [ ! -f /proc/net/if_inet6 ]; then if [ "$ipv6" == "False" ] || [ ! -f /proc/net/if_inet6 ]; then
sed -i \ sed -i \
's/ \[::ffff:127.0.0.0\]\/104 \[::1\]\/128//g' \ 's/ \[::ffff:127.0.0.0\]\/104 \[::1\]\/128//g' \
"${postfix_dir}/main.cf" "${postfix_dir}/main.cf"
sed -i \ sed -i \
's/inet_interfaces = all/&\ninet_protocols = ipv4/' \ 's/inet_interfaces = all/&\ninet_protocols = ipv4/' \
"${postfix_dir}/main.cf" "${postfix_dir}/main.cf"
fi fi
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
if [ -e /etc/postfix/sasl_passwd ] if [ -e /etc/postfix/sasl_passwd ]; then
then chmod 750 /etc/postfix/sasl_passwd*
chmod 750 /etc/postfix/sasl_passwd* chown postfix:root /etc/postfix/sasl_passwd*
chown postfix:root /etc/postfix/sasl_passwd* fi
fi
[[ -z "$regen_conf_files" ]] \ [[ -z "$regen_conf_files" ]] \
|| { systemctl restart postfix && systemctl restart postsrsd; } || { systemctl restart postfix && systemctl restart postsrsd; }
} }

80
data/hooks/conf_regen/25-dovecot
View file

@ -5,62 +5,62 @@ set -e
. /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/dovecot cd /usr/share/yunohost/templates/dovecot
dovecot_dir="${pending_dir}/etc/dovecot" dovecot_dir="${pending_dir}/etc/dovecot"
mkdir -p "${dovecot_dir}/global_script" mkdir -p "${dovecot_dir}/global_script"
# copy simple conf files # copy simple conf files
cp dovecot-ldap.conf "${dovecot_dir}/dovecot-ldap.conf" cp dovecot-ldap.conf "${dovecot_dir}/dovecot-ldap.conf"
cp dovecot.sieve "${dovecot_dir}/global_script/dovecot.sieve" cp dovecot.sieve "${dovecot_dir}/global_script/dovecot.sieve"
export pop3_enabled="$(yunohost settings get 'pop3.enabled')" export pop3_enabled="$(yunohost settings get 'pop3.enabled')"
export main_domain=$(cat /etc/yunohost/current_host) export main_domain=$(cat /etc/yunohost/current_host)
ynh_render_template "dovecot.conf" "${dovecot_dir}/dovecot.conf" ynh_render_template "dovecot.conf" "${dovecot_dir}/dovecot.conf"
# adapt it for IPv4-only hosts # adapt it for IPv4-only hosts
if [ ! -f /proc/net/if_inet6 ]; then if [ ! -f /proc/net/if_inet6 ]; then
sed -i \ sed -i \
's/^\(listen =\).*/\1 */' \ 's/^\(listen =\).*/\1 */' \
"${dovecot_dir}/dovecot.conf" "${dovecot_dir}/dovecot.conf"
fi fi
mkdir -p "${dovecot_dir}/yunohost.d" mkdir -p "${dovecot_dir}/yunohost.d"
cp pre-ext.conf "${dovecot_dir}/yunohost.d" cp pre-ext.conf "${dovecot_dir}/yunohost.d"
cp post-ext.conf "${dovecot_dir}/yunohost.d" cp post-ext.conf "${dovecot_dir}/yunohost.d"
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
mkdir -p "/etc/dovecot/yunohost.d/pre-ext.d" mkdir -p "/etc/dovecot/yunohost.d/pre-ext.d"
mkdir -p "/etc/dovecot/yunohost.d/post-ext.d" mkdir -p "/etc/dovecot/yunohost.d/post-ext.d"
# create vmail user # create vmail user
id vmail > /dev/null 2>&1 \ id vmail >/dev/null 2>&1 \
|| adduser --system --ingroup mail --uid 500 vmail --home /var/vmail --no-create-home || adduser --system --ingroup mail --uid 500 vmail --home /var/vmail --no-create-home
# Delete legacy home for vmail that existed in the past but was empty, poluting /home/ # Delete legacy home for vmail that existed in the past but was empty, poluting /home/
[ ! -e /home/vmail ] || rmdir --ignore-fail-on-non-empty /home/vmail [ ! -e /home/vmail ] || rmdir --ignore-fail-on-non-empty /home/vmail
# fix permissions # fix permissions
chown -R vmail:mail /etc/dovecot/global_script
chmod 770 /etc/dovecot/global_script
chown root:mail /var/mail
chmod 1775 /var/mail
[ -z "$regen_conf_files" ] && exit 0
# compile sieve script
[[ "$regen_conf_files" =~ dovecot\.sieve ]] && {
sievec /etc/dovecot/global_script/dovecot.sieve
chown -R vmail:mail /etc/dovecot/global_script chown -R vmail:mail /etc/dovecot/global_script
} chmod 770 /etc/dovecot/global_script
chown root:mail /var/mail
chmod 1775 /var/mail
systemctl restart dovecot [ -z "$regen_conf_files" ] && exit 0
# compile sieve script
[[ "$regen_conf_files" =~ dovecot\.sieve ]] && {
sievec /etc/dovecot/global_script/dovecot.sieve
chown -R vmail:mail /etc/dovecot/global_script
}
systemctl restart dovecot
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

88
data/hooks/conf_regen/31-rspamd
View file

@ -3,60 +3,60 @@
set -e set -e
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/rspamd cd /usr/share/yunohost/templates/rspamd
install -D -m 644 metrics.local.conf \ install -D -m 644 metrics.local.conf \
"${pending_dir}/etc/rspamd/local.d/metrics.conf" "${pending_dir}/etc/rspamd/local.d/metrics.conf"
install -D -m 644 dkim_signing.conf \ install -D -m 644 dkim_signing.conf \
"${pending_dir}/etc/rspamd/local.d/dkim_signing.conf" "${pending_dir}/etc/rspamd/local.d/dkim_signing.conf"
install -D -m 644 rspamd.sieve \ install -D -m 644 rspamd.sieve \
"${pending_dir}/etc/dovecot/global_script/rspamd.sieve" "${pending_dir}/etc/dovecot/global_script/rspamd.sieve"
} }
do_post_regen() { do_post_regen() {
## ##
## DKIM key generation ## DKIM key generation
## ##
# create DKIM directory with proper permission # create DKIM directory with proper permission
mkdir -p /etc/dkim mkdir -p /etc/dkim
chown _rspamd /etc/dkim chown _rspamd /etc/dkim
# create DKIM key for domains # create DKIM key for domains
for domain in $YNH_DOMAINS; do for domain in $YNH_DOMAINS; do
domain_key="/etc/dkim/${domain}.mail.key" domain_key="/etc/dkim/${domain}.mail.key"
[ ! -f "$domain_key" ] && { [ ! -f "$domain_key" ] && {
# We use a 1024 bit size because nsupdate doesn't seem to be able to # We use a 1024 bit size because nsupdate doesn't seem to be able to
# handle 2048... # handle 2048...
opendkim-genkey --domain="$domain" \ opendkim-genkey --domain="$domain" \
--selector=mail --directory=/etc/dkim -b 1024 --selector=mail --directory=/etc/dkim -b 1024
mv /etc/dkim/mail.private "$domain_key" mv /etc/dkim/mail.private "$domain_key"
mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt" mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt"
}
done
# fix DKIM keys permissions
chown _rspamd /etc/dkim/*.mail.key
chmod 400 /etc/dkim/*.mail.key
[ ! -e /var/log/rspamd ] || chown -R _rspamd:_rspamd /var/log/rspamd
regen_conf_files=$1
[ -z "$regen_conf_files" ] && exit 0
# compile sieve script
[[ "$regen_conf_files" =~ rspamd\.sieve ]] && {
sievec /etc/dovecot/global_script/rspamd.sieve
chown -R vmail:mail /etc/dovecot/global_script
systemctl restart dovecot
} }
done
# fix DKIM keys permissions # Restart rspamd due to the upgrade
chown _rspamd /etc/dkim/*.mail.key # https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html
chmod 400 /etc/dkim/*.mail.key systemctl -q restart rspamd.service
[ ! -e /var/log/rspamd ] || chown -R _rspamd:_rspamd /var/log/rspamd
regen_conf_files=$1
[ -z "$regen_conf_files" ] && exit 0
# compile sieve script
[[ "$regen_conf_files" =~ rspamd\.sieve ]] && {
sievec /etc/dovecot/global_script/rspamd.sieve
chown -R vmail:mail /etc/dovecot/global_script
systemctl restart dovecot
}
# Restart rspamd due to the upgrade
# https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html
systemctl -q restart rspamd.service
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

56
data/hooks/conf_regen/34-mysql
View file

@ -4,46 +4,44 @@ set -e
. /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/mysql cd /usr/share/yunohost/templates/mysql
install -D -m 644 my.cnf "${pending_dir}/etc/mysql/my.cnf" install -D -m 644 my.cnf "${pending_dir}/etc/mysql/my.cnf"
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
if [[ ! -d /var/lib/mysql/mysql ]] if [[ ! -d /var/lib/mysql/mysql ]]; then
then # dpkg-reconfigure will initialize mysql (if it ain't already)
# dpkg-reconfigure will initialize mysql (if it ain't already) # It enabled auth_socket for root, so no need to define any root password...
# It enabled auth_socket for root, so no need to define any root password... # c.f. : cat /var/lib/dpkg/info/mariadb-server-10.3.postinst | grep install_db -C3
# c.f. : cat /var/lib/dpkg/info/mariadb-server-10.3.postinst | grep install_db -C3 MYSQL_PKG="$(dpkg --list | sed -ne 's/^ii \(mariadb-server-[[:digit:].]\+\) .*$/\1/p')"
MYSQL_PKG="$(dpkg --list | sed -ne 's/^ii \(mariadb-server-[[:digit:].]\+\) .*$/\1/p')" dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1
dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1
systemctl -q is-active mariadb.service \ systemctl -q is-active mariadb.service \
|| systemctl start mariadb || systemctl start mariadb
sleep 5 sleep 5
echo "" | mysql && echo "Can't connect to mysql using unix_socket auth ... something went wrong during initial configuration of mysql !?" >&2 echo "" | mysql && echo "Can't connect to mysql using unix_socket auth ... something went wrong during initial configuration of mysql !?" >&2
fi fi
# mysql is supposed to be an alias to mariadb... but in some weird case is not # mysql is supposed to be an alias to mariadb... but in some weird case is not
# c.f. https://forum.yunohost.org/t/mysql-ne-fonctionne-pas/11661 # c.f. https://forum.yunohost.org/t/mysql-ne-fonctionne-pas/11661
# Playing with enable/disable allows to recreate the proper symlinks. # Playing with enable/disable allows to recreate the proper symlinks.
if [ ! -e /etc/systemd/system/mysql.service ] if [ ! -e /etc/systemd/system/mysql.service ]; then
then systemctl stop mysql -q
systemctl stop mysql -q systemctl disable mysql -q
systemctl disable mysql -q systemctl disable mariadb -q
systemctl disable mariadb -q systemctl enable mariadb -q
systemctl enable mariadb -q systemctl is-active mariadb -q || systemctl start mariadb
systemctl is-active mariadb -q || systemctl start mariadb fi
fi
[[ -z "$regen_conf_files" ]] \ [[ -z "$regen_conf_files" ]] \
|| systemctl restart mysql || systemctl restart mysql
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

8
data/hooks/conf_regen/35-redis
View file

@ -1,13 +1,13 @@
#!/bin/bash #!/bin/bash
do_pre_regen() { do_pre_regen() {
: :
} }
do_post_regen() { do_post_regen() {
# Enforce these damn permissions because for some reason in some weird cases # Enforce these damn permissions because for some reason in some weird cases
# they are spontaneously replaced by root:root -_- # they are spontaneously replaced by root:root -_-
chown -R redis:adm /var/log/redis chown -R redis:adm /var/log/redis
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

54
data/hooks/conf_regen/37-mdns
View file

@ -3,49 +3,47 @@
set -e set -e
_generate_config() { _generate_config() {
echo "domains:" echo "domains:"
echo " - yunohost.local" echo " - yunohost.local"
for domain in $YNH_DOMAINS for domain in $YNH_DOMAINS; do
do # Only keep .local domains (don't keep
# Only keep .local domains (don't keep [[ "$domain" =~ [^.]+\.[^.]+\.local$ ]] && echo "Subdomain $domain cannot be handled by Bonjour/Zeroconf/mDNS" >&2
[[ "$domain" =~ [^.]+\.[^.]+\.local$ ]] && echo "Subdomain $domain cannot be handled by Bonjour/Zeroconf/mDNS" >&2 [[ "$domain" =~ ^[^.]+\.local$ ]] || continue
[[ "$domain" =~ ^[^.]+\.local$ ]] || continue echo " - $domain"
echo " - $domain" done
done
} }
do_init_regen() { do_init_regen() {
do_pre_regen do_pre_regen
do_post_regen /etc/systemd/system/yunomdns.service do_post_regen /etc/systemd/system/yunomdns.service
systemctl enable yunomdns systemctl enable yunomdns
} }
do_pre_regen() { do_pre_regen() {
pending_dir="$1" pending_dir="$1"
cd /usr/share/yunohost/templates/mdns cd /usr/share/yunohost/templates/mdns
mkdir -p ${pending_dir}/etc/systemd/system/ mkdir -p ${pending_dir}/etc/systemd/system/
cp yunomdns.service ${pending_dir}/etc/systemd/system/ cp yunomdns.service ${pending_dir}/etc/systemd/system/
getent passwd mdns &>/dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns getent passwd mdns &>/dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns
mkdir -p ${pending_dir}/etc/yunohost mkdir -p ${pending_dir}/etc/yunohost
_generate_config > ${pending_dir}/etc/yunohost/mdns.yml _generate_config >${pending_dir}/etc/yunohost/mdns.yml
} }
do_post_regen() { do_post_regen() {
regen_conf_files="$1" regen_conf_files="$1"
chown mdns:mdns /etc/yunohost/mdns.yml chown mdns:mdns /etc/yunohost/mdns.yml
# If we changed the systemd ynh-override conf # If we changed the systemd ynh-override conf
if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/yunomdns.service$" if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/yunomdns.service$"; then
then systemctl daemon-reload
systemctl daemon-reload fi
fi
[[ -z "$regen_conf_files" ]] \ [[ -z "$regen_conf_files" ]] \
|| systemctl restart yunomdns || systemctl restart yunomdns
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

114
data/hooks/conf_regen/43-dnsmasq
View file

@ -4,80 +4,80 @@ set -e
. /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/dnsmasq cd /usr/share/yunohost/templates/dnsmasq
# create directory for pending conf # create directory for pending conf
dnsmasq_dir="${pending_dir}/etc/dnsmasq.d" dnsmasq_dir="${pending_dir}/etc/dnsmasq.d"
mkdir -p "$dnsmasq_dir" mkdir -p "$dnsmasq_dir"
etcdefault_dir="${pending_dir}/etc/default" etcdefault_dir="${pending_dir}/etc/default"
mkdir -p "$etcdefault_dir" mkdir -p "$etcdefault_dir"
# add general conf files # add general conf files
cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq
cp plain/dnsmasq.conf ${pending_dir}/etc/dnsmasq.conf cp plain/dnsmasq.conf ${pending_dir}/etc/dnsmasq.conf
# add resolver file # add resolver file
cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf > ${pending_dir}/etc/resolv.dnsmasq.conf cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf >${pending_dir}/etc/resolv.dnsmasq.conf
# retrieve variables # retrieve variables
ipv4=$(curl -s -4 https://ip.yunohost.org 2>/dev/null || true) ipv4=$(curl -s -4 https://ip.yunohost.org 2>/dev/null || true)
ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1' ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1'
ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true) ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true)
ynh_validate_ip6 "$ipv6" || ipv6='' ynh_validate_ip6 "$ipv6" || ipv6=''
export ipv4 export ipv4
export ipv6 export ipv6
# add domain conf files # add domain conf files
for domain in $YNH_DOMAINS; do for domain in $YNH_DOMAINS; do
export domain [[ ! $domain =~ \.local$ ]] || continue
ynh_render_template "domain.tpl" "${dnsmasq_dir}/${domain}" export domain
done ynh_render_template "domain.tpl" "${dnsmasq_dir}/${domain}"
done
# remove old domain conf files # remove old domain conf files
conf_files=$(ls -1 /etc/dnsmasq.d \ conf_files=$(ls -1 /etc/dnsmasq.d \
| awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }') | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }')
for domain in $conf_files; do for domain in $conf_files; do
[[ $YNH_DOMAINS =~ $domain ]] \ if [[ ! $YNH_DOMAINS =~ $domain ]] && [[ ! $domain =~ \.local$ ]]
|| touch "${dnsmasq_dir}/${domain}" then
done touch "${dnsmasq_dir}/${domain}"
fi
done
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
# Fuck it, those domain/search entries from dhclient are usually annoying # Fuck it, those domain/search entries from dhclient are usually annoying
# lying shit from the ISP trying to MiTM # lying shit from the ISP trying to MiTM
if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf; then
then if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null; then
if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient
then fi
sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient
fi
grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-name "";' >> /etc/dhcp/dhclient.conf grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-name "";' >>/etc/dhcp/dhclient.conf
grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-search "";' >> /etc/dhcp/dhclient.conf grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-search "";' >>/etc/dhcp/dhclient.conf
grep -q '^supersede name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede name "";' >> /etc/dhcp/dhclient.conf grep -q '^supersede name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede name "";' >>/etc/dhcp/dhclient.conf
systemctl restart resolvconf systemctl restart resolvconf
fi fi
# Some stupid things like rabbitmq-server used by onlyoffice won't work if # Some stupid things like rabbitmq-server used by onlyoffice won't work if
# the *short* hostname doesn't exists in /etc/hosts -_- # the *short* hostname doesn't exists in /etc/hosts -_-
short_hostname=$(hostname -s) short_hostname=$(hostname -s)
grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts
[[ -n "$regen_conf_files" ]] || return [[ -n "$regen_conf_files" ]] || return
# Remove / disable services likely to conflict with dnsmasq # Remove / disable services likely to conflict with dnsmasq
for SERVICE in systemd-resolved bind9 for SERVICE in systemd-resolved bind9; do
do systemctl is-enabled $SERVICE &>/dev/null && systemctl disable $SERVICE 2>/dev/null
systemctl is-enabled $SERVICE &>/dev/null && systemctl disable $SERVICE 2>/dev/null systemctl is-active $SERVICE &>/dev/null && systemctl stop $SERVICE
systemctl is-active $SERVICE &>/dev/null && systemctl stop $SERVICE done
done
systemctl restart dnsmasq systemctl restart dnsmasq
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

16
data/hooks/conf_regen/46-nsswitch
View file

@ -3,23 +3,23 @@
set -e set -e
do_init_regen() { do_init_regen() {
do_pre_regen "" do_pre_regen ""
systemctl restart unscd systemctl restart unscd
} }
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/nsswitch cd /usr/share/yunohost/templates/nsswitch
install -D -m 644 nsswitch.conf "${pending_dir}/etc/nsswitch.conf" install -D -m 644 nsswitch.conf "${pending_dir}/etc/nsswitch.conf"
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
[[ -z "$regen_conf_files" ]] \ [[ -z "$regen_conf_files" ]] \
|| systemctl restart unscd || systemctl restart unscd
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

24
data/hooks/conf_regen/52-fail2ban
View file

@ -5,26 +5,26 @@ set -e
. /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
cd /usr/share/yunohost/templates/fail2ban cd /usr/share/yunohost/templates/fail2ban
fail2ban_dir="${pending_dir}/etc/fail2ban" fail2ban_dir="${pending_dir}/etc/fail2ban"
mkdir -p "${fail2ban_dir}/filter.d" mkdir -p "${fail2ban_dir}/filter.d"
mkdir -p "${fail2ban_dir}/jail.d" mkdir -p "${fail2ban_dir}/jail.d"
cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf" cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf"
cp jail.conf "${fail2ban_dir}/jail.conf" cp jail.conf "${fail2ban_dir}/jail.conf"
export ssh_port="$(yunohost settings get 'security.ssh.port')" export ssh_port="$(yunohost settings get 'security.ssh.port')"
ynh_render_template "yunohost-jails.conf" "${fail2ban_dir}/jail.d/yunohost-jails.conf" ynh_render_template "yunohost-jails.conf" "${fail2ban_dir}/jail.d/yunohost-jails.conf"
} }
do_post_regen() { do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
[[ -z "$regen_conf_files" ]] \ [[ -z "$regen_conf_files" ]] \
|| systemctl reload fail2ban || systemctl reload fail2ban
} }
do_$1_regen ${@:2} do_$1_regen ${@:2}

2
data/hooks/diagnosis/80-apps.py
View file

@ -76,7 +76,7 @@ class AppDiagnoser(Diagnoser):
for deprecated_helper in deprecated_helpers: for deprecated_helper in deprecated_helpers:
if ( if (
os.system( os.system(
f"grep -hr '{deprecated_helper}' {app['setting_path']}/scripts/ | grep -v -q '^\s*#'" f"grep -hr '{deprecated_helper}' {app['setting_path']}/scripts/ | grep -v -q '^\\s*#'"
) )
== 0 == 0
): ):

12
data/hooks/restore/05-conf_ldap
View file

@ -14,11 +14,11 @@ die() {
# Restore saved configuration and database # Restore saved configuration and database
[[ $state -ge 1 ]] \ [[ $state -ge 1 ]] \
&& (rm -rf /etc/ldap/slapd.d && && (rm -rf /etc/ldap/slapd.d \
mv "${TMPDIR}/slapd.d" /etc/ldap/slapd.d) && mv "${TMPDIR}/slapd.d" /etc/ldap/slapd.d)
[[ $state -ge 2 ]] \ [[ $state -ge 2 ]] \
&& (rm -rf /var/lib/ldap && && (rm -rf /var/lib/ldap \
mv "${TMPDIR}/ldap" /var/lib/ldap) && mv "${TMPDIR}/ldap" /var/lib/ldap)
chown -R openldap: /etc/ldap/slapd.d /var/lib/ldap chown -R openldap: /etc/ldap/slapd.d /var/lib/ldap
systemctl start slapd systemctl start slapd
@ -38,7 +38,7 @@ cp -a "${backup_dir}/ldap.conf" /etc/ldap/ldap.conf
|| cp -a "${backup_dir}/slapd.conf" /etc/ldap/slapd.conf || cp -a "${backup_dir}/slapd.conf" /etc/ldap/slapd.conf
slapadd -F /etc/ldap/slapd.d -b cn=config \ slapadd -F /etc/ldap/slapd.d -b cn=config \
-l "${backup_dir}/cn=config.master.ldif" \ -l "${backup_dir}/cn=config.master.ldif" \
|| die 1 "Unable to restore LDAP configuration" || die 1 "Unable to restore LDAP configuration"
chown -R openldap: /etc/ldap/slapd.d chown -R openldap: /etc/ldap/slapd.d
# Restore the database # Restore the database
@ -46,7 +46,7 @@ mv /var/lib/ldap "$TMPDIR"
mkdir -p /var/lib/ldap mkdir -p /var/lib/ldap
slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org \ slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org \
-l "${backup_dir}/dc=yunohost-dc=org.ldif" \ -l "${backup_dir}/dc=yunohost-dc=org.ldif" \
|| die 2 "Unable to restore LDAP database" || die 2 "Unable to restore LDAP database"
chown -R openldap: /var/lib/ldap chown -R openldap: /var/lib/ldap
systemctl start slapd systemctl start slapd

3
data/hooks/restore/50-conf_manually_modified_files
View file

@ -5,8 +5,7 @@ ynh_abort_if_errors
YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files" YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files"
cd "$YNH_CWD" cd "$YNH_CWD"
for file in $(cat ./manually_modified_files_list) for file in $(cat ./manually_modified_files_list); do
do
ynh_restore_file --origin_path="$file" --not_mandatory ynh_restore_file --origin_path="$file" --not_mandatory
done done

14
data/templates/dovecot/dovecot.conf
View file

@ -78,6 +78,20 @@ service quota-warning {
} }
} }
service stats {
unix_listener stats-reader {
user = vmail
group = mail
mode = 0660
}
unix_listener stats-writer {
user = vmail
group = mail
mode = 0660
}
}
plugin { plugin {
sieve = /var/mail/sievescript/%n/.dovecot.sieve sieve = /var/mail/sievescript/%n/.dovecot.sieve
sieve_dir = /var/mail/sievescript/%n/scripts/ sieve_dir = /var/mail/sievescript/%n/scripts/

20
debian/changelog vendored
View file

@ -4,6 +4,26 @@ yunohost (11.0.0~alpha) unstable; urgency=low
-- Alexandre Aubin <alex.aubin@mailoo.org> Fri, 05 Feb 2021 00:02:38 +0100 -- Alexandre Aubin <alex.aubin@mailoo.org> Fri, 05 Feb 2021 00:02:38 +0100
yunohost (4.3.1.3) testing; urgency=low
- [fix] app: repo url branch names may contain dots (38cff4a9)
-- Alexandre Aubin <alex.aubin@mailoo.org> Thu, 07 Oct 2021 18:31:09 +0200
yunohost (4.3.1.2) testing; urgency=low
- [fix] apps: upgrade was broken because of typo ([#1350](https://github.com/YunoHost/yunohost/pull/1350))
- [enh] apps: in app_info, return a new is_webapp info meant to be used by API/webadmin (4cd5e9b6)
- [fix] configpanel: handle case where file question didnt get modified from webadmin, in which case self.value contains a path (54d901ad)
- [fix] configpanel: bind_key -> bind_key_ to prevent yunohost from redacting key names which leads to broken log metadata.yml somehow (941cc294)
- [enh] questions: Add visible attribute support in cli (74256845)
- [enh] helpers: Simplify apt/php dependencies helpers ([#1018](https://github.com/YunoHost/yunohost/pull/1018))
- [enh] helpers: In logrotate helper, enforce decent permissions on log file if app user exists ([#1352](https://github.com/YunoHost/yunohost/pull/1352))
Thanks to all contributors <3 ! (Éric Gaspar, Kay0u, ljf)
-- Alexandre Aubin <alex.aubin@mailoo.org> Thu, 07 Oct 2021 10:42:06 +0200
yunohost (4.3.1.1) testing; urgency=low yunohost (4.3.1.1) testing; urgency=low
- [enh] app helpers: Update n version ([#1347](https://github.com/YunoHost/yunohost/pull/1347)) - [enh] app helpers: Update n version ([#1347](https://github.com/YunoHost/yunohost/pull/1347))

59
debian/postinst vendored
View file

@ -3,36 +3,35 @@
set -e set -e
do_configure() { do_configure() {
rm -rf /var/cache/moulinette/* rm -rf /var/cache/moulinette/*
mkdir -p /usr/share/moulinette/actionsmap/ mkdir -p /usr/share/moulinette/actionsmap/
ln -sf /usr/share/yunohost/actionsmap/yunohost.yml /usr/share/moulinette/actionsmap/yunohost.yml ln -sf /usr/share/yunohost/actionsmap/yunohost.yml /usr/share/moulinette/actionsmap/yunohost.yml
if [ ! -f /etc/yunohost/installed ]; then if [ ! -f /etc/yunohost/installed ]; then
# If apps/ is not empty, we're probably already installed in the past and # If apps/ is not empty, we're probably already installed in the past and
# something funky happened ... # something funky happened ...
if [ -d /etc/yunohost/apps/ ] && ls /etc/yunohost/apps/* >/dev/null 2>&1 if [ -d /etc/yunohost/apps/ ] && ls /etc/yunohost/apps/* >/dev/null 2>&1; then
then echo "Sounds like /etc/yunohost/installed mysteriously disappeared ... You should probably contact the Yunohost support ..."
echo "Sounds like /etc/yunohost/installed mysteriously disappeared ... You should probably contact the Yunohost support ..." else
else bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init
bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init bash /usr/share/yunohost/hooks/conf_regen/02-ssl init
bash /usr/share/yunohost/hooks/conf_regen/02-ssl init bash /usr/share/yunohost/hooks/conf_regen/09-nslcd init
bash /usr/share/yunohost/hooks/conf_regen/09-nslcd init bash /usr/share/yunohost/hooks/conf_regen/46-nsswitch init
bash /usr/share/yunohost/hooks/conf_regen/46-nsswitch init bash /usr/share/yunohost/hooks/conf_regen/06-slapd init
bash /usr/share/yunohost/hooks/conf_regen/06-slapd init bash /usr/share/yunohost/hooks/conf_regen/15-nginx init
bash /usr/share/yunohost/hooks/conf_regen/15-nginx init bash /usr/share/yunohost/hooks/conf_regen/37-mdns init
bash /usr/share/yunohost/hooks/conf_regen/37-mdns init fi
fi else
else echo "Regenerating configuration, this might take a while..."
echo "Regenerating configuration, this might take a while..." yunohost tools regen-conf --output-as none
yunohost tools regen-conf --output-as none
echo "Launching migrations..." echo "Launching migrations..."
yunohost tools migrations run --auto yunohost tools migrations run --auto
echo "Re-diagnosing server health..." echo "Re-diagnosing server health..."
yunohost diagnosis run --force yunohost diagnosis run --force
fi fi
} }
@ -50,13 +49,13 @@ do_configure() {
case "$1" in case "$1" in
configure) configure)
do_configure do_configure
;; ;;
abort-upgrade|abort-remove|abort-deconfigure) abort-upgrade | abort-remove | abort-deconfigure) ;;
;;
*) *)
echo "postinst called with unknown argument \`$1'" >&2 echo "postinst called with unknown argument \`$1'" >&2
exit 1 exit 1
;; ;;
esac esac
#DEBHELPER# #DEBHELPER#

6
debian/postrm vendored
View file

@ -6,12 +6,12 @@
set -e set -e
if [ "$1" = "purge" ]; then if [ "$1" = "purge" ]; then
update-rc.d yunohost-firewall remove >/dev/null update-rc.d yunohost-firewall remove >/dev/null
rm -f /etc/yunohost/installed rm -f /etc/yunohost/installed
fi fi
if [ "$1" = "remove" ]; then if [ "$1" = "remove" ]; then
rm -f /etc/yunohost/installed rm -f /etc/yunohost/installed
fi fi
# Reset dpkg vendor to debian # Reset dpkg vendor to debian

7
src/yunohost/app.py
View file

@ -78,7 +78,7 @@ re_app_instance_name = re.compile(
) )
APP_REPO_URL = re.compile( APP_REPO_URL = re.compile(
r"^https://[a-zA-Z0-9-_.]+/[a-zA-Z0-9-_./]+/[a-zA-Z0-9-_.]+_ynh(/?(-/)?tree/[a-zA-Z0-9-_]+)?(\.git)?/?$" r"^https://[a-zA-Z0-9-_.]+/[a-zA-Z0-9-_./]+/[a-zA-Z0-9-_.]+_ynh(/?(-/)?tree/[a-zA-Z0-9-_.]+)?(\.git)?/?$"
) )
APP_FILES_TO_COPY = [ APP_FILES_TO_COPY = [
@ -150,6 +150,9 @@ def app_info(app, full=False):
absolute_app_name, _ = _parse_app_instance_name(app) absolute_app_name, _ = _parse_app_instance_name(app)
ret["from_catalog"] = _load_apps_catalog()["apps"].get(absolute_app_name, {}) ret["from_catalog"] = _load_apps_catalog()["apps"].get(absolute_app_name, {})
ret["upgradable"] = _app_upgradable(ret) ret["upgradable"] = _app_upgradable(ret)
ret["is_webapp"] = "domain" in settings and "path" in settings
ret["supports_change_url"] = os.path.exists( ret["supports_change_url"] = os.path.exists(
os.path.join(setting_path, "scripts", "change_url") os.path.join(setting_path, "scripts", "change_url")
) )
@ -489,7 +492,7 @@ def app_upgrade(app=[], url=None, file=None, force=False, no_safety_backup=False
logger.warning(m18n.n("custom_app_url_required", app=app_instance_name)) logger.warning(m18n.n("custom_app_url_required", app=app_instance_name))
continue continue
elif app_dict["upgradable"] == "yes" or force: elif app_dict["upgradable"] == "yes" or force:
new_app_src = app_dict["id"] new_app_src = app_dict["manifest"]["id"]
else: else:
logger.success(m18n.n("app_already_up_to_date", app=app_instance_name)) logger.success(m18n.n("app_already_up_to_date", app=app_instance_name))
continue continue

2
src/yunohost/log.py
View file

@ -407,7 +407,7 @@ def is_unit_operation(
if isinstance(value, IOBase): if isinstance(value, IOBase):
try: try:
context[field] = value.name context[field] = value.name
except: except Exception:
context[field] = "IOBase" context[field] = "IOBase"
operation_logger = OperationLogger(op_key, related_to, args=context) operation_logger = OperationLogger(op_key, related_to, args=context)

2
src/yunohost/permission.py
View file

@ -474,7 +474,7 @@ def permission_create(
protected=protected, protected=protected,
sync_perm=sync_perm, sync_perm=sync_perm,
) )
except: except Exception:
permission_delete(permission, force=True) permission_delete(permission, force=True)
raise raise

13
src/yunohost/tests/test_apps.py
View file

@ -41,7 +41,13 @@ def clean():
os.system("mkdir -p /etc/ssowat/") os.system("mkdir -p /etc/ssowat/")
app_ssowatconf() app_ssowatconf()
test_apps = ["break_yo_system", "legacy_app", "legacy_app__2", "full_domain_app", "my_webapp"] test_apps = [
"break_yo_system",
"legacy_app",
"legacy_app__2",
"full_domain_app",
"my_webapp",
]
for test_app in test_apps: for test_app in test_apps:
@ -192,7 +198,10 @@ def test_legacy_app_install_main_domain():
def test_app_from_catalog(): def test_app_from_catalog():
main_domain = _get_maindomain() main_domain = _get_maindomain()
app_install("my_webapp", args=f"domain={main_domain}&path=/site&with_sftp=0&password=superpassword&is_public=1&with_mysql=0") app_install(
"my_webapp",
args=f"domain={main_domain}&path=/site&with_sftp=0&password=superpassword&is_public=1&with_mysql=0",
)
app_map_ = app_map(raw=True) app_map_ = app_map(raw=True)
assert main_domain in app_map_ assert main_domain in app_map_
assert "/site" in app_map_[main_domain] assert "/site" in app_map_[main_domain]

1
src/yunohost/tests/test_appurl.py
View file

@ -68,6 +68,7 @@ def test_repo_url_definition():
assert _is_app_repo_url( assert _is_app_repo_url(
"https://gitlab.domainepublic.net/Neutrinet/neutrinet_ynh/-/tree/unstable" "https://gitlab.domainepublic.net/Neutrinet/neutrinet_ynh/-/tree/unstable"
) )
assert _is_app_repo_url("https://github.com/YunoHost-Apps/foobar_ynh/tree/1.23.4")
assert _is_app_repo_url("git@github.com:YunoHost-Apps/foobar_ynh.git") assert _is_app_repo_url("git@github.com:YunoHost-Apps/foobar_ynh.git")
assert not _is_app_repo_url("github.com/YunoHost-Apps/foobar_ynh") assert not _is_app_repo_url("github.com/YunoHost-Apps/foobar_ynh")

94
src/yunohost/tests/test_questions.py
View file

@ -15,6 +15,7 @@ from yunohost.utils.config import (
PathQuestion, PathQuestion,
BooleanQuestion, BooleanQuestion,
FileQuestion, FileQuestion,
evaluate_simple_js_expression,
) )
from yunohost.utils.error import YunohostError, YunohostValidationError from yunohost.utils.error import YunohostError, YunohostValidationError
@ -2093,3 +2094,96 @@ def test_normalize_path():
assert PathQuestion.normalize("/macnuggets/") == "/macnuggets" assert PathQuestion.normalize("/macnuggets/") == "/macnuggets"
assert PathQuestion.normalize("macnuggets/") == "/macnuggets" assert PathQuestion.normalize("macnuggets/") == "/macnuggets"
assert PathQuestion.normalize("////macnuggets///") == "/macnuggets" assert PathQuestion.normalize("////macnuggets///") == "/macnuggets"
def test_simple_evaluate():
context = {
"a1": 1,
"b2": 2,
"c10": 10,
"foo": "bar",
"comp": "1>2",
"empty": "",
"lorem": "Lorem ipsum dolor et si qua met!",
"warning": "Warning! This sentence will fail!",
"quote": "Je s'apelle Groot",
"and_": "&&",
"object": {"a": "Security risk"},
}
supported = {
"42": 42,
"9.5": 9.5,
"'bopbidibopbopbop'": "bopbidibopbopbop",
"true": True,
"false": False,
"null": None,
# Math
"1 * (2 + 3 * (4 - 3))": 5,
"1 * (2 + 3 * (4 - 3)) > 10 - 2 || 3 * 2 > 9 - 2 * 3": True,
"(9 - 2) * 3 - 10": 11,
"12 - 2 * -2 + (3 - 4) * 3.1": 12.9,
"9 / 12 + 12 * 3 - 5": 31.75,
"9 / 12 + 12 * (3 - 5)": -23.25,
"12 > 13.1": False,
"12 < 14": True,
"12 <= 14": True,
"12 >= 14": False,
"12 == 14": False,
"12 % 5 > 3": False,
"12 != 14": True,
"9 - 1 > 10 && 3 * 5 > 10": False,
"9 - 1 > 10 || 3 * 5 > 10": True,
"a1 > 0 || a1 < -12": True,
"a1 > 0 && a1 < -12": False,
"a1 + 1 > 0 && -a1 > -12": True,
"-(a1 + 1) < 0 || -(a1 + 2) > -12": True,
"-a1 * 2": -2,
"(9 - 2) * 3 - c10": 11,
"(9 - b2) * 3 - c10": 11,
"c10 > b2": True,
# String
"foo == 'bar'": True,
"foo != 'bar'": False,
'foo == "bar" && 1 > 0': True,
"!!foo": True,
"!foo": False,
"foo": "bar",
'!(foo > "baa") || 1 > 2': False,
'!(foo > "baa") || 1 < 2': True,
'empty == ""': True,
'1 == "1"': True,
'1.0 == "1"': True,
'1 == "aaa"': False,
"'I am ' + b2 + ' years'": "I am 2 years",
"quote == 'Je s\\'apelle Groot'": True,
"lorem == 'Lorem ipsum dolor et si qua met!'": True,
"and_ == '&&'": True,
"warning == 'Warning! This sentence will fail!'": True,
# Match
"match(lorem, '^Lorem [ia]psumE?')": bool,
"match(foo, '^Lorem [ia]psumE?')": None,
"match(lorem, '^Lorem [ia]psumE?') && 1 == 1": bool,
# No code
"": False,
" ": False,
}
trigger_errors = {
"object.a": YunohostError, # Keep unsupported, for security reasons
"a1 ** b2": YunohostError, # Keep unsupported, for security reasons
"().__class__.__bases__[0].__subclasses__()": YunohostError, # Very dangerous code
"a1 > 11 ? 1 : 0": SyntaxError,
"c10 > b2 == false": YunohostError, # JS and Python doesn't do the same thing for this situation
"c10 > b2 == true": YunohostError,
}
for expression, result in supported.items():
if result == bool:
assert bool(evaluate_simple_js_expression(expression, context)), expression
else:
assert (
evaluate_simple_js_expression(expression, context) == result
), expression
for expression, error in trigger_errors.items():
with pytest.raises(error):
evaluate_simple_js_expression(expression, context)

2
src/yunohost/user.py
View file

@ -670,7 +670,7 @@ def user_import(operation_logger, csvfile, update=False, delete=False):
def to_list(str_list): def to_list(str_list):
L = str_list.split(",") if str_list else [] L = str_list.split(",") if str_list else []
L = [l.strip() for l in L] L = [element.strip() for element in L]
return L return L
existing_users = user_list()["users"] existing_users = user_list()["users"]

223
src/yunohost/utils/config.py
View file

@ -24,6 +24,8 @@ import re
import urllib.parse import urllib.parse
import tempfile import tempfile
import shutil import shutil
import ast
import operator as op
from collections import OrderedDict from collections import OrderedDict
from typing import Optional, Dict, List, Union, Any, Mapping from typing import Optional, Dict, List, Union, Any, Mapping
@ -46,6 +48,145 @@ from yunohost.log import OperationLogger
logger = getActionLogger("yunohost.config") logger = getActionLogger("yunohost.config")
CONFIG_PANEL_VERSION_SUPPORTED = 1.0 CONFIG_PANEL_VERSION_SUPPORTED = 1.0
# Those js-like evaluate functions are used to eval safely visible attributes
# The goal is to evaluate in the same way than js simple-evaluate
# https://github.com/shepherdwind/simple-evaluate
def evaluate_simple_ast(node, context={}):
operators = {
ast.Not: op.not_,
ast.Mult: op.mul,
ast.Div: op.truediv, # number
ast.Mod: op.mod, # number
ast.Add: op.add, # str
ast.Sub: op.sub, # number
ast.USub: op.neg, # Negative number
ast.Gt: op.gt,
ast.Lt: op.lt,
ast.GtE: op.ge,
ast.LtE: op.le,
ast.Eq: op.eq,
ast.NotEq: op.ne,
}
context["true"] = True
context["false"] = False
context["null"] = None
# Variable
if isinstance(node, ast.Name): # Variable
return context[node.id]
# Python <=3.7 String
elif isinstance(node, ast.Str):
return node.s
# Python <=3.7 Number
elif isinstance(node, ast.Num):
return node.n
# Boolean, None and Python 3.8 for Number, Boolean, String and None
elif isinstance(node, (ast.Constant, ast.NameConstant)):
return node.value
# + - * / %
elif (
isinstance(node, ast.BinOp) and type(node.op) in operators
): # <left> <operator> <right>
left = evaluate_simple_ast(node.left, context)
right = evaluate_simple_ast(node.right, context)
if type(node.op) == ast.Add:
if isinstance(left, str) or isinstance(right, str): # support 'I am ' + 42
left = str(left)
right = str(right)
elif type(left) != type(right): # support "111" - "1" -> 110
left = float(left)
right = float(right)
return operators[type(node.op)](left, right)
# Comparison
# JS and Python don't give the same result for multi operators
# like True == 10 > 2.
elif (
isinstance(node, ast.Compare) and len(node.comparators) == 1
): # <left> <ops> <comparators>
left = evaluate_simple_ast(node.left, context)
right = evaluate_simple_ast(node.comparators[0], context)
operator = node.ops[0]
if isinstance(left, (int, float)) or isinstance(right, (int, float)):
try:
left = float(left)
right = float(right)
except ValueError:
return type(operator) == ast.NotEq
try:
return operators[type(operator)](left, right)
except TypeError: # support "e" > 1 -> False like in JS
return False
# and / or
elif isinstance(node, ast.BoolOp): # <op> <values>
for value in node.values:
value = evaluate_simple_ast(value, context)
if isinstance(node.op, ast.And) and not value:
return False
elif isinstance(node.op, ast.Or) and value:
return True
return isinstance(node.op, ast.And)
# not / USub (it's negation number -\d)
elif isinstance(node, ast.UnaryOp): # <operator> <operand> e.g., -1
return operators[type(node.op)](evaluate_simple_ast(node.operand, context))
# match function call
elif isinstance(node, ast.Call) and node.func.__dict__.get("id") == "match":
return re.match(
evaluate_simple_ast(node.args[1], context), context[node.args[0].id]
)
# Unauthorized opcode
else:
opcode = str(type(node))
raise YunohostError(
f"Unauthorize opcode '{opcode}' in visible attribute", raw_msg=True
)
def js_to_python(expr):
in_string = None
py_expr = ""
i = 0
escaped = False
for char in expr:
if char in r"\"'":
# Start a string
if not in_string:
in_string = char
# Finish a string
elif in_string == char and not escaped:
in_string = None
# If we are not in a string, replace operators
elif not in_string:
if char == "!" and expr[i + 1] != "=":
char = "not "
elif char in "|&" and py_expr[-1:] == char:
py_expr = py_expr[:-1]
char = " and " if char == "&" else " or "
# Determine if next loop will be in escaped mode
escaped = char == "\\" and not escaped
py_expr += char
i += 1
return py_expr
def evaluate_simple_js_expression(expr, context={}):
if not expr.strip():
return False
node = ast.parse(js_to_python(expr), mode="eval").body
return evaluate_simple_ast(node, context)
class ConfigPanel: class ConfigPanel:
def __init__(self, config_path, save_path=None): def __init__(self, config_path, save_path=None):
@ -466,11 +607,13 @@ class Question(object):
hide_user_input_in_prompt = False hide_user_input_in_prompt = False
pattern: Optional[Dict] = None pattern: Optional[Dict] = None
def __init__(self, question: Dict[str, Any]): def __init__(self, question: Dict[str, Any], context: Mapping[str, Any] = {}):
self.name = question["name"] self.name = question["name"]
self.type = question.get("type", "string") self.type = question.get("type", "string")
self.default = question.get("default", None) self.default = question.get("default", None)
self.optional = question.get("optional", False) self.optional = question.get("optional", False)
self.visible = question.get("visible", None)
self.context = context
self.choices = question.get("choices", []) self.choices = question.get("choices", [])
self.pattern = question.get("pattern", self.pattern) self.pattern = question.get("pattern", self.pattern)
self.ask = question.get("ask", {"en": self.name}) self.ask = question.get("ask", {"en": self.name})
@ -512,6 +655,17 @@ class Question(object):
) )
def ask_if_needed(self): def ask_if_needed(self):
if self.visible and not evaluate_simple_js_expression(
self.visible, context=self.context
):
# FIXME There could be several use case if the question is not displayed:
# - we doesn't want to give a specific value
# - we want to keep the previous value
# - we want the default value
self.value = None
return self.value
for i in range(5): for i in range(5):
# Display question if no value filled or if it's a readonly message # Display question if no value filled or if it's a readonly message
if Moulinette.interface.type == "cli" and os.isatty(1): if Moulinette.interface.type == "cli" and os.isatty(1):
@ -577,7 +731,7 @@ class Question(object):
# Prevent displaying a shitload of choices # Prevent displaying a shitload of choices
# (e.g. 100+ available users when choosing an app admin...) # (e.g. 100+ available users when choosing an app admin...)
choices = ( choices = (
list(self.choices.values()) list(self.choices.keys())
if isinstance(self.choices, dict) if isinstance(self.choices, dict)
else self.choices else self.choices
) )
@ -710,8 +864,8 @@ class PasswordQuestion(Question):
default_value = "" default_value = ""
forbidden_chars = "{}" forbidden_chars = "{}"
def __init__(self, question): def __init__(self, question, context: Mapping[str, Any] = {}):
super().__init__(question) super().__init__(question, context)
self.redact = True self.redact = True
if self.default is not None: if self.default is not None:
raise YunohostValidationError( raise YunohostValidationError(
@ -829,8 +983,8 @@ class BooleanQuestion(Question):
choices="yes/no", choices="yes/no",
) )
def __init__(self, question): def __init__(self, question, context: Mapping[str, Any] = {}):
super().__init__(question) super().__init__(question, context)
self.yes = question.get("yes", 1) self.yes = question.get("yes", 1)
self.no = question.get("no", 0) self.no = question.get("no", 0)
if self.default is None: if self.default is None:
@ -850,10 +1004,10 @@ class BooleanQuestion(Question):
class DomainQuestion(Question): class DomainQuestion(Question):
argument_type = "domain" argument_type = "domain"
def __init__(self, question): def __init__(self, question, context: Mapping[str, Any] = {}):
from yunohost.domain import domain_list, _get_maindomain from yunohost.domain import domain_list, _get_maindomain
super().__init__(question) super().__init__(question, context)
if self.default is None: if self.default is None:
self.default = _get_maindomain() self.default = _get_maindomain()
@ -876,11 +1030,11 @@ class DomainQuestion(Question):
class UserQuestion(Question): class UserQuestion(Question):
argument_type = "user" argument_type = "user"
def __init__(self, question): def __init__(self, question, context: Mapping[str, Any] = {}):
from yunohost.user import user_list, user_info from yunohost.user import user_list, user_info
from yunohost.domain import _get_maindomain from yunohost.domain import _get_maindomain
super().__init__(question) super().__init__(question, context)
self.choices = list(user_list()["users"].keys()) self.choices = list(user_list()["users"].keys())
if not self.choices: if not self.choices:
@ -902,8 +1056,8 @@ class NumberQuestion(Question):
argument_type = "number" argument_type = "number"
default_value = None default_value = None
def __init__(self, question): def __init__(self, question, context: Mapping[str, Any] = {}):
super().__init__(question) super().__init__(question, context)
self.min = question.get("min", None) self.min = question.get("min", None)
self.max = question.get("max", None) self.max = question.get("max", None)
self.step = question.get("step", None) self.step = question.get("step", None)
@ -954,8 +1108,8 @@ class DisplayTextQuestion(Question):
argument_type = "display_text" argument_type = "display_text"
readonly = True readonly = True
def __init__(self, question): def __init__(self, question, context: Mapping[str, Any] = {}):
super().__init__(question) super().__init__(question, context)
self.optional = True self.optional = True
self.style = question.get( self.style = question.get(
@ -989,8 +1143,8 @@ class FileQuestion(Question):
if os.path.exists(upload_dir): if os.path.exists(upload_dir):
shutil.rmtree(upload_dir) shutil.rmtree(upload_dir)
def __init__(self, question): def __init__(self, question, context: Mapping[str, Any] = {}):
super().__init__(question) super().__init__(question, context)
self.accept = question.get("accept", "") self.accept = question.get("accept", "")
def _prevalidate(self): def _prevalidate(self):
@ -1019,10 +1173,13 @@ class FileQuestion(Question):
FileQuestion.upload_dirs += [upload_dir] FileQuestion.upload_dirs += [upload_dir]
logger.debug(f"Saving file {self.name} for file question into {file_path}") logger.debug(f"Saving file {self.name} for file question into {file_path}")
if Moulinette.interface.type != "api":
content = read_file(str(self.value), file_mode="rb")
if Moulinette.interface.type == "api": def is_file_path(s):
return isinstance(s, str) and s.startswith("/") and os.path.exists(s)
if Moulinette.interface.type != "api" or is_file_path(self.value):
content = read_file(str(self.value), file_mode="rb")
else:
content = b64decode(self.value) content = b64decode(self.value)
write_to_file(file_path, content, file_mode="wb") write_to_file(file_path, content, file_mode="wb")
@ -1057,15 +1214,15 @@ ARGUMENTS_TYPE_PARSERS = {
def ask_questions_and_parse_answers( def ask_questions_and_parse_answers(
questions: Dict, prefilled_answers: Union[str, Mapping[str, Any]] = {} raw_questions: Dict, prefilled_answers: Union[str, Mapping[str, Any]] = {}
) -> List[Question]: ) -> List[Question]:
"""Parse arguments store in either manifest.json or actions.json or from a """Parse arguments store in either manifest.json or actions.json or from a
config panel against the user answers when they are present. config panel against the user answers when they are present.
Keyword arguments: Keyword arguments:
questions -- the arguments description store in yunohost raw_questions -- the arguments description store in yunohost
format from actions.json/toml, manifest.json/toml format from actions.json/toml, manifest.json/toml
or config_panel.json/toml or config_panel.json/toml
prefilled_answers -- a url "query-string" such as "domain=yolo.test&path=/foobar&admin=sam" prefilled_answers -- a url "query-string" such as "domain=yolo.test&path=/foobar&admin=sam"
or a dict such as {"domain": "yolo.test", "path": "/foobar", "admin": "sam"} or a dict such as {"domain": "yolo.test", "path": "/foobar", "admin": "sam"}
""" """
@ -1076,21 +1233,21 @@ def ask_questions_and_parse_answers(
# whereas parse.qs return list of values (which is useful for tags, etc) # whereas parse.qs return list of values (which is useful for tags, etc)
# For now, let's not migrate this piece of code to parse_qs # For now, let's not migrate this piece of code to parse_qs
# Because Aleks believes some bits of the app CI rely on overriding values (e.g. foo=foo&...&foo=bar) # Because Aleks believes some bits of the app CI rely on overriding values (e.g. foo=foo&...&foo=bar)
prefilled_answers = dict( answers = dict(
urllib.parse.parse_qsl(prefilled_answers or "", keep_blank_values=True) urllib.parse.parse_qsl(prefilled_answers or "", keep_blank_values=True)
) )
elif isinstance(prefilled_answers, Mapping):
if not prefilled_answers: answers = {**prefilled_answers}
prefilled_answers = {} else:
answers = {}
out = [] out = []
for question in questions: for raw_question in raw_questions:
question_class = ARGUMENTS_TYPE_PARSERS[question.get("type", "string")] question_class = ARGUMENTS_TYPE_PARSERS[raw_question.get("type", "string")]
question["value"] = prefilled_answers.get(question["name"]) raw_question["value"] = answers.get(raw_question["name"])
question = question_class(question) question = question_class(raw_question, context=answers)
answers[question.name] = question.ask_if_needed()
question.ask_if_needed()
out.append(question) out.append(question)
return out return out

92
tests/test_helpers.d/ynhtest_logging.sh Normal file
View file

@ -0,0 +1,92 @@
ynhtest_exec_warn_less() {
FOO='foo'
bar=""
BAR='$bar'
FOOBAR="foo bar"
# These looks like stupid edge case
# but in fact happens when dealing with passwords
# (which could also contain bash chars like [], {}, ...)
# or urls containing &, ...
FOOANDBAR="foo&bar"
FOO1QUOTEBAR="foo'bar"
FOO2QUOTEBAR="foo\"bar"
ynh_exec_warn_less uptime
test ! -e $FOO
ynh_exec_warn_less touch $FOO
test -e $FOO
rm $FOO
test ! -e $FOO1QUOTEBAR
ynh_exec_warn_less touch $FOO1QUOTEBAR
test -e $FOO1QUOTEBAR
rm $FOO1QUOTEBAR
test ! -e $FOO2QUOTEBAR
ynh_exec_warn_less touch $FOO2QUOTEBAR
test -e $FOO2QUOTEBAR
rm $FOO2QUOTEBAR
test ! -e $BAR
ynh_exec_warn_less touch $BAR
test -e $BAR
rm $BAR
test ! -e "$FOOBAR"
ynh_exec_warn_less touch "$FOOBAR"
test -e "$FOOBAR"
rm "$FOOBAR"
test ! -e "$FOOANDBAR"
ynh_exec_warn_less touch $FOOANDBAR
test -e "$FOOANDBAR"
rm "$FOOANDBAR"
###########################
# Legacy stuff using eval #
###########################
test ! -e $FOO
ynh_exec_warn_less "touch $FOO"
test -e $FOO
rm $FOO
test ! -e $FOO1QUOTEBAR
ynh_exec_warn_less "touch \"$FOO1QUOTEBAR\""
# (this works but expliciy *double* quotes have to be provided)
test -e $FOO1QUOTEBAR
rm $FOO1QUOTEBAR
#test ! -e $FOO2QUOTEBAR
#ynh_exec_warn_less "touch \'$FOO2QUOTEBAR\'"
## (this doesn't work with simple or double quotes)
#test -e $FOO2QUOTEBAR
#rm $FOO2QUOTEBAR
test ! -e $BAR
ynh_exec_warn_less 'touch $BAR'
# That one works because $BAR is only interpreted during eval
test -e $BAR
rm $BAR
#test ! -e $BAR
#ynh_exec_warn_less "touch $BAR"
# That one doesn't work because $bar gets interpreted as empty var by eval...
#test -e $BAR
#rm $BAR
test ! -e "$FOOBAR"
ynh_exec_warn_less "touch \"$FOOBAR\""
# (works but requires explicit double quotes otherwise eval would interpret 'foo bar' as two separate args..)
test -e "$FOOBAR"
rm "$FOOBAR"
test ! -e "$FOOANDBAR"
ynh_exec_warn_less "touch \"$FOOANDBAR\""
# (works but requires explicit double quotes otherwise eval would interpret '&' as a "run command in background" and also bar is not a valid command)
test -e "$FOOANDBAR"
rm "$FOOANDBAR"
}

71
tests/test_helpers.d/ynhtest_secure_remove.sh Normal file
View file

@ -0,0 +1,71 @@
ynhtest_acceptable_path_to_delete() {
mkdir -p /home/someuser
mkdir -p /home/$app
mkdir -p /home/yunohost.app/$app
mkdir -p /var/www/$app
touch /var/www/$app/bar
touch /etc/cron.d/$app
! _acceptable_path_to_delete /
! _acceptable_path_to_delete ////
! _acceptable_path_to_delete " //// "
! _acceptable_path_to_delete /var
! _acceptable_path_to_delete /var/www
! _acceptable_path_to_delete /var/cache
! _acceptable_path_to_delete /usr
! _acceptable_path_to_delete /usr/bin
! _acceptable_path_to_delete /home
! _acceptable_path_to_delete /home/yunohost.backup
! _acceptable_path_to_delete /home/yunohost.app
! _acceptable_path_to_delete /home/yunohost.app/
! _acceptable_path_to_delete ///home///yunohost.app///
! _acceptable_path_to_delete /home/yunohost.app/$app/..
! _acceptable_path_to_delete ///home///yunohost.app///$app///..//
! _acceptable_path_to_delete /home/yunohost.app/../$app/..
! _acceptable_path_to_delete /home/someuser
! _acceptable_path_to_delete /home/yunohost.app//../../$app
! _acceptable_path_to_delete " /home/yunohost.app/// "
! _acceptable_path_to_delete /etc/cron.d/
! _acceptable_path_to_delete /etc/yunohost/
_acceptable_path_to_delete /home/yunohost.app/$app
_acceptable_path_to_delete /home/yunohost.app/$app/bar
_acceptable_path_to_delete /etc/cron.d/$app
_acceptable_path_to_delete /var/www/$app/bar
_acceptable_path_to_delete /var/www/$app
rm /var/www/$app/bar
rm /etc/cron.d/$app
rmdir /home/yunohost.app/$app
rmdir /home/$app
rmdir /home/someuser
rmdir /var/www/$app
}
ynhtest_secure_remove() {
mkdir -p /home/someuser
mkdir -p /home/yunohost.app/$app
mkdir -p /var/www/$app
mkdir -p /var/whatever
touch /var/www/$app/bar
touch /etc/cron.d/$app
! ynh_secure_remove --file="/home/someuser"
! ynh_secure_remove --file="/home/yunohost.app/"
! ynh_secure_remove --file="/var/whatever"
ynh_secure_remove --file="/home/yunohost.app/$app"
ynh_secure_remove --file="/var/www/$app"
ynh_secure_remove --file="/etc/cron.d/$app"
test -e /home/someuser
test -e /home/yunohost.app
test -e /var/whatever
! test -e /home/yunohost.app/$app
! test -e /var/www/$app
! test -e /etc/cron.d/$app
rmdir /home/someuser
rmdir /var/whatever
}

2
tox.ini
View file

@ -9,7 +9,7 @@ deps =
py39-mypy: mypy >= 0.900 py39-mypy: mypy >= 0.900
commands = commands =
py39-lint: flake8 src doc data tests --ignore E402,E501,E203,W503 --exclude src/yunohost/vendor py39-lint: flake8 src doc data tests --ignore E402,E501,E203,W503 --exclude src/yunohost/vendor
py39-invalidcode: flake8 src data --exclude src/yunohost/tests,src/yunohost/vendor --select F py39-invalidcode: flake8 src data --exclude src/yunohost/tests,src/yunohost/vendor --select F,E722,W605
py39-black-check: black --check --diff src doc data tests py39-black-check: black --check --diff src doc data tests
py39-black-run: black src doc data tests py39-black-run: black src doc data tests
py39-mypy: mypy --ignore-missing-import --install-types --non-interactive --follow-imports silent src/yunohost/ --exclude (acme_tiny|data_migrations) py39-mypy: mypy --ignore-missing-import --install-types --non-interactive --follow-imports silent src/yunohost/ --exclude (acme_tiny|data_migrations)