diff --git a/.codeclimate.yml b/.codeclimate.yml new file mode 100644 index 000000000..453396f07 --- /dev/null +++ b/.codeclimate.yml @@ -0,0 +1,24 @@ +--- +version: "2" +plugins: + duplication: + enabled: true + config: + languages: + python: + python_version: 3 + shellcheck: + enabled: true + pep8: + enabled: true + fixme: + enabled: true + sonar-python: + enabled: true + config: + tests_patterns: + - bin/* + - data/** + - doc/* + - src/** + - tests/** \ No newline at end of file diff --git a/.coveragerc b/.coveragerc index ed13dfa68..fe22c8381 100644 --- a/.coveragerc +++ b/.coveragerc @@ -1,2 +1,2 @@ [report] -omit=src/yunohost/tests/*,src/yunohost/vendor/*,/usr/lib/moulinette/yunohost/* +omit=src/tests/*,src/vendor/*,/usr/lib/moulinette/yunohost/* diff --git a/.gitignore b/.gitignore index 75f4ae6ea..eae46b4c5 100644 --- a/.gitignore +++ b/.gitignore @@ -31,7 +31,7 @@ pip-log.txt .mr.developer.cfg # moulinette lib -src/yunohost/locales +src/locales # Test -src/yunohost/tests/apps +src/tests/apps diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d1cb36b73..4d0f30679 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -2,7 +2,7 @@ stages: - build - install - - tests + - test - lint - doc - translation @@ -13,12 +13,25 @@ default: # All jobs are interruptible by default interruptible: true +code_quality: + tags: + - docker + +code_quality_html: + extends: code_quality + variables: + REPORT_FORMAT: html + artifacts: + paths: [gl-code-quality-report.html] + # see: https://docs.gitlab.com/ee/ci/yaml/#switch-between-branch-pipelines-and-merge-request-pipelines workflow: rules: - if: $CI_PIPELINE_SOURCE == "merge_request_event" # If we move to gitlab one day - if: $CI_PIPELINE_SOURCE == "external_pull_request_event" # For github PR - if: $CI_COMMIT_TAG # For tags + - if: $CI_COMMIT_REF_NAME == "ci-format-$CI_DEFAULT_BRANCH" # Ignore black formatting branch created by the CI + when: never - if: $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "push" # If it's not the default branch and if it's a push, then do not trigger a build when: never - when: always @@ -27,4 +40,5 @@ variables: YNH_BUILD_DIR: "ynh-build" include: + - template: Code-Quality.gitlab-ci.yml - local: .gitlab/ci/*.gitlab-ci.yml diff --git a/.gitlab/ci/build.gitlab-ci.yml b/.gitlab/ci/build.gitlab-ci.yml index 717a5ee73..db691b9d2 100644 --- a/.gitlab/ci/build.gitlab-ci.yml +++ b/.gitlab/ci/build.gitlab-ci.yml @@ -5,11 +5,13 @@ YNH_SOURCE: "https://github.com/yunohost" before_script: - mkdir -p $YNH_BUILD_DIR + - DEBIAN_FRONTEND=noninteractive apt update artifacts: paths: - $YNH_BUILD_DIR/*.deb .build_script: &build_script + - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" install devscripts --no-install-recommends - cd $YNH_BUILD_DIR/$PACKAGE - VERSION=$(dpkg-parsechangelog -S Version 2>/dev/null) - VERSION_NIGHTLY="${VERSION}+$(date +%Y%m%d%H%M)" diff --git a/.gitlab/ci/lint.gitlab-ci.yml b/.gitlab/ci/lint.gitlab-ci.yml index aaddb5a0a..2c2bdcc1d 100644 --- a/.gitlab/ci/lint.gitlab-ci.yml +++ b/.gitlab/ci/lint.gitlab-ci.yml @@ -3,38 +3,29 @@ ######################################## # later we must fix lint and format-check jobs and remove "allow_failure" ---- -lint37: +lint39: stage: lint image: "before-install" needs: [] allow_failure: true script: - - tox -e py37-lint + - tox -e py39-lint -invalidcode37: +invalidcode39: stage: lint image: "before-install" needs: [] script: - - tox -e py37-invalidcode + - tox -e py39-invalidcode mypy: stage: lint image: "before-install" needs: [] script: - - tox -e py37-mypy + - tox -e py39-mypy -format-check: - stage: lint - image: "before-install" - allow_failure: true - needs: [] - script: - - tox -e py37-black-check - -format-run: +black: stage: lint image: "before-install" needs: [] @@ -47,11 +38,11 @@ format-run: script: # create a local branch that will overwrite distant one - git checkout -b "ci-format-${CI_COMMIT_REF_NAME}" --no-track - - tox -e py37-black-run + - tox -e py39-black-run - '[ $(git diff | wc -l) != 0 ] || exit 0' # stop if there is nothing to commit - - git commit -am "[CI] Format code" || true + - git commit -am "[CI] Format code with Black" || true - git push -f origin "ci-format-${CI_COMMIT_REF_NAME}":"ci-format-${CI_COMMIT_REF_NAME}" - - hub pull-request -m "[CI] Format code" -b Yunohost:dev -p || true # GITHUB_USER and GITHUB_TOKEN registered here https://gitlab.com/yunohost/yunohost/-/settings/ci_cd + - hub pull-request -m "[CI] Format code with Black" -b Yunohost:$CI_COMMIT_REF_NAME -p || true # GITHUB_USER and GITHUB_TOKEN registered here https://gitlab.com/yunohost/yunohost/-/settings/ci_cd only: - refs: - - dev + variables: + - $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH diff --git a/.gitlab/ci/test.gitlab-ci.yml b/.gitlab/ci/test.gitlab-ci.yml index 1aad46fbe..27b9b4913 100644 --- a/.gitlab/ci/test.gitlab-ci.yml +++ b/.gitlab/ci/test.gitlab-ci.yml @@ -1,9 +1,10 @@ .install_debs: &install_debs - apt-get update -o Acquire::Retries=3 - DEBIAN_FRONTEND=noninteractive SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ./$YNH_BUILD_DIR/*.deb + - pip3 install -U mock pip pytest pytest-cov pytest-mock pytest-sugar requests-mock tox ansi2html black jinja2 .test-stage: - stage: tests + stage: test image: "after-install" variables: PYTEST_ADDOPTS: "--color=yes" @@ -11,7 +12,7 @@ - *install_debs cache: paths: - - src/yunohost/tests/apps + - src/tests/apps key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" needs: - job: build-yunohost @@ -22,13 +23,12 @@ artifacts: true - job: upgrade - ######################################## # TESTS ######################################## full-tests: - stage: tests + stage: test image: "before-install" variables: PYTEST_ADDOPTS: "--color=yes" @@ -36,7 +36,7 @@ full-tests: - *install_debs - yunohost tools postinstall -d domain.tld -p the_password --ignore-dyndns --force-diskspace script: - - python3 -m pytest --cov=yunohost tests/ src/yunohost/tests/ data/hooks/diagnosis/ --junitxml=report.xml + - python3 -m pytest --cov=yunohost tests/ src/tests/ src/diagnosers/ --junitxml=report.xml - cd tests - bash test_helpers.sh needs: @@ -50,31 +50,13 @@ full-tests: reports: junit: report.xml -test-i18n-keys: - extends: .test-stage - script: - - python3 -m pytest tests/test_i18n_keys.py - only: - changes: - - locales/en.json - - src/yunohost/*.py - - data/hooks/diagnosis/*.py - -test-translation-format-consistency: - extends: .test-stage - script: - - python3 -m pytest tests/test_translation_format_consistency.py - only: - changes: - - locales/* - test-actionmap: extends: .test-stage script: - python3 -m pytest tests/test_actionmap.py only: changes: - - data/actionsmap/*.yml + - share/actionsmap.yml test-helpers: extends: .test-stage @@ -83,126 +65,126 @@ test-helpers: - bash test_helpers.sh only: changes: - - data/helpers.d/* + - helpers/* test-domains: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_domains.py + - python3 -m pytest src/tests/test_domains.py only: changes: - - src/yunohost/domain.py + - src/domain.py test-dns: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_dns.py + - python3 -m pytest src/tests/test_dns.py only: changes: - - src/yunohost/dns.py - - src/yunohost/utils/dns.py + - src/dns.py + - src/utils/dns.py test-apps: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_apps.py + - python3 -m pytest src/tests/test_apps.py only: changes: - - src/yunohost/app.py + - src/app.py test-appscatalog: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_app_catalog.py + - python3 -m pytest src/tests/test_app_catalog.py only: changes: - - src/yunohost/app_calalog.py + - src/app_calalog.py test-appurl: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_appurl.py + - python3 -m pytest src/tests/test_appurl.py only: changes: - - src/yunohost/app.py + - src/app.py test-questions: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_questions.py + - python3 -m pytest src/tests/test_questions.py only: changes: - - src/yunohost/utils/config.py + - src/utils/config.py test-app-config: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_app_config.py + - python3 -m pytest src/tests/test_app_config.py only: changes: - - src/yunohost/app.py - - src/yunohost/utils/config.py + - src/app.py + - src/utils/config.py test-changeurl: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_changeurl.py + - python3 -m pytest src/tests/test_changeurl.py only: changes: - - src/yunohost/app.py + - src/app.py test-backuprestore: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_backuprestore.py + - python3 -m pytest src/tests/test_backuprestore.py only: changes: - - src/yunohost/backup.py + - src/backup.py test-permission: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_permission.py + - python3 -m pytest src/tests/test_permission.py only: changes: - - src/yunohost/permission.py + - src/permission.py test-settings: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_settings.py + - python3 -m pytest src/tests/test_settings.py only: changes: - - src/yunohost/settings.py + - src/settings.py test-user-group: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_user-group.py + - python3 -m pytest src/tests/test_user-group.py only: changes: - - src/yunohost/user.py + - src/user.py test-regenconf: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_regenconf.py + - python3 -m pytest src/tests/test_regenconf.py only: changes: - - src/yunohost/regenconf.py + - src/regenconf.py test-service: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_service.py + - python3 -m pytest src/tests/test_service.py only: changes: - - src/yunohost/service.py + - src/service.py test-ldapauth: extends: .test-stage script: - - python3 -m pytest src/yunohost/tests/test_ldapauth.py + - python3 -m pytest src/tests/test_ldapauth.py only: changes: - - src/yunohost/authenticators/*.py + - src/authenticators/*.py diff --git a/.gitlab/ci/translation.gitlab-ci.yml b/.gitlab/ci/translation.gitlab-ci.yml index 41e8c82d2..b6c683f57 100644 --- a/.gitlab/ci/translation.gitlab-ci.yml +++ b/.gitlab/ci/translation.gitlab-ci.yml @@ -1,6 +1,15 @@ ######################################## # TRANSLATION ######################################## +test-i18n-keys: + stage: translation + script: + - python3 maintenance/missing_i18n_keys.py --check + only: + changes: + - locales/en.json + - src/*.py + - src/diagnosers/*.py autofix-translated-strings: stage: translation @@ -10,18 +19,17 @@ autofix-translated-strings: - apt-get update -y && apt-get install git hub -y - git config --global user.email "yunohost@yunohost.org" - git config --global user.name "$GITHUB_USER" - - git remote set-url origin https://$GITHUB_TOKEN:x-oauth-basic@github.com/YunoHost/yunohost.git + - hub clone --branch ${CI_COMMIT_REF_NAME} "https://$GITHUB_TOKEN:x-oauth-basic@github.com/YunoHost/yunohost.git" github_repo + - cd github_repo script: - - cd tests # Maybe move this script location to another folder? # create a local branch that will overwrite distant one - git checkout -b "ci-autofix-translated-strings-${CI_COMMIT_REF_NAME}" --no-track - - python3 remove_stale_translated_strings.py - - python3 autofix_locale_format.py - - python3 reformat_locales.py - - '[ $(git diff -w | wc -l) != 0 ] || exit 0' # stop if there is nothing to commit + - python3 maintenance/missing_i18n_keys.py --fix + - python3 maintenance/autofix_locale_format.py + - '[ $(git diff | wc -l) != 0 ] || exit 0' # stop if there is nothing to commit - git commit -am "[CI] Reformat / remove stale translated strings" || true - - git push -f origin "HEAD":"ci-remove-stale-translated-strings-${CI_COMMIT_REF_NAME}" - - hub pull-request -m "[CI] Reformat / remove stale translated strings" -b Yunohost:dev -p || true # GITHUB_USER and GITHUB_TOKEN registered here https://gitlab.com/yunohost/yunohost/-/settings/ci_cd + - git push -f origin "ci-autofix-translated-strings-${CI_COMMIT_REF_NAME}":"ci-remove-stale-translated-strings-${CI_COMMIT_REF_NAME}" + - hub pull-request -m "[CI] Reformat / remove stale translated strings" -b Yunohost:$CI_COMMIT_REF_NAME -p || true # GITHUB_USER and GITHUB_TOKEN registered here https://gitlab.com/yunohost/yunohost/-/settings/ci_cd only: variables: - $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH diff --git a/.lgtm.yml b/.lgtm.yml new file mode 100644 index 000000000..8fd57e49e --- /dev/null +++ b/.lgtm.yml @@ -0,0 +1,4 @@ +extraction: + python: + python_setup: + version: "3" \ No newline at end of file diff --git a/README.md b/README.md index df3a4bb9f..969651eee 100644 --- a/README.md +++ b/README.md @@ -9,6 +9,7 @@ ![Version](https://img.shields.io/github/v/tag/yunohost/yunohost?label=version&sort=semver) [![Build status](https://shields.io/gitlab/pipeline/yunohost/yunohost/dev)](https://gitlab.com/yunohost/yunohost/-/pipelines) ![Test coverage](https://img.shields.io/gitlab/coverage/yunohost/yunohost/dev) +[![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/YunoHost/yunohost.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/YunoHost/yunohost/context:python) [![GitHub license](https://img.shields.io/github/license/YunoHost/yunohost)](https://github.com/YunoHost/yunohost/blob/dev/LICENSE) [![Mastodon Follow](https://img.shields.io/mastodon/follow/28084)](https://mastodon.social/@yunohost) diff --git a/bin/yunohost b/bin/yunohost index 0220c5f09..8cebdee8e 100755 --- a/bin/yunohost +++ b/bin/yunohost @@ -4,45 +4,48 @@ import os import sys import argparse - -sys.path.insert(0, "/usr/lib/moulinette/") import yunohost def _parse_cli_args(): """Parse additional arguments for the cli""" parser = argparse.ArgumentParser(add_help=False) - parser.add_argument('--output-as', - choices=['json', 'plain', 'none'], default=None, - help="Output result in another format" + parser.add_argument( + "--output-as", + choices=["json", "plain", "none"], + default=None, + help="Output result in another format", ) - parser.add_argument('--debug', - action='store_true', default=False, - help="Log and print debug messages" + parser.add_argument( + "--debug", + action="store_true", + default=False, + help="Log and print debug messages", ) - parser.add_argument('--quiet', - action='store_true', default=False, - help="Don't produce any output" + parser.add_argument( + "--quiet", action="store_true", default=False, help="Don't produce any output" ) - parser.add_argument('--timeout', - type=int, default=None, - help="Number of seconds before this command will timeout because it can't acquire the lock (meaning that another command is currently running), by default there is no timeout and the command will wait until it can get the lock" + parser.add_argument( + "--timeout", + type=int, + default=None, + help="Number of seconds before this command will timeout because it can't acquire the lock (meaning that another command is currently running), by default there is no timeout and the command will wait until it can get the lock", ) # deprecated arguments - parser.add_argument('--plain', - action='store_true', default=False, help=argparse.SUPPRESS + parser.add_argument( + "--plain", action="store_true", default=False, help=argparse.SUPPRESS ) - parser.add_argument('--json', - action='store_true', default=False, help=argparse.SUPPRESS + parser.add_argument( + "--json", action="store_true", default=False, help=argparse.SUPPRESS ) opts, args = parser.parse_known_args() # output compatibility if opts.plain: - opts.output_as = 'plain' + opts.output_as = "plain" elif opts.json: - opts.output_as = 'json' + opts.output_as = "json" return (parser, opts, args) @@ -54,10 +57,12 @@ if os.environ["PATH"] != default_path: # Main action ---------------------------------------------------------- -if __name__ == '__main__': +if __name__ == "__main__": if os.geteuid() != 0: - sys.stderr.write("\033[1;31mError:\033[0m yunohost command must be " - "run as root or with sudo.\n") + sys.stderr.write( + "\033[1;31mError:\033[0m yunohost command must be " + "run as root or with sudo.\n" + ) sys.exit(1) parser, opts, args = _parse_cli_args() @@ -69,5 +74,5 @@ if __name__ == '__main__': output_as=opts.output_as, timeout=opts.timeout, args=args, - parser=parser + parser=parser, ) diff --git a/bin/yunohost-api b/bin/yunohost-api index b3ed3a817..8cf9d4f26 100755 --- a/bin/yunohost-api +++ b/bin/yunohost-api @@ -1,44 +1,53 @@ #! /usr/bin/python3 # -*- coding: utf-8 -*- -import sys import argparse - -sys.path.insert(0, "/usr/lib/moulinette/") import yunohost # Default server configuration -DEFAULT_HOST = 'localhost' +DEFAULT_HOST = "localhost" DEFAULT_PORT = 6787 def _parse_api_args(): """Parse main arguments for the api""" - parser = argparse.ArgumentParser(add_help=False, + parser = argparse.ArgumentParser( + add_help=False, description="Run the YunoHost API to manage your server.", ) - srv_group = parser.add_argument_group('server configuration') - srv_group.add_argument('-h', '--host', - action='store', default=DEFAULT_HOST, + srv_group = parser.add_argument_group("server configuration") + srv_group.add_argument( + "-h", + "--host", + action="store", + default=DEFAULT_HOST, help="Host to listen on (default: %s)" % DEFAULT_HOST, ) - srv_group.add_argument('-p', '--port', - action='store', default=DEFAULT_PORT, type=int, + srv_group.add_argument( + "-p", + "--port", + action="store", + default=DEFAULT_PORT, + type=int, help="Port to listen on (default: %d)" % DEFAULT_PORT, ) - glob_group = parser.add_argument_group('global arguments') - glob_group.add_argument('--debug', - action='store_true', default=False, + glob_group = parser.add_argument_group("global arguments") + glob_group.add_argument( + "--debug", + action="store_true", + default=False, help="Set log level to DEBUG", ) - glob_group.add_argument('--help', - action='help', help="Show this help message and exit", + glob_group.add_argument( + "--help", + action="help", + help="Show this help message and exit", ) return parser.parse_args() -if __name__ == '__main__': +if __name__ == "__main__": opts = _parse_api_args() # Run the server yunohost.api(debug=opts.debug, host=opts.host, port=opts.port) diff --git a/bin/yunomdns b/bin/yunomdns index 0aee28195..1bdcf88ca 100755 --- a/bin/yunomdns +++ b/bin/yunomdns @@ -21,8 +21,20 @@ def get_network_local_interfaces() -> Dict[str, Dict[str, List[str]]]: interfaces = { adapter.name: { - "ipv4": [ip.ip for ip in adapter.ips if ip.is_IPv4 and ip_address(ip.ip).is_private], - "ipv6": [ip.ip[0] for ip in adapter.ips if ip.is_IPv6 and ip_address(ip.ip[0]).is_private and not ip_address(ip.ip[0]).is_link_local], + "ipv4": [ + ip.ip + for ip in adapter.ips + if ip.is_IPv4 + and ip_address(ip.ip).is_private + and not ip_address(ip.ip).is_link_local + ], + "ipv6": [ + ip.ip[0] + for ip in adapter.ips + if ip.is_IPv6 + and ip_address(ip.ip[0]).is_private + and not ip_address(ip.ip[0]).is_link_local + ], } for adapter in ifaddr.get_adapters() if adapter.name != "lo" @@ -33,7 +45,6 @@ def get_network_local_interfaces() -> Dict[str, Dict[str, List[str]]]: # Listener class, to detect duplicates on the network # Stores the list of servers in its list property class Listener: - def __init__(self): self.list = [] @@ -66,14 +77,18 @@ def main() -> bool: return False if "interfaces" not in config: - config["interfaces"] = [interface - for interface, local_ips in interfaces.items() - if local_ips["ipv4"]] + config["interfaces"] = [ + interface + for interface, local_ips in interfaces.items() + if local_ips["ipv4"] + ] if "ban_interfaces" in config: - config["interfaces"] = [interface - for interface in config["interfaces"] - if interface not in config["ban_interfaces"]] + config["interfaces"] = [ + interface + for interface in config["interfaces"] + if interface not in config["ban_interfaces"] + ] # Let's discover currently published .local domains accross the network zc = Zeroconf() @@ -103,14 +118,18 @@ def main() -> bool: return domain_i - config['domains'] = [find_domain_not_already_published(domain) for domain in config['domains']] + config["domains"] = [ + find_domain_not_already_published(domain) for domain in config["domains"] + ] zcs: Dict[Zeroconf, List[ServiceInfo]] = {} for interface in config["interfaces"]: if interface not in interfaces: - print(f"Interface {interface} listed in config file is not present on system.") + print( + f"Interface {interface} listed in config file is not present on system." + ) continue # Only broadcast IPv4 because IPv6 is buggy ... because we ain't using python3-ifaddr >= 0.1.7 @@ -149,7 +168,9 @@ def main() -> bool: print("Registering...") for zc, infos in zcs.items(): for info in infos: - zc.register_service(info, allow_name_change=True, cooperating_responders=True) + zc.register_service( + info, allow_name_change=True, cooperating_responders=True + ) try: print("Registered. Press Ctrl+C or stop service to stop.") diff --git a/conf/dnsmasq/dnsmasq.conf.tpl b/conf/dnsmasq/dnsmasq.conf.tpl new file mode 100644 index 000000000..eece530dc --- /dev/null +++ b/conf/dnsmasq/dnsmasq.conf.tpl @@ -0,0 +1,10 @@ +domain-needed +expand-hosts +localise-queries + +{% set interfaces = wireless_interfaces.strip().split(' ') %} +{% for interface in interfaces %} +interface={{ interface }} +{% endfor %} +resolv-file=/etc/resolv.dnsmasq.conf +cache-size=256 diff --git a/data/templates/dnsmasq/domain.tpl b/conf/dnsmasq/domain.tpl similarity index 60% rename from data/templates/dnsmasq/domain.tpl rename to conf/dnsmasq/domain.tpl index c4bb56d1d..50b946176 100644 --- a/data/templates/dnsmasq/domain.tpl +++ b/conf/dnsmasq/domain.tpl @@ -1,5 +1,8 @@ -host-record={{ domain }},{{ ipv4 }} -host-record=xmpp-upload.{{ domain }},{{ ipv4 }} +{% set interfaces_list = interfaces.split(' ') %} +{% for interface in interfaces_list %} +interface-name={{ domain }},{{ interface }} +interface-name=xmpp-upload.{{ domain }},{{ interface }} +{% endfor %} {% if ipv6 %} host-record={{ domain }},{{ ipv6 }} host-record=xmpp-upload.{{ domain }},{{ ipv6 }} diff --git a/data/templates/dnsmasq/plain/etcdefault b/conf/dnsmasq/plain/etcdefault similarity index 100% rename from data/templates/dnsmasq/plain/etcdefault rename to conf/dnsmasq/plain/etcdefault diff --git a/data/templates/dnsmasq/plain/resolv.dnsmasq.conf b/conf/dnsmasq/plain/resolv.dnsmasq.conf similarity index 100% rename from data/templates/dnsmasq/plain/resolv.dnsmasq.conf rename to conf/dnsmasq/plain/resolv.dnsmasq.conf diff --git a/data/templates/dovecot/dovecot-ldap.conf b/conf/dovecot/dovecot-ldap.conf similarity index 100% rename from data/templates/dovecot/dovecot-ldap.conf rename to conf/dovecot/dovecot-ldap.conf diff --git a/data/templates/dovecot/dovecot.conf b/conf/dovecot/dovecot.conf similarity index 84% rename from data/templates/dovecot/dovecot.conf rename to conf/dovecot/dovecot.conf index ee8511f83..72fd71c4d 100644 --- a/data/templates/dovecot/dovecot.conf +++ b/conf/dovecot/dovecot.conf @@ -21,9 +21,14 @@ ssl = required ssl_cert = /path/to/dhparam -ssl_dh = /path/to/dhparam.pem # not actually 1024 bits, this applies to all DHE >= 1024 bits -smtpd_tls_dh1024_param_file = /usr/share/yunohost/other/ffdhe2048.pem +smtpd_tls_dh1024_param_file = /usr/share/yunohost/ffdhe2048.pem tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 {% else %} diff --git a/data/templates/postfix/plain/header_checks b/conf/postfix/plain/header_checks similarity index 100% rename from data/templates/postfix/plain/header_checks rename to conf/postfix/plain/header_checks diff --git a/data/templates/postfix/plain/ldap-accounts.cf b/conf/postfix/plain/ldap-accounts.cf similarity index 100% rename from data/templates/postfix/plain/ldap-accounts.cf rename to conf/postfix/plain/ldap-accounts.cf diff --git a/data/templates/postfix/plain/ldap-aliases.cf b/conf/postfix/plain/ldap-aliases.cf similarity index 100% rename from data/templates/postfix/plain/ldap-aliases.cf rename to conf/postfix/plain/ldap-aliases.cf diff --git a/data/templates/postfix/plain/ldap-domains.cf b/conf/postfix/plain/ldap-domains.cf similarity index 100% rename from data/templates/postfix/plain/ldap-domains.cf rename to conf/postfix/plain/ldap-domains.cf diff --git a/data/templates/postfix/plain/master.cf b/conf/postfix/plain/master.cf similarity index 100% rename from data/templates/postfix/plain/master.cf rename to conf/postfix/plain/master.cf diff --git a/data/templates/postfix/plain/sender_canonical b/conf/postfix/plain/sender_canonical similarity index 100% rename from data/templates/postfix/plain/sender_canonical rename to conf/postfix/plain/sender_canonical diff --git a/data/templates/postfix/plain/smtp_reply_filter b/conf/postfix/plain/smtp_reply_filter similarity index 100% rename from data/templates/postfix/plain/smtp_reply_filter rename to conf/postfix/plain/smtp_reply_filter diff --git a/data/templates/postfix/postsrsd b/conf/postfix/postsrsd similarity index 100% rename from data/templates/postfix/postsrsd rename to conf/postfix/postsrsd diff --git a/conf/postfix/sni b/conf/postfix/sni new file mode 100644 index 000000000..29ed2e043 --- /dev/null +++ b/conf/postfix/sni @@ -0,0 +1,2 @@ +{% for domain in domain_list.split() %}{{ domain }} /etc/yunohost/certs/{{ domain }}/key.pem /etc/yunohost/certs/{{ domain }}/crt.pem +{% endfor %} \ No newline at end of file diff --git a/data/templates/rspamd/dkim_signing.conf b/conf/rspamd/dkim_signing.conf similarity index 100% rename from data/templates/rspamd/dkim_signing.conf rename to conf/rspamd/dkim_signing.conf diff --git a/data/templates/rspamd/metrics.local.conf b/conf/rspamd/metrics.local.conf similarity index 100% rename from data/templates/rspamd/metrics.local.conf rename to conf/rspamd/metrics.local.conf diff --git a/data/templates/rspamd/milter_headers.conf b/conf/rspamd/milter_headers.conf similarity index 100% rename from data/templates/rspamd/milter_headers.conf rename to conf/rspamd/milter_headers.conf diff --git a/data/templates/rspamd/rspamd.sieve b/conf/rspamd/rspamd.sieve similarity index 100% rename from data/templates/rspamd/rspamd.sieve rename to conf/rspamd/rspamd.sieve diff --git a/data/templates/slapd/config.ldif b/conf/slapd/config.ldif similarity index 100% rename from data/templates/slapd/config.ldif rename to conf/slapd/config.ldif diff --git a/data/templates/slapd/db_init.ldif b/conf/slapd/db_init.ldif similarity index 100% rename from data/templates/slapd/db_init.ldif rename to conf/slapd/db_init.ldif diff --git a/data/templates/slapd/ldap.conf b/conf/slapd/ldap.conf similarity index 100% rename from data/templates/slapd/ldap.conf rename to conf/slapd/ldap.conf diff --git a/data/templates/slapd/mailserver.ldif b/conf/slapd/mailserver.ldif similarity index 100% rename from data/templates/slapd/mailserver.ldif rename to conf/slapd/mailserver.ldif diff --git a/data/templates/slapd/permission.ldif b/conf/slapd/permission.ldif similarity index 100% rename from data/templates/slapd/permission.ldif rename to conf/slapd/permission.ldif diff --git a/data/templates/slapd/slapd.default b/conf/slapd/slapd.default similarity index 100% rename from data/templates/slapd/slapd.default rename to conf/slapd/slapd.default diff --git a/data/templates/slapd/sudo.ldif b/conf/slapd/sudo.ldif similarity index 100% rename from data/templates/slapd/sudo.ldif rename to conf/slapd/sudo.ldif diff --git a/data/templates/slapd/systemd-override.conf b/conf/slapd/systemd-override.conf similarity index 100% rename from data/templates/slapd/systemd-override.conf rename to conf/slapd/systemd-override.conf diff --git a/data/templates/ssh/sshd_config b/conf/ssh/sshd_config similarity index 90% rename from data/templates/ssh/sshd_config rename to conf/ssh/sshd_config index 1c2854f73..b6d4111ee 100644 --- a/data/templates/ssh/sshd_config +++ b/conf/ssh/sshd_config @@ -2,6 +2,8 @@ # by YunoHost Protocol 2 +# PLEASE: if you wish to change the ssh port properly in YunoHost, use this command: +# yunohost settings set security.ssh.port -v Port {{ port }} {% if ipv6_enabled == "true" %}ListenAddress ::{% endif %} @@ -53,9 +55,13 @@ PermitEmptyPasswords no ChallengeResponseAuthentication no UsePAM yes -# Change to no to disable tunnelled clear text passwords -# (i.e. everybody will need to authenticate using ssh keys) +# PLEASE: if you wish to force everybody to authenticate using ssh keys, run this command: +# yunohost settings set security.ssh.password_authentication -v no +{% if password_authentication == "False" %} +PasswordAuthentication no +{% else %} #PasswordAuthentication yes +{% endif %} # Post-login stuff Banner /etc/issue.net diff --git a/data/templates/ssl/openssl.cnf b/conf/ssl/openssl.cnf similarity index 98% rename from data/templates/ssl/openssl.cnf rename to conf/ssl/openssl.cnf index 3ef7d80c3..a19a9c3df 100644 --- a/data/templates/ssl/openssl.cnf +++ b/conf/ssl/openssl.cnf @@ -5,7 +5,7 @@ # This definition stops the following lines choking if HOME isn't # defined. -HOME = /usr/share/yunohost/yunohost-config/ssl +HOME = /usr/share/yunohost/ssl RANDFILE = $ENV::HOME/.rnd # Extra OBJECT IDENTIFIER info: @@ -34,7 +34,7 @@ default_ca = Yunohost # The default ca section #################################################################### [ Yunohost ] -dir = /usr/share/yunohost/yunohost-config/ssl/yunoCA # Where everything is kept +dir = /usr/share/yunohost/ssl # Where everything is kept certs = $dir/certs # Where the issued certs are kept crl_dir = $dir/crl # Where the issued crl are kept database = $dir/index.txt # database index file. diff --git a/data/templates/yunohost/dpkg-origins b/conf/yunohost/dpkg-origins similarity index 100% rename from data/templates/yunohost/dpkg-origins rename to conf/yunohost/dpkg-origins diff --git a/data/templates/yunohost/firewall.yml b/conf/yunohost/firewall.yml similarity index 100% rename from data/templates/yunohost/firewall.yml rename to conf/yunohost/firewall.yml diff --git a/data/templates/yunohost/proc-hidepid.service b/conf/yunohost/proc-hidepid.service similarity index 100% rename from data/templates/yunohost/proc-hidepid.service rename to conf/yunohost/proc-hidepid.service diff --git a/data/templates/yunohost/services.yml b/conf/yunohost/services.yml similarity index 77% rename from data/templates/yunohost/services.yml rename to conf/yunohost/services.yml index c781d54aa..45621876e 100644 --- a/data/templates/yunohost/services.yml +++ b/conf/yunohost/services.yml @@ -12,24 +12,31 @@ metronome: log: [/var/log/metronome/metronome.log,/var/log/metronome/metronome.err] needs_exposed_ports: [5222, 5269] category: xmpp + ignore_if_package_is_not_installed: metronome mysql: log: [/var/log/mysql.log,/var/log/mysql.err,/var/log/mysql/error.log] actual_systemd_service: mariadb category: database + ignore_if_package_is_not_installed: mariadb-server nginx: log: /var/log/nginx test_conf: nginx -t needs_exposed_ports: [80, 443] category: web -php7.3-fpm: - log: /var/log/php7.3-fpm.log - test_conf: php-fpm7.3 --test - category: web +# Yunohost will dynamically add installed php-fpm services (7.3, 7.4, 8.0, ...) in services.py +#php7.4-fpm: +# log: /var/log/php7.4-fpm.log +# test_conf: php-fpm7.4 --test +# category: web postfix: log: [/var/log/mail.log,/var/log/mail.err] actual_systemd_service: postfix@- needs_exposed_ports: [25, 587] category: email +postgresql: + actual_systemd_service: 'postgresql@13-main' + category: database + ignore_if_package_is_not_installed: postgresql-13 redis-server: log: /var/log/redis/redis-server.log category: database @@ -68,5 +75,6 @@ spamassassin: null rmilter: null php5-fpm: null php7.0-fpm: null +php7.3-fpm: null nslcd: null avahi-daemon: null diff --git a/debian/yunohost-api.service b/conf/yunohost/yunohost-api.service similarity index 59% rename from debian/yunohost-api.service rename to conf/yunohost/yunohost-api.service index 850255127..aa429ec7a 100644 --- a/debian/yunohost-api.service +++ b/conf/yunohost/yunohost-api.service @@ -4,9 +4,7 @@ After=network.target [Service] Type=simple -Environment=DAEMON_OPTS= -EnvironmentFile=-/etc/default/yunohost-api -ExecStart=/usr/bin/yunohost-api $DAEMON_OPTS +ExecStart=/usr/bin/yunohost-api Restart=always RestartSec=5 TimeoutStopSec=30 diff --git a/debian/yunohost-firewall.service b/conf/yunohost/yunohost-firewall.service similarity index 100% rename from debian/yunohost-firewall.service rename to conf/yunohost/yunohost-firewall.service diff --git a/data/templates/yunohost/yunoprompt.service b/conf/yunohost/yunoprompt.service similarity index 100% rename from data/templates/yunohost/yunoprompt.service rename to conf/yunohost/yunoprompt.service diff --git a/data/hooks/conf_regen/01-yunohost b/data/hooks/conf_regen/01-yunohost deleted file mode 100755 index 14af66933..000000000 --- a/data/hooks/conf_regen/01-yunohost +++ /dev/null @@ -1,240 +0,0 @@ -#!/bin/bash - -set -e - -do_init_regen() { - if [[ $EUID -ne 0 ]]; then - echo "You must be root to run this script" 1>&2 - exit 1 - fi - - cd /usr/share/yunohost/templates/yunohost - - [[ -d /etc/yunohost ]] || mkdir -p /etc/yunohost - - # set default current_host - [[ -f /etc/yunohost/current_host ]] \ - || echo "yunohost.org" > /etc/yunohost/current_host - - # copy default services and firewall - [[ -f /etc/yunohost/firewall.yml ]] \ - || cp firewall.yml /etc/yunohost/firewall.yml - - # allow users to access /media directory - [[ -d /etc/skel/media ]] \ - || (mkdir -p /media && ln -s /media /etc/skel/media) - - # Cert folders - mkdir -p /etc/yunohost/certs - chown -R root:ssl-cert /etc/yunohost/certs - chmod 750 /etc/yunohost/certs - - # App folders - mkdir -p /etc/yunohost/apps - chmod 700 /etc/yunohost/apps - mkdir -p /home/yunohost.app - chmod 755 /home/yunohost.app - - # Domain settings - mkdir -p /etc/yunohost/domains - chmod 700 /etc/yunohost/domains - - # Backup folders - mkdir -p /home/yunohost.backup/archives - chmod 750 /home/yunohost.backup/archives - chown root:root /home/yunohost.backup/archives # This is later changed to admin:root once admin user exists - - # Empty ssowat json persistent conf - echo "{}" > '/etc/ssowat/conf.json.persistent' - chmod 644 /etc/ssowat/conf.json.persistent - chown root:root /etc/ssowat/conf.json.persistent - - # Empty service conf - touch /etc/yunohost/services.yml - - mkdir -p /var/cache/yunohost/repo - chown root:root /var/cache/yunohost - chmod 700 /var/cache/yunohost - - cp yunoprompt.service /etc/systemd/system/yunoprompt.service - cp dpkg-origins /etc/dpkg/origins/yunohost - - # Change dpkg vendor - # see https://wiki.debian.org/Derivatives/Guidelines#Vendor - readlink -f /etc/dpkg/origins/default | grep -q debian \ - && rm -f /etc/dpkg/origins/default \ - && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default -} - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/yunohost - - # Legacy code that can be removed once on bullseye - touch /etc/yunohost/services.yml - yunohost tools shell -c "from yunohost.service import _get_services, _save_services; _save_services(_get_services())" - - mkdir -p $pending_dir/etc/systemd/system - mkdir -p $pending_dir/etc/cron.d/ - mkdir -p $pending_dir/etc/cron.daily/ - - # add cron job for diagnosis to be ran at 7h and 19h + a random delay between - # 0 and 20min, meant to avoid every instances running their diagnosis at - # exactly the same time, which may overload the diagnosis server. - cat > $pending_dir/etc/cron.d/yunohost-diagnosis << EOF -SHELL=/bin/bash -0 7,19 * * * root : YunoHost Automatic Diagnosis; sleep \$((RANDOM\\%1200)); yunohost diagnosis run --email > /dev/null 2>/dev/null || echo "Running the automatic diagnosis failed miserably" -EOF - - # Cron job that upgrade the app list everyday - cat > $pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog << EOF -#!/bin/bash -(sleep \$((RANDOM%3600)); yunohost tools update --apps > /dev/null) & -EOF - - # Cron job that renew lets encrypt certificates if there's any that needs renewal - cat > $pending_dir/etc/cron.daily/yunohost-certificate-renew << EOF -#!/bin/bash -yunohost domain cert renew --email -EOF - - # If we subscribed to a dyndns domain, add the corresponding cron - # - delay between 0 and 60 secs to spread the check over a 1 min window - # - do not run the command if some process already has the lock, to avoid queuing hundreds of commands... - if ls -l /etc/yunohost/dyndns/K*.private 2>/dev/null - then - cat > $pending_dir/etc/cron.d/yunohost-dyndns << EOF -SHELL=/bin/bash -*/10 * * * * root : YunoHost DynDNS update; sleep \$((RANDOM\\%60)); test -e /var/run/moulinette_yunohost.lock || yunohost dyndns update >> /dev/null -EOF - fi - - # legacy stuff to avoid yunohost reporting etckeeper as manually modified - # (this make sure that the hash is null / file is flagged as to-delete) - mkdir -p $pending_dir/etc/etckeeper - touch $pending_dir/etc/etckeeper/etckeeper.conf - - # Skip ntp if inside a container (inspired from the conf of systemd-timesyncd) - mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/ - echo " -[Unit] -ConditionCapability=CAP_SYS_TIME -ConditionVirtualization=!container -" > ${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf - - # Make nftable conflict with yunohost-firewall - mkdir -p ${pending_dir}/etc/systemd/system/nftables.service.d/ - cat > ${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf << EOF -[Unit] -# yunohost-firewall and nftables conflict with each other -Conflicts=yunohost-firewall.service -ConditionFileIsExecutable=!/etc/init.d/yunohost-firewall -ConditionPathExists=!/etc/systemd/system/multi-user.target.wants/yunohost-firewall.service -EOF - - # Don't suspend computer on LidSwitch - mkdir -p ${pending_dir}/etc/systemd/logind.conf.d/ - cat > ${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf << EOF -[Login] -HandleLidSwitch=ignore -HandleLidSwitchDocked=ignore -HandleLidSwitchExternalPower=ignore -EOF - - cp yunoprompt.service ${pending_dir}/etc/systemd/system/yunoprompt.service - - if [[ "$(yunohost settings get 'security.experimental.enabled')" == "True" ]] - then - cp proc-hidepid.service ${pending_dir}/etc/systemd/system/proc-hidepid.service - else - touch ${pending_dir}/etc/systemd/system/proc-hidepid.service - fi - - mkdir -p ${pending_dir}/etc/dpkg/origins/ - cp dpkg-origins ${pending_dir}/etc/dpkg/origins/yunohost - -} - -do_post_regen() { - regen_conf_files=$1 - - ###################### - # Enfore permissions # - ###################### - - chmod 750 /home/admin - chmod 750 /home/yunohost.conf - chmod 750 /home/yunohost.backup - chmod 750 /home/yunohost.backup/archives - chown root:root /home/yunohost.conf - chown admin:root /home/yunohost.backup - chown admin:root /home/yunohost.backup/archives - - # Certs - # We do this with find because there could be a lot of them... - chown -R root:ssl-cert /etc/yunohost/certs - chmod 750 /etc/yunohost/certs - find /etc/yunohost/certs/ -type f -exec chmod 640 {} \; - find /etc/yunohost/certs/ -type d -exec chmod 750 {} \; - - find /etc/cron.*/yunohost-* -type f -exec chmod 755 {} \; - find /etc/cron.d/yunohost-* -type f -exec chmod 644 {} \; - find /etc/cron.*/yunohost-* -type f -exec chown root:root {} \; - - chown root:root /var/cache/yunohost - chmod 700 /var/cache/yunohost - chown root:root /var/cache/moulinette - chmod 700 /var/cache/moulinette - - setfacl -m g:all_users:--- /var/www - setfacl -m g:all_users:--- /var/log/nginx - setfacl -m g:all_users:--- /etc/yunohost - setfacl -m g:all_users:--- /etc/ssowat - - for USER in $(yunohost user list --quiet --output-as json | jq -r '.users | .[] | .username') - do - [ ! -e "/home/$USER" ] || setfacl -m g:all_users:--- /home/$USER - done - - # Domain settings - mkdir -p /etc/yunohost/domains - - # Misc configuration / state files - chown root:root $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) - chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) - - # Apps folder, custom hooks folder - [[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d) - [[ ! -e /etc/yunohost/apps ]] || (chown root /etc/yunohost/apps && chmod 700 /etc/yunohost/apps) - [[ ! -e /etc/yunohost/domains ]] || (chown root /etc/yunohost/domains && chmod 700 /etc/yunohost/domains) - - # Create ssh.app and sftp.app groups if they don't exist yet - grep -q '^ssh.app:' /etc/group || groupadd ssh.app - grep -q '^sftp.app:' /etc/group || groupadd sftp.app - - # Propagates changes in systemd service config overrides - [[ ! "$regen_conf_files" =~ "ntp.service.d/ynh-override.conf" ]] || { systemctl daemon-reload; systemctl restart ntp; } - [[ ! "$regen_conf_files" =~ "nftables.service.d/ynh-override.conf" ]] || systemctl daemon-reload - [[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] || systemctl daemon-reload - if [[ "$regen_conf_files" =~ "yunoprompt.service" ]] - then - systemctl daemon-reload - action=$([[ -e /etc/systemd/system/yunoprompt.service ]] && echo 'enable' || echo 'disable') - systemctl $action yunoprompt --quiet --now - fi - if [[ "$regen_conf_files" =~ "proc-hidepid.service" ]] - then - systemctl daemon-reload - action=$([[ -e /etc/systemd/system/proc-hidepid.service ]] && echo 'enable' || echo 'disable') - systemctl $action proc-hidepid --quiet --now - fi - - # Change dpkg vendor - # see https://wiki.debian.org/Derivatives/Guidelines#Vendor - readlink -f /etc/dpkg/origins/default | grep -q debian \ - && rm -f /etc/dpkg/origins/default \ - && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/02-ssl b/data/hooks/conf_regen/02-ssl deleted file mode 100755 index 2b40c77a2..000000000 --- a/data/hooks/conf_regen/02-ssl +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash - -set -e - -ssl_dir="/usr/share/yunohost/yunohost-config/ssl/yunoCA" -ynh_ca="/etc/yunohost/certs/yunohost.org/ca.pem" -ynh_crt="/etc/yunohost/certs/yunohost.org/crt.pem" -ynh_key="/etc/yunohost/certs/yunohost.org/key.pem" -openssl_conf="/usr/share/yunohost/templates/ssl/openssl.cnf" - -regen_local_ca() { - - domain="$1" - - echo -e "\n# Creating local certification authority with domain=$domain\n" - - # create certs and SSL directories - mkdir -p "/etc/yunohost/certs/yunohost.org" - mkdir -p "${ssl_dir}/"{ca,certs,crl,newcerts} - - pushd ${ssl_dir} - - # (Update the serial so that it's specific to this very instance) - # N.B. : the weird RANDFILE thing comes from: - # https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - RANDFILE=.rnd openssl rand -hex 19 > serial - rm -f index.txt - touch index.txt - cp /usr/share/yunohost/templates/ssl/openssl.cnf openssl.ca.cnf - sed -i "s/yunohost.org/${domain}/g" openssl.ca.cnf - openssl req -x509 \ - -new \ - -config openssl.ca.cnf \ - -days 3650 \ - -out ca/cacert.pem \ - -keyout ca/cakey.pem \ - -nodes \ - -batch \ - -subj /CN=${domain}/O=${domain%.*} 2>&1 - - chmod 640 ca/cacert.pem - chmod 640 ca/cakey.pem - - cp ca/cacert.pem $ynh_ca - ln -sf "$ynh_ca" /etc/ssl/certs/ca-yunohost_crt.pem - update-ca-certificates - - popd -} - -do_init_regen() { - - LOGFILE=/tmp/yunohost-ssl-init - echo "" > $LOGFILE - chown root:root $LOGFILE - chmod 640 $LOGFILE - - # Make sure this conf exists - mkdir -p ${ssl_dir} - cp /usr/share/yunohost/templates/ssl/openssl.cnf ${ssl_dir}/openssl.ca.cnf - - # create default certificates - if [[ ! -f "$ynh_ca" ]]; then - regen_local_ca yunohost.org >>$LOGFILE - fi - - if [[ ! -f "$ynh_crt" ]]; then - echo -e "\n# Creating initial key and certificate \n" >>$LOGFILE - - openssl req -new \ - -config "$openssl_conf" \ - -days 730 \ - -out "${ssl_dir}/certs/yunohost_csr.pem" \ - -keyout "${ssl_dir}/certs/yunohost_key.pem" \ - -nodes -batch &>>$LOGFILE - - openssl ca \ - -config "$openssl_conf" \ - -days 730 \ - -in "${ssl_dir}/certs/yunohost_csr.pem" \ - -out "${ssl_dir}/certs/yunohost_crt.pem" \ - -batch &>>$LOGFILE - - chmod 640 "${ssl_dir}/certs/yunohost_key.pem" - chmod 640 "${ssl_dir}/certs/yunohost_crt.pem" - - cp "${ssl_dir}/certs/yunohost_key.pem" "$ynh_key" - cp "${ssl_dir}/certs/yunohost_crt.pem" "$ynh_crt" - ln -sf "$ynh_crt" /etc/ssl/certs/yunohost_crt.pem - ln -sf "$ynh_key" /etc/ssl/private/yunohost_key.pem - fi - - chown -R root:ssl-cert /etc/yunohost/certs/yunohost.org/ - chmod o-rwx /etc/yunohost/certs/yunohost.org/ - - install -D -m 644 $openssl_conf "${ssl_dir}/openssl.cnf" -} - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/ssl - - install -D -m 644 openssl.cnf "${pending_dir}/${ssl_dir}/openssl.cnf" -} - -do_post_regen() { - regen_conf_files=$1 - - current_local_ca_domain=$(openssl x509 -in $ynh_ca -text | tr ',' '\n' | grep Issuer | awk '{print $4}') - main_domain=$(cat /etc/yunohost/current_host) - - if [[ "$current_local_ca_domain" != "$main_domain" ]] - then - regen_local_ca $main_domain - # Idk how useful this is, but this was in the previous python code (domain.main_domain()) - ln -sf /etc/yunohost/certs/$domain/crt.pem /etc/ssl/certs/yunohost_crt.pem - ln -sf /etc/yunohost/certs/$domain/key.pem /etc/ssl/private/yunohost_key.pem - fi -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/06-slapd b/data/hooks/conf_regen/06-slapd deleted file mode 100755 index 49b1bf354..000000000 --- a/data/hooks/conf_regen/06-slapd +++ /dev/null @@ -1,202 +0,0 @@ -#!/bin/bash - -set -e - -tmp_backup_dir_file="/root/slapd-backup-dir.txt" - -config="/usr/share/yunohost/templates/slapd/config.ldif" -db_init="/usr/share/yunohost/templates/slapd/db_init.ldif" - -do_init_regen() { - if [[ $EUID -ne 0 ]]; then - echo "You must be root to run this script" 1>&2 - exit 1 - fi - - do_pre_regen "" - - # Drop current existing slapd data - - rm -rf /var/backups/*.ldapdb - rm -rf /var/backups/slapd-* - - debconf-set-selections << EOF -slapd slapd/password1 password yunohost -slapd slapd/password2 password yunohost -slapd slapd/domain string yunohost.org -slapd shared/organization string yunohost.org -slapd slapd/allow_ldap_v2 boolean false -slapd slapd/invalid_config boolean true -slapd slapd/backend select MDB -slapd slapd/move_old_database boolean true -slapd slapd/no_configuration boolean false -slapd slapd/purge_database boolean false -EOF - - DEBIAN_FRONTEND=noninteractive dpkg-reconfigure slapd -u - - # Enforce permissions - chown -R openldap:openldap /etc/ldap/schema/ - usermod -aG ssl-cert openldap - - # (Re-)init data according to default ldap entries - echo ' Initializing LDAP with YunoHost DB structure' - - rm -rf /etc/ldap/slapd.d - mkdir -p /etc/ldap/slapd.d - slapadd -F /etc/ldap/slapd.d -b cn=config -l "$config" 2>&1 \ - | grep -v "none elapsed\|Closing DB" || true - chown -R openldap: /etc/ldap/slapd.d - - rm -rf /var/lib/ldap - mkdir -p /var/lib/ldap - slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "$db_init" 2>&1 \ - | grep -v "none elapsed\|Closing DB" || true - chown -R openldap: /var/lib/ldap - - nscd -i group || true - nscd -i passwd || true - - systemctl restart slapd - - # We don't use mkhomedir_helper because 'admin' may not be recognized - # when this script is ran in a chroot (e.g. ISO install) - # We also refer to admin as uid 1007 for the same reason - if [ ! -d /home/admin ] - then - cp -r /etc/skel /home/admin - chown -R 1007:1007 /home/admin - fi -} - -_regenerate_slapd_conf() { - - # Validate the new slapd config - # To do so, we have to use the .ldif to generate the config directory - # so we use a temporary directory slapd_new.d - rm -Rf /etc/ldap/slapd_new.d - mkdir /etc/ldap/slapd_new.d - slapadd -b cn=config -l "$config" -F /etc/ldap/slapd_new.d/ 2>&1 \ - | grep -v "none elapsed\|Closing DB" || true - # Actual validation (-Q is for quiet, -u is for dry-run) - slaptest -Q -u -F /etc/ldap/slapd_new.d - - # "Commit" / apply the new config (meaning we delete the old one and replace - # it with the new one) - rm -Rf /etc/ldap/slapd.d - mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d - - chown -R openldap:openldap /etc/ldap/slapd.d/ -} - -do_pre_regen() { - pending_dir=$1 - - # remove temporary backup file - rm -f "$tmp_backup_dir_file" - - # Define if we need to migrate from hdb to mdb - curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}') - if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] && \ - [ $curr_backend != 'mdb' ]; then - backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)" - mkdir -p "$backup_dir" - slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" - echo "$backup_dir" > "$tmp_backup_dir_file" - fi - - # create needed directories - ldap_dir="${pending_dir}/etc/ldap" - schema_dir="${ldap_dir}/schema" - mkdir -p "$ldap_dir" "$schema_dir" - - # remove legacy configuration file - [ ! -f /etc/ldap/slapd-yuno.conf ] || touch "${ldap_dir}/slapd-yuno.conf" - [ ! -f /etc/ldap/slapd.conf ] || touch "${ldap_dir}/slapd.conf" - [ ! -f /etc/ldap/schema/yunohost.schema ] || touch "${schema_dir}/yunohost.schema" - - cd /usr/share/yunohost/templates/slapd - - # copy configuration files - cp -a ldap.conf "$ldap_dir" - cp -a sudo.ldif mailserver.ldif permission.ldif "$schema_dir" - - mkdir -p ${pending_dir}/etc/systemd/system/slapd.service.d/ - cp systemd-override.conf ${pending_dir}/etc/systemd/system/slapd.service.d/ynh-override.conf - - install -D -m 644 slapd.default "${pending_dir}/etc/default/slapd" -} - -do_post_regen() { - regen_conf_files=$1 - - # fix some permissions - echo "Enforce permissions on ldap/slapd directories and certs ..." - # penldap user should be in the ssl-cert group to let it access the certificate for TLS - usermod -aG ssl-cert openldap - chown -R openldap:openldap /etc/ldap/schema/ - chown -R openldap:openldap /etc/ldap/slapd.d/ - - # If we changed the systemd ynh-override conf - if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$" - then - systemctl daemon-reload - systemctl restart slapd - sleep 3 - fi - - # For some reason, old setups don't have the admins group defined... - if ! slapcat | grep -q 'cn=admins,ou=groups,dc=yunohost,dc=org' - then - slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org <<< \ -"dn: cn=admins,ou=groups,dc=yunohost,dc=org -cn: admins -gidNumber: 4001 -memberUid: admin -objectClass: posixGroup -objectClass: top" - chown -R openldap: /var/lib/ldap - systemctl restart slapd - nscd -i group - fi - - [ -z "$regen_conf_files" ] && exit 0 - - # regenerate LDAP config directory from slapd.conf - echo "Regenerate LDAP config directory from config.ldif" - _regenerate_slapd_conf - - # If there's a backup, re-import its data - backup_dir=$(cat "$tmp_backup_dir_file" 2>/dev/null || true) - if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then - # regenerate LDAP config directory and import database as root - echo "Import the database using slapadd" - slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" - chown -R openldap:openldap /var/lib/ldap 2>&1 - fi - - echo "Running slapdindex" - su openldap -s "/bin/bash" -c "/usr/sbin/slapindex" - - echo "Reloading slapd" - systemctl force-reload slapd - - # on slow hardware/vm this regen conf would exit before the admin user that - # is stored in ldap is available because ldap seems to slow to restart - # so we'll wait either until we are able to log as admin or until a timeout - # is reached - # we need to do this because the next hooks executed after this one during - # postinstall requires to run as admin thus breaking postinstall on slow - # hardware which mean yunohost can't be correctly installed on those hardware - # and this sucks - # wait a maximum time of 5 minutes - # yes, force-reload behave like a restart - number_of_wait=0 - while ! su admin -c '' && ((number_of_wait < 60)) - do - sleep 5 - ((number_of_wait += 1)) - done -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/09-nslcd b/data/hooks/conf_regen/09-nslcd deleted file mode 100755 index cefd05cd3..000000000 --- a/data/hooks/conf_regen/09-nslcd +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -set -e - -do_init_regen() { - do_pre_regen "" - systemctl restart nslcd -} - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/nslcd - - install -D -m 644 nslcd.conf "${pending_dir}/etc/nslcd.conf" -} - -do_post_regen() { - regen_conf_files=$1 - - [[ -z "$regen_conf_files" ]] \ - || systemctl restart nslcd -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/10-apt b/data/hooks/conf_regen/10-apt deleted file mode 100755 index 1c80b6706..000000000 --- a/data/hooks/conf_regen/10-apt +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -set -e - -do_pre_regen() { - pending_dir=$1 - - mkdir --parents "${pending_dir}/etc/apt/preferences.d" - - packages_to_refuse_from_sury="php php-fpm php-mysql php-xml php-zip php-mbstring php-ldap php-gd php-curl php-bz2 php-json php-sqlite3 php-intl openssl libssl1.1 libssl-dev" - for package in $packages_to_refuse_from_sury - do - echo " -Package: $package -Pin: origin \"packages.sury.org\" -Pin-Priority: -1" >> "${pending_dir}/etc/apt/preferences.d/extra_php_version" - done - - echo " - -# PLEASE READ THIS WARNING AND DON'T EDIT THIS FILE - -# You are probably reading this file because you tried to install apache2 or -# bind9. These 2 packages conflict with YunoHost. - -# Installing apache2 will break nginx and break the entire YunoHost ecosystem -# on your server, therefore don't remove those lines! - -# You have been warned. - -Package: apache2 -Pin: release * -Pin-Priority: -1 - -Package: apache2-bin -Pin: release * -Pin-Priority: -1 - -# Also bind9 will conflict with dnsmasq. -# Same story as for apache2. -# Don't install it, don't remove those lines. - -Package: bind9 -Pin: release * -Pin-Priority: -1 -" >> "${pending_dir}/etc/apt/preferences.d/ban_packages" - -} - -do_post_regen() { - regen_conf_files=$1 - - # Make sure php7.3 is the default version when using php in cli - update-alternatives --set php /usr/bin/php7.3 -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/12-metronome b/data/hooks/conf_regen/12-metronome deleted file mode 100755 index ab9fca173..000000000 --- a/data/hooks/conf_regen/12-metronome +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash - -set -e - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/metronome - - # create directories for pending conf - metronome_dir="${pending_dir}/etc/metronome" - metronome_conf_dir="${metronome_dir}/conf.d" - mkdir -p "$metronome_conf_dir" - - # retrieve variables - main_domain=$(cat /etc/yunohost/current_host) - - # install main conf file - cat metronome.cfg.lua \ - | sed "s/{{ main_domain }}/${main_domain}/g" \ - > "${metronome_dir}/metronome.cfg.lua" - - # add domain conf files - for domain in $YNH_DOMAINS; do - cat domain.tpl.cfg.lua \ - | sed "s/{{ domain }}/${domain}/g" \ - > "${metronome_conf_dir}/${domain}.cfg.lua" - done - - # remove old domain conf files - conf_files=$(ls -1 /etc/metronome/conf.d \ - | awk '/^[^\.]+\.[^\.]+.*\.cfg\.lua$/ { print $1 }') - for file in $conf_files; do - domain=${file%.cfg.lua} - [[ $YNH_DOMAINS =~ $domain ]] \ - || touch "${metronome_conf_dir}/${file}" - done -} - -do_post_regen() { - regen_conf_files=$1 - - # retrieve variables - main_domain=$(cat /etc/yunohost/current_host) - - # FIXME : small optimization to do to avoid calling a yunohost command ... - # maybe another env variable like YNH_MAIN_DOMAINS idk - domain_list=$(yunohost domain list --exclude-subdomains --output-as plain --quiet) - - # create metronome directories for domains - for domain in $domain_list; do - mkdir -p "/var/lib/metronome/${domain//./%2e}/pep" - # http_upload directory must be writable by metronome and readable by nginx - mkdir -p "/var/xmpp-upload/${domain}/upload" - # sgid bit allows that file created in that dir will be owned by www-data - # despite the fact that metronome ain't in the www-data group - chmod g+s "/var/xmpp-upload/${domain}/upload" - done - - # fix some permissions - [ ! -e '/var/xmpp-upload' ] || chown -R metronome:www-data "/var/xmpp-upload/" - [ ! -e '/var/xmpp-upload' ] || chmod 750 "/var/xmpp-upload/" - - # metronome should be in ssl-cert group to let it access SSL certificates - usermod -aG ssl-cert metronome - chown -R metronome: /var/lib/metronome/ - chown -R metronome: /etc/metronome/conf.d/ - - [[ -z "$regen_conf_files" ]] \ - || systemctl restart metronome -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/15-nginx b/data/hooks/conf_regen/15-nginx deleted file mode 100755 index c158ecd09..000000000 --- a/data/hooks/conf_regen/15-nginx +++ /dev/null @@ -1,152 +0,0 @@ -#!/bin/bash - -set -e - -. /usr/share/yunohost/helpers - -do_init_regen() { - if [[ $EUID -ne 0 ]]; then - echo "You must be root to run this script" 1>&2 - exit 1 - fi - - cd /usr/share/yunohost/templates/nginx - - nginx_dir="/etc/nginx" - nginx_conf_dir="${nginx_dir}/conf.d" - mkdir -p "$nginx_conf_dir" - - # install plain conf files - cp plain/* "$nginx_conf_dir" - - # probably run with init: just disable default site, restart NGINX and exit - rm -f "${nginx_dir}/sites-enabled/default" - - export compatibility="intermediate" - ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" - ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" - ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" - ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" - - mkdir -p $nginx_conf_dir/default.d/ - cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/ - - # Restart nginx if conf looks good, otherwise display error and exit unhappy - nginx -t 2>/dev/null || { nginx -t; exit 1; } - systemctl restart nginx || { journalctl --no-pager --lines=10 -u nginx >&2; exit 1; } - - exit 0 -} - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/nginx - - nginx_dir="${pending_dir}/etc/nginx" - nginx_conf_dir="${nginx_dir}/conf.d" - mkdir -p "$nginx_conf_dir" - - # install / update plain conf files - cp plain/* "$nginx_conf_dir" - # remove the panel overlay if this is specified in settings - panel_overlay=$(yunohost settings get 'ssowat.panel_overlay.enabled') - if [ "$panel_overlay" == "false" ] || [ "$panel_overlay" == "False" ] - then - echo "#" > "${nginx_conf_dir}/yunohost_panel.conf.inc" - fi - - # retrieve variables - main_domain=$(cat /etc/yunohost/current_host) - - # Support different strategy for security configurations - export redirect_to_https="$(yunohost settings get 'security.nginx.redirect_to_https')" - export compatibility="$(yunohost settings get 'security.nginx.compatibility')" - export experimental="$(yunohost settings get 'security.experimental.enabled')" - ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" - - cert_status=$(yunohost domain cert status --json) - - # add domain conf files - for domain in $YNH_DOMAINS; do - domain_conf_dir="${nginx_conf_dir}/${domain}.d" - mkdir -p "$domain_conf_dir" - mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/" - mkdir -p "$mail_autoconfig_dir" - - # NGINX server configuration - export domain - export domain_cert_ca=$(echo $cert_status \ - | jq ".certificates.\"$domain\".CA_type" \ - | tr -d '"') - - ynh_render_template "server.tpl.conf" "${nginx_conf_dir}/${domain}.conf" - ynh_render_template "autoconfig.tpl.xml" "${mail_autoconfig_dir}/config-v1.1.xml" - - touch "${domain_conf_dir}/yunohost_local.conf" # Clean legacy conf files - - done - - export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.allowlist.enabled) - if [ "$webadmin_allowlist_enabled" == "True" ] - then - export webadmin_allowlist=$(yunohost settings get security.webadmin.allowlist) - fi - ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" - ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" - ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" - mkdir -p $nginx_conf_dir/default.d/ - cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/ - - # remove old domain conf files - conf_files=$(ls -1 /etc/nginx/conf.d \ - | awk '/^[^\.]+\.[^\.]+.*\.conf$/ { print $1 }') - for file in $conf_files; do - domain=${file%.conf} - [[ $YNH_DOMAINS =~ $domain ]] \ - || touch "${nginx_conf_dir}/${file}" - done - - # remove old mail-autoconfig files - autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true) - for file in $autoconfig_files; do - domain=$(basename $(readlink -f $(dirname $file)/../..)) - [[ $YNH_DOMAINS =~ $domain ]] \ - || (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}") - done - - # disable default site - mkdir -p "${nginx_dir}/sites-enabled" - touch "${nginx_dir}/sites-enabled/default" -} - -do_post_regen() { - regen_conf_files=$1 - - [ -z "$regen_conf_files" ] && exit 0 - - # create NGINX conf directories for domains - for domain in $YNH_DOMAINS; do - mkdir -p "/etc/nginx/conf.d/${domain}.d" - done - - # Get rid of legacy lets encrypt snippets - for domain in $YNH_DOMAINS; do - # If the legacy letsencrypt / acme-challenge domain-specific snippet is still there - if [ -e /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf ] - then - # And if we're effectively including the new domain-independant snippet now - if grep -q "include /etc/nginx/conf.d/acme-challenge.conf.inc;" /etc/nginx/conf.d/${domain}.conf - then - # Delete the old domain-specific snippet - rm /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf - fi - fi - done - - # Reload nginx if conf looks good, otherwise display error and exit unhappy - nginx -t 2>/dev/null || { nginx -t; exit 1; } - pgrep nginx && systemctl reload nginx || { journalctl --no-pager --lines=10 -u nginx >&2; exit 1; } -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/19-postfix b/data/hooks/conf_regen/19-postfix deleted file mode 100755 index c569e1ca1..000000000 --- a/data/hooks/conf_regen/19-postfix +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash - -set -e - -. /usr/share/yunohost/helpers - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/postfix - - postfix_dir="${pending_dir}/etc/postfix" - mkdir -p "$postfix_dir" - - default_dir="${pending_dir}/etc/default/" - mkdir -p "$default_dir" - - # install plain conf files - cp plain/* "$postfix_dir" - - # prepare main.cf conf file - main_domain=$(cat /etc/yunohost/current_host) - - # Support different strategy for security configurations - export compatibility="$(yunohost settings get 'security.postfix.compatibility')" - - # Add possibility to specify a relay - # Could be useful with some isp with no 25 port open or more complex setup - export relay_port="" - export relay_user="" - export relay_host="$(yunohost settings get 'smtp.relay.host')" - if [ -n "${relay_host}" ] - then - relay_port="$(yunohost settings get 'smtp.relay.port')" - relay_user="$(yunohost settings get 'smtp.relay.user')" - relay_password="$(yunohost settings get 'smtp.relay.password')" - - # Avoid to display "Relay account paswword" to other users - touch ${postfix_dir}/sasl_passwd - chmod 750 ${postfix_dir}/sasl_passwd - # Avoid "postmap: warning: removing zero-length database file" - chown postfix ${pending_dir}/etc/postfix - chown postfix ${pending_dir}/etc/postfix/sasl_passwd - - cat <<< "[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" > ${postfix_dir}/sasl_passwd - postmap ${postfix_dir}/sasl_passwd - fi - export main_domain - export domain_list="$YNH_DOMAINS" - ynh_render_template "main.cf" "${postfix_dir}/main.cf" - - cat postsrsd \ - | sed "s/{{ main_domain }}/${main_domain}/g" \ - | sed "s/{{ domain_list }}/${YNH_DOMAINS}/g" \ - > "${default_dir}/postsrsd" - - # adapt it for IPv4-only hosts - ipv6="$(yunohost settings get 'smtp.allow_ipv6')" - if [ "$ipv6" == "False" ] || [ ! -f /proc/net/if_inet6 ]; then - sed -i \ - 's/ \[::ffff:127.0.0.0\]\/104 \[::1\]\/128//g' \ - "${postfix_dir}/main.cf" - sed -i \ - 's/inet_interfaces = all/&\ninet_protocols = ipv4/' \ - "${postfix_dir}/main.cf" - fi -} - -do_post_regen() { - regen_conf_files=$1 - - if [ -e /etc/postfix/sasl_passwd ] - then - chmod 750 /etc/postfix/sasl_passwd* - chown postfix:root /etc/postfix/sasl_passwd* - fi - - [[ -z "$regen_conf_files" ]] \ - || { systemctl restart postfix && systemctl restart postsrsd; } - -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/25-dovecot b/data/hooks/conf_regen/25-dovecot deleted file mode 100755 index a0663a4a6..000000000 --- a/data/hooks/conf_regen/25-dovecot +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -set -e - -. /usr/share/yunohost/helpers - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/dovecot - - dovecot_dir="${pending_dir}/etc/dovecot" - mkdir -p "${dovecot_dir}/global_script" - - # copy simple conf files - cp dovecot-ldap.conf "${dovecot_dir}/dovecot-ldap.conf" - cp dovecot.sieve "${dovecot_dir}/global_script/dovecot.sieve" - - export pop3_enabled="$(yunohost settings get 'pop3.enabled')" - export main_domain=$(cat /etc/yunohost/current_host) - - ynh_render_template "dovecot.conf" "${dovecot_dir}/dovecot.conf" - - # adapt it for IPv4-only hosts - if [ ! -f /proc/net/if_inet6 ]; then - sed -i \ - 's/^\(listen =\).*/\1 */' \ - "${dovecot_dir}/dovecot.conf" - fi - - mkdir -p "${dovecot_dir}/yunohost.d" - cp pre-ext.conf "${dovecot_dir}/yunohost.d" - cp post-ext.conf "${dovecot_dir}/yunohost.d" -} - -do_post_regen() { - regen_conf_files=$1 - - mkdir -p "/etc/dovecot/yunohost.d/pre-ext.d" - mkdir -p "/etc/dovecot/yunohost.d/post-ext.d" - - # create vmail user - id vmail > /dev/null 2>&1 \ - || adduser --system --ingroup mail --uid 500 vmail --home /var/vmail --no-create-home - - # Delete legacy home for vmail that existed in the past but was empty, poluting /home/ - [ ! -e /home/vmail ] || rmdir --ignore-fail-on-non-empty /home/vmail - - # fix permissions - chown -R vmail:mail /etc/dovecot/global_script - chmod 770 /etc/dovecot/global_script - chown root:mail /var/mail - chmod 1775 /var/mail - - [ -z "$regen_conf_files" ] && exit 0 - - # compile sieve script - [[ "$regen_conf_files" =~ dovecot\.sieve ]] && { - sievec /etc/dovecot/global_script/dovecot.sieve - chown -R vmail:mail /etc/dovecot/global_script - } - - systemctl restart dovecot -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/31-rspamd b/data/hooks/conf_regen/31-rspamd deleted file mode 100755 index da9b35dfe..000000000 --- a/data/hooks/conf_regen/31-rspamd +++ /dev/null @@ -1,62 +0,0 @@ -#!/bin/bash - -set -e - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/rspamd - - install -D -m 644 metrics.local.conf \ - "${pending_dir}/etc/rspamd/local.d/metrics.conf" - install -D -m 644 dkim_signing.conf \ - "${pending_dir}/etc/rspamd/local.d/dkim_signing.conf" - install -D -m 644 rspamd.sieve \ - "${pending_dir}/etc/dovecot/global_script/rspamd.sieve" -} - -do_post_regen() { - - ## - ## DKIM key generation - ## - - # create DKIM directory with proper permission - mkdir -p /etc/dkim - chown _rspamd /etc/dkim - - # create DKIM key for domains - for domain in $YNH_DOMAINS; do - domain_key="/etc/dkim/${domain}.mail.key" - [ ! -f "$domain_key" ] && { - # We use a 1024 bit size because nsupdate doesn't seem to be able to - # handle 2048... - opendkim-genkey --domain="$domain" \ - --selector=mail --directory=/etc/dkim -b 1024 - mv /etc/dkim/mail.private "$domain_key" - mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt" - } - done - - # fix DKIM keys permissions - chown _rspamd /etc/dkim/*.mail.key - chmod 400 /etc/dkim/*.mail.key - - [ ! -e /var/log/rspamd ] || chown -R _rspamd:_rspamd /var/log/rspamd - - regen_conf_files=$1 - [ -z "$regen_conf_files" ] && exit 0 - - # compile sieve script - [[ "$regen_conf_files" =~ rspamd\.sieve ]] && { - sievec /etc/dovecot/global_script/rspamd.sieve - chown -R vmail:mail /etc/dovecot/global_script - systemctl restart dovecot - } - - # Restart rspamd due to the upgrade - # https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html - systemctl -q restart rspamd.service -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/34-mysql b/data/hooks/conf_regen/34-mysql deleted file mode 100755 index 41afda110..000000000 --- a/data/hooks/conf_regen/34-mysql +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/bash - -set -e -. /usr/share/yunohost/helpers - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/mysql - - install -D -m 644 my.cnf "${pending_dir}/etc/mysql/my.cnf" -} - -do_post_regen() { - regen_conf_files=$1 - - if [[ ! -d /var/lib/mysql/mysql ]] - then - # dpkg-reconfigure will initialize mysql (if it ain't already) - # It enabled auth_socket for root, so no need to define any root password... - # c.f. : cat /var/lib/dpkg/info/mariadb-server-10.3.postinst | grep install_db -C3 - MYSQL_PKG="$(dpkg --list | sed -ne 's/^ii \(mariadb-server-[[:digit:].]\+\) .*$/\1/p')" - dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1 - - systemctl -q is-active mariadb.service \ - || systemctl start mariadb - - sleep 5 - - echo "" | mysql && echo "Can't connect to mysql using unix_socket auth ... something went wrong during initial configuration of mysql !?" >&2 - fi - - # Legacy code to get rid of /etc/yunohost/mysql ... - # Nowadays, we can simply run mysql while being run as root of unix_socket/auth_socket is enabled... - if [ -f /etc/yunohost/mysql ]; then - - # This is a trick to check if we're able to use mysql without password - # Expect instances installed in stretch to already have unix_socket - #configured, but not old instances from the jessie/wheezy era - if ! echo "" | mysql 2>/dev/null - then - password="$(cat /etc/yunohost/mysql)" - # Enable plugin unix_socket for root on localhost - mysql -u root -p"$password" <<< "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED WITH unix_socket WITH GRANT OPTION;" - fi - - # If now we're able to login without password, drop the mysql password - if echo "" | mysql 2>/dev/null - then - rm /etc/yunohost/mysql - else - echo "Can't connect to mysql using unix_socket auth ... something went wrong while trying to get rid of mysql password !?" >&2 - fi - fi - - # mysql is supposed to be an alias to mariadb... but in some weird case is not - # c.f. https://forum.yunohost.org/t/mysql-ne-fonctionne-pas/11661 - # Playing with enable/disable allows to recreate the proper symlinks. - if [ ! -e /etc/systemd/system/mysql.service ] - then - systemctl stop mysql -q - systemctl disable mysql -q - systemctl disable mariadb -q - systemctl enable mariadb -q - systemctl is-active mariadb -q || systemctl start mariadb - fi - - [[ -z "$regen_conf_files" ]] \ - || systemctl restart mysql -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/35-redis b/data/hooks/conf_regen/35-redis deleted file mode 100755 index da5eac4c9..000000000 --- a/data/hooks/conf_regen/35-redis +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -do_pre_regen() { - : -} - -do_post_regen() { - # Enforce these damn permissions because for some reason in some weird cases - # they are spontaneously replaced by root:root -_- - chown -R redis:adm /var/log/redis -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/37-mdns b/data/hooks/conf_regen/37-mdns deleted file mode 100755 index b8112a6c1..000000000 --- a/data/hooks/conf_regen/37-mdns +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -set -e - -_generate_config() { - echo "domains:" - echo " - yunohost.local" - for domain in $YNH_DOMAINS - do - # Only keep .local domains (don't keep - [[ "$domain" =~ [^.]+\.[^.]+\.local$ ]] && echo "Subdomain $domain cannot be handled by Bonjour/Zeroconf/mDNS" >&2 - [[ "$domain" =~ ^[^.]+\.local$ ]] || continue - echo " - $domain" - done -} - -do_init_regen() { - do_pre_regen - do_post_regen /etc/systemd/system/yunomdns.service - systemctl enable yunomdns -} - -do_pre_regen() { - pending_dir="$1" - - cd /usr/share/yunohost/templates/mdns - mkdir -p ${pending_dir}/etc/systemd/system/ - cp yunomdns.service ${pending_dir}/etc/systemd/system/ - - getent passwd mdns &>/dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns - - mkdir -p ${pending_dir}/etc/yunohost - _generate_config > ${pending_dir}/etc/yunohost/mdns.yml -} - -do_post_regen() { - regen_conf_files="$1" - - chown mdns:mdns /etc/yunohost/mdns.yml - - # If we changed the systemd ynh-override conf - if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/yunomdns.service$" - then - systemctl daemon-reload - fi - - # Legacy stuff to enable the new yunomdns service on legacy systems - if [[ -e /etc/avahi/avahi-daemon.conf ]] && grep -q 'yunohost' /etc/avahi/avahi-daemon.conf - then - systemctl enable yunomdns - fi - - [[ -z "$regen_conf_files" ]] \ - || systemctl restart yunomdns -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/43-dnsmasq b/data/hooks/conf_regen/43-dnsmasq deleted file mode 100755 index 687fc704f..000000000 --- a/data/hooks/conf_regen/43-dnsmasq +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash - -set -e -. /usr/share/yunohost/helpers - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/dnsmasq - - # create directory for pending conf - dnsmasq_dir="${pending_dir}/etc/dnsmasq.d" - mkdir -p "$dnsmasq_dir" - etcdefault_dir="${pending_dir}/etc/default" - mkdir -p "$etcdefault_dir" - - # add general conf files - cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq - cp plain/dnsmasq.conf ${pending_dir}/etc/dnsmasq.conf - - # add resolver file - cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf > ${pending_dir}/etc/resolv.dnsmasq.conf - - # retrieve variables - ipv4=$(curl -s -4 https://ip.yunohost.org 2>/dev/null || true) - ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1' - ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true) - ynh_validate_ip6 "$ipv6" || ipv6='' - - export ipv4 - export ipv6 - - # add domain conf files - for domain in $YNH_DOMAINS; do - [[ ! $domain =~ \.local$ ]] || continue - export domain - ynh_render_template "domain.tpl" "${dnsmasq_dir}/${domain}" - done - - # remove old domain conf files - conf_files=$(ls -1 /etc/dnsmasq.d \ - | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }') - for domain in $conf_files; do - if [[ ! $YNH_DOMAINS =~ $domain ]] && [[ ! $domain =~ \.local$ ]] - then - touch "${dnsmasq_dir}/${domain}" - fi - done -} - -do_post_regen() { - regen_conf_files=$1 - - # Fuck it, those domain/search entries from dhclient are usually annoying - # lying shit from the ISP trying to MiTM - if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf - then - if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null - then - sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient - fi - - grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-name "";' >> /etc/dhcp/dhclient.conf - grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-search "";' >> /etc/dhcp/dhclient.conf - grep -q '^supersede name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede name "";' >> /etc/dhcp/dhclient.conf - systemctl restart resolvconf - fi - - # Some stupid things like rabbitmq-server used by onlyoffice won't work if - # the *short* hostname doesn't exists in /etc/hosts -_- - short_hostname=$(hostname -s) - grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts - - [[ -n "$regen_conf_files" ]] || return - - # Remove / disable services likely to conflict with dnsmasq - for SERVICE in systemd-resolved bind9 - do - systemctl is-enabled $SERVICE &>/dev/null && systemctl disable $SERVICE 2>/dev/null - systemctl is-active $SERVICE &>/dev/null && systemctl stop $SERVICE - done - - systemctl restart dnsmasq -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/46-nsswitch b/data/hooks/conf_regen/46-nsswitch deleted file mode 100755 index be5cb2b86..000000000 --- a/data/hooks/conf_regen/46-nsswitch +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -set -e - -do_init_regen() { - do_pre_regen "" - systemctl restart unscd -} - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/nsswitch - - install -D -m 644 nsswitch.conf "${pending_dir}/etc/nsswitch.conf" -} - -do_post_regen() { - regen_conf_files=$1 - - [[ -z "$regen_conf_files" ]] \ - || systemctl restart unscd -} - -do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/52-fail2ban b/data/hooks/conf_regen/52-fail2ban deleted file mode 100755 index 7aef72ebc..000000000 --- a/data/hooks/conf_regen/52-fail2ban +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -set -e - -. /usr/share/yunohost/helpers - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/templates/fail2ban - - fail2ban_dir="${pending_dir}/etc/fail2ban" - mkdir -p "${fail2ban_dir}/filter.d" - mkdir -p "${fail2ban_dir}/jail.d" - - cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf" - cp jail.conf "${fail2ban_dir}/jail.conf" - - export ssh_port="$(yunohost settings get 'security.ssh.port')" - ynh_render_template "yunohost-jails.conf" "${fail2ban_dir}/jail.d/yunohost-jails.conf" -} - -do_post_regen() { - regen_conf_files=$1 - - [[ -z "$regen_conf_files" ]] \ - || systemctl reload fail2ban -} - -do_$1_regen ${@:2} diff --git a/data/hooks/restore/18-data_multimedia b/data/hooks/restore/18-data_multimedia deleted file mode 100644 index eb8ef2608..000000000 --- a/data/hooks/restore/18-data_multimedia +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -# Exit hook on subcommand error or unset variable -set -eu - -# Source YNH helpers -source /usr/share/yunohost/helpers - -ynh_restore_file --origin_path="/home/yunohost.multimedia" --not_mandatory diff --git a/data/templates/dnsmasq/plain/dnsmasq.conf b/data/templates/dnsmasq/plain/dnsmasq.conf deleted file mode 100644 index 12a14048a..000000000 --- a/data/templates/dnsmasq/plain/dnsmasq.conf +++ /dev/null @@ -1,6 +0,0 @@ -domain-needed -expand-hosts - -listen-address=127.0.0.1 -resolv-file=/etc/resolv.dnsmasq.conf -cache-size=256 diff --git a/data/templates/mysql/my.cnf b/data/templates/mysql/my.cnf deleted file mode 100644 index 3da4377e1..000000000 --- a/data/templates/mysql/my.cnf +++ /dev/null @@ -1,92 +0,0 @@ -# Example MySQL config file for small systems. -# -# This is for a system with little memory (<= 64M) where MySQL is only used -# from time to time and it's important that the mysqld daemon -# doesn't use much resources. -# -# MySQL programs look for option files in a set of -# locations which depend on the deployment platform. -# You can copy this option file to one of those -# locations. For information about these locations, see: -# http://dev.mysql.com/doc/mysql/en/option-files.html -# -# In this file, you can use all long options that a program supports. -# If you want to know which options a program supports, run the program -# with the "--help" option. - -# The following options will be passed to all MySQL clients -[client] -#password = your_password -port = 3306 -socket = /var/run/mysqld/mysqld.sock - -# Here follows entries for some specific programs - -# The MySQL server -[mysqld] -port = 3306 -socket = /var/run/mysqld/mysqld.sock -skip-external-locking -key_buffer_size = 16K -max_allowed_packet = 16M -table_open_cache = 4 -sort_buffer_size = 4M -read_buffer_size = 256K -read_rnd_buffer_size = 256K -net_buffer_length = 2K -thread_stack = 128K - -# to avoid corruption on powerfailure -default-storage-engine=innodb - -# Don't listen on a TCP/IP port at all. This can be a security enhancement, -# if all processes that need to connect to mysqld run on the same host. -# All interaction with mysqld must be made via Unix sockets or named pipes. -# Note that using this option without enabling named pipes on Windows -# (using the "enable-named-pipe" option) will render mysqld useless! -# -#skip-networking -server-id = 1 - -# Uncomment the following if you want to log updates -#log-bin=mysql-bin - -# binary logging format - mixed recommended -#binlog_format=mixed - -# Causes updates to non-transactional engines using statement format to be -# written directly to binary log. Before using this option make sure that -# there are no dependencies between transactional and non-transactional -# tables such as in the statement INSERT INTO t_myisam SELECT * FROM -# t_innodb; otherwise, slaves may diverge from the master. -#binlog_direct_non_transactional_updates=TRUE - -# Uncomment the following if you are using InnoDB tables -#innodb_data_home_dir = /var/lib/mysql -#innodb_data_file_path = ibdata1:10M:autoextend -#innodb_log_group_home_dir = /var/lib/mysql -# You can set .._buffer_pool_size up to 50 - 80 % -# of RAM but beware of setting memory usage too high -#innodb_buffer_pool_size = 16M -#innodb_additional_mem_pool_size = 2M -# Set .._log_file_size to 25 % of buffer pool size -#innodb_log_file_size = 5M -#innodb_log_buffer_size = 8M -#innodb_flush_log_at_trx_commit = 1 -#innodb_lock_wait_timeout = 50 - -[mysqldump] -quick -max_allowed_packet = 16M - -[mysql] -no-auto-rehash -# Remove the next comment character if you are not familiar with SQL -#safe-updates - -[myisamchk] -key_buffer_size = 8M -sort_buffer_size = 8M - -[mysqlhotcopy] -interactive-timeout diff --git a/debian/changelog b/debian/changelog index def37d6b2..7e35024c8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,242 @@ +yunohost (11.0.4) testing; urgency=low + + - [mod] certificate: drop unused 'staging' LE mode (4b78e8e3) + - [fix] cli: bash_completion was broken ([#1423](https://github.com/YunoHost/yunohost/pull/1423)) + - [enh] mdns: Wait for network to be fully up to start the service ([#1425](https://github.com/YunoHost/yunohost/pull/1425)) + - [fix] regenconf: make some systemctl enable/disable quiet (bccff1b4, 345e50ae) + - [fix] configpanels: Compute choices for the yunohost admin when installing an app ([#1427](https://github.com/YunoHost/yunohost/pull/1427)) + - [fix] configpanels: optimize _get_toml for domains to not load the whole DNS section stuff when just getting a simple info from another section (bf6252ac) + - [fix] configpanel: oopsies, could only change the default app for domain configs :P (0a59f863) + - [fix] php73_to_php74: another search&replace for synapse (f0a01ba2) + - [fix] php73_to_php74: stopping php7.3 before starting 7.4 should be more robust in case confs are conflicting (9ae7ec59) + - [i18n] Translations updated for French, Ukrainian + + Thanks to all contributors <3 ! (Éric Gaspar, Kay0u, Tagadda, tituspijean, Tymofii-Lytvynenko) + + -- Alexandre Aubin Sat, 29 Jan 2022 19:19:44 +0100 + +yunohost (11.0.3) testing; urgency=low + + - [enh] mail: Add SNI support for postfix and dovecot ([#1413](https://github.com/YunoHost/yunohost/pull/1413)) + - [fix] services: fix a couple edge cases (4571c5b2) + - [fix] services: Do not save php-fpm services in services.yml (5d0f8021) + - [fix] diagnosis: diagnosers were run in a funky order ([#1418](https://github.com/YunoHost/yunohost/pull/1418)) + - [fix] configpanels: config_get should return possible choices for domain, user questions (and other dynamic-choices questions) ([#1420](https://github.com/YunoHost/yunohost/pull/1420)) + - [enh] apps/domain: Clarify the default app mecanism, handle it fron domain config panel ([#1406](https://github.com/YunoHost/yunohost/pull/1406)) + - [fix] apps: When no main app permission found, fallback to default label instead of having a 'None' label to prevent the webadmin from displaying an empty app list (07396b8b) + - [i18n] Translations updated for Galician + + Thanks to all contributors <3 ! (José M, Kay0u, Tagadda, tituspijean) + + -- Alexandre Aubin Tue, 25 Jan 2022 13:06:10 +0100 + +yunohost (11.0.2) testing; urgency=low + + - [mod] Various tweaks for Python 3.9, PHP 7.4, PostgreSQL 13, and other changes related to Buster->Bullseye ecosystem + - [mod] debian: Moved mysql, php, and metronome from Depends to Recommends ([#1369](https://github.com/YunoHost/yunohost/pull/1369)) + - [mod] apt: **Add sury by default** ([#1369](https://github.com/YunoHost/yunohost/pull/1369)) + - [enh] mysql: **Drop super old mysql config, now rely on Debian default** ([44c972f...144126f](https://github.com/YunoHost/yunohost/compare/44c972f2dd65...144126f56a3d)) + - [enh] regenconf/helpers: Better integration for postgresql ([#1369](https://github.com/YunoHost/yunohost/pull/1369)) + - [mod] quality: **Rework repository code architecture** ([#1377](https://github.com/YunoHost/yunohost/pull/1377)) + - [mod] quality: **Rework where yunohost files are deployed** (yunohost now a much closer to a python lib with files in /usr/lib/python3/dist-packages/yunohost/, and other "common" files are in /usr/share/yunohost) ([#1377](https://github.com/YunoHost/yunohost/pull/1377)) + - [enh] upgrade: Try to implement **a smarter self-upgrade mechanism to prevent/limit API downtime and related UX issues** ([#1374](https://github.com/YunoHost/yunohost/pull/1374)) + - [mod] regenconf: store tmp files in /var/cache/yunohost/ instead of the misleading /home/yunohost.conf folder (00d535a6) + - [mod] dyndns: rewrite tsig keygen + nsupdate using full python, now that dnssec-keygen doesnt support hmacsha512 anymore (63a84f53) + - [mod] app: During app scripts (and all stuff run in hook_exec), do not inject the HOME variable if it exists. This aims to prevent inconsistencies between CLI (where HOME usually is defined) and API (where HOME doesnt exists) (f43e567b) + - [mod] quality: **Drop legacy commands or arguments** listed below + - Drop `--other_vars` options in ynh_add_fail2ban_config and systemd_config helpers + - Drop deprecated/superold `ynh_bind_or_cp`, `ynh_mkdir_tmp`, `ynh_get_plain_key` helpers + - Drop obsolete `yunohost-reset-ldap-password` command + - Drop obsolete `yunohost dyndns installcron` and `removecron` commands + - Drop deprecated `yunohost service regen-conf` command (see `tools regen-conf` instead) + - Drop deprecated `yunohost app fetchlist` command + - Drop obsolete `yunohost app add/remove/clearaccess` commands + - Drop deprecated `--installed` and `--filter` options in `yunohost app list` + - Drop deprecated `--apps` and `--system` options in `yunohost tools update/upgrade` (no double dashes anymore) + - Drop deprecated `--status` and `--log_type` options in `yunohost service add` + - Drop deprecated `--mail` option in `yunohost user create` + + -- Alexandre Aubin Wed, 19 Jan 2022 20:52:39 +0100 + +yunohost (4.4.0) testing; urgency=low + + - [enh] Add buster->bullseye migration + + -- Alexandre Aubin Wed, 19 Jan 2022 20:45:22 +0100 + +yunohost (4.3.6.2) stable; urgency=low + + - [fix] apt helpers: fix bug when var is empty... (7920cc62) + + -- Alexandre Aubin Wed, 19 Jan 2022 20:30:25 +0100 + +yunohost (4.3.6.1) stable; urgency=low + + - [fix] dnsmasq: ensure interface is up ([#1410](https://github.com/YunoHost/yunohost/pull/1410)) + - [fix] apt helpers: fix ynh_install_app_dependencies when an app change his default phpversion (6ea32728) + - [fix] certificates: fix edge case where None is returned, triggering 'NoneType has no attribute get' (019839db) + - [i18n] Translations updated for German + + Thanks to all contributors <3 ! (Gregor, Kay0u) + + -- Alexandre Aubin Wed, 19 Jan 2022 20:05:13 +0100 + +yunohost (4.3.6) stable; urgency=low + + - [enh] ssh: add a new setting to manage PasswordAuthentication in sshd_config ([#1388](https://github.com/YunoHost/yunohost/pull/1388)) + - [enh] upgrades: filter more boring apt messages (3cc1a0a5) + - [fix] ynh_add_config: crons should be owned by root, otherwise they probably don't run? (0973301b) + - [fix] domains: force cert install during domain_add ([#1404](https://github.com/YunoHost/yunohost/pull/1404)) + - [fix] logs: remove 'args' for metadata, may contain unredacted secrets in edge cases + - [fix] helpers, apt: upgrade apt dependencies from extra repos ([#1407](https://github.com/YunoHost/yunohost/pull/1407)) + - [fix] diagnosis: incorrect dns check (relative vs absolute) for CNAME on subdomain (d81b85a4) + - [i18n] Translations updated for Dutch, French, Galician, German, Spanish, Ukrainian + + Thanks to all contributors <3 ! (Boudewijn, Christian Wehrli, Éric Gaspar, Germain Edy, José M, Kay0u, Kayou, ljf, Tagada, Tymofii-Lytvynenko) + + -- Alexandre Aubin Fri, 14 Jan 2022 01:29:58 +0100 + +yunohost (4.3.5) stable; urgency=low + + - [fix] backup: bug in backup_delete when compress_tar_archives is True ([#1381](https://github.com/YunoHost/yunohost/pull/1381)) + - [fix] helpers logrorate: remove permission tweak .. code was not working as expected. To be re-addressed some day ... (0fc209ac) + - [fix] i18n: consistency for deprecation for --apps in 'yunohost tools update/upgrade' ([#1392](https://github.com/YunoHost/yunohost/pull/1392)) + - [fix] apps: typo when deleting superfluous question keys ([#1393](https://github.com/YunoHost/yunohost/pull/1393)) + - [fix] diagnosis: typo in dns record diagnoser (a615528c) + - [fix] diagnosis: tweak treshold for suspiciously high number of auth failure because too many people getting report about it idk (76abbf03) + - [enh] quality: apply pyupgrade ([#1395](https://github.com/YunoHost/yunohost/pull/1395)) + - [enh] quality: add lgtm/code quality badge ([#1396](https://github.com/YunoHost/yunohost/pull/1396)) + - [i18n] Translations updated for Dutch, French, Galician, German, Indonesian, Russian, Spanish, Ukrainian + + Thanks to all contributors <3 ! (Boudewijn, Bram, Christian Wehrli, Colin Wawrik, Éric Gaspar, Ilya, José M, Juan Alberto González, Kay0u, liimee, Moutonjr Geoff, tituspijean, Tymofii Lytvynenko, Valentin von Guttenberg) + + -- Alexandre Aubin Wed, 29 Dec 2021 01:01:33 +0100 + +yunohost (4.3.4.2) stable; urgency=low + + - [fix] yunomdns: Ignore ipv4 link-local addresses (6854f23c) + - [fix] backup: Fix path for multimedia restore ([#1386](https://github.com/YunoHost/yunohost/pull/1386)) + - [fix] helpers apt/php: typo in extra php-fpm yunohost service integration (47f3c00d) + - [enh] helpers: Update n to 8.0.1 (d1ab1f67) + + Thanks to all contributors <3 ! (ericgaspar, Kayou) + + -- Alexandre Aubin Wed, 08 Dec 2021 22:04:04 +0100 + +yunohost (4.3.4.1) stable; urgency=low + + - [fix] regenconf: Force permission on /etc/resolv.dnsmasq.conf to fix an issue on some setup with umask=027 (5881938c) + - [fix] regenconf: Typo in custom mdns alias regen conf (b3df36dd) + - [fix] regenconf: Try to fix the return line bug in dnsmasq conf ([#1385](https://github.com/YunoHost/yunohost/pull/1385)) + + Thanks to all contributors <3 ! (ljf) + + -- Alexandre Aubin Sat, 27 Nov 2021 21:15:29 +0100 + +yunohost (4.3.4) stable; urgency=low + + - [fix] apps: Allow tilde in username/organization for repo URLs ([#1382](https://github.com/YunoHost/yunohost/pull/1382)) + - [fix] misc: /etc/yunohost permissions broken on some setups (6488b4f6) + - [fix] mdns: Don't add yunohost.local in config if it's already among the yunohost domains (c4962834) + - [enh] dnsmasq: Tweak conf for better support of some stuff like the hotspot app ([#1383](https://github.com/YunoHost/yunohost/pull/1383)) + + Thanks to all contributors <3 ! (ljf, tituspijean) + + -- Alexandre Aubin Sat, 27 Nov 2021 00:53:16 +0100 + +yunohost (4.3.3) stable; urgency=low + + - [fix] log: fix dump_script_log_extract_for_debugging displaying wrong log snippet during failed upgrade ([#1376](https://github.com/YunoHost/yunohost/pull/1376)) + - [fix] certificate: fix stupid certificate/diagnosis issue with subdomains of ynh domains (7c569d16) + - [fix] diagnosis: Read DNS Blacklist answer and compare it against list of non-BL codes ([#1375](https://github.com/YunoHost/yunohost/pull/1375)) + - [enh] helpers: Update n to 8.0.0 ([#1372](https://github.com/YunoHost/yunohost/pull/1372)) + - [fix] helpers: Make ynh_add_fpm_config more robust to some edge cases (51d5dca0) + - [fix] backup: conf_ynh_settings backup/restore hook, /etc/yunohost/domains may not exist (38f5352f) + - [i18n] Translations updated for Basque, Chinese (Simplified), Indonesian, Italian, Ukrainian + + Thanks to all contributors <3 ! (dagangtie, ericgaspar, Félix Piédallu, Flavio Cristoforetti, liimee, punkrockgirl, Romain Thouvenin, Tommi, Tymofii-Lytvynenko) + + -- Alexandre Aubin Sun, 14 Nov 2021 22:55:16 +0100 + +yunohost (4.3.2.2) stable; urgency=low + + - [fix] nginx: Try to fix again the webadmin cache hell (74e2a51e) + + -- Alexandre Aubin Sat, 06 Nov 2021 17:39:58 +0100 + +yunohost (4.3.2.1) stable; urgency=low + + - [enh] mdns: Add possibility to manually add .local aliases via /etc/yunohost/mdns.aliases (meant for internetcube) (3da2df6e) + - [fix] debian: Fix conflict with redis-server (6558b23d) + - [fix] nginx: Refine experimental CSP header (in the end still gotta enable unsafe-inline and unsafe-eval for a bunch of things, but better than no policy at all...) (1cc3e440) + + -- Alexandre Aubin Sat, 06 Nov 2021 16:58:07 +0100 + +yunohost (4.3.2) stable; urgency=low + + - Release as stable + - [i18n] Translations updated for Basque, Occitan + + Thanks to all contributors <3 ! (punkrockgirl, Quentí) + + -- Alexandre Aubin Fri, 05 Nov 2021 02:32:56 +0100 + +yunohost (4.3.1.8) testing; urgency=low + + - [enh] dyndns: Drop some YAGNI + improve IPv6-only support + resilience w.r.t. ns0 / ns1 being down (a61d0231, [#1367](https://github.com/YunoHost/yunohost/pull/1367)) + - [fix] helpers: improve composer debug when it can't install dependencies (4ebcaf8d) + - [enh] helpers: allow to get/set/delete app settings without explicitly passing app id everytime... (fcd2ef9d) + - [fix] helpers: Don't say the 'app was restored' when restore failed after failed upgrade (019d207c) + - [enh] helpers: temporarily auto-add visitors during ynh_local_curl if needed ([#1370](https://github.com/YunoHost/yunohost/pull/1370)) + - [enh] apps: Add YNH_ARCH to app script env for easier debugging and arch check in script (85eb43a7) + - [mod] misc fixes/enh (2687121f, 146fba7d, 86a9cb37, 4e917b5e, 974ea71f, edc5295d, ba489bfc) + - [i18n] Translations updated for Basque, French, Spanish + + Thanks to all contributors <3 ! (ljf, Page Asgardius, ppr, punkrockgirl) + + -- Alexandre Aubin Wed, 03 Nov 2021 18:35:18 +0100 + +yunohost (4.3.1.7) testing; urgency=low + + - [fix] configpanel: Misc technical fixes ... (341059d0, 9c22329e) + - [i18n] Translations updated for Basque, French + + Thanks to all contributors <3 ! (ljf, ppr, punkrockgirl) + + -- Alexandre Aubin Tue, 19 Oct 2021 15:30:50 +0200 + +yunohost (4.3.1.6) testing; urgency=low + + - [fix] configpanel: Various technical fixes (07c1ddce, eae826b2, ff69067d) + - [i18n] Translations updated for Basque, Galician, German, Russian, Ukrainian + + Thanks to all contributors <3 ! (Colin Wawrik, Daniel, José M, ljf, punkrockgirl, Semen Turchikhin, Tymofii-Lytvynenko) + + -- Alexandre Aubin Mon, 18 Oct 2021 18:50:00 +0200 + +yunohost (4.3.1.5) testing; urgency=low + + - [enh] configpanel: Add hook mecanism between questions (9f7fb61b) + - [fix] configpanel: Issue with visible-if context missing between section + - [mod] Force-disable old avahi-daemon (af3d6dd7, 3a07a780) + + Thanks to all contributors <3 ! (ljf) + + -- Alexandre Aubin Sun, 17 Oct 2021 20:44:33 +0200 + +yunohost (4.3.1.4) testing; urgency=low + + - [mod] codequality: Safer, clearer ynh_secure_remove ([#1357](https://github.com/YunoHost/yunohost/pull/1357)) + - [mod] codequality: Lint/autoformat helpers, hooks and debian scripts ([#1356](https://github.com/YunoHost/yunohost/pull/1356)) + - [mod] helpers: Flag ynh_print_ON/OFF as internal to not advertise them in the doc (fe959bd7) + - [fix] helpers: Eval mecanism in ynh_exec_* lead to epic bugs ([#1358](https://github.com/YunoHost/yunohost/pull/1358)) + - [enh] dyndns: validate that we're connected to the internet before triggering yunohost dyndns update (55bacd74) + - [enh] regenconf/dyndns: Delete dyndns cron in regenconf if no dyndns domain found (cb835a2d) + - [fix] regenconf/dovecot: add conf snippet to get rid of stupid stats-writer errors in mail.log (dab3dc6f) + - [enh] regenconf/dnsmasq: Don't generate dnsmasq conf for .local domains (df02f898) + + -- Alexandre Aubin Wed, 13 Oct 2021 15:41:21 +0200 + yunohost (4.3.1.3) testing; urgency=low - [fix] app: repo url branch names may contain dots (38cff4a9) diff --git a/debian/compat b/debian/compat deleted file mode 100644 index ec635144f..000000000 --- a/debian/compat +++ /dev/null @@ -1 +0,0 @@ -9 diff --git a/debian/control b/debian/control index fe18b1de8..6e059231a 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: yunohost Section: utils Priority: extra Maintainer: YunoHost Contributors -Build-Depends: debhelper (>=9), dh-systemd, dh-python, python3-all (>= 3.7), python3-yaml, python3-jinja2 +Build-Depends: debhelper (>=9), debhelper-compat (= 13), dh-python, python3-all (>= 3.7), python3-yaml, python3-jinja2 Standards-Version: 3.9.6 Homepage: https://yunohost.org/ @@ -10,15 +10,15 @@ Package: yunohost Essential: yes Architecture: all Depends: ${python3:Depends}, ${misc:Depends} - , moulinette (>= 4.3), ssowat (>= 4.3) + , moulinette (>= 11.0), ssowat (>= 11.0) , python3-psutil, python3-requests, python3-dnspython, python3-openssl , python3-miniupnpc, python3-dbus, python3-jinja2 - , python3-toml, python3-packaging, python3-publicsuffix, - , python3-ldap, python3-zeroconf, python3-lexicon, + , python3-toml, python3-packaging, python3-publicsuffix2 + , python3-ldap, python3-zeroconf (>= 0.36), python3-lexicon, + , python-is-python3 + , nginx, nginx-extras (>=1.18) , apt, apt-transport-https, apt-utils, dirmngr - , php7.3-common, php7.3-fpm, php7.3-ldap, php7.3-intl - , mariadb-server, php7.3-mysql - , openssh-server, iptables, fail2ban, dnsutils, bind9utils + , openssh-server, iptables, fail2ban, bind9-dnsutils , openssl, ca-certificates, netcat-openbsd, iproute2 , slapd, ldap-utils, sudo-ldap, libnss-ldapd, unscd, libpam-ldapd , dnsmasq, resolvconf, libnss-myhostname @@ -26,28 +26,29 @@ Depends: ${python3:Depends}, ${misc:Depends} , dovecot-core, dovecot-ldap, dovecot-lmtpd, dovecot-managesieved, dovecot-antispam , rspamd, opendkim-tools, postsrsd, procmail, mailutils , redis-server - , metronome (>=3.14.0) , acl , git, curl, wget, cron, unzip, jq, bc, at , lsb-release, haveged, fake-hwclock, equivs, lsof, whois Recommends: yunohost-admin , ntp, inetutils-ping | iputils-ping , bash-completion, rsyslog - , php7.3-gd, php7.3-curl, php-gettext + , php7.4-common, php7.4-fpm, php7.4-ldap, php7.4-intl + , mariadb-server, php7.4-mysql + , php7.4-gd, php7.4-curl, php-php-gettext , python3-pip , unattended-upgrades , libdbd-ldap-perl, libnet-dns-perl -Suggests: htop, vim, rsync, acpi-support-base, udisks2 + , metronome (>=3.14.0) Conflicts: iptables-persistent , apache2 , bind9 - , nginx-extras (>= 1.16) - , openssl (>= 1.1.1g) - , slapd (>= 2.4.49) - , dovecot-core (>= 1:2.3.7) - , redis-server (>= 5:5.0.7) - , fail2ban (>= 0.11) - , iptables (>= 1.8.3) + , nginx-extras (>= 1.19) + , openssl (>= 1.1.1l-1) + , slapd (>= 2.4.58) + , dovecot-core (>= 1:2.3.14) + , redis-server (>= 5:6.1) + , fail2ban (>= 0.11.3) + , iptables (>= 1.8.8) Description: manageable and configured self-hosting server YunoHost aims to make self-hosting accessible to everyone. It configures an email, Web and IM server alongside a LDAP base. It also provides diff --git a/debian/install b/debian/install index 8c6ba01dd..5169d0b62 100644 --- a/debian/install +++ b/debian/install @@ -1,8 +1,10 @@ bin/* /usr/bin/ -sbin/* /usr/sbin/ -data/* /usr/share/yunohost/ -data/bash-completion.d/yunohost /etc/bash_completion.d/ +share/* /usr/share/yunohost/ +hooks/* /usr/share/yunohost/hooks/ +helpers/* /usr/share/yunohost/helpers.d/ +conf/* /usr/share/yunohost/conf/ +locales/* /usr/share/yunohost/locales/ doc/yunohost.8.gz /usr/share/man/man8/ -lib/metronome/modules/* /usr/lib/metronome/modules/ -locales/* /usr/lib/moulinette/yunohost/locales/ -src/yunohost /usr/lib/moulinette +doc/bash_completion.d/* /etc/bash_completion.d/ +conf/metronome/modules/* /usr/lib/metronome/modules/ +src/* /usr/lib/python3/dist-packages/yunohost/ diff --git a/debian/postinst b/debian/postinst index ceeed3cdf..e93845e88 100644 --- a/debian/postinst +++ b/debian/postinst @@ -3,37 +3,43 @@ set -e do_configure() { - rm -rf /var/cache/moulinette/* - mkdir -p /usr/share/moulinette/actionsmap/ - ln -sf /usr/share/yunohost/actionsmap/yunohost.yml /usr/share/moulinette/actionsmap/yunohost.yml + if [ ! -f /etc/yunohost/installed ]; then + # If apps/ is not empty, we're probably already installed in the past and + # something funky happened ... + if [ -d /etc/yunohost/apps/ ] && ls /etc/yunohost/apps/* >/dev/null 2>&1; then + echo "Sounds like /etc/yunohost/installed mysteriously disappeared ... You should probably contact the Yunohost support ..." + else + bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init + bash /usr/share/yunohost/hooks/conf_regen/02-ssl init + bash /usr/share/yunohost/hooks/conf_regen/09-nslcd init + bash /usr/share/yunohost/hooks/conf_regen/46-nsswitch init + bash /usr/share/yunohost/hooks/conf_regen/06-slapd init + bash /usr/share/yunohost/hooks/conf_regen/15-nginx init + bash /usr/share/yunohost/hooks/conf_regen/37-mdns init + fi + else + echo "Regenerating configuration, this might take a while..." + yunohost tools regen-conf --output-as none - if [ ! -f /etc/yunohost/installed ]; then - # If apps/ is not empty, we're probably already installed in the past and - # something funky happened ... - if [ -d /etc/yunohost/apps/ ] && ls /etc/yunohost/apps/* >/dev/null 2>&1 - then - echo "Sounds like /etc/yunohost/installed mysteriously disappeared ... You should probably contact the Yunohost support ..." - else - bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init - bash /usr/share/yunohost/hooks/conf_regen/02-ssl init - bash /usr/share/yunohost/hooks/conf_regen/09-nslcd init - bash /usr/share/yunohost/hooks/conf_regen/46-nsswitch init - bash /usr/share/yunohost/hooks/conf_regen/06-slapd init - bash /usr/share/yunohost/hooks/conf_regen/15-nginx init - bash /usr/share/yunohost/hooks/conf_regen/37-mdns init - fi - else - echo "Regenerating configuration, this might take a while..." - yunohost tools regen-conf --output-as none + echo "Launching migrations..." + yunohost tools migrations run --auto - echo "Launching migrations..." - yunohost tools migrations run --auto - - echo "Re-diagnosing server health..." - yunohost diagnosis run --force - fi + echo "Re-diagnosing server health..." + yunohost diagnosis run --force + fi + # Trick to let yunohost handle the restart of the API, + # to prevent the webadmin from cutting the branch it's sitting on + if systemctl is-enabled yunohost-api --quiet + then + if [[ "${YUNOHOST_API_RESTART_WILL_BE_HANDLED_BY_YUNOHOST:-}" != "yes" ]]; + then + systemctl restart yunohost-api + else + echo "(Delaying the restart of yunohost-api, this should automatically happen after the end of this upgrade)" + fi + fi } # summary of how this script can be called: @@ -50,13 +56,13 @@ do_configure() { case "$1" in configure) do_configure - ;; - abort-upgrade|abort-remove|abort-deconfigure) - ;; + ;; + abort-upgrade | abort-remove | abort-deconfigure) ;; + *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 - ;; + ;; esac #DEBHELPER# diff --git a/debian/postrm b/debian/postrm index 63e42b4d4..ceadd5bce 100644 --- a/debian/postrm +++ b/debian/postrm @@ -6,12 +6,12 @@ set -e if [ "$1" = "purge" ]; then - update-rc.d yunohost-firewall remove >/dev/null - rm -f /etc/yunohost/installed + update-rc.d yunohost-firewall remove >/dev/null + rm -f /etc/yunohost/installed fi if [ "$1" = "remove" ]; then - rm -f /etc/yunohost/installed + rm -f /etc/yunohost/installed fi # Reset dpkg vendor to debian diff --git a/debian/rules b/debian/rules index 3790c0ef2..5cf1d9bee 100755 --- a/debian/rules +++ b/debian/rules @@ -1,26 +1,10 @@ #!/usr/bin/make -f # -*- makefile -*- -# Uncomment this to turn on verbose mode. -#export DH_VERBOSE=1 - %: - dh ${@} --with=python3,systemd + dh ${@} --with python3 override_dh_auto_build: # Generate bash completion file - python3 data/actionsmap/yunohost_completion.py + python3 doc/generate_bash_completion.py python3 doc/generate_manpages.py --gzip --output doc/yunohost.8.gz - -override_dh_installinit: - dh_installinit -pyunohost --name=yunohost-api --restart-after-upgrade - dh_installinit -pyunohost --name=yunohost-firewall --noscripts - -override_dh_systemd_enable: - dh_systemd_enable --name=yunohost-api \ - yunohost-api.service - dh_systemd_enable --name=yunohost-firewall --no-enable \ - yunohost-firewall.service - -#override_dh_systemd_start: -# dh_systemd_start --restart-after-upgrade yunohost-api.service diff --git a/debian/yunohost-api.default b/debian/yunohost-api.default deleted file mode 100644 index b6a9e5a99..000000000 --- a/debian/yunohost-api.default +++ /dev/null @@ -1,4 +0,0 @@ -# Override yunohost-api options. -# Example to log debug: DAEMON_OPTS="--debug" -# -#DAEMON_OPTS="" diff --git a/data/actionsmap/yunohost_completion.py b/doc/generate_bash_completion.py similarity index 96% rename from data/actionsmap/yunohost_completion.py rename to doc/generate_bash_completion.py index c801e2f3c..d55973010 100644 --- a/data/actionsmap/yunohost_completion.py +++ b/doc/generate_bash_completion.py @@ -12,9 +12,9 @@ import os import yaml THIS_SCRIPT_DIR = os.path.dirname(os.path.abspath(__file__)) -ACTIONSMAP_FILE = THIS_SCRIPT_DIR + "/yunohost.yml" -os.system(f"mkdir {THIS_SCRIPT_DIR}/../bash-completion.d") -BASH_COMPLETION_FILE = THIS_SCRIPT_DIR + "/../bash-completion.d/yunohost" +ACTIONSMAP_FILE = THIS_SCRIPT_DIR + "/../share/actionsmap.yml" +BASH_COMPLETION_FOLDER = THIS_SCRIPT_DIR + "/bash_completion.d" +BASH_COMPLETION_FILE = BASH_COMPLETION_FOLDER + "/yunohost" def get_dict_actions(OPTION_SUBTREE, category): @@ -62,6 +62,8 @@ with open(ACTIONSMAP_FILE, "r") as stream: OPTION_TREE[category]["subcategories"], subcategory ) + os.makedirs(BASH_COMPLETION_FOLDER, exist_ok=True) + with open(BASH_COMPLETION_FILE, "w") as generated_file: # header of the file diff --git a/doc/generate_helper_doc.py b/doc/generate_helper_doc.py index f2d5bf444..371e8899b 100644 --- a/doc/generate_helper_doc.py +++ b/doc/generate_helper_doc.py @@ -107,7 +107,7 @@ class Parser: else: # We're getting out of a comment bloc, we should find # the name of the function - assert len(line.split()) >= 1, "Malformed line %s in %s" % ( + assert len(line.split()) >= 1, "Malformed line {} in {}".format( i, self.filename, ) @@ -217,7 +217,7 @@ def malformed_error(line_number): def main(): - helper_files = sorted(glob.glob("../data/helpers.d/*")) + helper_files = sorted(glob.glob("../helpers/*")) helpers = [] for helper_file in helper_files: diff --git a/doc/generate_manpages.py b/doc/generate_manpages.py index fa042fb17..bdb1fcaee 100644 --- a/doc/generate_manpages.py +++ b/doc/generate_manpages.py @@ -22,7 +22,7 @@ template = Template(open(os.path.join(base_path, "manpage.template")).read()) THIS_SCRIPT_DIR = os.path.dirname(os.path.abspath(__file__)) -ACTIONSMAP_FILE = os.path.join(THIS_SCRIPT_DIR, "../data/actionsmap/yunohost.yml") +ACTIONSMAP_FILE = os.path.join(THIS_SCRIPT_DIR, "../share/actionsmap.yml") def ordered_yaml_load(stream): diff --git a/doc/helper_doc_template.md b/doc/helper_doc_template.md index d41c0b6e9..ac5d455fb 100644 --- a/doc/helper_doc_template.md +++ b/doc/helper_doc_template.md @@ -52,7 +52,7 @@ Doc auto-generated by [this script](https://github.com/YunoHost/yunohost/blob/{{ {{ h.details }} {%- endif %} -[Dude, show me the code!](https://github.com/YunoHost/yunohost/blob/{{ current_commit }}/data/helpers.d/{{ category }}#L{{ h.line + 1 }}) +[Dude, show me the code!](https://github.com/YunoHost/yunohost/blob/{{ current_commit }}/helpers/{{ category }}#L{{ h.line + 1 }}) [/details] ---------------- {% endfor %} diff --git a/data/helpers.d/apt b/helpers/apt similarity index 78% rename from data/helpers.d/apt rename to helpers/apt index 2f5df175c..61f3c0c2d 100644 --- a/data/helpers.d/apt +++ b/helpers/apt @@ -12,31 +12,27 @@ ynh_wait_dpkg_free() { local try set +o xtrace # set +x # With seq 1 17, timeout will be almost 30 minutes - for try in `seq 1 17` - do + for try in $(seq 1 17); do # Check if /var/lib/dpkg/lock is used by another process - if lsof /var/lib/dpkg/lock > /dev/null - then + if lsof /var/lib/dpkg/lock >/dev/null; then echo "apt is already in use..." # Sleep an exponential time at each round - sleep $(( try * try )) + sleep $((try * try)) else # Check if dpkg hasn't been interrupted and is fully available. # See this for more information: https://sources.debian.org/src/apt/1.4.9/apt-pkg/deb/debsystem.cc/#L141-L174 local dpkg_dir="/var/lib/dpkg/updates/" # For each file in $dpkg_dir - while read dpkg_file <&9 - do + while read dpkg_file <&9; do # Check if the name of this file contains only numbers. - if echo "$dpkg_file" | grep --perl-regexp --quiet "^[[:digit:]]+$" - then + if echo "$dpkg_file" | grep --perl-regexp --quiet "^[[:digit:]]+$"; then # If so, that a remaining of dpkg. ynh_print_err "dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem." set -o xtrace # set -x return 1 fi - done 9<<< "$(ls -1 $dpkg_dir)" + done 9<<<"$(ls -1 $dpkg_dir)" set -o xtrace # set -x return 0 fi @@ -57,7 +53,7 @@ ynh_wait_dpkg_free() { ynh_package_is_installed() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=package= ) + local -A args_array=([p]=package=) local package # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -79,13 +75,12 @@ ynh_package_is_installed() { ynh_package_version() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=package= ) + local -A args_array=([p]=package=) local package # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ynh_package_is_installed "$package" - then + if ynh_package_is_installed "$package"; then dpkg-query --show --showformat='${Version}' "$package" 2>/dev/null else echo '' @@ -166,14 +161,14 @@ ynh_package_autopurge() { # | arg: controlfile - path of the equivs control file # # Requires YunoHost version 2.2.4 or higher. -ynh_package_install_from_equivs () { +ynh_package_install_from_equivs() { local controlfile=$1 # retrieve package information - local pkgname=$(grep '^Package: ' $controlfile | cut --delimiter=' ' --fields=2) # Retrieve the name of the debian package - local pkgversion=$(grep '^Version: ' $controlfile | cut --delimiter=' ' --fields=2) # And its version number + local pkgname=$(grep '^Package: ' $controlfile | cut --delimiter=' ' --fields=2) # Retrieve the name of the debian package + local pkgversion=$(grep '^Version: ' $controlfile | cut --delimiter=' ' --fields=2) # And its version number [[ -z "$pkgname" || -z "$pkgversion" ]] \ - && ynh_die --message="Invalid control file" # Check if this 2 variables aren't empty. + && ynh_die --message="Invalid control file" # Check if this 2 variables aren't empty. # Update packages cache ynh_package_update @@ -181,8 +176,9 @@ ynh_package_install_from_equivs () { # Build and install the package local TMPDIR=$(mktemp --directory) - # Force the compatibility level at 10, levels below are deprecated - echo 10 > /usr/share/equivs/template/debian/compat + # Make sure to delete the legacy compat file + # It's now handle somewhat magically through the control file + rm -f /usr/share/equivs/template/debian/compat # Note that the cd executes into a sub shell # Create a fake deb package with equivs-build and the given control file @@ -190,21 +186,24 @@ ynh_package_install_from_equivs () { # Install missing dependencies with ynh_package_install ynh_wait_dpkg_free cp "$controlfile" "${TMPDIR}/control" - (cd "$TMPDIR" - LC_ALL=C equivs-build ./control 1> /dev/null - LC_ALL=C dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1 | tee ./dpkg_log) + ( + cd "$TMPDIR" + LC_ALL=C equivs-build ./control 2>&1 + LC_ALL=C dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1 | tee ./dpkg_log + ) - ynh_package_install --fix-broken || \ - { # If the installation failed - # (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process) - # Parse the list of problematic dependencies from dpkg's log ... - # (relevant lines look like: "foo-ynh-deps depends on bar; however:") - local problematic_dependencies="$(cat $TMPDIR/dpkg_log | grep -oP '(?<=-ynh-deps depends on ).*(?=; however)' | tr '\n' ' ')" - # Fake an install of those dependencies to see the errors - # The sed command here is, Print only from 'Reading state info' to the end. - [[ -n "$problematic_dependencies" ]] && ynh_package_install $problematic_dependencies --dry-run 2>&1 | sed --quiet '/Reading state info/,$p' | grep -v "fix-broken\|Reading state info" >&2 - ynh_die --message="Unable to install dependencies"; } - [[ -n "$TMPDIR" ]] && rm --recursive --force $TMPDIR # Remove the temp dir. + ynh_package_install --fix-broken \ + || { # If the installation failed + # (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process) + # Parse the list of problematic dependencies from dpkg's log ... + # (relevant lines look like: "foo-ynh-deps depends on bar; however:") + local problematic_dependencies="$(cat $TMPDIR/dpkg_log | grep -oP '(?<=-ynh-deps depends on ).*(?=; however)' | tr '\n' ' ')" + # Fake an install of those dependencies to see the errors + # The sed command here is, Print only from 'Reading state info' to the end. + [[ -n "$problematic_dependencies" ]] && ynh_package_install $problematic_dependencies --dry-run 2>&1 | sed --quiet '/Reading state info/,$p' | grep -v "fix-broken\|Reading state info" >&2 + ynh_die --message="Unable to install dependencies" + } + [[ -n "$TMPDIR" ]] && rm --recursive --force $TMPDIR # Remove the temp dir. # check if the package is actually installed ynh_package_is_installed "$pkgname" @@ -223,7 +222,7 @@ YNH_INSTALL_APP_DEPENDENCIES_REPLACE="true" # | arg: "dep1|dep2|…" - You can specify alternatives. It will require to install (dep1 or dep2, etc). # # Requires YunoHost version 2.6.4 or higher. -ynh_install_app_dependencies () { +ynh_install_app_dependencies() { local dependencies=$@ # Add a comma for each space between packages. But not add a comma if the space separate a version specification. (See below) dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')" @@ -234,11 +233,10 @@ ynh_install_app_dependencies () { if [ -z "${version}" ] || [ "$version" == "null" ]; then version="1.0" fi - local dep_app=${app//_/-} # Replace all '_' by '-' + local dep_app=${app//_/-} # Replace all '_' by '-' # Handle specific versions - if [[ "$dependencies" =~ [\<=\>] ]] - then + if [[ "$dependencies" =~ [\<=\>] ]]; then # Replace version specifications by relationships syntax # https://www.debian.org/doc/debian-policy/ch-relationships.html # Sed clarification @@ -255,9 +253,6 @@ ynh_install_app_dependencies () { # The (?<=php) syntax corresponds to lookbehind ;) local specific_php_version=$(echo $dependencies | grep -oP '(?<=php)[0-9.]+(?=-|\>)' | sort -u) - # Ignore case where the php version found is the one available in debian vanilla - [[ "$specific_php_version" != "$YNH_DEFAULT_PHP_VERSION" ]] || specific_php_version="" - if [[ -n "$specific_php_version" ]] then # Cover a small edge case where a packager could have specified "php7.4-pwet php5-gni" which is confusing @@ -265,10 +260,9 @@ ynh_install_app_dependencies () { || ynh_die --message="Inconsistent php versions in dependencies ... found : $specific_php_version" dependencies+=", php${specific_php_version}, php${specific_php_version}-fpm, php${specific_php_version}-common" - - ynh_add_sury fi + local psql_installed="$(ynh_package_is_installed "postgresql-$PSQL_VERSION" && echo yes || echo no)" # The first time we run ynh_install_app_dependencies, we will replace the # entire control file (This is in particular meant to cover the case of @@ -288,27 +282,7 @@ ynh_install_app_dependencies () { dependencies="$current_dependencies, $dependencies" fi - # - # Epic ugly hack to fix the goddamn dependency nightmare of sury - # Sponsored by the "Djeezusse Fokin Kraiste Why Do Adminsys Has To Be So Fucking Complicated I Should Go Grow Potatoes Instead Of This Shit" collective - # https://github.com/YunoHost/issues/issues/1407 - # - # If we require to install php dependency - if grep --quiet 'php' <<< "$dependencies" - then - # And we have packages from sury installed (7.0.33-10+weirdshiftafter instead of 7.0.33-0 on debian) - if dpkg --list | grep "php7.0" | grep --quiet --invert-match "7.0.33-0+deb9" - then - # And sury ain't already in sources.lists - if ! grep --recursive --quiet "^ *deb.*sury" /etc/apt/sources.list* - then - # Re-add sury - ynh_add_sury - fi - fi - fi - - cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build + cat >/tmp/${dep_app}-ynh-deps.control <" | sed 's/php//g' | sort | uniq) [[ "$specific_php_version" != "$YNH_DEFAULT_PHP_VERSION" ]] || specific_php_version="" - if [[ -n "$specific_php_version" ]] && ! ynh_package_is_installed --package="php${specific_php_version}-fpm"; - then + if [[ -n "$specific_php_version" ]] && ! ynh_package_is_installed --package="php${specific_php_version}-fpm"; then yunohost service remove php${specific_php_version}-fpm fi } @@ -412,10 +389,10 @@ ynh_remove_app_dependencies () { # | arg: -n, --name= - Name for the files for this repo, $app as default value. # # Requires YunoHost version 3.8.1 or higher. -ynh_install_extra_app_dependencies () { +ynh_install_extra_app_dependencies() { # Declare an array to define the options of this helper. local legacy_args=rpkn - local -A args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= ) + local -A args_array=([r]=repo= [p]=package= [k]=key= [n]=name=) local repo local package local key @@ -426,8 +403,7 @@ ynh_install_extra_app_dependencies () { key=${key:-} # Set a key only if asked - if [ -n "$key" ] - then + if [ -n "$key" ]; then key="--key=$key" fi # Add an extra repository for those packages @@ -436,6 +412,12 @@ ynh_install_extra_app_dependencies () { # Install requested dependencies from this extra repository. ynh_install_app_dependencies "$package" + # Force to upgrade to the last version... + # Without doing apt install, an already installed dep is not upgraded + local apps_auto_installed="$(apt-mark showauto $package)" + ynh_package_install "$package" + [ -z "$apps_auto_installed" ] || apt-mark auto $apps_auto_installed + # Remove this extra repository after packages are installed ynh_remove_extra_repo --name=$app } @@ -452,10 +434,10 @@ ynh_install_extra_app_dependencies () { # | arg: -a, --append - Do not overwrite existing files. # # Requires YunoHost version 3.8.1 or higher. -ynh_install_extra_repo () { +ynh_install_extra_repo() { # Declare an array to define the options of this helper. local legacy_args=rkpna - local -A args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append ) + local -A args_array=([r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append) local repo local key local priority @@ -468,8 +450,7 @@ ynh_install_extra_repo () { key=${key:-} priority=${priority:-} - if [ $append -eq 1 ] - then + if [ $append -eq 1 ]; then append="--append" wget_append="tee --append" else @@ -498,18 +479,16 @@ ynh_install_extra_repo () { local pin="${uri#*://}" pin="${pin%%/*}" # Set a priority only if asked - if [ -n "$priority" ] - then + if [ -n "$priority" ]; then priority="--priority=$priority" fi ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append # Get the public key for the repo - if [ -n "$key" ] - then + if [ -n "$key" ]; then mkdir --parents "/etc/apt/trusted.gpg.d" # Timeout option is here to enforce the timeout on dns query and tcp connect (c.f. man wget) - wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null + wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg >/dev/null fi # Update the list of package with the new repo @@ -524,10 +503,10 @@ ynh_install_extra_repo () { # | arg: -n, --name= - Name for the files for this repo, $app as default value. # # Requires YunoHost version 3.8.1 or higher. -ynh_remove_extra_repo () { +ynh_remove_extra_repo() { # Declare an array to define the options of this helper. local legacy_args=n - local -A args_array=( [n]=name= ) + local -A args_array=([n]=name=) local name # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -536,8 +515,14 @@ ynh_remove_extra_repo () { ynh_secure_remove --file="/etc/apt/sources.list.d/$name.list" # Sury pinning is managed by the regenconf in the core... [[ "$name" == "extra_php_version" ]] || ynh_secure_remove "/etc/apt/preferences.d/$name" - ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.gpg" > /dev/null - ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.asc" > /dev/null + if [ -e /etc/apt/trusted.gpg.d/$name.gpg ]; then + ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.gpg" + fi + + # (Do we even create a .asc file anywhere ...?) + if [ -e /etc/apt/trusted.gpg.d/$name.asc ]; then + ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.asc" + fi # Update the list of package to exclude the old repo ynh_package_update @@ -559,10 +544,10 @@ ynh_remove_extra_repo () { # ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable # # Requires YunoHost version 3.8.1 or higher. -ynh_add_repo () { +ynh_add_repo() { # Declare an array to define the options of this helper. local legacy_args=uscna - local -A args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append ) + local -A args_array=([u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append) local uri local suite local component @@ -573,8 +558,7 @@ ynh_add_repo () { name="${name:-$app}" append=${append:-0} - if [ $append -eq 1 ] - then + if [ $append -eq 1 ]; then append="tee --append" else append="tee" @@ -600,10 +584,10 @@ ynh_add_repo () { # See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html#How_APT_Interprets_Priorities for information about pinning. # # Requires YunoHost version 3.8.1 or higher. -ynh_pin_repo () { +ynh_pin_repo() { # Declare an array to define the options of this helper. local legacy_args=pirna - local -A args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append ) + local -A args_array=([p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append) local package local pin local priority @@ -616,8 +600,7 @@ ynh_pin_repo () { name="${name:-$app}" append=${append:-0} - if [ $append -eq 1 ] - then + if [ $append -eq 1 ]; then append="tee --append" else append="tee" @@ -631,5 +614,5 @@ ynh_pin_repo () { Pin: $pin Pin-Priority: $priority " \ - | $append "/etc/apt/preferences.d/$name" + | $append "/etc/apt/preferences.d/$name" } diff --git a/data/helpers.d/backup b/helpers/backup similarity index 81% rename from data/helpers.d/backup rename to helpers/backup index 21ca2d7f0..01b51d5a1 100644 --- a/data/helpers.d/backup +++ b/helpers/backup @@ -9,7 +9,6 @@ CAN_BIND=${CAN_BIND:-1} # | arg: -d, --dest_path= - destination file or directory inside the backup dir # | arg: -b, --is_big - Indicate data are big (mail, video, image ...) # | arg: -m, --not_mandatory - Indicate that if the file is missing, the backup can ignore it. -# | arg: arg - Deprecated arg # # This helper can be used both in a system backup hook, and in an app backup script # @@ -67,7 +66,7 @@ ynh_backup() { # Declare an array to define the options of this helper. local legacy_args=sdbm - local -A args_array=( [s]=src_path= [d]=dest_path= [b]=is_big [m]=not_mandatory ) + local -A args_array=([s]=src_path= [d]=dest_path= [b]=is_big [m]=not_mandatory) local src_path local dest_path local is_big @@ -83,10 +82,8 @@ ynh_backup() { # If backing up core only (used by ynh_backup_before_upgrade), # don't backup big data items - if [ $is_big -eq 1 ] && ( [ ${do_not_backup_data:-0} -eq 1 ] || [ $BACKUP_CORE_ONLY -eq 1 ] ) - then - if [ $BACKUP_CORE_ONLY -eq 1 ] - then + if [ $is_big -eq 1 ] && ([ ${do_not_backup_data:-0} -eq 1 ] || [ $BACKUP_CORE_ONLY -eq 1 ]); then + if [ $BACKUP_CORE_ONLY -eq 1 ]; then ynh_print_info --message="$src_path will not be saved, because 'BACKUP_CORE_ONLY' is set." else ynh_print_info --message="$src_path will not be saved, because 'do_not_backup_data' is set." @@ -98,14 +95,11 @@ ynh_backup() { # Format correctly source and destination paths # ============================================================================== # Be sure the source path is not empty - if [ ! -e "$src_path" ] - then + if [ ! -e "$src_path" ]; then ynh_print_warn --message="Source path '${src_path}' does not exist" - if [ "$not_mandatory" == "0" ] - then + if [ "$not_mandatory" == "0" ]; then # This is a temporary fix for fail2ban config files missing after the migration to stretch. - if echo "${src_path}" | grep --quiet "/etc/fail2ban" - then + if echo "${src_path}" | grep --quiet "/etc/fail2ban"; then touch "${src_path}" ynh_print_info --message="The missing file will be replaced by a dummy one for the backup !!!" else @@ -123,13 +117,11 @@ ynh_backup() { # If there is no destination path, initialize it with the source path # relative to "/". # eg: src_path=/etc/yunohost -> dest_path=etc/yunohost - if [[ -z "$dest_path" ]] - then + if [[ -z "$dest_path" ]]; then dest_path="${src_path#/}" else - if [[ "${dest_path:0:1}" == "/" ]] - then + if [[ "${dest_path:0:1}" == "/" ]]; then # If the destination path is an absolute path, transform it as a path # relative to the current working directory ($YNH_CWD) @@ -153,8 +145,7 @@ ynh_backup() { fi # Check if dest_path already exists in tmp archive - if [[ -e "${dest_path}" ]] - then + if [[ -e "${dest_path}" ]]; then ynh_print_err --message="Destination path '${dest_path}' already exist" return 1 fi @@ -171,7 +162,7 @@ ynh_backup() { # ============================================================================== local src=$(echo "${src_path}" | sed --regexp-extended 's/"/\"\"/g') local dest=$(echo "${dest_path}" | sed --regexp-extended 's/"/\"\"/g') - echo "\"${src}\",\"${dest}\"" >> "${YNH_BACKUP_CSV}" + echo "\"${src}\",\"${dest}\"" >>"${YNH_BACKUP_CSV}" # ============================================================================== @@ -185,19 +176,18 @@ ynh_backup() { # usage: ynh_restore # # Requires YunoHost version 2.6.4 or higher. -ynh_restore () { +ynh_restore() { # Deduce the relative path of $YNH_CWD local REL_DIR="${YNH_CWD#$YNH_BACKUP_DIR/}" REL_DIR="${REL_DIR%/}/" # For each destination path begining by $REL_DIR - cat ${YNH_BACKUP_CSV} | tr --delete $'\r' | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR.*\"$" | \ - while read line - do - local ORIGIN_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\"\K.*(?=\",\".*\"$)") - local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR\K.*(?=\"$)") - ynh_restore_file --origin_path="$ARCHIVE_PATH" --dest_path="$ORIGIN_PATH" - done + cat ${YNH_BACKUP_CSV} | tr --delete $'\r' | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR.*\"$" \ + | while read line; do + local ORIGIN_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\"\K.*(?=\",\".*\"$)") + local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR\K.*(?=\"$)") + ynh_restore_file --origin_path="$ARCHIVE_PATH" --dest_path="$ORIGIN_PATH" + done } # Return the path in the archive where has been stocked the origin path @@ -205,7 +195,7 @@ ynh_restore () { # [internal] # # usage: _get_archive_path ORIGIN_PATH -_get_archive_path () { +_get_archive_path() { # For security reasons we use csv python library to read the CSV python3 -c " import sys @@ -217,7 +207,7 @@ with open(sys.argv[1], 'r') as backup_file: print(row['dest']) sys.exit(0) raise Exception('Original path for %s not found' % sys.argv[2]) - " "${YNH_BACKUP_CSV}" "$1" + " "${YNH_BACKUP_CSV}" "$1" return $? } @@ -236,7 +226,7 @@ with open(sys.argv[1], 'r') as backup_file: # ynh_restore_file -o "conf/nginx.conf" # # If `DEST_PATH` already exists and is lighter than 500 Mo, a backup will be made in -# `/home/yunohost.conf/backup/`. Otherwise, the existing file is removed. +# `/var/cache/yunohost/appconfbackup/`. Otherwise, the existing file is removed. # # if `apps/$app/etc/nginx/conf.d/$domain.d/$app.conf` exists, restore it into # `/etc/nginx/conf.d/$domain.d/$app.conf` @@ -245,10 +235,10 @@ with open(sys.argv[1], 'r') as backup_file: # # Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 3.5.0 or higher for the argument --not_mandatory -ynh_restore_file () { +ynh_restore_file() { # Declare an array to define the options of this helper. local legacy_args=odm - local -A args_array=( [o]=origin_path= [d]=dest_path= [m]=not_mandatory ) + local -A args_array=([o]=origin_path= [d]=dest_path= [m]=not_mandatory) local origin_path local dest_path local not_mandatory @@ -261,10 +251,8 @@ ynh_restore_file () { local archive_path="$YNH_CWD${origin_path}" # If archive_path doesn't exist, search for a corresponding path in CSV - if [ ! -d "$archive_path" ] && [ ! -f "$archive_path" ] && [ ! -L "$archive_path" ] - then - if [ "$not_mandatory" == "0" ] - then + if [ ! -d "$archive_path" ] && [ ! -f "$archive_path" ] && [ ! -L "$archive_path" ]; then + if [ "$not_mandatory" == "0" ]; then archive_path="$YNH_BACKUP_DIR/$(_get_archive_path \"$origin_path\")" else return 0 @@ -272,14 +260,12 @@ ynh_restore_file () { fi # Move the old directory if it already exists - if [[ -e "${dest_path}" ]] - then + if [[ -e "${dest_path}" ]]; then # Check if the file/dir size is less than 500 Mo - if [[ $(du --summarize --bytes ${dest_path} | cut --delimiter="/" --fields=1) -le "500000000" ]] - then - local backup_file="/home/yunohost.conf/backup/${dest_path}.backup.$(date '+%Y%m%d.%H%M%S')" + if [[ $(du --summarize --bytes ${dest_path} | cut --delimiter="/" --fields=1) -le "500000000" ]]; then + local backup_file="/var/cache/yunohost/appconfbackup/${dest_path}.backup.$(date '+%Y%m%d.%H%M%S')" mkdir --parents "$(dirname "$backup_file")" - mv "${dest_path}" "$backup_file" # Move the current file or directory + mv "${dest_path}" "$backup_file" # Move the current file or directory else ynh_secure_remove --file=${dest_path} fi @@ -289,10 +275,8 @@ ynh_restore_file () { mkdir --parents $(dirname "$dest_path") # Do a copy if it's just a mounting point - if mountpoint --quiet $YNH_BACKUP_DIR - then - if [[ -d "${archive_path}" ]] - then + if mountpoint --quiet $YNH_BACKUP_DIR; then + if [[ -d "${archive_path}" ]]; then archive_path="${archive_path}/." mkdir --parents "$dest_path" fi @@ -303,18 +287,6 @@ ynh_restore_file () { fi } -# Deprecated helper since it's a dangerous one! -# -# [internal] -# -ynh_bind_or_cp() { - local AS_ROOT=${3:-0} - local NO_ROOT=0 - [[ "${AS_ROOT}" = "1" ]] || NO_ROOT=1 - ynh_print_warn --message="This helper is deprecated, you should use ynh_backup instead" - ynh_backup "$1" "$2" 1 -} - # Calculate and store a file checksum into the app settings # # usage: ynh_store_file_checksum --file=file @@ -323,10 +295,10 @@ ynh_bind_or_cp() { # $app should be defined when calling this helper # # Requires YunoHost version 2.6.4 or higher. -ynh_store_file_checksum () { +ynh_store_file_checksum() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= [u]=update_only ) + local -A args_array=([f]=file= [u]=update_only) local file local update_only update_only="${update_only:-0}" @@ -334,22 +306,21 @@ ynh_store_file_checksum () { # Manage arguments with getopts ynh_handle_getopts_args "$@" - local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' - + local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' + # If update only, we don't save the new checksum if no old checksum exist - if [ $update_only -eq 1 ] ; then + if [ $update_only -eq 1 ]; then local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name) - if [ -z "${checksum_value}" ] ; then + if [ -z "${checksum_value}" ]; then unset backup_file_checksum return 0 fi fi - + ynh_app_setting_set --app=$app --key=$checksum_setting_name --value=$(md5sum "$file" | cut --delimiter=' ' --fields=1) # If backup_file_checksum isn't empty, ynh_backup_if_checksum_is_different has made a backup - if [ -n "${backup_file_checksum-}" ] - then + if [ -n "${backup_file_checksum-}" ]; then # Print the diff between the previous file and the new one. # diff return 1 if the files are different, so the || true diff --report-identical-files --unified --color=always $backup_file_checksum $file >&2 || true @@ -368,27 +339,25 @@ ynh_store_file_checksum () { # modified config files. # # Requires YunoHost version 2.6.4 or higher. -ynh_backup_if_checksum_is_different () { +ynh_backup_if_checksum_is_different() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= ) + local -A args_array=([f]=file=) local file # Manage arguments with getopts ynh_handle_getopts_args "$@" - local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' + local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name) # backup_file_checksum isn't declare as local, so it can be reuse by ynh_store_file_checksum backup_file_checksum="" - if [ -n "$checksum_value" ] - then # Proceed only if a value was stored into the app settings - if [ -e $file ] && ! echo "$checksum_value $file" | md5sum --check --status - then # If the checksum is now different - backup_file_checksum="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')" + if [ -n "$checksum_value" ]; then # Proceed only if a value was stored into the app settings + if [ -e $file ] && ! echo "$checksum_value $file" | md5sum --check --status; then # If the checksum is now different + backup_file_checksum="/var/cache/yunohost/appconfbackup/$file.backup.$(date '+%Y%m%d.%H%M%S')" mkdir --parents "$(dirname "$backup_file_checksum")" - cp --archive "$file" "$backup_file_checksum" # Backup the current file + cp --archive "$file" "$backup_file_checksum" # Backup the current file ynh_print_warn "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file_checksum" - echo "$backup_file_checksum" # Return the name of the backup file + echo "$backup_file_checksum" # Return the name of the backup file fi fi } @@ -401,15 +370,15 @@ ynh_backup_if_checksum_is_different () { # $app should be defined when calling this helper # # Requires YunoHost version 3.3.1 or higher. -ynh_delete_file_checksum () { +ynh_delete_file_checksum() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= ) + local -A args_array=([f]=file=) local file # Manage arguments with getopts ynh_handle_getopts_args "$@" - local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' + local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' ynh_app_setting_delete --app=$app --key=$checksum_setting_name } @@ -417,7 +386,7 @@ ynh_delete_file_checksum () { # # [internal] # -ynh_backup_archive_exists () { +ynh_backup_archive_exists() { yunohost backup list --output-as json --quiet \ | jq -e --arg archive "$1" '.archives | index($archive)' >/dev/null } @@ -436,22 +405,19 @@ ynh_backup_archive_exists () { # ``` # # Requires YunoHost version 2.7.2 or higher. -ynh_backup_before_upgrade () { - if [ ! -e "/etc/yunohost/apps/$app/scripts/backup" ] - then +ynh_backup_before_upgrade() { + if [ ! -e "/etc/yunohost/apps/$app/scripts/backup" ]; then ynh_print_warn --message="This app doesn't have any backup script." return fi backup_number=1 local old_backup_number=2 - local app_bck=${app//_/-} # Replace all '_' by '-' + local app_bck=${app//_/-} # Replace all '_' by '-' NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0} - if [ "$NO_BACKUP_UPGRADE" -eq 0 ] - then + if [ "$NO_BACKUP_UPGRADE" -eq 0 ]; then # Check if a backup already exists with the prefix 1 - if ynh_backup_archive_exists "$app_bck-pre-upgrade1" - then + if ynh_backup_archive_exists "$app_bck-pre-upgrade1"; then # Prefix becomes 2 to preserve the previous backup backup_number=2 old_backup_number=1 @@ -459,13 +425,11 @@ ynh_backup_before_upgrade () { # Create backup BACKUP_CORE_ONLY=1 yunohost backup create --apps $app --name $app_bck-pre-upgrade$backup_number --debug - if [ "$?" -eq 0 ] - then + if [ "$?" -eq 0 ]; then # If the backup succeeded, remove the previous backup - if ynh_backup_archive_exists "$app_bck-pre-upgrade$old_backup_number" - then + if ynh_backup_archive_exists "$app_bck-pre-upgrade$old_backup_number"; then # Remove the previous backup only if it exists - yunohost backup delete $app_bck-pre-upgrade$old_backup_number > /dev/null + yunohost backup delete $app_bck-pre-upgrade$old_backup_number >/dev/null fi else ynh_die --message="Backup failed, the upgrade process was aborted." @@ -489,22 +453,25 @@ ynh_backup_before_upgrade () { # ``` # # Requires YunoHost version 2.7.2 or higher. -ynh_restore_upgradebackup () { +ynh_restore_upgradebackup() { ynh_print_err --message="Upgrade failed." - local app_bck=${app//_/-} # Replace all '_' by '-' + local app_bck=${app//_/-} # Replace all '_' by '-' NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0} - if [ "$NO_BACKUP_UPGRADE" -eq 0 ] - then + if [ "$NO_BACKUP_UPGRADE" -eq 0 ]; then # Check if an existing backup can be found before removing and restoring the application. - if ynh_backup_archive_exists "$app_bck-pre-upgrade$backup_number" - then + if ynh_backup_archive_exists "$app_bck-pre-upgrade$backup_number"; then # Remove the application then restore it yunohost app remove $app # Restore the backup yunohost backup restore $app_bck-pre-upgrade$backup_number --apps $app --force --debug - ynh_die --message="The app was restored to the way it was before the failed upgrade." + if [[ -d /etc/yunohost/apps/$app ]] + then + ynh_die --message="The app was restored to the way it was before the failed upgrade." + else + ynh_die --message="Uhoh ... Yunohost failed to restore the app to the way it was before the failed upgrade :|" + fi fi else ynh_print_warn --message="\$NO_BACKUP_UPGRADE is set, that means there's no backup to restore. You have to fix this upgrade by yourself !" diff --git a/data/helpers.d/config b/helpers/config similarity index 75% rename from data/helpers.d/config rename to helpers/config index 3f856ffa4..9c7272b85 100644 --- a/data/helpers.d/config +++ b/helpers/config @@ -1,60 +1,49 @@ #!/bin/bash - _ynh_app_config_get_one() { local short_setting="$1" local type="$2" local bind="$3" local getter="get__${short_setting}" # Get value from getter if exists - if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null; then old[$short_setting]="$($getter)" formats[${short_setting}]="yaml" - elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then old[$short_setting]="$("get__${bind%%(*}" $short_setting $type $bind)" formats[${short_setting}]="yaml" - - elif [[ "$bind" == "null" ]] - then + + elif [[ "$bind" == "null" ]]; then old[$short_setting]="YNH_NULL" # Get value from app settings or from another file - elif [[ "$type" == "file" ]] - then - if [[ "$bind" == "settings" ]] - then + elif [[ "$type" == "file" ]]; then + if [[ "$bind" == "settings" ]]; then ynh_die --message="File '${short_setting}' can't be stored in settings" fi - old[$short_setting]="$(ls "$(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" 2> /dev/null || echo YNH_NULL)" + old[$short_setting]="$(ls "$(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" 2>/dev/null || echo YNH_NULL)" file_hash[$short_setting]="true" # Get multiline text from settings or from a full file - elif [[ "$type" == "text" ]] - then - if [[ "$bind" == "settings" ]] - then + elif [[ "$type" == "text" ]]; then + if [[ "$bind" == "settings" ]]; then old[$short_setting]="$(ynh_app_setting_get $app $short_setting)" - elif [[ "$bind" == *":"* ]] - then + elif [[ "$bind" == *":"* ]]; then ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically in a variable file, you have to create custom getter/setter" else - old[$short_setting]="$(cat $(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/) 2> /dev/null || echo YNH_NULL)" + old[$short_setting]="$(cat $(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/) 2>/dev/null || echo YNH_NULL)" fi # Get value from a kind of key/value file else local bind_after="" - if [[ "$bind" == "settings" ]] - then + if [[ "$bind" == "settings" ]]; then bind=":/etc/yunohost/apps/$app/settings.yml" fi local bind_key_="$(echo "$bind" | cut -d: -f1)" bind_key_=${bind_key_:-$short_setting} - if [[ "$bind_key_" == *">"* ]]; - then + if [[ "$bind_key_" == *">"* ]]; then bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)" bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)" fi @@ -68,39 +57,31 @@ _ynh_app_config_apply_one() { local setter="set__${short_setting}" local bind="${binds[$short_setting]}" local type="${types[$short_setting]}" - if [ "${changed[$short_setting]}" == "true" ] - then + if [ "${changed[$short_setting]}" == "true" ]; then # Apply setter if exists - if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null; then $setter - elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then "set__${bind%%(*}" $short_setting $type $bind - - elif [[ "$bind" == "null" ]] - then - continue + + elif [[ "$bind" == "null" ]]; then + return # Save in a file - elif [[ "$type" == "file" ]] - then - if [[ "$bind" == "settings" ]] - then + elif [[ "$type" == "file" ]]; then + if [[ "$bind" == "settings" ]]; then ynh_die --message="File '${short_setting}' can't be stored in settings" fi local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" - if [[ "${!short_setting}" == "" ]] - then + if [[ "${!short_setting}" == "" ]]; then ynh_backup_if_checksum_is_different --file="$bind_file" ynh_secure_remove --file="$bind_file" ynh_delete_file_checksum --file="$bind_file" --update_only ynh_print_info --message="File '$bind_file' removed" else ynh_backup_if_checksum_is_different --file="$bind_file" - if [[ "${!short_setting}" != "$bind_file" ]] - then + if [[ "${!short_setting}" != "$bind_file" ]]; then cp "${!short_setting}" "$bind_file" fi ynh_store_file_checksum --file="$bind_file" --update_only @@ -108,21 +89,18 @@ _ynh_app_config_apply_one() { fi # Save value in app settings - elif [[ "$bind" == "settings" ]] - then + elif [[ "$bind" == "settings" ]]; then ynh_app_setting_set --app=$app --key=$short_setting --value="${!short_setting}" ynh_print_info --message="Configuration key '$short_setting' edited in app settings" # Save multiline text in a file - elif [[ "$type" == "text" ]] - then - if [[ "$bind" == *":"* ]] - then + elif [[ "$type" == "text" ]]; then + if [[ "$bind" == *":"* ]]; then ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically in a variable file, you have to create custom getter/setter" fi local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" ynh_backup_if_checksum_is_different --file="$bind_file" - echo "${!short_setting}" > "$bind_file" + echo "${!short_setting}" >"$bind_file" ynh_store_file_checksum --file="$bind_file" --update_only ynh_print_info --message="File '$bind_file' overwritten with the content provided in question '${short_setting}'" @@ -131,8 +109,7 @@ _ynh_app_config_apply_one() { local bind_after="" local bind_key_="$(echo "$bind" | cut -d: -f1)" bind_key_=${bind_key_:-$short_setting} - if [[ "$bind_key_" == *">"* ]]; - then + if [[ "$bind_key_" == *">"* ]]; then bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)" bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)" fi @@ -152,7 +129,8 @@ _ynh_app_config_apply_one() { _ynh_app_config_get() { # From settings local lines - lines=$(python3 << EOL + lines=$( + python3 </dev/null; - then + if type -t validate__$short_setting | grep -q '^function$' 2>/dev/null; then result="$(validate__$short_setting)" - elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; - then + elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then "validate__${bind%%(*}" $short_setting fi - if [ -n "$result" ] - then + if [ -n "$result" ]; then # # Return a yaml such as: # @@ -287,8 +246,7 @@ _ynh_app_config_validate() { # # We use changes_validated to know if this is # the first validation error - if [[ "$changes_validated" == true ]] - then + if [[ "$changes_validated" == true ]]; then ynh_return "validation_errors:" fi ynh_return " ${short_setting}: \"$result\"" @@ -298,8 +256,7 @@ _ynh_app_config_validate() { # If validation failed, exit the script right now (instead of going into apply) # Yunohost core will pick up the errors returned via ynh_return previously - if [[ "$changes_validated" == "false" ]] - then + if [[ "$changes_validated" == "false" ]]; then exit 0 fi @@ -337,21 +294,20 @@ ynh_app_config_run() { declare -Ag formats=() case $1 in - show) - ynh_app_config_get - ynh_app_config_show - ;; - apply) - max_progression=4 - ynh_script_progression --message="Reading config panel description and current configuration..." - ynh_app_config_get + show) + ynh_app_config_get + ynh_app_config_show + ;; + apply) + max_progression=4 + ynh_script_progression --message="Reading config panel description and current configuration..." + ynh_app_config_get - ynh_app_config_validate + ynh_app_config_validate - ynh_script_progression --message="Applying the new configuration..." - ynh_app_config_apply - ynh_script_progression --message="Configuration of $app completed" --last - ;; + ynh_script_progression --message="Applying the new configuration..." + ynh_app_config_apply + ynh_script_progression --message="Configuration of $app completed" --last + ;; esac } - diff --git a/data/helpers.d/fail2ban b/helpers/fail2ban similarity index 85% rename from data/helpers.d/fail2ban rename to helpers/fail2ban index 26c899d93..21177fa8d 100644 --- a/data/helpers.d/fail2ban +++ b/helpers/fail2ban @@ -10,9 +10,8 @@ # # ----------------------------------------------------------------------------- # -# usage 2: ynh_add_fail2ban_config --use_template [--others_var="list of others variables to replace"] +# usage 2: ynh_add_fail2ban_config --use_template # | arg: -t, --use_template - Use this helper in template mode -# | arg: -v, --others_var= - List of others variables to replace separeted by a space for example : 'var_1 var_2 ...' # # This will use a template in `../conf/f2b_jail.conf` and `../conf/f2b_filter.conf` # See the documentation of `ynh_add_config` for a description of the template @@ -62,27 +61,22 @@ # ``` # # Requires YunoHost version 4.1.0 or higher. -ynh_add_fail2ban_config () { +ynh_add_fail2ban_config() { # Declare an array to define the options of this helper. local legacy_args=lrmptv - local -A args_array=( [l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template [v]=others_var=) + local -A args_array=([l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template) local logpath local failregex local max_retry local ports - local others_var local use_template # Manage arguments with getopts ynh_handle_getopts_args "$@" max_retry=${max_retry:-3} ports=${ports:-http,https} - others_var="${others_var:-}" use_template="${use_template:-0}" - [[ -z "$others_var" ]] || ynh_print_warn --message="Packagers: using --others_var is unecessary since YunoHost 4.2" - - if [ $use_template -ne 1 ] - then + if [ $use_template -ne 1 ]; then # Usage 1, no template. Build a config file from scratch. test -n "$logpath" || ynh_die --message="ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." test -n "$failregex" || ynh_die --message="ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." @@ -94,15 +88,15 @@ port = __PORTS__ filter = __APP__ logpath = __LOGPATH__ maxretry = __MAX_RETRY__ -" > $YNH_APP_BASEDIR/conf/f2b_jail.conf +" >$YNH_APP_BASEDIR/conf/f2b_jail.conf - echo " + echo " [INCLUDES] before = common.conf [Definition] failregex = __FAILREGEX__ ignoreregex = -" > $YNH_APP_BASEDIR/conf/f2b_filter.conf +" >$YNH_APP_BASEDIR/conf/f2b_filter.conf fi ynh_add_config --template="$YNH_APP_BASEDIR/conf/f2b_jail.conf" --destination="/etc/fail2ban/jail.d/$app.conf" @@ -111,8 +105,7 @@ ignoreregex = ynh_systemd_action --service_name=fail2ban --action=reload --line_match="(Started|Reloaded) Fail2Ban Service" --log_path=systemd local fail2ban_error="$(journalctl --no-hostname --unit=fail2ban | tail --lines=50 | grep "WARNING.*$app.*")" - if [[ -n "$fail2ban_error" ]] - then + if [[ -n "$fail2ban_error" ]]; then ynh_print_err --message="Fail2ban failed to load the jail for $app" ynh_print_warn --message="${fail2ban_error#*WARNING}" fi @@ -123,7 +116,7 @@ ignoreregex = # usage: ynh_remove_fail2ban_config # # Requires YunoHost version 3.5.0 or higher. -ynh_remove_fail2ban_config () { +ynh_remove_fail2ban_config() { ynh_secure_remove --file="/etc/fail2ban/jail.d/$app.conf" ynh_secure_remove --file="/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --service_name=fail2ban --action=reload diff --git a/data/helpers.d/getopts b/helpers/getopts similarity index 87% rename from data/helpers.d/getopts rename to helpers/getopts index 8d9e55826..e912220e4 100644 --- a/data/helpers.d/getopts +++ b/helpers/getopts @@ -45,11 +45,10 @@ # e.g. for `my_helper "val1" val2`, arg1 will be filled with val1, and arg2 with val2. # # Requires YunoHost version 3.2.2 or higher. -ynh_handle_getopts_args () { +ynh_handle_getopts_args() { # Manage arguments only if there's some provided set +o xtrace # set +x - if [ $# -ne 0 ] - then + if [ $# -ne 0 ]; then # Store arguments in an array to keep each argument separated local arguments=("$@") @@ -58,14 +57,12 @@ ynh_handle_getopts_args () { # ${!args_array[@]} is the list of all option_flags in the array (An option_flag is 'u' in [u]=user, user is a value) local getopts_parameters="" local option_flag="" - for option_flag in "${!args_array[@]}" - do + for option_flag in "${!args_array[@]}"; do # Concatenate each option_flags of the array to build the string of arguments for getopts # Will looks like 'abcd' for -a -b -c -d # If the value of an option_flag finish by =, it's an option with additionnal values. (e.g. --user bob or -u bob) # Check the last character of the value associate to the option_flag - if [ "${args_array[$option_flag]: -1}" = "=" ] - then + if [ "${args_array[$option_flag]: -1}" = "=" ]; then # For an option with additionnal values, add a ':' after the letter for getopts. getopts_parameters="${getopts_parameters}${option_flag}:" else @@ -74,8 +71,7 @@ ynh_handle_getopts_args () { # Check each argument given to the function local arg="" # ${#arguments[@]} is the size of the array - for arg in `seq 0 $(( ${#arguments[@]} - 1 ))` - do + for arg in $(seq 0 $((${#arguments[@]} - 1))); do # Escape options' values starting with -. Otherwise the - will be considered as another option. arguments[arg]="${arguments[arg]//--${args_array[$option_flag]}-/--${args_array[$option_flag]}\\TOBEREMOVED\\-}" # And replace long option (value of the option_flag) by the short option, the option_flag itself @@ -89,10 +85,9 @@ ynh_handle_getopts_args () { # Read and parse all the arguments # Use a function here, to use standart arguments $@ and be able to use shift. - parse_arg () { + parse_arg() { # Read all arguments, until no arguments are left - while [ $# -ne 0 ] - do + while [ $# -ne 0 ]; do # Initialize the index of getopts OPTIND=1 # Parse with getopts only if the argument begin by -, that means the argument is an option @@ -100,11 +95,9 @@ ynh_handle_getopts_args () { local parameter="" getopts ":$getopts_parameters" parameter || true - if [ "$parameter" = "?" ] - then + if [ "$parameter" = "?" ]; then ynh_die --message="Invalid argument: -${OPTARG:-}" - elif [ "$parameter" = ":" ] - then + elif [ "$parameter" = ":" ]; then ynh_die --message="-$OPTARG parameter requires an argument." else local shift_value=1 @@ -115,8 +108,7 @@ ynh_handle_getopts_args () { local option_var="${args_array[$parameter]%=}" # If this option doesn't take values # if there's a '=' at the end of the long option name, this option takes values - if [ "${args_array[$parameter]: -1}" != "=" ] - then + if [ "${args_array[$parameter]: -1}" != "=" ]; then # 'eval ${option_var}' will use the content of 'option_var' eval ${option_var}=1 else @@ -126,41 +118,35 @@ ynh_handle_getopts_args () { # If the first argument is longer than 2 characters, # There's a value attached to the option, in the same array cell - if [ ${#all_args[0]} -gt 2 ] - then + if [ ${#all_args[0]} -gt 2 ]; then # Remove the option and the space, so keep only the value itself. all_args[0]="${all_args[0]#-${parameter} }" # At this point, if all_args[0] start with "-", then the argument is not well formed - if [ "${all_args[0]:0:1}" == "-" ] - then + if [ "${all_args[0]:0:1}" == "-" ]; then ynh_die --message="Argument \"${all_args[0]}\" not valid! Did you use a single \"-\" instead of two?" fi # Reduce the value of shift, because the option has been removed manually - shift_value=$(( shift_value - 1 )) + shift_value=$((shift_value - 1)) fi # Declare the content of option_var as a variable. eval ${option_var}="" # Then read the array value per value local i - for i in `seq 0 $(( ${#all_args[@]} - 1 ))` - do + for i in $(seq 0 $((${#all_args[@]} - 1))); do # If this argument is an option, end here. - if [ "${all_args[$i]:0:1}" == "-" ] - then + if [ "${all_args[$i]:0:1}" == "-" ]; then # Ignore the first value of the array, which is the option itself if [ "$i" -ne 0 ]; then break fi else # Ignore empty parameters - if [ -n "${all_args[$i]}" ] - then + if [ -n "${all_args[$i]}" ]; then # Else, add this value to this option # Each value will be separated by ';' - if [ -n "${!option_var}" ] - then + if [ -n "${!option_var}" ]; then # If there's already another value for this option, add a ; before adding the new value eval ${option_var}+="\;" fi @@ -177,7 +163,7 @@ ynh_handle_getopts_args () { eval ${option_var}+='"${all_args[$i]}"' fi - shift_value=$(( shift_value + 1 )) + shift_value=$((shift_value + 1)) fi done fi @@ -190,24 +176,23 @@ ynh_handle_getopts_args () { # LEGACY MODE # Check if there's getopts arguments - if [ "${arguments[0]:0:1}" != "-" ] - then + if [ "${arguments[0]:0:1}" != "-" ]; then # If not, enter in legacy mode and manage the arguments as positionnal ones.. # Dot not echo, to prevent to go through a helper output. But print only in the log. - set -x; echo "! Helper used in legacy mode !" > /dev/null; set +x + set -x + echo "! Helper used in legacy mode !" >/dev/null + set +x local i - for i in `seq 0 $(( ${#arguments[@]} -1 ))` - do + for i in $(seq 0 $((${#arguments[@]} - 1))); do # Try to use legacy_args as a list of option_flag of the array args_array # Otherwise, fallback to getopts_parameters to get the option_flag. But an associative arrays isn't always sorted in the correct order... # Remove all ':' in getopts_parameters - getopts_parameters=${legacy_args:-${getopts_parameters//:}} + getopts_parameters=${legacy_args:-${getopts_parameters//:/}} # Get the option_flag from getopts_parameters, by using the option_flag according to the position of the argument. option_flag=${getopts_parameters:$i:1} - if [ -z "$option_flag" ] - then - ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored." - continue + if [ -z "$option_flag" ]; then + ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored." + continue fi # Use the long option, corresponding to the option_flag, as a variable # (e.g. for [u]=user, 'user' will be used as a variable) diff --git a/data/helpers.d/hardware b/helpers/hardware similarity index 82% rename from data/helpers.d/hardware rename to helpers/hardware index 6d1c314fa..9f276b806 100644 --- a/data/helpers.d/hardware +++ b/helpers/hardware @@ -10,10 +10,10 @@ # | ret: the amount of free ram, in MB (MegaBytes) # # Requires YunoHost version 3.8.1 or higher. -ynh_get_ram () { +ynh_get_ram() { # Declare an array to define the options of this helper. local legacy_args=ftso - local -A args_array=( [f]=free [t]=total [s]=ignore_swap [o]=only_swap ) + local -A args_array=([f]=free [t]=total [s]=ignore_swap [o]=only_swap) local free local total local ignore_swap @@ -25,41 +25,34 @@ ynh_get_ram () { free=${free:-0} total=${total:-0} - if [ $free -eq $total ] - then + if [ $free -eq $total ]; then ynh_print_warn --message="You have to choose --free or --total when using ynh_get_ram" ram=0 # Use the total amount of ram - elif [ $free -eq 1 ] - then + elif [ $free -eq 1 ]; then local free_ram=$(vmstat --stats --unit M | grep "free memory" | awk '{print $1}') local free_swap=$(vmstat --stats --unit M | grep "free swap" | awk '{print $1}') - local free_ram_swap=$(( free_ram + free_swap )) + local free_ram_swap=$((free_ram + free_swap)) # Use the total amount of free ram local ram=$free_ram_swap - if [ $ignore_swap -eq 1 ] - then + if [ $ignore_swap -eq 1 ]; then # Use only the amount of free ram ram=$free_ram - elif [ $only_swap -eq 1 ] - then + elif [ $only_swap -eq 1 ]; then # Use only the amount of free swap ram=$free_swap fi - elif [ $total -eq 1 ] - then + elif [ $total -eq 1 ]; then local total_ram=$(vmstat --stats --unit M | grep "total memory" | awk '{print $1}') local total_swap=$(vmstat --stats --unit M | grep "total swap" | awk '{print $1}') - local total_ram_swap=$(( total_ram + total_swap )) + local total_ram_swap=$((total_ram + total_swap)) local ram=$total_ram_swap - if [ $ignore_swap -eq 1 ] - then + if [ $ignore_swap -eq 1 ]; then # Use only the amount of free ram ram=$total_ram - elif [ $only_swap -eq 1 ] - then + elif [ $only_swap -eq 1 ]; then # Use only the amount of free swap ram=$total_swap fi @@ -79,10 +72,10 @@ ynh_get_ram () { # | ret: 1 if the ram is under the requirement, 0 otherwise. # # Requires YunoHost version 3.8.1 or higher. -ynh_require_ram () { +ynh_require_ram() { # Declare an array to define the options of this helper. local legacy_args=rftso - local -A args_array=( [r]=required= [f]=free [t]=total [s]=ignore_swap [o]=only_swap ) + local -A args_array=([r]=required= [f]=free [t]=total [s]=ignore_swap [o]=only_swap) local required local free local total @@ -100,8 +93,7 @@ ynh_require_ram () { local ram=$(ynh_get_ram $free $total $ignore_swap $only_swap) - if [ $ram -lt $required ] - then + if [ $ram -lt $required ]; then return 1 else return 0 diff --git a/data/helpers.d/logging b/helpers/logging similarity index 56% rename from data/helpers.d/logging rename to helpers/logging index 71998763e..4ac116c26 100644 --- a/data/helpers.d/logging +++ b/helpers/logging @@ -10,7 +10,7 @@ ynh_die() { # Declare an array to define the options of this helper. local legacy_args=mc - local -A args_array=( [m]=message= [c]=ret_code= ) + local -A args_array=([m]=message= [c]=ret_code=) local message local ret_code # Manage arguments with getopts @@ -30,7 +30,7 @@ ynh_die() { ynh_print_info() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=message= ) + local -A args_array=([m]=message=) local message # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -38,31 +38,12 @@ ynh_print_info() { echo "$message" >&$YNH_STDINFO } -# Ignore the yunohost-cli log to prevent errors with conditional commands -# -# [internal] -# -# usage: ynh_no_log COMMAND -# -# Simply duplicate the log, execute the yunohost command and replace the log without the result of this command -# It's a very badly hack... -# -# Requires YunoHost version 2.6.4 or higher. -ynh_no_log() { - local ynh_cli_log=/var/log/yunohost/yunohost-cli.log - cp --archive ${ynh_cli_log} ${ynh_cli_log}-move - eval $@ - local exit_code=$? - mv ${ynh_cli_log}-move ${ynh_cli_log} - return $exit_code -} - # Main printer, just in case in the future we have to change anything about that. # # [internal] # # Requires YunoHost version 3.2.0 or higher. -ynh_print_log () { +ynh_print_log() { echo -e "${1}" } @@ -72,10 +53,10 @@ ynh_print_log () { # | arg: -m, --message= - The text to print # # Requires YunoHost version 3.2.0 or higher. -ynh_print_warn () { +ynh_print_warn() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=message= ) + local -A args_array=([m]=message=) local message # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -89,10 +70,10 @@ ynh_print_warn () { # | arg: -m, --message= - The text to print # # Requires YunoHost version 3.2.0 or higher. -ynh_print_err () { +ynh_print_err() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=message= ) + local -A args_array=([m]=message=) local message # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -102,82 +83,119 @@ ynh_print_err () { # Execute a command and print the result as an error # -# usage: ynh_exec_err "your_command [ | other_command ]" +# usage: ynh_exec_err your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_err # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_err () { - ynh_print_err "$(eval $@)" +ynh_exec_err() { + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + ynh_print_err "$(eval $@)" + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + ynh_print_err "$("$@")" + fi } # Execute a command and print the result as a warning # -# usage: ynh_exec_warn "your_command [ | other_command ]" +# usage: ynh_exec_warn your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_warn # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_warn () { - ynh_print_warn "$(eval $@)" +ynh_exec_warn() { + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + ynh_print_warn "$(eval $@)" + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + ynh_print_warn "$("$@")" + fi } # Execute a command and force the result to be printed on stdout # -# usage: ynh_exec_warn_less "your_command [ | other_command ]" +# usage: ynh_exec_warn_less your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_warn # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_warn_less () { - eval $@ 2>&1 +ynh_exec_warn_less() { + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + eval $@ 2>&1 + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + "$@" 2>&1 + fi } # Execute a command and redirect stdout in /dev/null # -# usage: ynh_exec_quiet "your_command [ | other_command ]" +# usage: ynh_exec_quiet your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_warn # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_quiet () { - eval $@ > /dev/null +ynh_exec_quiet() { + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + eval $@ > /dev/null + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + "$@" > /dev/null + fi } # Execute a command and redirect stdout and stderr in /dev/null # -# usage: ynh_exec_fully_quiet "your_command [ | other_command ]" +# usage: ynh_exec_quiet your command and args # | arg: command - command to execute # -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. +# Note that you should NOT quote the command but only prefix it with ynh_exec_quiet # # Requires YunoHost version 3.2.0 or higher. -ynh_exec_fully_quiet () { - eval $@ > /dev/null 2>&1 +ynh_exec_fully_quiet() { + # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes, + # (because in the past eval was used) ... + # we detect this by checking that there's no 2nd arg, and $1 contains a space + if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]] + then + eval $@ > /dev/null 2>&1 + else + # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077 + "$@" > /dev/null 2>&1 + fi } # Remove any logs for all the following commands. # # usage: ynh_print_OFF # +# [internal] +# # WARNING: You should be careful with this helper, and never forget to use ynh_print_ON as soon as possible to restore the logging. # # Requires YunoHost version 3.2.0 or higher. -ynh_print_OFF () { +ynh_print_OFF() { exec {BASH_XTRACEFD}>/dev/null } @@ -185,11 +203,13 @@ ynh_print_OFF () { # # usage: ynh_print_ON # +# [internal] +# # Requires YunoHost version 3.2.0 or higher. -ynh_print_ON () { +ynh_print_ON() { exec {BASH_XTRACEFD}>&1 # Print an echo only for the log, to be able to know that ynh_print_ON has been called. - echo ynh_print_ON > /dev/null + echo ynh_print_ON >/dev/null } # Initial definitions for ynh_script_progression @@ -214,11 +234,11 @@ base_time=$(date +%s) # | arg: -l, --last - Use for the last call of the helper, to fill the progression bar. # # Requires YunoHost version 3.5.0 or higher. -ynh_script_progression () { +ynh_script_progression() { set +o xtrace # set +x # Declare an array to define the options of this helper. local legacy_args=mwtl - local -A args_array=( [m]=message= [w]=weight= [t]=time [l]=last ) + local -A args_array=([m]=message= [w]=weight= [t]=time [l]=last) local message local weight local time @@ -232,12 +252,11 @@ ynh_script_progression () { last=${last:-0} # Get execution time since the last $base_time - local exec_time=$(( $(date +%s) - $base_time )) + local exec_time=$(($(date +%s) - $base_time)) base_time=$(date +%s) # Compute $max_progression (if we didn't already) - if [ "$max_progression" = -1 ] - then + if [ "$max_progression" = -1 ]; then # Get the number of occurrences of 'ynh_script_progression' in the script. Except those are commented. local helper_calls="$(grep --count "^[^#]*ynh_script_progression" $0)" # Get the number of call with a weight value @@ -249,23 +268,22 @@ ynh_script_progression () { local weight_valuesB="$(grep --perl-regexp "^[^#]*ynh_script_progression.*-w " $0 | sed 's/.*-w[= ]\([[:digit:]]*\).*/\1/g')" # Each value will be on a different line. # Remove each 'end of line' and replace it by a '+' to sum the values. - local weight_values=$(( $(echo "$weight_valuesA" | tr '\n' '+') + $(echo "$weight_valuesB" | tr '\n' '+') 0 )) + local weight_values=$(($(echo "$weight_valuesA" "$weight_valuesB" | grep -v -E '^\s*$' | tr '\n' '+' | sed 's/+$/+0/g'))) # max_progression is a total number of calls to this helper. # Less the number of calls with a weight value. # Plus the total of weight values - max_progression=$(( $helper_calls - $weight_calls + $weight_values )) + max_progression=$(($helper_calls - $weight_calls + $weight_values)) fi # Increment each execution of ynh_script_progression in this script by the weight of the previous call. - increment_progression=$(( $increment_progression + $previous_weight )) + increment_progression=$(($increment_progression + $previous_weight)) # Store the weight of the current call in $previous_weight for next call previous_weight=$weight # Reduce $increment_progression to the size of the scale - if [ $last -eq 0 ] - then - local effective_progression=$(( $increment_progression * $progress_scale / $max_progression )) + if [ $last -eq 0 ]; then + local effective_progression=$(($increment_progression * $progress_scale / $max_progression)) # If last is specified, fill immediately the progression_bar else local effective_progression=$progress_scale @@ -273,19 +291,17 @@ ynh_script_progression () { # Build $progression_bar from progress_string(0,1,2) according to $effective_progression and the weight of the current task # expected_progression is the progression expected after the current task - local expected_progression="$(( ( $increment_progression + $weight ) * $progress_scale / $max_progression - $effective_progression ))" - if [ $last -eq 1 ] - then + local expected_progression="$((($increment_progression + $weight) * $progress_scale / $max_progression - $effective_progression))" + if [ $last -eq 1 ]; then expected_progression=0 fi # left_progression is the progression not yet done - local left_progression="$(( $progress_scale - $effective_progression - $expected_progression ))" + local left_progression="$(($progress_scale - $effective_progression - $expected_progression))" # Build the progression bar with $effective_progression, work done, $expected_progression, current work and $left_progression, work to be done. local progression_bar="${progress_string2:0:$effective_progression}${progress_string1:0:$expected_progression}${progress_string0:0:$left_progression}" local print_exec_time="" - if [ $time -eq 1 ] - then + if [ $time -eq 1 ]; then print_exec_time=" [$(date +%Hh%Mm,%Ss --date="0 + $exec_time sec")]" fi @@ -299,73 +315,6 @@ ynh_script_progression () { # usage: ynh_return somedata # # Requires YunoHost version 3.6.0 or higher. -ynh_return () { - echo "$1" >> "$YNH_STDRETURN" -} - -# Debugger for app packagers -# -# usage: ynh_debug [--message=message] [--trace=1/0] -# | arg: -m, --message= - The text to print -# | arg: -t, --trace= - Turn on or off the trace of the script. Usefull to trace nonly a small part of a script. -# -# Requires YunoHost version 3.5.0 or higher. -ynh_debug () { - # Disable set xtrace for the helper itself, to not pollute the debug log - set +o xtrace # set +x - # Declare an array to define the options of this helper. - local legacy_args=mt - local -A args_array=( [m]=message= [t]=trace= ) - local message - local trace - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - # Re-disable xtrace, ynh_handle_getopts_args set it back - set +o xtrace # set +x - message=${message:-} - trace=${trace:-} - - if [ -n "$message" ] - then - ynh_print_log "[Debug] ${message}" >&2 - fi - - if [ "$trace" == "1" ] - then - ynh_debug --message="Enable debugging" - set +o xtrace # set +x - # Get the current file descriptor of xtrace - old_bash_xtracefd=$BASH_XTRACEFD - # Add the current file name and the line number of any command currently running while tracing. - PS4='$(basename ${BASH_SOURCE[0]})-L${LINENO}: ' - # Force xtrace to stderr - BASH_XTRACEFD=2 - # Force stdout to stderr - exec 1>&2 - fi - if [ "$trace" == "0" ] - then - ynh_debug --message="Disable debugging" - set +o xtrace # set +x - # Put xtrace back to its original fild descriptor - BASH_XTRACEFD=$old_bash_xtracefd - # Restore stdout - exec 1>&1 - fi - # Renable set xtrace - set -o xtrace # set -x -} - -# Execute a command and print the result as debug -# -# usage: ynh_debug_exec "your_command [ | other_command ]" -# | arg: command - command to execute -# -# When using pipes, double quotes are required - otherwise, this helper will run the first command, and the whole output will be sent through the next pipe. -# -# If the command to execute uses double quotes, they have to be escaped or they will be interpreted and removed. -# -# Requires YunoHost version 3.5.0 or higher. -ynh_debug_exec () { - ynh_debug --message="$(eval $@)" -} +ynh_return() { + echo "$1" >>"$YNH_STDRETURN" +} \ No newline at end of file diff --git a/data/helpers.d/logrotate b/helpers/logrotate similarity index 73% rename from data/helpers.d/logrotate rename to helpers/logrotate index 1844cc5c7..6f9726beb 100644 --- a/data/helpers.d/logrotate +++ b/helpers/logrotate @@ -15,10 +15,10 @@ # # Requires YunoHost version 2.6.4 or higher. # Requires YunoHost version 3.2.0 or higher for the argument `--specific_user` -ynh_use_logrotate () { +ynh_use_logrotate() { # Declare an array to define the options of this helper. local legacy_args=lnuya - local -A args_array=( [l]=logfile= [n]=nonappend [u]=specific_user= [y]=non [a]=append ) + local -A args_array=([l]=logfile= [n]=nonappend [u]=specific_user= [y]=non [a]=append) # [y]=non [a]=append are only for legacy purpose, to not fail on the old option '--non-append' local logfile local nonappend @@ -30,22 +30,18 @@ ynh_use_logrotate () { specific_user="${specific_user:-}" # LEGACY CODE - PRE GETOPTS - if [ $# -gt 0 ] && [ "$1" == "--non-append" ] - then + if [ $# -gt 0 ] && [ "$1" == "--non-append" ]; then nonappend=1 # Destroy this argument for the next command. shift - elif [ $# -gt 1 ] && [ "$2" == "--non-append" ] - then + elif [ $# -gt 1 ] && [ "$2" == "--non-append" ]; then nonappend=1 fi - if [ $# -gt 0 ] && [ "$(echo ${1:0:1})" != "-" ] - then + if [ $# -gt 0 ] && [ "$(echo ${1:0:1})" != "-" ]; then # If the given logfile parameter already exists as a file, or if it ends up with ".log", # we just want to manage a single file - if [ -f "$1" ] || [ "$(echo ${1##*.})" == "log" ] - then + if [ -f "$1" ] || [ "$(echo ${1##*.})" == "log" ]; then local logfile=$1 # Otherwise we assume we want to manage a directory and all its .log file inside else @@ -58,22 +54,20 @@ ynh_use_logrotate () { if [ "$nonappend" -eq 1 ]; then customtee="tee" fi - if [ -n "$logfile" ] - then - if [ ! -f "$1" ] && [ "$(echo ${logfile##*.})" != "log" ]; then # Keep only the extension to check if it's a logfile - local logfile="$logfile/*.log" # Else, uses the directory and all logfile into it. + if [ -n "$logfile" ]; then + if [ ! -f "$1" ] && [ "$(echo ${logfile##*.})" != "log" ]; then # Keep only the extension to check if it's a logfile + local logfile="$logfile/*.log" # Else, uses the directory and all logfile into it. fi else logfile="/var/log/${app}/*.log" # Without argument, use a defaut directory in /var/log fi local su_directive="" - if [[ -n $specific_user ]] - then + if [[ -n $specific_user ]]; then su_directive=" # Run logorotate as specific user - group su ${specific_user%/*} ${specific_user#*/}" fi - cat > ./${app}-logrotate << EOF # Build a config file for logrotate + cat >./${app}-logrotate < /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee) - - if ynh_user_exists --username="$app"; then - chown $app:$app "$logfile" - chmod o-rwx "$logfile" - fi - + mkdir --parents $(dirname "$logfile") # Create the log directory, if not exist + cat ${app}-logrotate | $customtee /etc/logrotate.d/$app >/dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee) } # Remove the app's logrotate config. @@ -109,7 +97,7 @@ EOF # usage: ynh_remove_logrotate # # Requires YunoHost version 2.6.4 or higher. -ynh_remove_logrotate () { +ynh_remove_logrotate() { if [ -e "/etc/logrotate.d/$app" ]; then rm "/etc/logrotate.d/$app" fi diff --git a/data/helpers.d/multimedia b/helpers/multimedia similarity index 76% rename from data/helpers.d/multimedia rename to helpers/multimedia index 552b8c984..abeb9ed2c 100644 --- a/data/helpers.d/multimedia +++ b/helpers/multimedia @@ -22,8 +22,7 @@ ynh_multimedia_build_main_dir() { mkdir -p "$MEDIA_DIRECTORY/share/eBook" ## Création des dossiers utilisateurs - for user in $(yunohost user list --output-as json | jq -r '.users | keys[]') - do + for user in $(yunohost user list --output-as json | jq -r '.users | keys[]'); do mkdir -p "$MEDIA_DIRECTORY/$user" mkdir -p "$MEDIA_DIRECTORY/$user/Music" mkdir -p "$MEDIA_DIRECTORY/$user/Picture" @@ -66,22 +65,22 @@ ynh_multimedia_addfolder() { # Declare an array to define the options of this helper. local legacy_args=sd - local -A args_array=( [s]=source_dir= [d]=dest_dir= ) - local source_dir - local dest_dir + local -A args_array=([s]=source_dir= [d]=dest_dir=) + local source_dir + local dest_dir # Manage arguments with getopts ynh_handle_getopts_args "$@" # Ajout d'un lien symbolique vers le dossier à partager - ln -sfn "$source_dir" "$MEDIA_DIRECTORY/$dest_dir" + ln -sfn "$source_dir" "$MEDIA_DIRECTORY/$dest_dir" - ## Application des droits étendus sur le dossier ajouté - # Droit d'écriture pour le groupe et le groupe multimedia en acl et droit de lecture pour other: - setfacl -RnL -m g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" - # Application de la même règle que précédemment, mais par défaut pour les nouveaux fichiers. - setfacl -RnL -m d:g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" - # Réglage du masque par défaut. Qui garantie (en principe...) un droit maximal à rwx. Donc pas de restriction de droits par l'acl. - setfacl -RL -m m::rwx "$source_dir" + ## Application des droits étendus sur le dossier ajouté + # Droit d'écriture pour le groupe et le groupe multimedia en acl et droit de lecture pour other: + setfacl -RnL -m g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" + # Application de la même règle que précédemment, mais par défaut pour les nouveaux fichiers. + setfacl -RnL -m d:g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir" + # Réglage du masque par défaut. Qui garantie (en principe...) un droit maximal à rwx. Donc pas de restriction de droits par l'acl. + setfacl -RL -m m::rwx "$source_dir" } # Allow an user to have an write authorisation in multimedia directories @@ -91,14 +90,14 @@ ynh_multimedia_addfolder() { # | arg: -u, --user_name= - The name of the user which gain this access. # # Requires YunoHost version 4.2 or higher. -ynh_multimedia_addaccess () { - # Declare an array to define the options of this helper. +ynh_multimedia_addaccess() { + # Declare an array to define the options of this helper. local legacy_args=u - declare -Ar args_array=( [u]=user_name=) - local user_name - # Manage arguments with getopts - ynh_handle_getopts_args "$@" + declare -Ar args_array=([u]=user_name=) + local user_name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" - groupadd -f multimedia - usermod -a -G multimedia $user_name + groupadd -f multimedia + usermod -a -G multimedia $user_name } diff --git a/data/helpers.d/mysql b/helpers/mysql similarity index 90% rename from data/helpers.d/mysql rename to helpers/mysql index 091dfaf40..822159f27 100644 --- a/data/helpers.d/mysql +++ b/helpers/mysql @@ -15,7 +15,7 @@ ynh_mysql_connect_as() { # Declare an array to define the options of this helper. local legacy_args=upd - local -A args_array=( [u]=user= [p]=password= [d]=database= ) + local -A args_array=([u]=user= [p]=password= [d]=database=) local user local password local database @@ -36,19 +36,18 @@ ynh_mysql_connect_as() { ynh_mysql_execute_as_root() { # Declare an array to define the options of this helper. local legacy_args=sd - local -A args_array=( [s]=sql= [d]=database= ) + local -A args_array=([s]=sql= [d]=database=) local sql local database # Manage arguments with getopts ynh_handle_getopts_args "$@" database="${database:-}" - if [ -n "$database" ] - then + if [ -n "$database" ]; then database="--database=$database" fi - mysql -B "$database" <<< "$sql" + mysql -B "$database" <<<"$sql" } # Execute a command from a file as root user @@ -61,19 +60,18 @@ ynh_mysql_execute_as_root() { ynh_mysql_execute_file_as_root() { # Declare an array to define the options of this helper. local legacy_args=fd - local -A args_array=( [f]=file= [d]=database= ) + local -A args_array=([f]=file= [d]=database=) local file local database # Manage arguments with getopts ynh_handle_getopts_args "$@" database="${database:-}" - if [ -n "$database" ] - then + if [ -n "$database" ]; then database="--database=$database" fi - mysql -B "$database" < "$file" + mysql -B "$database" <"$file" } # Create a database and grant optionnaly privilegies to a user @@ -92,8 +90,7 @@ ynh_mysql_create_db() { local sql="CREATE DATABASE ${db};" # grant all privilegies to user - if [[ $# -gt 1 ]] - then + if [[ $# -gt 1 ]]; then sql+=" GRANT ALL PRIVILEGES ON ${db}.* TO '${2}'@'localhost'" if [[ -n ${3:-} ]]; then sql+=" IDENTIFIED BY '${3}'" @@ -131,7 +128,7 @@ ynh_mysql_drop_db() { ynh_mysql_dump_db() { # Declare an array to define the options of this helper. local legacy_args=d - local -A args_array=( [d]=database= ) + local -A args_array=([d]=database=) local database # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -160,17 +157,15 @@ ynh_mysql_create_user() { # | ret: 0 if the user exists, 1 otherwise. # # Requires YunoHost version 2.2.4 or higher. -ynh_mysql_user_exists() -{ +ynh_mysql_user_exists() { # Declare an array to define the options of this helper. local legacy_args=u - local -A args_array=( [u]=user= ) + local -A args_array=([u]=user=) local user # Manage arguments with getopts ynh_handle_getopts_args "$@" - if [[ -z $(ynh_mysql_execute_as_root --sql="SELECT User from mysql.user WHERE User = '$user';") ]] - then + if [[ -z $(ynh_mysql_execute_as_root --sql="SELECT User from mysql.user WHERE User = '$user';") ]]; then return 1 else return 0 @@ -200,10 +195,10 @@ ynh_mysql_drop_user() { # It will also be stored as "`mysqlpwd`" into the app settings. # # Requires YunoHost version 2.6.4 or higher. -ynh_mysql_setup_db () { +ynh_mysql_setup_db() { # Declare an array to define the options of this helper. local legacy_args=unp - local -A args_array=( [u]=db_user= [n]=db_name= [p]=db_pwd= ) + local -A args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=) local db_user local db_name db_pwd="" @@ -226,10 +221,10 @@ ynh_mysql_setup_db () { # | arg: -n, --db_name= - Name of the database # # Requires YunoHost version 2.6.4 or higher. -ynh_mysql_remove_db () { +ynh_mysql_remove_db() { # Declare an array to define the options of this helper. local legacy_args=un - local -Ar args_array=( [u]=db_user= [n]=db_name= ) + local -Ar args_array=([u]=db_user= [n]=db_name=) local db_user local db_name # Manage arguments with getopts diff --git a/data/helpers.d/network b/helpers/network similarity index 86% rename from data/helpers.d/network rename to helpers/network index 4e536a8db..d6c15060a 100644 --- a/data/helpers.d/network +++ b/helpers/network @@ -9,18 +9,17 @@ # example: port=$(ynh_find_port --port=8080) # # Requires YunoHost version 2.6.4 or higher. -ynh_find_port () { +ynh_find_port() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=port= ) + local -A args_array=([p]=port=) local port # Manage arguments with getopts ynh_handle_getopts_args "$@" test -n "$port" || ynh_die --message="The argument of ynh_find_port must be a valid port." - while ! ynh_port_available --port=$port - do - port=$((port+1)) + while ! ynh_port_available --port=$port; do + port=$((port + 1)) done echo $port } @@ -34,28 +33,25 @@ ynh_find_port () { # example: ynh_port_available --port=1234 || ynh_die --message="Port 1234 is needs to be available for this app" # # Requires YunoHost version 3.8.0 or higher. -ynh_port_available () { +ynh_port_available() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=port= ) + local -A args_array=([p]=port=) local port # Manage arguments with getopts ynh_handle_getopts_args "$@" # Check if the port is free - if ss --numeric --listening --tcp --udp | awk '{print$5}' | grep --quiet --extended-regexp ":$port$" - then + if ss --numeric --listening --tcp --udp | awk '{print$5}' | grep --quiet --extended-regexp ":$port$"; then return 1 # This is to cover (most) case where an app is using a port yet ain't currently using it for some reason (typically service ain't up) - elif grep -q "port: '$port'" /etc/yunohost/apps/*/settings.yml - then + elif grep -q "port: '$port'" /etc/yunohost/apps/*/settings.yml; then return 1 else return 0 fi } - # Validate an IP address # # [internal] @@ -66,13 +62,12 @@ ynh_port_available () { # example: ynh_validate_ip 4 111.222.333.444 # # Requires YunoHost version 2.2.4 or higher. -ynh_validate_ip() -{ +ynh_validate_ip() { # http://stackoverflow.com/questions/319279/how-to-validate-ip-address-in-python#319298 # Declare an array to define the options of this helper. local legacy_args=fi - local -A args_array=( [f]=family= [i]=ip_address= ) + local -A args_array=([f]=family= [i]=ip_address=) local family local ip_address # Manage arguments with getopts @@ -80,7 +75,7 @@ ynh_validate_ip() [ "$family" == "4" ] || [ "$family" == "6" ] || return 1 - python3 /dev/stdin << EOF + python3 /dev/stdin < "$YNH_APP_BASEDIR/conf/n.src" +SOURCE_SUM=8703ae88fd06ce7f2d0f4018d68bfbab7b26859ed86a86ce4b8f25d2110aee2f" >"$YNH_APP_BASEDIR/conf/n.src" # Download and extract n ynh_setup_source --dest_dir="$n_install_dir/git" --source_id=n # Install n - (cd "$n_install_dir/git" - PREFIX=$N_PREFIX make install 2>&1) + ( + cd "$n_install_dir/git" + PREFIX=$N_PREFIX make install 2>&1 + ) } # Load the version of node for an app, and set variables. @@ -69,7 +70,7 @@ SOURCE_SUM=d4da7ea91f680de0c9b5876e097e2a793e8234fcd0f7ca87a0599b925be087a3" > " # - $nodejs_version: Just the version number of node for this app. Stored as 'nodejs_version' in settings.yml. # # Requires YunoHost version 2.7.12 or higher. -ynh_use_nodejs () { +ynh_use_nodejs() { nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version) # Get the absolute path of this version of node @@ -109,12 +110,12 @@ ynh_use_nodejs () { # Refer to `ynh_use_nodejs` for more information about available commands and variables # # Requires YunoHost version 2.7.12 or higher. -ynh_install_nodejs () { +ynh_install_nodejs() { # Use n, https://github.com/tj/n to manage the nodejs versions # Declare an array to define the options of this helper. local legacy_args=n - local -A args_array=( [n]=nodejs_version= ) + local -A args_array=([n]=nodejs_version=) local nodejs_version # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -132,11 +133,9 @@ ynh_install_nodejs () { test -x /usr/bin/npm && mv /usr/bin/npm /usr/bin/npm_n # If n is not previously setup, install it - if ! $n_install_dir/bin/n --version > /dev/null 2>&1 - then + if ! $n_install_dir/bin/n --version >/dev/null 2>&1; then ynh_install_n - elif dpkg --compare-versions "$($n_install_dir/bin/n --version)" lt $n_version - then + elif dpkg --compare-versions "$($n_install_dir/bin/n --version)" lt $n_version; then ynh_install_n fi @@ -152,8 +151,7 @@ ynh_install_nodejs () { # Install the requested version of nodejs uname=$(uname --machine) - if [[ $uname =~ aarch64 || $uname =~ arm64 ]] - then + if [[ $uname =~ aarch64 || $uname =~ arm64 ]]; then n $nodejs_version --arch=arm64 else n $nodejs_version @@ -164,8 +162,7 @@ ynh_install_nodejs () { real_nodejs_version=$(basename $real_nodejs_version) # Create a symbolic link for this major version if the file doesn't already exist - if [ ! -e "$node_version_path/$nodejs_version" ] - then + if [ ! -e "$node_version_path/$nodejs_version" ]; then ln --symbolic --force --no-target-directory $node_version_path/$real_nodejs_version $node_version_path/$nodejs_version fi @@ -190,21 +187,19 @@ ynh_install_nodejs () { # - If no other app uses node, n will be also removed. # # Requires YunoHost version 2.7.12 or higher. -ynh_remove_nodejs () { +ynh_remove_nodejs() { nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version) # Remove the line for this app sed --in-place "/$YNH_APP_INSTANCE_NAME:$nodejs_version/d" "$n_install_dir/ynh_app_version" # If no other app uses this version of nodejs, remove it. - if ! grep --quiet "$nodejs_version" "$n_install_dir/ynh_app_version" - then + if ! grep --quiet "$nodejs_version" "$n_install_dir/ynh_app_version"; then $n_install_dir/bin/n rm $nodejs_version fi # If no other app uses n, remove n - if [ ! -s "$n_install_dir/ynh_app_version" ] - then + if [ ! -s "$n_install_dir/ynh_app_version" ]; then ynh_secure_remove --file="$n_install_dir" ynh_secure_remove --file="/usr/local/n" sed --in-place "/N_PREFIX/d" /root/.bashrc @@ -221,9 +216,9 @@ ynh_remove_nodejs () { # usage: ynh_cron_upgrade_node # # Requires YunoHost version 2.7.12 or higher. -ynh_cron_upgrade_node () { +ynh_cron_upgrade_node() { # Build the update script - cat > "$n_install_dir/node_update.sh" << EOF + cat >"$n_install_dir/node_update.sh" < "/etc/cron.daily/node_update" << EOF + cat >"/etc/cron.daily/node_update" <> $n_install_dir/node_update.log diff --git a/data/helpers.d/permission b/helpers/permission similarity index 89% rename from data/helpers.d/permission rename to helpers/permission index c04b4145b..6c2fa7ef8 100644 --- a/data/helpers.d/permission +++ b/helpers/permission @@ -66,7 +66,7 @@ ynh_permission_create() { # Declare an array to define the options of this helper. local legacy_args=puAhaltP - local -A args_array=( [p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected= ) + local -A args_array=([p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected=) local permission local url local additional_urls @@ -84,13 +84,11 @@ ynh_permission_create() { show_tile=${show_tile:-} protected=${protected:-} - if [[ -n $url ]] - then + if [[ -n $url ]]; then url=",url='$url'" fi - if [[ -n $additional_urls ]] - then + if [[ -n $additional_urls ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # By example: @@ -100,18 +98,15 @@ ynh_permission_create() { additional_urls=",additional_urls=['${additional_urls//;/\',\'}']" fi - if [[ -n $auth_header ]] - then - if [ $auth_header == "true" ] - then + if [[ -n $auth_header ]]; then + if [ $auth_header == "true" ]; then auth_header=",auth_header=True" else auth_header=",auth_header=False" fi fi - if [[ -n $allowed ]] - then + if [[ -n $allowed ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # By example: @@ -127,20 +122,16 @@ ynh_permission_create() { label=",label='$permission'" fi - if [[ -n ${show_tile:-} ]] - then - if [ $show_tile == "true" ] - then + if [[ -n ${show_tile:-} ]]; then + if [ $show_tile == "true" ]; then show_tile=",show_tile=True" else show_tile=",show_tile=False" fi fi - if [[ -n ${protected:-} ]] - then - if [ $protected == "true" ] - then + if [[ -n ${protected:-} ]]; then + if [ $protected == "true" ]; then protected=",protected=True" else protected=",protected=False" @@ -161,7 +152,7 @@ ynh_permission_create() { ynh_permission_delete() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=permission= ) + local -A args_array=([p]=permission=) local permission ynh_handle_getopts_args "$@" @@ -178,7 +169,7 @@ ynh_permission_delete() { ynh_permission_exists() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=permission= ) + local -A args_array=([p]=permission=) local permission ynh_handle_getopts_args "$@" @@ -201,7 +192,7 @@ ynh_permission_exists() { ynh_permission_url() { # Declare an array to define the options of this helper. local legacy_args=puarhc - local -A args_array=( [p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls ) + local -A args_array=([p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls) local permission local url local add_url @@ -215,13 +206,11 @@ ynh_permission_url() { auth_header=${auth_header:-} clear_urls=${clear_urls:-} - if [[ -n $url ]] - then + if [[ -n $url ]]; then url=",url='$url'" fi - if [[ -n $add_url ]] - then + if [[ -n $add_url ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # For example: @@ -231,8 +220,7 @@ ynh_permission_url() { add_url=",add_url=['${add_url//;/\',\'}']" fi - if [[ -n $remove_url ]] - then + if [[ -n $remove_url ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # For example: @@ -242,25 +230,21 @@ ynh_permission_url() { remove_url=",remove_url=['${remove_url//;/\',\'}']" fi - if [[ -n $auth_header ]] - then - if [ $auth_header == "true" ] - then + if [[ -n $auth_header ]]; then + if [ $auth_header == "true" ]; then auth_header=",auth_header=True" else auth_header=",auth_header=False" fi fi - if [[ -n $clear_urls ]] && [ $clear_urls -eq 1 ] - then + if [[ -n $clear_urls ]] && [ $clear_urls -eq 1 ]; then clear_urls=",clear_urls=True" fi yunohost tools shell -c "from yunohost.permission import permission_url; permission_url('$app.$permission' $url $add_url $remove_url $auth_header $clear_urls)" } - # Update a permission for the app # # usage: ynh_permission_update --permission "permission" [--add="group" ["group" ...]] [--remove="group" ["group" ...]] @@ -276,7 +260,7 @@ ynh_permission_url() { ynh_permission_update() { # Declare an array to define the options of this helper. local legacy_args=parltP - local -A args_array=( [p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected= ) + local -A args_array=([p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected=) local permission local add local remove @@ -290,8 +274,7 @@ ynh_permission_update() { show_tile=${show_tile:-} protected=${protected:-} - if [[ -n $add ]] - then + if [[ -n $add ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # For example: @@ -300,8 +283,7 @@ ynh_permission_update() { # add=['alice', 'bob'] add=",add=['${add//';'/"','"}']" fi - if [[ -n $remove ]] - then + if [[ -n $remove ]]; then # Convert a list from getopts to python list # Note that getopts separate the args with ';' # For example: @@ -311,15 +293,12 @@ ynh_permission_update() { remove=",remove=['${remove//';'/"','"}']" fi - if [[ -n $label ]] - then + if [[ -n $label ]]; then label=",label='$label'" fi - if [[ -n $show_tile ]] - then - if [ $show_tile == "true" ] - then + if [[ -n $show_tile ]]; then + if [ $show_tile == "true" ]; then show_tile=",show_tile=True" else show_tile=",show_tile=False" @@ -327,8 +306,7 @@ ynh_permission_update() { fi if [[ -n $protected ]]; then - if [ $protected == "true" ] - then + if [ $protected == "true" ]; then protected=",protected=True" else protected=",protected=False" @@ -351,23 +329,20 @@ ynh_permission_update() { ynh_permission_has_user() { local legacy_args=pu # Declare an array to define the options of this helper. - local -A args_array=( [p]=permission= [u]=user= ) + local -A args_array=([p]=permission= [u]=user=) local permission local user # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ! ynh_permission_exists --permission=$permission - then + if ! ynh_permission_exists --permission=$permission; then return 1 fi # Check both allowed and corresponding_users sections in the json - for section in "allowed" "corresponding_users" - do + for section in "allowed" "corresponding_users"; do if yunohost user permission info "$app.$permission" --output-as json --quiet \ - | jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null - then + | jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null; then return 0 fi done @@ -381,9 +356,8 @@ ynh_permission_has_user() { # | exit: Return 1 if the permission doesn't exist, 0 otherwise # # Requires YunoHost version 4.1.2 or higher. -ynh_legacy_permissions_exists () { - for permission in "skipped" "unprotected" "protected" - do +ynh_legacy_permissions_exists() { + for permission in "skipped" "unprotected" "protected"; do if ynh_permission_exists --permission="legacy_${permission}_uris"; then return 0 fi @@ -402,9 +376,8 @@ ynh_legacy_permissions_exists () { # # You can recreate the required permissions here with ynh_permission_create # fi # Requires YunoHost version 4.1.2 or higher. -ynh_legacy_permissions_delete_all () { - for permission in "skipped" "unprotected" "protected" - do +ynh_legacy_permissions_delete_all() { + for permission in "skipped" "unprotected" "protected"; do if ynh_permission_exists --permission="legacy_${permission}_uris"; then ynh_permission_delete --permission="legacy_${permission}_uris" fi diff --git a/data/helpers.d/php b/helpers/php similarity index 79% rename from data/helpers.d/php rename to helpers/php index d383c1e4f..cd31593b7 100644 --- a/data/helpers.d/php +++ b/helpers/php @@ -1,6 +1,6 @@ #!/bin/bash -readonly YNH_DEFAULT_PHP_VERSION=7.3 +readonly YNH_DEFAULT_PHP_VERSION=7.4 # Declare the actual PHP version to use. # A packager willing to use another version of PHP can override the variable into its _common.sh. YNH_PHP_VERSION=${YNH_PHP_VERSION:-$YNH_DEFAULT_PHP_VERSION} @@ -56,10 +56,10 @@ YNH_PHP_VERSION=${YNH_PHP_VERSION:-$YNH_DEFAULT_PHP_VERSION} # children ready to answer. # # Requires YunoHost version 4.1.0 or higher. -ynh_add_fpm_config () { +ynh_add_fpm_config() { # Declare an array to define the options of this helper. local legacy_args=vtufpd - local -A args_array=( [v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= [p]=package= [d]=dedicated_service ) + local -A args_array=([v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= [p]=package= [d]=dedicated_service) local phpversion local use_template local usage @@ -86,36 +86,24 @@ ynh_add_fpm_config () { local old_phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) # If the PHP version changed, remove the old fpm conf - if [ -n "$old_phpversion" ] && [ "$old_phpversion" != "$phpversion" ] - then + if [ -n "$old_phpversion" ] && [ "$old_phpversion" != "$phpversion" ]; then local old_php_fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) local old_php_finalphpconf="$old_php_fpm_config_dir/pool.d/$app.conf" - ynh_backup_if_checksum_is_different --file="$old_php_finalphpconf" - - ynh_remove_fpm_config + if [[ -f "$old_php_finalphpconf" ]] + then + ynh_backup_if_checksum_is_different --file="$old_php_finalphpconf" + ynh_remove_fpm_config + fi fi - # If the requested PHP version is not the default version for YunoHost - if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ] - then - # If the argument --package is used, add the packages to ynh_install_php to install them from sury - if [ -n "$package" ] - then - local additionnal_packages="--package=$package" - else - local additionnal_packages="" - fi - # Install this specific version of PHP. - ynh_install_php --phpversion="$phpversion" "$additionnal_packages" - elif [ -n "$package" ] - then + # Legacy args (packager should just list their php dependency as regular apt dependencies... + if [ -n "$package" ]; then # Install the additionnal packages from the default repository ynh_install_app_dependencies "$package" fi - if [ $dedicated_service -eq 1 ] - then + if [ $dedicated_service -eq 1 ]; then local fpm_service="${app}-phpfpm" local fpm_config_dir="/etc/php/$phpversion/dedicated-fpm" else @@ -132,12 +120,10 @@ ynh_add_fpm_config () { ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion # Migrate from mutual PHP service to dedicated one. - if [ $dedicated_service -eq 1 ] - then + if [ $dedicated_service -eq 1 ]; then local old_fpm_config_dir="/etc/php/$phpversion/fpm" # If a config file exist in the common pool, move it. - if [ -e "$old_fpm_config_dir/pool.d/$app.conf" ] - then + if [ -e "$old_fpm_config_dir/pool.d/$app.conf" ]; then ynh_print_info --message="Migrate to a dedicated php-fpm service for $app." # Create a backup of the old file before migration ynh_backup_if_checksum_is_different --file="$old_fpm_config_dir/pool.d/$app.conf" @@ -148,8 +134,7 @@ ynh_add_fpm_config () { fi fi - if [ $use_template -eq 1 ] - then + if [ $use_template -eq 1 ]; then # Usage 1, use the template in conf/php-fpm.conf local phpfpm_path="$YNH_APP_BASEDIR/conf/php-fpm.conf" # Make sure now that the template indeed exists @@ -181,49 +166,45 @@ pm = __PHP_PM__ pm.max_children = __PHP_MAX_CHILDREN__ pm.max_requests = 500 request_terminate_timeout = 1d -" > $phpfpm_path +" >$phpfpm_path - if [ "$php_pm" = "dynamic" ] - then + if [ "$php_pm" = "dynamic" ]; then echo " pm.start_servers = __PHP_START_SERVERS__ pm.min_spare_servers = __PHP_MIN_SPARE_SERVERS__ pm.max_spare_servers = __PHP_MAX_SPARE_SERVERS__ -" >> $phpfpm_path +" >>$phpfpm_path - elif [ "$php_pm" = "ondemand" ] - then + elif [ "$php_pm" = "ondemand" ]; then echo " pm.process_idle_timeout = 10s -" >> $phpfpm_path +" >>$phpfpm_path fi # Concatene the extra config. if [ -e $YNH_APP_BASEDIR/conf/extra_php-fpm.conf ]; then - cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >> "$phpfpm_path" + cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >>"$phpfpm_path" fi fi local finalphpconf="$fpm_config_dir/pool.d/$app.conf" ynh_add_config --template="$phpfpm_path" --destination="$finalphpconf" - if [ -e "$YNH_APP_BASEDIR/conf/php-fpm.ini" ] - then + if [ -e "$YNH_APP_BASEDIR/conf/php-fpm.ini" ]; then ynh_print_warn --message="Packagers ! Please do not use a separate php ini file, merge your directives in the pool file instead." ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm.ini" --destination="$fpm_config_dir/conf.d/20-$app.ini" fi - if [ $dedicated_service -eq 1 ] - then + if [ $dedicated_service -eq 1 ]; then # Create a dedicated php-fpm.conf for the service local globalphpconf=$fpm_config_dir/php-fpm-$app.conf -echo "[global] + echo "[global] pid = /run/php/php__PHPVERSION__-fpm-__APP__.pid error_log = /var/log/php/fpm-php.__APP__.log syslog.ident = php-fpm-__APP__ include = __FINALPHPCONF__ -" > $YNH_APP_BASEDIR/conf/php-fpm-$app.conf +" >$YNH_APP_BASEDIR/conf/php-fpm-$app.conf ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm-$app.conf" --destination="$globalphpconf" @@ -240,7 +221,7 @@ ExecReload=/bin/kill -USR2 \$MAINPID [Install] WantedBy=multi-user.target -" > $YNH_APP_BASEDIR/conf/$fpm_service +" >$YNH_APP_BASEDIR/conf/$fpm_service # Create this dedicated PHP-FPM service ynh_add_systemd_config --service=$fpm_service --template=$fpm_service @@ -252,8 +233,7 @@ WantedBy=multi-user.target ynh_systemd_action --service_name=$fpm_service --action=restart else # Validate that the new php conf doesn't break php-fpm entirely - if ! php-fpm${phpversion} --test 2>/dev/null - then + if ! php-fpm${phpversion} --test 2>/dev/null; then php-fpm${phpversion} --test || true ynh_secure_remove --file="$finalphpconf" ynh_die --message="The new configuration broke php-fpm?" @@ -267,7 +247,7 @@ WantedBy=multi-user.target # usage: ynh_remove_fpm_config # # Requires YunoHost version 2.7.2 or higher. -ynh_remove_fpm_config () { +ynh_remove_fpm_config() { local fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) local fpm_service=$(ynh_app_setting_get --app=$app --key=fpm_service) local dedicated_service=$(ynh_app_setting_get --app=$app --key=fpm_dedicated_service) @@ -279,20 +259,17 @@ ynh_remove_fpm_config () { phpversion="${phpversion:-$YNH_DEFAULT_PHP_VERSION}" # Assume default PHP files if not set - if [ -z "$fpm_config_dir" ] - then + if [ -z "$fpm_config_dir" ]; then fpm_config_dir="/etc/php/$YNH_DEFAULT_PHP_VERSION/fpm" fpm_service="php$YNH_DEFAULT_PHP_VERSION-fpm" fi ynh_secure_remove --file="$fpm_config_dir/pool.d/$app.conf" - if [ -e $fpm_config_dir/conf.d/20-$app.ini ] - then + if [ -e $fpm_config_dir/conf.d/20-$app.ini ]; then ynh_secure_remove --file="$fpm_config_dir/conf.d/20-$app.ini" fi - if [ $dedicated_service -eq 1 ] - then + if [ $dedicated_service -eq 1 ]; then # Remove the dedicated service PHP-FPM service for the app ynh_remove_systemd_config --service=$fpm_service # Remove the global PHP-FPM conf @@ -304,10 +281,9 @@ ynh_remove_fpm_config () { fi # If the PHP version used is not the default version for YunoHost - if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ] - then - # Remove this specific version of PHP - ynh_remove_php + if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ]; then + # Remove app dependencies ... but ideally should happen via an explicit call from packager + ynh_remove_app_dependencies fi } @@ -315,35 +291,37 @@ ynh_remove_fpm_config () { # # [internal] # +# Legacy, to be remove on bullseye +# # usage: ynh_install_php --phpversion=phpversion [--package=packages] # | arg: -v, --phpversion= - Version of PHP to install. # | arg: -p, --package= - Additionnal PHP packages to install # # Requires YunoHost version 3.8.1 or higher. -ynh_install_php () { +ynh_install_php() { # Declare an array to define the options of this helper. local legacy_args=vp - local -A args_array=( [v]=phpversion= [p]=package= ) + local -A args_array=([v]=phpversion= [p]=package=) local phpversion local package # Manage arguments with getopts ynh_handle_getopts_args "$@" package=${package:-} - if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ] - then + if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ]; then ynh_die --message="Do not use ynh_install_php to install php$YNH_DEFAULT_PHP_VERSION" fi ynh_install_app_dependencies "$package" - ynh_app_setting_set --app=$app --key=phpversion --value=$specific_php_version } # Remove the specific version of PHP used by the app. # # [internal] # -# usage: ynh_install_php +# Legacy, to be remove on bullseye +# +# usage: ynh_remove_php # # Requires YunoHost version 3.8.1 or higher. ynh_remove_php () { @@ -369,10 +347,10 @@ ynh_remove_php () { # high - High usage, frequently visited website. # # | arg: -p, --print - Print the result (intended for debug purpose only when packaging the app) -ynh_get_scalable_phpfpm () { +ynh_get_scalable_phpfpm() { local legacy_args=ufp # Declare an array to define the options of this helper. - local -A args_array=( [u]=usage= [f]=footprint= [p]=print ) + local -A args_array=([u]=usage= [f]=footprint= [p]=print) local usage local footprint local print @@ -383,38 +361,30 @@ ynh_get_scalable_phpfpm () { usage=${usage,,} print=${print:-0} - if [ "$footprint" = "low" ] - then + if [ "$footprint" = "low" ]; then footprint=20 - elif [ "$footprint" = "medium" ] - then + elif [ "$footprint" = "medium" ]; then footprint=35 - elif [ "$footprint" = "high" ] - then + elif [ "$footprint" = "high" ]; then footprint=50 fi # Define the factor to determine min_spare_servers # to avoid having too few children ready to start for heavy apps - if [ $footprint -le 20 ] - then + if [ $footprint -le 20 ]; then min_spare_servers_factor=8 - elif [ $footprint -le 35 ] - then + elif [ $footprint -le 35 ]; then min_spare_servers_factor=5 else min_spare_servers_factor=3 fi # Define the way the process manager handle child processes. - if [ "$usage" = "low" ] - then + if [ "$usage" = "low" ]; then php_pm=ondemand - elif [ "$usage" = "medium" ] - then + elif [ "$usage" = "medium" ]; then php_pm=dynamic - elif [ "$usage" = "high" ] - then + elif [ "$usage" = "high" ]; then php_pm=static else ynh_die --message="Does not recognize '$usage' as an usage value." @@ -425,8 +395,7 @@ ynh_get_scalable_phpfpm () { at_least_one() { # Do not allow value below 1 - if [ $1 -le 0 ] - then + if [ $1 -le 0 ]; then echo 1 else echo $1 @@ -436,20 +405,18 @@ ynh_get_scalable_phpfpm () { # Define pm.max_children # The value of pm.max_children is the total amount of ram divide by 2 and divide again by the footprint of a pool for this app. # So if PHP-FPM start the maximum of children, it won't exceed half of the ram. - php_max_children=$(( $max_ram / 2 / $footprint )) + php_max_children=$(($max_ram / 2 / $footprint)) # If process manager is set as static, use half less children. # Used as static, there's always as many children as the value of pm.max_children - if [ "$php_pm" = "static" ] - then - php_max_children=$(( $php_max_children / 2 )) + if [ "$php_pm" = "static" ]; then + php_max_children=$(($php_max_children / 2)) fi php_max_children=$(at_least_one $php_max_children) # To not overload the proc, limit the number of children to 4 times the number of cores. local core_number=$(nproc) - local max_proc=$(( $core_number * 4 )) - if [ $php_max_children -gt $max_proc ] - then + local max_proc=$(($core_number * 4)) + if [ $php_max_children -gt $max_proc ]; then php_max_children=$max_proc fi @@ -459,16 +426,15 @@ ynh_get_scalable_phpfpm () { php_max_children=$php_forced_max_children fi - if [ "$php_pm" = "dynamic" ] - then + if [ "$php_pm" = "dynamic" ]; then # Define pm.start_servers, pm.min_spare_servers and pm.max_spare_servers for a dynamic process manager - php_min_spare_servers=$(( $php_max_children / $min_spare_servers_factor )) + php_min_spare_servers=$(($php_max_children / $min_spare_servers_factor)) php_min_spare_servers=$(at_least_one $php_min_spare_servers) - php_max_spare_servers=$(( $php_max_children / 2 )) + php_max_spare_servers=$(($php_max_children / 2)) php_max_spare_servers=$(at_least_one $php_max_spare_servers) - php_start_servers=$(( $php_min_spare_servers + ( $php_max_spare_servers - $php_min_spare_servers ) /2 )) + php_start_servers=$(($php_min_spare_servers + ($php_max_spare_servers - $php_min_spare_servers) / 2)) php_start_servers=$(at_least_one $php_start_servers) else php_min_spare_servers=0 @@ -476,30 +442,25 @@ ynh_get_scalable_phpfpm () { php_start_servers=0 fi - if [ $print -eq 1 ] - then - ynh_debug --message="Footprint=${footprint}Mb by pool." - ynh_debug --message="Process manager=$php_pm" - ynh_debug --message="Max RAM=${max_ram}Mb" - if [ "$php_pm" != "static" ] - then - ynh_debug --message="\nMax estimated footprint=$(( $php_max_children * $footprint ))" - ynh_debug --message="Min estimated footprint=$(( $php_min_spare_servers * $footprint ))" + if [ $print -eq 1 ]; then + ynh_print_warn --message="Footprint=${footprint}Mb by pool." + ynh_print_warn --message="Process manager=$php_pm" + ynh_print_warn --message="Max RAM=${max_ram}Mb" + if [ "$php_pm" != "static" ]; then + ynh_print_warn --message="\nMax estimated footprint=$(($php_max_children * $footprint))" + ynh_print_warn --message="Min estimated footprint=$(($php_min_spare_servers * $footprint))" fi - if [ "$php_pm" = "dynamic" ] - then - ynh_debug --message="Estimated average footprint=$(( $php_max_spare_servers * $footprint ))" - elif [ "$php_pm" = "static" ] - then - ynh_debug --message="Estimated footprint=$(( $php_max_children * $footprint ))" + if [ "$php_pm" = "dynamic" ]; then + ynh_print_warn --message="Estimated average footprint=$(($php_max_spare_servers * $footprint))" + elif [ "$php_pm" = "static" ]; then + ynh_print_warn --message="Estimated footprint=$(($php_max_children * $footprint))" fi - ynh_debug --message="\nRaw php-fpm values:" - ynh_debug --message="pm.max_children = $php_max_children" - if [ "$php_pm" = "dynamic" ] - then - ynh_debug --message="pm.start_servers = $php_start_servers" - ynh_debug --message="pm.min_spare_servers = $php_min_spare_servers" - ynh_debug --message="pm.max_spare_servers = $php_max_spare_servers" + ynh_print_warn --message="\nRaw php-fpm values:" + ynh_print_warn --message="pm.max_children = $php_max_children" + if [ "$php_pm" = "dynamic" ]; then + ynh_print_warn --message="pm.start_servers = $php_start_servers" + ynh_print_warn --message="pm.min_spare_servers = $php_min_spare_servers" + ynh_print_warn --message="pm.max_spare_servers = $php_max_spare_servers" fi fi } @@ -517,10 +478,10 @@ YNH_COMPOSER_VERSION=${YNH_COMPOSER_VERSION:-$YNH_DEFAULT_COMPOSER_VERSION} # | arg: -c, --commands - Commands to execute. # # Requires YunoHost version 4.2 or higher. -ynh_composer_exec () { +ynh_composer_exec() { # Declare an array to define the options of this helper. local legacy_args=vwc - declare -Ar args_array=( [v]=phpversion= [w]=workdir= [c]=commands= ) + declare -Ar args_array=([v]=phpversion= [w]=workdir= [c]=commands=) local phpversion local workdir local commands @@ -531,7 +492,7 @@ ynh_composer_exec () { COMPOSER_HOME="$workdir/.composer" COMPOSER_MEMORY_LIMIT=-1 \ php${phpversion} "$workdir/composer.phar" $commands \ - -d "$workdir" --quiet --no-interaction + -d "$workdir" --no-interaction --no-ansi 2>&1 } # Install and initialize Composer in the given directory @@ -543,10 +504,10 @@ ynh_composer_exec () { # | arg: -c, --composerversion - Composer version to install # # Requires YunoHost version 4.2 or higher. -ynh_install_composer () { +ynh_install_composer() { # Declare an array to define the options of this helper. local legacy_args=vwac - declare -Ar args_array=( [v]=phpversion= [w]=workdir= [a]=install_args= [c]=composerversion=) + declare -Ar args_array=([v]=phpversion= [w]=workdir= [a]=install_args= [c]=composerversion=) local phpversion local workdir local install_args @@ -560,7 +521,7 @@ ynh_install_composer () { curl -sS https://getcomposer.org/installer \ | COMPOSER_HOME="$workdir/.composer" \ - php${phpversion} -- --quiet --install-dir="$workdir" --version=$composerversion \ + php${phpversion} -- --quiet --install-dir="$workdir" --version=$composerversion \ || ynh_die --message="Unable to install Composer." # install dependencies diff --git a/data/helpers.d/postgresql b/helpers/postgresql similarity index 79% rename from data/helpers.d/postgresql rename to helpers/postgresql index 12738a922..92a70a166 100644 --- a/data/helpers.d/postgresql +++ b/helpers/postgresql @@ -1,7 +1,7 @@ #!/bin/bash PSQL_ROOT_PWD_FILE=/etc/yunohost/psql -PSQL_VERSION=11 +PSQL_VERSION=13 # Open a connection as a user # @@ -46,8 +46,7 @@ ynh_psql_execute_as_root() { ynh_handle_getopts_args "$@" database="${database:-}" - if [ -n "$database" ] - then + if [ -n "$database" ]; then database="--database=$database" fi @@ -72,8 +71,7 @@ ynh_psql_execute_file_as_root() { ynh_handle_getopts_args "$@" database="${database:-}" - if [ -n "$database" ] - then + if [ -n "$database" ]; then database="--database=$database" fi @@ -175,8 +173,7 @@ ynh_psql_user_exists() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user" - then + if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user"; then return 1 else return 0 @@ -198,8 +195,7 @@ ynh_psql_database_exists() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database" - then + if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database"; then return 1 else return 0 @@ -269,16 +265,14 @@ ynh_psql_remove_db() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ynh_psql_database_exists --database=$db_name - then # Check if the database exists - ynh_psql_drop_db $db_name # Remove the database + if ynh_psql_database_exists --database=$db_name; then # Check if the database exists + ynh_psql_drop_db $db_name # Remove the database else ynh_print_warn --message="Database $db_name not found" fi # Remove psql user if it exists - if ynh_psql_user_exists --user=$db_user - then + if ynh_psql_user_exists --user=$db_user; then ynh_psql_drop_user $db_user else ynh_print_warn --message="User $db_user not found" @@ -287,6 +281,8 @@ ynh_psql_remove_db() { # Create a master password and set up global settings # +# [internal] +# # usage: ynh_psql_test_if_first_run # # It also make sure that postgresql is installed and running @@ -298,35 +294,5 @@ ynh_psql_test_if_first_run() { # Make sure postgresql is indeed installed dpkg --list | grep -q "ii postgresql-$PSQL_VERSION" || ynh_die --message="postgresql-$PSQL_VERSION is not installed !?" - # Check for some weird issue where postgresql could be installed but etc folder would not exist ... - [ -e "/etc/postgresql/$PSQL_VERSION" ] || ynh_die --message="It looks like postgresql was not properly configured ? /etc/postgresql/$PSQL_VERSION is missing ... Could be due to a locale issue, c.f.https://serverfault.com/questions/426989/postgresql-etc-postgresql-doesnt-exist" - - # Make sure postgresql is started and enabled - # (N.B. : to check the active state, we check the cluster state because - # postgresql could be flagged as active even though the cluster is in - # failed state because of how the service is configured..) - systemctl is-active postgresql@$PSQL_VERSION-main -q || ynh_systemd_action --service_name=postgresql --action=restart - systemctl is-enabled postgresql -q || systemctl enable postgresql --quiet - - # If this is the very first time, we define the root password - # and configure a few things - if [ ! -f "$PSQL_ROOT_PWD_FILE" ] - then - local pg_hba=/etc/postgresql/$PSQL_VERSION/main/pg_hba.conf - - local psql_root_password="$(ynh_string_random)" - echo "$psql_root_password" >$PSQL_ROOT_PWD_FILE - sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$psql_root_password'" postgres - - # force all user to connect to local databases using hashed passwords - # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF - # Note: we can't use peer since YunoHost create users with nologin - # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user - ynh_replace_string --match_string="local\(\s*\)all\(\s*\)all\(\s*\)peer" --replace_string="local\1all\2all\3md5" --target_file="$pg_hba" - - # Integrate postgresql service in yunohost - yunohost service add postgresql --log "/var/log/postgresql/" - - ynh_systemd_action --service_name=postgresql --action=reload - fi + yunohost tools regen-conf postgresql } diff --git a/data/helpers.d/setting b/helpers/setting similarity index 89% rename from data/helpers.d/setting rename to helpers/setting index 66bce9717..a2cf3a93d 100644 --- a/data/helpers.d/setting +++ b/helpers/setting @@ -8,13 +8,15 @@ # # Requires YunoHost version 2.2.4 or higher. ynh_app_setting_get() { + local _globalapp=${app-:} # Declare an array to define the options of this helper. local legacy_args=ak - local -A args_array=( [a]=app= [k]=key= ) + local -A args_array=([a]=app= [k]=key=) local app local key # Manage arguments with getopts ynh_handle_getopts_args "$@" + app="${app:-$_globalapp}" if [[ $key =~ (unprotected|protected|skipped)_ ]]; then yunohost app setting $app $key @@ -32,14 +34,16 @@ ynh_app_setting_get() { # # Requires YunoHost version 2.2.4 or higher. ynh_app_setting_set() { + local _globalapp=${app-:} # Declare an array to define the options of this helper. local legacy_args=akv - local -A args_array=( [a]=app= [k]=key= [v]=value= ) + local -A args_array=([a]=app= [k]=key= [v]=value=) local app local key local value # Manage arguments with getopts ynh_handle_getopts_args "$@" + app="${app:-$_globalapp}" if [[ $key =~ (unprotected|protected|skipped)_ ]]; then yunohost app setting $app $key -v $value @@ -56,13 +60,15 @@ ynh_app_setting_set() { # # Requires YunoHost version 2.2.4 or higher. ynh_app_setting_delete() { + local _globalapp=${app-:} # Declare an array to define the options of this helper. local legacy_args=ak - local -A args_array=( [a]=app= [k]=key= ) + local -A args_array=([a]=app= [k]=key=) local app local key # Manage arguments with getopts ynh_handle_getopts_args "$@" + app="${app:-$_globalapp}" if [[ "$key" =~ (unprotected|skipped|protected)_ ]]; then yunohost app setting $app $key -d @@ -76,8 +82,7 @@ ynh_app_setting_delete() { # # [internal] # -ynh_app_setting() -{ +ynh_app_setting() { set +o xtrace # set +x ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python3 - < /dev/null \ + dd if=/dev/urandom bs=1 count=1000 2>/dev/null \ | tr --complement --delete 'A-Za-z0-9' \ | sed --quiet 's/\(.\{'"$length"'\}\).*/\1/p' } @@ -34,10 +34,10 @@ ynh_string_random() { # sub-expressions can be used (see sed manual page for more information) # # Requires YunoHost version 2.6.4 or higher. -ynh_replace_string () { +ynh_replace_string() { # Declare an array to define the options of this helper. local legacy_args=mrf - local -A args_array=( [m]=match_string= [r]=replace_string= [f]=target_file= ) + local -A args_array=([m]=match_string= [r]=replace_string= [f]=target_file=) local match_string local replace_string local target_file @@ -65,10 +65,10 @@ ynh_replace_string () { # characters, you can't use some regular expressions and sub-expressions. # # Requires YunoHost version 2.7.7 or higher. -ynh_replace_special_string () { +ynh_replace_special_string() { # Declare an array to define the options of this helper. local legacy_args=mrf - local -A args_array=( [m]=match_string= [r]=replace_string= [f]=target_file= ) + local -A args_array=([m]=match_string= [r]=replace_string= [f]=target_file=) local match_string local replace_string local target_file @@ -97,10 +97,10 @@ ynh_replace_special_string () { # Underscorify the string (replace - and . by _) # # Requires YunoHost version 2.2.4 or higher. -ynh_sanitize_dbid () { +ynh_sanitize_dbid() { # Declare an array to define the options of this helper. local legacy_args=n - local -A args_array=( [n]=db_name= ) + local -A args_array=([n]=db_name=) local db_name # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -127,20 +127,20 @@ ynh_sanitize_dbid () { # | arg: -p, --path_url= - URL path to normalize before using it # # Requires YunoHost version 2.6.4 or higher. -ynh_normalize_url_path () { +ynh_normalize_url_path() { # Declare an array to define the options of this helper. local legacy_args=p - local -A args_array=( [p]=path_url= ) + local -A args_array=([p]=path_url=) local path_url # Manage arguments with getopts ynh_handle_getopts_args "$@" test -n "$path_url" || ynh_die --message="ynh_normalize_url_path expect a URL path as first argument and received nothing." - if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a / - path_url="/$path_url" # Add / at begin of path variable + if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a / + path_url="/$path_url" # Add / at begin of path variable fi - if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character. - path_url="${path_url:0:${#path_url}-1}" # Delete the last character + if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character. + path_url="${path_url:0:${#path_url}-1}" # Delete the last character fi echo $path_url } diff --git a/data/helpers.d/systemd b/helpers/systemd similarity index 83% rename from data/helpers.d/systemd rename to helpers/systemd index d0f88b5f7..270b0144d 100644 --- a/data/helpers.d/systemd +++ b/helpers/systemd @@ -12,20 +12,16 @@ # format and how placeholders are replaced with actual variables. # # Requires YunoHost version 4.1.0 or higher. -ynh_add_systemd_config () { +ynh_add_systemd_config() { # Declare an array to define the options of this helper. local legacy_args=stv - local -A args_array=( [s]=service= [t]=template= [v]=others_var=) + local -A args_array=([s]=service= [t]=template=) local service local template - local others_var # Manage arguments with getopts ynh_handle_getopts_args "$@" service="${service:-$app}" template="${template:-systemd.service}" - others_var="${others_var:-}" - - [[ -z "$others_var" ]] || ynh_print_warn --message="Packagers: using --others_var is unecessary since YunoHost 4.2" ynh_add_config --template="$YNH_APP_BASEDIR/conf/$template" --destination="/etc/systemd/system/$service.service" @@ -39,18 +35,17 @@ ynh_add_systemd_config () { # | arg: -s, --service= - Service name (optionnal, $app by default) # # Requires YunoHost version 2.7.2 or higher. -ynh_remove_systemd_config () { +ynh_remove_systemd_config() { # Declare an array to define the options of this helper. local legacy_args=s - local -A args_array=( [s]=service= ) + local -A args_array=([s]=service=) local service # Manage arguments with getopts ynh_handle_getopts_args "$@" local service="${service:-$app}" local finalsystemdconf="/etc/systemd/system/$service.service" - if [ -e "$finalsystemdconf" ] - then + if [ -e "$finalsystemdconf" ]; then ynh_systemd_action --service_name=$service --action=stop systemctl disable $service --quiet ynh_secure_remove --file="$finalsystemdconf" @@ -72,7 +67,7 @@ ynh_remove_systemd_config () { ynh_systemd_action() { # Declare an array to define the options of this helper. local legacy_args=nalpte - local -A args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= ) + local -A args_array=([n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length=) local service_name local action local line_match @@ -89,25 +84,22 @@ ynh_systemd_action() { timeout=${timeout:-300} # Manage case of service already stopped - if [ "$action" == "stop" ] && ! systemctl is-active --quiet $service_name - then + if [ "$action" == "stop" ] && ! systemctl is-active --quiet $service_name; then return 0 fi # Start to read the log - if [[ -n "$line_match" ]] - then + if [[ -n "$line_match" ]]; then local templog="$(mktemp)" # Following the starting of the app in its log - if [ "$log_path" == "systemd" ] - then + if [ "$log_path" == "systemd" ]; then # Read the systemd journal - journalctl --unit=$service_name --follow --since=-0 --quiet > "$templog" & + journalctl --unit=$service_name --follow --since=-0 --quiet >"$templog" & # Get the PID of the journalctl command local pid_tail=$! else # Read the specified log file - tail --follow=name --retry --lines=0 "$log_path" > "$templog" 2>&1 & + tail --follow=name --retry --lines=0 "$log_path" >"$templog" 2>&1 & # Get the PID of the tail command local pid_tail=$! fi @@ -119,13 +111,11 @@ ynh_systemd_action() { fi # If the service fails to perform the action - if ! systemctl $action $service_name - then + if ! systemctl $action $service_name; then # Show syslog for this service ynh_exec_err journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name # If a log is specified for this service, show also the content of this log - if [ -e "$log_path" ] - then + if [ -e "$log_path" ]; then ynh_exec_err tail --lines=$length "$log_path" fi ynh_clean_check_starting @@ -133,15 +123,12 @@ ynh_systemd_action() { fi # Start the timeout and try to find line_match - if [[ -n "${line_match:-}" ]] - then + if [[ -n "${line_match:-}" ]]; then set +x local i=0 - for i in $(seq 1 $timeout) - do + for i in $(seq 1 $timeout); do # Read the log until the sentence is found, that means the app finished to start. Or run until the timeout - if grep --extended-regexp --quiet "$line_match" "$templog" - then + if grep --extended-regexp --quiet "$line_match" "$templog"; then ynh_print_info --message="The service $service_name has correctly executed the action ${action}." break fi @@ -154,13 +141,11 @@ ynh_systemd_action() { if [ $i -ge 3 ]; then echo "" >&2 fi - if [ $i -eq $timeout ] - then + if [ $i -eq $timeout ]; then ynh_print_warn --message="The service $service_name didn't fully executed the action ${action} before the timeout." ynh_print_warn --message="Please find here an extract of the end of the log of the service $service_name:" ynh_exec_warn journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name - if [ -e "$log_path" ] - then + if [ -e "$log_path" ]; then ynh_print_warn --message="\-\-\-" ynh_exec_warn tail --lines=$length "$log_path" fi @@ -174,14 +159,12 @@ ynh_systemd_action() { # [internal] # # Requires YunoHost version 3.5.0 or higher. -ynh_clean_check_starting () { - if [ -n "${pid_tail:-}" ] - then +ynh_clean_check_starting() { + if [ -n "${pid_tail:-}" ]; then # Stop the execution of tail. kill -SIGTERM $pid_tail 2>&1 fi - if [ -n "${templog:-}" ] - then + if [ -n "${templog:-}" ]; then ynh_secure_remove --file="$templog" 2>&1 fi } diff --git a/data/helpers.d/user b/helpers/user similarity index 86% rename from data/helpers.d/user rename to helpers/user index d5ede9f73..aecbd740e 100644 --- a/data/helpers.d/user +++ b/helpers/user @@ -12,7 +12,7 @@ ynh_user_exists() { # Declare an array to define the options of this helper. local legacy_args=u - local -A args_array=( [u]=username= ) + local -A args_array=([u]=username=) local username # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -33,7 +33,7 @@ ynh_user_exists() { ynh_user_get_info() { # Declare an array to define the options of this helper. local legacy_args=uk - local -A args_array=( [u]=username= [k]=key= ) + local -A args_array=([u]=username= [k]=key=) local username local key # Manage arguments with getopts @@ -64,7 +64,7 @@ ynh_user_list() { ynh_system_user_exists() { # Declare an array to define the options of this helper. local legacy_args=u - local -A args_array=( [u]=username= ) + local -A args_array=([u]=username=) local username # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -82,7 +82,7 @@ ynh_system_user_exists() { ynh_system_group_exists() { # Declare an array to define the options of this helper. local legacy_args=g - local -A args_array=( [g]=group= ) + local -A args_array=([g]=group=) local group # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -108,10 +108,10 @@ ynh_system_group_exists() { # ``` # # Requires YunoHost version 2.6.4 or higher. -ynh_system_user_create () { +ynh_system_user_create() { # Declare an array to define the options of this helper. local legacy_args=uhs - local -A args_array=( [u]=username= [h]=home_dir= [s]=use_shell [g]=groups= ) + local -A args_array=([u]=username= [h]=home_dir= [s]=use_shell [g]=groups=) local username local home_dir local use_shell @@ -123,17 +123,15 @@ ynh_system_user_create () { home_dir="${home_dir:-}" groups="${groups:-}" - if ! ynh_system_user_exists "$username" # Check if the user exists on the system - then # If the user doesn't exist - if [ -n "$home_dir" ] - then # If a home dir is mentioned + if ! ynh_system_user_exists "$username"; then # Check if the user exists on the system + # If the user doesn't exist + if [ -n "$home_dir" ]; then # If a home dir is mentioned local user_home_dir="--home-dir $home_dir" else local user_home_dir="--no-create-home" fi - if [ $use_shell -eq 1 ] - then # If we want a shell for the user - local shell="" # Use default shell + if [ $use_shell -eq 1 ]; then # If we want a shell for the user + local shell="" # Use default shell else local shell="--shell /usr/sbin/nologin" fi @@ -141,8 +139,7 @@ ynh_system_user_create () { fi local group - for group in $groups - do + for group in $groups; do usermod -a -G "$group" "$username" done } @@ -153,25 +150,23 @@ ynh_system_user_create () { # | arg: -u, --username= - Name of the system user that will be create # # Requires YunoHost version 2.6.4 or higher. -ynh_system_user_delete () { +ynh_system_user_delete() { # Declare an array to define the options of this helper. local legacy_args=u - local -A args_array=( [u]=username= ) + local -A args_array=([u]=username=) local username # Manage arguments with getopts ynh_handle_getopts_args "$@" # Check if the user exists on the system - if ynh_system_user_exists "$username" - then + if ynh_system_user_exists "$username"; then deluser $username else ynh_print_warn --message="The user $username was not found" fi # Check if the group exists on the system - if ynh_system_group_exists "$username" - then + if ynh_system_group_exists "$username"; then delgroup $username fi } diff --git a/data/helpers.d/utils b/helpers/utils similarity index 84% rename from data/helpers.d/utils rename to helpers/utils index 061ff324d..8ae68fad5 100644 --- a/data/helpers.d/utils +++ b/helpers/utils @@ -19,25 +19,25 @@ YNH_APP_BASEDIR=${YNH_APP_BASEDIR:-$(realpath ..)} # It prints a warning to inform that the script was failed, and execute the ynh_clean_setup function if used in the app script # # Requires YunoHost version 2.6.4 or higher. -ynh_exit_properly () { +ynh_exit_properly() { local exit_code=$? rm -rf "/var/cache/yunohost/download/" if [ "$exit_code" -eq 0 ]; then - exit 0 # Exit without error if the script ended correctly + exit 0 # Exit without error if the script ended correctly fi - trap '' EXIT # Ignore new exit signals + trap '' EXIT # Ignore new exit signals # Do not exit anymore if a command fail or if a variable is empty - set +o errexit # set +e - set +o nounset # set +u + set +o errexit # set +e + set +o nounset # set +u # Small tempo to avoid the next message being mixed up with other DEBUG messages sleep 0.5 - if type -t ynh_clean_setup > /dev/null; then # Check if the function exist in the app script. - ynh_clean_setup # Call the function to do specific cleaning for the app. + if type -t ynh_clean_setup >/dev/null; then # Check if the function exist in the app script. + ynh_clean_setup # Call the function to do specific cleaning for the app. fi # Exit with error status @@ -55,10 +55,10 @@ ynh_exit_properly () { # and a call to `ynh_clean_setup` is triggered if it has been defined by your script. # # Requires YunoHost version 2.6.4 or higher. -ynh_abort_if_errors () { - set -o errexit # set -e; Exit if a command fail - set -o nounset # set -u; And if a variable is used unset - trap ynh_exit_properly EXIT # Capturing exit signals on shell script +ynh_abort_if_errors() { + set -o errexit # set -e; Exit if a command fail + set -o nounset # set -u; And if a variable is used unset + trap ynh_exit_properly EXIT # Capturing exit signals on shell script } # Download, check integrity, uncompress and patch the source from app.src @@ -99,10 +99,10 @@ ynh_abort_if_errors () { # - Extra files in `sources/extra_files/$src_id` will be copied to dest_dir # # Requires YunoHost version 2.6.4 or higher. -ynh_setup_source () { +ynh_setup_source() { # Declare an array to define the options of this helper. local legacy_args=dsk - local -A args_array=( [d]=dest_dir= [s]=source_id= [k]=keep= ) + local -A args_array=([d]=dest_dir= [s]=source_id= [k]=keep=) local dest_dir local source_id local keep @@ -133,15 +133,13 @@ ynh_setup_source () { src_filename="${source_id}.${src_format}" fi - # (Unused?) mecanism where one can have the file in a special local cache to not have to download it... local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}" mkdir -p /var/cache/yunohost/download/${YNH_APP_ID}/ src_filename="/var/cache/yunohost/download/${YNH_APP_ID}/${src_filename}" - if test -e "$local_src" - then + if test -e "$local_src"; then cp $local_src $src_filename else [ -n "$src_url" ] || ynh_die "Couldn't parse SOURCE_URL from $src_file_path ?" @@ -162,15 +160,12 @@ ynh_setup_source () { # Keep files to be backup/restored at the end of the helper # Assuming $dest_dir already exists rm -rf /var/cache/yunohost/files_to_keep_during_setup_source/ - if [ -n "$keep" ] && [ -e "$dest_dir" ] - then + if [ -n "$keep" ] && [ -e "$dest_dir" ]; then local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID} mkdir -p $keep_dir local stuff_to_keep - for stuff_to_keep in $keep - do - if [ -e "$dest_dir/$stuff_to_keep" ] - then + for stuff_to_keep in $keep; do + if [ -e "$dest_dir/$stuff_to_keep" ]; then mkdir --parents "$(dirname "$keep_dir/$stuff_to_keep")" cp --archive "$dest_dir/$stuff_to_keep" "$keep_dir/$stuff_to_keep" fi @@ -180,20 +175,16 @@ ynh_setup_source () { # Extract source into the app dir mkdir --parents "$dest_dir" - if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ] - then + if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ]; then _ynh_apply_default_permissions $dest_dir fi - if ! "$src_extract" - then + if ! "$src_extract"; then mv $src_filename $dest_dir - elif [ "$src_format" = "zip" ] - then + elif [ "$src_format" = "zip" ]; then # Zip format # Using of a temp directory, because unzip doesn't manage --strip-components - if $src_in_subdir - then + if $src_in_subdir; then local tmp_dir=$(mktemp --directory) unzip -quo $src_filename -d "$tmp_dir" cp --archive $tmp_dir/*/. "$dest_dir" @@ -204,18 +195,15 @@ ynh_setup_source () { ynh_secure_remove --file="$src_filename" else local strip="" - if [ "$src_in_subdir" != "false" ] - then - if [ "$src_in_subdir" == "true" ] - then + if [ "$src_in_subdir" != "false" ]; then + if [ "$src_in_subdir" == "true" ]; then local sub_dirs=1 else local sub_dirs="$src_in_subdir" fi strip="--strip-components $sub_dirs" fi - if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] - then + if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]]; then tar --extract --file=$src_filename --directory="$dest_dir" $strip else ynh_die --message="Archive format unrecognized." @@ -224,17 +212,16 @@ ynh_setup_source () { fi # Apply patches - if [ -d "$YNH_APP_BASEDIR/sources/patches/" ] - then + if [ -d "$YNH_APP_BASEDIR/sources/patches/" ]; then local patches_folder=$(realpath $YNH_APP_BASEDIR/sources/patches/) - if (( $(find $patches_folder -type f -name "${source_id}-*.patch" 2> /dev/null | wc --lines) > "0" )) - then - (cd "$dest_dir" - for p in $patches_folder/${source_id}-*.patch - do - echo $p - patch --strip=1 < $p - done) || ynh_die --message="Unable to apply patches" + if (($(find $patches_folder -type f -name "${source_id}-*.patch" 2>/dev/null | wc --lines) > "0")); then + ( + cd "$dest_dir" + for p in $patches_folder/${source_id}-*.patch; do + echo $p + patch --strip=1 <$p + done + ) || ynh_die --message="Unable to apply patches" fi fi @@ -245,14 +232,11 @@ ynh_setup_source () { # Keep files to be backup/restored at the end of the helper # Assuming $dest_dir already exists - if [ -n "$keep" ] - then + if [ -n "$keep" ]; then local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID} local stuff_to_keep - for stuff_to_keep in $keep - do - if [ -e "$keep_dir/$stuff_to_keep" ] - then + for stuff_to_keep in $keep; do + if [ -e "$keep_dir/$stuff_to_keep" ]; then mkdir --parents "$(dirname "$dest_dir/$stuff_to_keep")" cp --archive "$keep_dir/$stuff_to_keep" "$dest_dir/$stuff_to_keep" fi @@ -276,7 +260,7 @@ ynh_setup_source () { # `$domain` and `$path_url` should be defined externally (and correspond to the domain.tld and the /path (of the app?)) # # Requires YunoHost version 2.6.4 or higher. -ynh_local_curl () { +ynh_local_curl() { # Define url of page to curl local local_page=$(ynh_normalize_url_path $1) local full_path=$path_url$local_page @@ -290,12 +274,10 @@ ynh_local_curl () { # Concatenate all other arguments with '&' to prepare POST data local POST_data="" local arg="" - for arg in "${@:2}" - do + for arg in "${@:2}"; do POST_data="${POST_data}${arg}&" done - if [ -n "$POST_data" ] - then + if [ -n "$POST_data" ]; then # Add --data arg and remove the last character, which is an unecessary '&' POST_data="--data ${POST_data::-1}" fi @@ -308,8 +290,18 @@ ynh_local_curl () { chown root $cookiefile chmod 700 $cookiefile + # Temporarily enable visitors if needed... + local visitors_enabled=$(ynh_permission_has_user "main" "visitors" && echo yes || echo no) + if [[ $visitors_enabled == "no" ]]; then + ynh_permission_update --permission "main" --add "visitors" + fi + # Curl the URL curl --silent --show-error --insecure --location --header "Host: $domain" --resolve $domain:443:127.0.0.1 $POST_data "$full_page_url" --cookie-jar $cookiefile --cookie $cookiefile + + if [[ $visitors_enabled == "no" ]]; then + ynh_permission_update --permission "main" --remove "visitors" + fi } # Create a dedicated config file from a template @@ -353,10 +345,10 @@ ynh_local_curl () { # into the app settings when configuration is done. # # Requires YunoHost version 4.1.0 or higher. -ynh_add_config () { +ynh_add_config() { # Declare an array to define the options of this helper. local legacy_args=tdv - local -A args_array=( [t]=template= [d]=destination= ) + local -A args_array=([t]=template= [d]=destination=) local template local destination # Manage arguments with getopts @@ -414,17 +406,16 @@ ynh_add_config () { # __VAR_2__ by $var_2 # # Requires YunoHost version 4.1.0 or higher. -ynh_replace_vars () { +ynh_replace_vars() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= ) + local -A args_array=([f]=file=) local file # Manage arguments with getopts ynh_handle_getopts_args "$@" # Replace specific YunoHost variables - if test -n "${path_url:-}" - then + if test -n "${path_url:-}"; then # path_url_slash_less is path_url, or a blank value if path_url is only '/' local path_url_slash_less=${path_url%/} ynh_replace_string --match_string="__PATH__/" --replace_string="$path_url_slash_less/" --target_file="$file" @@ -448,12 +439,11 @@ ynh_replace_vars () { # Replace others variables # List other unique (__ __) variables in $file - local uniques_vars=( $(grep -oP '__[A-Z0-9]+?[A-Z0-9_]*?[A-Z0-9]*?__' $file | sort --unique | sed "s@__\([^.]*\)__@\L\1@g" )) + local uniques_vars=($(grep -oP '__[A-Z0-9]+?[A-Z0-9_]*?[A-Z0-9]*?__' $file | sort --unique | sed "s@__\([^.]*\)__@\L\1@g")) # Do the replacement local delimit=@ - for one_var in "${uniques_vars[@]}" - do + for one_var in "${uniques_vars[@]}"; do # Validate that one_var is indeed defined # -v checks if the variable is defined, for example: # -v FOO tests if $FOO is defined @@ -509,7 +499,7 @@ ynh_replace_vars () { ynh_read_var_in_file() { # Declare an array to define the options of this helper. local legacy_args=fka - local -A args_array=( [f]=file= [k]=key= [a]=after=) + local -A args_array=([f]=file= [k]=key= [a]=after=) local file local key local after @@ -523,11 +513,9 @@ ynh_read_var_in_file() { # Get the line number after which we search for the variable local line_number=1 - if [[ -n "$after" ]]; - then + if [[ -n "$after" ]]; then line_number=$(grep -n $after $file | cut -d: -f1) - if [[ -z "$line_number" ]]; - then + if [[ -z "$line_number" ]]; then set -o xtrace # set -x return 1 fi @@ -545,7 +533,7 @@ ynh_read_var_in_file() { if [[ "$ext" =~ ^ini|env$ ]]; then comments="[;#]" fi - if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then + if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then comments="//" fi local list='\[\s*['$string']?\w+['$string']?\]' @@ -564,13 +552,13 @@ ynh_read_var_in_file() { fi # Remove comments if needed - local expression="$(echo "$expression_with_comment" | sed "s@$comments[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" + local expression="$(echo "$expression_with_comment" | sed "s@${comments}[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" local first_char="${expression:0:1}" - if [[ "$first_char" == '"' ]] ; then - echo "$expression" | grep -m1 -o -P '"\K([^"](\\")?)*[^\\](?=")' | head -n1 | sed 's/\\"/"/g' - elif [[ "$first_char" == "'" ]] ; then - echo "$expression" | grep -m1 -o -P "'\K([^'](\\\\')?)*[^\\\\](?=')" | head -n1 | sed "s/\\\\'/'/g" + if [[ "$first_char" == '"' ]]; then + echo "$expression" | grep -m1 -o -P '"\K([^"](\\")?)*[^\\](?=")' | head -n1 | sed 's/\\"/"/g' + elif [[ "$first_char" == "'" ]]; then + echo "$expression" | grep -m1 -o -P "'\K([^'](\\\\')?)*[^\\\\](?=')" | head -n1 | sed "s/\\\\'/'/g" else echo "$expression" fi @@ -588,7 +576,7 @@ ynh_read_var_in_file() { ynh_write_var_in_file() { # Declare an array to define the options of this helper. local legacy_args=fkva - local -A args_array=( [f]=file= [k]=key= [v]=value= [a]=after=) + local -A args_array=([f]=file= [k]=key= [v]=value= [a]=after=) local file local key local value @@ -603,11 +591,9 @@ ynh_write_var_in_file() { # Get the line number after which we search for the variable local line_number=1 - if [[ -n "$after" ]]; - then + if [[ -n "$after" ]]; then line_number=$(grep -n $after $file | cut -d: -f1) - if [[ -z "$line_number" ]]; - then + if [[ -z "$line_number" ]]; then set -o xtrace # set -x return 1 fi @@ -626,7 +612,7 @@ ynh_write_var_in_file() { if [[ "$ext" =~ ^ini|env$ ]]; then comments="[;#]" fi - if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then + if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then comments="//" fi local list='\[\s*['$string']?\w+['$string']?\]' @@ -644,28 +630,28 @@ ynh_write_var_in_file() { fi # Remove comments if needed - local expression="$(echo "$expression_with_comment" | sed "s@$comments[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" + local expression="$(echo "$expression_with_comment" | sed "s@${comments}[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")" endline=${expression_with_comment#"$expression"} endline="$(echo "$endline" | sed 's/\\/\\\\/g')" value="$(echo "$value" | sed 's/\\/\\\\/g')" local first_char="${expression:0:1}" delimiter=$'\001' - if [[ "$first_char" == '"' ]] ; then + if [[ "$first_char" == '"' ]]; then # \ and sed is quite complex you need 2 \\ to get one in a sed # So we need \\\\ to go through 2 sed value="$(echo "$value" | sed 's/"/\\\\"/g')" sed -ri "${range}s$delimiter"'(^'"${var_part}"'")([^"]|\\")*("[\s;,]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}"'"'"${endline}${delimiter}i" ${file} - elif [[ "$first_char" == "'" ]] ; then + elif [[ "$first_char" == "'" ]]; then # \ and sed is quite complex you need 2 \\ to get one in a sed # However double quotes implies to double \\ to # So we need \\\\\\\\ to go through 2 sed and 1 double quotes str value="$(echo "$value" | sed "s/'/\\\\\\\\'/g")" sed -ri "${range}s$delimiter(^${var_part}')([^']|\\')*('"'[\s,;]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}'${endline}${delimiter}i" ${file} else - if [[ "$value" == *"'"* ]] || [[ "$value" == *'"'* ]] || [[ "$ext" =~ ^php|py|json|js$ ]] ; then + if [[ "$value" == *"'"* ]] || [[ "$value" == *'"'* ]] || [[ "$ext" =~ ^php|py|json|js$ ]]; then value='\"'"$(echo "$value" | sed 's/"/\\\\"/g')"'\"' fi - if [[ "$ext" =~ ^yaml|yml$ ]] ; then + if [[ "$ext" =~ ^yaml|yml$ ]]; then value=" $value" fi sed -ri "${range}s$delimiter(^${var_part}).*\$$delimiter\1${value}${endline}${delimiter}i" ${file} @@ -673,7 +659,6 @@ ynh_write_var_in_file() { set -o xtrace # set -x } - # Render templates with Jinja2 # # [internal] @@ -691,7 +676,7 @@ ynh_render_template() { # Taken from https://stackoverflow.com/a/35009576 python3 -c 'import os, sys, jinja2; sys.stdout.write( jinja2.Template(sys.stdin.read() - ).render(os.environ));' < $template_path > $output_path + ).render(os.environ));' <$template_path >$output_path } # Fetch the Debian release codename @@ -700,28 +685,29 @@ ynh_render_template() { # | ret: The Debian release codename (i.e. jessie, stretch, ...) # # Requires YunoHost version 2.7.12 or higher. -ynh_get_debian_release () { +ynh_get_debian_release() { echo $(lsb_release --codename --short) } -# Create a directory under /tmp -# -# [internal] -# -# Deprecated helper -# -# usage: ynh_mkdir_tmp -# | ret: the created directory path -ynh_mkdir_tmp() { - ynh_print_warn --message="The helper ynh_mkdir_tmp is deprecated." - ynh_print_warn --message="You should use 'mktemp -d' instead and manage permissions \ -properly with chmod/chown." - local TMP_DIR=$(mktemp --directory) +_acceptable_path_to_delete() { + local file=$1 - # Give rights to other users could be a security risk. - # But for retrocompatibility we need it. (This helpers is deprecated) - chmod 755 $TMP_DIR - echo $TMP_DIR + local forbidden_paths=$(ls -d / /* /{var,home,usr}/* /etc/{default,sudoers.d,yunohost,cron*}) + + # Legacy : A couple apps still have data in /home/$app ... + if [[ -n "$app" ]] + then + forbidden_paths=$(echo "$forbidden_paths" | grep -v "/home/$app") + fi + + # Use realpath to normalize the path .. + # i.e convert ///foo//bar//..///baz//// to /foo/baz + file=$(realpath --no-symlinks "$file") + if [ -z "$file" ] || grep -q -x -F "$file" <<< "$forbidden_paths"; then + return 1 + else + return 0 + fi } # Remove a file or a directory securely @@ -730,77 +716,32 @@ properly with chmod/chown." # | arg: -f, --file= - File or directory to remove # # Requires YunoHost version 2.6.4 or higher. -ynh_secure_remove () { +ynh_secure_remove() { # Declare an array to define the options of this helper. local legacy_args=f - local -A args_array=( [f]=file= ) + local -A args_array=([f]=file=) local file # Manage arguments with getopts ynh_handle_getopts_args "$@" set +o xtrace # set +x - local forbidden_path=" \ - /var/www \ - /home/yunohost.app" - - if [ $# -ge 2 ] - then + if [ $# -ge 2 ]; then ynh_print_warn --message="/!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time." fi - if [[ -z "$file" ]] - then + if [[ -z "$file" ]]; then ynh_print_warn --message="ynh_secure_remove called with empty argument, ignoring." - elif [[ "$forbidden_path" =~ "$file" \ - # Match all paths or subpaths in $forbidden_path - || "$file" =~ ^/[[:alnum:]]+$ \ - # Match all first level paths from / (Like /var, /root, etc...) - || "${file:${#file}-1}" = "/" ]] - # Match if the path finishes by /. Because it seems there is an empty variable - then - ynh_print_warn --message="Not deleting '$file' because it is not an acceptable path to delete." - elif [ -e "$file" ] - then - rm --recursive "$file" - else + elif [[ ! -e $file ]]; then ynh_print_info --message="'$file' wasn't deleted because it doesn't exist." + elif ! _acceptable_path_to_delete "$file"; then + ynh_print_warn --message="Not deleting '$file' because it is not an acceptable path to delete." + else + rm --recursive "$file" fi set -o xtrace # set -x } -# Extract a key from a plain command output -# -# [internal] -# -# (Deprecated, use --output-as json and jq instead) -ynh_get_plain_key() { - local prefix="#" - local founded=0 - # We call this key_ so that it's not caught as - # an info to be redacted by the core - local key_=$1 - shift - while read line - do - if [[ "$founded" == "1" ]] - then - [[ "$line" =~ ^${prefix}[^#] ]] && return - echo $line - elif [[ "$line" =~ ^${prefix}${key_}$ ]] - then - if [[ -n "${1:-}" ]] - then - prefix+="#" - key_=$1 - shift - else - founded=1 - fi - fi - done -} - # Read the value of a key in a ynh manifest file # # usage: ynh_read_manifest --manifest="manifest.json" --key="key" @@ -809,10 +750,10 @@ ynh_get_plain_key() { # | ret: the value associate to that key # # Requires YunoHost version 3.5.0 or higher. -ynh_read_manifest () { +ynh_read_manifest() { # Declare an array to define the options of this helper. local legacy_args=mk - local -A args_array=( [m]=manifest= [k]=manifest_key= ) + local -A args_array=([m]=manifest= [k]=manifest_key=) local manifest local manifest_key # Manage arguments with getopts @@ -839,20 +780,19 @@ ynh_read_manifest () { # For example, if the manifest contains `4.3-2~ynh3` the function will return `4.3-2` # # Requires YunoHost version 3.5.0 or higher. -ynh_app_upstream_version () { +ynh_app_upstream_version() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=manifest= ) + local -A args_array=([m]=manifest=) local manifest # Manage arguments with getopts ynh_handle_getopts_args "$@" manifest="${manifest:-}" - if [[ "$manifest" != "" ]] && [[ -e "$manifest" ]]; - then - version_key_=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version") + if [[ "$manifest" != "" ]] && [[ -e "$manifest" ]]; then + version_key_=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version") else - version_key_=$YNH_APP_MANIFEST_VERSION + version_key_=$YNH_APP_MANIFEST_VERSION fi echo "${version_key_/~ynh*/}" @@ -869,10 +809,10 @@ ynh_app_upstream_version () { # For example, if the manifest contains `4.3-2~ynh3` the function will return `3` # # Requires YunoHost version 3.5.0 or higher. -ynh_app_package_version () { +ynh_app_package_version() { # Declare an array to define the options of this helper. local legacy_args=m - local -A args_array=( [m]=manifest= ) + local -A args_array=([m]=manifest=) local manifest # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -894,11 +834,10 @@ ynh_app_package_version () { # sudo yunohost app upgrade --force # ``` # Requires YunoHost version 3.5.0 or higher. -ynh_check_app_version_changed () { +ynh_check_app_version_changed() { local return_value=${YNH_APP_UPGRADE_TYPE} - if [ "$return_value" == "UPGRADE_FULL" ] || [ "$return_value" == "UPGRADE_FORCED" ] || [ "$return_value" == "DOWNGRADE_FORCED" ] - then + if [ "$return_value" == "UPGRADE_FULL" ] || [ "$return_value" == "UPGRADE_FORCED" ] || [ "$return_value" == "DOWNGRADE_FORCED" ]; then return_value="UPGRADE_APP" fi @@ -927,7 +866,7 @@ ynh_check_app_version_changed () { # Requires YunoHost version 3.8.0 or higher. ynh_compare_current_package_version() { local legacy_args=cv - declare -Ar args_array=( [c]=comparison= [v]=version= ) + declare -Ar args_array=([c]=comparison= [v]=version=) local version local comparison # Manage arguments with getopts @@ -936,8 +875,7 @@ ynh_compare_current_package_version() { local current_version=$YNH_APP_CURRENT_VERSION # Check the syntax of the versions - if [[ ! $version =~ '~ynh' ]] || [[ ! $current_version =~ '~ynh' ]] - then + if [[ ! $version =~ '~ynh' ]] || [[ ! $current_version =~ '~ynh' ]]; then ynh_die --message="Invalid argument for version." fi @@ -972,14 +910,19 @@ _ynh_apply_default_permissions() { local ynh_requirement=$(jq -r '.requirements.yunohost' $YNH_APP_BASEDIR/manifest.json | tr -d '>= ') - if [ -z "$ynh_requirement" ] || [ "$ynh_requirement" == "null" ] || dpkg --compare-versions $ynh_requirement ge 4.2 - then + if [ -z "$ynh_requirement" ] || [ "$ynh_requirement" == "null" ] || dpkg --compare-versions $ynh_requirement ge 4.2; then chmod o-rwx $target chmod g-w $target chown -R root:root $target - if ynh_system_user_exists $app - then + if ynh_system_user_exists $app; then chown $app:$app $target fi fi + + # Crons should be owned by root otherwise they probably don't run + if echo "$target" | grep -q '^/etc/cron' + then + chmod 400 $target + chown root:root $target + fi } diff --git a/data/hooks/backup/05-conf_ldap b/hooks/backup/05-conf_ldap similarity index 100% rename from data/hooks/backup/05-conf_ldap rename to hooks/backup/05-conf_ldap diff --git a/data/hooks/backup/17-data_home b/hooks/backup/17-data_home similarity index 100% rename from data/hooks/backup/17-data_home rename to hooks/backup/17-data_home diff --git a/data/hooks/backup/18-data_multimedia b/hooks/backup/18-data_multimedia similarity index 100% rename from data/hooks/backup/18-data_multimedia rename to hooks/backup/18-data_multimedia diff --git a/data/hooks/backup/20-conf_ynh_settings b/hooks/backup/20-conf_ynh_settings similarity index 86% rename from data/hooks/backup/20-conf_ynh_settings rename to hooks/backup/20-conf_ynh_settings index 9b56f1579..76ab0aaca 100644 --- a/data/hooks/backup/20-conf_ynh_settings +++ b/hooks/backup/20-conf_ynh_settings @@ -12,7 +12,7 @@ backup_dir="${1}/conf/ynh" # Backup the configuration ynh_backup "/etc/yunohost/firewall.yml" "${backup_dir}/firewall.yml" ynh_backup "/etc/yunohost/current_host" "${backup_dir}/current_host" -ynh_backup "/etc/yunohost/domains" "${backup_dir}/domains" +[ ! -d "/etc/yunohost/domains" ] || ynh_backup "/etc/yunohost/domains" "${backup_dir}/domains" [ ! -e "/etc/yunohost/settings.json" ] || ynh_backup "/etc/yunohost/settings.json" "${backup_dir}/settings.json" [ ! -d "/etc/yunohost/dyndns" ] || ynh_backup "/etc/yunohost/dyndns" "${backup_dir}/dyndns" [ ! -d "/etc/dkim" ] || ynh_backup "/etc/dkim" "${backup_dir}/dkim" diff --git a/data/hooks/backup/21-conf_ynh_certs b/hooks/backup/21-conf_ynh_certs similarity index 100% rename from data/hooks/backup/21-conf_ynh_certs rename to hooks/backup/21-conf_ynh_certs diff --git a/data/hooks/backup/23-data_mail b/hooks/backup/23-data_mail similarity index 100% rename from data/hooks/backup/23-data_mail rename to hooks/backup/23-data_mail diff --git a/data/hooks/backup/27-data_xmpp b/hooks/backup/27-data_xmpp similarity index 100% rename from data/hooks/backup/27-data_xmpp rename to hooks/backup/27-data_xmpp diff --git a/data/hooks/backup/50-conf_manually_modified_files b/hooks/backup/50-conf_manually_modified_files similarity index 72% rename from data/hooks/backup/50-conf_manually_modified_files rename to hooks/backup/50-conf_manually_modified_files index 2cca11afb..bdea14113 100644 --- a/data/hooks/backup/50-conf_manually_modified_files +++ b/hooks/backup/50-conf_manually_modified_files @@ -6,13 +6,12 @@ YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files" mkdir -p "$YNH_CWD" cd "$YNH_CWD" -yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" > ./manually_modified_files_list +yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" >./manually_modified_files_list ynh_backup --src_path="./manually_modified_files_list" -for file in $(cat ./manually_modified_files_list) -do +for file in $(cat ./manually_modified_files_list); do [[ -e $file ]] && ynh_backup --src_path="$file" done - + ynh_backup --src_path="/etc/ssowat/conf.json.persistent" diff --git a/hooks/conf_regen/01-yunohost b/hooks/conf_regen/01-yunohost new file mode 100755 index 000000000..ceab4b2f6 --- /dev/null +++ b/hooks/conf_regen/01-yunohost @@ -0,0 +1,253 @@ +#!/bin/bash + +set -e + +do_init_regen() { + if [[ $EUID -ne 0 ]]; then + echo "You must be root to run this script" 1>&2 + exit 1 + fi + + cd /usr/share/yunohost/conf/yunohost + + [[ -d /etc/yunohost ]] || mkdir -p /etc/yunohost + + # set default current_host + [[ -f /etc/yunohost/current_host ]] \ + || echo "yunohost.org" >/etc/yunohost/current_host + + # copy default services and firewall + [[ -f /etc/yunohost/firewall.yml ]] \ + || cp firewall.yml /etc/yunohost/firewall.yml + + # allow users to access /media directory + [[ -d /etc/skel/media ]] \ + || (mkdir -p /media && ln -s /media /etc/skel/media) + + # Cert folders + mkdir -p /etc/yunohost/certs + chown -R root:ssl-cert /etc/yunohost/certs + chmod 750 /etc/yunohost/certs + + # App folders + mkdir -p /etc/yunohost/apps + chmod 700 /etc/yunohost/apps + mkdir -p /home/yunohost.app + chmod 755 /home/yunohost.app + + # Domain settings + mkdir -p /etc/yunohost/domains + chmod 700 /etc/yunohost/domains + + # Backup folders + mkdir -p /home/yunohost.backup/archives + chmod 750 /home/yunohost.backup/archives + chown root:root /home/yunohost.backup/archives # This is later changed to admin:root once admin user exists + + # Empty ssowat json persistent conf + echo "{}" >'/etc/ssowat/conf.json.persistent' + chmod 644 /etc/ssowat/conf.json.persistent + chown root:root /etc/ssowat/conf.json.persistent + + # Empty service conf + touch /etc/yunohost/services.yml + + mkdir -p /var/cache/yunohost/repo + chown root:root /var/cache/yunohost + chmod 700 /var/cache/yunohost + + cp yunohost-api.service /etc/systemd/system/yunohost-api.service + cp yunohost-firewall.service /etc/systemd/system/yunohost-firewall.service + cp yunoprompt.service /etc/systemd/system/yunoprompt.service + + systemctl daemon-reload + + systemctl enable yunohost-api.service --quiet + systemctl start yunohost-api.service + # Yunohost-firewall is enabled only during postinstall, not init, not 100% sure why + + cp dpkg-origins /etc/dpkg/origins/yunohost + + # Change dpkg vendor + # see https://wiki.debian.org/Derivatives/Guidelines#Vendor + if readlink -f /etc/dpkg/origins/default | grep -q debian; + then + rm -f /etc/dpkg/origins/default + ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default + fi +} + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/yunohost + + mkdir -p $pending_dir/etc/systemd/system + mkdir -p $pending_dir/etc/cron.d/ + mkdir -p $pending_dir/etc/cron.daily/ + + # add cron job for diagnosis to be ran at 7h and 19h + a random delay between + # 0 and 20min, meant to avoid every instances running their diagnosis at + # exactly the same time, which may overload the diagnosis server. + cat >$pending_dir/etc/cron.d/yunohost-diagnosis < /dev/null 2>/dev/null || echo "Running the automatic diagnosis failed miserably" +EOF + + # Cron job that upgrade the app list everyday + cat >$pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog < /dev/null) & +EOF + + # Cron job that renew lets encrypt certificates if there's any that needs renewal + cat >$pending_dir/etc/cron.daily/yunohost-certificate-renew </dev/null; then + cat >$pending_dir/etc/cron.d/yunohost-dyndns </dev/null 2>&1 || test -e /var/run/moulinette_yunohost.lock || yunohost dyndns update >> /dev/null +EOF + else + # (Delete cron if no dyndns domain found) + touch $pending_dir/etc/cron.d/yunohost-dyndns + fi + + # Skip ntp if inside a container (inspired from the conf of systemd-timesyncd) + mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/ + cat >${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf <${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf <${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf </dev/null) + chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) + + # Apps folder, custom hooks folder + [[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d) + [[ ! -e /etc/yunohost/apps ]] || (chown root /etc/yunohost/apps && chmod 700 /etc/yunohost/apps) + [[ ! -e /etc/yunohost/domains ]] || (chown root /etc/yunohost/domains && chmod 700 /etc/yunohost/domains) + + # Create ssh.app and sftp.app groups if they don't exist yet + grep -q '^ssh.app:' /etc/group || groupadd ssh.app + grep -q '^sftp.app:' /etc/group || groupadd sftp.app + + # Propagates changes in systemd service config overrides + [[ ! "$regen_conf_files" =~ "ntp.service.d/ynh-override.conf" ]] || { + systemctl daemon-reload + systemctl restart ntp + } + [[ ! "$regen_conf_files" =~ "nftables.service.d/ynh-override.conf" ]] || systemctl daemon-reload + [[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] || systemctl daemon-reload + [[ ! "$regen_conf_files" =~ "yunohost-firewall.service" ]] || systemctl daemon-reload + [[ ! "$regen_conf_files" =~ "yunohost-api.service" ]] || systemctl daemon-reload + + if [[ "$regen_conf_files" =~ "yunoprompt.service" ]]; then + systemctl daemon-reload + action=$([[ -e /etc/systemd/system/yunoprompt.service ]] && echo 'enable' || echo 'disable') + systemctl $action yunoprompt --quiet --now + fi + if [[ "$regen_conf_files" =~ "proc-hidepid.service" ]]; then + systemctl daemon-reload + action=$([[ -e /etc/systemd/system/proc-hidepid.service ]] && echo 'enable' || echo 'disable') + systemctl $action proc-hidepid --quiet --now + fi + + # Change dpkg vendor + # see https://wiki.debian.org/Derivatives/Guidelines#Vendor + if readlink -f /etc/dpkg/origins/default | grep -q debian; + then + rm -f /etc/dpkg/origins/default + ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default + fi +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/02-ssl b/hooks/conf_regen/02-ssl new file mode 100755 index 000000000..1aaab59d1 --- /dev/null +++ b/hooks/conf_regen/02-ssl @@ -0,0 +1,134 @@ +#!/bin/bash + +set -e + +ssl_dir="/usr/share/yunohost/ssl" +template_dir="/usr/share/yunohost/conf/ssl/" +ynh_ca="/etc/yunohost/certs/yunohost.org/ca.pem" +ynh_crt="/etc/yunohost/certs/yunohost.org/crt.pem" +ynh_key="/etc/yunohost/certs/yunohost.org/key.pem" + +regen_local_ca() { + + domain="$1" + + echo -e "\n# Creating local certification authority with domain=$domain\n" + + # create certs and SSL directories + mkdir -p "/etc/yunohost/certs/yunohost.org" + mkdir -p "${ssl_dir}/"{ca,certs,crl,newcerts} + + pushd ${ssl_dir} + + # (Update the serial so that it's specific to this very instance) + # N.B. : the weird RANDFILE thing comes from: + # https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean + RANDFILE=.rnd openssl rand -hex 19 >serial + rm -f index.txt + touch index.txt + cp ${template_dir}/openssl.cnf openssl.ca.cnf + sed -i "s/yunohost.org/${domain}/g" openssl.ca.cnf + openssl req -x509 \ + -new \ + -config openssl.ca.cnf \ + -days 3650 \ + -out ca/cacert.pem \ + -keyout ca/cakey.pem \ + -nodes \ + -batch \ + -subj /CN=${domain}/O=${domain%.*} 2>&1 + + chmod 640 ca/cacert.pem + chmod 640 ca/cakey.pem + + cp ca/cacert.pem $ynh_ca + ln -sf "$ynh_ca" /etc/ssl/certs/ca-yunohost_crt.pem + update-ca-certificates + + popd +} + +do_init_regen() { + + LOGFILE=/tmp/yunohost-ssl-init + echo "" >$LOGFILE + chown root:root $LOGFILE + chmod 640 $LOGFILE + + # Make sure this conf exists + mkdir -p ${ssl_dir}/{ca,certs,crl,newcerts} + install -D -m 644 ${template_dir}/openssl.cnf "${ssl_dir}/openssl.cnf" + + # create default certificates + if [[ ! -f "$ynh_ca" ]]; then + regen_local_ca yunohost.org >>$LOGFILE + fi + + if [[ ! -f "$ynh_crt" ]]; then + echo -e "\n# Creating initial key and certificate \n" >>$LOGFILE + + openssl req -new \ + -config "${ssl_dir}/openssl.cnf" \ + -out "${ssl_dir}/certs/yunohost_csr.pem" \ + -keyout "${ssl_dir}/certs/yunohost_key.pem" \ + -nodes -batch &>>$LOGFILE + + openssl ca \ + -config "${ssl_dir}/openssl.cnf" \ + -days 730 \ + -in "${ssl_dir}/certs/yunohost_csr.pem" \ + -out "${ssl_dir}/certs/yunohost_crt.pem" \ + -batch &>>$LOGFILE + + chmod 640 "${ssl_dir}/certs/yunohost_key.pem" + chmod 640 "${ssl_dir}/certs/yunohost_crt.pem" + + cp "${ssl_dir}/certs/yunohost_key.pem" "$ynh_key" + cp "${ssl_dir}/certs/yunohost_crt.pem" "$ynh_crt" + ln -sf "$ynh_crt" /etc/ssl/certs/yunohost_crt.pem + ln -sf "$ynh_key" /etc/ssl/private/yunohost_key.pem + fi + + chown -R root:ssl-cert /etc/yunohost/certs/yunohost.org/ + chmod o-rwx /etc/yunohost/certs/yunohost.org/ +} + +do_pre_regen() { + pending_dir=$1 + + install -D -m 644 $template_dir/openssl.cnf "${pending_dir}/${ssl_dir}/openssl.cnf" +} + +do_post_regen() { + regen_conf_files=$1 + + current_local_ca_domain=$(openssl x509 -in $ynh_ca -text | tr ',' '\n' | grep Issuer | awk '{print $4}') + main_domain=$(cat /etc/yunohost/current_host) + + # Automigrate legacy folder + if [ -e /usr/share/yunohost/yunohost-config/ssl/yunoCA ] + then + mv /usr/share/yunohost/yunohost-config/ssl/yunoCA/* ${ssl_dir} + rm -rf /usr/share/yunohost/yunohost-config + # Overwrite openssl.cnf because it may still contain references to the old yunoCA dir + install -D -m 644 ${template_dir}/openssl.cnf "${ssl_dir}/openssl.cnf" + install -D -m 644 ${template_dir}/openssl.cnf "${ssl_dir}/openssl.ca.cnf" + sed -i "s/yunohost.org/${main_domain}/g" openssl.ca.cnf + fi + + mkdir -p ${ssl_dir}/{ca,certs,crl,newcerts} + chown root:root ${ssl_dir} + chmod 750 ${ssl_dir} + chmod -R o-rwx ${ssl_dir} + chmod o+x ${ssl_dir}/certs + chmod o+r ${ssl_dir}/certs/yunohost_crt.pem + + if [[ "$current_local_ca_domain" != "$main_domain" ]]; then + regen_local_ca $main_domain + # Idk how useful this is, but this was in the previous python code (domain.main_domain()) + ln -sf /etc/yunohost/certs/$main_domain/crt.pem /etc/ssl/certs/yunohost_crt.pem + ln -sf /etc/yunohost/certs/$main_domain/key.pem /etc/ssl/private/yunohost_key.pem + fi +} + +do_$1_regen ${@:2} diff --git a/data/hooks/conf_regen/03-ssh b/hooks/conf_regen/03-ssh similarity index 77% rename from data/hooks/conf_regen/03-ssh rename to hooks/conf_regen/03-ssh index f10dbb653..9a7f5ce4d 100755 --- a/data/hooks/conf_regen/03-ssh +++ b/hooks/conf_regen/03-ssh @@ -7,11 +7,7 @@ set -e do_pre_regen() { pending_dir=$1 - # If the (legacy) 'from_script' flag is here, - # we won't touch anything in the ssh config. - [[ ! -f /etc/yunohost/from_script ]] || return 0 - - cd /usr/share/yunohost/templates/ssh + cd /usr/share/yunohost/conf/ssh # do not listen to IPv6 if unavailable [[ -f /proc/net/if_inet6 ]] && ipv6_enabled=true || ipv6_enabled=false @@ -26,6 +22,7 @@ do_pre_regen() { # Support different strategy for security configurations export compatibility="$(yunohost settings get 'security.ssh.compatibility')" export port="$(yunohost settings get 'security.ssh.port')" + export password_authentication="$(yunohost settings get 'security.ssh.password_authentication')" export ssh_keys export ipv6_enabled ynh_render_template "sshd_config" "${pending_dir}/etc/ssh/sshd_config" @@ -34,10 +31,6 @@ do_pre_regen() { do_post_regen() { regen_conf_files=$1 - # If the (legacy) 'from_script' flag is here, - # we won't touch anything in the ssh config. - [[ ! -f /etc/yunohost/from_script ]] || return 0 - # If no file changed, there's nothing to do [[ -n "$regen_conf_files" ]] || return 0 diff --git a/hooks/conf_regen/06-slapd b/hooks/conf_regen/06-slapd new file mode 100755 index 000000000..616b383ec --- /dev/null +++ b/hooks/conf_regen/06-slapd @@ -0,0 +1,193 @@ +#!/bin/bash + +set -e + +tmp_backup_dir_file="/root/slapd-backup-dir.txt" + +config="/usr/share/yunohost/conf/slapd/config.ldif" +db_init="/usr/share/yunohost/conf/slapd/db_init.ldif" + +do_init_regen() { + if [[ $EUID -ne 0 ]]; then + echo "You must be root to run this script" 1>&2 + exit 1 + fi + + do_pre_regen "" + + # Drop current existing slapd data + + rm -rf /var/backups/*.ldapdb + rm -rf /var/backups/slapd-* + + debconf-set-selections <&1 \ + | grep -v "none elapsed\|Closing DB" || true + chown -R openldap: /etc/ldap/slapd.d + + rm -rf /var/lib/ldap + mkdir -p /var/lib/ldap + slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "$db_init" 2>&1 \ + | grep -v "none elapsed\|Closing DB" || true + chown -R openldap: /var/lib/ldap + + nscd -i group || true + nscd -i passwd || true + + systemctl restart slapd + + # We don't use mkhomedir_helper because 'admin' may not be recognized + # when this script is ran in a chroot (e.g. ISO install) + # We also refer to admin as uid 1007 for the same reason + if [ ! -d /home/admin ]; then + cp -r /etc/skel /home/admin + chown -R 1007:1007 /home/admin + fi +} + +_regenerate_slapd_conf() { + + # Validate the new slapd config + # To do so, we have to use the .ldif to generate the config directory + # so we use a temporary directory slapd_new.d + rm -Rf /etc/ldap/slapd_new.d + mkdir /etc/ldap/slapd_new.d + slapadd -b cn=config -l "$config" -F /etc/ldap/slapd_new.d/ 2>&1 \ + | grep -v "none elapsed\|Closing DB" || true + # Actual validation (-Q is for quiet, -u is for dry-run) + slaptest -Q -u -F /etc/ldap/slapd_new.d + + # "Commit" / apply the new config (meaning we delete the old one and replace + # it with the new one) + rm -Rf /etc/ldap/slapd.d + mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d + + chown -R openldap:openldap /etc/ldap/slapd.d/ +} + +do_pre_regen() { + pending_dir=$1 + + # remove temporary backup file + rm -f "$tmp_backup_dir_file" + + # Define if we need to migrate from hdb to mdb + curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}') + if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] \ + && [ $curr_backend != 'mdb' ]; then + backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)" + mkdir -p "$backup_dir" + slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" + echo "$backup_dir" >"$tmp_backup_dir_file" + fi + + # create needed directories + ldap_dir="${pending_dir}/etc/ldap" + schema_dir="${ldap_dir}/schema" + mkdir -p "$ldap_dir" "$schema_dir" + + cd /usr/share/yunohost/conf/slapd + + # copy configuration files + cp -a ldap.conf "$ldap_dir" + cp -a sudo.ldif mailserver.ldif permission.ldif "$schema_dir" + + mkdir -p ${pending_dir}/etc/systemd/system/slapd.service.d/ + cp systemd-override.conf ${pending_dir}/etc/systemd/system/slapd.service.d/ynh-override.conf + + install -D -m 644 slapd.default "${pending_dir}/etc/default/slapd" +} + +do_post_regen() { + regen_conf_files=$1 + + # fix some permissions + echo "Enforce permissions on ldap/slapd directories and certs ..." + # penldap user should be in the ssl-cert group to let it access the certificate for TLS + usermod -aG ssl-cert openldap + chown -R openldap:openldap /etc/ldap/schema/ + chown -R openldap:openldap /etc/ldap/slapd.d/ + + # If we changed the systemd ynh-override conf + if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$"; then + systemctl daemon-reload + systemctl restart slapd + sleep 3 + fi + + # For some reason, old setups don't have the admins group defined... + if ! slapcat | grep -q 'cn=admins,ou=groups,dc=yunohost,dc=org'; then + slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org <<< \ + "dn: cn=admins,ou=groups,dc=yunohost,dc=org +cn: admins +gidNumber: 4001 +memberUid: admin +objectClass: posixGroup +objectClass: top" + chown -R openldap: /var/lib/ldap + systemctl restart slapd + nscd -i group + fi + + [ -z "$regen_conf_files" ] && exit 0 + + # regenerate LDAP config directory from slapd.conf + echo "Regenerate LDAP config directory from config.ldif" + _regenerate_slapd_conf + + # If there's a backup, re-import its data + backup_dir=$(cat "$tmp_backup_dir_file" 2>/dev/null || true) + if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then + # regenerate LDAP config directory and import database as root + echo "Import the database using slapadd" + slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif" + chown -R openldap:openldap /var/lib/ldap 2>&1 + fi + + echo "Running slapdindex" + su openldap -s "/bin/bash" -c "/usr/sbin/slapindex" + + echo "Reloading slapd" + systemctl force-reload slapd + + # on slow hardware/vm this regen conf would exit before the admin user that + # is stored in ldap is available because ldap seems to slow to restart + # so we'll wait either until we are able to log as admin or until a timeout + # is reached + # we need to do this because the next hooks executed after this one during + # postinstall requires to run as admin thus breaking postinstall on slow + # hardware which mean yunohost can't be correctly installed on those hardware + # and this sucks + # wait a maximum time of 5 minutes + # yes, force-reload behave like a restart + number_of_wait=0 + while ! su admin -c '' && ((number_of_wait < 60)); do + sleep 5 + ((number_of_wait += 1)) + done +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/09-nslcd b/hooks/conf_regen/09-nslcd new file mode 100755 index 000000000..9d5e5e538 --- /dev/null +++ b/hooks/conf_regen/09-nslcd @@ -0,0 +1,25 @@ +#!/bin/bash + +set -e + +do_init_regen() { + do_pre_regen "" + systemctl restart nslcd +} + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/nslcd + + install -D -m 644 nslcd.conf "${pending_dir}/etc/nslcd.conf" +} + +do_post_regen() { + regen_conf_files=$1 + + [[ -z "$regen_conf_files" ]] \ + || systemctl restart nslcd +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/10-apt b/hooks/conf_regen/10-apt new file mode 100755 index 000000000..bdd6d399c --- /dev/null +++ b/hooks/conf_regen/10-apt @@ -0,0 +1,74 @@ +#!/bin/bash + +set -e + +do_pre_regen() { + pending_dir=$1 + + mkdir --parents "${pending_dir}/etc/apt/preferences.d" + + # Add sury + mkdir -p ${pending_dir}/etc/apt/sources.list.d/ + echo "deb https://packages.sury.org/php/ $(lsb_release --codename --short) main" > "${pending_dir}/etc/apt/sources.list.d/extra_php_version.list" + + # Ban some packages from sury + echo " +Package: php-common +Pin: origin \"packages.sury.org\" +Pin-Priority: 500" >>"${pending_dir}/etc/apt/preferences.d/extra_php_version" + + packages_to_refuse_from_sury="php php-* openssl libssl1.1 libssl-dev" + for package in $packages_to_refuse_from_sury; do + echo " +Package: $package +Pin: origin \"packages.sury.org\" +Pin-Priority: -1" >>"${pending_dir}/etc/apt/preferences.d/extra_php_version" + done + + echo " + +# PLEASE READ THIS WARNING AND DON'T EDIT THIS FILE + +# You are probably reading this file because you tried to install apache2 or +# bind9. These 2 packages conflict with YunoHost. + +# Installing apache2 will break nginx and break the entire YunoHost ecosystem +# on your server, therefore don't remove those lines! + +# You have been warned. + +Package: apache2 +Pin: release * +Pin-Priority: -1 + +Package: apache2-bin +Pin: release * +Pin-Priority: -1 + +# Also bind9 will conflict with dnsmasq. +# Same story as for apache2. +# Don't install it, don't remove those lines. + +Package: bind9 +Pin: release * +Pin-Priority: -1 +" >>"${pending_dir}/etc/apt/preferences.d/ban_packages" + + +} + +do_post_regen() { + regen_conf_files=$1 + + # Add sury key + # We do this only at the post regen and if the key doesn't already exists, because we don't want the regenconf to fuck everything up if the regenconf runs while the network is down + if [[ ! -s /etc/apt/trusted.gpg.d/extra_php_version.gpg ]] + then + wget --timeout 900 --quiet "https://packages.sury.org/php/apt.gpg" --output-document=- | gpg --dearmor >"/etc/apt/trusted.gpg.d/extra_php_version.gpg" + fi + + # Make sure php7.4 is the default version when using php in cli + update-alternatives --set php /usr/bin/php7.4 +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/12-metronome b/hooks/conf_regen/12-metronome new file mode 100755 index 000000000..e0797e673 --- /dev/null +++ b/hooks/conf_regen/12-metronome @@ -0,0 +1,79 @@ +#!/bin/bash + +set -e + +if ! dpkg --list | grep -q 'ii *metronome ' +then + echo 'metronome is not installed, skipping' + exit 0 +fi + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/metronome + + # create directories for pending conf + metronome_dir="${pending_dir}/etc/metronome" + metronome_conf_dir="${metronome_dir}/conf.d" + mkdir -p "$metronome_conf_dir" + + # retrieve variables + main_domain=$(cat /etc/yunohost/current_host) + + # install main conf file + cat metronome.cfg.lua \ + | sed "s/{{ main_domain }}/${main_domain}/g" \ + >"${metronome_dir}/metronome.cfg.lua" + + # add domain conf files + for domain in $YNH_DOMAINS; do + cat domain.tpl.cfg.lua \ + | sed "s/{{ domain }}/${domain}/g" \ + >"${metronome_conf_dir}/${domain}.cfg.lua" + done + + # remove old domain conf files + conf_files=$(ls -1 /etc/metronome/conf.d \ + | awk '/^[^\.]+\.[^\.]+.*\.cfg\.lua$/ { print $1 }') + for file in $conf_files; do + domain=${file%.cfg.lua} + [[ $YNH_DOMAINS =~ $domain ]] \ + || touch "${metronome_conf_dir}/${file}" + done +} + +do_post_regen() { + regen_conf_files=$1 + + # retrieve variables + main_domain=$(cat /etc/yunohost/current_host) + + # FIXME : small optimization to do to avoid calling a yunohost command ... + # maybe another env variable like YNH_MAIN_DOMAINS idk + domain_list=$(yunohost domain list --exclude-subdomains --output-as plain --quiet) + + # create metronome directories for domains + for domain in $domain_list; do + mkdir -p "/var/lib/metronome/${domain//./%2e}/pep" + # http_upload directory must be writable by metronome and readable by nginx + mkdir -p "/var/xmpp-upload/${domain}/upload" + # sgid bit allows that file created in that dir will be owned by www-data + # despite the fact that metronome ain't in the www-data group + chmod g+s "/var/xmpp-upload/${domain}/upload" + done + + # fix some permissions + [ ! -e '/var/xmpp-upload' ] || chown -R metronome:www-data "/var/xmpp-upload/" + [ ! -e '/var/xmpp-upload' ] || chmod 750 "/var/xmpp-upload/" + + # metronome should be in ssl-cert group to let it access SSL certificates + usermod -aG ssl-cert metronome + chown -R metronome: /var/lib/metronome/ + chown -R metronome: /etc/metronome/conf.d/ + + [[ -z "$regen_conf_files" ]] \ + || systemctl restart metronome +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/15-nginx b/hooks/conf_regen/15-nginx new file mode 100755 index 000000000..c1d943681 --- /dev/null +++ b/hooks/conf_regen/15-nginx @@ -0,0 +1,148 @@ +#!/bin/bash + +set -e + +. /usr/share/yunohost/helpers + +do_init_regen() { + if [[ $EUID -ne 0 ]]; then + echo "You must be root to run this script" 1>&2 + exit 1 + fi + + cd /usr/share/yunohost/conf/nginx + + nginx_dir="/etc/nginx" + nginx_conf_dir="${nginx_dir}/conf.d" + mkdir -p "$nginx_conf_dir" + + # install plain conf files + cp plain/* "$nginx_conf_dir" + + # probably run with init: just disable default site, restart NGINX and exit + rm -f "${nginx_dir}/sites-enabled/default" + + export compatibility="intermediate" + ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" + ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" + ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" + ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" + + mkdir -p $nginx_conf_dir/default.d/ + cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/ + + # Restart nginx if conf looks good, otherwise display error and exit unhappy + nginx -t 2>/dev/null || { + nginx -t + exit 1 + } + systemctl restart nginx || { + journalctl --no-pager --lines=10 -u nginx >&2 + exit 1 + } + + exit 0 +} + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/nginx + + nginx_dir="${pending_dir}/etc/nginx" + nginx_conf_dir="${nginx_dir}/conf.d" + mkdir -p "$nginx_conf_dir" + + # install / update plain conf files + cp plain/* "$nginx_conf_dir" + # remove the panel overlay if this is specified in settings + panel_overlay=$(yunohost settings get 'ssowat.panel_overlay.enabled') + if [ "$panel_overlay" == "false" ] || [ "$panel_overlay" == "False" ]; then + echo "#" >"${nginx_conf_dir}/yunohost_panel.conf.inc" + fi + + # retrieve variables + main_domain=$(cat /etc/yunohost/current_host) + + # Support different strategy for security configurations + export redirect_to_https="$(yunohost settings get 'security.nginx.redirect_to_https')" + export compatibility="$(yunohost settings get 'security.nginx.compatibility')" + export experimental="$(yunohost settings get 'security.experimental.enabled')" + ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" + + cert_status=$(yunohost domain cert status --json) + + # add domain conf files + for domain in $YNH_DOMAINS; do + domain_conf_dir="${nginx_conf_dir}/${domain}.d" + mkdir -p "$domain_conf_dir" + mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/" + mkdir -p "$mail_autoconfig_dir" + + # NGINX server configuration + export domain + export domain_cert_ca=$(echo $cert_status \ + | jq ".certificates.\"$domain\".CA_type" \ + | tr -d '"') + + ynh_render_template "server.tpl.conf" "${nginx_conf_dir}/${domain}.conf" + ynh_render_template "autoconfig.tpl.xml" "${mail_autoconfig_dir}/config-v1.1.xml" + + touch "${domain_conf_dir}/yunohost_local.conf" # Clean legacy conf files + + done + + export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.allowlist.enabled) + if [ "$webadmin_allowlist_enabled" == "True" ]; then + export webadmin_allowlist=$(yunohost settings get security.webadmin.allowlist) + fi + ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc" + ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc" + ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf" + mkdir -p $nginx_conf_dir/default.d/ + cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/ + + # remove old domain conf files + conf_files=$(ls -1 /etc/nginx/conf.d \ + | awk '/^[^\.]+\.[^\.]+.*\.conf$/ { print $1 }') + for file in $conf_files; do + domain=${file%.conf} + [[ $YNH_DOMAINS =~ $domain ]] \ + || touch "${nginx_conf_dir}/${file}" + done + + # remove old mail-autoconfig files + autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true) + for file in $autoconfig_files; do + domain=$(basename $(readlink -f $(dirname $file)/../..)) + [[ $YNH_DOMAINS =~ $domain ]] \ + || (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}") + done + + # disable default site + mkdir -p "${nginx_dir}/sites-enabled" + touch "${nginx_dir}/sites-enabled/default" +} + +do_post_regen() { + regen_conf_files=$1 + + [ -z "$regen_conf_files" ] && exit 0 + + # create NGINX conf directories for domains + for domain in $YNH_DOMAINS; do + mkdir -p "/etc/nginx/conf.d/${domain}.d" + done + + # Reload nginx if conf looks good, otherwise display error and exit unhappy + nginx -t 2>/dev/null || { + nginx -t + exit 1 + } + pgrep nginx && systemctl reload nginx || { + journalctl --no-pager --lines=10 -u nginx >&2 + exit 1 + } +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/19-postfix b/hooks/conf_regen/19-postfix new file mode 100755 index 000000000..177ea23e9 --- /dev/null +++ b/hooks/conf_regen/19-postfix @@ -0,0 +1,84 @@ +#!/bin/bash + +set -e + +. /usr/share/yunohost/helpers + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/postfix + + postfix_dir="${pending_dir}/etc/postfix" + mkdir -p "$postfix_dir" + + default_dir="${pending_dir}/etc/default/" + mkdir -p "$default_dir" + + # install plain conf files + cp plain/* "$postfix_dir" + + # prepare main.cf conf file + main_domain=$(cat /etc/yunohost/current_host) + + # Support different strategy for security configurations + export compatibility="$(yunohost settings get 'security.postfix.compatibility')" + + # Add possibility to specify a relay + # Could be useful with some isp with no 25 port open or more complex setup + export relay_port="" + export relay_user="" + export relay_host="$(yunohost settings get 'smtp.relay.host')" + if [ -n "${relay_host}" ]; then + relay_port="$(yunohost settings get 'smtp.relay.port')" + relay_user="$(yunohost settings get 'smtp.relay.user')" + relay_password="$(yunohost settings get 'smtp.relay.password')" + + # Avoid to display "Relay account paswword" to other users + touch ${postfix_dir}/sasl_passwd + chmod 750 ${postfix_dir}/sasl_passwd + # Avoid "postmap: warning: removing zero-length database file" + chown postfix ${pending_dir}/etc/postfix + chown postfix ${pending_dir}/etc/postfix/sasl_passwd + + cat <<<"[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" >${postfix_dir}/sasl_passwd + fi + export main_domain + export domain_list="$YNH_DOMAINS" + ynh_render_template "main.cf" "${postfix_dir}/main.cf" + ynh_render_template "sni" "${postfix_dir}/sni" + + cat postsrsd \ + | sed "s/{{ main_domain }}/${main_domain}/g" \ + | sed "s/{{ domain_list }}/${YNH_DOMAINS}/g" \ + >"${default_dir}/postsrsd" + + # adapt it for IPv4-only hosts + ipv6="$(yunohost settings get 'smtp.allow_ipv6')" + if [ "$ipv6" == "False" ] || [ ! -f /proc/net/if_inet6 ]; then + sed -i \ + 's/ \[::ffff:127.0.0.0\]\/104 \[::1\]\/128//g' \ + "${postfix_dir}/main.cf" + sed -i \ + 's/inet_interfaces = all/&\ninet_protocols = ipv4/' \ + "${postfix_dir}/main.cf" + fi +} + +do_post_regen() { + regen_conf_files=$1 + + if [ -e /etc/postfix/sasl_passwd ]; then + chmod 750 /etc/postfix/sasl_passwd* + chown postfix:root /etc/postfix/sasl_passwd* + postmap /etc/postfix/sasl_passwd + fi + + postmap -F hash:/etc/postfix/sni + + [[ -z "$regen_conf_files" ]] \ + || { systemctl restart postfix && systemctl restart postsrsd; } + +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/25-dovecot b/hooks/conf_regen/25-dovecot new file mode 100755 index 000000000..37c73b6d8 --- /dev/null +++ b/hooks/conf_regen/25-dovecot @@ -0,0 +1,67 @@ +#!/bin/bash + +set -e + +. /usr/share/yunohost/helpers + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/dovecot + + dovecot_dir="${pending_dir}/etc/dovecot" + mkdir -p "${dovecot_dir}/global_script" + + # copy simple conf files + cp dovecot-ldap.conf "${dovecot_dir}/dovecot-ldap.conf" + cp dovecot.sieve "${dovecot_dir}/global_script/dovecot.sieve" + + export pop3_enabled="$(yunohost settings get 'pop3.enabled')" + export main_domain=$(cat /etc/yunohost/current_host) + export domain_list="$YNH_DOMAINS" + + ynh_render_template "dovecot.conf" "${dovecot_dir}/dovecot.conf" + + # adapt it for IPv4-only hosts + if [ ! -f /proc/net/if_inet6 ]; then + sed -i \ + 's/^\(listen =\).*/\1 */' \ + "${dovecot_dir}/dovecot.conf" + fi + + mkdir -p "${dovecot_dir}/yunohost.d" + cp pre-ext.conf "${dovecot_dir}/yunohost.d" + cp post-ext.conf "${dovecot_dir}/yunohost.d" +} + +do_post_regen() { + regen_conf_files=$1 + + mkdir -p "/etc/dovecot/yunohost.d/pre-ext.d" + mkdir -p "/etc/dovecot/yunohost.d/post-ext.d" + + # create vmail user + id vmail >/dev/null 2>&1 \ + || adduser --system --ingroup mail --uid 500 vmail --home /var/vmail --no-create-home + + # Delete legacy home for vmail that existed in the past but was empty, poluting /home/ + [ ! -e /home/vmail ] || rmdir --ignore-fail-on-non-empty /home/vmail + + # fix permissions + chown -R vmail:mail /etc/dovecot/global_script + chmod 770 /etc/dovecot/global_script + chown root:mail /var/mail + chmod 1775 /var/mail + + [ -z "$regen_conf_files" ] && exit 0 + + # compile sieve script + [[ "$regen_conf_files" =~ dovecot\.sieve ]] && { + sievec /etc/dovecot/global_script/dovecot.sieve + chown -R vmail:mail /etc/dovecot/global_script + } + + systemctl restart dovecot +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/31-rspamd b/hooks/conf_regen/31-rspamd new file mode 100755 index 000000000..536aec7c2 --- /dev/null +++ b/hooks/conf_regen/31-rspamd @@ -0,0 +1,62 @@ +#!/bin/bash + +set -e + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/rspamd + + install -D -m 644 metrics.local.conf \ + "${pending_dir}/etc/rspamd/local.d/metrics.conf" + install -D -m 644 dkim_signing.conf \ + "${pending_dir}/etc/rspamd/local.d/dkim_signing.conf" + install -D -m 644 rspamd.sieve \ + "${pending_dir}/etc/dovecot/global_script/rspamd.sieve" +} + +do_post_regen() { + + ## + ## DKIM key generation + ## + + # create DKIM directory with proper permission + mkdir -p /etc/dkim + chown _rspamd /etc/dkim + + # create DKIM key for domains + for domain in $YNH_DOMAINS; do + domain_key="/etc/dkim/${domain}.mail.key" + [ ! -f "$domain_key" ] && { + # We use a 1024 bit size because nsupdate doesn't seem to be able to + # handle 2048... + opendkim-genkey --domain="$domain" \ + --selector=mail --directory=/etc/dkim -b 1024 + mv /etc/dkim/mail.private "$domain_key" + mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt" + } + done + + # fix DKIM keys permissions + chown _rspamd /etc/dkim/*.mail.key + chmod 400 /etc/dkim/*.mail.key + + [ ! -e /var/log/rspamd ] || chown -R _rspamd:_rspamd /var/log/rspamd + + regen_conf_files=$1 + [ -z "$regen_conf_files" ] && exit 0 + + # compile sieve script + [[ "$regen_conf_files" =~ rspamd\.sieve ]] && { + sievec /etc/dovecot/global_script/rspamd.sieve + chown -R vmail:mail /etc/dovecot/global_script + systemctl restart dovecot + } + + # Restart rspamd due to the upgrade + # https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html + systemctl -q restart rspamd.service +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/34-mysql b/hooks/conf_regen/34-mysql new file mode 100755 index 000000000..9ef8efe21 --- /dev/null +++ b/hooks/conf_regen/34-mysql @@ -0,0 +1,53 @@ +#!/bin/bash + +set -e +. /usr/share/yunohost/helpers + +if ! dpkg --list | grep -q 'ii *mariadb-server ' +then + echo 'mysql/mariadb is not installed, skipping' + exit 0 +fi + +do_pre_regen() { + pending_dir=$1 + + #cd /usr/share/yunohost/conf/mysql + + # Nothing to do +} + +do_post_regen() { + regen_conf_files=$1 + + if [[ ! -d /var/lib/mysql/mysql ]]; then + # dpkg-reconfigure will initialize mysql (if it ain't already) + # It enabled auth_socket for root, so no need to define any root password... + # c.f. : cat /var/lib/dpkg/info/mariadb-server-10.3.postinst | grep install_db -C3 + MYSQL_PKG="$(dpkg --list | sed -ne 's/^ii \(mariadb-server-[[:digit:].]\+\) .*$/\1/p')" + dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1 + + systemctl -q is-active mariadb.service \ + || systemctl start mariadb + + sleep 5 + + echo "" | mysql && echo "Can't connect to mysql using unix_socket auth ... something went wrong during initial configuration of mysql !?" >&2 + fi + + # mysql is supposed to be an alias to mariadb... but in some weird case is not + # c.f. https://forum.yunohost.org/t/mysql-ne-fonctionne-pas/11661 + # Playing with enable/disable allows to recreate the proper symlinks. + if [ ! -e /etc/systemd/system/mysql.service ]; then + systemctl stop mysql -q + systemctl disable mysql -q + systemctl disable mariadb -q + systemctl enable mariadb -q + systemctl is-active mariadb -q || systemctl start mariadb + fi + + [[ -z "$regen_conf_files" ]] \ + || systemctl restart mysql +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/35-postgresql b/hooks/conf_regen/35-postgresql new file mode 100755 index 000000000..0da0767cc --- /dev/null +++ b/hooks/conf_regen/35-postgresql @@ -0,0 +1,66 @@ +#!/bin/bash + +set -e +. /usr/share/yunohost/helpers + +if ! dpkg --list | grep -q "ii *postgresql-$PSQL_VERSION " +then + echo 'postgresql is not installed, skipping' + exit 0 +fi + +if [ ! -e "/etc/postgresql/$PSQL_VERSION" ] +then + ynh_die --message="It looks like postgresql was not properly configured ? /etc/postgresql/$PSQL_VERSION is missing ... Could be due to a locale issue, c.f.https://serverfault.com/questions/426989/postgresql-etc-postgresql-doesnt-exist" +fi + + +do_pre_regen() { + return 0 +} + +do_post_regen() { + regen_conf_files=$1 + + # Make sure postgresql is started and enabled + # (N.B. : to check the active state, we check the cluster state because + # postgresql could be flagged as active even though the cluster is in + # failed state because of how the service is configured..) + systemctl is-active postgresql@$PSQL_VERSION-main -q || ynh_systemd_action --service_name=postgresql --action=restart + systemctl is-enabled postgresql -q || systemctl enable postgresql --quiet + + # If this is the very first time, we define the root password + # and configure a few things + if [ ! -f "$PSQL_ROOT_PWD_FILE" ] || [ -z "$(cat $PSQL_ROOT_PWD_FILE)" ]; then + ynh_string_random >$PSQL_ROOT_PWD_FILE + fi + + sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$(cat $PSQL_ROOT_PWD_FILE)'" postgres + + # force all user to connect to local databases using hashed passwords + # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF + # Note: we can't use peer since YunoHost create users with nologin + # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user + local pg_hba=/etc/postgresql/$PSQL_VERSION/main/pg_hba.conf + ynh_replace_string --match_string="local\(\s*\)all\(\s*\)all\(\s*\)peer" --replace_string="local\1all\2all\3md5" --target_file="$pg_hba" + + ynh_systemd_action --service_name=postgresql --action=reload +} + +FORCE=${2:-0} +DRY_RUN=${3:-0} + +case "$1" in + pre) + do_pre_regen $4 + ;; + post) + do_post_regen $4 + ;; + *) + echo "hook called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/hooks/conf_regen/36-redis b/hooks/conf_regen/36-redis new file mode 100755 index 000000000..ac486f373 --- /dev/null +++ b/hooks/conf_regen/36-redis @@ -0,0 +1,13 @@ +#!/bin/bash + +do_pre_regen() { + : +} + +do_post_regen() { + # Enforce these damn permissions because for some reason in some weird cases + # they are spontaneously replaced by root:root -_- + chown -R redis:adm /var/log/redis +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/37-mdns b/hooks/conf_regen/37-mdns new file mode 100755 index 000000000..3a877970b --- /dev/null +++ b/hooks/conf_regen/37-mdns @@ -0,0 +1,69 @@ +#!/bin/bash + +set -e + +_generate_config() { + echo "domains:" + # Add yunohost.local (only if yunohost.local ain't already in ynh_domains) + if ! echo "$YNH_DOMAINS" | tr ' ' '\n' | grep -q --line-regexp 'yunohost.local' + then + echo " - yunohost.local" + fi + for domain in $YNH_DOMAINS; do + # Only keep .local domains (don't keep + [[ "$domain" =~ [^.]+\.[^.]+\.local$ ]] && echo "Subdomain $domain cannot be handled by Bonjour/Zeroconf/mDNS" >&2 + [[ "$domain" =~ ^[^.]+\.local$ ]] || continue + echo " - $domain" + done + if [[ -e /etc/yunohost/mdns.aliases ]] + then + for localalias in $(cat /etc/yunohost/mdns.aliases | grep -v "^ *$") + do + echo " - $localalias.local" + done + fi +} + +do_init_regen() { + do_pre_regen + do_post_regen /etc/systemd/system/yunomdns.service + systemctl enable yunomdns --quiet +} + +do_pre_regen() { + pending_dir="$1" + + cd /usr/share/yunohost/conf/mdns + mkdir -p ${pending_dir}/etc/systemd/system/ + cp yunomdns.service ${pending_dir}/etc/systemd/system/ + + getent passwd mdns &>/dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns + + mkdir -p ${pending_dir}/etc/yunohost + _generate_config >${pending_dir}/etc/yunohost/mdns.yml +} + +do_post_regen() { + regen_conf_files="$1" + + chown mdns:mdns /etc/yunohost/mdns.yml + + # If we changed the systemd ynh-override conf + if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/yunomdns.service$"; then + systemctl daemon-reload + fi + + systemctl disable avahi-daemon.socket --quiet --now 2>/dev/null || true + systemctl disable avahi-daemon --quiet --now 2>/dev/null || true + + # Legacy stuff to enable the new yunomdns service on legacy systems + if [[ -e /etc/avahi/avahi-daemon.conf ]] && grep -q 'yunohost' /etc/avahi/avahi-daemon.conf; then + systemctl enable yunomdns --now --quiet + sleep 2 + fi + + [[ -z "$regen_conf_files" ]] \ + || systemctl restart yunomdns +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/43-dnsmasq b/hooks/conf_regen/43-dnsmasq new file mode 100755 index 000000000..ec53d75bc --- /dev/null +++ b/hooks/conf_regen/43-dnsmasq @@ -0,0 +1,96 @@ +#!/bin/bash + +set -e +. /usr/share/yunohost/helpers + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/dnsmasq + + # create directory for pending conf + dnsmasq_dir="${pending_dir}/etc/dnsmasq.d" + mkdir -p "$dnsmasq_dir" + etcdefault_dir="${pending_dir}/etc/default" + mkdir -p "$etcdefault_dir" + + # add default conf files + cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq + + # add resolver file + cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf >${pending_dir}/etc/resolv.dnsmasq.conf + + # retrieve variables + ipv4=$(curl -s -4 https://ip.yunohost.org 2>/dev/null || true) + ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1' + ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true) + ynh_validate_ip6 "$ipv6" || ipv6='' + interfaces="$(ip -j addr show | jq -r '[.[].ifname]|join(" ")')" + wireless_interfaces="lo" + for dev in $(ls /sys/class/net); do + if [ -d "/sys/class/net/$dev/wireless" ] && grep -q "up" "/sys/class/net/$dev/operstate"; then + wireless_interfaces+=" $dev" + fi + done + + # General configuration + export wireless_interfaces + ynh_render_template "dnsmasq.conf.tpl" "${pending_dir}/etc/dnsmasq.conf" + + # add domain conf files + export interfaces + export ipv4 + export ipv6 + for domain in $YNH_DOMAINS; do + [[ ! $domain =~ \.local$ ]] || continue + export domain + ynh_render_template "domain.tpl" "${dnsmasq_dir}/${domain}" + done + + # remove old domain conf files + conf_files=$(ls -1 /etc/dnsmasq.d \ + | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }') + for domain in $conf_files; do + if [[ ! $YNH_DOMAINS =~ $domain ]] && [[ ! $domain =~ \.local$ ]] + then + touch "${dnsmasq_dir}/${domain}" + fi + done +} + +do_post_regen() { + regen_conf_files=$1 + + # Force permission (to cover some edge cases where root's umask is like 027 and then dnsmasq cant read this file) + chown 644 /etc/resolv.dnsmasq.conf + + # Fuck it, those domain/search entries from dhclient are usually annoying + # lying shit from the ISP trying to MiTM + if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf; then + if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null; then + sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient + fi + + grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-name "";' >>/etc/dhcp/dhclient.conf + grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-search "";' >>/etc/dhcp/dhclient.conf + grep -q '^supersede name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede name "";' >>/etc/dhcp/dhclient.conf + systemctl restart resolvconf + fi + + # Some stupid things like rabbitmq-server used by onlyoffice won't work if + # the *short* hostname doesn't exists in /etc/hosts -_- + short_hostname=$(hostname -s) + grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts + + [[ -n "$regen_conf_files" ]] || return 0 + + # Remove / disable services likely to conflict with dnsmasq + for SERVICE in systemd-resolved bind9; do + systemctl is-enabled $SERVICE &>/dev/null && systemctl disable $SERVICE 2>/dev/null + systemctl is-active $SERVICE &>/dev/null && systemctl stop $SERVICE + done + + systemctl restart dnsmasq +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/46-nsswitch b/hooks/conf_regen/46-nsswitch new file mode 100755 index 000000000..cc34d0277 --- /dev/null +++ b/hooks/conf_regen/46-nsswitch @@ -0,0 +1,25 @@ +#!/bin/bash + +set -e + +do_init_regen() { + do_pre_regen "" + systemctl restart unscd +} + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/nsswitch + + install -D -m 644 nsswitch.conf "${pending_dir}/etc/nsswitch.conf" +} + +do_post_regen() { + regen_conf_files=$1 + + [[ -z "$regen_conf_files" ]] \ + || systemctl restart unscd +} + +do_$1_regen ${@:2} diff --git a/hooks/conf_regen/52-fail2ban b/hooks/conf_regen/52-fail2ban new file mode 100755 index 000000000..8129e977d --- /dev/null +++ b/hooks/conf_regen/52-fail2ban @@ -0,0 +1,30 @@ +#!/bin/bash + +set -e + +. /usr/share/yunohost/helpers + +do_pre_regen() { + pending_dir=$1 + + cd /usr/share/yunohost/conf/fail2ban + + fail2ban_dir="${pending_dir}/etc/fail2ban" + mkdir -p "${fail2ban_dir}/filter.d" + mkdir -p "${fail2ban_dir}/jail.d" + + cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf" + cp jail.conf "${fail2ban_dir}/jail.conf" + + export ssh_port="$(yunohost settings get 'security.ssh.port')" + ynh_render_template "yunohost-jails.conf" "${fail2ban_dir}/jail.d/yunohost-jails.conf" +} + +do_post_regen() { + regen_conf_files=$1 + + [[ -z "$regen_conf_files" ]] \ + || systemctl reload fail2ban +} + +do_$1_regen ${@:2} diff --git a/data/hooks/post_user_create/ynh_multimedia b/hooks/post_user_create/ynh_multimedia similarity index 99% rename from data/hooks/post_user_create/ynh_multimedia rename to hooks/post_user_create/ynh_multimedia index 26282cdc9..5b4b31b88 100644 --- a/data/hooks/post_user_create/ynh_multimedia +++ b/hooks/post_user_create/ynh_multimedia @@ -1,7 +1,7 @@ #!/bin/bash user=$1 - + readonly MEDIA_GROUP=multimedia readonly MEDIA_DIRECTORY=/home/yunohost.multimedia diff --git a/data/hooks/post_user_delete/ynh_multimedia b/hooks/post_user_delete/ynh_multimedia similarity index 100% rename from data/hooks/post_user_delete/ynh_multimedia rename to hooks/post_user_delete/ynh_multimedia diff --git a/data/hooks/restore/05-conf_ldap b/hooks/restore/05-conf_ldap similarity index 80% rename from data/hooks/restore/05-conf_ldap rename to hooks/restore/05-conf_ldap index c2debe018..a9eb10b1c 100644 --- a/data/hooks/restore/05-conf_ldap +++ b/hooks/restore/05-conf_ldap @@ -14,11 +14,11 @@ die() { # Restore saved configuration and database [[ $state -ge 1 ]] \ - && (rm -rf /etc/ldap/slapd.d && - mv "${TMPDIR}/slapd.d" /etc/ldap/slapd.d) + && (rm -rf /etc/ldap/slapd.d \ + && mv "${TMPDIR}/slapd.d" /etc/ldap/slapd.d) [[ $state -ge 2 ]] \ - && (rm -rf /var/lib/ldap && - mv "${TMPDIR}/ldap" /var/lib/ldap) + && (rm -rf /var/lib/ldap \ + && mv "${TMPDIR}/ldap" /var/lib/ldap) chown -R openldap: /etc/ldap/slapd.d /var/lib/ldap systemctl start slapd @@ -38,7 +38,7 @@ cp -a "${backup_dir}/ldap.conf" /etc/ldap/ldap.conf || cp -a "${backup_dir}/slapd.conf" /etc/ldap/slapd.conf slapadd -F /etc/ldap/slapd.d -b cn=config \ -l "${backup_dir}/cn=config.master.ldif" \ - || die 1 "Unable to restore LDAP configuration" + || die 1 "Unable to restore LDAP configuration" chown -R openldap: /etc/ldap/slapd.d # Restore the database @@ -46,7 +46,7 @@ mv /var/lib/ldap "$TMPDIR" mkdir -p /var/lib/ldap slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org \ -l "${backup_dir}/dc=yunohost-dc=org.ldif" \ - || die 2 "Unable to restore LDAP database" + || die 2 "Unable to restore LDAP database" chown -R openldap: /var/lib/ldap systemctl start slapd diff --git a/data/hooks/restore/17-data_home b/hooks/restore/17-data_home similarity index 100% rename from data/hooks/restore/17-data_home rename to hooks/restore/17-data_home diff --git a/hooks/restore/18-data_multimedia b/hooks/restore/18-data_multimedia new file mode 100644 index 000000000..c3c349e7d --- /dev/null +++ b/hooks/restore/18-data_multimedia @@ -0,0 +1,11 @@ +#!/bin/bash + +# Exit hook on subcommand error or unset variable +set -eu + +# Source YNH helpers +source /usr/share/yunohost/helpers + +backup_dir="data/multimedia" + +ynh_restore_file --origin_path="${backup_dir}" --dest_path="/home/yunohost.multimedia" --not_mandatory diff --git a/data/hooks/restore/20-conf_ynh_settings b/hooks/restore/20-conf_ynh_settings similarity index 82% rename from data/hooks/restore/20-conf_ynh_settings rename to hooks/restore/20-conf_ynh_settings index 4c4c6ed5e..2d731bd54 100644 --- a/data/hooks/restore/20-conf_ynh_settings +++ b/hooks/restore/20-conf_ynh_settings @@ -2,7 +2,7 @@ backup_dir="$1/conf/ynh" cp -a "${backup_dir}/current_host" /etc/yunohost/current_host cp -a "${backup_dir}/firewall.yml" /etc/yunohost/firewall.yml -cp -a "${backup_dir}/domains" /etc/yunohost/domains +[ ! -d "${backup_dir}/domains" ] || cp -a "${backup_dir}/domains" /etc/yunohost/domains [ ! -e "${backup_dir}/settings.json" ] || cp -a "${backup_dir}/settings.json" "/etc/yunohost/settings.json" [ ! -d "${backup_dir}/dyndns" ] || cp -raT "${backup_dir}/dyndns" "/etc/yunohost/dyndns" [ ! -d "${backup_dir}/dkim" ] || cp -raT "${backup_dir}/dkim" "/etc/dkim" diff --git a/data/hooks/restore/21-conf_ynh_certs b/hooks/restore/21-conf_ynh_certs similarity index 100% rename from data/hooks/restore/21-conf_ynh_certs rename to hooks/restore/21-conf_ynh_certs diff --git a/data/hooks/restore/23-data_mail b/hooks/restore/23-data_mail similarity index 100% rename from data/hooks/restore/23-data_mail rename to hooks/restore/23-data_mail diff --git a/data/hooks/restore/27-data_xmpp b/hooks/restore/27-data_xmpp similarity index 100% rename from data/hooks/restore/27-data_xmpp rename to hooks/restore/27-data_xmpp diff --git a/data/hooks/restore/50-conf_manually_modified_files b/hooks/restore/50-conf_manually_modified_files similarity index 84% rename from data/hooks/restore/50-conf_manually_modified_files rename to hooks/restore/50-conf_manually_modified_files index 2d0943043..b23b95ec9 100644 --- a/data/hooks/restore/50-conf_manually_modified_files +++ b/hooks/restore/50-conf_manually_modified_files @@ -5,8 +5,7 @@ ynh_abort_if_errors YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files" cd "$YNH_CWD" -for file in $(cat ./manually_modified_files_list) -do +for file in $(cat ./manually_modified_files_list); do ynh_restore_file --origin_path="$file" --not_mandatory done diff --git a/locales/ca.json b/locales/ca.json index b29a94fb6..b8d7a6718 100644 --- a/locales/ca.json +++ b/locales/ca.json @@ -17,7 +17,6 @@ "app_install_files_invalid": "Aquests fitxers no es poden instal·lar", "app_make_default_location_already_used": "No es pot fer l'aplicació '{app}' l'aplicació per defecte en el domini «{domain}», ja que ja és utilitzat per '{other_app}'", "app_location_unavailable": "Aquesta URL no està disponible o entra en conflicte amb aplicacions ja instal·lades:\n{apps}", - "app_manifest_invalid": "Hi ha algun error amb el manifest de l'aplicació: {error}", "app_not_correctly_installed": "{app} sembla estar mal instal·lada", "app_not_installed": "No s'ha trobat {app} en la llista d'aplicacions instal·lades: {all_apps}", "app_not_properly_removed": "{app} no s'ha pogut suprimir correctament", @@ -132,7 +131,6 @@ "domains_available": "Dominis disponibles:", "done": "Fet", "downloading": "Descarregant...", - "dyndns_could_not_check_provide": "No s'ha pogut verificar si {provider} pot oferir {domain}.", "dyndns_could_not_check_available": "No s'ha pogut verificar la disponibilitat de {domain} a {provider}.", "dyndns_ip_update_failed": "No s'ha pogut actualitzar l'adreça IP al DynDNS", "dyndns_ip_updated": "S'ha actualitzat l'adreça IP al DynDNS", @@ -217,7 +215,6 @@ "mail_unavailable": "Aquesta adreça de correu està reservada i ha de ser atribuïda automàticament el primer usuari", "main_domain_change_failed": "No s'ha pogut canviar el domini principal", "main_domain_changed": "S'ha canviat el domini principal", - "migrations_cant_reach_migration_file": "No s'ha pogut accedir als fitxers de migració al camí «%s»", "migrations_list_conflict_pending_done": "No es pot utilitzar «--previous» i «--done» al mateix temps.", "migrations_loading_migration": "Carregant la migració {id}...", "migrations_migration_has_failed": "La migració {id} ha fallat, cancel·lant. Error: {exception}", @@ -226,7 +223,6 @@ "migrations_to_be_ran_manually": "La migració {id} s'ha de fer manualment. Aneu a Eines → Migracions a la interfície admin, o executeu «yunohost tools migrations run».", "migrations_need_to_accept_disclaimer": "Per fer la migració {id}, heu d'acceptar aquesta clàusula de no responsabilitat:\n---\n{disclaimer}\n---\nSi accepteu fer la migració, torneu a executar l'ordre amb l'opció «--accept-disclaimer».", "not_enough_disk_space": "No hi ha prou espai en «{path}»", - "packages_upgrade_failed": "No s'han pogut actualitzar tots els paquets", "pattern_backup_archive_name": "Ha de ser un nom d'arxiu vàlid amb un màxim de 30 caràcters, compost per caràcters alfanumèrics i -_. exclusivament", "pattern_domain": "Ha de ser un nom de domini vàlid (ex.: el-meu-domini.cat)", "pattern_email": "Ha de ser una adreça de correu vàlida, sense el símbol «+» (ex.: algu@domini.cat)", @@ -297,7 +293,6 @@ "service_disabled": "El servei «{service}» ja no començarà al arrancar el sistema.", "service_enable_failed": "No s'ha pogut fer que el servei «{service}» comenci automàticament a l'arrancada.\n\nRegistres recents: {logs}", "service_enabled": "El servei «{service}» començarà automàticament durant l'arrancada del sistema.", - "service_regen_conf_is_deprecated": "«yunohost service regen-conf» està desfasat! Utilitzeu «yunohost tools regen-conf» en el seu lloc.", "service_remove_failed": "No s'ha pogut eliminar el servei «{service}»", "service_removed": "S'ha eliminat el servei «{service}»", "service_reload_failed": "No s'ha pogut tornar a carregar el servei «{service}»\n\nRegistres recents: {logs}", @@ -316,15 +311,6 @@ "system_upgraded": "S'ha actualitzat el sistema", "system_username_exists": "El nom d'usuari ja existeix en la llista d'usuaris de sistema", "this_action_broke_dpkg": "Aquesta acció a trencat dpkg/APT (els gestors de paquets del sistema)... Podeu intentar resoldre el problema connectant-vos amb SSH i executant «sudo apt install --fix-broken» i/o «sudo dpkg --configure -a».", - "tools_upgrade_at_least_one": "Especifiqueu «apps», o «system»", - "tools_upgrade_cant_both": "No es poden actualitzar tant el sistema com les aplicacions al mateix temps", - "tools_upgrade_cant_hold_critical_packages": "No es poden mantenir els paquets crítics...", - "tools_upgrade_cant_unhold_critical_packages": "No es poden deixar de mantenir els paquets crítics...", - "tools_upgrade_regular_packages": "Actualitzant els paquets «normals» (no relacionats amb YunoHost)...", - "tools_upgrade_regular_packages_failed": "No s'han pogut actualitzar els paquets següents: {packages_list}", - "tools_upgrade_special_packages": "Actualitzant els paquets «especials» (relacionats amb YunoHost)...", - "tools_upgrade_special_packages_explanation": "Aquesta actualització especial continuarà en segon pla. No comenceu cap altra acció al servidor en els pròxims ~10 minuts (depèn de la velocitat del maquinari). Després d'això, pot ser que us hagueu de tornar a connectar a la interfície d'administració. Els registres de l'actualització estaran disponibles a Eines → Registres (a la interfície d'administració) o utilitzant «yunohost log list» (des de la línia d'ordres).", - "tools_upgrade_special_packages_completed": "Actualització dels paquets YunoHost acabada.\nPremeu [Enter] per tornar a la línia d'ordres", "unbackup_app": "{app} no es guardarà", "unexpected_error": "Hi ha hagut un error inesperat: {error}", "unlimit": "Sense quota", @@ -547,31 +533,7 @@ "restore_already_installed_apps": "No s'han pogut restaurar les següents aplicacions perquè ja estan instal·lades: {apps}", "app_packaging_format_not_supported": "No es pot instal·lar aquesta aplicació ja que el format del paquet no és compatible amb la versió de YunoHost del sistema. Hauríeu de considerar actualitzar el sistema.", "diagnosis_dns_try_dyndns_update_force": "La configuració DNS d'aquest domini hauria de ser gestionada automàticament per YunoHost. Si aquest no és el cas, podeu intentar forçar-ne l'actualització utilitzant yunohost dyndns update --force.", - "migration_0015_cleaning_up": "Netejant la memòria cau i els paquets que ja no són necessaris...", - "migration_0015_specific_upgrade": "Començant l'actualització dels paquets del sistema que s'han d'actualitzar de forma independent...", - "migration_0015_modified_files": "Tingueu en compte que s'han trobat els següents fitxers que es van modificar manualment i podria ser que es sobreescriguin durant l'actualització: {manually_modified_files}", - "migration_0015_problematic_apps_warning": "Tingueu en compte que s'han trobat les següents aplicacions que podrien ser problemàtiques. Sembla que aquestes aplicacions no s'han instal·lat des del catàleg d'aplicacions de YunoHost, o no estan marcades com «funcionant». En conseqüència, no es pot garantir que segueixin funcionant després de l'actualització: {problematic_apps}", - "migration_0015_general_warning": "Tingueu en compte que aquesta migració és una operació delicada. L'equip de YunoHost ha fet tots els possibles per revisar i testejar, però tot i això podria ser que la migració trenqui alguna part del sistema o algunes aplicacions.\n\nPer tant, està recomana:\n - Fer una còpia de seguretat de totes les dades o aplicacions crítiques. Més informació a https://yunohost.org/backup;\n - Ser pacient un cop comenci la migració: en funció de la connexió Internet i del maquinari, podria estar unes hores per actualitzar-ho tot.", - "migration_0015_system_not_fully_up_to_date": "El sistema no està completament al dia. Heu de fer una actualització normal abans de fer la migració a Buster.", - "migration_0015_not_enough_free_space": "Hi ha poc espai lliure a /var/! HI hauria d'haver un mínim de 1GB lliure per poder fer aquesta migració.", - "migration_0015_not_stretch": "La distribució actual de Debian no és Stretch!", - "migration_0015_yunohost_upgrade": "Començant l'actualització del nucli de YunoHost...", - "migration_0015_still_on_stretch_after_main_upgrade": "Alguna cosa ha anat malament durant la actualització principal, sembla que el sistema encara està en Debian Stretch", - "migration_0015_main_upgrade": "Començant l'actualització principal...", - "migration_0015_patching_sources_list": "Apedaçament de source.lists...", - "migration_0015_start": "Començant la migració a Buster", - "migration_description_0015_migrate_to_buster": "Actualitza els sistema a Debian Buster i YunoHost 4.x", "regenconf_need_to_explicitly_specify_ssh": "La configuració ssh ha estat modificada manualment, però heu d'especificar explícitament la categoria «ssh» amb --force per fer realment els canvis.", - "migration_0015_weak_certs": "S'han trobat els següents certificats que encara utilitzen algoritmes de signatura febles i s'han d'actualitzar per a ser compatibles amb la propera versió de nginx: {certs}", - "service_description_php7.3-fpm": "Executa aplicacions escrites en PHP amb NGINX", - "migration_0018_failed_to_reset_legacy_rules": "No s'ha pogut restaurar les regles legacy iptables: {error}", - "migration_0018_failed_to_migrate_iptables_rules": "No s'ha pogut migrar les regles legacy iptables a nftables: {error}", - "migration_0017_not_enough_space": "Feu suficient espai disponible en {path} per a realitzar la migració.", - "migration_0017_postgresql_11_not_installed": "PostgreSQL 9.6 està instal·lat, però postgreSQL 11 no? Potser que hagi passat alguna cosa rara en aquest sistema :(...", - "migration_0017_postgresql_96_not_installed": "PostgreSQL no està instal·lat en aquest sistema. No s'ha de realitzar cap operació.", - "migration_description_0018_xtable_to_nftable": "Migrar les regles del trànsit de xarxa al nou sistema nftable", - "migration_description_0017_postgresql_9p6_to_11": "Migrar les bases de dades de PosrgreSQL 9.6 a 11", - "migration_description_0016_php70_to_php73_pools": "Migrar els fitxers de configuració «pool» php7.0-fpm a php7.3", "global_settings_setting_backup_compress_tar_archives": "Comprimir els arxius (.tar.gz) en lloc d'arxius no comprimits (.tar) al crear noves còpies de seguretat. N.B.: activar aquesta opció permet fer arxius de còpia de seguretat més lleugers, però el procés inicial de còpia de seguretat serà significativament més llarg i més exigent a nivell de CPU.", "global_settings_setting_smtp_relay_host": "L'amfitrió de tramesa SMTP que s'ha d'utilitzar per enviar correus electrònics en lloc d'aquesta instància de YunoHost. És útil si esteu en una de les següents situacions: el port 25 està bloquejat per el vostre proveïdor d'accés a internet o proveïdor de servidor privat virtual, si teniu una IP residencial llistada a DUHL, si no podeu configurar el DNS invers o si el servidor no està directament exposat a internet i voleu utilitzar-ne un altre per enviar correus electrònics.", "unknown_main_domain_path": "Domini o ruta desconeguda per a «{app}». Heu d'especificar un domini i una ruta per a poder especificar una URL per al permís.", @@ -582,15 +544,10 @@ "permission_protected": "El permís {permission} està protegit. No podeu afegir o eliminar el grup visitants a o d'aquest permís.", "pattern_email_forward": "Ha de ser una adreça de correu vàlida, s'accepta el símbol «+» (per exemple, algu+etiqueta@exemple.cat)", "invalid_number": "Ha de ser una xifra", - "migration_0019_slapd_config_will_be_overwritten": "Sembla que heu modificat manualment la configuració sldap. Per a aquesta migració crítica, YunoHist necessita forçar l'actualització de la configuració sldap. Es crearà una còpia de seguretat dels fitxers originals a {conf_backup_folder}.", - "migration_0019_add_new_attributes_in_ldap": "Afegir nous atributs per als permisos en la base de dades LDAP", - "migration_description_0019_extend_permissions_features": "Amplia/refés el sistema de gestió dels permisos de l'aplicació", - "migrating_legacy_permission_settings": "Migració dels paràmetres de permisos antics...", "invalid_regex": "Regex no vàlid: «{regex}»", "global_settings_setting_smtp_relay_password": "Tramesa de la contrasenya d'amfitrió SMTP", "global_settings_setting_smtp_relay_user": "Tramesa de compte d'usuari SMTP", "global_settings_setting_smtp_relay_port": "Port de tramesa SMTP", - "domain_name_unknown": "Domini «{domain}» desconegut", "diagnosis_processes_killed_by_oom_reaper": "El sistema ha matat alguns processos recentment perquè s'ha quedat sense memòria. Això acostuma a ser un símptoma de falta de memòria en el sistema o d'un procés que consumeix massa memòria. Llista dels processos que s'han matat:\n{kills_summary}", "diagnosis_package_installed_from_sury_details": "Alguns paquets s'han instal·lat per equivocació des d'un repositori de tercers anomenat Sury. L'equip de YunoHost a millorat l'estratègia per a gestionar aquests paquets, però s'espera que algunes configuracions que han instal·lat aplicacions PHP7.3 a Stretch puguin tenir algunes inconsistències. Per a resoldre aquesta situació, hauríeu d'intentar executar la següent ordre: {cmd_to_fix}", "diagnosis_package_installed_from_sury": "Alguns paquets del sistema s'han de tornar a versions anteriors", diff --git a/locales/da.json b/locales/da.json new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/locales/da.json @@ -0,0 +1 @@ +{} diff --git a/locales/de.json b/locales/de.json index 199718c2b..c1b97104c 100644 --- a/locales/de.json +++ b/locales/de.json @@ -4,13 +4,12 @@ "admin_password_change_failed": "Ändern des Passworts nicht möglich", "admin_password_changed": "Das Administrator-Kennwort wurde geändert", "app_already_installed": "{app} ist schon installiert", - "app_argument_choice_invalid": "Wähle einen der folgenden Werte '{choices}' für das Argument '{name}'", + "app_argument_choice_invalid": "Wähle einen gültigen Wert für das Argument '{name}': '{value}' ist nicht unter den verfügbaren Auswahlmöglichkeiten ({choices})", "app_argument_invalid": "Wähle einen gültigen Wert für das Argument '{name}': {error}", "app_argument_required": "Argument '{name}' wird benötigt", "app_extraction_failed": "Installationsdateien konnten nicht entpackt werden", "app_id_invalid": "Falsche App-ID", "app_install_files_invalid": "Diese Dateien können nicht installiert werden", - "app_manifest_invalid": "Mit dem App-Manifest stimmt etwas nicht: {error}", "app_not_installed": "{app} konnte nicht in der Liste installierter Apps gefunden werden: {all_apps}", "app_removed": "{app} wurde entfernt", "app_sources_fetch_failed": "Quelldateien konnten nicht abgerufen werden, ist die URL korrekt?", @@ -72,7 +71,6 @@ "mail_forward_remove_failed": "Die Weiterleitungs-E-Mail '{mail}' konnte nicht gelöscht werden", "main_domain_change_failed": "Die Hauptdomain konnte nicht geändert werden", "main_domain_changed": "Die Hauptdomain wurde geändert", - "packages_upgrade_failed": "Konnte nicht alle Pakete aktualisieren", "pattern_backup_archive_name": "Muss ein gültiger Dateiname mit maximal 30 alphanumerischen sowie -_. Zeichen sein", "pattern_domain": "Muss ein gültiger Domainname sein (z.B. meine-domain.org)", "pattern_email": "Muss eine gültige E-Mail-Adresse ohne '+' Symbol sein (z.B. someone@example.com)", @@ -124,13 +122,13 @@ "upnp_disabled": "UPnP deaktiviert", "upnp_enabled": "UPnP aktiviert", "upnp_port_open_failed": "Port konnte nicht via UPnP geöffnet werden", - "user_created": "Benutzer erstellt", - "user_creation_failed": "Benutzer konnte nicht erstellt werden {user}: {error}", - "user_deleted": "Benutzer gelöscht", - "user_deletion_failed": "Benutzer konnte nicht gelöscht werden {user}: {error}", - "user_home_creation_failed": "Persönlicher Ordner des Benutzers konnte nicht erstellt werden", - "user_unknown": "Unbekannter Benutzer: {user}", - "user_update_failed": "Benutzer konnte nicht aktualisiert werden {user}: {error}", + "user_created": "Benutzer:in erstellt", + "user_creation_failed": "Benutzer:in konnte nicht erstellt werden {user}: {error}", + "user_deleted": "Benutzer:in gelöscht", + "user_deletion_failed": "Benutzer:in konnte nicht gelöscht werden {user}: {error}", + "user_home_creation_failed": "Persönlicher Ordner '{home}' des/der Benutzers:in konnte nicht erstellt werden", + "user_unknown": "Unbekannte:r Benutzer:in : {user}", + "user_update_failed": "Benutzer:in konnte nicht aktualisiert werden {user}: {error}", "user_updated": "Benutzerinformationen wurden aktualisiert", "yunohost_already_installed": "YunoHost ist bereits installiert", "yunohost_configured": "YunoHost ist nun konfiguriert", @@ -185,7 +183,6 @@ "experimental_feature": "Warnung: Der Maintainer hat diese Funktion als experimentell gekennzeichnet. Sie ist nicht stabil. Sie sollten sie nur verwenden, wenn Sie wissen, was Sie tun.", "dyndns_domain_not_provided": "Der DynDNS-Anbieter {provider} kann die Domäne(n) {domain} nicht bereitstellen.", "dyndns_could_not_check_available": "Konnte nicht überprüfen, ob {domain} auf {provider} verfügbar ist.", - "dyndns_could_not_check_provide": "Konnte nicht überprüft, ob {provider} die Domain(s) {domain} bereitstellen kann.", "domain_dns_conf_is_just_a_recommendation": "Dieser Befehl zeigt dir die *empfohlene* Konfiguration. Er konfiguriert *nicht* das DNS für dich. Es liegt in deiner Verantwortung, die DNS-Zone bei deinem DNS-Registrar nach dieser Empfehlung zu konfigurieren.", "dpkg_lock_not_available": "Dieser Befehl kann momentan nicht ausgeführt werden, da anscheinend ein anderes Programm die Sperre von dpkg (dem Systempaket-Manager) verwendet", "confirm_app_install_thirdparty": "WARNUNG! Diese Applikation ist nicht Teil des YunoHost-Applikationskatalogs. Das Installieren von Drittanbieterapplikationen könnte die Sicherheit und Integrität Ihres Systems beeinträchtigen. Sie sollten wahrscheinlich NICHT fortfahren, es sei denn, Sie wissen, was Sie tun. Es wird KEIN SUPPORT angeboten, wenn die Applikation nicht funktionieren oder Ihr System beschädigen sollte... Wenn Sie das Risiko trotzdem eingehen möchten, tippen Sie '{answers}'", @@ -281,22 +278,22 @@ "apps_catalog_obsolete_cache": "Der Cache des App-Katalogs ist leer oder veraltet.", "apps_catalog_update_success": "Der Apps-Katalog wurde aktualisiert!", "password_too_simple_1": "Das Passwort muss mindestens 8 Zeichen lang sein", - "diagnosis_everything_ok": "Alles schaut gut aus für {category}!", + "diagnosis_everything_ok": "Alles sieht OK aus für {category}!", "diagnosis_failed": "Kann Diagnose-Ergebnis für die Kategorie '{category}' nicht abrufen: {error}", "diagnosis_ip_connected_ipv4": "Der Server ist mit dem Internet über IPv4 verbunden!", "diagnosis_no_cache": "Kein Diagnose Cache aktuell für die Kategorie '{category}'", "diagnosis_ip_no_ipv4": "Der Server hat kein funktionierendes IPv4.", "diagnosis_ip_connected_ipv6": "Der Server ist mit dem Internet über IPv6 verbunden!", - "diagnosis_ip_no_ipv6": "Der Server hat kein funktionierendes IPv6.", + "diagnosis_ip_no_ipv6": "Der Server verfügt nicht über eine funktionierende IPv6-Adresse.", "diagnosis_ip_not_connected_at_all": "Der Server scheint überhaupt nicht mit dem Internet verbunden zu sein!?", "diagnosis_failed_for_category": "Diagnose fehlgeschlagen für die Kategorie '{category}': {error}", - "diagnosis_cache_still_valid": "(Der Cache für die Diagnose {category} ist immer noch gültig . Es wird momentan keine neue Diagnose durchgeführt!)", + "diagnosis_cache_still_valid": "(Cache noch gültig für {category} Diagnose. Es wird keine neue Diagnose durchgeführt!)", "diagnosis_cant_run_because_of_dep": "Kann Diagnose für {category} nicht ausführen während wichtige Probleme zu {dep} noch nicht behoben sind.", "diagnosis_found_errors_and_warnings": "Habe {errors} erhebliche(s) Problem(e) (und {warnings} Warnung(en)) in Verbindung mit {category} gefunden!", "diagnosis_ip_broken_dnsresolution": "Domänen-Namens-Auflösung scheint aus einem bestimmten Grund nicht zu funktionieren... Blockiert eine Firewall die DNS Anfragen?", "diagnosis_ip_broken_resolvconf": "Domänen-Namensauflösung scheint nicht zu funktionieren, was daran liegen könnte, dass in /etc/resolv.conf kein Eintrag auf 127.0.0.1 zeigt.", "diagnosis_ip_weird_resolvconf_details": "Die Datei /etc/resolv.conf muss ein Symlink auf /etc/resolvconf/run/resolv.conf sein, welcher auf 127.0.0.1 (dnsmasq) zeigt. Falls Sie die DNS-Resolver manuell konfigurieren möchten, bearbeiten Sie bitte /etc/resolv.dnsmasq.conf.", - "diagnosis_dns_good_conf": "Die DNS-Einträge für die Domäne {domain} (Kategorie {category}) sind korrekt konfiguriert", + "diagnosis_dns_good_conf": "DNS Einträge korrekt konfiguriert für die Domäne {domain} (Kategorie {category})", "diagnosis_ignored_issues": "(+ {nb_ignored} ignorierte(s) Problem(e))", "diagnosis_basesystem_hardware": "Server Hardware Architektur ist {virt} {arch}", "diagnosis_found_errors": "Habe {errors} erhebliche(s) Problem(e) in Verbindung mit {category} gefunden!", @@ -308,10 +305,7 @@ "backup_archive_cant_retrieve_info_json": "Die Informationen für das Archiv '{archive}' konnten nicht geladen werden... Die Datei info.json wurde nicht gefunden (oder ist kein gültiges json).", "app_packaging_format_not_supported": "Diese App kann nicht installiert werden da das Paketformat nicht von der YunoHost-Version unterstützt wird. Denken Sie darüber nach das System zu aktualisieren.", "certmanager_domain_not_diagnosed_yet": "Für die Domain {domain} gibt es noch keine Diagnose-Resultate. Bitte widerhole die Diagnose für die Kategorien 'DNS records' und 'Web' im Diagnose-Bereich um zu überprüfen ob die Domain für Let's Encrypt bereit ist. (Wenn du weißt was du tust, kannst du --no-checks benutzen, um diese Überprüfung zu überspringen.)", - "migration_0015_patching_sources_list": "sources.lists wird repariert...", - "migration_0015_start": "Start der Migration auf Buster", - "migration_description_0015_migrate_to_buster": "Auf Debian Buster und YunoHost 4.x upgraden", - "mail_unavailable": "Diese E-Mail Adresse ist reserviert und wird dem ersten Benutzer automatisch zugewiesen", + "mail_unavailable": "Diese E-Mail Adresse ist reserviert und wird dem/der ersten Benutzer:in automatisch zugewiesen", "diagnosis_services_conf_broken": "Die Konfiguration für den Dienst {service} ist fehlerhaft!", "diagnosis_services_running": "Dienst {service} läuft!", "diagnosis_domain_expires_in": "{domain} läuft in {days} Tagen ab.", @@ -319,9 +313,9 @@ "diagnosis_domain_expiration_success": "Ihre Domänen sind registriert und werden in nächster Zeit nicht ablaufen.", "diagnosis_domain_not_found_details": "Die Domäne {domain} existiert nicht in der WHOIS-Datenbank oder sie ist abgelaufen!", "diagnosis_domain_expiration_not_found": "Das Ablaufdatum einiger Domains kann nicht überprüft werden", - "diagnosis_dns_try_dyndns_update_force": "Die DNS-Konfiguration dieser Domain sollte automatisch von YunoHost verwaltet werden. Andernfalls können Sie mittels yunohost dyndns update --force ein Update erzwingen.", - "diagnosis_dns_point_to_doc": "Bitte schauen Sie in die Dokumentation unter https://yunohost.org/dns_config wenn Sie Hilfe bei der Konfiguration der DNS-Einträge brauchen.", - "diagnosis_dns_discrepancy": "Der folgende DNS-Eintrag scheint nicht den empfohlenen Einstellungen zu entsprechen:
Typ: {type}
Name: {name}
Aktueller Wert: {current}
Erwarteter Wert: {value}", + "diagnosis_dns_try_dyndns_update_force": "Die DNS-Konfiguration dieser Domäne sollte automatisch von YunoHost verwaltet werden. Andernfalls könntest Du mittels yunohost dyndns update --force ein Update erzwingen.", + "diagnosis_dns_point_to_doc": "Bitte schauen Sie in der Dokumentation unter https://yunohost.org/dns_config nach, wenn Sie Hilfe bei der Konfiguration der DNS-Einträge brauchen.", + "diagnosis_dns_discrepancy": "Der folgende DNS Eintrag scheint nicht den empfohlenen Einstellungen zu entsprechen:
Typ: {type}
Name: {name}
Aktueller Wert: {current}
Erwarteter Wert: {value}", "diagnosis_dns_missing_record": "Gemäß der empfohlenen DNS-Konfiguration sollten Sie einen DNS-Eintrag mit den folgenden Informationen hinzufügen.
Typ: {type}
Name: {name}
Wert: {value}", "diagnosis_dns_bad_conf": "Einige DNS-Einträge für die Domäne {domain} fehlen oder sind nicht korrekt (Kategorie {category})", "diagnosis_ip_local": "Lokale IP: {local}", @@ -335,7 +329,6 @@ "diagnosis_http_timeout": "Wartezeit wurde beim Versuch, von außen eine Verbindung zum Server aufzubauen, überschritten. Er scheint nicht erreichbar zu sein.
1. Die häufigste Ursache für dieses Problem ist daß der Port 80 (und 433) nicht richtig zu Ihrem Server weitergeleitet werden.
2. Sie sollten auch sicherstellen, daß der Dienst nginx läuft.
3. In komplexeren Umgebungen: Stellen Sie sicher, daß keine Firewall oder Reverse-Proxy stört.", "service_reloaded_or_restarted": "Der Dienst '{service}' wurde erfolgreich neu geladen oder gestartet", "service_restarted": "Der Dienst '{service}' wurde neu gestartet", - "service_regen_conf_is_deprecated": "'yunohost service regen-conf' ist veraltet! Bitte verwenden Sie stattdessen 'yunohost tools regen-conf'.", "certmanager_warning_subdomain_dns_record": "Die Subdomäne \"{subdomain}\" löst nicht zur gleichen IP Adresse auf wie \"{domain}\". Einige Funktionen sind nicht verfügbar bis du dies behebst und die Zertifikate neu erzeugst.", "diagnosis_ports_ok": "Port {port} ist von außen erreichbar.", "diagnosis_ram_verylow": "Das System hat nur {available} ({available_percent}%) RAM zur Verfügung! (von insgesamt {total})", @@ -351,14 +344,13 @@ "diagnosis_diskusage_low": "Der Speicher {mountpoint} (auf Gerät {device}) hat nur noch {free} ({free_percent}%) freien Speicherplatz (von insgesamt {total}). Seien Sie vorsichtig.", "diagnosis_ram_low": "Das System hat nur {available} ({available_percent}%) RAM zur Verfügung! (von insgesamt {total}). Seien Sie vorsichtig.", "service_reload_or_restart_failed": "Der Dienst '{service}' konnte nicht erneut geladen oder gestartet werden.\n\nKürzlich erstellte Logs des Dienstes: {logs}", - "diagnosis_domain_expiration_not_found_details": "Die WHOIS-Informationen für die Domäne {domain} scheint keine Informationen über das Ablaufdatum zu enthalten?", + "diagnosis_domain_expiration_not_found_details": "Die WHOIS-Informationen für die Domäne {domain} scheinen keine Informationen über das Ablaufdatum zu enthalten. Stimmt das?", "diagnosis_domain_expiration_warning": "Einige Domänen werden bald ablaufen!", "diagnosis_diskusage_ok": "Der Speicher {mountpoint} (auf Gerät {device}) hat immer noch {free} ({free_percent}%) freien Speicherplatz übrig(von insgesamt {total})!", "diagnosis_ram_ok": "Das System hat immer noch {available} ({available_percent}%) RAM zu Verfügung von {total}.", "diagnosis_swap_none": "Das System hat gar keinen Swap. Sie sollten sich überlegen mindestens {recommended} an Swap einzurichten, um Situationen zu verhindern, in welchen der RAM des Systems knapp wird.", "diagnosis_mail_ehlo_unreachable_details": "Konnte keine Verbindung zu Ihrem Server auf dem Port 25 herzustellen per IPv{ipversion}. Er scheint nicht erreichbar zu sein.
1. Das häufigste Problem ist, dass der Port 25 nicht richtig zu Ihrem Server weitergeleitet ist.
2. Sie sollten auch sicherstellen, dass der Postfix-Dienst läuft.
3. In komplexeren Umgebungen: Stellen Sie sicher, daß keine Firewall oder Reverse-Proxy stört.", "diagnosis_mail_ehlo_wrong": "Ein anderer SMTP-Server antwortet auf IPv{ipversion}. Ihr Server wird wahrscheinlich nicht in der Lage sein, E-Mails zu empfangen.", - "migration_description_0018_xtable_to_nftable": "Alte Netzwerkverkehrsregeln zum neuen nftable-System migrieren", "service_reload_failed": "Der Dienst '{service}' konnte nicht erneut geladen werden.\n\nKürzlich erstellte Logs des Dienstes: {logs}", "service_reloaded": "Der Dienst '{service}' wurde erneut geladen", "service_restart_failed": "Der Dienst '{service}' konnte nicht erneut gestartet werden.\n\nKürzlich erstellte Logs des Dienstes: {logs}", @@ -377,7 +369,7 @@ "ask_user_domain": "Domäne, welche für die E-Mail-Adresse und den XMPP-Account des Benutzers verwendet werden soll", "app_manifest_install_ask_is_public": "Soll diese Applikation für anonyme Benutzer:innen sichtbar sein?", "app_manifest_install_ask_admin": "Wählen Sie einen Administrator für diese Applikation", - "app_manifest_install_ask_path": "Wählen Sie den Pfad, in welchem die Applikation installiert werden soll", + "app_manifest_install_ask_path": "Wählen Sie den URL-Pfad (nach der Domäne), unter dem die Applikation installiert werden soll", "diagnosis_mail_blacklist_listed_by": "Ihre IP-Adresse oder Domäne {item} ist auf der Blacklist auf {blacklist_name}", "diagnosis_mail_blacklist_ok": "Die IP-Adressen und die Domänen, welche von diesem Server verwendet werden, scheinen nicht auf einer Blacklist zu sein", "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "Aktueller Reverse-DNS-Eintrag: {rdns_domain}
Erwarteter Wert: {ehlo_domain}", @@ -424,20 +416,19 @@ "group_cannot_be_deleted": "Die Gruppe {group} kann nicht manuell entfernt werden.", "group_cannot_edit_primary_group": "Die Gruppe '{group}' kann nicht manuell bearbeitet werden. Es ist die primäre Gruppe, welche dazu gedacht ist, nur einen spezifischen Benutzer zu enthalten.", "diagnosis_processes_killed_by_oom_reaper": "Das System hat einige Prozesse beendet, weil ihm der Arbeitsspeicher ausgegangen ist. Das passiert normalerweise, wenn das System ingesamt nicht genügend Arbeitsspeicher zur Verfügung hat oder wenn ein einzelner Prozess zu viel Speicher verbraucht. Zusammenfassung der beendeten Prozesse: \n{kills_summary}", - "diagnosis_description_ports": "Offene Ports", + "diagnosis_description_ports": "Geöffnete Ports", "additional_urls_already_added": "Zusätzliche URL '{url}' bereits hinzugefügt in der zusätzlichen URL für Berechtigung '{permission}'", "additional_urls_already_removed": "Zusätzliche URL '{url}' bereits entfernt in der zusätzlichen URL für Berechtigung '{permission}'", "app_label_deprecated": "Dieser Befehl ist veraltet! Bitte nutzen Sie den neuen Befehl 'yunohost user permission update' um das Applabel zu verwalten.", "diagnosis_http_hairpinning_issue_details": "Das ist wahrscheinlich aufgrund Ihrer ISP Box / Router. Als Konsequenz können Personen von ausserhalb Ihres Netzwerkes aber nicht von innerhalb Ihres lokalen Netzwerkes (wie wahrscheinlich Sie selber?) wie gewohnt auf Ihren Server zugreifen, wenn Sie ihre Domäne oder Ihre öffentliche IP verwenden. Sie können die Situation wahrscheinlich verbessern, indem Sie ein einen Blick in https://yunohost.org/dns_local_network werfen", - "diagnosis_http_nginx_conf_not_up_to_date": "Jemand hat anscheinend die Konfiguration von Nginx manuell geändert. Diese Änderung verhindert, dass YunoHost eine Diagnose durchführen kann, wenn er via HTTP erreichbar ist.", - "diagnosis_http_bad_status_code": "Anscheinend beantwortet ein anderes Gerät als Ihr Server die Anfrage (Vielleicht ihr Internetrouter).
1. Die häufigste Ursache ist, dass Port 80 (und 443) nicht richtig auf Ihren Server weitergeleitet wird.
2. Bei komplexeren Setups: Vergewissern Sie sich, dass keine Firewall und keine Reverse-Proxy interferieren.", + "diagnosis_http_nginx_conf_not_up_to_date": "Die Konfiguration von Nginx scheint für diese Domäne manuell geändert worden zu sein. Dies hindert YunoHost daran festzustellen, ob es über HTTP erreichbar ist.", + "diagnosis_http_bad_status_code": "Es sieht so aus als ob ein anderes Gerät (vielleicht dein Router/Modem) anstelle deines Servers antwortet.
1. Der häufigste Grund hierfür ist, dass Port 80 (und 443) nicht korrekt zu deinem Server weiterleiten.
2. Bei komplexeren Setups: prüfe ob deine Firewall oder Reverse-Proxy die Verbindung stören.", "diagnosis_never_ran_yet": "Sie haben kürzlich einen neuen YunoHost-Server installiert aber es gibt davon noch keinen Diagnosereport. Sie sollten eine Diagnose anstossen. Sie können das entweder vom Webadmin aus oder in der Kommandozeile machen. In der Kommandozeile verwenden Sie dafür den Befehl 'yunohost diagnosis run'.", "diagnosis_http_nginx_conf_not_up_to_date_details": "Um dieses Problem zu beheben, geben Sie in der Kommandozeile yunohost tools regen-conf nginx --dry-run --with-diff ein. Dieses Tool zeigt ihnen den Unterschied an. Wenn Sie damit einverstanden sind, können Sie mit yunohost tools regen-conf nginx --force die Änderungen übernehmen.", "diagnosis_backports_in_sources_list": "Sie haben anscheinend apt (den Paketmanager) für das Backports-Repository konfiguriert. Wir raten strikte davon ab, Pakete aus dem Backports-Repository zu installieren. Diese würden wahrscheinlich zu Instabilitäten und Konflikten führen. Es sei denn, Sie wissen was Sie tun.", "diagnosis_basesystem_hardware_model": "Das Servermodell ist {model}", - "domain_name_unknown": "Domäne '{domain}' unbekannt", - "group_user_not_in_group": "Der Benutzer {user} ist nicht in der Gruppe {group}", - "group_user_already_in_group": "Der Benutzer {user} ist bereits in der Gruppe {group}", + "group_user_not_in_group": "Benutzer:in {user} ist nicht in der Gruppe {group}", + "group_user_already_in_group": "Benutzer:in {user} ist bereits in der Gruppe {group}", "group_cannot_edit_visitors": "Die Gruppe \"Besucher\" kann nicht manuell editiert werden. Sie ist eine Sondergruppe und repräsentiert anonyme Besucher", "group_cannot_edit_all_users": "Die Gruppe \"all_users\" kann nicht manuell editiert werden. Sie ist eine Sondergruppe die dafür gedacht ist alle Benutzer in YunoHost zu halten", "group_already_exist_on_system_but_removing_it": "Die Gruppe {group} existiert bereits in den Systemgruppen, aber YunoHost wird sie entfernen...", @@ -459,8 +450,7 @@ "log_available_on_yunopaste": "Das Protokoll ist nun via {url} verfügbar", "log_app_action_run": "Führe Aktion der Applikation '{}' aus", "invalid_regex": "Ungültige Regex:'{regex}'", - "migration_description_0016_php70_to_php73_pools": "Migrieren der php7.0-fpm-Konfigurationsdateien zu php7.3", - "mailbox_disabled": "E-Mail für Benutzer {user} deaktiviert", + "mailbox_disabled": "E-Mail für Benutzer:in {user} deaktiviert", "log_tools_reboot": "Server neustarten", "log_tools_shutdown": "Server ausschalten", "log_tools_upgrade": "Systempakete aktualisieren", @@ -469,12 +459,12 @@ "log_domain_main_domain": "Mache '{}' zur Hauptdomäne", "log_user_permission_reset": "Zurücksetzen der Berechtigung '{}'", "log_user_permission_update": "Aktualisiere Zugriffe für Berechtigung '{}'", - "log_user_update": "Aktualisiere Information für Benutzer '{}'", + "log_user_update": "Aktualisiere Information für Benutzer:in '{}'", "log_user_group_update": "Aktualisiere Gruppe '{}'", "log_user_group_delete": "Lösche Gruppe '{}'", "log_user_group_create": "Erstelle Gruppe '{}'", - "log_user_delete": "Lösche Benutzer '{}'", - "log_user_create": "Füge Benutzer '{}' hinzu", + "log_user_delete": "Lösche Benutzer:in '{}'", + "log_user_create": "Füge Benutzer:in '{}' hinzu", "log_permission_url": "Aktualisiere URL, die mit der Berechtigung '{}' verknüpft ist", "log_permission_delete": "Lösche Berechtigung '{}'", "log_permission_create": "Erstelle Berechtigung '{}'", @@ -483,30 +473,10 @@ "log_domain_remove": "Entfernen der Domäne '{}' aus der Systemkonfiguration", "log_domain_add": "Hinzufügen der Domäne '{}' zur Systemkonfiguration", "log_remove_on_failed_install": "Entfernen von '{}' nach einer fehlgeschlagenen Installation", - "migration_0015_still_on_stretch_after_main_upgrade": "Etwas ist schiefgelaufen während dem Haupt-Upgrade. Das System scheint immer noch auf Debian Stretch zu laufen", - "migration_0015_yunohost_upgrade": "Beginne YunoHost-Core-Upgrade...", - "migration_description_0019_extend_permissions_features": "Erweitern und überarbeiten des Applikationsberechtigungs-Managementsystems", - "migrating_legacy_permission_settings": "Migrieren der Legacy-Berechtigungseinstellungen...", - "migration_description_0017_postgresql_9p6_to_11": "Migrieren der Datenbanken von PostgreSQL 9.6 nach 11", - "migration_0015_main_upgrade": "Beginne Haupt-Upgrade...", - "migration_0015_not_stretch": "Die aktuelle Debian-Distribution ist nicht Stretch!", - "migration_0015_not_enough_free_space": "Der freie Speicher in /var/ ist sehr gering! Sie sollten minimal 1GB frei haben, um diese Migration durchzuführen.", "domain_remove_confirm_apps_removal": "Wenn Sie diese Domäne löschen, werden folgende Applikationen entfernt:\n{apps}\n\nSind Sie sicher? [{answers}]", - "migration_0015_cleaning_up": "Bereinigung des Cache und der Pakete, welche nicht mehr benötigt werden...", - "migration_0017_postgresql_96_not_installed": "PostgreSQL wurde auf ihrem System nicht installiert. Nichts zu tun.", - "migration_0015_system_not_fully_up_to_date": "Ihr System ist nicht vollständig auf dem neuesten Stand. Bitte führen Sie ein reguläres Upgrade durch, bevor Sie die Migration auf Buster durchführen.", - "migration_0015_modified_files": "Bitte beachten Sie, dass die folgenden Dateien als manuell bearbeitet erkannt wurden und beim nächsten Upgrade überschrieben werden könnten: {manually_modified_files}", - "migration_0015_general_warning": "Bitte beachten Sie, dass diese Migration eine heikle Angelegenheit darstellt. Das YunoHost-Team hat alles unternommen, um sie zu testen und zu überarbeiten. Dennoch ist es möglich, dass diese Migration Teile des Systems oder Applikationen beschädigen könnte.\n\nDeshalb ist folgendes zu empfehlen:\n…- Führen Sie ein Backup aller kritischen Daten und Applikationen durch. Mehr unter https://yunohost.org/backup;\n…- Seien Sie geduldig nachdem Sie die Migration gestartet haben: Abhängig von Ihrer Internetverbindung und Ihrer Hardware kann es einige Stunden dauern, bis das Upgrade fertig ist.", - "migration_0015_problematic_apps_warning": "Bitte beachten Sie, dass folgende möglicherweise problematischen Applikationen auf Ihrer Installation erkannt wurden. Es scheint, als ob sie nicht aus dem YunoHost-Applikationskatalog installiert oder nicht als 'working' gekennzeichnet worden sind. Folglich kann nicht garantiert werden, dass sie nach dem Upgrade immer noch funktionieren: {problematic_apps}", - "migration_0015_specific_upgrade": "Start des Upgrades der Systempakete, deren Upgrade separat durchgeführt werden muss...", - "migration_0015_weak_certs": "Die folgenden Zertifikate verwenden immer noch schwache Signierungsalgorithmen und müssen aktualisiert werden um mit der nächsten Version von nginx kompatibel zu sein: {certs}", "migrations_pending_cant_rerun": "Diese Migrationen sind immer noch anstehend und können deshalb nicht erneut durchgeführt werden: {ids}", - "migration_0019_add_new_attributes_in_ldap": "Hinzufügen neuer Attribute für die Berechtigungen in der LDAP-Datenbank", "migrations_not_pending_cant_skip": "Diese Migrationen sind nicht anstehend und können deshalb nicht übersprungen werden: {ids}", - "migration_0018_failed_to_reset_legacy_rules": "Zurücksetzen der veralteten iptables-Regeln fehlgeschlagen: {error}", - "migration_0019_slapd_config_will_be_overwritten": "Es schaut aus, als ob Sie die slapd-Konfigurationsdatei manuell bearbeitet haben. Für diese kritische Migration muss das Update der slapd-Konfiguration erzwungen werden. Von der Originaldatei wird ein Backup gemacht in {conf_backup_folder}.", "migrations_success_forward": "Migration {id} abgeschlossen", - "migrations_cant_reach_migration_file": "Die Migrationsdateien konnten nicht aufgerufen werden im Verzeichnis '%s'", "migrations_dependencies_not_satisfied": "Führen Sie diese Migrationen aus: '{dependencies_id}', vor der Migration {id}.", "migrations_failed_to_load_migration": "Konnte Migration nicht laden {id}: {error}", "migrations_list_conflict_pending_done": "Sie können nicht '--previous' und '--done' gleichzeitig benützen.", @@ -516,9 +486,6 @@ "migrations_must_provide_explicit_targets": "Sie müssen konkrete Ziele angeben, wenn Sie '--skip' oder '--force-rerun' verwenden", "migrations_need_to_accept_disclaimer": "Um die Migration {id} durchzuführen, müssen Sie den Disclaimer akzeptieren.\n---\n{disclaimer}\n---\n Wenn Sie bestätigen, dass Sie die Migration durchführen wollen, wiederholen Sie bitte den Befehl mit der Option '--accept-disclaimer'.", "migrations_no_migrations_to_run": "Keine Migrationen durchzuführen", - "migration_0017_postgresql_11_not_installed": "PostgreSQL 9.6 ist installiert aber nicht postgreSQL 11? Etwas komisches ist Ihrem System zugestossen :(...", - "migration_0017_not_enough_space": "Stellen Siea ausreichend Speicherplatz im Verzeichnis {path} zur Verfügung um die Migration durchzuführen.", - "migration_0018_failed_to_migrate_iptables_rules": "Migration der veralteten iptables-Regeln zu nftables fehlgeschlagen: {error}", "migrations_exclusive_options": "'--auto', '--skip' und '--force-rerun' sind Optionen, die sich gegenseitig ausschliessen.", "migrations_no_such_migration": "Es existiert keine Migration genannt '{id}'", "migrations_running_forward": "Durchführen der Migrationen {id}...", @@ -541,14 +508,14 @@ "regenconf_file_kept_back": "Die Konfigurationsdatei '{conf}' sollte von \"regen-conf\" (Kategorie {category}) gelöscht werden, wurde aber beibehalten.", "regenconf_file_copy_failed": "Die neue Konfigurationsdatei '{new}' kann nicht nach '{conf}' kopiert werden", "regenconf_file_backed_up": "Die Konfigurationsdatei '{conf}' wurde unter '{backup}' gespeichert", - "permission_require_account": "Berechtigung {permission} ist nur für Benutzer mit einem Konto sinnvoll und kann daher nicht für Besucher aktiviert werden.", + "permission_require_account": "Berechtigung {permission} ist nur für Benutzer:innen mit einem Konto sinnvoll und kann daher nicht für Besucher:innen aktiviert werden.", "permission_protected": "Die Berechtigung ist geschützt. Sie können die Besuchergruppe nicht zu dieser Berechtigung hinzufügen oder daraus entfernen.", "permission_updated": "Berechtigung '{permission}' aktualisiert", "permission_update_failed": "Die Berechtigung '{permission}' kann nicht aktualisiert werden : {error}", "permission_not_found": "Berechtigung '{permission}' nicht gefunden", "permission_deletion_failed": "Entfernung der Berechtigung nicht möglich '{permission}': {error}", "permission_deleted": "Berechtigung '{permission}' gelöscht", - "permission_currently_allowed_for_all_users": "Diese Berechtigung wird derzeit allen Benutzern zusätzlich zu anderen Gruppen erteilt. Möglicherweise möchten Sie entweder die Berechtigung 'all_users' entfernen oder die anderen Gruppen entfernen, für die sie derzeit zulässig sind.", + "permission_currently_allowed_for_all_users": "Diese Berechtigung wird derzeit allen Benutzer:innen zusätzlich zu anderen Gruppen erteilt. Möglicherweise möchten Sie entweder die Berechtigung 'all_users' entfernen oder die anderen Gruppen entfernen, für die sie derzeit zulässig sind.", "permission_creation_failed": "Berechtigungserstellung nicht möglich '{permission}' : {error}", "permission_created": "Berechtigung '{permission}' erstellt", "permission_cannot_remove_main": "Entfernung einer Hauptberechtigung nicht genehmigt", @@ -572,7 +539,6 @@ "regex_with_only_domain": "Du kannst regex nicht als Domain verwenden, sondern nur als Pfad", "root_password_desynchronized": "Das Admin-Passwort wurde verändert, aber das Root-Passwort ist immer noch das alte!", "regenconf_need_to_explicitly_specify_ssh": "Die SSH-Konfiguration wurde manuell modifiziert, aber Sie müssen explizit die Kategorie 'SSH' mit --force spezifizieren, um die Änderungen tatsächlich anzuwenden.", - "migration_update_LDAP_schema": "Aktualisiere das LDAP-Schema...", "log_backup_create": "Erstelle ein Backup-Archiv", "diagnosis_sshd_config_inconsistent": "Es sieht aus, als ob der SSH-Port manuell geändert wurde in /etc/ssh/ssh_config. Seit YunoHost 4.2 ist eine neue globale Einstellung 'security.ssh.port' verfügbar um zu verhindern, dass die Konfiguration manuell verändert wird.", "diagnosis_sshd_config_insecure": "Die SSH-Konfiguration wurde scheinbar manuell geändert und ist unsicher, weil sie keine 'AllowGroups'- oder 'AllowUsers' -Direktiven für die Beschränkung des Zugriffs durch autorisierte Benutzer enthält.", @@ -582,18 +548,17 @@ "migration_ldap_rollback_success": "System-Rollback erfolgreich.", "migration_ldap_migration_failed_trying_to_rollback": "Migrieren war nicht möglich... Versuch, ein Rollback des Systems durchzuführen.", "migration_ldap_backup_before_migration": "Vor der eigentlichen Migration ein Backup der LDAP-Datenbank und der Applikations-Einstellungen erstellen.", - "migration_description_0020_ssh_sftp_permissions": "Unterstützung für SSH- und SFTP-Berechtigungen hinzufügen", "global_settings_setting_ssowat_panel_overlay_enabled": "Das SSOwat-Overlay-Panel aktivieren", "global_settings_setting_security_ssh_port": "SSH-Port", "diagnosis_sshd_config_inconsistent_details": "Bitte führen Sie yunohost settings set security.ssh.port -v YOUR_SSH_PORT aus, um den SSH-Port festzulegen, und prüfen Sie yunohost tools regen-conf ssh --dry-run --with-diff und yunohost tools regen-conf ssh --force um Ihre conf auf die YunoHost-Empfehlung zurückzusetzen.", "regex_incompatible_with_tile": "/!\\ Packagers! Für Berechtigung '{permission}' ist show_tile auf 'true' gesetzt und deshalb können Sie keine regex-URL als Hauptdomäne setzen", - "permission_cant_add_to_all_users": "Die Berechtigung {permission} konnte nicht allen Benutzern gegeben werden.", + "permission_cant_add_to_all_users": "Die Berechtigung {permission} konnte nicht allen Benutzer:innen gegeben werden.", "migration_ldap_can_not_backup_before_migration": "Das System-Backup konnte nicht abgeschlossen werden, bevor die Migration fehlschlug. Fehler: {error}", "service_description_fail2ban": "Schützt gegen Brute-Force-Angriffe und andere Angriffe aus dem Internet", "service_description_dovecot": "Ermöglicht es E-Mail-Clients auf Konten zuzugreifen (IMAP und POP3)", "service_description_dnsmasq": "Verarbeitet die Auflösung des Domainnamens (DNS)", "restore_backup_too_old": "Dieses Backup kann nicht wieder hergestellt werden, weil es von einer zu alten YunoHost Version stammt.", - "service_description_slapd": "Speichert Benutzer, Domains und verbundene Informationen", + "service_description_slapd": "Speichert Benutzer:innen, Domänen und verbundene Informationen", "service_description_rspamd": "Spamfilter und andere E-Mail-Merkmale", "service_description_redis-server": "Eine spezialisierte Datenbank für den schnellen Datenzugriff, die Aufgabenwarteschlange und die Kommunikation zwischen Programmen", "service_description_postfix": "Wird benutzt, um E-Mails zu senden und zu empfangen", @@ -603,32 +568,113 @@ "service_description_yunohost-firewall": "Verwaltet offene und geschlossene Ports zur Verbindung mit Diensten", "service_description_yunohost-api": "Verwaltet die Interaktionen zwischen der Weboberfläche von YunoHost und dem System", "service_description_ssh": "Ermöglicht die Verbindung zu Ihrem Server über ein Terminal (SSH-Protokoll)", - "service_description_php7.3-fpm": "Führt in PHP geschriebene Apps mit NGINX aus", "server_reboot_confirm": "Der Server wird sofort heruntergefahren, sind Sie sicher? [{answers}]", "server_reboot": "Der Server wird neu gestartet", "server_shutdown_confirm": "Der Server wird sofort heruntergefahren, sind Sie sicher? [{answers}]", "server_shutdown": "Der Server wird heruntergefahren", "root_password_replaced_by_admin_password": "Ihr Root Passwort wurde durch Ihr Admin Passwort ersetzt.", - "show_tile_cant_be_enabled_for_regex": "Momentan können Sie 'show_tile' nicht aktivieren, weil die URL für die Berechtigung '{permission}' ein regulärer Ausdruck ist", + "show_tile_cant_be_enabled_for_regex": "Du kannst 'show_tile' momentan nicht aktivieren, weil die URL für die Berechtigung '{permission}' ein regulärer Ausdruck ist", "show_tile_cant_be_enabled_for_url_not_defined": "Momentan können Sie 'show_tile' nicht aktivieren, weil Sie zuerst eine URL für die Berechtigung '{permission}' definieren müssen", - "tools_upgrade_regular_packages_failed": "Konnte für die folgenden Pakete das Upgrade nicht durchführen: {packages_list}", - "tools_upgrade_regular_packages": "Momentan werden Upgrades für das System (YunoHost-unabhängige) Pakete durchgeführt...", - "tools_upgrade_cant_unhold_critical_packages": "Konnte für die kritischen Pakete das Flag 'hold' nicht aufheben...", - "tools_upgrade_cant_hold_critical_packages": "Konnte für die kritischen Pakete das Flag 'hold' nicht setzen...", - "tools_upgrade_cant_both": "Kann das Upgrade für das System und die Applikation nicht gleichzeitig durchführen", - "tools_upgrade_at_least_one": "Bitte geben Sie '--apps' oder '--system' an", "this_action_broke_dpkg": "Diese Aktion hat unkonfigurierte Pakete verursacht, welche durch dpkg/apt (die Paketverwaltungen dieses Systems) zurückgelassen wurden... Sie können versuchen dieses Problem zu lösen, indem Sie 'sudo apt install --fix-broken' und/oder 'sudo dpkg --configure -a' ausführen.", "update_apt_cache_failed": "Kann den Cache von APT (Debians Paketmanager) nicht aktualisieren. Hier ist ein Auszug aus den sources.list-Zeilen, die helfen könnten, das Problem zu identifizieren:\n{sourceslist}", - "tools_upgrade_special_packages_completed": "YunoHost-Paketupdate beendet.\nDrücke [Enter], um zurück zur Kommandoziele zu kommen", - "tools_upgrade_special_packages_explanation": "Das Upgrade \"special\" wird im Hintergrund ausgeführt. Bitte starten Sie keine anderen Aktionen auf Ihrem Server für die nächsten ~10 Minuten. Die Dauer ist abhängig von der Geschwindigkeit Ihres Servers. Nach dem Upgrade müssen Sie sich eventuell erneut in das Adminportal einloggen. Upgrade-Logs sind im Adminbereich unter Tools → Log verfügbar. Alternativ können Sie in der Befehlszeile 'yunohost log list' eingeben.", - "tools_upgrade_special_packages": "\"special\" (YunoHost-bezogene) Pakete werden jetzt aktualisiert...", "unknown_main_domain_path": "Unbekannte:r Domain oder Pfad für '{app}'. Du musst eine Domain und einen Pfad setzen, um die URL für Berechtigungen zu setzen.", - "yunohost_postinstall_end_tip": "Post-install ist fertig! Um das Setup abzuschliessen, wird empfohlen:\n - einen ersten Benutzer über den Bereich 'Benutzer*in' im Adminbereich hinzuzufügen (oder mit 'yunohost user create ' in der Kommandezeile);\n - mögliche Fehler zu diagnostizieren über den Bereich 'Diagnose' im Adminbereich (oder mit 'yunohost diagnosis run' in der Kommandozeile;\n - Die Abschnitte 'Install YunoHost' und 'Geführte Tour' im Administratorenhandbuch zu lesen: https://yunohost.org/admindoc.", - "user_already_exists": "Der Benutzer '{user}' ist bereits vorhanden", + "yunohost_postinstall_end_tip": "Post-install ist fertig! Um das Setup abzuschliessen, wird empfohlen:\n - einen ersten Benutzer über den Bereich 'Benutzer:in' im Adminbereich hinzuzufügen (oder mit 'yunohost user create ' in der Kommandezeile);\n - mögliche Fehler zu diagnostizieren über den Bereich 'Diagnose' im Adminbereich (oder mit 'yunohost diagnosis run' in der Kommandozeile;\n - Die Abschnitte 'Install YunoHost' und 'Geführte Tour' im Administratorenhandbuch zu lesen: https://yunohost.org/admindoc.", + "user_already_exists": "Benutzer:in '{user}' ist bereits vorhanden", "update_apt_cache_warning": "Beim Versuch den Cache für APT (Debians Paketmanager) zu aktualisieren, ist etwas schief gelaufen. Hier ist ein Dump der Zeilen aus sources.list, die Ihnen vielleicht dabei helfen, das Problem zu identifizieren:\n{sourceslist}", "global_settings_setting_security_webadmin_allowlist": "IP-Adressen, die auf die Verwaltungsseite zugreifen dürfen. Kommasepariert.", "global_settings_setting_security_webadmin_allowlist_enabled": "Erlaube nur bestimmten IP-Adressen den Zugriff auf die Verwaltungsseite.", "disk_space_not_sufficient_update": "Es ist nicht genügend Speicherplatz frei, um diese Applikation zu aktuallisieren", "disk_space_not_sufficient_install": "Es ist nicht genügend Speicherplatz frei, um diese Applikation zu installieren", - "danger": "Warnung:" + "danger": "Warnung:", + "diagnosis_apps_bad_quality": "Diese App ist im YunoHost-Applikationskatalog momentan als defekt gekennzeichnet. Es könnte sich dabei um einen vorübergehendes Problem handeln. Während der/die Betreuer:in versucht das Problem zu beheben, ist die Upgrade-Funktion für diese App gesperrt.", + "config_apply_failed": "Anwenden der neuen Konfiguration fehlgeschlagen: {error}", + "config_validate_date": "Sollte ein zulässiges Datum in folgendem Format sein: YYYY-MM-DD", + "config_validate_email": "Sollte eine zulässige eMail sein", + "config_forbidden_keyword": "Das Schlüsselwort '{keyword}' ist reserviert. Du kannst kein Konfigurationspanel mit einer Frage erstellen, die diese ID verwendet.", + "config_no_panel": "Kein Konfigurationspanel gefunden.", + "config_validate_color": "Sollte eine zulässige RGB hexadezimal Farbe sein", + "diagnosis_apps_issue": "Ein Problem für die App {app} ist aufgetreten", + "config_validate_time": "Sollte eine zulässige Zeit wie HH:MM sein", + "config_validate_url": "Sollte eine zulässige web URL sein", + "config_version_not_supported": "Konfigurationspanel Versionen '{version}' sind nicht unterstützt.", + "diagnosis_apps_allgood": "Alle installierten Apps berücksichtigen die grundlegenden Paketierungspraktiken", + "diagnosis_apps_broken": "Diese App ist im YunoHost-Applikationskatalog momentan als defekt gekennzeichnet. Es könnte sich dabei um einen vorübergehendes Problem handeln. Während der/die Betreuer:in versucht das Problem zu beheben, ist die Upgrade-Funktion für diese App gesperrt.", + "diagnosis_apps_not_in_app_catalog": "Diese App fehlt im Applikationskatalog von YunoHost oder wird in diesem nicht mehr angezeigt. Sie müssen im Betracht ziehen, sie zu deinstallieren, weil sie keine Aktualisierungen mehr erhält und die Integrität und die Sicherheit Ihres Systems kompromittieren könnte.", + "diagnosis_apps_outdated_ynh_requirement": "Die installierte Version dieser App erfordert nur YunoHost >=2.x, was darauf hinweist, dass die App nicht mehr auf dem Stand der guten Paketierungspraktiken und der empfohlenen Helper ist. Sie sollten wirklich in Betracht ziehen, sie zu aktualisieren.", + "diagnosis_description_apps": "Applikationen", + "config_cant_set_value_on_section": "Sie können nicht einen einzelnen Wert auf einen gesamten Konfigurationsbereich anwenden.", + "diagnosis_apps_deprecated_practices": "Die installierte Version dieser App verwendet immer noch gewisse veraltete Paketierungspraktiken. Sie sollten die App wirklich aktualisieren.", + "app_config_unable_to_apply": "Konnte die Werte des Konfigurations-Panels nicht anwenden.", + "app_config_unable_to_read": "Konnte die Werte des Konfigurations-Panels nicht auslesen.", + "config_unknown_filter_key": "Der Filterschlüssel '{filter_key}' ist inkorrekt.", + "diagnosis_dns_specialusedomain": "Die Domäne {domain} basiert auf einer Top-Level-Domain (TLD) für spezielle Zwecke wie .local oder .test und deshalb wird von ihr nicht erwartet, dass sie echte DNS-Einträge besitzt.", + "ldap_server_down": "LDAP-Server kann nicht erreicht werden", + "diagnosis_http_special_use_tld": "Die Domäne {domain} basiert auf einer Top-Level-Domäne (TLD) für besondere Zwecke wie .local oder .test und wird daher voraussichtlich nicht außerhalb des lokalen Netzwerks zugänglich sein.", + "domain_dns_push_managed_in_parent_domain": "Die automatische DNS-Konfiguration wird von der übergeordneten Domäne {parent_domain} verwaltet.", + "domain_dns_push_already_up_to_date": "Die Einträge sind auf dem neuesten Stand, es gibt nichts zu tun.", + "domain_config_auth_token": "Authentifizierungstoken", + "domain_config_auth_key": "Authentifizierungsschlüssel", + "domain_config_auth_secret": "Authentifizierungsgeheimnis", + "domain_config_api_protocol": "API-Protokoll", + "domain_unknown": "Domäne '{domain}' unbekannt", + "ldap_server_is_down_restart_it": "Der LDAP-Dienst ist nicht erreichbar, versuche ihn neu zu starten...", + "user_import_bad_file": "Deine CSV-Datei ist nicht korrekt formatiert und wird daher ignoriert, um einen möglichen Datenverlust zu vermeiden", + "global_settings_setting_security_experimental_enabled": "Aktiviere experimentelle Sicherheitsfunktionen (nur aktivieren, wenn Du weißt was Du tust!)", + "global_settings_setting_security_nginx_redirect_to_https": "HTTP-Anfragen standardmäßig auf HTTPs umleiten (NICHT AUSSCHALTEN, sofern Du nicht weißt was Du tust!)", + "user_import_missing_columns": "Die folgenden Spalten fehlen: {columns}", + "user_import_nothing_to_do": "Es muss kein:e Benutzer:in importiert werden", + "user_import_partial_failed": "Der Import von Benutzer:innen ist teilweise fehlgeschlagen", + "user_import_bad_line": "Ungültige Zeile {line}: {details}", + "other_available_options": "… und {n} weitere verfügbare Optionen, die nicht angezeigt werden", + "domain_dns_conf_special_use_tld": "Diese Domäne basiert auf einer Top-Level-Domäne (TLD) für besondere Zwecke wie .local oder .test und wird daher vermutlich keine eigenen DNS-Einträge haben.", + "domain_dns_registrar_managed_in_parent_domain": "Diese Domäne ist eine Unterdomäne von {parent_domain_link}. Die Konfiguration des DNS-Registrars sollte auf der Konfigurationsseite von {parent_domain} verwaltet werden.", + "domain_dns_registrar_not_supported": "YunoHost konnte den Registrar, der diese Domäne verwaltet, nicht automatisch erkennen. Du solltest die DNS-Einträge, wie unter https://yunohost.org/dns beschrieben, manuell konfigurieren.", + "domain_dns_registrar_supported": "YunoHost hat automatisch erkannt, dass diese Domäne von dem Registrar **{registrar}** verwaltet wird. Wenn Du möchtest, konfiguriert YunoHost diese DNS-Zone automatisch, wenn Du die entsprechenden API-Zugangsdaten zur Verfügung stellst. Auf dieser Seite erfährst Du, wie Du deine API-Anmeldeinformationen erhältst: https://yunohost.org/registar_api_{registrar}. (Du kannst deine DNS-Einträge auch, wie unter https://yunohost.org/dns beschrieben, manuell konfigurieren)", + "service_not_reloading_because_conf_broken": "Der Dienst '{name}' wird nicht neu geladen/gestartet, da seine Konfiguration fehlerhaft ist: {errors}", + "user_import_failed": "Der Import von Benutzer:innen ist komplett fehlgeschlagen", + "domain_dns_push_failed_to_list": "Auflistung der aktuellen Einträge über die API des Registrars fehlgeschlagen: {error}", + "domain_dns_pushing": "DNS-Einträge übertragen…", + "domain_dns_push_record_failed": "{action} für Eintrag {type}/{name} fehlgeschlagen: {error}", + "domain_dns_push_success": "DNS-Einträge aktualisiert!", + "domain_dns_push_failed": "Die Aktualisierung der DNS-Einträge ist leider gescheitert.", + "domain_dns_push_partial_failure": "DNS-Einträge teilweise aktualisiert: einige Warnungen/Fehler wurden gemeldet.", + "domain_config_features_disclaimer": "Bisher hat das Aktivieren/Deaktivieren von Mail- oder XMPP-Funktionen nur Auswirkungen auf die empfohlene und automatische DNS-Konfiguration, nicht auf die Systemkonfigurationen!", + "domain_config_mail_in": "Eingehende E-Mails", + "domain_config_mail_out": "Ausgehende E-Mails", + "domain_config_xmpp": "Instant Messaging (XMPP)", + "log_app_config_set": "Konfiguration auf die Applikation '{}' anwenden", + "log_user_import": "Benutzer:innen importieren", + "diagnosis_high_number_auth_failures": "In letzter Zeit gab es eine verdächtig hohe Anzahl von Authentifizierungsfehlern. Stelle sicher, dass fail2ban läuft und korrekt konfiguriert ist, oder verwende einen benutzerdefinierten Port für SSH, wie unter https://yunohost.org/security beschrieben.", + "domain_dns_registrar_yunohost": "Dies ist eine nohost.me / nohost.st / ynh.fr Domäne, ihre DNS-Konfiguration wird daher automatisch von YunoHost ohne weitere Konfiguration übernommen. (siehe Befehl 'yunohost dyndns update')", + "domain_config_auth_entrypoint": "API-Einstiegspunkt", + "domain_config_auth_application_key": "Anwendungsschlüssel", + "domain_config_auth_application_secret": "Geheimer Anwendungsschlüssel", + "domain_config_auth_consumer_key": "Consumer-Schlüssel", + "invalid_number_min": "Muss größer sein als {min}", + "invalid_number_max": "Muss kleiner sein als {max}", + "invalid_password": "Ungültiges Passwort", + "ldap_attribute_already_exists": "LDAP-Attribut '{attribute}' existiert bereits mit dem Wert '{value}'", + "user_import_success": "Benutzer:innen erfolgreich importiert", + "domain_registrar_is_not_configured": "Der DNS-Registrar ist noch nicht für die Domäne '{domain}' konfiguriert.", + "domain_dns_push_not_applicable": "Die automatische DNS-Konfiguration ist nicht auf die Domäne {domain} anwendbar. Konfiguriere die DNS-Einträge manuell, wie unter https://yunohost.org/dns_config beschrieben.", + "domain_dns_registrar_experimental": "Bislang wurde die Schnittstelle zur API von **{registrar}** noch nicht außreichend von der YunoHost-Community getestet und geprüft. Der Support ist **sehr experimentell** – sei vorsichtig!", + "domain_dns_push_failed_to_authenticate": "Die Authentifizierung bei der API des Registrars für die Domäne '{domain}' ist fehlgeschlagen. Wahrscheinlich sind die Anmeldedaten falsch? (Fehler: {error})", + "log_domain_config_set": "Konfiguration für die Domäne '{}' aktualisieren", + "log_domain_dns_push": "DNS-Einträge für die Domäne '{}' übertragen", + "service_description_yunomdns": "Ermöglicht es dir, deinen Server über 'yunohost.local' in deinem lokalen Netzwerk zu erreichen", + "migration_0021_start": "Beginnen von Migration zu Bullseye", + "migration_0021_patching_sources_list": "Aktualisieren der sources.lists...", + "migration_0021_main_upgrade": "Starte Hauptupdate...", + "migration_0021_still_on_buster_after_main_upgrade": "Irgendetwas ist während des Haupt-Upgrades schief gelaufen, das System scheint immer noch auf Debian Buster zu laufen", + "migration_0021_yunohost_upgrade": "Start des YunoHost Kern-Upgrades...", + "migration_0021_not_buster": "Die aktuelle Debian-Distribution ist nicht Buster!", + "migration_0021_not_enough_free_space": "Der freie Speicherplatz in /var/ ist ziemlich gering! Sie sollten mindestens 1 GB frei haben, um diese Migration durchzuführen.", + "migration_0021_system_not_fully_up_to_date": "Ihr System ist nicht ganz aktuell. Bitte führen Sie ein reguläres Update durch, bevor Sie die Migration zu Bullseye durchführen.", + "migration_0021_problematic_apps_warning": "Bitte beachten Sie, dass die folgenden möglicherweise problematischen installierten Anwendungen erkannt wurden. Es sieht so aus, als ob diese nicht aus dem YunoHost-App-Katalog installiert wurden oder nicht als \"funktionierend\" gekennzeichnet sind. Es kann daher nicht garantiert werden, dass sie nach dem Update noch funktionieren werden: {problematic_apps}", + "migration_0021_modified_files": "Bitte beachten Sie, dass die folgenden Dateien manuell geändert wurden und nach dem Update möglicherweise überschrieben werden: {manually_modified_files}", + "migration_0021_cleaning_up": "Bereinigung von Cache und Paketen nicht mehr nötig...", + "migration_0021_patch_yunohost_conflicts": "Patch anwenden, um das Konfliktproblem zu umgehen...", + "global_settings_setting_security_ssh_password_authentication": "Passwort-Authentifizierung für SSH zulassen", + "migration_description_0021_migrate_to_bullseye": "Upgrade des Systems auf Debian Bullseye und YunoHost 11.x", + "migration_0021_general_warning": "Bitte beachten Sie, dass diese Migration ein heikler Vorgang ist. Das YunoHost-Team hat sein Bestes getan, um sie zu überprüfen und zu testen, aber die Migration könnte immer noch Teile des Systems oder seiner Anwendungen beschädigen.\n\nEs wird daher empfohlen,:\n - Führen Sie ein Backup aller kritischen Daten oder Anwendungen durch. Mehr Informationen unter https://yunohost.org/backup;\n - Haben Sie Geduld, nachdem Sie die Migration gestartet haben: Je nach Internetverbindung und Hardware kann es bis zu ein paar Stunden dauern, bis alles aktualisiert ist." } \ No newline at end of file diff --git a/locales/en.json b/locales/en.json index 53b0a7e83..e902ecc2a 100644 --- a/locales/en.json +++ b/locales/en.json @@ -213,11 +213,11 @@ "diagnosis_http_could_not_diagnose_details": "Error: {error}", "diagnosis_http_hairpinning_issue": "Your local network does not seem to have hairpinning enabled.", "diagnosis_http_hairpinning_issue_details": "This is probably because of your ISP box / router. As a result, people from outside your local network will be able to access your server as expected, but not people from inside the local network (like you, probably?) when using the domain name or global IP. You may be able to improve the situation by having a look at https://yunohost.org/dns_local_network", - "diagnosis_http_special_use_tld": "Domain {domain} is based on a special-use top-level domain (TLD) such as .local or .test and is therefore not expected to be exposed outside the local network.", "diagnosis_http_nginx_conf_not_up_to_date": "This domain's nginx configuration appears to have been modified manually, and prevents YunoHost from diagnosing if it's reachable on HTTP.", "diagnosis_http_nginx_conf_not_up_to_date_details": "To fix the situation, inspect the difference with the command line using yunohost tools regen-conf nginx --dry-run --with-diff and if you're ok, apply the changes with yunohost tools regen-conf nginx --force.", "diagnosis_http_ok": "Domain {domain} is reachable through HTTP from outside the local network.", "diagnosis_http_partially_unreachable": "Domain {domain} appears unreachable through HTTP from outside the local network in IPv{failed}, though it works in IPv{passed}.", + "diagnosis_http_special_use_tld": "Domain {domain} is based on a special-use top-level domain (TLD) such as .local or .test and is therefore not expected to be exposed outside the local network.", "diagnosis_http_timeout": "Timed-out while trying to contact your server from outside. It appears to be unreachable.
1. The most common cause for this issue is that port 80 (and 443) are not correctly forwarded to your server.
2. You should also make sure that the service nginx is running
3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.", "diagnosis_http_unreachable": "Domain {domain} appears unreachable through HTTP from outside the local network.", "diagnosis_ignored_issues": "(+ {nb_ignored} ignored issue(s))", @@ -302,54 +302,54 @@ "domain_cannot_remove_main": "You cannot remove '{domain}' since it's the main domain, you first need to set another domain as the main domain using 'yunohost domain main-domain -n '; here is the list of candidate domains: {other_domains}", "domain_cannot_remove_main_add_new_one": "You cannot remove '{domain}' since it's the main domain and your only domain, you need to first add another domain using 'yunohost domain add ', then set is as the main domain using 'yunohost domain main-domain -n ' and then you can remove the domain '{domain}' using 'yunohost domain remove {domain}'.'", "domain_cert_gen_failed": "Could not generate certificate", + "domain_config_api_protocol": "API protocol", + "domain_config_auth_application_key": "Application key", + "domain_config_auth_application_secret": "Application secret key", + "domain_config_auth_consumer_key": "Consumer key", + "domain_config_auth_entrypoint": "API entry point", + "domain_config_auth_key": "Authentication key", + "domain_config_auth_secret": "Authentication secret", + "domain_config_auth_token": "Authentication token", + "domain_config_default_app": "Default app", + "domain_config_features_disclaimer": "So far, enabling/disabling mail or XMPP features only impact the recommended and automatic DNS configuration, not system configurations!", + "domain_config_mail_in": "Incoming emails", + "domain_config_mail_out": "Outgoing emails", + "domain_config_xmpp": "Instant messaging (XMPP)", "domain_created": "Domain created", "domain_creation_failed": "Unable to create domain {domain}: {error}", "domain_deleted": "Domain deleted", "domain_deletion_failed": "Unable to delete domain {domain}: {error}", "domain_dns_conf_is_just_a_recommendation": "This command shows you the *recommended* configuration. It does not actually set up the DNS configuration for you. It is your responsability to configure your DNS zone in your registrar according to this recommendation.", "domain_dns_conf_special_use_tld": "This domain is based on a special-use top-level domain (TLD) such as .local or .test and is therefore not expected to have actual DNS records.", + "domain_dns_push_already_up_to_date": "Records already up to date, nothing to do.", + "domain_dns_push_failed": "Updating the DNS records failed miserably.", + "domain_dns_push_failed_to_authenticate": "Failed to authenticate on registrar's API for domain '{domain}'. Most probably the credentials are incorrect? (Error: {error})", + "domain_dns_push_failed_to_list": "Failed to list current records using the registrar's API: {error}", + "domain_dns_push_managed_in_parent_domain": "The automatic DNS configuration feature is managed in the parent domain {parent_domain}.", + "domain_dns_push_not_applicable": "The automatic DNS configuration feature is not applicable to domain {domain}. You should manually configure your DNS records following the documentation at https://yunohost.org/dns_config.", + "domain_dns_push_partial_failure": "DNS records partially updated: some warnings/errors were reported.", + "domain_dns_push_record_failed": "Failed to {action} record {type}/{name} : {error}", + "domain_dns_push_success": "DNS records updated!", + "domain_dns_pushing": "Pushing DNS records...", + "domain_dns_registrar_experimental": "So far, the interface with **{registrar}**'s API has not been properly tested and reviewed by the YunoHost community. Support is **very experimental** - be careful!", + "domain_dns_registrar_managed_in_parent_domain": "This domain is a subdomain of {parent_domain_link}. DNS registrar configuration should be managed in {parent_domain}'s configuration panel.", + "domain_dns_registrar_not_supported": "YunoHost could not automatically detect the registrar handling this domain. You should manually configure your DNS records following the documentation at https://yunohost.org/dns.", + "domain_dns_registrar_supported": "YunoHost automatically detected that this domain is handled by the registrar **{registrar}**. If you want, YunoHost will automatically configure this DNS zone, if you provide it with the appropriate API credentials. You can find documentation on how to obtain your API credentials on this page: https://yunohost.org/registar_api_{registrar}. (You can also manually configure your DNS records following the documentation at https://yunohost.org/dns )", + "domain_dns_registrar_yunohost": "This domain is a nohost.me / nohost.st / ynh.fr and its DNS configuration is therefore automatically handled by YunoHost without any further configuration. (see the 'yunohost dyndns update' command)", "domain_dyndns_already_subscribed": "You have already subscribed to a DynDNS domain", "domain_dyndns_root_unknown": "Unknown DynDNS root domain", "domain_exists": "The domain already exists", "domain_hostname_failed": "Unable to set new hostname. This might cause an issue later (it might be fine).", - "domain_name_unknown": "Domain '{domain}' unknown", + "domain_registrar_is_not_configured": "The registrar is not yet configured for domain {domain}.", "domain_remove_confirm_apps_removal": "Removing this domain will remove those applications:\n{apps}\n\nAre you sure you want to do that? [{answers}]", "domain_uninstall_app_first": "Those applications are still installed on your domain:\n{apps}\n\nPlease uninstall them using 'yunohost app remove the_app_id' or move them to another domain using 'yunohost app change-url the_app_id' before proceeding to domain removal", - "domain_registrar_is_not_configured": "The registrar is not yet configured for domain {domain}.", - "domain_dns_push_not_applicable": "The automatic DNS configuration feature is not applicable to domain {domain}. You should manually configure your DNS records following the documentation at https://yunohost.org/dns_config.", - "domain_dns_push_managed_in_parent_domain": "The automatic DNS configuration feature is managed in the parent domain {parent_domain}.", - "domain_dns_registrar_managed_in_parent_domain": "This domain is a subdomain of {parent_domain_link}. DNS registrar configuration should be managed in {parent_domain}'s configuration panel.", - "domain_dns_registrar_yunohost": "This domain is a nohost.me / nohost.st / ynh.fr and its DNS configuration is therefore automatically handled by YunoHost without any further configuration. (see the 'yunohost dyndns update' command)", - "domain_dns_registrar_not_supported": "YunoHost could not automatically detect the registrar handling this domain. You should manually configure your DNS records following the documentation at https://yunohost.org/dns.", - "domain_dns_registrar_supported": "YunoHost automatically detected that this domain is handled by the registrar **{registrar}**. If you want, YunoHost will automatically configure this DNS zone, if you provide it with the appropriate API credentials. You can find documentation on how to obtain your API credentials on this page: https://yunohost.org/registar_api_{registrar}. (You can also manually configure your DNS records following the documentation at https://yunohost.org/dns )", - "domain_dns_registrar_experimental": "So far, the interface with **{registrar}**'s API has not been properly tested and reviewed by the YunoHost community. Support is **very experimental** - be careful!", - "domain_dns_push_failed_to_authenticate": "Failed to authenticate on registrar's API for domain '{domain}'. Most probably the credentials are incorrect? (Error: {error})", - "domain_dns_push_failed_to_list": "Failed to list current records using the registrar's API: {error}", - "domain_dns_push_already_up_to_date": "Records already up to date, nothing to do.", - "domain_dns_pushing": "Pushing DNS records...", - "domain_dns_push_record_failed": "Failed to {action} record {type}/{name} : {error}", - "domain_dns_push_success": "DNS records updated!", - "domain_dns_push_failed": "Updating the DNS records failed miserably.", - "domain_dns_push_partial_failure": "DNS records partially updated: some warnings/errors were reported.", - "domain_config_features_disclaimer": "So far, enabling/disabling mail or XMPP features only impact the recommended and automatic DNS configuration, not system configurations!", - "domain_config_mail_in": "Incoming emails", - "domain_config_mail_out": "Outgoing emails", - "domain_config_xmpp": "Instant messaging (XMPP)", - "domain_config_auth_token": "Authentication token", - "domain_config_auth_key": "Authentication key", - "domain_config_auth_secret": "Authentication secret", - "domain_config_api_protocol": "API protocol", - "domain_config_auth_entrypoint": "API entry point", - "domain_config_auth_application_key": "Application key", - "domain_config_auth_application_secret": "Application secret key", - "domain_config_auth_consumer_key": "Consumer key", + "domain_unknown": "Domain '{domain}' unknown", "domains_available": "Available domains:", "done": "Done", "downloading": "Downloading...", "dpkg_is_broken": "You cannot do this right now because dpkg/APT (the system package managers) seems to be in a broken state... You can try to solve this issue by connecting through SSH and running `sudo apt install --fix-broken` and/or `sudo dpkg --configure -a`.", "dpkg_lock_not_available": "This command can't be run right now because another program seems to be using the lock of dpkg (the system package manager)", "dyndns_could_not_check_available": "Could not check if {domain} is available on {provider}.", - "dyndns_could_not_check_provide": "Could not check if {provider} can provide {domain}.", "dyndns_domain_not_provided": "DynDNS provider {provider} cannot provide domain {domain}.", "dyndns_ip_update_failed": "Could not update IP address to DynDNS", "dyndns_ip_updated": "Updated your IP on DynDNS", @@ -383,6 +383,7 @@ "global_settings_setting_security_password_user_strength": "User password strength", "global_settings_setting_security_postfix_compatibility": "Compatibility vs. security tradeoff for the Postfix server. Affects the ciphers (and other security-related aspects)", "global_settings_setting_security_ssh_compatibility": "Compatibility vs. security tradeoff for the SSH server. Affects the ciphers (and other security-related aspects)", + "global_settings_setting_security_ssh_password_authentication": "Allow password authentication for SSH", "global_settings_setting_security_ssh_port": "SSH port", "global_settings_setting_security_webadmin_allowlist": "IP adresses allowed to access the webadmin. Comma-separated.", "global_settings_setting_security_webadmin_allowlist_enabled": "Allow only some IPs to access the webadmin.", @@ -420,15 +421,15 @@ "hook_name_unknown": "Unknown hook name '{name}'", "installation_complete": "Installation completed", "invalid_number": "Must be a number", - "invalid_number_min": "Must be greater than {min}", "invalid_number_max": "Must be lesser than {max}", + "invalid_number_min": "Must be greater than {min}", "invalid_password": "Invalid password", "invalid_regex": "Invalid regex:'{regex}'", "ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it", "iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it", + "ldap_attribute_already_exists": "LDAP attribute '{attribute}' already exists with value '{value}'", "ldap_server_down": "Unable to reach LDAP server", "ldap_server_is_down_restart_it": "The LDAP service is down, attempt to restart it...", - "ldap_attribute_already_exists": "LDAP attribute '{attribute}' already exists with value '{value}'", "log_app_action_run": "Run action of the '{}' app", "log_app_change_url": "Change the URL of the '{}' app", "log_app_config_set": "Apply config to the '{}' app", @@ -444,9 +445,9 @@ "log_does_exists": "There is no operation log with the name '{log}', use 'yunohost log list' to see all available operation logs", "log_domain_add": "Add '{}' domain into system configuration", "log_domain_config_set": "Update configuration for domain '{}'", + "log_domain_dns_push": "Push DNS records for domain '{}'", "log_domain_main_domain": "Make '{}' the main domain", "log_domain_remove": "Remove '{}' domain from system configuration", - "log_domain_dns_push": "Push DNS records for domain '{}'", "log_dyndns_subscribe": "Subscribe to a YunoHost subdomain '{}'", "log_dyndns_update": "Update the IP associated with your YunoHost subdomain '{}'", "log_help_to_get_failed_log": "The operation '{desc}' could not be completed. Please share the full log of this operation using the command 'yunohost log share {name}' to get help", @@ -485,41 +486,30 @@ "mailbox_used_space_dovecot_down": "The Dovecot mailbox service needs to be up if you want to fetch used mailbox space", "main_domain_change_failed": "Unable to change the main domain", "main_domain_changed": "The main domain has been changed", - "migrating_legacy_permission_settings": "Migrating legacy permission settings...", - "migration_0015_cleaning_up": "Cleaning up cache and packages not useful anymore...", - "migration_0015_general_warning": "Please note that this migration is a delicate operation. The YunoHost team did its best to review and test it, but the migration might still break parts of the system or its apps.\n\nTherefore, it is recommended to:\n - Perform a backup of any critical data or app. More info on https://yunohost.org/backup;\n - Be patient after launching the migration: Depending on your Internet connection and hardware, it might take up to a few hours for everything to upgrade.", - "migration_0015_main_upgrade": "Starting main upgrade...", - "migration_0015_modified_files": "Please note that the following files were found to be manually modified and might be overwritten following the upgrade: {manually_modified_files}", - "migration_0015_not_enough_free_space": "Free space is pretty low in /var/! You should have at least 1GB free to run this migration.", - "migration_0015_not_stretch": "The current Debian distribution is not Stretch!", - "migration_0015_patching_sources_list": "Patching the sources.lists...", - "migration_0015_problematic_apps_warning": "Please note that the following possibly problematic installed apps were detected. It looks like those were not installed from the YunoHost app catalog, or are not flagged as 'working'. Consequently, it cannot be guaranteed that they will still work after the upgrade: {problematic_apps}", - "migration_0015_specific_upgrade": "Starting upgrade of system packages that needs to be upgrade independently...", - "migration_0015_start": "Starting migration to Buster", - "migration_0015_still_on_stretch_after_main_upgrade": "Something went wrong during the main upgrade, the system appears to still be on Debian Stretch", - "migration_0015_system_not_fully_up_to_date": "Your system is not fully up-to-date. Please perform a regular upgrade before running the migration to Buster.", - "migration_0015_weak_certs": "The following certificates were found to still use weak signature algorithms and have to be upgraded to be compatible with the next version of nginx: {certs}", - "migration_0015_yunohost_upgrade": "Starting YunoHost core upgrade...", - "migration_0017_not_enough_space": "Make sufficient space available in {path} to run the migration.", - "migration_0017_postgresql_11_not_installed": "PostgreSQL 9.6 is installed, but not postgresql 11‽ Something weird might have happened on your system :(...", - "migration_0017_postgresql_96_not_installed": "PostgreSQL was not installed on your system. Nothing to do.", - "migration_0018_failed_to_migrate_iptables_rules": "Failed to migrate legacy iptables rules to nftables: {error}", - "migration_0018_failed_to_reset_legacy_rules": "Failed to reset legacy iptables rules: {error}", - "migration_0019_add_new_attributes_in_ldap": "Add new attributes for permissions in LDAP database", - "migration_0019_slapd_config_will_be_overwritten": "It looks like you manually edited the slapd configuration. For this critical migration, YunoHost needs to force the update of the slapd configuration. The original files will be backuped in {conf_backup_folder}.", - "migration_description_0015_migrate_to_buster": "Upgrade the system to Debian Buster and YunoHost 4.x", - "migration_description_0016_php70_to_php73_pools": "Migrate php7.0-fpm 'pool' conf files to php7.3", - "migration_description_0017_postgresql_9p6_to_11": "Migrate databases from PostgreSQL 9.6 to 11", - "migration_description_0018_xtable_to_nftable": "Migrate old network traffic rules to the new nftable system", - "migration_description_0019_extend_permissions_features": "Extend/rework the app permission management system", - "migration_description_0020_ssh_sftp_permissions": "Add SSH and SFTP permissions support", + "migration_0021_cleaning_up": "Cleaning up cache and packages not useful anymore...", + "migration_0021_general_warning": "Please note that this migration is a delicate operation. The YunoHost team did its best to review and test it, but the migration might still break parts of the system or its apps.\n\nTherefore, it is recommended to:\n - Perform a backup of any critical data or app. More info on https://yunohost.org/backup;\n - Be patient after launching the migration: Depending on your Internet connection and hardware, it might take up to a few hours for everything to upgrade.", + "migration_0021_main_upgrade": "Starting main upgrade...", + "migration_0021_modified_files": "Please note that the following files were found to be manually modified and might be overwritten following the upgrade: {manually_modified_files}", + "migration_0021_not_buster": "The current Debian distribution is not Buster!", + "migration_0021_not_enough_free_space": "Free space is pretty low in /var/! You should have at least 1GB free to run this migration.", + "migration_0021_patch_yunohost_conflicts": "Applying patch to workaround conflict issue...", + "migration_0021_patching_sources_list": "Patching the sources.lists...", + "migration_0021_problematic_apps_warning": "Please note that the following possibly problematic installed apps were detected. It looks like those were not installed from the YunoHost app catalog, or are not flagged as 'working'. Consequently, it cannot be guaranteed that they will still work after the upgrade: {problematic_apps}", + "migration_0021_start": "Starting migration to Bullseye", + "migration_0021_still_on_buster_after_main_upgrade": "Something went wrong during the main upgrade, the system appears to still be on Debian Buster", + "migration_0021_system_not_fully_up_to_date": "Your system is not fully up-to-date. Please perform a regular upgrade before running the migration to Bullseye.", + "migration_0021_yunohost_upgrade": "Starting YunoHost core upgrade...", + "migration_0023_not_enough_space": "Make sufficient space available in {path} to run the migration.", + "migration_0023_postgresql_11_not_installed": "PostgreSQL was not installed on your system. Nothing to do.", + "migration_0023_postgresql_13_not_installed": "PostgreSQL 11 is installed, but not PostgreSQL 13!? Something weird might have happened on your system :(...", + "migration_description_0021_migrate_to_bullseye": "Upgrade the system to Debian Bullseye and YunoHost 11.x", + "migration_description_0022_php73_to_php74_pools": "Migrate php7.3-fpm 'pool' conf files to php7.4", + "migration_description_0023_postgresql_11_to_13": "Migrate databases from PostgreSQL 11 to 13", "migration_ldap_backup_before_migration": "Creating a backup of LDAP database and apps settings prior to the actual migration.", "migration_ldap_can_not_backup_before_migration": "The backup of the system could not be completed before the migration failed. Error: {error}", "migration_ldap_migration_failed_trying_to_rollback": "Could not migrate... trying to roll back the system.", "migration_ldap_rollback_success": "System rolled back.", - "migration_update_LDAP_schema": "Updating LDAP schema...", "migrations_already_ran": "Those migrations are already done: {ids}", - "migrations_cant_reach_migration_file": "Could not access migrations files at the path '%s'", "migrations_dependencies_not_satisfied": "Run these migrations: '{dependencies_id}', before migration {id}.", "migrations_exclusive_options": "'--auto', '--skip', and '--force-rerun' are mutually exclusive options.", "migrations_failed_to_load_migration": "Could not load migration {id}: {error}", @@ -539,7 +529,6 @@ "not_enough_disk_space": "Not enough free space on '{path}'", "operation_interrupted": "The operation was manually interrupted?", "other_available_options": "... and {n} other available options not shown", - "packages_upgrade_failed": "Could not upgrade all the packages", "password_listed": "This password is among the most used passwords in the world. Please choose something more unique.", "password_too_simple_1": "The password needs to be at least 8 characters long", "password_too_simple_2": "The password needs to be at least 8 characters long and contain a digit, upper and lower characters", @@ -626,8 +615,8 @@ "service_description_metronome": "Manage XMPP instant messaging accounts", "service_description_mysql": "Stores app data (SQL database)", "service_description_nginx": "Serves or provides access to all the websites hosted on your server", - "service_description_php7.3-fpm": "Runs apps written in PHP with NGINX", "service_description_postfix": "Used to send and receive e-mails", + "service_description_postgresql": "Stores app data (SQL database)", "service_description_redis-server": "A specialized database used for rapid data access, task queue, and communication between programs", "service_description_rspamd": "Filters spam, and other e-mail related features", "service_description_slapd": "Stores users, domains and related info", @@ -640,7 +629,6 @@ "service_enable_failed": "Could not make the service '{service}' automatically start at boot.\n\nRecent service logs:{logs}", "service_enabled": "The service '{service}' will now be automatically started during system boots.", "service_not_reloading_because_conf_broken": "Not reloading/restarting service '{name}' because its configuration is broken: {errors}", - "service_regen_conf_is_deprecated": "'yunohost service regen-conf' is deprecated! Please use 'yunohost tools regen-conf' instead.", "service_reload_failed": "Could not reload the service '{service}'\n\nRecent service logs:{logs}", "service_reload_or_restart_failed": "Could not reload or restart the service '{service}'\n\nRecent service logs:{logs}", "service_reloaded": "Service '{service}' reloaded", @@ -661,15 +649,8 @@ "system_upgraded": "System upgraded", "system_username_exists": "Username already exists in the list of system users", "this_action_broke_dpkg": "This action broke dpkg/APT (the system package managers)... You can try to solve this issue by connecting through SSH and running `sudo apt install --fix-broken` and/or `sudo dpkg --configure -a`.", - "tools_upgrade_at_least_one": "Please specify 'apps', or 'system'", - "tools_upgrade_cant_both": "Cannot upgrade both system and apps at the same time", - "tools_upgrade_cant_hold_critical_packages": "Could not hold critical packages...", - "tools_upgrade_cant_unhold_critical_packages": "Could not unhold critical packages...", - "tools_upgrade_regular_packages": "Now upgrading 'regular' (non-yunohost-related) packages...", - "tools_upgrade_regular_packages_failed": "Could not upgrade packages: {packages_list}", - "tools_upgrade_special_packages": "Now upgrading 'special' (yunohost-related) packages...", - "tools_upgrade_special_packages_completed": "YunoHost package upgrade completed.\nPress [Enter] to get the command line back", - "tools_upgrade_special_packages_explanation": "The special upgrade will continue in the background. Please don't start any other actions on your server for the next ~10 minutes (depending on hardware speed). After this, you may have to re-log in to the webadmin. The upgrade log will be available in Tools → Log (in the webadmin) or using 'yunohost log list' (from the command-line).", + "tools_upgrade": "Upgrading system packages", + "tools_upgrade_failed": "Could not upgrade packages: {packages_list}", "unbackup_app": "{app} will not be saved", "unexpected_error": "Something unexpected went wrong: {error}", "unknown_main_domain_path": "Unknown domain or path for '{app}'. You need to specify a domain and a path to be able to specify a URL for permission.", @@ -705,4 +686,4 @@ "yunohost_installing": "Installing YunoHost...", "yunohost_not_installed": "YunoHost is not correctly installed. Please run 'yunohost tools postinstall'", "yunohost_postinstall_end_tip": "The post-install completed! To finalize your setup, please consider:\n - adding a first user through the 'Users' section of the webadmin (or 'yunohost user create ' in command-line);\n - diagnose potential issues through the 'Diagnosis' section of the webadmin (or 'yunohost diagnosis run' in command-line);\n - reading the 'Finalizing your setup' and 'Getting to know YunoHost' parts in the admin documentation: https://yunohost.org/admindoc." -} +} \ No newline at end of file diff --git a/locales/eo.json b/locales/eo.json index 8973e6344..255d873d8 100644 --- a/locales/eo.json +++ b/locales/eo.json @@ -51,7 +51,6 @@ "ask_new_path": "Nova vojo", "backup_custom_mount_error": "Propra rezerva metodo ne povis preterpasi la paŝon 'monto'", "app_upgrade_app_name": "Nun ĝisdatigu {app}...", - "app_manifest_invalid": "Io misas pri la aplika manifesto: {error}", "backup_cleaning_failed": "Ne povis purigi la provizoran rezervan dosierujon", "backup_creation_failed": "Ne povis krei la rezervan ar archiveivon", "backup_hook_unknown": "La rezerva hoko '{hook}' estas nekonata", @@ -115,7 +114,6 @@ "migrations_must_provide_explicit_targets": "Vi devas provizi eksplicitajn celojn kiam vi uzas '--skip' aŭ '--force-rerun'", "permission_update_failed": "Ne povis ĝisdatigi permeson '{permission}': {error}", "permission_updated": "Ĝisdatigita \"{permission}\" rajtigita", - "tools_upgrade_cant_hold_critical_packages": "Ne povis teni kritikajn pakojn…", "upnp_dev_not_found": "Neniu UPnP-aparato trovita", "pattern_password": "Devas esti almenaŭ 3 signoj longaj", "root_password_desynchronized": "La pasvorta administranto estis ŝanĝita, sed YunoHost ne povis propagandi ĉi tion al la radika pasvorto!", @@ -155,8 +153,6 @@ "permission_deletion_failed": "Ne povis forigi permeson '{permission}': {error}", "permission_not_found": "Permesita \"{permission}\" ne trovita", "restore_not_enough_disk_space": "Ne sufiĉa spaco (spaco: {free_space} B, necesa spaco: {needed_space} B, sekureca marĝeno: {margin} B)", - "tools_upgrade_regular_packages": "Nun ĝisdatigi 'regulajn' (ne-yunohost-rilatajn) pakojn …", - "tools_upgrade_special_packages_explanation": "La speciala ĝisdatigo daŭros en la fono. Bonvolu ne komenci aliajn agojn en via servilo dum la sekvaj ~ 10 minutoj (depende de la aparata rapideco). Post tio, vi eble devos re-ensaluti al la retadreso. La ĝisdatiga registro estos havebla en Iloj → Ensaluto (en la retadreso) aŭ uzante 'yunohost logliston' (el la komandlinio).", "unrestore_app": "App '{app}' ne restarigos", "group_created": "Grupo '{group}' kreita", "group_creation_failed": "Ne povis krei la grupon '{group}': {error}", @@ -169,7 +165,6 @@ "ip6tables_unavailable": "Vi ne povas ludi kun ip6tabloj ĉi tie. Vi estas en ujo aŭ via kerno ne subtenas ĝin", "mail_unavailable": "Ĉi tiu retpoŝta adreso estas rezervita kaj aŭtomate estos atribuita al la unua uzanto", "certmanager_domain_dns_ip_differs_from_public_ip": "La DNS 'A' rekordo por la domajno '{domain}' diferencas de la IP de ĉi tiu servilo. Se vi lastatempe modifis vian A-registron, bonvolu atendi ĝin propagandi (iuj DNS-disvastigaj kontroliloj estas disponeblaj interrete). (Se vi scias, kion vi faras, uzu '--no-checks' por malŝalti tiujn ĉekojn.)", - "tools_upgrade_special_packages_completed": "Plenumis la ĝisdatigon de pakaĵoj de YunoHost.\nPremu [Enter] por retrovi la komandlinion", "log_remove_on_failed_install": "Forigu '{}' post malsukcesa instalado", "regenconf_file_manually_modified": "La agorddosiero '{conf}' estis modifita permane kaj ne estos ĝisdatigita", "regenconf_would_be_updated": "La agordo estus aktualigita por la kategorio '{category}'", @@ -185,10 +180,8 @@ "upgrading_packages": "Ĝisdatigi pakojn…", "custom_app_url_required": "Vi devas provizi URL por altgradigi vian kutimon app {app}", "service_reload_failed": "Ne povis reŝargi la servon '{service}'\n\nLastatempaj servaj protokoloj: {logs}", - "packages_upgrade_failed": "Ne povis ĝisdatigi ĉiujn pakojn", "hook_json_return_error": "Ne povis legi revenon de hoko {path}. Eraro: {msg}. Kruda enhavo: {raw_content}", "dyndns_key_not_found": "DNS-ŝlosilo ne trovita por la domajno", - "tools_upgrade_regular_packages_failed": "Ne povis ĝisdatigi pakojn: {packages_list}", "service_start_failed": "Ne povis komenci la servon '{service}'\n\nLastatempaj servaj protokoloj: {logs}", "service_reloaded": "Servo '{service}' reŝargita", "system_upgraded": "Sistemo ĝisdatigita", @@ -202,7 +195,6 @@ "domain_dyndns_already_subscribed": "Vi jam abonis DynDNS-domajnon", "log_letsencrypt_cert_renew": "Renovigu '{}' Let's Encrypt atestilon", "backup_output_directory_required": "Vi devas provizi elirejan dosierujon por la sekurkopio", - "tools_upgrade_cant_unhold_critical_packages": "Ne povis malŝalti kritikajn pakojn…", "log_link_to_log": "Plena ŝtipo de ĉi tiu operacio: '{desc} '", "global_settings_cant_serialize_settings": "Ne eblis serialigi datumojn pri agordoj, motivo: {reason}", "backup_running_hooks": "Kurado de apogaj hokoj …", @@ -219,7 +211,6 @@ "pattern_mailbox_quota": "Devas esti grandeco kun la sufikso b/k/M/G/T aŭ 0 por ne havi kvoton", "user_deletion_failed": "Ne povis forigi uzanton {user}: {error}", "backup_with_no_backup_script_for_app": "La app '{app}' ne havas sekretan skripton. Ignorante.", - "service_regen_conf_is_deprecated": "'yunohost service regen-conf' malakceptas! Bonvolu uzi anstataŭe 'yunohost tools regen-conf'.", "global_settings_key_doesnt_exists": "La ŝlosilo '{settings_key}' ne ekzistas en la tutmondaj agordoj, vi povas vidi ĉiujn disponeblajn klavojn per uzado de 'yunohost settings list'", "dyndns_no_domain_registered": "Neniu domajno registrita ĉe DynDNS", "dyndns_could_not_check_available": "Ne povis kontroli ĉu {domain} haveblas sur {provider}.", @@ -235,16 +226,13 @@ "service_stop_failed": "Ne povis maldaŭrigi la servon '{service}'\n\nLastatempaj servaj protokoloj: {logs}", "unbackup_app": "App '{app}' ne konserviĝos", "updating_apt_cache": "Akirante haveblajn ĝisdatigojn por sistemaj pakoj…", - "tools_upgrade_at_least_one": "Bonvolu specifi '--apps' aŭ '--system'", "service_already_stopped": "La servo '{service}' jam ĉesis", - "tools_upgrade_cant_both": "Ne eblas ĝisdatigi ambaŭ sistemon kaj programojn samtempe", "restore_extracting": "Eltirante bezonatajn dosierojn el la ar theivo…", "upnp_port_open_failed": "Ne povis malfermi havenon per UPnP", "log_app_upgrade": "Ĝisdatigu la aplikon '{}'", "log_help_to_get_failed_log": "La operacio '{desc}' ne povis finiĝi. Bonvolu dividi la plenan ŝtipon de ĉi tiu operacio per la komando 'yunohost log share {name}' por akiri helpon", "port_already_closed": "Haveno {port} estas jam fermita por {ip_version} rilatoj", "hook_name_unknown": "Nekonata hoko-nomo '{name}'", - "dyndns_could_not_check_provide": "Ne povis kontroli ĉu {provider} povas provizi {domain}.", "restore_nothings_done": "Nenio estis restarigita", "log_tools_postinstall": "Afiŝu vian servilon YunoHost", "dyndns_unavailable": "La domajno '{domain}' ne haveblas.", @@ -256,7 +244,6 @@ "downloading": "Elŝutante …", "user_deleted": "Uzanto forigita", "service_enable_failed": "Ne povis fari la servon '{service}' aŭtomate komenci ĉe la ekkuro.\n\nLastatempaj servaj protokoloj: {logs}", - "tools_upgrade_special_packages": "Nun ĝisdatigi 'specialajn' (rilatajn al yunohost)…", "domains_available": "Haveblaj domajnoj:", "dyndns_registered": "Registrita domajno DynDNS", "service_description_fail2ban": "Protektas kontraŭ bruta forto kaj aliaj specoj de atakoj de la interreto", @@ -336,7 +323,6 @@ "regenconf_file_copy_failed": "Ne povis kopii la novan agordodosieron '{new}' al '{conf}'", "restore_already_installed_app": "App kun la ID '{app}' estas jam instalita", "mail_domain_unknown": "Nevalida retadreso por domajno '{domain}'. Bonvolu uzi domajnon administritan de ĉi tiu servilo.", - "migrations_cant_reach_migration_file": "Ne povis aliri migrajn dosierojn ĉe la vojo '% s'", "pattern_email": "Devas esti valida retpoŝta adreso (t.e. iu@ekzemple.com)", "mail_alias_remove_failed": "Ne povis forigi retpoŝton alias '{mail}'", "regenconf_file_manually_removed": "La dosiero de agordo '{conf}' estis forigita permane, kaj ne estos kreita", diff --git a/locales/es.json b/locales/es.json index 688db4546..62831fc1b 100644 --- a/locales/es.json +++ b/locales/es.json @@ -4,17 +4,16 @@ "admin_password_change_failed": "No se pudo cambiar la contraseña", "admin_password_changed": "La contraseña de administración fue cambiada", "app_already_installed": "{app} ya está instalada", - "app_argument_choice_invalid": "Use una de estas opciones «{choices}» para el argumento «{name}»", + "app_argument_choice_invalid": "Elija un valor válido para el argumento '{name}': '{value}' no se encuentra entre las opciones disponibles ({choices})", "app_argument_invalid": "Elija un valor válido para el argumento «{name}»: {error}", "app_argument_required": "Se requiere el argumento '{name} 7'", "app_extraction_failed": "No se pudieron extraer los archivos de instalación", "app_id_invalid": "ID de la aplicación no válida", "app_install_files_invalid": "Estos archivos no se pueden instalar", - "app_manifest_invalid": "Algo va mal con el manifiesto de la aplicación: {error}", "app_not_correctly_installed": "La aplicación {app} 8 parece estar incorrectamente instalada", "app_not_installed": "No se pudo encontrar «{app}» en la lista de aplicaciones instaladas: {all_apps}", "app_not_properly_removed": "La {app} 0 no ha sido desinstalada correctamente", - "app_removed": "Eliminado {app}", + "app_removed": "{app} Desinstalado", "app_requirements_checking": "Comprobando los paquetes necesarios para {app}…", "app_requirements_unmeet": "No se cumplen los requisitos para {app}, el paquete {pkgname} ({version}) debe ser {spec}", "app_sources_fetch_failed": "No se pudieron obtener los archivos con el código fuente, ¿es el URL correcto?", @@ -52,7 +51,7 @@ "domain_dyndns_already_subscribed": "Ya se ha suscrito a un dominio de DynDNS", "domain_dyndns_root_unknown": "Dominio raíz de DynDNS desconocido", "domain_exists": "El dominio ya existe", - "domain_uninstall_app_first": "Estas aplicaciones están todavía instaladas en tu dominio:\n{apps}\n\nPor favor desinstálalas utilizando yunohost app remove the_app_id o cambialas a otro dominio usando yunohost app change-url the_app_id antes de continuar con el borrado del dominio.", + "domain_uninstall_app_first": "Estas aplicaciones siguen instaladas en tu dominio:\n{apps}\n\nPor favor desinstálalas con el comando 'yunohost app remove the_app_id' o cámbialas a otro dominio usando /etc/resolv.conf no apunta a 127.0.0.1.", "diagnosis_dns_missing_record": "Según la configuración DNS recomendada, deberías añadir un registro DNS\ntipo: {type}\nnombre: {name}\nvalor: {value}", - "diagnosis_diskusage_low": "El almacenamiento {mountpoint} (en dispositivo {device}) solo tiene {free} ({free_percent}%) de espacio disponible. Ten cuidado.", - "diagnosis_services_bad_status_tip": "Puedes intentar reiniciar el servicio, y si no funciona, echar un vistazo a los logs del servicio usando 'yunohost service log {service}' o a través de la sección 'Servicios' en webadmin.", + "diagnosis_diskusage_low": "El almacenamiento {mountpoint} (en el dispositivo {device}) solo tiene {free} ({free_percent}%) de espacio disponible (de {total}). Ten cuidado.", + "diagnosis_services_bad_status_tip": "Puedes intentar reiniciar el servicio, y si no funciona, echar un vistazo a los logs del serviciode la administración web (desde la línea de comandos puedes hacerlo con yunohost service restart {service} y yunohost service log {service}).", "diagnosis_ip_connected_ipv6": "¡El servidor está conectado a internet a través de IPv6!", "diagnosis_ip_no_ipv6": "El servidor no cuenta con IPv6 funcional.", "diagnosis_ip_dnsresolution_working": "¡DNS no está funcionando!", @@ -443,8 +429,8 @@ "diagnosis_dns_bad_conf": "Algunos registros DNS faltan o están mal cofigurados para el dominio {domain} (categoría {category})", "diagnosis_dns_discrepancy": "El siguiente registro DNS parace que no sigue la configuración recomendada
Tipo: {type}
Nombre: {name}
Valor Actual: {current}
Valor esperado: {value}", "diagnosis_services_bad_status": "El servicio {service} está {status} :(", - "diagnosis_diskusage_verylow": "El almacenamiento {mountpoint} (en el dispositivo {device}) sólo tiene {free} ({free_percent}%) de espacio disponible. Deberías considerar la posibilidad de limpiar algo de espacio.", - "diagnosis_diskusage_ok": "¡El almacenamiento {mountpoint} (en el dispositivo {device}) todavía tiene {free} ({free_percent}%) de espacio libre!", + "diagnosis_diskusage_verylow": "El almacenamiento {mountpoint}(en el dispositivo {device}) sólo tiene {free} ({free_percent}%) de espacio disponible(de {total}). ¡Deberías limpiar algo de espacio!", + "diagnosis_diskusage_ok": "¡El almacenamiento {mountpoint} (en el dispositivo {device}) todavía tiene {free} ({free_percent}%) de espacio libre (de {total})!", "diagnosis_services_conf_broken": "¡Mala configuración para el servicio {service}!", "diagnosis_services_running": "¡El servicio {service} está en ejecución!", "diagnosis_failed": "Error al obtener el resultado del diagnóstico para la categoría '{category}': {error}", @@ -457,7 +443,7 @@ "diagnosis_swap_notsomuch": "Al sistema le queda solamente {total} de espacio de intercambio. Considera agregar al menos {recommended} para evitar que el sistema se quede sin memoria.", "diagnosis_mail_outgoing_port_25_blocked": "El puerto de salida 25 parece estar bloqueado. Intenta desbloquearlo con el panel de configuración de tu proveedor de servicios de Internet (o proveedor de halbergue). Mientras tanto, el servidor no podrá enviar correos electrónicos a otros servidores.", "diagnosis_regenconf_allgood": "Todos los archivos de configuración están en linea con la configuración recomendada!", - "diagnosis_regenconf_manually_modified": "El archivo de configuración {file} parece que ha sido modificado manualmente.", + "diagnosis_regenconf_manually_modified": "El archivo de configuración {file} parece que ha sido modificado manualmente.", "diagnosis_regenconf_manually_modified_details": "¡Esto probablemente esta BIEN si sabes lo que estás haciendo! YunoHost dejará de actualizar este fichero automáticamente... Pero ten en cuenta que las actualizaciones de YunoHost pueden contener importantes cambios que están recomendados. Si quieres puedes comprobar las diferencias mediante yunohost tools regen-conf {category} --dry-run --with-diff o puedes forzar el volver a las opciones recomendadas mediante el comando yunohost tools regen-conf {category} --force", "diagnosis_security_vulnerable_to_meltdown": "Pareces vulnerable a el colapso de vulnerabilidad critica de seguridad", "diagnosis_description_basesystem": "Sistema de base", @@ -506,11 +492,11 @@ "diagnosis_domain_expiration_not_found_details": "¿Parece que la información de WHOIS para el dominio {domain} no contiene información sobre la fecha de expiración?", "diagnosis_domain_not_found_details": "¡El dominio {domain} no existe en la base de datos WHOIS o ha expirado!", "diagnosis_domain_expiration_not_found": "No se pudo revisar la fecha de expiración para algunos dominios", - "diagnosis_dns_try_dyndns_update_force": "La configuración DNS de este dominio debería ser administrada automáticamente por Yunohost. Si no es el caso, puede intentar forzar una actualización ejecutando yunohost dyndns update --force.", + "diagnosis_dns_try_dyndns_update_force": "La configuración DNS de este dominio debería ser administrada automáticamente por YunoHost. Si no es el caso, puedes intentar forzar una actualización mediante yunohost dyndns update --force.", "diagnosis_ip_local": "IP Local: {local}", "diagnosis_ip_no_ipv6_tip": "Tener IPv6 funcionando no es obligatorio para que su servidor funcione, pero es mejor para la salud del Internet en general. IPv6 debería ser configurado automáticamente por el sistema o su proveedor si está disponible. De otra manera, es posible que tenga que configurar varias cosas manualmente, tal y como se explica en esta documentación https://yunohost.org/#/ipv6. Si no puede habilitar IPv6 o si parece demasiado técnico, puede ignorar esta advertencia con toda seguridad.", "diagnosis_display_tip": "Para ver los problemas encontrados, puede ir a la sección de diagnóstico del webadmin, o ejecutar 'yunohost diagnosis show --issues --human-readable' en la línea de comandos.", - "diagnosis_package_installed_from_sury_details": "Algunos paquetes fueron accidentalmente instalados de un repositorio de terceros llamado Sury. El equipo Yunohost ha mejorado la estrategia para manejar estos pquetes, pero es posible que algunas instalaciones con aplicaciones de PHP7.3 en Stretch puedan tener algunas inconsistencias. Para solucionar esta situación, debería intentar ejecutar el siguiente comando: {cmd_to_fix}", + "diagnosis_package_installed_from_sury_details": "Algunos paquetes fueron accidentalmente instalados de un repositorio de terceros llamado Sury. El equipo YunoHost ha mejorado la estrategia para manejar estos paquetes, pero es posible que algunas configuraciones que han instalado aplicaciones PHP7.3 al tiempo que presentes en Stretch tienen algunas inconsistencias. Para solucionar esta situación, deberías intentar ejecutar el siguiente comando: {cmd_to_fix}", "diagnosis_package_installed_from_sury": "Algunos paquetes del sistema deberían ser devueltos a una versión anterior", "certmanager_domain_not_diagnosed_yet": "Aún no hay resultado del diagnóstico para el dominio {domain}. Por favor ejecute el diagnóstico para las categorías 'Registros DNS' y 'Web' en la sección de diagnóstico para verificar si el dominio está listo para Let's Encrypt. (O si sabe lo que está haciendo, utilice '--no-checks' para deshabilitar esos chequeos.)", "backup_archive_corrupted": "Parece que el archivo de respaldo '{archive}' está corrupto : {error}", @@ -520,23 +506,10 @@ "app_manifest_install_ask_is_public": "¿Debería exponerse esta aplicación a visitantes anónimos?", "app_manifest_install_ask_admin": "Elija un usuario administrativo para esta aplicación", "app_manifest_install_ask_password": "Elija una contraseña de administración para esta aplicación", - "app_manifest_install_ask_path": "Seleccione el path donde esta aplicación debería ser instalada", + "app_manifest_install_ask_path": "Seleccione la ruta de URL (después del dominio) donde esta aplicación debería ser instalada", "app_manifest_install_ask_domain": "Seleccione el dominio donde esta app debería ser instalada", "app_label_deprecated": "Este comando está depreciado! Favor usar el nuevo comando 'yunohost user permission update' para administrar la etiqueta de app.", "app_argument_password_no_default": "Error al interpretar argumento de contraseña'{name}': El argumento de contraseña no puede tener un valor por defecto por razón de seguridad", - "migration_0015_not_enough_free_space": "¡El espacio es muy bajo en `/var/`! Deberías tener almenos 1Gb de espacio libre para ejecutar la migración.", - "migration_0015_not_stretch": "¡La distribución actual de Debian no es Stretch!", - "migration_0015_yunohost_upgrade": "Iniciando la actualización del núcleo de YunoHost...", - "migration_0015_still_on_stretch_after_main_upgrade": "Algo fue mal durante la actualización principal, el sistema parece que está todavía en Debian Stretch", - "migration_0015_main_upgrade": "Comenzando la actualización principal...", - "migration_0015_patching_sources_list": "Adaptando las sources.lists...", - "migration_0015_start": "Comenzando la migración a Buster", - "migration_description_0019_extend_permissions_features": "Extiende/rehaz el sistema de gestión de permisos de la aplicación", - "migration_description_0018_xtable_to_nftable": "Migra las viejas reglas de tráfico de red al nuevo sistema nftable", - "migration_description_0017_postgresql_9p6_to_11": "Migra las bases de datos de PostgreSQL 9.6 a 11", - "migration_description_0016_php70_to_php73_pools": "Migra el «pool» de ficheros php7.0-fpm a php7.3", - "migration_description_0015_migrate_to_buster": "Actualiza el sistema a Debian Buster y YunoHost 4.x", - "migrating_legacy_permission_settings": "Migrando los antiguos parámetros de permisos...", "invalid_regex": "Regex no valido: «{regex}»", "global_settings_setting_backup_compress_tar_archives": "Cuando se creen nuevas copias de respaldo, comprimir los archivos (.tar.gz) en lugar de descomprimir los archivos (.tar). N.B.: activar esta opción quiere decir que los archivos serán más pequeños pero que el proceso tardará más y utilizará más CPU.", "global_settings_setting_smtp_relay_password": "Clave de uso del SMTP", @@ -544,7 +517,6 @@ "global_settings_setting_smtp_relay_port": "Puerto de envio / relay SMTP", "global_settings_setting_smtp_relay_host": "El servidor relay de SMTP para enviar correo en lugar de esta instalación YunoHost. Útil si estás en una de estas situaciones: tu puerto 25 esta bloqueado por tu ISP o VPS, si estás en usado una IP marcada como residencial o DUHL, si no puedes configurar un DNS inverso o si el servidor no está directamente expuesto a internet y quieres utilizar otro servidor para enviar correos.", "global_settings_setting_smtp_allow_ipv6": "Permitir el uso de IPv6 para enviar y recibir correo", - "domain_name_unknown": "Dominio «{domain}» desconocido", "diagnosis_processes_killed_by_oom_reaper": "Algunos procesos fueron terminados por el sistema recientemente porque se quedó sin memoria. Típicamente es sintoma de falta de memoria o de un proceso que se adjudicó demasiada memoria.
Resumen de los procesos terminados:
\n{kills_summary}", "diagnosis_http_nginx_conf_not_up_to_date_details": "Para arreglar este asunto, estudia las diferencias mediante el comando yunohost tools regen-conf nginx --dry-run --with-diff y si te parecen bien aplica los cambios mediante yunohost tools regen-conf nginx --force.", "diagnosis_http_nginx_conf_not_up_to_date": "Parece que la configuración nginx de este dominio haya sido modificada manualmente, esto no deja que YunoHost pueda diagnosticar si es accesible mediante HTTP.", @@ -574,11 +546,53 @@ "diagnosis_mail_ehlo_bad_answer_details": "Podría ser debido a otra máquina en lugar de tu servidor.", "diagnosis_mail_ehlo_bad_answer": "Un servicio que no es SMTP respondió en el puerto 25 mediante IPv{ipversion}", "diagnosis_mail_ehlo_unreachable_details": "No pudo abrirse la conexión en el puerto 25 de tu servidor mediante IPv{ipversion}. Parece que no se puede contactar.
1. La causa más común en estos casos suele ser que el puerto 25 no está correctamente redireccionado a tu servidor.
2. También deberías asegurarte que el servicio postfix está en marcha.
3. En casos más complejos: asegurate que no estén interfiriendo ni el firewall ni el reverse-proxy.", - "diagnosis_mail_ehlo_unreachable": "El servidor de correo SMTP no puede contactarse desde el exterior mediante IPv{ipversion}. No puede recibir correos", + "diagnosis_mail_ehlo_unreachable": "El servidor de correo SMTP no puede contactarse desde el exterior mediante IPv{ipversion}. No puede recibir correos.", "diagnosis_mail_ehlo_ok": "¡El servidor de correo SMTP puede contactarse desde el exterior por lo que puede recibir correos!", "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Algunos proveedores de internet no le permitirán desbloquear el puerto 25 porque no les importa la Neutralidad de la Red.
- Algunos proporcionan una alternativa usando un relay como servidor de correo lo que implica que el relay podrá espiar tu trafico de correo.
- Una alternativa buena para la privacidad es utilizar una VPN *con una IP pública dedicada* para evitar estas limitaciones. Mira en https://yunohost.org/#/vpn_advantage
- Otra alternativa es cambiar de proveedor de inteernet a uno más amable con la Neutralidad de la Red", "diagnosis_backports_in_sources_list": "Parece que apt (el gestor de paquetes) está configurado para usar el repositorio backports. A menos que realmente sepas lo que estás haciendo, desaconsejamos absolutamente instalar paquetes desde backports, ya que pueden provocar comportamientos intestables o conflictos en el sistema.", "diagnosis_basesystem_hardware_model": "El modelo de servidor es {model}", "additional_urls_already_removed": "La URL adicional «{url}» ya se ha eliminado para el permiso «{permission}»", - "additional_urls_already_added": "La URL adicional «{url}» ya se ha añadido para el permiso «{permission}»" + "additional_urls_already_added": "La URL adicional «{url}» ya se ha añadido para el permiso «{permission}»", + "config_apply_failed": "Falló la aplicación de la nueva configuración: {error}", + "app_restore_script_failed": "Ha ocurrido un error dentro del script de restauración de aplicaciones", + "app_config_unable_to_apply": "No se pudieron aplicar los valores del panel configuración.", + "app_config_unable_to_read": "No se pudieron leer los valores del panel configuración.", + "backup_create_size_estimation": "El archivo contendrá aproximadamente {size} de datos.", + "config_cant_set_value_on_section": "No puede establecer un único valor en una sección de configuración completa.", + "diagnosis_http_special_use_tld": "Le dominio {domain} está basado en un dominio de primer nivel (TLD) de uso especial, como un .local o .test y no debería estar expuesto fuera de la red local.", + "domain_dns_push_failed": "La actualización de las entradas DNS ha fallado.", + "domain_dns_push_partial_failure": "Entradas DNS actualizadas parcialmente: algunas advertencias/errores reportados.", + "domain_unknown": "Dominio '{domain}' desconocido", + "diagnosis_high_number_auth_failures": "Ultimamente ha habido un gran número de errores de autenticación. Asegúrate de que Fail2Ban está ejecutándose y correctamente configurado, o usa un puerto SSH personalizado como se explica en https://yunohost.org/security.", + "diagnosis_sshd_config_inconsistent": "Parece que el puerto SSH ha sido modificado manualmente en /etc/ssh/sshd_config. Desde YunoHost 4.2, hay un nuevo parámetro global 'security.ssh.port' disponible para evitar modificar manualmente la configuración.", + "diagnosis_sshd_config_inconsistent_details": "Por favor ejecuta yunohost settings set security.ssh.port -v TU_PUERTO_SSH para definir el puerto SSH, y comprueba yunohost tools regen-conf ssh --dry-run --with-diff y yunohost tools regen-conf ssh --force para resetear tu configuración a las recomendaciones de YunoHost.", + "config_forbidden_keyword": "'{keyword}' es una palabra reservada, no puedes crear ni usar un panel de configuración con una pregunta que use esta id.", + "config_no_panel": "No se ha encontrado ningún panel de configuración.", + "config_unknown_filter_key": "La clave de filtrado '{filter_key}' es incorrecta.", + "config_validate_color": "Debe ser un valor hexadecimal RGB correcto", + "danger": "Peligro:", + "diagnosis_apps_issue": "Se ha detectado un problema con la aplicación {app}", + "diagnosis_description_apps": "Aplicaciones", + "diagnosis_rootfstotalspace_critical": "¡El sistema de ficheros raíz solo tiene un total de {space}! ¡Vas a quedarte sin espacio rápidamente! Se recomienda tener al menos 16GB para ese sistema de ficheros.", + "diagnosis_rootfstotalspace_warning": "¡El sistema de ficheros raíz solo tiene un total de {space}! Podría ser suficiente, pero cuidado, puedes rellenarlo rápidamente… Se recomienda tener al menos 16GB para el sistema de ficheros raíz.", + "diagnosis_apps_allgood": "Todas las aplicaciones instaladas respetan las prácticas básicas de empaquetado", + "config_validate_date": "Debe ser una fecha válida en formato AAAA-MM-DD", + "config_validate_email": "Debe ser una dirección de correo correcta", + "config_validate_time": "Debe ser una hora valida en formato HH:MM", + "config_validate_url": "Debe ser una URL válida", + "config_version_not_supported": "Las versiones del panel de configuración '{version}' no están soportadas.", + "domain_remove_confirm_apps_removal": "La supresión de este dominio también eliminará las siguientes aplicaciones:\n{apps}\n\n¿Seguro? [{answers}]", + "domain_registrar_is_not_configured": "El registrador aún no ha configurado el dominio {domain}.", + "diagnosis_apps_not_in_app_catalog": "Esta aplicación se encuentra ausente o ya no figura en el catálogo de aplicaciones de YunoHost. Deberías considerar desinstalarla ya que no recibirá actualizaciones y podría comprometer la integridad y seguridad de tu sistema.", + "disk_space_not_sufficient_install": "No hay espacio libre suficiente para instalar esta aplicación", + "disk_space_not_sufficient_update": "No hay espacio libre suficiente para actualizar esta aplicación", + "diagnosis_dns_specialusedomain": "El dominio {domain} se basa en un dominio de primer nivel (TLD) de usos especiales como .local o .test y no debería tener entradas DNS reales.", + "diagnosis_apps_bad_quality": "Esta aplicación está etiquetada como defectuosa en el catálogo de aplicaciones YunoHost. Podría ser un problema temporal mientras las personas responsables corrigen el asunto. Mientras tanto, la actualización de esta aplicación está desactivada.", + "diagnosis_apps_broken": "Esta aplicación está etiquetada como defectuosa en el catálogo de aplicaciones YunoHost. Podría ser un problema temporal mientras las personas responsables corrigen el asunto. Mientras tanto, la actualización de esta aplicación está desactivada.", + "diagnosis_apps_deprecated_practices": "La versión instalada de esta aplicación usa aún prácticas de empaquetado obsoletas. Deberías actualizarla.", + "diagnosis_apps_outdated_ynh_requirement": "La versión instalada de esta aplicación solo necesita YunoHost >= 2.x, lo que indica que no está al día con la buena praxis de ayudas y empaquetado recomendadas. Deberías actualizarla.", + "domain_dns_conf_special_use_tld": "Este dominio se basa en un dominio de primer nivel (TLD) de usos especiales como .local o .test y no debería tener entradas DNS reales.", + "diagnosis_sshd_config_insecure": "Parece que la configuración SSH ha sido modificada manualmente, y es insegura porque no tiene ninguna instrucción 'AllowGroups' o 'AllowUsers' para limitar el acceso a los usuarios autorizados.", + "domain_dns_push_not_applicable": "La configuración automática de los registros DNS no puede realizarse en el dominio {domain}. Deberìas configurar manualmente los registros DNS siguiendo la documentación.", + "domain_dns_push_managed_in_parent_domain": "La configuración automática de los registros DNS es administrada desde el dominio superior {parent_domain}." } \ No newline at end of file diff --git a/locales/eu.json b/locales/eu.json index 1891e00a3..6cf1ed9f6 100644 --- a/locales/eu.json +++ b/locales/eu.json @@ -1,3 +1,665 @@ { - "password_too_simple_1": "Pasahitzak gutxienez 8 karaktere izan behar ditu" + "password_too_simple_1": "Pasahitzak gutxienez zortzi karaktere izan behar ditu", + "action_invalid": "'{action}' eragiketa baliogabea da", + "aborting": "Bertan behera uzten.", + "admin_password_changed": "Administrazio-pasahitza aldatu da", + "admin_password_change_failed": "Ezinezkoa izan da pasahitza aldatzea", + "additional_urls_already_added": "'{url}' URL gehigarria '{permission}' baimenerako gehitu da dagoeneko", + "additional_urls_already_removed": "'{url}' URL gehigarriari '{permission}' baimena kendu zaio dagoeneko", + "admin_password": "Administrazio-pasahitza", + "diagnosis_ip_global": "IP orokorra: {global}", + "app_argument_password_no_default": "Errorea egon da '{name}' pasahitzaren argumentua ikuskatzean: pasahitzak ezin du balio hori izan segurtasuna dela-eta", + "app_extraction_failed": "Ezinezkoa izan da instalazio fitxategiak ateratzea", + "app_requirements_unmeet": "{app}(e)k behar dituen baldintzak ez dira betetzen, {pkgname} ({version}) paketea {spec} izan behar da", + "backup_deleted": "Babeskopia ezabatuta", + "app_argument_required": "'{name}' argumentua ezinbestekoa da", + "certmanager_acme_not_configured_for_domain": "Ezinezkoa da ACME azterketa {domain} domeinurako burutzea une honetan nginx ezarpenek ez dutelako beharrezko kodea… Egiaztatu nginx ezarpenak egunean daudela 'yunohost tools regen-conf nginx --dry-run --with-diff' komandoa exekutatuz.", + "certmanager_domain_dns_ip_differs_from_public_ip": "'{domain}' domeinurako DNS balioak ez datoz bat zerbitzariaren IParekin. Mesedez, egiaztatu 'DNS balioak' (oinarrizkoa) kategoria diagnostikoen atalean. A balioak duela gutxi aldatu badituzu, itxaron hedatu daitezen (badaude DNSen hedapena ikusteko erramintak interneten). (Zertan ari zeren baldin badakizu, erabili '--no-checks' egiaztapen horiek desgaitzeko.)", + "confirm_app_install_thirdparty": "KONTUZ! Aplikazio hau ez da YunoHosten aplikazioen katalogokoa. Kanpoko aplikazioek sistemaren integritate eta segurtasuna arriskuan jarri dezakete. Ziur asko EZ zenuke instalatu beharko zertan ari zaren ez badakizu. Aplikazio hau ez badabil edo sistema kaltetzen badu EZ DA LAGUNTZARIK EMANGO… aurrera jarraitu nahi duzu hala ere? Aukeratu '{answers}'", + "app_start_remove": "{app} ezabatzen…", + "diagnosis_http_hairpinning_issue_details": "Litekeena da erantzulea zure kable-modem / routerra izatea. Honen eraginez, saretik kanpo daudenek zerbitzaria arazorik gabe erabili ahal izango dute, baina sare lokalean bertan daudenek (ziur asko zure kasua) ezingo dute kanpoko IPa edo domeinu izena erabili zerbitzarira konektatzeko. Egoera hobetu edo guztiz konpontzeko, irakurri dokumentazioa", + "diagnosis_http_special_use_tld": "{domain} domeinua top-level domain (TLD) motakoa da .local edo .test bezala eta ez du sare lokaletik kanpo eskuragarri zertan egon.", + "diagnosis_ip_weird_resolvconf_details": "/etc/resolv.conf fitxategia symlink bat izan beharko litzateke 127.0.0.1ra adi dagoen /etc/resolvconf/run/resolv.conf fitxategira (dnsmasq). DNS ebazleak eskuz konfiguratu nahi badituzu, mesedez aldatu /etc/resolv.dnsmasq.conf fitxategia.", + "diagnosis_ip_connected_ipv4": "Zerbitzaria IPv4 bidez dago internetera konektatuta!", + "diagnosis_basesystem_ynh_inconsistent_versions": "YunoHost paketeen bertsioak ez datoz bat… ziur asko noizbait eguneraketa batek kale egin edo erabat amaitu ez zuelako.", + "diagnosis_high_number_auth_failures": "Azken aldian kale egin duten saio-hasiera saiakera ugari egon dira. Egiaztatu fail2ban martxan dabilela eta egoki konfiguratuta dagoela, edo erabili beste ataka bat SSHrako dokumentazioan azaldu bezala.", + "diagnosis_mail_ehlo_could_not_diagnose": "Ezinezkoa izan da postfix posta zerbitzaria IPv{ipversion}az kanpo eskuragarri dagoen egiaztatzea.", + "app_id_invalid": "Aplikazio ID okerra", + "app_install_files_invalid": "Ezin dira fitxategi hauek instalatu", + "diagnosis_description_ip": "Internet konexioa", + "diagnosis_description_dnsrecords": "DNS erregistroak", + "app_label_deprecated": "Komando hau zaharkitua dago! Mesedez, erabili 'yunohost user permission update' komando berria aplikazioaren etiketa kudeatzeko.", + "confirm_app_install_danger": "KONTUZ! Aplikazio hau esperimentala da (edo ez dabil)! Ez zenuke instalatu beharko zertan ari zaren ez badakizu. Aplikazio hau ez badabil edo sistema kaltetzen badu, EZ DA LAGUNTZARIK EMANGO… aurrera jarraitu nahi al duzu hala ere? Aukeratu '{answers}'", + "diagnosis_description_systemresources": "Sistemaren baliabideak", + "backup_csv_addition_failed": "Ezinezkoa izan da fitxategiak CSV fitxategira kopiatzea", + "backup_no_uncompress_archive_dir": "Ez dago horrelako deskonprimatutako fitxategi katalogorik", + "danger": "Arriskua:", + "diagnosis_dns_discrepancy": "Ez dirudi ondorengo DNS balioak bat datozenik proposatutako konfigurazioarekin:
Mota: {type}
Izena: {name}
Oraingo balioa: {current}
Proposatutako balioa: {value}", + "diagnosis_dns_specialusedomain": "{domain} domeinua top-level domain (TLD) erabilera berezikoa da .local edo .test bezala eta horregatik ez du DNS erregistrorik erabiltzeko beharrik.", + "diagnosis_http_bad_status_code": "Zerbitzari hau ez den beste gailu batek erantzun omen dio eskaerari (agian routerrak).
1. Honen arrazoi ohikoena 80 (eta 443) ataka zerbitzarira ondo birbidaltzen ez dela da.
2. Konfigurazio konplexua badarabilzu, egiaztatu suebakiak edo reverse-proxyk oztopatzen ez dutela.", + "diagnosis_http_timeout": "Denbora agortu da sare lokaletik kanpo zure zerbitzarira konektatzeko ahaleginean. Eskuragarri ez dagoela dirudi.
1. 80 (eta 443) ataka zerbitzarira modu egokian birzuzentzen ez direla da ohiko zergatia.
2. Badaezpada egiaztatu nginx martxan dagoela.
3. Konfigurazio konplexuetan, egiaztatu suebakiak edo reverse-proxyk konexioa oztopatzen ez dutela.", + "app_sources_fetch_failed": "Ezinezkoa izan da fitxategiak eskuratzea, zuzena al da URLa?", + "app_make_default_location_already_used": "Ezinezkoa izan da '{app}' '{domain}' domeinuan lehenestea, '{other_app}'(e)k dagoeneko '{domain}' erabiltzen duelako", + "app_already_installed_cant_change_url": "Aplikazio hau instalatuta dago dagoeneko. URLa ezin da aldatu aukera honekin. Markatu 'app changeurl' markatzeko moduan badago.", + "diagnosis_ip_not_connected_at_all": "Badirudi zerbitzaria ez dagoela internetera konektatuta!?", + "app_already_up_to_date": "{app} egunean da dagoeneko", + "app_change_url_success": "{app} aplikazioaren URLa {domain}{path} da orain", + "admin_password_too_long": "Mesedez, aukeratu 127 karaktere baino laburragoa den pasahitz bat", + "app_action_broke_system": "Eragiketa honek {services} zerbitzu garrantzitsua(k) hondatu d(it)uela dirudi", + "diagnosis_basesystem_hardware_model": "Zerbitzariaren modeloa {model} da", + "already_up_to_date": "Ez dago egiteko ezer. Guztia dago egunean.", + "backup_permission": "{app}(r)entzat babeskopia baimena", + "config_validate_date": "UUUU-HH-EE formatua duen data bat izan behar da", + "config_validate_email": "Benetazko posta elektronikoa izan behar da", + "config_validate_time": "OO:MM formatua duen ordu bat izan behar da", + "config_validate_url": "Benetazko URL bat izan behar da", + "config_version_not_supported": "Ezinezkoa da konfigurazio-panelaren '{version}' bertsioa erabiltzea.", + "app_restore_script_failed": "Errorea gertatu da aplikazioa lehengoratzeko aginduan", + "app_upgrade_some_app_failed": "Ezinezkoa izan da aplikazio batzuk eguneratzea", + "app_install_failed": "Ezinezkoa izan da {app} instalatzea: {error}", + "diagnosis_basesystem_kernel": "Zerbitzariak Linuxen {kernel_version} kernela darabil", + "app_argument_invalid": "Aukeratu balio egoki bat '{name}' argumenturako: {error}", + "app_already_installed": "{app} instalatuta dago dagoeneko", + "app_config_unable_to_apply": "Ezinezkoa izan da konfigurazio aukerak ezartzea.", + "app_config_unable_to_read": "Ezinezkoa izan da konfigurazio aukerak irakurtzea.", + "config_apply_failed": "Ezin izan da konfigurazio berria ezarri: {error}", + "config_cant_set_value_on_section": "Ezinezkoa da balio bakar bat ezartzea konfigurazio atal oso batean.", + "config_no_panel": "Ez da konfigurazio-panelik aurkitu.", + "diagnosis_found_errors_and_warnings": "{category} atalari dago(z)kion {errors} arazo (eta {warnings} abisu) aurkitu d(ir)a!", + "diagnosis_description_regenconf": "Sistemaren ezarpenak", + "app_upgrade_script_failed": "Errore bat gertatu da aplikazioaren eguneratze aginduan", + "diagnosis_basesystem_hardware": "Zerbitzariaren arkitektura {virt} {arch} da", + "diagnosis_mail_ehlo_ok": "SMTP posta zerbitzaria eskuragarri dago kanpoko saretik eta, beraz, posta elektronikoa jasotzeko gai da!", + "app_unknown": "Aplikazio ezezaguna", + "diagnosis_mail_ehlo_bad_answer": "SMTP ez den zerbitzu batek erantzun du IPv{ipversion}ko 25. atakan", + "diagnosis_mail_ehlo_could_not_diagnose_details": "Errorea: {error}", + "diagnosis_mail_blacklist_ok": "Ez dirudi zerbitzari honek darabiltzan IPak eta domeinuak inolako zerrenda beltzean daudenik", + "diagnosis_domain_expiration_error": "Domeinu batzuk IRAUNGITZEAR daude!", + "diagnosis_domain_expiration_success": "Domeinuak erregistratuta daude eta ez dira oraingoz iraungiko.", + "app_manifest_install_ask_is_public": "Saiorik hasi gabeko bisitarientzat ikusgai egon beharko luke aplikazioak?", + "diagnosis_domain_expires_in": "{domain} {days} egun barru iraungiko da.", + "app_manifest_install_ask_domain": "Aukeratu zein domeinutan instalatu nahi duzun aplikazioa", + "custom_app_url_required": "URL bat zehaztu behar duzu {app} eguneratzeko", + "app_change_url_identical_domains": "Domeinu zahar eta berriaren bidea bera dira: ('{domain}{path}'), ez dago ezer egitekorik.", + "app_upgrade_failed": "Ezinezkoa izan da {app} eguneratzea: {error}", + "app_upgrade_app_name": "Orain {app} eguneratzen…", + "app_upgraded": "{app} eguneratu da", + "ask_firstname": "Izena", + "ask_lastname": "Abizena", + "ask_main_domain": "Domeinu nagusia", + "config_forbidden_keyword": "'{keyword}' etiketa sistemak bakarrik erabil dezake; ezin da ID hau daukan baliorik sortu edo erabili.", + "config_unknown_filter_key": "'{filter_key}' filtroaren kakoa ez da zuzena.", + "config_validate_color": "RGB hamaseitar kolore bat izan behar da", + "diagnosis_cant_run_because_of_dep": "Ezinezkoa da diagnosia abiaraztea {category} atalerako {dep}(r)i lotutako arazo garrantzitsuek dirauen artean.", + "diagnosis_dns_missing_record": "Proposatutako DNS konfigurazioaren arabera, ondorengo informazioa gehitu beharko zenuke DNS erregistroan:
Mota: {type}
Izena: {name}
Balioa: {value}", + "diagnosis_http_nginx_conf_not_up_to_date": "Domeinu honen nginx ezarpenak eskuz moldatu direla dirudi eta YunoHostek ezin du egiaztatu HTTP bidez eskuragarri dagoenik.", + "ask_new_admin_password": "Administrazio-pasahitz berria", + "ask_new_domain": "Domeinu berria", + "ask_new_path": "Bide berria", + "ask_password": "Pasahitza", + "backup_abstract_method": "Babeskopia modu hau oraindik ez da go erabilgarri", + "backup_applying_method_custom": "'{method}' neurrira egindako babeskopia sortzen…", + "backup_applying_method_copy": "Babeskopiarako fitxategi guztiak kopiatzen…", + "backup_archive_app_not_found": "Ezin izan da {app} aurkitu babeskopia fitxategian", + "backup_applying_method_tar": "Babeskopiaren TAR fitxategia sortzen…", + "backup_archive_broken_link": "Ezin izan da babeskopiaren fitxategia eskuratu ({path}ra esteka okerra)", + "backup_creation_failed": "Ezinezkoa izan da babeskopiaren fitxategia sortzea", + "backup_csv_creation_failed": "Ezinezkoa izan da lehengoratzeko beharrezkoak diren CSV fitxategiak sortzea", + "backup_custom_mount_error": "Neurrira egindako babeskopiak ezin izan du 'muntatu' urratsetik haratago egin", + "backup_delete_error": "Ezinezkoa izan da '{path}' ezabatzea", + "backup_method_copy_finished": "Babeskopiak amaitu du", + "backup_hook_unknown": "Babeskopiaren '{hook}' kakoa ezezaguna da", + "backup_method_custom_finished": "'{method}' neurrira egindako babeskopiak amaitu du", + "backup_method_tar_finished": "TAR babeskopia artxiboa sortu da", + "backup_mount_archive_for_restore": "Lehengoratzeko fitxategiak prestatzen…", + "backup_nothings_done": "Ez dago gordetzeko ezer", + "backup_output_directory_required": "Babeskopia non gorde nahi duzun zehaztu behar duzu", + "backup_system_part_failed": "Ezinezkoa izan da sistemaren '{part}' atalaren babeskopia egitea", + "apps_catalog_updating": "Aplikazioen katalogoa eguneratzen…", + "certmanager_cert_signing_failed": "Ezinezkoa izan da ziurtagiri berria sinatzea", + "certmanager_cert_renew_success": "Let's Encrypt ziurtagiria berriztu da '{domain}' domeinurako", + "app_requirements_checking": "{app}(e)k behar dituen paketeak ikuskatzen…", + "certmanager_unable_to_parse_self_CA_name": "Ezinezkoa izan da norberak sinatutako ziurtagiriaren izena prozesatzea (fitxategia: {file})", + "app_remove_after_failed_install": "Aplikazioa ezabatzen instalatzerakoan errorea dela-eta…", + "diagnosis_basesystem_ynh_single_version": "{package} bertsioa: {version} ({repo})", + "diagnosis_failed_for_category": "'{category}' ataleko diagnostikoak kale egin du: {error}", + "diagnosis_cache_still_valid": "(Cachea oraindik baliogarria da {category} (ar)en diagnosirako. Ez da berrabiaraziko!)", + "diagnosis_found_errors": "{category} atalari dago(z)kion {errors} arazo aurkitu d(ir)a!", + "diagnosis_found_warnings": "{category} atalari dagokion eta hobetu daite(z)keen {warnings} abisu aurkitu d(ir)a.", + "diagnosis_ip_connected_ipv6": "Zerbitzaria IPv6 bidez dago internetera konektatuta!", + "diagnosis_everything_ok": "Badirudi guztia zuzen dagoela {category} atalean!", + "diagnosis_ip_no_ipv4": "Zerbitzariak ez du dabilen IPv4rik.", + "diagnosis_ip_no_ipv6": "Zerbitzariak ez du dabilen IPv6rik.", + "diagnosis_ip_broken_dnsresolution": "Domeinu izenaren ebazpena kaltetuta dagoela dirudi… Suebakiren bat ote dago DNS eskaerak oztopatzen?", + "diagnosis_diskusage_low": "{mountpoint} fitxategi-sistemak ({device} euskarrian) edukieraren {free} (%{free_percent}a) bakarrik ditu erabilgarri ({total} orotara). Kontuz ibili.", + "diagnosis_dns_good_conf": "DNS ezarpenak zuzen konfiguratuta daude {domain} domeinurako ({category} atala)", + "diagnosis_diskusage_verylow": "{mountpoint} fitxategi-sistemak ({device} euskarrian) edukieraren {free} (%{free_percent}a) bakarrik ditu erabilgarri ({total} orotara). Zertxobait hustu beharko zenuke!", + "diagnosis_description_basesystem": "Sistemaren oinarria", + "diagnosis_description_services": "Zerbitzuen egoeraren egiaztapena", + "diagnosis_http_could_not_diagnose": "Ezinezkoa izan da domeinuak IPv{ipversion} kanpotik eskuragarri dauden egiaztatzea.", + "diagnosis_http_ok": "{domain} domeinua HTTP bidez bisitatu daiteke sare lokaletik kanpo.", + "diagnosis_http_unreachable": "Badirudi {domain} domeinua ez dagoela eskuragarri HTTP bidez sare lokaletik kanpo.", + "apps_catalog_failed_to_download": "Ezinezkoa izan da {apps_catalog} aplikazioen zerrenda eskuratzea: {error}", + "apps_catalog_init_success": "Abiarazi da aplikazioen katalogo sistema!", + "apps_catalog_obsolete_cache": "Aplikazioen katalogoaren cachea hutsik edo zaharkituta dago.", + "diagnosis_description_mail": "Posta elektronikoa", + "diagnosis_http_connection_error": "Arazoa konexioan: ezin izan da domeinu horretara konektatu, litekeena da eskuragarri ez egotea.", + "diagnosis_description_web": "Weba", + "diagnosis_display_tip": "Aurkitu diren arazoak ikusteko joan administrazio-atariko Diagnostikoak atalera, edo exekutatu 'yunohost diagnosis show --issues --human-readable' komandoak nahiago badituzu.", + "diagnosis_dns_point_to_doc": "Mesedez, irakurri dokumentazioa DNS erregistroekin laguntza behar baduzu.", + "diagnosis_mail_ehlo_unreachable": "SMTP posta zerbitzaria ez dago eskuragarri IPv{ipversion}ko sare lokaletik kanpo eta, beraz, ez da posta elektronikoa jasotzeko gai.", + "diagnosis_mail_ehlo_bad_answer_details": "Litekeena da zure zerbitzaria ez den beste gailu batek erantzun izana.", + "diagnosis_mail_blacklist_listed_by": "Zure domeinua edo {item} IPa {blacklist_name} zerrenda beltzean ageri da", + "diagnosis_mail_blacklist_website": "Zerrenda beltzean zergatik zauden ulertu eta konpondu ondoren, {blacklist_website} webgunean zure IP edo domeinua bertatik atera dezatela eska dezakezu", + "diagnosis_http_could_not_diagnose_details": "Errorea: {error}", + "diagnosis_http_hairpinning_issue": "Dirudienez zure sareak ez du hairpinninga gaituta.", + "diagnosis_http_partially_unreachable": "Badirudi {domain} domeinua ezin dela bisitatu HTTP bidez IPv{failed} sare lokaletik kanpo, bai ordea IPv{passed} erabiliz.", + "backup_archive_cant_retrieve_info_json": "Ezinezkoa izan da '{archive}' fitxategiko informazioa eskuratzea… info.json ezin izan da eskuratu (edo ez da baliozko jsona).", + "diagnosis_domain_expiration_not_found": "Ezinezkoa izan da domeinu batzuen iraungitze data egiaztatzea", + "diagnosis_domain_expiration_not_found_details": "Badirudi {domain} domeinuari buruzko WHOIS informazioak ez duela zehazten noiz iraungiko den.", + "certmanager_domain_not_diagnosed_yet": "Oraindik ez dago {domain} domeinurako diagnostikorik. Mesedez, berrabiarazi diagnostikoak 'DNS balioak' eta 'Web' ataletarako diagnostikoen gunean Let's Encrypt ziurtagirirako prest ote dagoen egiaztatzeko. (Edo zertan ari zaren baldin badakizu, erabili '--no-checks' egiaztatzea desgaitzeko.)", + "diagnosis_domain_expiration_warning": "Domeinu batzuk iraungitzear daude!", + "app_packaging_format_not_supported": "Aplikazio hau ezin da instalatu YunoHostek ez duelako paketea ezagutzen. Sistema eguneratzea hausnartu beharko zenuke ziur asko.", + "diagnosis_dns_try_dyndns_update_force": "Domeinu honen DNS konfigurazioa YunoHostek kudeatu beharko luke automatikoki. Gertatuko ez balitz, eguneratzera behartu zenezake yunohost dyndns update --force erabiliz.", + "app_manifest_install_ask_path": "Aukeratu aplikazio hau instalatzeko URLaren bidea (domeinuaren atzeko aldean)", + "app_manifest_install_ask_admin": "Aukeratu administrari bat aplikazio honetarako", + "app_manifest_install_ask_password": "Aukeratu administrazio-pasahitz bat aplikazio honetarako", + "ask_user_domain": "Erabiltzailearen posta elektroniko eta XMPP konturako erabiliko den domeinua", + "app_action_cannot_be_ran_because_required_services_down": "{services} zerbitzuak martxan egon beharko lirateke eragiketa hau exekutatu ahal izateko. Saia zaitez zerbitzuok berrabiarazten (eta ikertu zergatik ez diren abiarazi).", + "apps_already_up_to_date": "Egunean daude dagoeneko aplikazio guztiak", + "app_full_domain_unavailable": "Aplikazio honek bere domeinu propioa behar du, baina beste aplikazio batzuk daude dagoeneko instalatuta '{domain}' domeinuan. Azpidomeinu bat erabil zenezake instalatu nahi duzun aplikaziorako.", + "app_install_script_failed": "Errore bat gertatu da aplikazioaren instalatzailearen aginduetan", + "diagnosis_basesystem_host": "Zerbitzariak Debian {debian_version} darabil", + "diagnosis_ignored_issues": "(kontuan hartu ez d(ir)en + {nb_ignored} arazo)", + "diagnosis_ip_dnsresolution_working": "Domeinu izenaren ebazpena badabil!", + "diagnosis_failed": "Ezinezkoa izan da '{category}' ataleko diagnostikoa lortzea: {error}", + "diagnosis_ip_weird_resolvconf": "DNS ebazpena badabilela dirudi, baina antza denez moldatutako /etc/resolv.conf fitxategia erabiltzen ari zara.", + "diagnosis_dns_bad_conf": "DNS balio batzuk falta dira edo ez dira zuzenak {domain} domeinurako ({category} atala)", + "diagnosis_diskusage_ok": "{mountpoint} fitxategi-sistemak ({device} euskarrian) edukieraren {free} (%{free_percent}a) ditu erabilgarri oraindik ({total} orotara)!", + "apps_catalog_update_success": "Aplikazioen katalogoa eguneratu da!", + "certmanager_warning_subdomain_dns_record": "'{subdomain}' azpidomeinuak ez dauka '{domain}'(e)k duen IP bera. Ezaugarri batzuk ez dira erabilgarri egongo hau zuzendu arte eta ziurtagiri bat birsortu arte.", + "app_argument_choice_invalid": "Hautatu ({choices}) aukeretako bat '{name}' argumenturako: '{value}' ez dago aukera horien artean", + "backup_create_size_estimation": "Fitxategiak {size} datu inguru izango ditu.", + "diagnosis_basesystem_ynh_main_version": "Zerbitzariak YunoHosten {main_version} ({repo}) darabil", + "backup_custom_backup_error": "Neurrira egindako babeskopiak ezin izan du 'babeskopia egin' urratsetik haratago egin", + "diagnosis_ip_broken_resolvconf": "Zure zerbitzarian domeinu izenaren ebazpena kaltetuta dagoela dirudi, antza denez /etc/resolv.conf fitxategia ez dago 127.0.0.1ra adi.", + "diagnosis_ip_no_ipv6_tip": "Dabilen IPv6 izatea ez da derrigorrezkoa zerbitzariaren funtzionamendurako, baina egokiena da interneten osasunerako. IPv6 automatikoki konfiguratu beharko luke sistemak edo operadoreak. Bestela, eskuz konfiguratu beharko zenituzke hainbat gauza dokumentazioan azaltzen den bezala. Ezin baduzu edo IPv6 gaitzea zuretzat kontu teknikoegia baldin bada, ez duzu abisu hau zertan kontuan hartu.", + "diagnosis_http_nginx_conf_not_up_to_date_details": "Egoera konpontzeko, ikuskatu desberdintasunak yunohost tools regen-conf nginx --dry-run --with-diff komandoren bidez eta, proposatutako aldaketak onartzen badituzu, ezarri itzazu yunohost tools regen-conf nginx --force erabiliz.", + "diagnosis_domain_not_found_details": "{domain} domeinua ez da WHOISen datubasean existitzen edo iraungi da!", + "app_start_backup": "{app}(r)en babeskopia egiteko fitxategiak eskuratzen…", + "app_change_url_no_script": "'{app_name}' aplikazioak oraingoz ez du URLa moldatzerik onartzen. Agian eguneratu beharko zenuke.", + "app_location_unavailable": "URL hau ez dago erabilgarri edota dagoeneko instalatutako aplikazioren batekin talka egiten du:\n{apps}", + "app_not_upgraded": "'{failed_app}' aplikazioa ezin izan da eguneratu, eta horregatik ondorengo aplikazioen eguneraketak bertan behera utzi dira: {apps}", + "app_not_correctly_installed": "Ez dirudi {app} ondo instalatuta dagoenik", + "app_not_installed": "Ezinezkoa izan da {app} aurkitzea instalatutako aplikazioen zerrendan: {all_apps}", + "app_not_properly_removed": "Ezinezkoa izan da {app} guztiz ezabatzea", + "app_start_install": "{app} instalatzen…", + "app_start_restore": "{app} lehengoratzen…", + "app_unsupported_remote_type": "Aplikazioak darabilen urruneko motak ez du babesik (Unsupported remote type)", + "app_upgrade_several_apps": "Ondorengo aplikazioak eguneratuko dira: {apps}", + "backup_app_failed": "Ezinezkoa izan da {app}(r)en babeskopia egitea", + "backup_actually_backuping": "Bildutako fitxategiekin babeskopia sortzen…", + "backup_archive_name_exists": "Dagoeneko existitzen da izen bera duen babeskopia fitxategi bat.", + "backup_archive_name_unknown": "Ez da '{name}' izeneko babeskopia ezagutzen", + "backup_archive_open_failed": "Ezinezkoa izan da babeskopien fitxategia irekitzea", + "backup_archive_system_part_not_available": "'{part}' sistemaren atala ez dago erabilgarri babeskopia honetan", + "backup_archive_writing_error": "Ezinezkoa izan da '{source}' ('{dest}' fitxategiak eskatu dituenak) fitxategia '{archive}' konprimatutako babeskopian sartzea", + "backup_ask_for_copying_if_needed": "Behin-behinean {size}MB erabili nahi dituzu babeskopia gauzatu ahal izateko? (Horrela egiten da fitxategi batzuk ezin direlako modu eraginkorragoan prestatu.)", + "backup_cant_mount_uncompress_archive": "Ezinezkoa izan da deskonprimatutako fitxategia muntatzea idazketa-babesa duelako", + "backup_created": "Babeskopia sortu da", + "backup_copying_to_organize_the_archive": "{size}MB kopiatzen fitxategia antolatzeko", + "backup_couldnt_bind": "Ezin izan da {src} {dest}-ra lotu.", + "backup_output_directory_forbidden": "Aukeratu beste katalogo bat emaitza gordetzeko. Babeskopiak ezin dira sortu /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var edo /home/yunohost.backup/archives azpi-katalogoetan", + "backup_output_directory_not_empty": "Aukeratu hutsik dagoen katalogo bat", + "backup_running_hooks": "Babeskopien kakoak exekutatzen…", + "backup_unable_to_organize_files": "Ezinezkoa izan da modu azkarra erabiltzea fitxategiko artxiboak prestatzeko", + "backup_output_symlink_dir_broken": "'{path}' fitxategi-katalogoaren symlink-a ez dabil. Agian [ber]muntatzea ahaztu zaizu edo euskarria atakara konektatzea ahaztu duzu.", + "backup_with_no_backup_script_for_app": "'{app}' aplikazioak ez du babeskopia egiteko agindurik. Ez da kontuan hartuko.", + "backup_with_no_restore_script_for_app": "{app}(e)k ez du lehengoratzeko agindurik, ezingo duzu aplikazio hau automatikoki lehengoratu.", + "certmanager_attempt_to_renew_nonLE_cert": "'{domain}' domeinurako ziurtagiria ez da Let's Encryptek jaulkitakoa. Ezin da automatikoki berriztu!", + "certmanager_attempt_to_renew_valid_cert": "'{domain}' domeinurako ziurtagiria iraungitzear dago! (Zertan ari zaren baldin badakizu, --force erabil dezakezu)", + "certmanager_cannot_read_cert": "Arazoren bat egon da {domain} (fitxategia: {file}) domeinurako oraingo ziurtagiria irekitzen saiatzerakoan, zergatia: {reason}", + "certmanager_cert_install_success": "Let's Encrypt ziurtagiria instalatu da '{domain}' domeinurako", + "certmanager_cert_install_success_selfsigned": "Norberak sinatutako ziurtagiria instalatu da '{domain}' domeinurako", + "certmanager_domain_cert_not_selfsigned": "{domain} domeinurako ziurtagiria ez da norberak sinatutakoa. Ziur al zaude ordezkatu nahi duzula? (Erabili '--force' hori egiteko.)", + "certmanager_certificate_fetching_or_enabling_failed": "{domain} domeinurako ziurtagiri berriak kale egin du…", + "certmanager_domain_http_not_working": "Ez dirudi {domain} domeinua HTTP bidez ikusgai dagoenik. Mesedez, egiaztatu 'Weba' atala diagnosien gunean informazio gehiagorako. (Zertan ari zaren baldin badakizu, erabili '--no-checks' egiaztapen horiek desgaitzeko.)", + "certmanager_hit_rate_limit": "{domain} domeinu-multzorako ziurtagiri gehiegi jaulki dira dagoeneko. Mesedez, saia saitez geroago. Ikus https://letsencrypt.org/docs/rate-limits/ xehetasun gehiagorako", + "certmanager_no_cert_file": "Ezinezkoa izan da {domain} domeinurako ziurtagiri fitxategia irakurrtzea (fitxategia: {file})", + "certmanager_self_ca_conf_file_not_found": "Ezinezkoa izan da konfigurazio-fitxategia aurkitzea norberak sinatutako ziurtagirirako (fitxategia: {file})", + "confirm_app_install_warning": "Adi: litekeena da aplikazio hau ibiltzea baina ez dago YunoHostera egina. Ezaugarri batzuk, SSO edo babeskopia/lehengoratzea esaterako, desgaituta egon daitezke. Instalatu hala ere? [{answers}] ", + "diagnosis_description_ports": "Ataken irisgarritasuna", + "backup_archive_corrupted": "Badirudi '{archive}' babeskopia fitxategia kaltetuta dagoela: {error}", + "diagnosis_ip_local": "IP lokala: {local}", + "diagnosis_mail_blacklist_reason": "Zerrenda beltzean egotearen zergatia zera da: {reason}", + "app_removed": "{app} desinstalatu da", + "backup_cleaning_failed": "Ezinezkoa izan da behin-behineko babeskopien karpeta hustea", + "certmanager_attempt_to_replace_valid_cert": "{domain} domeinurako egokia eta baliogarria den ziurtagiri bat ordezkatzen saiatzen ari zara! (Erabili --force mezu hau deuseztatu eta ziurtagiria ordezkatzeko)", + "diagnosis_backports_in_sources_list": "Dirudienez apt (pakete kudeatzailea) backports biltegia erabiltzeko konfiguratuta dago. Zertan ari zaren ez badakizu, ez zenuke backports biltegietako aplikaziorik instalatu beharko, ezegonkortasun eta gatazkak eragin ditzaketelako sistemarekin.", + "app_restore_failed": "Ezinezkoa izan da {app} lehengoratzea: {error}", + "diagnosis_apps_allgood": "Instalatutako aplikazioek oinarrizko pakete-jarraibideekin bat egiten dute", + "diagnosis_apps_bad_quality": "Aplikazio hau hondatuta dagoela dio YunoHosten aplikazioen katalogoak. Agian behin-behineko kontua da arduradunak arazoa konpondu bitartean. Oraingoz, ezin da aplikazioa eguneratu.", + "diagnosis_apps_broken": "Aplikazio hau YunoHosten aplikazioen katalogoan hondatuta dagoela ageri da. Agian behin-behineko kontua da arduradunak konpondu bitartean. Oraingoz, ezin da aplikazioa eguneratu.", + "diagnosis_apps_deprecated_practices": "Instalatutako aplikazio honen bertsioak oraindik darabiltza zaharkitutako pakete-jarraibideak. Eguneratzea hausnartu beharko zenuke.", + "diagnosis_apps_issue": "Arazo bat dago {app} aplikazioarekin", + "diagnosis_apps_not_in_app_catalog": "Aplikazio hau ez da YunoHosten aplikazioen katalogokoa. Iraganean egon bazen eta ezabatu izan balitz, desinstalatzea litzateke onena, ez baitu eguneraketarik jasoko eta sistemaren integritate eta segurtasuna arriskuan jarri lezakeelako.", + "diagnosis_apps_outdated_ynh_requirement": "Instalatutako aplikazio honen bertsioak yunohost >= 2.x baino ez du behar, eta horrek egungo pakete-jardunbideekin bat ez datorrela iradokitzen du. Eguneratzen saiatu beharko zinateke.", + "diagnosis_description_apps": "Aplikazioak", + "domain_dns_conf_special_use_tld": "Domeinu hau top-level domain (TLD) erabilera bereziko motakoa da .local edo .test bezala eta ez du DNS ezarpenik behar.", + "log_permission_create": "Sortu '{}' baimena", + "log_user_delete": "Ezabatu '{}' erabiltzailea", + "log_app_install": "'{}' aplikazioa instalatu", + "done": "Egina", + "group_user_already_in_group": "{user} erabiltzailea {group} taldean dago dagoeneko", + "firewall_reloaded": "Suebakia birkargatu da", + "domain_unknown": "'{domain}' domeinua ezezaguna da", + "global_settings_cant_serialize_settings": "Ezinezkoa izan da konfikurazio-datuak serializatzea, zergatia: {reason}", + "global_settings_setting_security_nginx_redirect_to_https": "Birbideratu HTTP eskaerak HTTPSra (EZ ITZALI hau ez badakizu zertan ari zaren!)", + "group_deleted": "'{group}' taldea ezabatu da", + "invalid_password": "Pasahitza ez da zuzena", + "log_domain_main_domain": "Lehenetsi '{}' domeinua", + "log_user_group_update": "Moldatu '{}' taldea", + "dyndns_could_not_check_available": "Ezinezkoa izan da {domain} {provider}(e)n eskuragarri dagoen egiaztatzea.", + "diagnosis_rootfstotalspace_critical": "'root' fitxategi-sistemak {space} baino ez ditu erabilgarri, eta hori kezkagarria da! Litekeena da oso laster memoriarik gabe geratzea! 'root' fitxategi-sistemak gutxienez 16GB erabilgarri izatea da gomendioa.", + "disk_space_not_sufficient_install": "Ez dago aplikazio hau instalatzeko nahikoa espaziorik", + "domain_dns_conf_is_just_a_recommendation": "Komando honek *iradokitako* konfigurazioa erakusten du. Ez du DNS konfigurazioa zugatik ezartzen. Zure ardura da DNS gunea zure erregistro-enpresaren gomendioen arabera ezartzea.", + "dyndns_ip_update_failed": "Ezin izan da IP helbidea DynDNSan eguneratu", + "dyndns_ip_updated": "IP helbidea DynDNS-n eguneratu da", + "dyndns_key_not_found": "Ez da domeinurako DNS gakorik aurkitu", + "dyndns_unavailable": "'{domain}' domeinua ez dago eskuragarri.", + "log_app_makedefault": "Lehenetsi '{}' aplikazioa", + "log_does_exists": "Ez dago '{log}' izena duen eragiketa-erregistrorik; erabili 'yunohost log list' eragiketa-erregistro guztiak ikusteko", + "log_user_group_delete": "Ezabatu '{}' taldea", + "log_user_import": "Inportatu erabiltzaileak", + "dyndns_key_generating": "DNS gakoa sortzen… litekeena da honek denbora behar izatea.", + "diagnosis_mail_fcrdns_ok": "Alderantzizko DNSa zuzen konfiguratuta dago!", + "diagnosis_mail_queue_unavailable_details": "Errorea: {error}", + "dyndns_provider_unreachable": "Ezinezkoa izan da DynDNS {provider} enpresarekin konektatzea: agian zure YunoHost zerbitzaria ez dago internetera konektatuta edo dynette zerbitzaria ez dago martxan.", + "dyndns_registered": "DynDNS domeinua erregistratu da", + "dyndns_registration_failed": "Ezinezkoa izan da DynDNS domeinua erregistratzea: {error}", + "extracting": "Ateratzen…", + "diagnosis_ports_unreachable": "{port}. ataka ez dago eskuragarri kanpotik.", + "diagnosis_regenconf_manually_modified_details": "Ez dago arazorik zertan ari zaren baldin badakizu! YunoHostek fitxategi hau automatikoki eguneratzeari utziko dio… Baina kontuan izan YunoHosten eguneraketek aldaketa garrantzitsuak izan ditzaketela. Nahi izatekotan, desberdintasunak aztertu ditzakezu yunohost tools regen-conf {category} --dry-run --with-diff komandoa exekutatuz, eta gomendatutako konfiguraziora bueltatu yunohost tools regen-conf {category} --force erabiliz", + "experimental_feature": "Adi: Funtzio hau esperimentala eta ezegonkorra da, ez zenuke erabili beharko ez badakizu zertan ari zaren.", + "global_settings_cant_write_settings": "Ezinezkoa izan da konfigurazio fitxategia gordetzea, zergatia: {reason}", + "dyndns_domain_not_provided": "{provider} DynDNS enpresak ezin du {domain} domeinua eskaini.", + "firewall_reload_failed": "Ezinezkoa izan da suebakia birkargatzea", + "global_settings_setting_security_password_admin_strength": "Administrazio-pasahitzaren segurtasuna", + "hook_name_unknown": "'{name}' 'hook' izen ezezaguna", + "domain_deletion_failed": "Ezinezkoa izan da {domain} ezabatzea: {error}", + "global_settings_setting_security_nginx_compatibility": "Bateragarritasun eta segurtasun arteko gatazka NGINX web zerbitzarirako. Zifraketari eragiten dio (eta segurtasunari lotutako beste kontu batzuei)", + "log_regen_conf": "Berregin '{}' sistemaren konfigurazioa", + "dpkg_lock_not_available": "Ezin da komando hau une honetan exekutatu beste aplikazio batek dpkg (sistemaren paketeen kudeatzailea) blokeatuta duelako, erabiltzen ari baita", + "group_created": "'{group}' taldea sortu da", + "global_settings_setting_security_password_user_strength": "Erabiltzaile-pasahitzaren segurtasuna", + "global_settings_setting_security_experimental_enabled": "Gaitu segurtasun funtzio esperimentalak (ez ezazu egin ez badakizu zertan ari zaren!)", + "good_practices_about_admin_password": "Administrazio-pasahitz berria ezartzear zaude. Pasahitzak zortzi karaktere izan beharko lituzke gutxienez, baina gomendagarria da pasahitz luzeagoa erabiltzea (esaldi bat, esaterako) edota karaktere desberdinak erabiltzea (hizki larriak, txikiak, zenbakiak eta karaktere bereziak).", + "log_help_to_get_failed_log": "Ezin izan da '{desc}' eragiketa exekutatu. Mesedez, laguntza nahi baduzu partekatu eragiketa honen erregistro osoa 'yunohost log share {name}' komandoa erabiliz", + "global_settings_setting_security_webadmin_allowlist_enabled": "Baimendu IP zehatz batzuk bakarrik administrazio-atarian.", + "group_unknown": "'{group}' taldea ezezaguna da", + "group_updated": "'{group}' taldea eguneratu da", + "group_update_failed": "Ezinezkoa izan da '{group}' taldea eguneratzea: {error}", + "diagnosis_rootfstotalspace_warning": "'root' fitxategi-sistemak {space} baino ez ditu. Agian ez da arazorik egongo, baina kontuz ibili edo memoriarik gabe gera zaitezke laster… 'root' fitxategi-sistemak gutxienez 16GB erabilgarri izatea da gomendioa.", + "iptables_unavailable": "Ezin dituzu iptaulak hemen moldatu; edukiontzi bat erabiltzen ari zara edo kernelak ez du aukera hau onartzen", + "log_permission_delete": "Ezabatu '{}' baimena", + "group_already_exist": "{group} taldea existitzen da dagoeneko", + "group_user_not_in_group": "{user} erabiltzailea ez dago {group} taldean", + "diagnosis_mail_fcrdns_nok_alternatives_6": "Operadore batzuek ez dute alderantzizko DNSa konfiguratzen uzten (edo funtzioa ez dabil…). IPv4rako alderantzizko DNSa zuzen konfiguratuta badago, IPv6 desgaitzen saia zaitezke posta elektronikoa bidaltzeko, yunohost settings set smtp.allow_ipv6 -v off exekutatuz. Adi: honek esan nahi du ez zarela gai izango IPv6 bakarrik darabilten zerbitzari apurren posta elektronikoa jasotzeko edo beraiei bidaltzeko.", + "diagnosis_sshd_config_inconsistent": "Dirudienez SSH ataka eskuz aldatu da /etc/ssh/sshd_config fitxategian. YunoHost 4.2tik aurrera 'security.ssh.port' izeneko ezarpen orokor bat dago konfigurazioa eskuz aldatzea ekiditeko.", + "diagnosis_sshd_config_inconsistent_details": "Mesedez, exekutatu yunohost settings set security.ssh.port -v YOUR_SSH_PORT SSH ataka zehazteko, egiaztatu yunohost tools regen-conf ssh --dry-run --with-diff erabiliz eta yunohost tools regen-conf ssh --force exekutatu gomendatutako konfiguraziora bueltatu nahi baduzu.", + "domain_dns_push_failed_to_authenticate": "Ezinezkoa izan da '{domain}' domeinurako APIa erabiliz erregistro-enpresan saioa hastea. Zuzenak al dira datuak? (Errorea: {error})", + "domain_dns_pushing": "DNS ezarpenak bidaltzen…", + "diagnosis_sshd_config_insecure": "Badirudi SSH konfigurazioa eskuz aldatu dela eta ez da segurua ez duelako 'AllowGroups' edo 'AllowUsers' baldintzarik jartzen fitxategien atzitzea oztopatzeko.", + "disk_space_not_sufficient_update": "Ez dago aplikazio hau eguneratzeko nahikoa espaziorik", + "domain_cannot_add_xmpp_upload": "Ezin dira 'xmpp-upload.' hasiera duten domeinuak gehitu. Izen mota hau YunoHosten zati den XMPP igoeretarako erabiltzen da.", + "domain_cannot_remove_main_add_new_one": "Ezin duzu '{domain}' ezabatu domeinu nagusi eta bakarra delako. Beste domeinu bat gehitu 'yunohost domain add ' exekutatuz, gero erabili 'yunohost domain main-domain -n ' domeinu nagusi bilakatzeko, eta azkenik ezabatu {domain}' domeinua 'yunohost domain remove {domain}' komandoarekin.", + "domain_dns_push_record_failed": "Ezinezkoa izan da {type}/{name} ezarpenak {action}: {error}", + "domain_dns_push_success": "DNS ezarpenak eguneratu dira!", + "domain_dns_push_failed": "DNS ezarpenen eguneratzeak kale egin du.", + "domain_dns_push_partial_failure": "DNS ezarpenak erdipurdi eguneratu dira: jakinarazpen/errore batzuk egon dira.", + "global_settings_setting_smtp_relay_host": "YunoHosten ordez posta elektronikoa bidaltzeko SMTP relay helbidea. Erabilgarri izan daiteke egoera hauetan: operadore edo VPS enpresak 25. ataka blokeatzen badu, DUHLen zure etxeko IPa ageri bada, ezin baduzu alderantzizko DNSa ezarri edo zerbitzari hau ez badago zuzenean internetera konektatuta baina posta elektronikoa bidali nahi baduzu.", + "group_deletion_failed": "Ezinezkoa izan da '{group}' taldea ezabatzea: {error}", + "invalid_number_min": "{min} baino handiagoa izan behar da", + "invalid_number_max": "{max} baino txikiagoa izan behar da", + "diagnosis_services_bad_status": "{service} zerbitzua {status} dago :(", + "diagnosis_ports_needed_by": "{category} funtzioetarako ezinbestekoa da ataka hau eskuragarri egotea ({service} zerbitzua)", + "diagnosis_package_installed_from_sury": "Sistemaren pakete batzuen lehenagoko bertsioak beharko lirateke", + "global_settings_setting_smtp_relay_password": "SMTP relay helbideko pasahitza", + "global_settings_setting_smtp_relay_port": "SMTP relay ataka", + "domain_deleted": "Domeinua ezabatu da", + "domain_dyndns_root_unknown": "Ez da ezagutzen DynDNSaren root domeinua", + "domain_exists": "Dagoeneko existitzen da domeinu hau", + "domain_registrar_is_not_configured": "Oraindik ez da {domain} domeinurako erregistro-enpresa ezarri.", + "domain_dns_push_not_applicable": "Ezin da {domain} domeinurako DNS konfigurazio automatiko funtzioa erabili. DNS erregistroak eskuz ezarri beharko zenituzke gidaorriei erreparatuz: https://yunohost.org/dns_config.", + "domain_dns_push_managed_in_parent_domain": "DNS ezarpenak automatikoki konfiguratzeko funtzioa {parent_domain} domeinu nagusian kudeatzen da.", + "domain_dns_registrar_managed_in_parent_domain": "Domeinu hau {parent_domain_link} (r)en azpidomeinua da. DNS ezarpenak {parent_domain}(r)en konfigurazio atalean kudeatu behar dira.", + "domain_dns_registrar_yunohost": "Hau nohost.me / nohost.st / ynh.fr domeinu bat da eta, beraz, DNS ezarpenak automatikoki kudeatzen ditu YunoHostek, bestelako ezer konfiguratu beharrik gabe. (ikus 'yunohost dyndns update' komandoa)", + "domain_dns_registrar_not_supported": "YunoHostek ezin izan du domeinu honen erregistro-enpresa automatikoki antzeman. Eskuz konfiguratu beharko dituzu DNS ezarpenak gidalerroei erreparatuz: https://yunohost.org/dns.", + "domain_dns_registrar_experimental": "Oraingoz, YunoHosten kideek ez dute **{registrar}** erregistro-enpresaren APIa nahi beste probatu eta aztertu. Funtzioa **oso esperimentala** da — kontuz!", + "domain_config_mail_in": "Jasotako mezuak", + "domain_config_auth_token": "Token autentifikazioa", + "domain_config_auth_key": "Autentifikazio gakoa", + "domain_config_auth_secret": "Autentifikazioaren \"secret\"a", + "domain_config_api_protocol": "API protokoloa", + "domain_config_auth_entrypoint": "APIaren sarrera", + "domain_config_auth_application_key": "Aplikazioaren gakoa", + "domain_config_auth_application_secret": "Aplikazioaren gako sekretua", + "domain_config_auth_consumer_key": "Erabiltzailearen gakoa", + "global_settings_setting_smtp_allow_ipv6": "Baimendu IPv6 posta elektronikoa jaso eta bidaltzeko", + "group_cannot_be_deleted": "{group} taldea ezin da eskuz ezabatu.", + "log_domain_config_set": "Aldatu '{}' domeinuko ezarpenak", + "log_domain_dns_push": "Bidali '{}' domeinuaren DNS ezarpenak", + "log_tools_migrations_migrate_forward": "Exekutatu migrazioak", + "log_tools_postinstall": "Abiarazi YunoHost zerbitzariaren instalazio ondorengo prozesua", + "diagnosis_mail_fcrdns_nok_alternatives_4": "Operadore batzuek ez dute alderantzizko DNSa konfiguratzen uzten (edo funtzioa ez dabil…). Hau dela-eta arazoak badituzu, irtenbide batzuk eduki ditzakezu:
- Operadore batzuek relay posta zerbitzari bat eskaini dezakete, baina kasu horretan zure posta elektronikoa zelatatu dezakete.
- Pribatutasuna bermatzeko *IP publikoa* duen VPN bat erabiltzea izan daiteke irtenbidea. Ikus https://yunohost.org/#/vpn_advantage
- Edo operadore desberdin batera aldatu", + "domain_dns_registrar_supported": "YunoHostek automatikoki antzeman du domeinu hau **{registrar}** erregistro-enpresak kudeatzen duela. Nahi baduzu YunoHostek automatikoki konfiguratu ditzake DNS ezarpenak, API egiaztagiri zuzenak zehazten badituzu. API egiaztagiriak non lortzeko dokumentazioa orri honetan duzu: https://yunohost.org/registar_api_{registrar}. (Baduzu DNS erregistroak eskuz konfiguratzeko aukera ere, gidalerro hauetan ageri den bezala: https://yunohost.org/dns)", + "domain_dns_push_failed_to_list": "Ezinezkoa izan da APIa erabiliz oraingo erregistroak antzematea: {error}", + "domain_dns_push_already_up_to_date": "Ezarpenak egunean daude, ez dago zereginik.", + "domain_config_features_disclaimer": "Oraingoz, posta elektronikoa edo XMPP funtzioak gaitu/desgaitzeak DNS ezarpenei soilik eragiten die, ez sistemaren konfigurazioari!", + "domain_config_mail_out": "Bidalitako mezuak", + "domain_config_xmpp": "Bat-bateko mezularitza (XMPP)", + "global_settings_bad_choice_for_enum": "{setting} ezarpenerako aukera okerra. '{choice}' ezarri da baina hauek dira aukerak: {available_choices}", + "global_settings_setting_security_postfix_compatibility": "Bateragarritasun eta segurtasun arteko gatazka Postfix zerbitzarirako. Zifraketari eragiten dio (eta segurtasunari lotutako beste kontu batzuei)", + "global_settings_setting_security_ssh_compatibility": "Bateragarritasun eta segurtasun arteko gatazka SSH zerbitzarirako. Zifraketari eragiten dio (eta segurtasunari lotutako beste kontu batzuei)", + "good_practices_about_user_password": "Erabiltzaile-pasahitz berria ezartzear zaude. Pasahitzak zortzi karaktere izan beharko lituzke gutxienez, baina gomendagarria da pasahitz luzeagoa erabiltzea (esaldi bat, esaterako) edota karaktere desberdinak erabiltzea (hizki larriak, txikiak, zenbakiak eta karaktere bereziak).", + "group_cannot_edit_all_users": "'all_users' taldea ezin da eskuz moldatu. YunoHosten izena emanda dauden erabiltzaile guztiak barne dituen talde berezia da", + "invalid_number": "Zenbaki bat izan behar da", + "ldap_attribute_already_exists": "'{attribute}' LDAP funtzioa existitzen da dagoeneko eta '{value}' balioa dauka", + "log_app_change_url": "'{}' aplikazioaren URLa aldatu", + "log_app_config_set": "Ezarri '{}' aplikazioko konfigurazioa", + "downloading": "Deskargatzen…", + "log_available_on_yunopaste": "Erregistroa {url} estekan ikus daiteke", + "log_dyndns_update": "Eguneratu YunoHosten '{}' domeinuari lotutako IP helbidea", + "log_letsencrypt_cert_install": "Instalatu Let's Encrypt ziurtagiria '{}' domeinurako", + "log_selfsigned_cert_install": "Instalatu '{}' domeinurako norberak sinatutako ziurtagiria", + "diagnosis_mail_ehlo_wrong": "Zurea ez den SMTP posta zerbitzari batek erantzun du IPv{ipversion}an. Litekeena da zure zerbitzariak posta elektronikorik jaso ezin izatea.", + "log_tools_upgrade": "Eguneratu sistemaren paketeak", + "log_tools_reboot": "Berrabiarazi zerbitzaria", + "diagnosis_mail_queue_unavailable": "Ezinezkoa da ilaran zenbat posta elektroniko dauden kontsultatzea", + "log_user_create": "Gehitu '{}' erabiltzailea", + "group_cannot_edit_visitors": "'bisitariak' taldea ezin da eskuz moldatu. Saiorik hasi gabeko bisitariak barne hartzen dituen talde berezia da", + "diagnosis_ram_verylow": "RAM memoriaren {available} baino ez ditu erabilgarri sistemak; memoria guztiaren ({total}) %{available_percent}a bakarrik!", + "diagnosis_ram_low": "RAM memoriaren {available} ditu erabilgarri sistemak; memoria guztiaren ({total}) %{available_percent}a. Adi ibili.", + "diagnosis_ram_ok": "RAM memoriaren {available} ditu oraindik erabilgarri sistemak; memoria guztiaren ({total}) %{available_percent}a.", + "diagnosis_swap_none": "Sistemak ez du swap-ik. Gutxienez {recommended} izaten saiatu beharko zinateke, sistema memoriarik gabe gera ez dadin.", + "diagnosis_swap_ok": "Sistemak {total} swap dauzka!", + "diagnosis_regenconf_allgood": "Konfigurazio-fitxategi guztiak bat datoz gomendatutako ezarpenekin!", + "diagnosis_regenconf_manually_modified": "Dirudienez {file} konfigurazio fitxategia eskuz aldatu da.", + "diagnosis_security_vulnerable_to_meltdown": "Badirudi Meltdown izeneko segurtasun arazo larriak eragin diezazukela", + "diagnosis_ports_could_not_diagnose": "Ezinezkoa izan da atakak IPv{ipversion} erabiliz kanpotik eskuragarri dauden egiaztatzea.", + "diagnosis_ports_ok": "{port}. ataka eskuragarri dago kanpotik.", + "diagnosis_unknown_categories": "Honako atalak ez dira ezagutzen: {categories}", + "diagnosis_services_running": "{service} zerbitzua martxan dago!", + "log_app_action_run": "'{}' aplikazioaren eragiketa exekutatu", + "diagnosis_never_ran_yet": "Badirudi zerbitzari hau duela gutxi konfiguratu dela eta oraindik ez dago erakusteko diagnostikorik. Diagnostiko osoa abiarazi beharko zenuke, administrazio-webgunetik edo 'yunohost diagnosis run' komandoa exekutatuz.", + "diagnosis_mail_outgoing_port_25_blocked": "SMTP posta zerbitzariak ezin ditu posta elektronikoak bidali 25. ataka itxita dagoelako IPv{ipversion}n.", + "diagnosis_mail_outgoing_port_25_blocked_details": "Lehenik eta behin operadorearen routerreko aukeretan saiatu beharko zinateke 25. ataka desblokeatzen. (Hosting enpresaren arabera, beraiekin harremanetan jartzea beharrezkoa izango da).", + "diagnosis_mail_ehlo_wrong_details": "Kanpo-diagnostikatzaileak IPv{ipversion}an jaso duen EHLOa eta zure zerbitzariaren domeinukoa ez datoz bat.
Jasotako EHLOa: {wrong_ehlo}
Esperotakoa: {right_ehlo}
Arazo honen zergati ohikoena 25. ataka zuzen konfiguratuta ez egotea da. Edo agian suebaki edo reverse-proxya oztopo izan daiteke.", + "diagnosis_mail_fcrdns_different_from_ehlo_domain": "Alderantzizko DNSa ez dago zuzen konfiguratuta IPv{ipversion}an. Litekeena da hartzaileak posta elektroniko batzuk jaso ezin izatea edo mezuok spam modura etiketatuak izatea.", + "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "Oraingo alderantzizko DNSa: {rdns_domain}
Esperotako balioa: {ehlo_domain}", + "diagnosis_mail_queue_too_big": "Mezu gehiegi posta elektronikoaren ilaran: ({nb_pending} mezu)", + "diagnosis_ports_could_not_diagnose_details": "Errorea: {error}", + "diagnosis_swap_tip": "Mesedez, kontuan hartu zerbitzari honen swap memoria SD edo SSD euskarri batean gordetzeak euskarri horren bizi-iraupena izugarri laburtu dezakeela.", + "invalid_regex": "'Regexa' ez da zuzena: '{regex}'", + "group_creation_failed": "Ezinezkoa izan da '{group}' taldea sortzea: {error}", + "log_user_permission_reset": "Berrezarri '{}' baimena", + "group_cannot_edit_primary_group": "'{group}' taldea ezin da eskuz moldatu. Erabiltzaile zehatz bakar bat duen talde nagusia da.", + "diagnosis_swap_notsomuch": "Sistemak {total} swap baino ez ditu. Gutxienez {recommended} izaten saiatu beharko zinateke sistema memoriarik gabe gera ez dadin.", + "diagnosis_security_vulnerable_to_meltdown_details": "Arazoa konpontzeko, sistema eguneratu eta berrabiarazi beharko zenuke linux-en kernel berriagoa erabiltzeko (edo zerbitzariaren arduradunarekin jarri harremanetan). Ikus https://meltdownattack.com/ argibide gehiagorako.", + "diagnosis_services_conf_broken": "{service} zerbitzuko konfigurazioa hondatuta dago!", + "diagnosis_services_bad_status_tip": "Zerbitzua berrabiarazten saia zaitezke eta nahikoa ez bada, aztertu zerbitzuaren erregistroa administrazio-atarian. (komandoak nahiago badituzu yunohost service restart {service} eta yunohost service log {service} hurrenez hurren).", + "diagnosis_mail_ehlo_unreachable_details": "Ezinezkoa izan da zure zerbitzariko 25. atakari konektatzea IPv{ipversion} erabiliz. Badirudi ez dagoela eskuragarri.
1. Arazo honen zergati ohikoena 25. ataka egoki birbideratuta ez egotea da.
2. Egiaztatu postfix zerbitzua martxan dagoela.
3. Konfigurazio konplexuagoetan: egiaztatu suebaki edo reverse-proxyak konexioa oztopatzen ez dutela.", + "group_already_exist_on_system_but_removing_it": "{group} taldea existitzen da sistemaren taldeetan, baina YunoHostek ezabatuko du…", + "diagnosis_mail_fcrdns_nok_details": "Lehenik eta behin zure routerraren konfigurazio gunean edo hostingaren enpresaren aukeretan alderantzizko DNSa konfiguratzen saiatu beharko zinateke {ehlo_domain} erabiliz. (Hosting enpresaren arabera, ezinbestekoa da beraiekin harremanetan jartzea).", + "diagnosis_mail_outgoing_port_25_ok": "SMTP posta zerbitzaria posta elektronikoa bidaltzeko gai da (25. atakaren irteera ez dago blokeatuta).", + "diagnosis_ports_partially_unreachable": "{port}. ataka ez dago eskuragarri kanpotik Pv{failed} erabiliz.", + "diagnosis_ports_forwarding_tip": "Arazoa konpontzeko, litekeena da operadorearen routerrean ataken birbideraketa konfiguratu behar izatea, https://yunohost.org/isp_box_config-n agertzen den bezala", + "domain_creation_failed": "Ezinezkoa izan da {domain} domeinua sortzea: {error}", + "domains_available": "Erabilgarri dauden domeinuak:", + "global_settings_setting_pop3_enabled": "Gaitu POP3 protokoloa posta zerbitzarirako", + "global_settings_setting_security_ssh_port": "SSH ataka", + "global_settings_unknown_type": "Gertaera ezezaguna, {setting} ezarpenak {unknown_type} mota duela dirudi baina mota hori ez da sistemarekin bateragarria.", + "group_already_exist_on_system": "{group} taldea existitzen da dagoeneko sistemaren taldeetan", + "diagnosis_processes_killed_by_oom_reaper": "Memoria agortu eta sistemak prozesu batzuk amaituarazi behar izan ditu. Honek esan nahi du sistemak ez duela memoria nahikoa edo prozesuren batek memoria gehiegi behar duela. Amaituarazi d(ir)en prozesua(k):\n{kills_summary}", + "hook_exec_not_terminated": "Aginduak ez du behar bezala amaitu: {path}", + "log_corrupted_md_file": "Erregistroei lotutako YAML metadatu fitxategia kaltetuta dago: '{md_file}\nErrorea: {error}'", + "log_letsencrypt_cert_renew": "Berriztu '{}' Let's Encrypt ziurtagiria", + "log_remove_on_failed_restore": "Ezabatu '{}' babeskopia baten lehengoratzeak huts egin eta gero", + "diagnosis_package_installed_from_sury_details": "Sury izena duen kanpoko biltegi batetik instalatu dira pakete batzuk, nahi gabe. YunoHosten taldeak hobekuntzak egin ditu pakete hauek kudeatzeko, baina litekeena da PHP7.3 aplikazioak Stretch sistema eragilean instalatu zituzten kasu batzuetan arazoak sortzea. Egoera hau konpontzeko, honako komando hau exekutatu beharko zenuke: {cmd_to_fix}", + "log_help_to_get_log": "'{desc}' eragiketaren erregistroa ikusteko, exekutatu 'yunohost log show {name}'", + "dpkg_is_broken": "Ezin duzu une honetan egin dpkg/APT (sistemaren pakateen kudeatzaileak) hondatutako itxura dutelako… Arazoa konpontzeko SSH bidez konektatzen saia zaitezke eta ondoren exekutatu 'sudo apt install --fix-broken' edota 'sudo dpkg --configure -a'.", + "domain_cannot_remove_main": "Ezin duzu '{domain}' ezabatu domeinu nagusia delako. Beste domeinu bat ezarri beharko duzu nagusi bezala 'yunohost domain main-domain -n ' erabiliz; honako hauek dituzu aukeran: {other_domains}", + "domain_created": "Sortu da domeinua", + "domain_dyndns_already_subscribed": "Dagoeneko izena eman duzu DynDNS domeinu batean", + "domain_hostname_failed": "Ezinezkoa izan da hostname berria ezartzea. Honek arazoak ekar litzake etorkizunean (litekeena da ondo egotea).", + "domain_uninstall_app_first": "Honako aplikazio hauek domeinuan instalatuta daude:\n{apps}\n\nMesedez, desinstalatu 'yunohost app remove the_app_id' ezekutatuz edo alda itzazu beste domeinu batera 'yunohost app change-url the_app_id' erabiliz domeinua ezabatu baino lehen", + "file_does_not_exist": "{path} fitxategia ez da existitzen.", + "firewall_rules_cmd_failed": "Suebakiko arau batzuen exekuzioak huts egin du. Informazio gehiago erregistroetan.", + "log_app_remove": "Ezabatu '{}' aplikazioa", + "global_settings_cant_open_settings": "Ezinezkoa izan da konfigurazio fitxategia irekitzea, zergatia: {reason}", + "global_settings_reset_success": "Lehengo ezarpenak {path}-n gorde dira", + "global_settings_unknown_setting_from_settings_file": "Gako ezezaguna ezarpenetan: '{setting_key}', baztertu eta gorde ezazu hemen: /etc/yunohost/settings-unknown.json", + "domain_remove_confirm_apps_removal": "Domeinu hau ezabatzean aplikazio hauek desinstalatuko dira:\n{apps}\n\nZiur al zaude? [{answers}]", + "global_settings_setting_service_ssh_allow_deprecated_dsa_hostkey": "Baimendu DSA gakoa (zaharkitua) SSH zerbitzuaren konfiguraziorako", + "hook_list_by_invalid": "Aukera hau ezin da 'hook'ak zerrendatzeko erabili", + "installation_complete": "Instalazioa amaitu da", + "hook_exec_failed": "Ezinezkoa izan da agindua exekutatzea: {path}", + "hook_json_return_error": "Ezin izan da {path} aginduaren erantzuna irakurri. Errorea: {msg}. Jatorrizko edukia: {raw_content}", + "ip6tables_unavailable": "Ezin dituzu ip6taulak hemen moldatu; edukiontzi bat erabiltzen ari zara edo kernelak ez du aukera hau onartzen", + "log_link_to_log": "Eragiketa honen erregistro osoa: '{desc}'", + "log_operation_unit_unclosed_properly": "Eragiketa ez da modu egokian itxi", + "log_backup_restore_app": "Lehengoratu '{}' babeskopia fitxategi bat erabiliz", + "log_remove_on_failed_install": "Ezabatu '{}' instalazioak huts egin ondoren", + "log_domain_add": "Gehitu '{}' domeinua sistemaren konfiguraziora", + "log_dyndns_subscribe": "Eman izena YunoHosten '{}' azpidomeinuan", + "diagnosis_no_cache": "Oraindik ez dago '{category}' atalerako diagnostikoaren cacherik", + "diagnosis_mail_queue_ok": "Posta elektronikoaren ilaran zain dauden mezuak: {nb_pending}", + "global_settings_setting_smtp_relay_user": "SMTP relay erabiltzailea", + "domain_cert_gen_failed": "Ezinezkoa izan da ziurtagiria sortzea", + "field_invalid": "'{}' ez da baliogarria", + "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Operadore batzuei bost axola zaie internetaren neutraltasuna (Net Neutrality) eta ez dute 25. ataka desblokeatzen uzten.
- Operadore batzuek relay posta zerbitzari bat eskaini dezakete, baina kasu horretan zure posta elektronikoa zelatatu dezakete.
- Pribatutasuna bermatzeko *IP publikoa* duen VPN bat erabiltzea izan daiteke irtenbidea. Ikus https://yunohost.org/#/vpn_advantage
- Edo operadore desberdin batera aldatu", + "ldap_server_down": "Ezin izan da LDAP zerbitzarira konektatu", + "ldap_server_is_down_restart_it": "LDAP zerbitzaria ez dago martxan, saia zaitez berrabiarazten…", + "log_app_upgrade": "'{}' aplikazioa eguneratu", + "log_tools_shutdown": "Itzali zerbitzaria", + "log_user_permission_update": "Eguneratu '{}' baimenerako sarbideak", + "log_user_update": "Eguneratu '{}' erabiltzailearen informazioa", + "dyndns_no_domain_registered": "Ez dago DynDNSrekin izena emandako domeinurik", + "global_settings_bad_type_for_setting": "{setting} ezarpenerako mota okerra. {received_type} ezarri da, {expected_type} espero zen", + "diagnosis_mail_fcrdns_dns_missing": "Ez da alderantzizko DNSrik ezarri IPv{ipversion}rako. Litekeena da hartzaileak posta elektroniko batzuk jaso ezin izatea edo mezuok spam modura etiketatuak izatea.", + "log_backup_create": "Sortu babeskopia fitxategia", + "global_settings_setting_backup_compress_tar_archives": "Babeskopia berriak sortzean, konprimitu fitxategiak (.tar.gz) konprimitu gabeko fitxategien (.tar) ordez. Aukera hau gaitzean babeskopiek espazio gutxiago beharko dute, baina hasierako prozesua luzeagoa izango da eta CPUari lan handiagoa eragingo dio.", + "global_settings_setting_security_webadmin_allowlist": "Administrazio-ataria bisita dezaketen IP helbideak, koma bidez bereiziak.", + "global_settings_key_doesnt_exists": "'{settings_key}' gakoa ez da existitzen konfigurazio orokorrean; erabilgarri dauden gakoak ikus ditzakezu 'yunohost settings list' exekutatuz", + "global_settings_setting_ssowat_panel_overlay_enabled": "Gaitu SSOwat paneleko \"overlay\"a", + "log_backup_restore_system": "Lehengoratu sistema babeskopia fitxategi batetik", + "log_domain_remove": "Ezabatu '{}' domeinua sistemaren ezarpenetatik", + "log_link_to_failed_log": "Ezinezkoa izan da '{desc}' eragiketa exekutatzea. Mesedez, laguntza nahi izanez gero, partekatu erakigeta honen erregistro osoa hemen sakatuz", + "log_permission_url": "Eguneratu '{}' baimenari lotutako URLa", + "log_user_group_create": "Sortu '{}' taldea", + "permission_creation_failed": "Ezinezkoa izan da '{permission}' baimena sortzea: {error}", + "permission_not_found": "Ez da '{permission}' baimena aurkitu", + "pattern_lastname": "Abizen horrek ez du balio", + "permission_deleted": "'{permission}' baimena ezabatu da", + "service_disabled": "'{service}' zerbitzua ez da etorkizunean zerbitzaria abiaraztearekin batera exekutatuko.", + "unexpected_error": "Ezusteko zerbaitek huts egin du: {error}", + "updating_apt_cache": "Sistemaren paketeen eguneraketak eskuratzen…", + "mail_forward_remove_failed": "Ezinezkoa izan da '{mail}' posta elektronikoko birbidalketa ezabatzea", + "migration_ldap_migration_failed_trying_to_rollback": "Ezinezkoa izan da migratzea… sistema lehengoratzen saiatzen.", + "migrations_exclusive_options": "'--auto', '--skip', eta '--force-rerun' aukerek batak bestea baztertzen du.", + "migrations_running_forward": "{id} migrazioa exekutatzen…", + "regenconf_dry_pending_applying": "'{category}' atalari dagokion konfigurazioa egiaztatzen…", + "regenconf_file_backed_up": "'{conf} konfigurazio fitxategia '{backup}' babeskopian kopiatu da", + "regenconf_file_manually_modified": "'{conf}' konfigurazio fitxategia eskuz moldatu da eta ez da eguneratuko", + "regenconf_file_updated": "'{conf}' konfigurazio fitxategia eguneratu da", + "regenconf_updated": "'{category}' atalerako ezarpenak eguneratu dira", + "service_started": "'{service}' zerbitzua abiarazi da", + "show_tile_cant_be_enabled_for_regex": "Ezin duzu 'show_tile' gaitu une honetan, '{permission}' baimenerako URLa regex delako", + "unknown_main_domain_path": "{app} aplikaziorako domeinu edo bide ezezaguna. Domeinua eta bidea zehaztu behar dituzu baimena emateko URLa ahalbidetzeko.", + "user_import_partial_failed": "Erabiltzaileak inportatzeko eragiketak erdizka huts egin du", + "user_import_success": "Erabiltzaileak arazorik gabe inportatu dira", + "yunohost_already_installed": "YunoHost instalatuta dago dagoeneko", + "migrations_success_forward": "{id} migrazioak amaitu du", + "migrations_to_be_ran_manually": "{id} migrazioa eskuz abiarazi behar da. Mesedez, joan Erramintak → Migrazioak atalera administrazio-atarian edo bestela exekutatu 'yunohost tools migrations run'.", + "permission_currently_allowed_for_all_users": "Baimen hau erabiltzaile guztiei esleitzen zaie eta baita beste talde batzuei ere. Litekeena da 'all users' baimena edo esleituta duten taldeei baimena kendu nahi izatea.", + "permission_require_account": "'{permission}' baimena zerbitzarian kontua duten erabiltzaileentzat da eta, beraz, ezin da gaitu bisitarientzat.", + "postinstall_low_rootfsspace": "'root' fitxategi-sistemak 10 GB edo espazio gutxiago dauka, kezkatzekoa dena! Litekeena da espaziorik gabe geratzea aurki! Gomendagarria da 'root' fitxategi-sistemak gutxienez 16 GB libre izatea. Jakinarazpen honen ondoren YunoHost instalatzen jarraitu nahi baduzu, berrabiarazi agindua '--force-diskspace' gehituz", + "this_action_broke_dpkg": "Eragiketa honek dpkg/APT (sistemaren pakete kudeatzaileak) kaltetu ditu… Arazoa konpontzeko SSH bidez konektatu eta 'sudo apt install --fix-broken' edota 'sudo dpkg --configure -a' exekutatu dezakezu.", + "user_import_bad_line": "{line} lerro okerra: {details}", + "restore_complete": "Lehengoratzea amaitu da", + "restore_extracting": "Behar diren fitxategiak ateratzen…", + "regenconf_would_be_updated": "'{category}' atalerako konfigurazioa eguneratu izango litzatekeen", + "migrations_dependencies_not_satisfied": "Exekutatu honako migrazioak: '{dependencies_id}', {id} migratu baino lehen.", + "permission_created": "'{permission}' baimena sortu da", + "regenconf_now_managed_by_yunohost": "'{conf}' konfigurazio fitxategia YunoHostek kudeatzen du orain ({category} atala).", + "service_enabled": "'{service}' zerbitzua ez da automatikoki exekutatuko sistema abiaraztean.", + "service_removed": "'{service}' zerbitzua ezabatu da", + "service_restart_failed": "Ezin izan da '{service}' zerbitzua berrabiarazi\n\nZerbitzuen azken erregistroak: {logs}", + "service_restarted": "'{service}' zerbitzua berrabiarazi da", + "service_start_failed": "Ezin izan da '{service}' zerbitzua abiarazi\n\nZerbitzuen azken erregistroak: {logs}", + "ssowat_conf_updated": "SSOwat ezarpenak eguneratu dira", + "update_apt_cache_failed": "Ezin da APT Debian-en pakete kudeatzailearen cachea eguneratu. Hemen dituzu sources.list fitxategiaren lerroak, arazoa identifikatzeko baliagarria izan dezakezuna:\n{sourceslist}", + "update_apt_cache_warning": "Zerbaitek huts egin du APT Debian-en pakete kudeatzailearen cachea eguneratzean. Hemen dituzu sources.list fitxategiaren lerroak, arazoa identifikatzeko baliagarria izan dezakezuna:\n{sourceslist}", + "user_created": "Erabiltzailea sortu da", + "user_deletion_failed": "Ezin izan da '{user}' ezabatu: {error}", + "permission_updated": "'{permission}' baimena moldatu da", + "ssowat_conf_generated": "SSOwat ezarpenak berregin dira", + "system_upgraded": "Sistema eguneratu da", + "upnp_port_open_failed": "Ezin izan da UPnP bidez ataka zabaldu", + "user_creation_failed": "Ezin izan da '{user}' erabiltzailea sortu: {error}", + "user_deleted": "Erabiltzailea ezabatu da", + "main_domain_changed": "Domeinu nagusia aldatu da", + "migrations_already_ran": "Honako migrazio hauek amaitu dute dagoeneko: {ids}", + "yunohost_installing": "YunoHost instalatzen…", + "migrations_failed_to_load_migration": "Ezinezkoa izan da {id} migrazioa kargatzea: {error}", + "migrations_must_provide_explicit_targets": "'--skip' edo '--force-rerun' aukerak erabiltzean jomuga zehatzak zehaztu behar dituzu", + "migrations_pending_cant_rerun": "Migrazio hauek exekutatzeke daude eta, beraz, ezin dira berriro abiarazi: {ids}", + "regenconf_file_kept_back": "'{conf}' konfigurazio fitxategia regen-conf-ek ({category} atala) ezabatzekoa zen baina mantendu egin da.", + "regenconf_file_removed": "'{conf}' konfigurazio fitxategia ezabatu da", + "permission_already_allowed": "'{group} taldeak badauka dagoeneko '{permission}' baimena", + "permission_cant_add_to_all_users": "{permission} baimena ezin da erabiltzaile guztiei ezarri.", + "mailbox_disabled": "Posta elektronikoa desgaituta dago {user} erabiltzailearentzat", + "operation_interrupted": "Eragiketa eskuz geldiarazi da?", + "permission_already_exist": "'{permission}' baimena existitzen da dagoeneko", + "regenconf_pending_applying": "'{category}' atalerako konfigurazioa ezartzen…", + "user_import_nothing_to_do": "Ez dago erabiltzaileak inportatu beharrik", + "mailbox_used_space_dovecot_down": "Dovecot mailbox zerbitzua martxan egon behar da postak erabilitako espazioa ezagutzeko", + "other_available_options": "… eta erakusten ez diren beste {n} aukera daude", + "permission_cannot_remove_main": "Ezin da baimen nagusi bat kendu", + "service_not_reloading_because_conf_broken": "Ez da '{name}' zerbitzua birkargatu/berrabiarazi konfigurazioa kaltetuta dagoelako: {errors}", + "service_reloaded": "'{service}' zerbitzua birkargatu da", + "service_reloaded_or_restarted": "'{service}' zerbitzua birkargatu edo berrabiarazi da", + "user_import_bad_file": "CSV fitxategiak ez du formatu egokia eta ekidingo da balizko datuen galera saihesteko", + "user_import_failed": "Erabiltzaileak inportatzeko eragiketak huts egin du", + "user_import_missing_columns": "Ondorengo zutabeak falta dira: {columns}", + "service_disable_failed": "Ezin izan da '{service}' zerbitzua geldiarazi zerbitzaria abiaraztean.\n\nZerbitzuen erregistro berrienak: {logs}", + "migrations_skip_migration": "{id} migrazioa saihesten…", + "upnp_disabled": "UPnP itzalita dago", + "main_domain_change_failed": "Ezinezkoa izan da domeinu nagusia aldatzea", + "regenconf_failed": "Ezinezkoa izan da ondorengo atal(ar)en konfigurazioa berregitea: {categories}", + "pattern_email_forward": "Helbide elektroniko baliagarri bat izan behar da, '+' karakterea onartzen da (adibidez: izena+urtea@domeinua.eus)", + "regenconf_file_manually_removed": "'{conf}' konfigurazio fitxategia eskuz ezabatu da eta ez da berriro sortuko", + "regenconf_up_to_date": "Konfigurazioa egunean dago dagoeneko '{category}' atalerako", + "migrations_no_such_migration": "Ez dago '{id}' izeneko migraziorik", + "migrations_not_pending_cant_skip": "Migrazio hauek ez daude exekutatzeke eta, beraz, ezin dira saihestu: {ids}", + "regex_with_only_domain": "Ezin duzu regex domeinuetarako erabili; bideetarako bakarrik", + "port_already_closed": "{port}. ataka itxita dago dagoeneko {ip_version} konexioetarako", + "regenconf_file_copy_failed": "Ezinezkoa izan da '{new}' konfigurazio fitxategi berria '{conf}'-(e)n kopiatzea", + "regenconf_file_remove_failed": "Ezinezkoa izan da '{conf}' konfigurazio fitxategia ezabatzea", + "server_shutdown_confirm": "Zerbitzaria berehala itzaliko da, ziur al zaude? [{answers}]", + "restore_already_installed_app": "'{app}' IDa duen aplikazioa dagoeneko instalatuta dago", + "service_description_postfix": "Posta elektronikoa bidali eta jasotzeko erabiltzen da", + "service_enable_failed": "Ezin izan da '{service}' zerbitzua sistema abiaraztearekin batera exekutatzea lortu.\n\nZerbitzuen erregistro berrienak: {logs}", + "system_username_exists": "Erabiltzaile izena existitzen da dagoeneko sistemaren erabiltzaileen zerrendan", + "user_already_exists": "'{user}' erabiltzailea existitzen da dagoeneko", + "mail_domain_unknown": "Ezinezkoa da posta elektroniko hori '{domain}' domeinurako erabiltzea. Mesedez, erabili zerbitzari honek kudeatzen duen domeinu bat.", + "migrations_list_conflict_pending_done": "Ezin dituzu '--previous' eta '--done' aldi berean erabili.", + "migrations_loading_migration": "{id} migrazioa kargatzen…", + "migrations_no_migrations_to_run": "Ez dago exekutatzeko migraziorik", + "password_listed": "Pasahitz hau munduan erabilienetarikoa da. Mesedez, aukeratu bereziagoa den beste bat.", + "password_too_simple_2": "Pasahitzak zortzi karaktere izan behar ditu gutxienez eta zenbakiren bat, hizki larriren bat eta txikiren bat izan behar ditu", + "pattern_firstname": "Izen horrek ez du balio", + "pattern_password": "Gutxienez hiru karaktere izan behar ditu", + "restore_failed": "Ezin izan da sistema lehengoratu", + "restore_removing_tmp_dir_failed": "Ezinezkoa izan da behin-behineko direktorio zaharra ezabatzea", + "restore_running_app_script": "'{app}' aplikazioa lehengoratzen…", + "root_password_replaced_by_admin_password": "Administrazio-pasahitzak root pasahitza ordezkatu du.", + "service_description_fail2ban": "Internetetik datozen bortxaz egindako saiakerak eta bestelako erasoak ekiditen ditu", + "service_description_ssh": "Zerbitzarira sare lokaletik kanpo konektatzea ahalbidetzen du (SSH protokoloa)", + "service_description_yunohost-firewall": "Zerbitzuen konexiorako atakak ireki eta ixteko kudeatzailea da", + "service_remove_failed": "Ezin izan da '{service}' zerbitzua ezabatu", + "service_reload_failed": "Ezin izan da '{service}' zerbitzua birkargatu\n\nZerbitzuen erregistro berrienak: {logs}", + "service_reload_or_restart_failed": "Ezin izan da '{service}' zerbitzua birkargatu edo berrabiarazi\n\nZerbitzuen erregistro berrienak: {logs}", + "service_stopped": "'{service}' zerbitzua geldiarazi da", + "unbackup_app": "{app} ez da gordeko", + "unrestore_app": "{app} ez da lehengoratuko", + "upgrade_complete": "Eguneraketa amaitu da", + "upgrading_packages": "Paketeak eguneratzen…", + "upnp_dev_not_found": "Ez da UPnP gailurik aurkitu", + "user_update_failed": "Ezin izan da {user} erabiltzailea eguneratu: {error}", + "user_updated": "Erabiltzailearen informazioa aldatu da", + "yunohost_configured": "YunoHost konfiguratuta dago", + "service_description_yunomdns": "Sare lokalean zerbitzarira 'yunohost.local' erabiliz konektatzea ahalbidetzen du", + "mail_alias_remove_failed": "Ezin izan da '{mail}' e-mail ezizena ezabatu", + "mail_unavailable": "Helbide elektroniko hau lehenengo erabiltzailearentzat gorde da eta hari ezarri zaio automatikoki", + "migration_ldap_backup_before_migration": "Sortu LDAP datubase eta aplikazioen ezarpenen babeskopia migrazioa abiarazi baino lehen.", + "migration_ldap_can_not_backup_before_migration": "Sistemaren babeskopiak ez du amaitu migrazioak huts egin baino lehen. Errorea: {error}", + "migrations_migration_has_failed": "{id} migrazioak ez du amaitu, geldiarazten. Errorea: {exception}", + "migrations_need_to_accept_disclaimer": "{id} migrazioa abiarazteko, ondorengo baldintzak onartu behar dituzu:\n---\n{disclaimer}\n---\nMigrazioa onartzen baduzu, mesedez berrabiarazi prozesua komandoan '--accept-disclaimer' aukera gehituz.", + "not_enough_disk_space": "Ez dago nahikoa espazio librerik '{path}'-n", + "password_too_simple_3": "Pasahitzak zortzi karaktere izan behar ditu gutxienez eta zenbakiren bat, hizki larriren bat, txikiren bat eta karaktere bereziren bat izan behar ditu", + "pattern_backup_archive_name": "Fitxategiaren izenak 30 karaktere izan ditzake gehienez, alfanumerikoak eta ._- baino ez", + "pattern_domain": "Domeinu izen baliagarri bat izan behar da (adibidez: nire-domeinua.eus)", + "pattern_mailbox_quota": "Tamainak b/k/M/G/T zehaztu behar du edo 0 mugarik ezarri nahi ez bada", + "pattern_password_app": "Barka, baina pasahitzek ezin dituzte ondorengo karaktereak izan: {forbidden_chars}", + "pattern_port_or_range": "Ataka zenbaki (0-65535) edo errenkada (100:200) baliagarri bat izan behar da", + "permission_already_disallowed": "'{group}' taldeak desgaituta dauka dagoeneko '{permission} baimena", + "permission_already_up_to_date": "Baimena ez da eguneratu egindako eskaria egungo egoerarekin bat datorrelako.", + "permission_protected": "'{permission}' baimena babestuta dago. Ezin duzu bisitarien taldea baimen honetara gehitu / baimen honetatik kendu.", + "permission_update_failed": "Ezinezkoa izan da '{permission}' baimena aldatzea: {error}", + "port_already_opened": "{port}. ataka dagoeneko irekita dago {ip_version} konexioetarako", + "user_home_creation_failed": "Ezin izan da erabiltzailearentzat '{home}' direktorioa sortu", + "user_unknown": "Erabiltzaile ezezaguna: {user}", + "yunohost_postinstall_end_tip": "Instalazio ondorengo prozesua amaitu da! Sistemaren konfigurazioa bukatzeko:\n- gehitu erabiltzaile bat administrazio-atariko 'Erabiltzaileak' atalean (edo 'yunohost user create ' komandoa erabiliz);\n- erabili 'Diagnostikoak' atala ohiko arazoei aurre hartzeko. Administrazio-atarian abiarazi edo 'yunohost diagnosis run' exekutatu;\n- irakurri 'Finalizing your setup' eta 'Getting to know YunoHost' atalak. Dokumentazioan aurki ditzakezu: https://yunohost.org/admindoc.", + "yunohost_not_installed": "YunoHost ez da zuzen instalatu. Mesedez, exekutatu 'yunohost tools postinstall'", + "unlimit": "Mugarik ez", + "restore_already_installed_apps": "Ondorengo aplikazioak ezin dira lehengoratu dagoeneko instalatuta daudelako: {apps}", + "password_too_simple_4": "Pasahitzak 12 karaktere izan behar ditu gutxienez eta zenbakiren bat, hizki larriren bat, txikiren bat eta karaktere bereziren bat izan behar ditu", + "pattern_email": "Helbide elektroniko baliagarri bat izan behar da, '+' karaktererik gabe (adibidez: izena@domeinua.eus)", + "pattern_username": "Txikiz idatzitako karaktere alfanumerikoak eta azpiko marra soilik eduki ditzake", + "permission_deletion_failed": "Ezinezkoa izan da '{permission}' baimena ezabatzea: {error}", + "migration_ldap_rollback_success": "Sistema lehengoratu da.", + "regenconf_need_to_explicitly_specify_ssh": "SSH ezarpenak eskuz aldatu dira, baina aldaketak erabiltzeko '--force' zehaztu behar duzu 'ssh' atalean.", + "regex_incompatible_with_tile": "/!\\ Pakete-arduradunak! {permission}' baimenak show_tile aukera 'true' bezala dauka eta horregatik ezin duzue regex URLa URL nagusi bezala ezarri", + "root_password_desynchronized": "Administrariaren pasahitza aldatu da baina YunoHostek ezin izan du aldaketa root pasahitzera hedatu!", + "server_shutdown": "Zerbitzaria itzaliko da", + "service_stop_failed": "Ezin izan da '{service}' zerbitzua geldiarazi\n\nZerbitzuen azken erregistroak: {logs}", + "service_unknown": "'{service}' zerbitzu ezezaguna", + "show_tile_cant_be_enabled_for_url_not_defined": "Ezin duzu 'show_tile' gaitu une honetan, '{permission}' baimenerako URL bat zehaztu behar duzulako", + "upnp_enabled": "UPnP piztuta dago", + "restore_nothings_done": "Ez da ezer lehengoratu", + "restore_backup_too_old": "Babeskopia fitxategi hau ezin da lehengoratu YunoHosten bertsio zaharregi batetik datorrelako.", + "restore_hook_unavailable": "'{part}'-(e)rako lehengoratze agindua ez dago erabilgarri ez sisteman ezta fitxategian ere", + "restore_cleaning_failed": "Ezin izan dira lehengoratzeko behin-behineko fitxategiak ezabatu", + "restore_confirm_yunohost_installed": "Ziur al zaude dagoeneko instalatuta dagoen sistema lehengoratu nahi duzula? [{answers}]", + "restore_may_be_not_enough_disk_space": "Badirudi zure sistemak ez duela nahikoa espazio (erabilgarri: {free_space} B, beharrezkoa {needed_space} B, segurtasuneko tartea: {margin} B)", + "restore_not_enough_disk_space": "Ez dago nahikoa espazio (erabilgarri: {free_space} B, beharrezkoa {needed_space} B, segurtasuneko tartea: {margin} B)", + "restore_running_hooks": "Lehengoratzeko 'hook'ak exekutatzen…", + "restore_system_part_failed": "Ezinezkoa izan da sistemaren '{part}' atala lehengoratzea", + "server_reboot": "Zerbitzaria berrabiaraziko da", + "server_reboot_confirm": "Zerbitzaria berehala berrabiaraziko da, ziur al zaude? [{answers}]", + "service_add_failed": "Ezinezkoa izan da '{service}' zerbitzua gehitzea", + "service_added": "'{service}' zerbitzua gehitu da", + "service_already_started": "'{service}' zerbitzua matxan dago dagoeneko", + "service_already_stopped": "'{service}' zerbitzua geldiarazi da dagoeneko", + "service_cmd_exec_failed": "Ezin izan da '{command}' komandoa exekutatu", + "service_description_dnsmasq": "Domeinuen izenen ebazpena (DNSa) kudeatzen du", + "service_description_dovecot": "Posta elektronikorako programei mezuak jasotzea ahalbidetzen die (IMAP eta POP3 bidez)", + "service_description_metronome": "Bat-bateko XMPP mezularitza kontuak kudeatzen ditu", + "service_description_mysql": "Aplikazioen datuak gordetzen ditu (SQL datubasea)", + "service_description_nginx": "Zerbitzariak ostatazen dituen webguneak ikusgai egiten ditu", + "service_description_redis-server": "Datuak bizkor atzitzeko, zereginak lerratzeko eta programen arteko komunikaziorako datubase berezi bat da", + "service_description_rspamd": "Spama bahetu eta posta elektronikoarekin zerikusia duten bestelako futzioen ardura dauka", + "service_description_slapd": "Erabiltzaileak, domeinuak eta hauei lotutako informazioa gordetzen du", + "service_description_yunohost-api": "YunoHosten web-atariaren eta sistemaren arteko hartuemana kudeatzen du" } \ No newline at end of file diff --git a/locales/fa.json b/locales/fa.json index f566fed90..fa5045fbb 100644 --- a/locales/fa.json +++ b/locales/fa.json @@ -183,7 +183,6 @@ "app_manifest_install_ask_password": "گذرواژه مدیریتی را برای این برنامه انتخاب کنید", "app_manifest_install_ask_path": "مسیر URL (بعد از دامنه) را انتخاب کنید که این برنامه باید در آن نصب شود", "app_manifest_install_ask_domain": "دامنه ای را انتخاب کنید که این برنامه باید در آن نصب شود", - "app_manifest_invalid": "مشکلی در مانیفست برنامه وجود دارد: {error}", "app_location_unavailable": "این نشانی وب یا در دسترس نیست یا با برنامه (هایی) که قبلاً نصب شده در تعارض است:\n{apps}", "app_label_deprecated": "این دستور منسوخ شده است! لطفاً برای مدیریت برچسب برنامه از فرمان جدید'yunohost به روز رسانی مجوز کاربر' استفاده کنید.", "app_make_default_location_already_used": "نمی توان '{app}' را برنامه پیش فرض در دامنه قرار داد ، '{domain}' قبلاً توسط '{other_app}' استفاده می شود", @@ -199,7 +198,6 @@ "diagnosis_http_connection_error": "خطای اتصال: ارتباط با دامنه درخواست شده امکان پذیر نیست، به احتمال زیاد غیرقابل دسترسی است.", "diagnosis_http_timeout": "زمان تلاش برای تماس با سرور از خارج به پایان رسید. به نظر می رسد غیرقابل دسترسی است.
1. شایع ترین علت برای این مشکل ، پورت 80 است (و 443) به درستی به سرور شما ارسال نمی شوند.
2. همچنین باید مطمئن شوید که سرویس nginx در حال اجرا است
3. در تنظیمات پیچیده تر: مطمئن شوید که هیچ فایروال یا پروکسی معکوسی تداخل نداشته باشد.", "diagnosis_http_ok": "دامنه {domain} از طریق HTTP از خارج از شبکه محلی قابل دسترسی است.", - "diagnosis_http_localdomain": "انتظار نمی رود که دامنه {domain} ، با TLD محلی. از خارج از شبکه محلی به آن دسترسی پیدا کند.", "diagnosis_http_could_not_diagnose_details": "خطا: {error}", "diagnosis_http_could_not_diagnose": "نمی توان تشخیص داد که در IPv{ipversion} دامنه ها از خارج قابل دسترسی هستند یا خیر.", "diagnosis_http_hairpinning_issue_details": "این احتمالاً به دلیل جعبه / روتر ISP شما است. در نتیجه ، افراد خارج از شبکه محلی شما می توانند به سرور شما مطابق انتظار دسترسی پیدا کنند ، اما افراد داخل شبکه محلی (احتمالاً مثل شما؟) هنگام استفاده از نام دامنه یا IP جهانی. ممکن است بتوانید وضعیت را بهبود بخشید با نگاهی به https://yunohost.org/dns_local_network", @@ -348,13 +346,11 @@ "dyndns_ip_updated": "IP خود را در DynDNS به روز کرد", "dyndns_ip_update_failed": "آدرس IP را به DynDNS به روز نکرد", "dyndns_could_not_check_available": "بررسی نشد که آیا {domain} در {provider} در دسترس است یا خیر.", - "dyndns_could_not_check_provide": "بررسی نشد که آیا {provider} می تواند {domain} را ارائه دهد یا خیر.", "dpkg_lock_not_available": "این دستور در حال حاضر قابل اجرا نیست زیرا به نظر می رسد برنامه دیگری از قفل dpkg (مدیر بسته سیستم) استفاده می کند", "dpkg_is_broken": "شما نمی توانید این کار را در حال حاضر انجام دهید زیرا dpkg/APT (اداره کنندگان سیستم بسته ها) به نظر می رسد در وضعیت خرابی است… می توانید با اتصال از طریق SSH و اجرا این فرمان `sudo apt install --fix-broken` and/or `sudo dpkg --configure -a` مشکل را حل کنید.", "downloading": "در حال بارگیری...", "done": "انجام شد", "domains_available": "دامنه های موجود:", - "domain_name_unknown": "دامنه '{domain}' ناشناخته است", "domain_uninstall_app_first": "این برنامه ها هنوز روی دامنه شما نصب هستند:\n{apps}\n\nلطفاً قبل از اقدام به حذف دامنه ، آنها را با استفاده از 'برنامه yunohost remove the_app_id' حذف کرده یا با استفاده از 'yunohost app change-url the_app_id' به دامنه دیگری منتقل کنید", "domain_remove_confirm_apps_removal": "حذف این دامنه برنامه های زیر را حذف می کند:\n{apps}\n\nآیا طمئن هستید که میخواهید انجام دهید؟ [{answers}]", "domain_hostname_failed": "نام میزبان جدید قابل تنظیم نیست. این ممکن است بعداً مشکلی ایجاد کند (ممکن هم هست خوب باشد).", @@ -390,7 +386,6 @@ "password_too_simple_2": "گذرواژه باید حداقل 8 کاراکتر طول داشته باشد و شامل عدد ، حروف الفبائی کوچک و بزرگ باشد", "password_too_simple_1": "رمز عبور باید حداقل 8 کاراکتر باشد", "password_listed": "این رمز در بین پر استفاده ترین رمزهای عبور در جهان قرار دارد. لطفاً چیزی منحصر به فرد تر انتخاب کنید.", - "packages_upgrade_failed": "همه بسته ها را نمی توان ارتقا داد", "operation_interrupted": "عملیات به صورت دستی قطع شد؟", "invalid_password": "رمز عبور نامعتبر", "invalid_number": "باید یک عدد باشد", @@ -411,41 +406,11 @@ "migrations_exclusive_options": "'--auto', '--skip'، و '--force-rerun' گزینه های متقابل هستند.", "migrations_failed_to_load_migration": "مهاجرت بار نشد {id}: {error}", "migrations_dependencies_not_satisfied": "این مهاجرت ها را اجرا کنید: '{dependencies_id}' ، قبل از مهاجرت {id}.", - "migrations_cant_reach_migration_file": "دسترسی به پرونده های مهاجرت در مسیر '٪ s' امکان پذیر نیست", "migrations_already_ran": "این مهاجرت ها قبلاً انجام شده است: {ids}", - "migration_0019_slapd_config_will_be_overwritten": "به نظر می رسد که شما پیکربندی slapd را به صورت دستی ویرایش کرده اید. برای این مهاجرت بحرانی ، YunoHost باید به روز رسانی پیکربندی slapd را مجبور کند. فایلهای اصلی در {conf_backup_folder} پشتیبان گیری می شوند.", - "migration_0019_add_new_attributes_in_ldap": "اضافه کردن ویژگی های جدید برای مجوزها در پایگاه داده LDAP", - "migration_0018_failed_to_reset_legacy_rules": "تنظیم مجدد قوانین iptables قدیمی انجام نشد: {error}", - "migration_0018_failed_to_migrate_iptables_rules": "انتقال قوانین قدیمی iptables به nftables انجام نشد: {error}", - "migration_0017_not_enough_space": "فضای کافی در {path} برای اجرای مهاجرت در دسترس قرار دهید.", - "migration_0017_postgresql_11_not_installed": "PostgreSQL 9.6 نصب شده است ، اما postgresql 11 نه؟ ممکن است اتفاق عجیبی در سیستم شما رخ داده باشد:(...", - "migration_0017_postgresql_96_not_installed": "PostgreSQL روی سیستم شما نصب نشده است. کاری برای انجام دادن نیست.", - "migration_0015_weak_certs": "گواهینامه های زیر هنوز از الگوریتم های امضای ضعیف استفاده می کنند و برای سازگاری با نسخه بعدی nginx باید ارتقاء یابند: {certs}", - "migration_0015_cleaning_up": "پاک کردن حافظه پنهان و بسته ها دیگر مفید نیست...", - "migration_0015_specific_upgrade": "شروع به روزرسانی بسته های سیستم که باید به طور مستقل ارتقا یابد...", - "migration_0015_modified_files": "لطفاً توجه داشته باشید که فایل های زیر به صورت دستی اصلاح شده اند و ممکن است پس از ارتقاء رونویسی شوند: {manually_modified_files}", - "migration_0015_problematic_apps_warning": "لطفاً توجه داشته باشید که احتمالاً برنامه های نصب شده مشکل ساز تشخیص داده شده. به نظر می رسد که آنها از فهرست برنامه YunoHost نصب نشده اند یا به عنوان 'working' علامت گذاری نشده اند. در نتیجه ، نمی توان تضمین کرد که پس از ارتقاء همچنان کار خواهند کرد: {problematic_apps}", - "migration_0015_general_warning": "لطفاً توجه داشته باشید که این مهاجرت یک عملیات ظریف است. تیم YunoHost تمام تلاش خود را برای بررسی و آزمایش آن انجام داد ، اما مهاجرت ممکن است بخشهایی از سیستم یا برنامه های آن را خراب کند.\n\nبنابراین ، توصیه می شود:\n- پشتیبان گیری از هرگونه داده یا برنامه حیاتی را انجام دهید. اطلاعات بیشتر در https://yunohost.org/backup ؛\n- پس از راه اندازی مهاجرت صبور باشید: بسته به اتصال به اینترنت و سخت افزار شما ، ممکن است چند ساعت طول بکشد تا همه چیز ارتقا یابد.", - "migration_0015_system_not_fully_up_to_date": "سیستم شما کاملاً به روز نیست. لطفاً قبل از اجرای مهاجرت به Buster ، یک ارتقاء منظم انجام دهید.", - "migration_0015_not_enough_free_space": "فضای آزاد در /var /بسیار کم است! برای اجرای این مهاجرت باید حداقل 1 گیگابایت فضای آزاد داشته باشید.", - "migration_0015_not_stretch": "توزیع دبیان فعلی استرچ نیست!", - "migration_0015_yunohost_upgrade": "شروع به روز رسانی اصلی YunoHost...", - "migration_0015_still_on_stretch_after_main_upgrade": "هنگام ارتقاء اصلی مشکلی پیش آمد ، به نظر می رسد سیستم هنوز در Debian Stretch است", - "migration_0015_main_upgrade": "شروع به روزرسانی اصلی...", - "migration_0015_patching_sources_list": "وصله منابع. لیست ها...", - "migration_0015_start": "شروع مهاجرت به باستر", - "migration_update_LDAP_schema": "در حال به روزرسانی طرح وشمای LDAP...", "migration_ldap_rollback_success": "سیستم برگردانده شد.", "migration_ldap_migration_failed_trying_to_rollback": "نمی توان مهاجرت کرد... تلاش برای بازگرداندن سیستم.", "migration_ldap_can_not_backup_before_migration": "نمی توان پشتیبان گیری سیستم را قبل از شکست مهاجرت تکمیل کرد. خطا: {error}", "migration_ldap_backup_before_migration": "ایجاد پشتیبان از پایگاه داده LDAP و تنظیمات برنامه ها قبل از مهاجرت واقعی.", - "migration_description_0020_ssh_sftp_permissions": "پشتیبانی مجوزهای SSH و SFTP را اضافه کنید", - "migration_description_0019_extend_permissions_features": "سیستم مدیریت مجوز برنامه را تمدید / دوباره کار بندازید", - "migration_description_0018_xtable_to_nftable": "مهاجرت از قوانین قدیمی ترافیک شبکه به سیستم جدید nftable", - "migration_description_0017_postgresql_9p6_to_11": "مهاجرت پایگاه های داده از PostgreSQL 9.6 به 11", - "migration_description_0016_php70_to_php73_pools": "انتقال فایلهای conf php7.0-fpm 'pool' به php7.3", - "migration_description_0015_migrate_to_buster": "سیستم را به Debian Buster و YunoHost 4.x ارتقا دهید", - "migrating_legacy_permission_settings": "در حال انتقال تنظیمات مجوز قدیمی...", "main_domain_changed": "دامنه اصلی تغییر کرده است", "main_domain_change_failed": "تغییر دامنه اصلی امکان پذیر نیست", "mail_unavailable": "این آدرس ایمیل محفوظ است و باید به طور خودکار به اولین کاربر اختصاص داده شود", @@ -531,15 +496,6 @@ "unknown_main_domain_path": "دامنه یا مسیر ناشناخته برای '{app}'. شما باید یک دامنه و یک مسیر را مشخص کنید تا بتوانید یک آدرس اینترنتی برای مجوز تعیین کنید.", "unexpected_error": "مشکل غیر منتظره ای پیش آمده: {error}", "unbackup_app": "{app} ذخیره نمی شود", - "tools_upgrade_special_packages_completed": "ارتقاء بسته YunoHost به پایان رسید\nبرای بازگرداندن خط فرمان [Enter] را فشار دهید", - "tools_upgrade_special_packages_explanation": "ارتقاء ویژه در پس زمینه ادامه خواهد یافت. لطفاً تا 10 دقیقه دیگر (بسته به سرعت سخت افزار) هیچ اقدام دیگری را روی سرور خود شروع نکنید. پس از این کار ، ممکن است مجبور شوید دوباره وارد webadmin شوید. گزارش ارتقاء در Tools → Log (در webadmin) یا با استفاده از 'yunohost log list' (در خط فرمان) در دسترس خواهد بود.", - "tools_upgrade_special_packages": "در حال ارتقاء بسته های 'special' (مربوط به yunohost)...", - "tools_upgrade_regular_packages_failed": "بسته ها را نمی توان ارتقا داد: {packages_list}", - "tools_upgrade_regular_packages": "در حال ارتقاء بسته های 'regular' (غیر مرتبط با yunohost)...", - "tools_upgrade_cant_unhold_critical_packages": "بسته های مهم و حیاتی را نمی توان نگه نداشت...", - "tools_upgrade_cant_hold_critical_packages": "بسته های مهم و حیاتی را نمی توان نگه داشت...", - "tools_upgrade_cant_both": "نمی توان سیستم و برنامه ها را به طور همزمان ارتقا داد", - "tools_upgrade_at_least_one": "لطفاً مشخص کنید 'apps' ، یا 'system'", "this_action_broke_dpkg": "این اقدام dpkg/APT (مدیران بسته های سیستم) را خراب کرد... می توانید با اتصال از طریق SSH و اجرای فرمان `sudo apt install --fix -break` و/یا` sudo dpkg --configure -a` این مشکل را حل کنید.", "system_username_exists": "نام کاربری قبلاً در لیست کاربران سیستم وجود دارد", "system_upgraded": "سیستم ارتقا یافت", @@ -560,7 +516,6 @@ "service_reload_failed": "سرویس '{service}' بارگیری نشد\n\nگزارشات اخیر سرویس: {logs}", "service_removed": "سرویس '{service}' حذف شد", "service_remove_failed": "سرویس '{service}' حذف نشد", - "service_regen_conf_is_deprecated": "فرمان 'yunohost service regen-conf' منسوخ شده است! لطفاً به جای آن از 'yunohost tools regen-conf' استفاده کنید.", "service_enabled": "سرویس '{service}' اکنون بطور خودکار در هنگام بوت شدن سیستم راه اندازی می شود.", "service_enable_failed": "انجام سرویس '{service}' به طور خودکار در هنگام راه اندازی امکان پذیر نیست.\n\nگزارشات اخیر سرویس: {logs}", "service_disabled": "هنگام راه اندازی سیستم ، سرویس '{service}' دیگر راه اندازی نمی شود.", @@ -572,7 +527,6 @@ "service_description_rspamd": "هرزنامه ها و سایر ویژگی های مربوط به ایمیل را فیلتر می کند", "service_description_redis-server": "یک پایگاه داده تخصصی برای دسترسی سریع به داده ها ، صف وظیفه و ارتباط بین برنامه ها استفاده می شود", "service_description_postfix": "برای ارسال و دریافت ایمیل استفاده می شود", - "service_description_php7.3-fpm": "برنامه های نوشته شده با PHP را با NGINX اجرا می کند", "service_description_nginx": "به همه وب سایت هایی که روی سرور شما میزبانی شده اند سرویس می دهد یا دسترسی به آنها را فراهم می کند", "service_description_mysql": "ذخیره داده های برنامه (پایگاه داده SQL)", "service_description_metronome": "مدیریت حساب های پیام رسانی فوری XMPP", diff --git a/locales/fr.json b/locales/fr.json index 123270bd6..a14850b8b 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -10,7 +10,6 @@ "app_extraction_failed": "Impossible d'extraire les fichiers d'installation", "app_id_invalid": "Identifiant d'application invalide", "app_install_files_invalid": "Fichiers d'installation incorrects", - "app_manifest_invalid": "Manifeste d'application incorrect : {error}", "app_not_correctly_installed": "{app} semble être mal installé", "app_not_installed": "Nous n'avons pas trouvé {app} dans la liste des applications installées : {all_apps}", "app_not_properly_removed": "{app} n'a pas été supprimé correctement", @@ -83,7 +82,6 @@ "main_domain_change_failed": "Impossible de modifier le domaine principal", "main_domain_changed": "Le domaine principal a été modifié", "not_enough_disk_space": "L'espace disque est insuffisant sur '{path}'", - "packages_upgrade_failed": "Impossible de mettre à jour tous les paquets", "pattern_backup_archive_name": "Doit être un nom de fichier valide avec un maximum de 30 caractères, et composé de caractères alphanumériques et -_. uniquement", "pattern_domain": "Doit être un nom de domaine valide (ex : mon-domaine.fr)", "pattern_email": "Il faut une adresse électronique valide, sans le symbole '+' (par exemple johndoe@exemple.com)", @@ -213,7 +211,6 @@ "restore_system_part_failed": "Impossible de restaurer la partie '{part}' du système", "backup_couldnt_bind": "Impossible de lier {src} avec {dest}.", "domain_dns_conf_is_just_a_recommendation": "Cette commande vous montre la configuration *recommandée*. Elle ne configure pas le DNS pour vous. Il est de votre ressort de configurer votre zone DNS chez votre registrar/fournisseur conformément à cette recommandation.", - "migrations_cant_reach_migration_file": "Impossible d'accéder aux fichiers de migration via le chemin '%s'", "migrations_loading_migration": "Chargement de la migration {id}...", "migrations_migration_has_failed": "La migration {id} a échoué avec l'exception {exception} : annulation", "migrations_no_migrations_to_run": "Aucune migration à lancer", @@ -223,7 +220,6 @@ "server_reboot": "Le serveur va redémarrer", "server_reboot_confirm": "Le serveur va redémarrer immédiatement, le voulez-vous vraiment ? [{answers}]", "app_upgrade_some_app_failed": "Certaines applications n'ont pas été mises à jour", - "dyndns_could_not_check_provide": "Impossible de vérifier si {provider} peut fournir {domain}.", "dyndns_domain_not_provided": "Le fournisseur DynDNS {provider} ne peut pas fournir le domaine {domain}.", "app_make_default_location_already_used": "Impossible de configurer l'application '{app}' par défaut pour le domaine '{domain}' car il est déjà utilisé par l'application '{other_app}'", "app_upgrade_app_name": "Mise à jour de {app}...", @@ -340,17 +336,7 @@ "regenconf_dry_pending_applying": "Vérification de la configuration en attente qui aurait été appliquée pour la catégorie '{category}'...", "regenconf_failed": "Impossible de régénérer la configuration pour la ou les catégorie(s) : '{categories}'", "regenconf_pending_applying": "Applique la configuration en attente pour la catégorie '{category}'...", - "service_regen_conf_is_deprecated": "'yunohost service regen-conf' est obsolète ! Veuillez plutôt utiliser 'yunohost tools regen-conf' à la place.", - "tools_upgrade_at_least_one": "Veuillez spécifier '--apps' ou '--system'", - "tools_upgrade_cant_both": "Impossible de mettre à niveau le système et les applications en même temps", - "tools_upgrade_cant_hold_critical_packages": "Impossibilité d'ajouter le drapeau 'hold' pour les paquets critiques...", - "tools_upgrade_regular_packages": "Mise à jour des paquets du système (non liés a YunoHost)...", - "tools_upgrade_regular_packages_failed": "Impossible de mettre à jour les paquets suivants : {packages_list}", - "tools_upgrade_special_packages": "Mise à jour des paquets 'spécifiques' (liés a YunoHost)...", - "tools_upgrade_special_packages_completed": "La mise à jour des paquets de YunoHost est finie !\nPressez [Entrée] pour revenir à la ligne de commande", "dpkg_lock_not_available": "Cette commande ne peut pas être exécutée pour le moment car un autre programme semble utiliser le verrou de dpkg (le gestionnaire de package système)", - "tools_upgrade_cant_unhold_critical_packages": "Impossible d'enlever le drapeau 'hold' pour les paquets critiques...", - "tools_upgrade_special_packages_explanation": "La mise à niveau spécifique à YunoHost se poursuivra en arrière-plan. Veuillez ne pas lancer d'autres actions sur votre serveur pendant les 10 prochaines minutes (selon la vitesse du matériel). Après cela, vous devrez peut-être vous reconnecter à la webadmin. Le journal de mise à niveau sera disponible dans Outils → Journal (dans le webadmin) ou en utilisant 'yunohost log list' (à partir de la ligne de commande).", "update_apt_cache_failed": "Impossible de mettre à jour le cache APT (gestionnaire de paquets Debian). Voici un extrait du fichier sources.list qui pourrait vous aider à identifier les lignes problématiques :\n{sourceslist}", "update_apt_cache_warning": "Des erreurs se sont produites lors de la mise à jour du cache APT (gestionnaire de paquets Debian). Voici un extrait des lignes du fichier sources.list qui pourrait vous aider à identifier les lignes problématiques :\n{sourceslist}", "backup_permission": "Permission de sauvegarde pour {app}", @@ -418,7 +404,7 @@ "diagnosis_ip_weird_resolvconf": "La résolution DNS semble fonctionner, mais il semble que vous utilisez un /etc/resolv.conf personnalisé.", "diagnosis_ip_weird_resolvconf_details": "Le fichier /etc/resolv.conf doit être un lien symbolique vers /etc/resolvconf/run/resolv.conf lui-même pointant vers 127.0.0.1 (dnsmasq). Si vous souhaitez configurer manuellement les résolveurs DNS, veuillez modifier /etc/resolv.dnsmasq.conf.", "diagnosis_dns_missing_record": "Selon la configuration DNS recommandée, vous devez ajouter un enregistrement DNS
Type : {type}
Nom : {name}
Valeur : {value}", - "diagnosis_diskusage_ok": "L'espace de stockage {mountpoint} (sur le périphérique {device}) a encore {free} ({free_percent}%) espace restant (sur {total}) !", + "diagnosis_diskusage_ok": "L'espace de stockage {mountpoint} (sur le périphérique {device}) a encore {free} ({free_percent}%) d'espace restant (sur {total}) !", "diagnosis_ram_ok": "Le système dispose encore de {available} ({available_percent}%) de RAM sur {total}.", "diagnosis_regenconf_allgood": "Tous les fichiers de configuration sont conformes à la configuration recommandée !", "diagnosis_security_vulnerable_to_meltdown": "Vous semblez vulnérable à la vulnérabilité de sécurité critique de Meltdown", @@ -444,9 +430,9 @@ "diagnosis_dns_bad_conf": "Certains enregistrements DNS sont manquants ou incorrects pour le domaine {domain} (catégorie {category})", "diagnosis_dns_discrepancy": "Cet enregistrement DNS ne semble pas correspondre à la configuration recommandée :
Type : {type}
Nom : {name}
La valeur actuelle est : {current}
La valeur attendue est : {value}", "diagnosis_services_bad_status": "Le service {service} est {status} :-(", - "diagnosis_diskusage_verylow": "L'espace de stockage {mountpoint} (sur l'appareil {device}) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Vous devriez vraiment envisager de nettoyer de l'espace !", - "diagnosis_diskusage_low": "L'espace de stockage {mountpoint} (sur l'appareil {device}) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Faites attention.", - "diagnosis_ram_verylow": "Le système ne dispose plus que de {available} ({available_percent}%)! (sur {total})", + "diagnosis_diskusage_verylow": "L'espace de stockage {mountpoint} (sur l'appareil {device}) ne dispose que de {free} ({free_percent}%) d'espace restant (sur {total}). Vous devriez vraiment envisager de nettoyer de l'espace !", + "diagnosis_diskusage_low": "L'espace de stockage {mountpoint} (sur l'appareil {device}) ne dispose que de {free} ({free_percent}%) d'espace restant (sur {total}). Faites attention.", + "diagnosis_ram_verylow": "Le système ne dispose plus que de {available} ({available_percent}%) de RAM ! (sur {total})", "diagnosis_ram_low": "Le système n'a plus de {available} ({available_percent}%) RAM sur {total}. Faites attention.", "diagnosis_swap_none": "Le système n'a aucun espace de swap. Vous devriez envisager d'ajouter au moins {recommended} de swap pour éviter les situations où le système manque de mémoire.", "diagnosis_swap_notsomuch": "Le système ne dispose que de {total} de swap. Vous devez envisager d'avoir au moins {recommended} pour éviter les situations où le système manque de mémoire.", @@ -485,7 +471,7 @@ "diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit dans https://yunohost.org/isp_box_config", "diagnosis_http_connection_error": "Erreur de connexion : impossible de se connecter au domaine demandé, il est probablement injoignable.", "diagnosis_no_cache": "Pas encore de cache de diagnostique pour la catégorie '{category}'", - "yunohost_postinstall_end_tip": "La post-installation terminée ! Pour finaliser votre configuration, il est recommandé de :\n- ajouter un premier utilisateur depuis la section \"Utilisateurs\" de l'interface web (ou 'yunohost user create ' en ligne de commande) ;\n- diagnostiquer les potentiels problèmes dans la section \"Diagnostic\" de l'interface web (ou 'yunohost diagnosis run' en ligne de commande) ;\n- lire les parties 'Finalisation de votre configuration' et 'Découverte de YunoHost' dans le guide de l'administrateur : https://yunohost.org/admindoc.", + "yunohost_postinstall_end_tip": "La post-installation est terminée ! Pour finaliser votre configuration, il est recommandé de :\n- ajouter un premier utilisateur depuis la section \"Utilisateurs\" de l'interface web (ou 'yunohost user create ' en ligne de commande) ;\n- diagnostiquer les potentiels problèmes dans la section \"Diagnostic\" de l'interface web (ou 'yunohost diagnosis run' en ligne de commande) ;\n- lire les parties 'Finalisation de votre configuration' et 'Découverte de YunoHost' dans le guide de l'administrateur : https://yunohost.org/admindoc.", "diagnosis_services_bad_status_tip": "Vous pouvez essayer de redémarrer le service, et si cela ne fonctionne pas, consultez les journaux de service dans le webadmin (à partir de la ligne de commande, vous pouvez le faire avec yunohost service restart {service} et yunohost service log {service} ).", "diagnosis_http_bad_status_code": "Le système de diagnostique n'a pas réussi à contacter votre serveur. Il se peut qu'une autre machine réponde à la place de votre serveur. Vérifiez que le port 80 est correctement redirigé, que votre configuration Nginx est à jour et qu'un reverse-proxy n'interfère pas.", "diagnosis_http_timeout": "Expiration du délai en essayant de contacter votre serveur de l'extérieur. Il semble être inaccessible. Vérifiez que vous transférez correctement le port 80, que Nginx est en cours d'exécution et qu'un pare-feu n'interfère pas.", @@ -549,33 +535,9 @@ "diagnosis_swap_tip": "Merci d'être prudent et conscient que si vous hébergez une partition SWAP sur une carte SD ou un disque SSD, cela risque de réduire drastiquement l'espérance de vie du périphérique.", "restore_already_installed_apps": "Les applications suivantes ne peuvent pas être restaurées car elles sont déjà installées : {apps}", "regenconf_need_to_explicitly_specify_ssh": "La configuration de ssh a été modifiée manuellement. Vous devez explicitement indiquer la mention --force à \"ssh\" pour appliquer les changements.", - "migration_0015_cleaning_up": "Nettoyage du cache et des paquets qui ne sont plus nécessaires ...", - "migration_0015_specific_upgrade": "Démarrage de la mise à jour des paquets du système qui doivent être mis à jour séparément...", - "migration_0015_modified_files": "Veuillez noter que les fichiers suivants ont été modifiés manuellement et pourraient être écrasés à la suite de la mise à niveau : {manually_modified_files}", - "migration_0015_problematic_apps_warning": "Veuillez noter que des applications qui peuvent poser problèmes ont été détectées. Il semble qu'elles n'aient pas été installées à partir du catalogue d'applications YunoHost, ou bien qu'elles ne soient pas signalées comme \"fonctionnelles\". Par conséquent, il n'est pas possible de garantir que les applications suivantes fonctionneront encore après la mise à niveau : {problematic_apps}", - "migration_0015_general_warning": "Veuillez noter que cette migration est une opération délicate. L'équipe YunoHost a fait de son mieux pour la revérifier et la tester, mais la migration pourrait quand même casser des éléments du système ou de ses applications.\n\nIl est donc recommandé :\n...- de faire une sauvegarde de toute donnée ou application critique. Plus d'informations ici https://yunohost.org/backup ;\n...- d'être patient après le lancement de la migration. Selon votre connexion internet et votre matériel, la mise à niveau peut prendre jusqu'à quelques heures.", - "migration_0015_system_not_fully_up_to_date": "Votre système n'est pas entièrement à jour. Veuillez effectuer une mise à jour normale avant de lancer la migration vers Buster.", - "migration_0015_not_enough_free_space": "L'espace libre est très faible dans /var/ ! Vous devriez avoir au moins 1 Go de libre pour effectuer cette migration.", - "migration_0015_not_stretch": "La distribution Debian actuelle n'est pas Stretch !", - "migration_0015_yunohost_upgrade": "Démarrage de la mise à jour de YunoHost ...", - "migration_0015_still_on_stretch_after_main_upgrade": "Quelque chose s'est mal passé lors de la mise à niveau, le système semble toujours être sous Debian Stretch", - "migration_0015_main_upgrade": "Démarrage de la mise à niveau générale...", - "migration_0015_patching_sources_list": "Mise à jour du fichier sources.lists...", - "migration_0015_start": "Démarrage de la migration vers Buster", - "migration_description_0015_migrate_to_buster": "Mise à niveau du système vers Debian Buster et YunoHost 4.x", "diagnosis_dns_try_dyndns_update_force": "La configuration DNS de ce domaine devrait être automatiquement gérée par YunoHost. Si ce n'est pas le cas, vous pouvez essayer de forcer une mise à jour en utilisant yunohost dyndns update --force.", "app_packaging_format_not_supported": "Cette application ne peut pas être installée car son format n'est pas pris en charge par votre version de YunoHost. Vous devriez probablement envisager de mettre à jour votre système.", - "migration_0015_weak_certs": "Il a été constaté que les certificats suivants utilisent encore des algorithmes de signature peu robustes et doivent être mis à jour pour être compatibles avec la prochaine version de NGINX : {certs}", "global_settings_setting_backup_compress_tar_archives": "Lors de la création de nouvelles sauvegardes, compresser automatiquement les archives (.tar.gz) au lieu des archives non compressées (.tar). N.B. : activer cette option permet de créer des archives plus légères, mais la procédure de sauvegarde initiale sera significativement plus longues et plus gourmandes en CPU.", - "migration_description_0018_xtable_to_nftable": "Migrer les anciennes règles de trafic réseau vers le nouveau système basé sur nftables", - "service_description_php7.3-fpm": "Exécute les applications écrites en PHP avec NGINX", - "migration_0018_failed_to_reset_legacy_rules": "La réinitialisation des règles iptable par défaut a échoué : {error}", - "migration_0018_failed_to_migrate_iptables_rules": "Échec de la migration des anciennes règles iptables vers nftables : {error}", - "migration_0017_not_enough_space": "Laissez suffisamment d'espace disponible dans {path} avant de lancer la migration.", - "migration_0017_postgresql_11_not_installed": "PostgreSQL 9.6 est installé mais pas posgreSQL 11 ? Il s'est sans doute passé quelque chose d'étrange sur votre système :(...", - "migration_0017_postgresql_96_not_installed": "PostgreSQL n'a pas été installé sur votre système. Aucune opération à effectuer.", - "migration_description_0017_postgresql_9p6_to_11": "Migrer les bases de données de PostgreSQL 9.6 vers 11", - "migration_description_0016_php70_to_php73_pools": "Migrer les configurations php7.0 vers php7.3", "diagnosis_processes_killed_by_oom_reaper": "Certains processus ont été arrêtés récemment par le système car il manquait de mémoire. Cela apparaît généralement quand le système manque de mémoire ou qu'un processus consomme trop de mémoire. Liste des processus tués :\n{kills_summary}", "ask_user_domain": "Domaine à utiliser pour l'adresse email de l'utilisateur et le compte XMPP", "app_manifest_install_ask_is_public": "Cette application devrait-elle être visible par les visiteurs anonymes ?", @@ -598,15 +560,10 @@ "regex_with_only_domain": "Vous ne pouvez pas utiliser une expression régulière pour le domaine, uniquement pour le chemin", "regex_incompatible_with_tile": "/!\\ Packagers ! La permission '{permission}' a 'show_tile' définie sur 'true' et vous ne pouvez donc pas définir une URL regex comme URL principale", "permission_protected": "L'autorisation {permission} est protégée. Vous ne pouvez pas ajouter ou supprimer le groupe visiteurs à/de cette autorisation.", - "migration_0019_slapd_config_will_be_overwritten": "Il semble que vous ayez modifié manuellement la configuration de slapd. Pour cette migration critique, YunoHost doit forcer la mise à jour de la configuration slapd. Les fichiers originaux seront sauvegardés dans {conf_backup_folder}.", - "migration_0019_add_new_attributes_in_ldap": "Ajouter de nouveaux attributs pour les autorisations dans la base de données LDAP", - "migrating_legacy_permission_settings": "Migration des anciens paramètres d'autorisation...", "invalid_regex": "Regex non valide : '{regex}'", - "domain_name_unknown": "Domaine '{domain}' inconnu", "app_label_deprecated": "Cette commande est obsolète ! Veuillez utiliser la nouvelle commande 'yunohost user permission update' pour gérer l'étiquette de l'application.", "additional_urls_already_removed": "URL supplémentaire '{url}' déjà supprimées pour la permission '{permission}'", "invalid_number": "Doit être un nombre", - "migration_description_0019_extend_permissions_features": "Étendre et retravailler le système de gestion des permissions applicatives", "diagnosis_basesystem_hardware_model": "Le modèle/architecture du serveur est {model}", "diagnosis_backports_in_sources_list": "Il semble qu'apt (le gestionnaire de paquets) soit configuré pour utiliser le dépôt des rétroportages (backports). A moins que vous ne sachiez vraiment ce que vous faites, nous vous déconseillons fortement d'installer des paquets provenant des rétroportages, car cela risque de créer des instabilités ou des conflits sur votre système.", "postinstall_low_rootfsspace": "Le système de fichiers a une taille totale inférieure à 10 Go, ce qui est préoccupant et devrait attirer votre attention ! Vous allez certainement arriver à court d'espace disque (très) rapidement ! Il est recommandé d'avoir au moins 16 Go à la racine pour ce système de fichiers. Si vous voulez installer YunoHost malgré cet avertissement, relancez la post-installation avec --force-diskspace", @@ -614,8 +571,7 @@ "diagnosis_rootfstotalspace_critical": "Le système de fichiers racine ne fait que {space} ! Vous allez certainement le remplir très rapidement ! Il est recommandé d'avoir au moins 16 GB pour ce système de fichiers.", "diagnosis_rootfstotalspace_warning": "Le système de fichiers racine n'est que de {space}. Cela peut suffire, mais faites attention car vous risquez de les remplir rapidement... Il est recommandé d'avoir au moins 16 GB pour ce système de fichiers.", "app_restore_script_failed": "Une erreur s'est produite dans le script de restauration de l'application", - "restore_backup_too_old": "Cette sauvegarde ne peut pas être restaurée car elle provient d'une version trop ancienne de YunoHost.", - "migration_update_LDAP_schema": "Mise à jour du schéma LDAP...", + "restore_backup_too_old": "Cette sauvegarde ne peut pas être restaurée car elle provient d'une version de YunoHost trop ancienne.", "log_backup_create": "Créer une archive de sauvegarde", "global_settings_setting_ssowat_panel_overlay_enabled": "Activer la superposition de la vignette SSOwat", "migration_ldap_rollback_success": "Système rétabli dans son état initial.", @@ -623,7 +579,6 @@ "migration_ldap_migration_failed_trying_to_rollback": "Impossible de migrer... tentative de restauration du système.", "migration_ldap_can_not_backup_before_migration": "La sauvegarde du système n'a pas pu être terminée avant l'échec de la migration. Erreur : {error }", "migration_ldap_backup_before_migration": "Création d'une sauvegarde de la base de données LDAP et des paramètres des applications avant la migration proprement dite.", - "migration_description_0020_ssh_sftp_permissions": "Ajouter la prise en charge des autorisations SSH et SFTP", "global_settings_setting_security_ssh_port": "Port SSH", "diagnosis_sshd_config_inconsistent_details": "Veuillez exécuter yunohost settings set security.ssh.port -v VOTRE_PORT_SSH pour définir le port SSH, et vérifiez yunohost tools regen-conf ssh --dry-run --with-diff et yunohost tools regen-conf ssh --force pour réinitialiser votre configuration aux recommandations YunoHost.", "diagnosis_sshd_config_inconsistent": "Il semble que le port SSH a été modifié manuellement dans /etc/ssh/sshd_config. Depuis YunoHost 4.2, un nouveau paramètre global 'security.ssh.port' est disponible pour éviter de modifier manuellement la configuration.", @@ -631,7 +586,6 @@ "backup_create_size_estimation": "L'archive contiendra environ {size} de données.", "global_settings_setting_security_webadmin_allowlist": "Adresses IP autorisées à accéder à la webadmin. Elles doivent être séparées par une virgule.", "global_settings_setting_security_webadmin_allowlist_enabled": "Autoriser seulement certaines IP à accéder à la webadmin.", - "diagnosis_http_localdomain": "Le domaine {domain}, avec un TLD .local, ne devrait pas être exposé en dehors du réseau local.", "diagnosis_dns_specialusedomain": "Le domaine {domain} est basé sur un domaine de premier niveau (TLD) à usage spécial comme .local ou .test et ne devrait donc pas avoir d'enregistrements DNS réels.", "invalid_password": "Mot de passe incorrect", "ldap_server_is_down_restart_it": "Le service LDAP est en panne, essayez de le redémarrer...", @@ -669,13 +623,10 @@ "config_validate_url": "Doit être une URL Web valide", "config_version_not_supported": "Les versions du panneau de configuration '{version}' ne sont pas prises en charge.", "danger": "Danger :", - "file_extension_not_accepted": "Le fichier '{path}' est refusé car son extension ne fait pas partie des extensions acceptées : {accept}", "invalid_number_min": "Doit être supérieur à {min}", "invalid_number_max": "Doit être inférieur à {max}", "log_app_config_set": "Appliquer la configuration à l'application '{}'", "service_not_reloading_because_conf_broken": "Le service '{name}' n'a pas été rechargé/redémarré car sa configuration est cassée : {errors}", - "app_argument_password_help_keep": "Tapez sur Entrée pour conserver la valeur actuelle", - "app_argument_password_help_optional": "Tapez un espace pour vider le mot de passe", "domain_registrar_is_not_configured": "Le registrar n'est pas encore configuré pour le domaine {domain}.", "domain_dns_push_not_applicable": "La fonction de configuration DNS automatique n'est pas applicable au domaine {domain}. Vous devez configurer manuellement vos enregistrements DNS en suivant la documentation sur https://yunohost.org/dns_config.", "domain_dns_registrar_yunohost": "Ce domaine est de type nohost.me / nohost.st / ynh.fr et sa configuration DNS est donc automatiquement gérée par YunoHost sans qu'il n'y ait d'autre configuration à faire. (voir la commande 'yunohost dyndns update')", @@ -685,7 +636,7 @@ "domain_dns_registrar_managed_in_parent_domain": "Ce domaine est un sous-domaine de {parent_domain_link}. La configuration du registrar DNS doit être gérée dans le panneau de configuration de {parent_domain}.", "domain_dns_registrar_not_supported": "YunoHost n'a pas pu détecter automatiquement le bureau d'enregistrement gérant ce domaine. Vous devez configurer manuellement vos enregistrements DNS en suivant la documentation sur https://yunohost.org/dns.", "domain_dns_registrar_experimental": "Jusqu'à présent, l'interface avec l'API de **{registrar}** n'a pas été correctement testée et revue par la communauté YunoHost. L'assistance est **très expérimentale** - soyez prudent !", - "domain_dns_push_failed_to_authenticate": "Échec de l'authentification sur l'API du bureau d'enregistrement pour le domaine « {domain} ». Très probablement les informations d'identification sont incorrectes ? (Erreur : {error})", + "domain_dns_push_failed_to_authenticate": "Échec de l'authentification sur l'API du registrar qui gère votre nom de domaine internet pour '{domain}'. Il est très probable que les informations d'identification soient incorrectes ? (Erreur : {error})", "domain_dns_push_failed_to_list": "Échec de la liste des enregistrements actuels à l'aide de l'API du registraire : {error}", "domain_dns_push_already_up_to_date": "Dossiers déjà à jour.", "domain_dns_pushing": "Transmission des enregistrements DNS...", @@ -709,5 +660,30 @@ "diagnosis_http_special_use_tld": "Le domaine {domain} est basé sur un domaine de premier niveau (TLD) à usage spécial tel que .local ou .test et n'est donc pas censé être exposé en dehors du réseau local.", "domain_dns_conf_special_use_tld": "Ce domaine est basé sur un domaine de premier niveau (TLD) à usage spécial tel que .local ou .test et ne devrait donc pas avoir d'enregistrements DNS réels.", "other_available_options": "... et {n} autres options disponibles non affichées", - "domain_config_auth_consumer_key": "Consumer key" + "domain_config_auth_consumer_key": "Consumer key", + "domain_unknown": "Domaine '{domain}' inconnu", + "migration_0021_start": "Démarrage de la migration vers Bullseye", + "migration_0021_patching_sources_list": "Mise à jour du fichier sources.lists...", + "migration_0021_main_upgrade": "Démarrage de la mise à niveau générale...", + "migration_0021_still_on_buster_after_main_upgrade": "Quelque chose s'est mal passé lors de la mise à niveau, le système semble toujours être sous Debian Buster", + "migration_0021_yunohost_upgrade": "Démarrage de la mise à jour du noyau YunoHost...", + "migration_0021_not_enough_free_space": "L'espace libre est très faible dans /var/ ! Vous devriez avoir au moins 1 Go de libre pour effectuer cette migration.", + "migration_0021_system_not_fully_up_to_date": "Votre système n'est pas entièrement à jour. Veuillez effectuer une mise à jour normale avant de lancer la migration vers Bullseye.", + "migration_0021_general_warning": "Veuillez noter que cette migration est une opération délicate. L'équipe YunoHost a fait de son mieux pour la revérifier et la tester, mais la migration pourrait quand même casser des éléments du système ou de ses applications.\n\nIl est donc recommandé :\n - de faire une sauvegarde de toute donnée ou application critique. Plus d'informations ici https://yunohost.org/backup ;\n - d'être patient après le lancement de la migration. Selon votre connexion internet et votre matériel, la mise à niveau peut prendre jusqu'à quelques heures.", + "migration_0021_problematic_apps_warning": "Veuillez noter que des applications qui peuvent poser problèmes ont été détectées. Il semble qu'elles n'aient pas été installées à partir du catalogue d'applications YunoHost, ou bien qu'elles ne soient pas signalées comme \\\"fonctionnelles\\\". Par conséquent, il n'est pas possible de garantir que les applications suivantes fonctionneront encore après la mise à niveau : {problematic_apps}", + "migration_0021_modified_files": "Veuillez noter que les fichiers suivants ont été modifiés manuellement et pourraient être écrasés à la suite de la mise à niveau : {manually_modified_files}", + "migration_0021_cleaning_up": "Nettoyage du cache et des paquets qui ne sont plus nécessaires...", + "migration_0021_patch_yunohost_conflicts": "Application du correctif pour contourner le problème de conflit...", + "migration_0021_not_buster": "La distribution Debian actuelle n'est pas Buster !", + "migration_description_0021_migrate_to_bullseye": "Mise à niveau du système vers Debian Bullseye et YunoHost 11.x", + "global_settings_setting_security_ssh_password_authentication": "Autoriser l'authentification par mot de passe pour SSH", + "domain_config_default_app": "Application par défaut", + "migration_description_0022_php73_to_php74_pools": "Migration des fichiers de configuration php7.3-fpm 'pool' vers php7.4", + "migration_description_0023_postgresql_11_to_13": "Migration des bases de données de PostgreSQL 11 vers 13", + "service_description_postgresql": "Stocke les données d'application (base de données SQL)", + "tools_upgrade": "Mise à niveau des packages système", + "migration_0023_postgresql_13_not_installed": "PostgreSQL 11 est installé, mais pas PostgreSQL 13 ! ? Quelque chose d'anormal s'est peut-être produit sur votre système :(...", + "tools_upgrade_failed": "Impossible de mettre à jour les paquets : {packages_list}", + "migration_0023_not_enough_space": "Prévoyez suffisamment d'espace disponible dans {path} pour exécuter la migration.", + "migration_0023_postgresql_11_not_installed": "PostgreSQL n'a pas été installé sur votre système. Il n'y a rien à faire." } diff --git a/locales/gl.json b/locales/gl.json index 987093df8..e25c698c0 100644 --- a/locales/gl.json +++ b/locales/gl.json @@ -76,7 +76,6 @@ "app_manifest_install_ask_password": "Elixe un contrasinal de administración para esta app", "app_manifest_install_ask_path": "Elixe a ruta URL (após o dominio) onde será instalada esta app", "app_manifest_install_ask_domain": "Elixe o dominio onde queres instalar esta app", - "app_manifest_invalid": "Hai algún erro no manifesto da app: {error}", "app_location_unavailable": "Este URL ou ben non está dispoñible ou entra en conflito cunha app(s) xa instalada:\n{apps}", "app_label_deprecated": "Este comando está anticuado! Utiliza o novo comando 'yunohost user permission update' para xestionar a etiqueta da app.", "app_make_default_location_already_used": "Non se puido establecer a '{app}' como app por defecto no dominio, '{domain}' xa está utilizado por '{other_app}'", @@ -288,13 +287,11 @@ "dyndns_ip_updated": "Actualizouse o IP en DynDNS", "dyndns_ip_update_failed": "Non se actualizou o enderezo IP en DynDNS", "dyndns_could_not_check_available": "Non se comprobou se {domain} está dispoñible en {provider}.", - "dyndns_could_not_check_provide": "Non se comprobou se {provider} pode proporcionar {domain}.", "dpkg_lock_not_available": "Non se pode executar agora mesmo este comando porque semella que outro programa está a utilizar dpkg (o xestos de paquetes do sistema)", "dpkg_is_broken": "Non podes facer isto agora mesmo porque dpkg/APT (o xestor de paquetes do sistema) semella que non está a funcionar... Podes intentar solucionalo conectándote a través de SSH e executando `sudo apt install --fix-broken`e/ou `sudo dpkg --configure -a`.", "downloading": "Descargando...", "done": "Feito", "domains_available": "Dominios dispoñibles:", - "domain_name_unknown": "Dominio '{domain}' descoñecido", "domain_uninstall_app_first": "Aínda están instaladas estas aplicacións no teu dominio:\n{apps}\n\nPrimeiro desinstalaas utilizando 'yunohost app remove id_da_app' ou móveas a outro dominio con 'yunohost app change-url id_da_app' antes de eliminar o dominio", "domain_remove_confirm_apps_removal": "Ao eliminar o dominio tamén vas eliminar estas aplicacións:\n{apps}\n\nTes a certeza de querer facelo? [{answers}]", "domain_hostname_failed": "Non se puido establecer o novo nome de servidor. Esto pode causar problemas máis tarde (tamén podería ser correcto).", @@ -394,19 +391,10 @@ "log_does_exists": "Non hai rexistro de operación co nome '{log}', usa 'yunohost log list' para ver tódolos rexistros de operacións dispoñibles", "log_help_to_get_failed_log": "A operación '{desc}' non se completou. Comparte o rexistro completo da operación utilizando o comando 'yunohost log share {name}' para obter axuda", "log_link_to_failed_log": "Non se completou a operación '{desc}'. Por favor envía o rexistro completo desta operación premendo aquí para obter axuda", - "migration_0015_start": "Comezando a migración a Buster", - "migration_update_LDAP_schema": "Actualizando esquema LDAP...", "migration_ldap_rollback_success": "Sistema restablecido.", "migration_ldap_migration_failed_trying_to_rollback": "Non se puido migrar... intentando volver á versión anterior do sistema.", "migration_ldap_can_not_backup_before_migration": "O sistema de copia de apoio do sistema non se completou antes de que fallase a migración. Erro: {error}", "migration_ldap_backup_before_migration": "Crear copia de apoio da base de datos LDAP e axustes de apps antes de realizar a migración.", - "migration_description_0020_ssh_sftp_permissions": "Engadir soporte para permisos SSH e SFTP", - "migration_description_0019_extend_permissions_features": "Extender/recrear o sistema de xestión de permisos de apps", - "migration_description_0018_xtable_to_nftable": "Migrar as regras de tráfico de rede antigas ao novo sistema nftable", - "migration_description_0017_postgresql_9p6_to_11": "Migrar bases de datos desde PostgreSQL 9.6 a 11", - "migration_description_0016_php70_to_php73_pools": "Migrar o ficheiros de configuración 'pool' de php7.0-fpm a php7.3", - "migration_description_0015_migrate_to_buster": "Actualizar o sistema a Debian Buster e YunoHost 4.x", - "migrating_legacy_permission_settings": "Migrando os axustes dos permisos anteriores...", "main_domain_changed": "Foi cambiado o dominio principal", "main_domain_change_failed": "Non se pode cambiar o dominio principal", "mail_unavailable": "Este enderezo de email está reservado e debería adxudicarse automáticamente á primeira usuaria", @@ -433,28 +421,7 @@ "log_letsencrypt_cert_renew": "Anovar certificado Let's Encrypt para '{}'", "log_selfsigned_cert_install": "Instalar certificado auto-asinado para o dominio '{}'", "log_permission_url": "Actualizar URL relativo ao permiso '{}'", - "migration_0015_general_warning": "Ten en conta que a migración é unha operación delicada. O equipo YunoHost esforzouse revisando e comprobandoa, aínda así algo podería fallar en partes do teu sistema ou as súas apps.\n\nPor tanto, é recomendable:\n- realiza unha copia de apoio de tódolos datos ou apps importantes. Máis info en https://yunohost.org/backup;\n - ten paciencia tras iniciar o proceso: dependendo da túa conexión de internet e hardware podería demorar varias horas a actualización de tódolos compoñentes.", - "migration_0015_system_not_fully_up_to_date": "O teu sistema non está ao día. Realiza unha actualización común antes de realizar a migración a Buster.", - "migration_0015_not_enough_free_space": "Queda moi pouco espazo en /var/! Deberías ter polo menos 1GB libre para realizar a migración.", - "migration_0015_not_stretch": "A distribución Debian actual non é Stretch!", - "migration_0015_yunohost_upgrade": "Iniciando a actualización do núcleo YunoHost...", - "migration_0015_still_on_stretch_after_main_upgrade": "Algo foi mal durante a actualiza ión principal, o sistema semella que aínda está en Debian Stretch", - "migration_0015_main_upgrade": "Iniciando a actualización principal...", - "migration_0015_patching_sources_list": "Correxindo os sources.lists...", "migrations_already_ran": "Xa se realizaron estas migracións: {ids}", - "migration_0019_slapd_config_will_be_overwritten": "Semella que editaches manualmente a configuración slapd. Para esta migración crítica YunoHost precisa forzar a actualización da configuración slapd. Os ficheiros orixinais van ser copiados en {conf_backup_folder}.", - "migration_0019_add_new_attributes_in_ldap": "Engadir novos atributos para os permisos na base de datos LDAP", - "migration_0018_failed_to_reset_legacy_rules": "Fallou o restablecemento das regras antigas de iptables: {error}", - "migration_0018_failed_to_migrate_iptables_rules": "Fallou a migración das regras antigas de iptables a nftables: {error}", - "migration_0017_not_enough_space": "Crea espazo suficiente en {path} para executar a migración.", - "migration_0017_postgresql_11_not_installed": "PostgreSQL 9.6 está instado, pero non postgresql 11? Algo raro debeu acontecer no teu sistema :(...", - "migration_0017_postgresql_96_not_installed": "PostgreSQL non está instalado no teu sistema. Nada que facer.", - "migration_0015_weak_certs": "Os seguintes certificados están a utilizar algoritmos de sinatura débiles e teñen que ser actualizados para ser compatibles coa seguinte versión de nginx: {certs}", - "migration_0015_cleaning_up": "Limpando a caché e paquetes que xa non son útiles...", - "migration_0015_specific_upgrade": "Iniciando a actualización dos paquetes do sistema que precisan ser actualizados de xeito independente...", - "migration_0015_modified_files": "Ten en conta que os seguintes ficheiros semella que foron modificados manualmente e poderían ser sobrescritos na actualización: {manually_modified_files}", - "migration_0015_problematic_apps_warning": "Ten en conta que se detectaron as seguintes apps que poderían ser problemáticas. Semella que non foron instaladas usando o catálogo de YunoHost, ou non están marcadas como 'funcionais'. En consecuencia, non se pode garantir que seguirán funcionando após a actualización: {problematic_apps}", - "diagnosis_http_localdomain": "O dominio {domain}, cun TLD .local, non é de agardar que esté exposto ao exterior da rede local.", "diagnosis_dns_specialusedomain": "O dominio {domain} baséase un dominio de nivel alto e uso especial (TLD) como .local ou .test polo que non é de agardar que realmente teña rexistros DNS.", "upnp_enabled": "UPnP activado", "upnp_disabled": "UPnP desactivado", @@ -480,7 +447,6 @@ "password_too_simple_3": "O contrasinal ten que ter 8 caracteres como mínimo e conter un díxito, maiúsculas, minúsculas e caracteres especiais", "password_too_simple_2": "O contrasinal ten que ter 8 caracteres como mínimo e conter un díxito, maiúsculas e minúsculas", "password_listed": "Este contrasinal está entre os máis utilizados no mundo. Por favor elixe outro que sexa máis orixinal.", - "packages_upgrade_failed": "Non se puideron actualizar tódolos paquetes", "operation_interrupted": "Foi interrumpida manualmente a operación?", "invalid_number": "Ten que ser un número", "not_enough_disk_space": "Non hai espazo libre abondo en '{path}'", @@ -500,7 +466,6 @@ "migrations_exclusive_options": "'--auto', '--skip', e '--force-rerun' son opcións que se exclúen unhas a outras.", "migrations_failed_to_load_migration": "Non se cargou a migración {id}: {error}", "migrations_dependencies_not_satisfied": "Executar estas migracións: '{dependencies_id}', antes da migración {id}.", - "migrations_cant_reach_migration_file": "Non se pode acceder aos ficheiros de migración na ruta '%s'", "regenconf_file_manually_removed": "O ficheiro de configuración '{conf}' foi eliminado manualmente e non será creado", "regenconf_file_manually_modified": "O ficheiro de configuración '{conf}' foi modificado manualmente e non vai ser actualizado", "regenconf_file_kept_back": "Era de agardar que o ficheiro de configuración '{conf}' fose eliminado por regen-conf (categoría {category}) mais foi mantido.", @@ -549,7 +514,6 @@ "service_description_rspamd": "Filtra spam e outras características relacionadas co email", "service_description_redis-server": "Unha base de datos especial utilizada para o acceso rápido a datos, cola de tarefas e comunicación entre programas", "service_description_postfix": "Utilizado para enviar e recibir emails", - "service_description_php7.3-fpm": "Executa aplicacións escritas en PHP con NGINX", "service_description_nginx": "Serve ou proporciona acceso a tódolos sitios web hospedados no teu servidor", "service_description_mysql": "Almacena datos da app (base de datos SQL)", "service_description_metronome": "Xestiona as contas de mensaxería instantánea XMPP", @@ -606,15 +570,6 @@ "unknown_main_domain_path": "Dominio ou ruta descoñecida '{app}'. Tes que indicar un dominio e ruta para poder especificar un URL para o permiso.", "unexpected_error": "Aconteceu un fallo non agardado: {error}", "unbackup_app": "{app} non vai ser gardada", - "tools_upgrade_special_packages_completed": "Completada a actualización dos paquetes YunoHost.\nPreme [Enter] para recuperar a liña de comandos", - "tools_upgrade_special_packages_explanation": "A actualización especial continuará en segundo plano. Non inicies outras tarefas no servidor nos seguintes ~10 minutos (depende do hardware). Após isto, podes volver a conectar na webadmin. O rexistro da actualización estará dispoñible en Ferramentas → Rexistro (na webadmin) ou con 'yunohost log list' (na liña de comandos).", - "tools_upgrade_special_packages": "Actualizando paquetes 'special' (yunohost-related)...", - "tools_upgrade_regular_packages_failed": "Non se actualizaron os paquetes: {packages_list}", - "tools_upgrade_regular_packages": "Actualizando os paquetes 'regular' (non-yunohost-related)...", - "tools_upgrade_cant_unhold_critical_packages": "Non se desbloquearon os paquetes críticos...", - "tools_upgrade_cant_hold_critical_packages": "Non se puideron bloquear os paquetes críticos...", - "tools_upgrade_cant_both": "Non se pode actualizar o sistema e as apps ao mesmo tempo", - "tools_upgrade_at_least_one": "Por favor indica 'apps', ou 'system'", "this_action_broke_dpkg": "Esta acción rachou dpkg/APT (xestores de paquetes do sistema)... Podes intentar resolver o problema conectando a través de SSH e executando `sudo apt install --fix-broken`e/ou `sudo dpkg --configure -a`.", "system_username_exists": "Xa existe este nome de usuaria na lista de usuarias do sistema", "system_upgraded": "Sistema actualizado", @@ -635,7 +590,6 @@ "service_reload_failed": "Non se recargou o servizo '{service}'\n\nRexistros recentes do servizo: {logs}", "service_removed": "Eliminado o servizo '{service}'", "service_remove_failed": "Non se eliminou o servizo '{service}'", - "service_regen_conf_is_deprecated": "'yunohost service regen-conf' xa non se utiliza! Executa 'yunohost tools regen-conf' no seu lugar.", "service_enabled": "O servizo '{service}' vai ser iniciado automáticamente no inicio do sistema.", "diagnosis_apps_allgood": "Tódalas apps instaladas respectan as prácticas básicas de empaquetado", "diagnosis_apps_bad_quality": "Esta aplicación está actualmente marcada como estragada no catálogo de aplicacións de YunoHost. Podería ser un problema temporal mentras as mantedoras intentan arranxar o problema. Ata ese momento a actualización desta app está desactivada.", @@ -655,13 +609,11 @@ "diagnosis_apps_broken": "Actualmente esta aplicación está marcada como estragada no catálogo de aplicacións de YunoHost. Podería tratarse dun problema temporal mentras as mantedoras intentan arraxala. Entanto así a actualización da app está desactivada.", "diagnosis_apps_issue": "Atopouse un problema na app {app}", "diagnosis_apps_not_in_app_catalog": "Esta aplicación non está no catálgo de aplicacións de YunoHost. Se estivo no pasado e foi eliminada, deberías considerar desinstalala porque non recibirá actualizacións, e podería comprometer a integridade e seguridade do teu sistema.", - "app_argument_password_help_optional": "Escribe un espazo para limpar o contrasinal", "config_validate_date": "Debe ser unha data válida co formato YYYY-MM-DD", "config_validate_email": "Debe ser un email válido", "config_validate_time": "Debe ser unha hora válida tal que HH:MM", "config_validate_url": "Debe ser un URL válido", "danger": "Perigo:", - "app_argument_password_help_keep": "Preme Enter para manter o valor actual", "app_config_unable_to_read": "Fallou a lectura dos valores de configuración.", "config_apply_failed": "Fallou a aplicación da nova configuración: {error}", "config_forbidden_keyword": "O palabra chave '{keyword}' está reservada, non podes crear ou usar un panel de configuración cunha pregunta con este id.", @@ -673,7 +625,6 @@ "app_config_unable_to_apply": "Fallou a aplicación dos valores de configuración.", "config_cant_set_value_on_section": "Non podes establecer un valor único na sección completa de configuración.", "config_version_not_supported": "A versión do panel de configuración '{version}' non está soportada.", - "file_extension_not_accepted": "Rexeitouse o ficheiro '{path}' porque a súa extensión non está entre as aceptadas: {accept}", "invalid_number_max": "Ten que ser menor de {max}", "service_not_reloading_because_conf_broken": "Non se recargou/reiniciou o servizo '{name}' porque a súa configuración está estragada: {errors}", "diagnosis_http_special_use_tld": "O dominio {domain} baséase nun dominio de alto-nivel (TLD) especial como .local ou .test e por isto non é de agardar que esté exposto fóra da rede local.", @@ -709,5 +660,29 @@ "domain_dns_push_not_applicable": "A función de rexistro DNS automático non é aplicable ao dominio {domain}. Debes configurar manualmente os teus rexistros DNS seguindo a documentación de https://yunohost.org/dns_config.", "domain_dns_push_managed_in_parent_domain": "A función de rexistro DNS automático está xestionada polo dominio nai {parent_domain}.", "ldap_attribute_already_exists": "Xa existe o atributo LDAP '{attribute}' con valor '{value}'", - "log_domain_config_set": "Actualizar configuración para o dominio '{}'" + "log_domain_config_set": "Actualizar configuración para o dominio '{}'", + "domain_unknown": "Dominio '{domain}' descoñecido", + "migration_0021_start": "Comezando a migración a Bullseye", + "migration_0021_patching_sources_list": "Actualizando sources.list...", + "migration_0021_main_upgrade": "Iniciando a actualización principal...", + "migration_0021_still_on_buster_after_main_upgrade": "Algo fallou durante a actualización principal, o sistema semlla que aínda está en Debian Buster", + "migration_0021_yunohost_upgrade": "Iniciando actualización compoñente core de YunoHost...", + "migration_0021_not_buster": "A distribución Debian actual non é Buster!", + "migration_0021_not_enough_free_space": "Queda pouco espazo en /var/! Deberías ter polo menos 1GB libre para facer a migración.", + "migration_0021_problematic_apps_warning": "Detectamos que están instaladas estas app que poderían ser problemáticas. Semella que non foron instaladas desde o catálogo YunoHost, ou non están marcadas como que 'funcionan'. Así, non podemos garantir que seguiran funcionando ben tras a migración: {problematic_apps}", + "migration_0021_modified_files": "Ten en conta que os seguintes ficheiros semella que foron editados manualmente e poderían ser sobrescritos durante a migración: {manually_modified_files}", + "migration_0021_cleaning_up": "Limpando a caché e os paquetes que xa non son precisos...", + "migration_0021_patch_yunohost_conflicts": "Solucionando os problemas e conflitos...", + "migration_description_0021_migrate_to_bullseye": "Actualizar o sistema a Debian Bullseye e YunoHost 11.x", + "migration_0021_system_not_fully_up_to_date": "O teu sistema non está completamente actualizado. Fai unha actualización normal antes de executar a migración a Bullseye.", + "migration_0021_general_warning": "Ten en conta que a migración é unha operación delicada. O equipo de YunoHost fixo todo o que puido para revisalo e probalo, pero aínda así poderían acontecer fallos no sistema ou apps.\n\nAsí as cousas, é recomendable:\n - Facer unha copia de apoio dos datos e apps importantes. Máis info en https://yunohost.org/backup;\n - Ter paciencia unha vez inicias a migración: dependendo da túa conexión a internet e hardware, podería levarlle varias horas completar o proceso.", + "global_settings_setting_security_ssh_password_authentication": "Permitir autenticación con contrasinal para SSH", + "tools_upgrade_failed": "Non se actualizaron os paquetes: {packages_list}", + "migration_0023_not_enough_space": "Crear espazo suficiente en {path} para realizar a migración.", + "migration_0023_postgresql_11_not_installed": "PostgreSQL non estaba instalado no sistema. Nada que facer.", + "migration_0023_postgresql_13_not_installed": "PostgreSQL 11 está instalado, pero PostgreSQL 13 non!? Algo raro debeu pasarlle ao teu sistema :(...", + "migration_description_0022_php73_to_php74_pools": "Migrar ficheiros de configuración de php7.3-fpm 'pool' a php7.4", + "migration_description_0023_postgresql_11_to_13": "Migrar bases de datos de PostgreSQL 11 a 13", + "service_description_postgresql": "Almacena datos da app (Base datos SQL)", + "tools_upgrade": "Actualizando paquetes do sistema" } diff --git a/locales/hi.json b/locales/hi.json index 5f521b1dc..1eed9faa4 100644 --- a/locales/hi.json +++ b/locales/hi.json @@ -10,7 +10,6 @@ "app_extraction_failed": "इन्सटाल्ड फ़ाइलों को निकालने में असमर्थ", "app_id_invalid": "अवैध एप्लिकेशन id", "app_install_files_invalid": "फाइलों की अमान्य स्थापना", - "app_manifest_invalid": "एप्लीकेशन का मैनिफेस्ट अमान्य", "app_not_correctly_installed": "{app} ठीक ढंग से इनस्टॉल नहीं हुई", "app_not_installed": "{app} इनस्टॉल नहीं हुई", "app_not_properly_removed": "{app} ठीक ढंग से नहीं अनइन्सटॉल की गई", diff --git a/locales/id.json b/locales/id.json index 9e26dfeeb..47aff8b2e 100644 --- a/locales/id.json +++ b/locales/id.json @@ -1 +1,58 @@ -{} \ No newline at end of file +{ + "admin_password": "Kata sandi administrasi", + "admin_password_change_failed": "Tidak dapat mengubah kata sandi", + "admin_password_changed": "Kata sandi administrasi diubah", + "admin_password_too_long": "Harap pilih kata sandi yang lebih pendek dari 127 karakter", + "already_up_to_date": "Tak ada yang harus dilakukan. Semuanya sudah mutakhir.", + "app_action_broke_system": "Tindakan ini sepertinya telah merusak layanan-layanan penting ini: {services}", + "app_already_installed": "{app} sudah terpasang", + "app_already_up_to_date": "{app} sudah dalam versi mutakhir", + "app_argument_required": "Argumen '{name}' dibutuhkan", + "app_change_url_identical_domains": "Domain)url_path yang lama dan baru identik ('{domain}{path}'), tak ada yang perlu dilakukan.", + "app_change_url_no_script": "Aplikasi '{app_name}' belum mendukung pengubahan URL. Mungkin Anda harus memperbaruinya.", + "app_change_url_success": "URL {app} sekarang adalah {domain}{path}", + "app_id_invalid": "ID aplikasi tidak valid", + "app_install_failed": "Tidak dapat memasang {app}: {error}", + "app_install_files_invalid": "Berkas-berkas ini tidak dapat dipasang", + "app_install_script_failed": "Sebuah kesalahan terjadi pada script pemasangan aplikasi", + "app_manifest_install_ask_admin": "Pilih seorang administrator untuk aplikasi ini", + "app_manifest_install_ask_domain": "Pilih di domain mana aplikasi ini harus dipasang", + "app_not_installed": "Tidak dapat menemukan {app} di daftar aplikasi yang terpasang: {all_apps}", + "app_not_properly_removed": "{app} belum dihapus dengan benar", + "app_remove_after_failed_install": "Menghapus aplikasi mengikuti kegagalan pemasangan...", + "app_removed": "{app} dihapus", + "app_restore_failed": "Tidak dapat memulihkan {app}: {error}", + "app_upgrade_some_app_failed": "Beberapa aplikasi tidak dapat diperbarui", + "app_upgraded": "{app} diperbarui", + "apps_already_up_to_date": "Semua aplikasi sudah pada versi mutakhir", + "apps_catalog_update_success": "Katalog aplikasi telah diperbarui!", + "apps_catalog_updating": "Memperbarui katalog aplikasi...", + "ask_firstname": "Nama depan", + "ask_lastname": "Nama belakang", + "ask_main_domain": "Domain utama", + "ask_new_domain": "Domain baru", + "ask_user_domain": "Domain yang digunakan untuk alamat surel dan akun XMPP pengguna", + "app_not_correctly_installed": "{app} kelihatannya terpasang dengan salah", + "app_start_restore": "Memulihkan {app}...", + "app_unknown": "Aplikasi tak dikenal", + "ask_new_admin_password": "Kata sandi administrasi baru", + "ask_password": "Kata sandi", + "app_upgrade_app_name": "Memperbarui {app}...", + "app_upgrade_failed": "Tidak dapat memperbarui {app}: {error}", + "app_start_install": "Memasang {app}...", + "app_start_remove": "Menghapus {app}...", + "app_manifest_install_ask_password": "Pilih kata sandi administrasi untuk aplikasi ini", + "app_upgrade_several_apps": "Aplikasi-aplikasi berikut akan diperbarui: {apps}", + "backup_app_failed": "Tidak dapat mencadangkan {app}", + "backup_archive_name_exists": "Arsip cadangan dengan nama ini sudah ada.", + "backup_created": "Cadangan dibuat", + "backup_creation_failed": "Tidak dapat membuat arsip cadangan", + "backup_delete_error": "Tidak dapat menghapus '{path}'", + "backup_deleted": "Cadangan dihapus", + "diagnosis_apps_issue": "Sebuah masalah ditemukan pada aplikasi {app}", + "backup_applying_method_tar": "Membuat arsip TAR cadangan...", + "backup_method_tar_finished": "Arsip TAR cadanagan dibuat", + "backup_nothings_done": "Tak ada yang harus disimpan", + "certmanager_cert_install_success": "Sertifikat Let's Encrypt sekarang sudah terpasang pada domain '{domain}'", + "backup_mount_archive_for_restore": "Menyiapkan arsip untuk pemulihan..." +} \ No newline at end of file diff --git a/locales/it.json b/locales/it.json index 1332712ef..5c4a19df7 100644 --- a/locales/it.json +++ b/locales/it.json @@ -26,7 +26,6 @@ "admin_password_change_failed": "Impossibile cambiare la password", "admin_password_changed": "La password d'amministrazione è stata cambiata", "app_install_files_invalid": "Questi file non possono essere installati", - "app_manifest_invalid": "C'è qualcosa di scorretto nel manifesto dell'applicazione: {error}", "app_not_correctly_installed": "{app} sembra di non essere installata correttamente", "app_not_properly_removed": "{app} non è stata correttamente rimossa", "action_invalid": "L'azione '{action}' non è valida", @@ -42,7 +41,7 @@ "ask_new_admin_password": "Nuova password dell'amministrazione", "backup_app_failed": "Non è possibile fare il backup {app}", "backup_archive_app_not_found": "{app} non è stata trovata nel archivio di backup", - "app_argument_choice_invalid": "Usa una delle seguenti scelte '{choices}' per il parametro '{name}' invece di '{value}'", + "app_argument_choice_invalid": "Scegli un opzione valida per il parametro '{name}': '{value}' non è fra le opzioni disponibili ('{choices}')", "app_argument_invalid": "Scegli un valore valido per il parametro '{name}': {error}", "app_argument_required": "L'argomento '{name}' è requisito", "app_id_invalid": "Identificativo dell'applicazione non valido", @@ -96,7 +95,6 @@ "main_domain_change_failed": "Impossibile cambiare il dominio principale", "main_domain_changed": "Il dominio principale è stato cambiato", "not_enough_disk_space": "Non c'è abbastanza spazio libero in '{path}'", - "packages_upgrade_failed": "Impossibile aggiornare tutti i pacchetti", "pattern_backup_archive_name": "Deve essere un nome di file valido di massimo 30 caratteri di lunghezza, con caratteri alfanumerici e \"-_.\" come unica punteggiatura", "pattern_domain": "Deve essere un nome di dominio valido (es. il-mio-dominio.org)", "pattern_firstname": "Deve essere un nome valido", @@ -223,7 +221,6 @@ "dpkg_is_broken": "Non puoi eseguire questo ora perchè dpkg/APT (i gestori di pacchetti del sistema) sembrano essere in stato danneggiato... Puoi provare a risolvere il problema connettendoti via SSH ed eseguire `sudo apt install --fix-broken` e/o `sudo dpkg --configure -a`.", "domain_cannot_remove_main": "Non puoi rimuovere '{domain}' essendo il dominio principale, prima devi impostare un nuovo dominio principale con il comando 'yunohost domain main-domain -n '; ecco la lista dei domini candidati: {other_domains}", "domain_dns_conf_is_just_a_recommendation": "Questo comando ti mostra la configurazione *raccomandata*. Non ti imposta la configurazione DNS al tuo posto. È tua responsabilità configurare la tua zona DNS nel tuo registrar in accordo con queste raccomandazioni.", - "dyndns_could_not_check_provide": "Impossibile controllare se {provider} possano fornire {domain}.", "dyndns_could_not_check_available": "Impossibile controllare se {domain} è disponibile su {provider}.", "dyndns_domain_not_provided": "Il fornitore DynDNS {provider} non può fornire il dominio {domain}.", "experimental_feature": "Attenzione: Questa funzionalità è sperimentale e non è considerata stabile, non dovresti utilizzarla a meno che tu non sappia cosa stai facendo.", @@ -301,7 +298,7 @@ "app_manifest_install_ask_is_public": "Quest'applicazione dovrà essere visibile ai visitatori anonimi?", "app_manifest_install_ask_admin": "Scegli un utente amministratore per quest'applicazione", "app_manifest_install_ask_password": "Scegli una password di amministrazione per quest'applicazione", - "app_manifest_install_ask_path": "Scegli il percorso dove installare quest'applicazione", + "app_manifest_install_ask_path": "Scegli il percorso URL (dopo il dominio) dove installare quest'applicazione", "app_manifest_install_ask_domain": "Scegli il dominio dove installare quest'app", "app_argument_password_no_default": "Errore durante il parsing dell'argomento '{name}': l'argomento password non può avere un valore di default per ragioni di sicurezza", "additional_urls_already_added": "L'URL aggiuntivo '{url}' è già utilizzato come URL aggiuntivo per il permesso '{permission}'", @@ -393,15 +390,6 @@ "update_apt_cache_warning": "Qualcosa è andato storto mentre eseguivo l'aggiornamento della cache APT (package manager di Debian). Ecco il dump di sources.list, che potrebbe aiutare ad identificare le linee problematiche:\n{sourceslist}", "update_apt_cache_failed": "Impossibile aggiornare la cache di APT (package manager di Debian). Ecco il dump di sources.list, che potrebbe aiutare ad identificare le linee problematiche:\n{sourceslist}", "unknown_main_domain_path": "Percorso o dominio sconosciuto per '{app}'. Devi specificare un dominio e un percorso per poter specificare un URL per il permesso.", - "tools_upgrade_special_packages_completed": "Aggiornamento pacchetti YunoHost completato.\nPremi [Invio] per tornare al terminale", - "tools_upgrade_special_packages_explanation": "L'aggiornamento speciale continuerà in background. Per favore non iniziare nessun'altra azione sul tuo server per i prossimi ~10 minuti (dipende dalla velocità hardware). Dopo questo, dovrai ri-loggarti nel webadmin. Il registro di aggiornamento sarà disponibile in Strumenti → Log/Registri (nel webadmin) o dalla linea di comando eseguendo 'yunohost log list'.", - "tools_upgrade_special_packages": "Adesso aggiorno i pacchetti 'speciali' (correlati a yunohost)...", - "tools_upgrade_regular_packages_failed": "Impossibile aggiornare i pacchetti: {packages_list}", - "tools_upgrade_regular_packages": "Adesso aggiorno i pacchetti 'normali' (non correlati a yunohost)...", - "tools_upgrade_cant_unhold_critical_packages": "Impossibile annullare il blocco dei pacchetti critici/importanti...", - "tools_upgrade_cant_hold_critical_packages": "Impossibile bloccare i pacchetti critici/importanti...", - "tools_upgrade_cant_both": "Impossibile aggiornare sia il sistema e le app nello stesso momento", - "tools_upgrade_at_least_one": "Specifica 'apps', o 'system'", "show_tile_cant_be_enabled_for_regex": "Non puoi abilitare 'show_tile' in questo momento, perché l'URL del permesso '{permission}' è una regex", "show_tile_cant_be_enabled_for_url_not_defined": "Non puoi abilitare 'show_tile' in questo momento, devi prima definire un URL per il permesso '{permission}'", "service_reloaded_or_restarted": "Il servizio '{service}' è stato ricaricato o riavviato", @@ -410,7 +398,6 @@ "service_restart_failed": "Impossibile riavviare il servizio '{service}'\n\nUltimi registri del servizio: {logs}", "service_reloaded": "Servizio '{service}' ricaricato", "service_reload_failed": "Impossibile ricaricare il servizio '{service}'\n\nUltimi registri del servizio: {logs}", - "service_regen_conf_is_deprecated": "'yunohost service regen-conf' è obsoleto! Per favore usa 'yunohost tools regen-conf' al suo posto.", "service_description_yunohost-firewall": "Gestisce l'apertura e la chiusura delle porte ai servizi", "service_description_yunohost-api": "Gestisce l'interazione tra l'interfaccia web YunoHost ed il sistema", "service_description_ssh": "Ti consente di accedere da remoto al tuo server attraverso il terminale (protocollo SSH)", @@ -418,7 +405,6 @@ "service_description_rspamd": "Filtra SPAM, e altre funzionalità legate alle mail", "service_description_redis-server": "Un database specializzato usato per un veloce accesso ai dati, task queue, e comunicazioni tra programmi", "service_description_postfix": "Usato per inviare e ricevere email", - "service_description_php7.3-fpm": "Esegue app scritte in PHP con NGINX", "service_description_nginx": "Serve o permette l'accesso a tutti i siti pubblicati sul tuo server", "service_description_mysql": "Memorizza i dati delle app (database SQL)", "service_description_metronome": "Gestisce gli account di messaggistica instantanea XMPP", @@ -490,35 +476,7 @@ "migrations_exclusive_options": "'--auto', '--skip', e '--force-rerun' sono opzioni che si escludono a vicenda.", "migrations_failed_to_load_migration": "Impossibile caricare la migrazione {id}: {error}", "migrations_dependencies_not_satisfied": "Esegui queste migrazioni: '{dependencies_id}', prima di {id}.", - "migrations_cant_reach_migration_file": "Impossibile accedere ai file di migrazione nel path '%s'", "migrations_already_ran": "Migrazioni già effettuate: {ids}", - "migration_0019_slapd_config_will_be_overwritten": "Sembra che tu abbia modificato manualmente la configurazione slapd. Per questa importante migrazione, YunoHost deve forzare l'aggiornamento della configurazione slapd. I file originali verranno back-uppati in {conf_backup_folder}.", - "migration_0019_add_new_attributes_in_ldap": "Aggiungi nuovi attributi ai permessi nel database LDAP", - "migration_0018_failed_to_reset_legacy_rules": "Impossibile resettare le regole iptables legacy: {error}", - "migration_0018_failed_to_migrate_iptables_rules": "Migrazione fallita delle iptables legacy a nftables: {error}", - "migration_0017_not_enough_space": "Libera abbastanza spazio in {path} per eseguire la migrazione.", - "migration_0017_postgresql_11_not_installed": "PostgreSQL 9.6 è installato, ma non PostgreSQL 11 ?! Qualcosa di strano potrebbe esser successo al tuo sistema :'( ...", - "migration_0017_postgresql_96_not_installed": "PostgreSQL non è stato installato sul tuo sistema. Nulla da fare.", - "migration_0015_weak_certs": "I seguenti certificati utilizzano ancora un algoritmo di firma debole e dovrebbero essere aggiornati per essere compatibili con la prossima versione di nginx: {certs}", - "migration_0015_cleaning_up": "Sto pulendo la cache e i pacchetti non più utili...", - "migration_0015_specific_upgrade": "Inizio l'aggiornamento dei pacchetti di sistema che necessitano di essere aggiornati da soli...", - "migration_0015_modified_files": "Attenzioni, i seguenti file sembrano esser stati modificati manualmente, e potrebbero essere sovrascritti dopo l'aggiornamento: {manually_modified_files}", - "migration_0015_problematic_apps_warning": "Alcune applicazioni potenzialmente problematiche sono state rilevate nel sistema. Sembra che non siano state installate attraverso il catalogo app YunoHost, o non erano flaggate come 'working'/'funzionanti'. Di conseguenza, non è possibile garantire che funzioneranno ancora dopo l'aggiornamento: {problematic_apps}", - "migration_0015_general_warning": "Attenzione, sappi che questa migrazione è un'operazione delicata. Il team YunoHost ha fatto del suo meglio nel controllarla e testarla, ma le probabilità che il sistema e/o qualche app si danneggi non sono nulle.\n\nPerciò, ti raccomandiamo di:\n\t- Effettuare un backup di tutti i dati e app importanti. Maggiori informazioni su https://yunohost.org/backup;\n\t- Sii paziente dopo aver lanciato l'operazione: in base alla tua connessione internet e al tuo hardware, potrebbero volerci alcune ore per aggiornare tutto.", - "migration_0015_system_not_fully_up_to_date": "Il tuo sistema non è completamente aggiornato. Esegui un aggiornamento classico prima di lanciare la migrazione a Buster.", - "migration_0015_not_enough_free_space": "Poco spazio libero disponibile in /var/! Dovresti avere almeno 1GB libero per effettuare questa migrazione.", - "migration_0015_not_stretch": "La distribuzione Debian corrente non è Stretch!", - "migration_0015_yunohost_upgrade": "Inizio l'aggiornamento del core di YunoHost...", - "migration_0015_still_on_stretch_after_main_upgrade": "Qualcosa è andato storto durante l'aggiornamento principale, il sistema sembra essere ancora su Debian Stretch", - "migration_0015_main_upgrade": "Inizio l'aggiornamento principale...", - "migration_0015_patching_sources_list": "Applico le patch a sources.lists...", - "migration_0015_start": "Inizio migrazione a Buster", - "migration_description_0019_extend_permissions_features": "Estendi il sistema di gestione dei permessi app", - "migration_description_0018_xtable_to_nftable": "Migra le vecchie regole di traffico network sul nuovo sistema nftable", - "migration_description_0017_postgresql_9p6_to_11": "Migra i database da PostgreSQL 9.6 a 11", - "migration_description_0016_php70_to_php73_pools": "MIgra i file di configurazione 'pool' di php7.0-fpm su php7.3", - "migration_description_0015_migrate_to_buster": "Aggiorna il sistema a Debian Buster e YunoHost 4.X", - "migrating_legacy_permission_settings": "Impostando le impostazioni legacy dei permessi..", "mailbox_disabled": "E-mail disabilitate per l'utente {user}", "log_user_permission_reset": "Resetta il permesso '{}'", "log_user_permission_update": "Aggiorna gli accessi del permesso '{}'", @@ -558,7 +516,6 @@ "global_settings_setting_pop3_enabled": "Abilita il protocollo POP3 per il server mail", "dyndns_provider_unreachable": "Incapace di raggiungere il provider DynDNS {provider}: o il tuo YunoHost non è connesso ad internet o il server dynette è down.", "dpkg_lock_not_available": "Impossibile eseguire il comando in questo momento perché un altro programma sta bloccando dpkg (il package manager di sistema)", - "domain_name_unknown": "Dominio '{domain}' sconosciuto", "domain_cannot_remove_main_add_new_one": "Non puoi rimuovere '{domain}' visto che è il dominio principale nonché il tuo unico dominio, devi prima aggiungere un altro dominio eseguendo 'yunohost domain add ', impostarlo come dominio principale con 'yunohost domain main-domain n ', e solo allora potrai rimuovere il dominio '{domain}' eseguendo 'yunohost domain remove {domain}'.'", "domain_cannot_add_xmpp_upload": "Non puoi aggiungere domini che iniziano per 'xmpp-upload.'. Questo tipo di nome è riservato per la funzionalità di upload XMPP integrata in YunoHost.", "diagnosis_processes_killed_by_oom_reaper": "Alcuni processi sono stati terminati dal sistema che era a corto di memoria. Questo è un sintomo di insufficienza di memoria nel sistema o di un processo che richiede troppa memoria. Lista dei processi terminati:\n{kills_summary}", @@ -612,12 +569,10 @@ "diagnosis_rootfstotalspace_warning": "La radice del filesystem ha un totale di solo {space}. Potrebbe non essere un problema, ma stai attento perché potresti consumare tutta la memoria velocemente... Raccomandiamo di avere almeno 16 GB per la radice del filesystem.", "restore_backup_too_old": "Questo archivio backup non può essere ripristinato perché è stato generato da una versione troppo vecchia di YunoHost.", "permission_cant_add_to_all_users": "Il permesso {permission} non può essere aggiunto a tutto gli utenti.", - "migration_update_LDAP_schema": "Aggiorno lo schema LDAP...", "migration_ldap_rollback_success": "Sistema ripristinato allo stato precedente.", "migration_ldap_migration_failed_trying_to_rollback": "Impossibile migrare... provo a ripristinare il sistema.", "migration_ldap_can_not_backup_before_migration": "Il backup del sistema non è stato completato prima che la migrazione fallisse. Errore: {error}", "migration_ldap_backup_before_migration": "Sto generando il backup del database LDAP e delle impostazioni delle app prima di effettuare la migrazione.", - "migration_description_0020_ssh_sftp_permissions": "Aggiungi il supporto ai permessi SSH e SFTP", "log_backup_create": "Crea un archivio backup", "global_settings_setting_ssowat_panel_overlay_enabled": "Abilita il pannello sovrapposto SSOwat", "global_settings_setting_security_ssh_port": "Porta SSH", @@ -629,5 +584,81 @@ "global_settings_setting_security_webadmin_allowlist": "Indirizzi IP con il permesso di accedere al webadmin, separati da virgola.", "global_settings_setting_security_webadmin_allowlist_enabled": "Permetti solo ad alcuni IP di accedere al webadmin.", "disk_space_not_sufficient_update": "Non c'è abbastanza spazio libero per aggiornare questa applicazione", - "disk_space_not_sufficient_install": "Non c'è abbastanza spazio libero per installare questa applicazione" + "disk_space_not_sufficient_install": "Non c'è abbastanza spazio libero per installare questa applicazione", + "app_config_unable_to_apply": "Applicazione dei valori nel pannello di configurazione non riuscita.", + "app_config_unable_to_read": "Lettura dei valori nel pannello di configurazione non riuscita.", + "diagnosis_apps_issue": "È stato rilevato un errore per l’app {app}", + "global_settings_setting_security_nginx_redirect_to_https": "Reindirizza richieste HTTP a HTTPs di default (NON DISABILITARE a meno che tu non sappia veramente bene cosa stai facendo!)", + "diagnosis_http_special_use_tld": "Il dominio {domain} è basato su un dominio di primo livello (TLD) dall’uso speciale, come .local o .test, perciò non è previsto che sia esposto al di fuori della rete locale.", + "domain_dns_conf_special_use_tld": "Questo dominio è basato su un dominio di primo livello (TLD) dall’uso speciale, come .local o .test, perciò non è previsto abbia reali record DNS.", + "domain_dns_push_not_applicable": "La configurazione automatica del DNS non è applicabile al dominio {domain}. Dovresti configurare i tuoi record DNS manualmente, seguendo la documentazione su https://yunohost.org/dns_config.", + "domain_dns_registrar_not_supported": "YunoHost non è riuscito a riconoscere quale registrar sta gestendo questo dominio. Dovresti configurare i tuoi record DNS manualmente, seguendo la documentazione.", + "domain_dns_registrar_experimental": "Per ora, il collegamento con le API di **{registrar}** non è stata opportunamente testata e revisionata dalla comunità di YunoHost. Questa funzionalità è **altamente sperimentale**, fai attenzione!", + "domain_dns_push_failed_to_authenticate": "L’autenticazione sulle API del registrar per il dominio '{domain}' è fallita. Probabilmente le credenziali non sono corrette. (Error: {error})", + "domain_dns_push_failed_to_list": "Il reperimento dei record attuali usando le API del registrar è fallito: {error}", + "domain_dns_push_already_up_to_date": "I record sono aggiornati, nulla da fare.", + "domain_dns_pushing": "Sincronizzando i record DNS…", + "domain_config_mail_out": "Email in uscita", + "domain_config_xmpp": "Messaggistica (XMPP)", + "domain_config_auth_token": "Token di autenticazione", + "domain_config_auth_key": "Chiave di autenticazione", + "domain_config_auth_secret": "Autenticazione segreta", + "domain_config_api_protocol": "Protocollo API", + "domain_config_auth_entrypoint": "API entry point", + "other_available_options": "… e {n} altre opzioni di variabili non mostrate", + "service_description_yunomdns": "Ti permette di raggiungere il tuo server usando 'yunohost.local' all’interno della tua rete locale", + "user_import_nothing_to_do": "Nessun utente deve essere importato", + "user_import_partial_failed": "L’importazione degli utenti è parzialmente fallita", + "domain_unknown": "Il dominio '{domain}' è sconosciuto", + "log_user_import": "Importa utenti", + "invalid_password": "Password non valida", + "diagnosis_high_number_auth_failures": "Recentemente c’è stato un numero insolitamente alto di autenticazioni fallite. Potresti assicurarti che fail2ban stia funzionando e che sia configurato correttamente, oppure usare una differente porta SSH, come spiegato in https://yunohost.org/security.", + "diagnosis_apps_allgood": "Tutte le applicazioni installate rispettano le pratiche di packaging di base", + "config_apply_failed": "L’applicazione della nuova configurazione è fallita: {error}", + "diagnosis_apps_outdated_ynh_requirement": "La versione installata di quest’app richiede esclusivamente YunoHost >= 2.x, che tendenzialmente significa che non è aggiornata secondo le pratiche di packaging raccomandate. Dovresti proprio considerare di aggiornarla.", + "global_settings_setting_security_experimental_enabled": "Abilita funzionalità di sicurezza sperimentali (non abilitare se non sai cosa stai facendo!)", + "invalid_number_min": "Deve essere più grande di {min}", + "invalid_number_max": "Deve essere meno di {max}", + "log_app_config_set": "Applica la configurazione all’app '{}'", + "log_domain_dns_push": "Sincronizza i record DNS per il dominio '{}'", + "user_import_bad_file": "Il tuo file CSV non è formattato correttamente e sarà ignorato per evitare potenziali perdite di dati", + "user_import_failed": "L’operazione di importazione è completamente fallita", + "user_import_missing_columns": "Mancano le seguenti colonne: {columns}", + "user_import_success": "Utenti importati con successo", + "diagnosis_apps_bad_quality": "Sul catalogo delle applicazioni di YunoHost, questa applicazione è momentaneamente segnalata come non funzionante. Potrebbe trattarsi di un problema temporaneo, mentre i manutentori provano a risolverlo. Nel frattempo, l’aggiornamento di quest’app è disabilitato.", + "diagnosis_apps_broken": "Sul catalogo delle applicazioni di YunoHost, questa applicazione è momentaneamente segnalata come non funzionante. Potrebbe trattarsi di un problema temporaneo, mentre i manutentori provano a risolverlo. Nel frattempo, l’aggiornamento di quest’app è disabilitato.", + "diagnosis_apps_deprecated_practices": "La versione installata di questa app usa ancora delle pratiche di packaging super-vecchie oppure deprecate. Dovresti proprio considerare di aggiornarla.", + "diagnosis_apps_not_in_app_catalog": "Questa applicazione non è nel catalogo delle applicazioni di YunoHost. Se precedentemente lo era ed è stata rimossa, dovresti considerare di disinstallare l’app, dato che non riceverà aggiornamenti e potrebbe compromettere l’integrità e la sicurezza del tuo sistema.", + "diagnosis_dns_specialusedomain": "Il dominio {domain} è basato su un dominio di primo livello (TLD) dall’uso speciale, come .local o .test, perciò non è previsto abbia reali record DNS.", + "domain_dns_registrar_supported": "YunoHost ha automaticamente riconosciuto che questo dominio è gestito dal registrar **{registrar}**. Se vuoi e se fornirai le credenziali API appropriate, YunoHost può configurare automaticamente questa zona DNS. Puoi trovare la documentazione su come ottenere le tue credenziali API su questa pagina. (Puoi anche configurare i tuoi record DNS manualmente, seguendo la documentazione)", + "service_not_reloading_because_conf_broken": "Non sto ricaricando/riavviando il servizio '{name}' perché la sua configurazione è rotta: {errors}", + "config_cant_set_value_on_section": "Non puoi impostare un unico parametro in un’intera sezione della configurazione.", + "config_forbidden_keyword": "La parola chiave '{keyword}' è riservata, non puoi creare o utilizzare un pannello di configurazione con una domanda con questo id.", + "config_no_panel": "Nessun panello di configurazione trovato.", + "config_unknown_filter_key": "Il valore del filtro '{filter_key}' non è corretto.", + "config_validate_color": "È necessario inserire un codice colore in RGB esadecimale", + "config_validate_date": "È necessario inserire una data valida nel formato AAAA-MM-GG", + "config_validate_email": "È necessario inserire un’email valida", + "diagnosis_description_apps": "Applicazioni", + "domain_registrar_is_not_configured": "Il registrar non è ancora configurato per il dominio {domain}.", + "domain_dns_registrar_managed_in_parent_domain": "Questo dominio è un sotto-dominio di {parent_domain_link}. La configurazione del registrar DNS dovrebbe essere gestita dal pannello di configurazione di {parent_domain}.", + "domain_dns_registrar_yunohost": "Questo dominio è un nohost.me / nohost.st / ynh.fr, perciò la sua configurazione DNS è gestita automaticamente da YunoHost, senza alcuna ulteriore configurazione. (vedi il comando yunohost dyndns update)", + "domain_dns_push_success": "Record DNS aggiornati!", + "domain_dns_push_failed": "L’aggiornamento dei record DNS è miseramente fallito.", + "domain_dns_push_partial_failure": "Record DNS parzialmente aggiornati: alcuni segnali/errori sono stati riportati.", + "domain_config_features_disclaimer": "Per ora, abilitare/disabilitare le impostazioni di posta o XMPP impatta unicamente sulle configurazioni DNS raccomandate o ottimizzate, non cambia quelle di sistema!", + "domain_config_mail_in": "Email in arrivo", + "domain_config_auth_application_key": "Chiave applicazione", + "domain_config_auth_application_secret": "Chiave segreta applicazione", + "domain_config_auth_consumer_key": "Chiave consumatore", + "ldap_attribute_already_exists": "L’attributo LDAP '{attribute}' esiste già con il valore '{value}'", + "config_validate_time": "È necessario inserire un orario valido, come HH:MM", + "config_version_not_supported": "Le versioni '{version}' del pannello di configurazione non sono supportate.", + "danger": "Attenzione:", + "log_domain_config_set": "Aggiorna la configurazione per il dominio '{}'", + "domain_dns_push_managed_in_parent_domain": "La configurazione automatica del DNS è gestita nel dominio genitore {parent_domain}.", + "user_import_bad_line": "Linea errata {line}: {details}", + "config_validate_url": "È necessario inserire un URL web valido", + "ldap_server_down": "Impossibile raggiungere il server LDAP", + "ldap_server_is_down_restart_it": "Il servizio LDAP è down, prova a riavviarlo…" } \ No newline at end of file diff --git a/locales/nb_NO.json b/locales/nb_NO.json index dc217d74e..e81d3af05 100644 --- a/locales/nb_NO.json +++ b/locales/nb_NO.json @@ -30,7 +30,6 @@ "domains_available": "Tilgjengelige domener:", "done": "Ferdig", "downloading": "Laster ned…", - "dyndns_could_not_check_provide": "Kunne ikke sjekke om {provider} kan tilby {domain}.", "dyndns_could_not_check_available": "Kunne ikke sjekke om {domain} er tilgjengelig på {provider}.", "mail_domain_unknown": "Ukjent e-postadresse for domenet '{domain}'", "log_remove_on_failed_restore": "Fjern '{}' etter mislykket gjenoppretting fra sikkerhetskopiarkiv", diff --git a/locales/nl.json b/locales/nl.json index 5e612fc77..f8b6df327 100644 --- a/locales/nl.json +++ b/locales/nl.json @@ -1,20 +1,19 @@ { "action_invalid": "Ongeldige actie '{action}'", "admin_password": "Administrator wachtwoord", - "admin_password_changed": "Het administratie wachtwoord werd gewijzigd", + "admin_password_changed": "Het administratie wachtwoord is gewijzigd", "app_already_installed": "{app} is al geïnstalleerd", "app_argument_invalid": "Kies een geldige waarde voor '{name}': {error}", "app_argument_required": "Het '{name}' moet ingevuld worden", - "app_extraction_failed": "Kan installatiebestanden niet uitpakken", + "app_extraction_failed": "Het lukt niet om de installatiebestanden uit te pakken", "app_id_invalid": "Ongeldige app-id", "app_install_files_invalid": "Deze bestanden kunnen niet worden geïnstalleerd", - "app_manifest_invalid": "Ongeldig app-manifest", - "app_not_installed": "{app} is niet geïnstalleerd", - "app_removed": "{app} succesvol verwijderd", - "app_sources_fetch_failed": "Kan bronbestanden niet ophalen, klopt de URL?", + "app_not_installed": "Het lukte niet om {app} te vinden in de lijst met geïnstalleerde apps: {all_apps}", + "app_removed": "{app} is verwijderd", + "app_sources_fetch_failed": "Het is niet gelukt bronbestanden op te halen, klopt de URL?", "app_unknown": "Onbekende app", - "app_upgrade_failed": "Kan app {app} niet updaten", - "app_upgraded": "{app} succesvol geüpgraded", + "app_upgrade_failed": "Het is niet gelukt app {app} bij te werken: {error}", + "app_upgraded": "{app} is bijgewerkt", "ask_firstname": "Voornaam", "ask_lastname": "Achternaam", "ask_new_admin_password": "Nieuw administratorwachtwoord", @@ -41,7 +40,7 @@ "extracting": "Uitpakken...", "installation_complete": "Installatie voltooid", "mail_alias_remove_failed": "Kan mail-alias '{mail}' niet verwijderen", - "pattern_email": "Moet een geldig emailadres bevatten (bv. abc@example.org)", + "pattern_email": "Moet een geldig e-mailadres bevatten, zonder '+' symbool er in (bv. abc@example.org)", "pattern_mailbox_quota": "Mailbox quota moet een waarde bevatten met b/k/M/G/T erachter of 0 om geen quota in te stellen", "pattern_password": "Wachtwoord moet tenminste 3 karakters lang zijn", "port_already_closed": "Poort {port} is al gesloten voor {ip_version} verbindingen", @@ -70,8 +69,8 @@ "user_unknown": "Gebruikersnaam {user} is onbekend", "user_update_failed": "Kan gebruiker niet bijwerken", "yunohost_configured": "YunoHost configuratie is OK", - "admin_password_change_failed": "Wachtwoord kan niet veranderd worden", - "app_argument_choice_invalid": "Ongeldige keuze voor argument '{name}'. Het moet een van de volgende keuzes zijn {choices}", + "admin_password_change_failed": "Wachtwoord wijzigen is niet gelukt", + "app_argument_choice_invalid": "Kiel een geldige waarde voor argument '{name}'; {value}' komt niet voor in de keuzelijst {choices}", "app_not_correctly_installed": "{app} schijnt niet juist geïnstalleerd te zijn", "app_not_properly_removed": "{app} werd niet volledig verwijderd", "app_requirements_checking": "Noodzakelijke pakketten voor {app} aan het controleren...", @@ -99,18 +98,47 @@ "app_install_failed": "Kan {app} niet installeren: {error}", "app_remove_after_failed_install": "Bezig de app te verwijderen na gefaalde installatie...", "app_manifest_install_ask_domain": "Kies het domein waar deze app op geïnstalleerd moet worden", - "app_manifest_install_ask_path": "Kies het pad waar deze app geïnstalleerd moet worden", + "app_manifest_install_ask_path": "Kies het URL-pad (achter het domein) waar deze app geïnstalleerd moet worden", "app_manifest_install_ask_admin": "Kies een administrator voor deze app", "app_change_url_success": "{app} URL is nu {domain}{path}", - "app_full_domain_unavailable": "Sorry, deze app moet op haar eigen domein geïnstalleerd worden, maar andere apps zijn al geïnstalleerd op het domein '{domain}'. U kunt wel een subdomein aan deze app toewijden.", + "app_full_domain_unavailable": "Sorry, deze app moet op haar eigen domein geïnstalleerd worden, maar andere apps zijn al geïnstalleerd op het domein '{domain}'. Een mogelijke oplossing is om een nieuw subdomein toe te voegen, speciaal voor deze app.", "app_install_script_failed": "Er is een fout opgetreden in het installatiescript van de app", "app_location_unavailable": "Deze URL is niet beschikbaar of is in conflict met de al geïnstalleerde app(s):\n{apps}", "app_manifest_install_ask_password": "Kies een administratiewachtwoord voor deze app", "app_manifest_install_ask_is_public": "Moet deze app zichtbaar zijn voor anomieme bezoekers?", "app_not_upgraded": "De app '{failed_app}' kon niet upgraden en daardoor zijn de upgrades van de volgende apps geannuleerd: {apps}", - "app_start_install": "{app} installeren...", - "app_start_remove": "{app} verwijderen...", + "app_start_install": "Bezig met installeren van {app}...", + "app_start_remove": "Bezig met verwijderen van {app}...", "app_start_backup": "Bestanden aan het verzamelen voor de backup van {app}...", "app_start_restore": "{app} herstellen...", - "app_upgrade_several_apps": "De volgende apps zullen worden geüpgraded: {apps}" + "app_upgrade_several_apps": "De volgende apps zullen worden geüpgraded: {apps}", + "app_upgrade_script_failed": "Er is een fout opgetreden in het upgradescript van de app", + "apps_already_up_to_date": "Alle apps zijn al bijgewerkt met de nieuwste versie", + "app_restore_script_failed": "Er ging iets mis in het helstelscript van de app", + "app_change_url_identical_domains": "De oude en nieuwe domeinnaam/url_path zijn identiek ('{domain}{path}'), er is niets te doen.", + "app_already_up_to_date": "{app} is al de meest actuele versie", + "app_action_broke_system": "Deze actie lijkt de volgende belangrijke services te hebben kapotgemaakt: {services}", + "app_config_unable_to_apply": "De waarden in het configuratiescherm konden niet toegepast worden.", + "app_config_unable_to_read": "Het is niet gelukt de waarden van het configuratiescherm te lezen.", + "app_argument_password_no_default": "Foutmelding tijdens het lezen van wachtwoordargument '{name}': het wachtwoordargument mag om veiligheidsredenen geen standaardwaarde hebben.", + "app_already_installed_cant_change_url": "Deze app is al geïnstalleerd. De URL kan niet veranderd worden met deze functie. Probeer of dat lukt via `app changeurl`.", + "apps_catalog_init_success": "De app-catalogus is succesvol geinitieerd!", + "apps_catalog_failed_to_download": "Het is niet gelukt de {apps_catalog} app-catalogus te downloaden: {error}", + "app_packaging_format_not_supported": "Deze app kon niet geinstalleerd worden, omdat het pakketformaat niet ondersteund wordt door je Yunohost. Probeer of je Yunohost bijgewerkt kan worden.", + "additional_urls_already_added": "Extra URL '{url:s}' is al toegevoegd in de extra URL voor privilege '{permission:s}'", + "additional_urls_already_removed": "Extra URL '{url}' is al verwijderd in de extra URL voor privilege '{permission}'", + "app_label_deprecated": "Dit commando is vervallen. Gebruik alsjeblieft het nieuwe commando 'yunohost user permission update' om het label van de app te beheren.", + "app_change_url_no_script": "De app '{app_name}' ondersteunt nog geen URL-aanpassingen. Misschien wel na een upgrade.", + "app_upgrade_some_app_failed": "Sommige apps konden niet worden bijgewerkt", + "other_available_options": "... en {n} andere beschikbare opties die niet getoond worden", + "password_listed": "Dit wachtwoord is een van de meest gebruikte wachtwoorden ter wereld. Kies alstublieft iets wat minder voor de hand ligt.", + "password_too_simple_4": "Het wachtwoord moet minimaal 12 tekens lang zijn en moet cijfers, hoofdletters, kleine letters en speciale tekens bevatten", + "pattern_email_forward": "Het moet een geldig e-mailadres zijn, '+' symbool is toegestaan (ikzelf@mijndomein.nl bijvoorbeeld, of ikzelf+yunohost@mijndomein.nl)", + "password_too_simple_2": "Het wachtwoord moet minimaal 8 tekens lang zijn en moet cijfers, hoofdletters en kleine letters bevatten", + "operation_interrupted": "Werd de bewerking handmatig onderbroken?", + "pattern_backup_archive_name": "Moet een geldige bestandsnaam zijn van maximaal 30 tekens; alleen alfanumerieke tekens en -_. zijn toegestaan", + "pattern_domain": "Moet een geldige domeinnaam zijn (mijneigendomein.nl, bijvoorbeeld)", + "pattern_firstname": "Het moet een geldige voornaam zijn", + "pattern_lastname": "Het moet een geldige achternaam zijn", + "password_too_simple_3": "Het wachtwoord moet minimaal 8 tekens lang zijn en moet cijfers, hoofdletters, kleine letters en speciale tekens bevatten" } \ No newline at end of file diff --git a/locales/oc.json b/locales/oc.json index a2a5bfe31..6901b0f0b 100644 --- a/locales/oc.json +++ b/locales/oc.json @@ -33,7 +33,6 @@ "app_change_url_identical_domains": "L’ancian e lo novèl coble domeni/camin son identics per {domain}{path}, pas res a far.", "app_change_url_success": "L’URL de l’aplicacion {app} es ara {domain}{path}", "app_extraction_failed": "Extraccion dels fichièrs d’installacion impossibla", - "app_manifest_invalid": "I a quicòm que truca amb lo manifest de l’aplicacion : {error}", "app_requirements_checking": "Verificacion dels paquets requesits per {app}...", "app_sources_fetch_failed": "Recuperacion dels fichièrs fonts impossibla, l’URL es corrècta ?", "app_unsupported_remote_type": "Lo tipe alonhat utilizat per l’aplicacion es pas suportat", @@ -78,8 +77,8 @@ "upnp_enabled": "UPnP es activat", "upnp_port_open_failed": "Impossible de dobrir los pòrts amb UPnP", "yunohost_already_installed": "YunoHost es ja installat", - "yunohost_configured": "YunoHost es estat configurat", - "yunohost_installing": "Installacion de YunoHost…", + "yunohost_configured": "YunoHost es ara configurat", + "yunohost_installing": "Installacion de YunoHost...", "backup_csv_creation_failed": "Creacion impossibla del fichièr CSV necessari a las operacions futuras de restauracion", "backup_output_symlink_dir_broken": "Vòstre repertòri d’archiu « {path} » es un ligam simbolic copat. Saique oblidèretz de re/montar o de connectar supòrt.", "backup_with_no_backup_script_for_app": "L’aplicacion {app} a pas cap de script de salvagarda. I fasèm pas cas.", @@ -110,7 +109,6 @@ "domains_available": "Domenis disponibles :", "done": "Acabat", "downloading": "Telecargament…", - "dyndns_could_not_check_provide": "Impossible de verificar se {provider} pòt provesir {domain}.", "dyndns_ip_update_failed": "Impossible d’actualizar l’adreça IP sul domeni DynDNS", "dyndns_ip_updated": "Vòstra adreça IP actualizada pel domeni DynDNS", "dyndns_key_generating": "La clau DNS es a se generar… pòt trigar una estona.", @@ -128,11 +126,9 @@ "global_settings_unknown_setting_from_settings_file": "Clau desconeguda dins los paramètres : {setting_key}, apartada e salvagardada dins /etc/yunohost/settings-unknown.json", "main_domain_change_failed": "Modificacion impossibla del domeni màger", "main_domain_changed": "Lo domeni màger es estat modificat", - "migrations_cant_reach_migration_file": "Impossible d’accedir als fichièrs de migracion amb lo camin %s", "migrations_list_conflict_pending_done": "Podètz pas utilizar --previous e --done a l’encòp.", "migrations_loading_migration": "Cargament de la migracion {id}…", "migrations_no_migrations_to_run": "Cap de migracion de lançar", - "packages_upgrade_failed": "Actualizacion de totes los paquets impossibla", "pattern_domain": "Deu èsser un nom de domeni valid (ex : mon-domeni.org)", "pattern_email": "Deu èsser una adreça electronica valida (ex : escais@domeni.org)", "pattern_firstname": "Deu èsser un pichon nom valid", @@ -144,7 +140,7 @@ "restore_already_installed_app": "Una aplicacion es ja installada amb l’id « {app} »", "app_restore_failed": "Impossible de restaurar l’aplicacion « {app} »: {error}", "backup_ask_for_copying_if_needed": "Volètz far una salvagarda en utilizant {size} Mo temporàriament ? (Aqueste biais de far es emplegat perque unes fichièrs an pas pogut èsser preparats amb un metòde mai eficaç.)", - "yunohost_not_installed": "YunoHost es pas installat o corrèctament installat. Mercés d’executar « yunohost tools postinstall »", + "yunohost_not_installed": "YunoHost es pas corrèctament installat. Mercés d’executar « yunohost tools postinstall »", "backup_output_directory_forbidden": "Causissètz un repertòri de destinacion deferent. Las salvagardas pòdon pas se realizar dins los repertòris bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var ou /home/yunohost.backup/archives", "certmanager_attempt_to_replace_valid_cert": "Sètz a remplaçar un certificat corrècte e valid pel domeni {domain} ! (Utilizatz --force per cortcircuitar)", "certmanager_cert_renew_success": "Renovèlament capitat d’un certificat Let’s Encrypt pel domeni « {domain} »", @@ -312,8 +308,6 @@ "dpkg_lock_not_available": "Aquesta comanda pòt pas s’executar pel moment perque un autre programa sembla utilizar lo varrolh de dpkg (lo gestionari de paquets del sistèma)", "log_regen_conf": "Regenerar las configuracions del sistèma « {} »", "service_reloaded_or_restarted": "Lo servici « {service} » es estat recargat o reaviat", - "tools_upgrade_regular_packages_failed": "Actualizacion impossibla dels paquets seguents : {packages_list}", - "tools_upgrade_special_packages_completed": "L’actualizacion dels paquets de YunoHost es acabada !\nQuichatz [Entrada] per tornar a la linha de comanda", "dpkg_is_broken": "Podètz pas far aquò pel moment perque dpkg/APT (los gestionaris de paquets del sistèma) sembla èsser mal configurat… Podètz ensajar de solucionar aquò en vos connectar via SSH e en executar « sudo dpkg --configure -a ».", "global_settings_setting_service_ssh_allow_deprecated_dsa_hostkey": "Autorizar l’utilizacion de la clau òst DSA (obsolèta) per la configuracion del servici SSH", "hook_json_return_error": "Fracàs de la lectura del retorn de l’script {path}. Error : {msg}. Contengut brut : {raw_content}", @@ -332,22 +326,14 @@ "regenconf_dry_pending_applying": "Verificacion de la configuracion que seriá estada aplicada a la categoria « {category} »…", "regenconf_failed": "Regeneracion impossibla de la configuracion per la(s) categoria(s) : {categories}", "regenconf_pending_applying": "Aplicacion de la configuracion en espèra per la categoria « {category} »…", - "tools_upgrade_cant_both": "Actualizacion impossibla del sistèma e de las aplicacions a l’encòp", - "tools_upgrade_cant_hold_critical_packages": "Manteniment impossible dels paquets critiques…", "global_settings_setting_security_nginx_compatibility": "Solucion de compromés entre compatibilitat e seguretat pel servidor web NGINX Afècta los criptografs (e d’autres aspèctes ligats amb la seguretat)", "global_settings_setting_security_ssh_compatibility": "Solucion de compromés entre compatibilitat e seguretat pel servidor SSH. Afècta los criptografs (e d’autres aspèctes ligats amb la seguretat)", "global_settings_setting_security_postfix_compatibility": "Solucion de compromés entre compatibilitat e seguretat pel servidor Postfix. Afècta los criptografs (e d’autres aspèctes ligats amb la seguretat)", - "service_regen_conf_is_deprecated": "« yunohost service regen-conf » es despreciat ! Utilizatz « yunohost tools regen-conf » allòc.", "service_reload_failed": "Impossible de recargar lo servici « {service} »\n\nJornal d’audit recent : {logs}", "service_restart_failed": "Impossible de reaviar lo servici « {service} »\n\nJornal d’audit recent : {logs}", "service_reload_or_restart_failed": "Impossible de recargar o reaviar lo servici « {service} »\n\nJornal d’audit recent : {logs}", "regenconf_file_kept_back": "S’espèra que lo fichièr de configuracion « {conf} » siá suprimit per regen-conf (categoria {category} mas es estat mantengut.", "this_action_broke_dpkg": "Aquesta accion a copat dpkg/apt (los gestionaris de paquets del sistèma)… Podètz ensajar de resòlver aqueste problèma en vos connectant amb SSH e executant « sudo dpkg --configure -a ».", - "tools_upgrade_at_least_one": "Especificatz --apps O --system", - "tools_upgrade_cant_unhold_critical_packages": "Se pòt pas quitar de manténer los paquets critics…", - "tools_upgrade_regular_packages": "Actualizacion dels paquets « normals » (pas ligats a YunoHost)…", - "tools_upgrade_special_packages": "Actualizacion dels paquets « especials » (ligats a YunoHost)…", - "tools_upgrade_special_packages_explanation": "Aquesta accion s’acabarà mas l’actualizacion especiala actuala contunharà en rèire-plan. Comencetz pas cap d’autra accion sul servidor dins las ~ 10 minutas que venon (depend de la velocitat de la maquina). Un còp acabat, benlèu que vos calrà vos tornar connectar a l’interfàcia d’administracion. Los jornals d’audit de l’actualizacion seràn disponibles a Aisinas > Jornals d’audit (dins l’interfàcia d’administracion) o amb « yunohost log list » (en linha de comanda).", "update_apt_cache_failed": "I a agut d’errors en actualizar la memòria cache d’APT (lo gestionari de paquets de Debian). Aquí avètz las linhas de sources.list que pòdon vos ajudar a identificar las linhas problematicas : \n{sourceslist}", "update_apt_cache_warning": "I a agut d’errors en actualizar la memòria cache d’APT (lo gestionari de paquets de Debian). Aquí avètz las linhas de sources.list que pòdon vos ajudar a identificar las linhas problematicas : \n{sourceslist}", "backup_permission": "Autorizacion de salvagarda per l’aplicacion {app}", @@ -480,7 +466,6 @@ "diagnosis_basesystem_hardware": "L’arquitectura del servidor es {virt} {arch}", "backup_archive_corrupted": "Sembla que l’archiu de la salvagarda « {archive} » es corromput : {error}", "diagnosis_domain_expires_in": "{domain} expiraà d’aquí {days} jorns.", - "migration_0015_cleaning_up": "Netejatge de la memòria cache e dels paquets pas mai necessaris…", "restore_already_installed_apps": "Restauracion impossibla de las aplicacions seguentas que son ja installadas : {apps}", "diagnosis_package_installed_from_sury": "D’unes paquets sistèma devon èsser meses a nivèl", "ask_user_domain": "Domeni d’utilizar per l’adreça de corrièl de l’utilizaire e lo compte XMPP", @@ -493,14 +478,6 @@ "app_label_deprecated": "Aquesta comanda es estada renduda obsolèta. Mercés d'utilizar lo nòva \"yunohost user permission update\" per gerir letiquetada de l'aplication", "additional_urls_already_removed": "URL addicionala {url} es ja estada elimida per la permission «#permission:s»", "additional_urls_already_added": "URL addicionadal «{url}'» es ja estada aponduda per la permission «{permission}»", - "migration_0015_yunohost_upgrade": "Aviada de la mesa a jorn de YunoHost...", - "migration_0015_main_upgrade": "Aviada de la mesa a nivèl generala...", - "migration_0015_patching_sources_list": "Mesa a jorn del fichièr sources.lists...", - "migration_0015_start": "Aviar la migracion cap a Buster", - "migration_description_0017_postgresql_9p6_to_11": "Migrar las basas de donadas de PostgreSQL 9.6 cap a 11", - "migration_description_0016_php70_to_php73_pools": "Migrar los fichièrs de configuracion php7.0 cap a php7.3", - "migration_description_0015_migrate_to_buster": "Mesa a nivèl dels sistèmas Debian Buster e YunoHost 4.x", - "migrating_legacy_permission_settings": "Migracion dels paramètres de permission ancians...", "log_app_action_run": "Executar l’accion de l’aplicacion « {} »", "diagnosis_basesystem_hardware_model": "Lo modèl del servidor es {model}", "backup_archive_cant_retrieve_info_json": "Obtencion impossibla de las informacions de l’archiu « {archive} »... Se pòt pas recuperar lo fichièr info.json (o es pas un fichièr json valid).", diff --git a/locales/pt.json b/locales/pt.json index d285948be..681bafb73 100644 --- a/locales/pt.json +++ b/locales/pt.json @@ -7,7 +7,6 @@ "app_extraction_failed": "Não foi possível extrair os arquivos para instalação", "app_id_invalid": "App ID invaĺido", "app_install_files_invalid": "Esses arquivos não podem ser instalados", - "app_manifest_invalid": "Manifesto da aplicação inválido: {error}", "app_not_installed": "Não foi possível encontrar {app} na lista de aplicações instaladas: {all_apps}", "app_removed": "{app} desinstalada", "app_sources_fetch_failed": "Não foi possível carregar os arquivos de código fonte, a URL está correta?", @@ -49,7 +48,6 @@ "mail_forward_remove_failed": "Não foi possível remover o reencaminhamento de correio '{mail}'", "main_domain_change_failed": "Incapaz alterar o domínio raiz", "main_domain_changed": "Domínio raiz alterado com êxito", - "packages_upgrade_failed": "Não foi possível atualizar todos os pacotes", "pattern_domain": "Deve ser um nome de domínio válido (p.e. meu-dominio.org)", "pattern_email": "Deve ser um endereço de correio válido (p.e. alguem@dominio.org)", "pattern_firstname": "Deve ser um primeiro nome válido", @@ -255,4 +253,4 @@ "diagnosis_backports_in_sources_list": "Parece que o apt (o gerenciador de pacotes) está configurado para usar o repositório backport. A não ser que você saiba o que você esteá fazendo, desencorajamos fortemente a instalação de pacotes de backports porque é provável que crie instabilidades ou conflitos no seu sistema.", "certmanager_cert_renew_success": "Certificado Let's Encrypt renovado para o domínio '{domain}'", "certmanager_warning_subdomain_dns_record": "O subdomínio '{subdomain}' não resolve para o mesmo IP que '{domain}'. Algumas funcionalidades não estarão disponíveis até que você conserte isto e regenere o certificado." -} +} \ No newline at end of file diff --git a/locales/ru.json b/locales/ru.json index 5a74524bf..9c857f7a6 100644 --- a/locales/ru.json +++ b/locales/ru.json @@ -5,29 +5,188 @@ "admin_password_changed": "Пароль администратора был изменен", "app_already_installed": "{app} уже установлено", "app_already_installed_cant_change_url": "Это приложение уже установлено. URL не может быть изменен только с помощью этой функции. Изучите `app changeurl`, если это доступно.", - "app_argument_choice_invalid": "Неверный выбор для аргумента '{name}', Это должно быть '{choices}'", - "app_argument_invalid": "Недопустимое значение аргумента '{name}': {error}'", + "app_argument_choice_invalid": "Выберите корректное значение аргумента '{name}'; '{value}' не входит в число возможных вариантов: '{choices}'", + "app_argument_invalid": "Недопустимое значение аргумента '{name}': {error}", "app_already_up_to_date": "{app} уже обновлено", "app_argument_required": "Аргумент '{name}' необходим", "app_change_url_identical_domains": "Старый и новый domain/url_path идентичны ('{domain}{path}'), ничего делать не надо.", - "app_change_url_no_script": "Приложение '{app_name}' не поддерживает изменение url. Наверное, вам нужно обновить приложение.", - "app_change_url_success": "Успешно изменён {app} url на {domain}{path}", - "app_extraction_failed": "Невозможно извлечь файлы для инсталляции", - "app_id_invalid": "Неправильный id приложения", - "app_install_files_invalid": "Неправильные файлы инсталляции", - "app_location_unavailable": "Этот url отсутствует или конфликтует с уже установленным приложением или приложениями: {apps}", - "app_manifest_invalid": "Недопустимый манифест приложения: {error}", + "app_change_url_no_script": "Приложение '{app_name}' не поддерживает изменение URL. Возможно, вам нужно обновить приложение.", + "app_change_url_success": "Успешно изменён URL {app} на {domain}{path}", + "app_extraction_failed": "Невозможно извлечь файлы для установки", + "app_id_invalid": "Неправильный ID приложения", + "app_install_files_invalid": "Эти файлы не могут быть установлены", + "app_location_unavailable": "Этот URL отсутствует или конфликтует с уже установленным приложением или приложениями:\n{apps}", "app_not_correctly_installed": "{app} , кажется, установлены неправильно", - "app_not_installed": "{app} не установлены", + "app_not_installed": "{app} не найдено в списке установленных приложений: {all_apps}", "app_not_properly_removed": "{app} удалены неправильно", "app_removed": "{app} удалено", - "app_requirements_checking": "Проверяю необходимые пакеты для {app}...", - "app_sources_fetch_failed": "Невозможно получить исходные файлы", + "app_requirements_checking": "Проверка необходимых пакетов для {app}...", + "app_sources_fetch_failed": "Невозможно получить исходные файлы, проверьте правильность URL", "app_unknown": "Неизвестное приложение", - "app_upgrade_app_name": "Обновление приложения {app}...", - "app_upgrade_failed": "Невозможно обновить {app}", - "app_upgrade_some_app_failed": "Невозможно обновить некоторые приложения", + "app_upgrade_app_name": "Обновление {app}...", + "app_upgrade_failed": "Невозможно обновить {app}: {error}", + "app_upgrade_some_app_failed": "Некоторые приложения не удалось обновить", "app_upgraded": "{app} обновлено", "installation_complete": "Установка завершена", - "password_too_simple_1": "Пароль должен быть не менее 8 символов" + "password_too_simple_1": "Пароль должен быть не менее 8 символов", + "admin_password_too_long": "Пожалуйста, выберите пароль короче 127 символов", + "password_listed": "Этот пароль является одним из наиболее часто используемых паролей в мире. Пожалуйста, выберите что-то более уникальное.", + "backup_applying_method_copy": "Копирование всех файлов в резервную копию...", + "domain_dns_conf_is_just_a_recommendation": "Эта страница показывает вам *рекомендуемую* конфигурацию. Она *не* создаёт для вас конфигурацию DNS. Вы должны сами конфигурировать зону вашего DNS у вашего регистратора в соответствии с этой рекомендацией.", + "good_practices_about_user_password": "Выберите пароль пользователя длиной не менее 8 символов, хотя рекомендуется использовать более длинные (например, парольную фразу) и / или использовать символы различного типа (прописные, строчные буквы, цифры и специальные символы).", + "password_too_simple_3": "Пароль должен содержать не менее 8 символов и содержать цифры, заглавные и строчные буквы и специальные символы", + "upnp_enabled": "UPnP включен", + "user_deleted": "Пользователь удалён", + "ask_lastname": "Фамилия", + "app_action_broke_system": "Это действие, по-видимому, нарушило эти важные службы: {services}", + "already_up_to_date": "Ничего делать не требуется. Всё уже обновлено.", + "operation_interrupted": "Действие было прервано вручную?", + "user_created": "Пользователь создан", + "aborting": "Прерывание.", + "ask_firstname": "Имя", + "ask_main_domain": "Основной домен", + "ask_new_admin_password": "Новый пароль администратора", + "ask_new_domain": "Новый домен", + "ask_new_path": "Новый путь", + "ask_password": "Пароль", + "app_remove_after_failed_install": "Удаление приложения после сбоя установки...", + "app_upgrade_script_failed": "Внутри скрипта обновления приложения произошла ошибка", + "upnp_disabled": "UPnP отключен", + "app_manifest_install_ask_domain": "Выберите домен, в котором должно быть установлено это приложение", + "app_manifest_install_ask_path": "Выберите URL путь (часть после домена), по которому должно быть установлено это приложение", + "app_manifest_install_ask_admin": "Выберите пользователя администратора для этого приложения", + "app_manifest_install_ask_password": "Выберите пароль администратора для этого приложения", + "app_manifest_install_ask_is_public": "Должно ли это приложение быть открыто для анонимных посетителей?", + "apps_already_up_to_date": "Все приложения уже обновлены", + "app_full_domain_unavailable": "Извините, это приложение должно быть установлено в собственном домене, но другие приложения уже установлены в домене '{domain}'. Вместо этого вы можете использовать отдельный поддомен для этого приложения.", + "app_install_script_failed": "Произошла ошибка в скрипте установки приложения", + "apps_catalog_update_success": "Каталог приложений был обновлён!", + "apps_catalog_updating": "Обновление каталога приложений...", + "yunohost_installing": "Установка YunoHost...", + "app_start_remove": "Удаление {app}...", + "app_label_deprecated": "Эта команда устарела! Пожалуйста, используйте новую команду 'yunohost user permission update', чтобы управлять ярлыком приложения.", + "app_start_restore": "Восстановление {app}...", + "app_upgrade_several_apps": "Будут обновлены следующие приложения: {apps}", + "password_too_simple_2": "Пароль должен содержать не менее 8 символов и включать цифры, заглавные и строчные буквы", + "password_too_simple_4": "Пароль должен содержать не менее 12 символов и включать цифры, заглавные и строчные буквы и специальные символы", + "upgrade_complete": "Обновление завершено", + "user_unknown": "Неизвестный пользователь: {user}", + "yunohost_already_installed": "YunoHost уже установлен", + "yunohost_configured": "Теперь YunoHost настроен", + "upgrading_packages": "Обновление пакетов...", + "app_requirements_unmeet": "Необходимые требования для {app} не выполнены, пакет {pkgname} ({version}) должен быть {spec}", + "app_make_default_location_already_used": "Невозможно сделать '{app}' приложением по умолчанию на домене, '{domain}' уже используется '{other_app}'", + "app_config_unable_to_apply": "Не удалось применить значения панели конфигурации.", + "app_config_unable_to_read": "Не удалось прочитать значения панели конфигурации.", + "app_install_failed": "Невозможно установить {app}: {error}", + "apps_catalog_init_success": "Система каталога приложений инициализирована!", + "backup_abstract_method": "Этот метод резервного копирования еще не реализован", + "backup_actually_backuping": "Создание резервного архива из собранных файлов...", + "backup_applying_method_custom": "Вызов пользовательского метода резервного копирования {method}'...", + "backup_archive_app_not_found": "Не удалось найти {app} в резервной копии", + "backup_applying_method_tar": "Создание резервной копии в TAR-архиве...", + "backup_archive_broken_link": "Не удалось получить доступ к резервной копии (неправильная ссылка {path})", + "apps_catalog_failed_to_download": "Невозможно загрузить каталог приложений {apps_catalog}: {error}", + "apps_catalog_obsolete_cache": "Кэш каталога приложений пуст или устарел.", + "backup_archive_cant_retrieve_info_json": "Не удалось загрузить информацию об архиве '{archive}'... info.json не может быть получен (или не является корректным json).", + "app_packaging_format_not_supported": "Это приложение не может быть установлено, поскольку его формат не поддерживается вашей версией YunoHost. Возможно, вам следует обновить систему.", + "app_restore_failed": "Не удалось восстановить {app}: {error}", + "app_restore_script_failed": "Произошла ошибка внутри сценария восстановления приложения", + "ask_user_domain": "Домен, используемый для адреса электронной почты пользователя и учетной записи XMPP", + "app_not_upgraded": "Не удалось обновить приложение '{failed_app}', и, как следствие, обновление следующих приложений было отменено: {apps}", + "app_start_backup": "Сбор файлов для резервного копирования {app}...", + "app_start_install": "Устанавливается {app}...", + "backup_app_failed": "Не удалось создать резервную копию {app}", + "backup_archive_name_exists": "Резервная копия с таким именем уже существует.", + "backup_archive_name_unknown": "Неизвестный локальный архив резервного копирования с именем '{name}'", + "backup_archive_open_failed": "Не удалось открыть архив резервной копии", + "backup_archive_corrupted": "Похоже, что архив резервной копии '{archive}' поврежден : {error}", + "certmanager_cert_install_success_selfsigned": "Самоподписанный сертификат для домена '{domain}' установлен", + "backup_created": "Создана резервная копия", + "config_unknown_filter_key": "Ключ фильтра '{filter_key}' неверен.", + "config_validate_date": "Должна быть правильная дата в формате YYYY-MM-DD", + "config_validate_email": "Должен быть правильный email", + "config_validate_time": "Должно быть правильное время формата HH:MM", + "backup_ask_for_copying_if_needed": "Хотите ли вы временно выполнить резервное копирование с использованием {size}MB? (Этот способ используется, поскольку некоторые файлы не могут быть подготовлены более эффективным методом.)", + "backup_permission": "Разрешить резервное копирование для {app}", + "certmanager_domain_dns_ip_differs_from_public_ip": "DNS-записи для домена '{domain}' отличаются от IP этого сервера. Пожалуйста, проверьте категорию 'DNS-записи' (основные) в диагностике для получения дополнительной информации. Если вы недавно изменили свою A-запись, пожалуйста, подождите, пока она распространится (некоторые программы проверки распространения DNS доступны в интернете). (Если вы знаете, что делаете, используйте '--no-checks', чтобы отключить эти проверки.)", + "certmanager_domain_not_diagnosed_yet": "Для домена {domain} еще нет результатов диагностики. Пожалуйста, перезапустите диагностику для категорий 'DNS-записи' и 'Web', чтобы проверить, готов ли домен к Let's Encrypt. (Или, если вы знаете, что делаете, используйте '--no-checks', чтобы отключить эти проверки.)", + "config_validate_url": "Должна быть правильная ссылка", + "config_version_not_supported": "Версии конфигурационной панели '{version}' не поддерживаются.", + "confirm_app_install_danger": "ОПАСНО! Это приложение все еще является экспериментальным (если не сказать, что оно явно не работает)! Вам не следует устанавливать его, если вы не знаете, что делаете. Если это приложение не будет работать или сломает вашу систему, мы не будем оказывать техническую поддержку... Если вы все равно готовы рискнуть, введите '{answers}'", + "confirm_app_install_thirdparty": "ВАЖНО! Это приложение не входит в каталог приложений YunoHost. Установка сторонних приложений может нарушить целостность и безопасность вашей системы. Вам не следует устанавливать его, если вы не знаете, что делаете. ТЕХНИЧЕСКОЙ ПОДДЕРЖКИ НЕ БУДЕТ, если это приложение не будет работать или сломает вашу систему... Если вы все равно готовы рискнуть, введите '{answers}'", + "config_apply_failed": "Не удалось применить новую конфигурацию: {error}", + "config_cant_set_value_on_section": "Вы не можете установить одно значение на весь раздел конфигурации.", + "config_forbidden_keyword": "Ключевое слово '{keyword}' зарезервировано, вы не можете создать или использовать панель конфигурации с вопросом с таким id.", + "config_no_panel": "Панель конфигурации не найдена.", + "danger": "Опасно:", + "certmanager_warning_subdomain_dns_record": "Субдомен '{subdomain}' не соответствует IP-адресу основного домена '{domain}'. Некоторые функции будут недоступны, пока вы не исправите это и не перегенерируете сертификат.", + "app_argument_password_no_default": "Ошибка при парсинге аргумента пароля '{name}': аргумент пароля не может иметь значение по умолчанию по причинам безопасности", + "custom_app_url_required": "Вы должны указать URL для обновления вашего пользовательского приложения {app}", + "backup_creation_failed": "Не удалось создать резервную копию", + "backup_csv_addition_failed": "Не удалось добавить файлы для резервного копирования в CSV-файл", + "backup_csv_creation_failed": "Не удалось создать CSV-файл, необходимый для восстановления", + "backup_deleted": "Резервная копия удалена", + "backup_delete_error": "Не удалось удалить '{path}'", + "backup_method_copy_finished": "Создание копии бэкапа завершено", + "backup_method_tar_finished": "Создан резервный TAR-архив", + "backup_mount_archive_for_restore": "Подготовка архива для восстановления...", + "backup_method_custom_finished": "Пользовательский метод резервного копирования '{method}' завершен", + "backup_nothings_done": "Нечего сохранять", + "backup_output_directory_required": "Вы должны выбрать каталог для сохранения резервной копии", + "backup_system_part_failed": "Не удалось создать резервную копию системной части '{part}'", + "certmanager_cert_renew_success": "Обновлен сертификат Let's Encrypt для домена '{domain}'", + "certmanager_cert_signing_failed": "Не удалось подписать новый сертификат", + "diagnosis_apps_bad_quality": "В настоящее время это приложение отмечено как неработающее в каталоге приложений YunoHost. Это может быть временной проблемой, пока мэинтейнеры пытаются исправить проблему. Пока что обновление этого приложения отключено.", + "diagnosis_apps_broken": "В настоящее время это приложение отмечено как неработающее в каталоге приложений YunoHost. Это может быть временной проблемой, пока мэинтейнеры пытаются исправить проблему. Пока что обновления для этого приложения отключены.", + "diagnosis_apps_allgood": "Все установленные приложения соблюдают основные правила упаковки", + "diagnosis_apps_issue": "Обнаружена проблема для приложения {app}", + "diagnosis_apps_not_in_app_catalog": "Этого приложения нет в каталоге приложений YunoHost. Если оно было там раньше, а теперь удалено, вам стоит подумать об удалении этого приложения, так как оно больше не получит обновлений и может нарушить целостность и безопасность вашей системы.", + "diagnosis_apps_deprecated_practices": "Установленная версия этого приложения все еще использует некоторые устаревшие пакеты. Вам стоит подумать об обновлении.", + "additional_urls_already_added": "Этот URL '{url}' уже добавлен в дополнительный URL для разрешения '{permission}'", + "additional_urls_already_removed": "Этот URL '{url}' уже удален из дополнительных URL для разрешения '{permission}'", + "app_action_cannot_be_ran_because_required_services_down": "Для выполнения этого действия должны быть запущены следующие службы: {services}. Попробуйте перезапустить их, чтобы продолжить (и, возможно, выяснить, почему они не работают).", + "app_unsupported_remote_type": "Неподдерживаемый удаленный тип, используемый для приложения", + "backup_archive_system_part_not_available": "Системная часть '{part}' недоступна в этой резервной копии", + "backup_output_directory_not_empty": "Вы должны выбрать пустой каталог для сохранения", + "backup_archive_writing_error": "Не удалось добавить файлы '{source}' (названные в архиве '{dest}') для резервного копирования в архив '{archive}'", + "backup_cant_mount_uncompress_archive": "Не удалось смонтировать несжатый архив как защищенный от записи", + "backup_copying_to_organize_the_archive": "Копирование {size}MB для создания архива", + "backup_couldnt_bind": "Не удалось связать {src} с {dest}.", + "backup_output_directory_forbidden": "Выберите другой каталог для сохранения. Резервные копии не могут быть созданы в подкаталогах /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var или /home/yunohost.backup/archives", + "backup_with_no_backup_script_for_app": "Приложение '{app}' не имеет сценария резервного копирования. Оно будет проигнорировано.", + "certmanager_attempt_to_renew_nonLE_cert": "Сертификат для домена '{domain}' не выпущен Let's Encrypt. Невозможно продлить его автоматически!", + "certmanager_attempt_to_renew_valid_cert": "Срок действия сертификата для домена '{domain}' НЕ истекает! (Вы можете использовать --force, если знаете, что делаете)", + "certmanager_cannot_read_cert": "При попытке открыть текущий сертификат для домена {domain} произошло что-то неправильное (файл: {file}), причина: {reason}", + "certmanager_cert_install_success": "Сертификат Let's Encrypt для домена '{domain}' установлен", + "certmanager_domain_cert_not_selfsigned": "Сертификат для домена {domain} не самоподписанный. Вы уверены, что хотите заменить его? (Для этого используйте '--force'.)", + "certmanager_certificate_fetching_or_enabling_failed": "Попытка использовать новый сертификат для {domain} не сработала...", + "certmanager_domain_http_not_working": "Похоже, домен {domain} не доступен через HTTP. Пожалуйста, проверьте категорию 'Web' в диагностике для получения дополнительной информации. (Если вы знаете, что делаете, используйте '--no-checks', чтобы отключить эти проверки.)", + "certmanager_hit_rate_limit": "Для этого набора доменов {domain} в последнее время было выпущено слишком много сертификатов. Пожалуйста, повторите попытку позже. См. https://letsencrypt.org/docs/rate-limits/ для получения более подробной информации", + "certmanager_no_cert_file": "Не удалось прочитать файл сертификата для домена {domain} (файл: {file})", + "confirm_app_install_warning": "Предупреждение: Это приложение может работать, но пока еще недостаточно интегрировано в YunoHost. Некоторые функции, такие как единая регистрация и резервное копирование/восстановление, могут быть недоступны. Все равно устанавливать? [{answers}] ", + "yunohost_not_installed": "YunoHost установлен неправильно. Пожалуйста, запустите 'yunohost tools postinstall'", + "backup_cleaning_failed": "Не удалось очистить временную папку резервного копирования", + "certmanager_attempt_to_replace_valid_cert": "Вы пытаетесь перезаписать хороший и действительный сертификат для домена {domain}! (Используйте --force для обхода)", + "backup_create_size_estimation": "Архив будет содержать около {size} данных.", + "diagnosis_description_regenconf": "Конфигурации системы", + "diagnosis_description_services": "Проверка статусов сервисов", + "config_validate_color": "Должен быть правильный hex цвета RGB", + "diagnosis_basesystem_hardware": "Аппаратная архитектура сервера – {virt} {arch}", + "certmanager_acme_not_configured_for_domain": "Задача ACME не может быть запущена для {domain} прямо сейчас, потому что в его nginx conf отсутствует соответствующий фрагмент кода... Пожалуйста, убедитесь, что конфигурация вашего nginx обновлена, используя `yunohost tools regen-conf nginx --dry-run --with-diff`.", + "diagnosis_basesystem_ynh_single_version": "{package} версия: {version} ({repo})", + "diagnosis_description_mail": "Email", + "diagnosis_basesystem_kernel": "Версия ядра Linux на сервере {kernel_version}", + "diagnosis_description_apps": "Приложения", + "diagnosis_diskusage_low": "В хранилище {mountpoint} (на устройстве {device}) осталось {free} ({free_percent}%) места (из {total}). Будьте осторожны.", + "diagnosis_description_dnsrecords": "DNS записи", + "diagnosis_description_ip": "Интернет-соединение", + "diagnosis_description_basesystem": "Основная система", + "diagnosis_description_web": "Web", + "diagnosis_basesystem_host": "На сервере запущен Debian {debian_version}", + "diagnosis_dns_bad_conf": "Некоторые записи DNS для домена {domain} (категория {category}) отсутствуют или неверны", + "diagnosis_description_systemresources": "Системные ресурсы", + "backup_with_no_restore_script_for_app": "{app} не имеет сценария восстановления, вы не сможете автоматически восстановить это приложение из резервной копии.", + "diagnosis_description_ports": "Открытые порты", + "diagnosis_basesystem_hardware_model": "Модель сервера {model}" } \ No newline at end of file diff --git a/locales/sl.json b/locales/sl.json new file mode 100644 index 000000000..9e26dfeeb --- /dev/null +++ b/locales/sl.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/locales/uk.json b/locales/uk.json index b54d81fbd..ae363bd35 100644 --- a/locales/uk.json +++ b/locales/uk.json @@ -1,6 +1,5 @@ { "app_manifest_install_ask_domain": "Оберіть домен, в якому треба встановити цей застосунок", - "app_manifest_invalid": "Щось не так з маніфестом застосунку: {error}", "app_location_unavailable": "Ця URL-адреса або недоступна, або конфліктує з уже встановленим застосунком (застосунками):\n{apps}", "app_label_deprecated": "Ця команда застаріла! Будь ласка, використовуйте нову команду 'yunohost user permission update' для управління заголовком застосунку.", "app_make_default_location_already_used": "Неможливо зробити '{app}' типовим застосунком на домені, '{domain}' вже використовується '{other_app}'", @@ -40,7 +39,6 @@ "service_reload_failed": "Не вдалося перезавантажити службу '{service}'\n\nОстанні журнали служби: {logs}", "service_removed": "Служба '{service}' вилучена", "service_remove_failed": "Не вдалося видалити службу '{service}'", - "service_regen_conf_is_deprecated": "'yunohost service regen-conf' застарів! Будь ласка, використовуйте 'yunohost tools regen-conf' замість цього.", "service_enabled": "Служба '{service}' тепер буде автоматично запускатися під час завантаження системи.", "service_enable_failed": "Неможливо змусити службу '{service}' автоматично запускатися під час завантаження.\n\nНедавні журнали служби: {logs}", "service_disabled": "Служба '{service}' більше не буде запускатися під час завантаження системи.", @@ -52,7 +50,6 @@ "service_description_rspamd": "Фільтри спаму і інші функції, пов'язані з е-поштою", "service_description_redis-server": "Спеціалізована база даних, яка використовується для швидкого доступу до даних, черги завдань і зв'язку між програмами", "service_description_postfix": "Використовується для надсилання та отримання е-пошти", - "service_description_php7.3-fpm": "Запускає застосунки, написані мовою програмування PHP за допомогою NGINX", "service_description_nginx": "Обслуговує або надає доступ до всіх вебсайтів, розміщених на вашому сервері", "service_description_mysql": "Зберігає дані застосунків (база даних SQL)", "service_description_metronome": "Управління обліковими записами миттєвих повідомлень XMPP", @@ -140,7 +137,6 @@ "password_too_simple_2": "Пароль має складатися не менше ніж з 8 символів і містити цифри, великі та малі символи", "password_too_simple_1": "Пароль має складатися не менше ніж з 8 символів", "password_listed": "Цей пароль входить в число найбільш часто використовуваних паролів у світі. Будь ласка, виберіть щось неповторюваніше.", - "packages_upgrade_failed": "Не вдалося оновити всі пакети", "operation_interrupted": "Операція була вручну перервана?", "invalid_number": "Має бути числом", "not_enough_disk_space": "Недостатньо вільного місця на '{path}'", @@ -160,41 +156,11 @@ "migrations_exclusive_options": "'--auto', '--skip', і '--force-rerun' є взаємовиключними опціями.", "migrations_failed_to_load_migration": "Не вдалося завантажити міграцію {id}: {error}", "migrations_dependencies_not_satisfied": "Запустіть ці міграції: '{dependencies_id}', перед міграцією {id}.", - "migrations_cant_reach_migration_file": "Не вдалося отримати доступ до файлів міграцій за шляхом '%s'", "migrations_already_ran": "Наступні міграції вже виконано: {ids}", - "migration_0019_slapd_config_will_be_overwritten": "Схоже, що ви вручну відредагували конфігурацію slapd. Для цього критичного переходу YunoHost повинен примусово оновити конфігурацію slapd. Оригінальні файли будуть збережені в {conf_backup_folder}.", - "migration_0019_add_new_attributes_in_ldap": "Додавання нових атрибутів для дозволів у базі даних LDAP", - "migration_0018_failed_to_reset_legacy_rules": "Не вдалося скинути спадкові правила iptables: {error}", - "migration_0018_failed_to_migrate_iptables_rules": "Не вдалося перенести спадкові правила iptables в nftables: {error}", - "migration_0017_not_enough_space": "Звільніть достатньо місця в {path} для запуску міграції.", - "migration_0017_postgresql_11_not_installed": "PostgreSQL 9.6 встановлено, але не PostgreSQL 11‽ Можливо, у вашій системі відбулося щось дивне :(...", - "migration_0017_postgresql_96_not_installed": "PostgreSQL не встановлено у вашій системі. Нічого не потрібно робити.", - "migration_0015_weak_certs": "Було виявлено, що такі сертифікати все ще використовують слабкі алгоритми підпису і повинні бути оновлені для сумісності з наступною версією nginx: {certs}", - "migration_0015_cleaning_up": "Очищення кеш-пам'яті і пакетів, які більше не потрібні...", - "migration_0015_specific_upgrade": "Початок оновлення системних пакетів, які повинні бути оновлені незалежно...", - "migration_0015_modified_files": "Зверніть увагу, що такі файли були змінені вручну і можуть бути перезаписані після оновлення: {manually_modified_files}", - "migration_0015_problematic_apps_warning": "Зверніть увагу, що були виявлені наступні, можливо, проблемні встановлені застосунки. Схоже, що вони не були встановлені з каталогу застосунків YunoHost або не зазначені як «робочі». Отже, не можна гарантувати, що вони будуть працювати після оновлення: {problematic_apps}", - "migration_0015_general_warning": "Будь ласка, зверніть увагу, що ця міграція є делікатною операцією. Команда YunoHost зробила все можливе, щоб перевірити і протестувати її, але міграція все ще може порушити частина системи або її застосунків.\n\nТому рекомендовано:\n - Виконати резервне копіювання всіх важливих даних або застосунків. Подробиці на сайті https://yunohost.org/backup; \n - Наберіться терпіння після запуску міграції: В залежності від вашого з'єднання з Інтернетом і апаратного забезпечення, оновлення може зайняти до декількох годин.", - "migration_0015_system_not_fully_up_to_date": "Ваша система не повністю оновлена. Будь ласка, виконайте регулярне оновлення перед запуском міграції на Buster.", - "migration_0015_not_enough_free_space": "Вільного місця в /var/ досить мало! У вас повинно бути не менше 1 ГБ вільного місця, щоб запустити цю міграцію.", - "migration_0015_not_stretch": "Поточний дистрибутив Debian не є Stretch!", - "migration_0015_yunohost_upgrade": "Початок оновлення ядра YunoHost...", - "migration_0015_still_on_stretch_after_main_upgrade": "Щось пішло не так під час основного оновлення, система, схоже, все ще знаходиться на Debian Stretch", - "migration_0015_main_upgrade": "Початок основного оновлення...", - "migration_0015_patching_sources_list": "Виправлення sources.lists...", - "migration_0015_start": "Початок міграції на Buster", - "migration_update_LDAP_schema": "Оновлення схеми LDAP...", "migration_ldap_rollback_success": "Система відкотилася.", "migration_ldap_migration_failed_trying_to_rollback": "Не вдалося виконати міграцію... Пробуємо відкотити систему.", "migration_ldap_can_not_backup_before_migration": "Не вдалося завершити резервне копіювання системи перед невдалою міграцією. Помилка: {error}", "migration_ldap_backup_before_migration": "Створення резервної копії бази даних LDAP і налаштування застосунків перед фактичною міграцією.", - "migration_description_0020_ssh_sftp_permissions": "Додавання підтримки дозволів SSH і SFTP", - "migration_description_0019_extend_permissions_features": "Розширення/переробка системи управління дозволами застосунків", - "migration_description_0018_xtable_to_nftable": "Перенесення старих правил мережевого трафіку в нову систему nftable", - "migration_description_0017_postgresql_9p6_to_11": "Перенесення баз даних з PostgreSQL 9.6 на 11", - "migration_description_0016_php70_to_php73_pools": "Перенесення php7.0-fpm 'pool' conf файлів на php7.3", - "migration_description_0015_migrate_to_buster": "Оновлення системи до Debian Buster і YunoHost 4.x", - "migrating_legacy_permission_settings": "Перенесення спадкових налаштувань дозволів...", "main_domain_changed": "Основний домен було змінено", "main_domain_change_failed": "Неможливо змінити основний домен", "mail_unavailable": "Ця е-пошта зарезервована і буде автоматично виділена найпершому користувачеві", @@ -247,8 +213,8 @@ "log_help_to_get_log": "Щоб переглянути журнал операції '{desc}', використовуйте команду 'yunohost log show {name}'", "log_link_to_log": "Повний журнал цієї операції: '{desc}'", "log_corrupted_md_file": "Файл метаданих YAML, пов'язаний з журналами, пошкоджено: '{md_file}\nПомилка: {error}'", - "iptables_unavailable": "Ви не можете грати з iptables тут. Ви перебуваєте або в контейнері, або ваше ядро не підтримує його", - "ip6tables_unavailable": "Ви не можете грати з ip6tables тут. Ви перебуваєте або в контейнері, або ваше ядро не підтримує його", + "iptables_unavailable": "Ви не можете відтворювати з iptables тут. Ви перебуваєте або в контейнері, або ваше ядро не підтримує його", + "ip6tables_unavailable": "Ви не можете відтворювати з ip6tables тут. Ви перебуваєте або в контейнері, або ваше ядро не підтримує його", "invalid_regex": "Неприпустимий regex: '{regex}'", "installation_complete": "Установлення завершено", "hook_name_unknown": "Невідома назва хука '{name}'", @@ -318,13 +284,11 @@ "dyndns_ip_updated": "Вашу IP-адресу в DynDNS оновлено", "dyndns_ip_update_failed": "Не вдалося оновити IP-адресу в DynDNS", "dyndns_could_not_check_available": "Не вдалося перевірити, чи {domain} доступний у {provider}.", - "dyndns_could_not_check_provide": "Не вдалося перевірити, чи може {provider} надати {domain}.", "dpkg_lock_not_available": "Ця команда не може бути виконана прямо зараз, тому що інша програма, схоже, використовує блокування dpkg (системного менеджера пакетів)", "dpkg_is_broken": "Ви не можете зробити це прямо зараз, тому що dpkg/APT (системні менеджери пакетів), схоже, знаходяться в зламаному стані... Ви можете спробувати вирішити цю проблему, під'єднавшись через SSH і виконавши `sudo apt install --fix-broken` та/або `sudo dpkg --configure -a`.", "downloading": "Завантаження…", "done": "Готово", "domains_available": "Доступні домени:", - "domain_name_unknown": "Домен '{domain}' невідомий", "domain_uninstall_app_first": "Ці застосунки все ще встановлені на вашому домені:\n{apps}\n\nВидаліть їх за допомогою 'yunohost app remove the_app_id' або перемістіть їх на інший домен за допомогою 'yunohost app change-url the_app_id', перш ніж приступити до вилучення домену", "domain_remove_confirm_apps_removal": "Вилучення цього домену призведе до вилучення таких застосунків:\n{apps}\n\nВи впевнені, що хочете це зробити? [{answers}]", "domain_hostname_failed": "Неможливо встановити нову назву хоста. Це може викликати проблеми в подальшому (можливо, все буде в порядку).", @@ -356,7 +320,6 @@ "diagnosis_http_connection_error": "Помилка з'єднання: не вдалося з'єднатися із запитуваним доменом, швидше за все, він недоступний.", "diagnosis_http_timeout": "При спробі зв'язатися з вашим сервером ззовні стався тайм-аут. Він здається недоступним.
1. Найбільш поширеною причиною цієї проблеми є те, що порт 80 (і 443) неправильно перенаправлено на ваш сервер .
2. Ви також повинні переконатися, що служба nginx запущена
3.На більш складних установках: переконайтеся, що немає фаєрвола або зворотного проксі.", "diagnosis_http_ok": "Домен {domain} доступний по HTTP поза локальною мережею.", - "diagnosis_http_localdomain": "Домен {domain} з .local TLD не може бути доступний ззовні локальної мережі.", "diagnosis_http_could_not_diagnose_details": "Помилка: {error}", "diagnosis_http_could_not_diagnose": "Не вдалося діагностувати досяжність доменів ззовні в IPv{ipversion}.", "diagnosis_http_hairpinning_issue_details": "Можливо, це пов'язано з коробкою/маршрутизатором вашого інтернет-провайдера. В результаті, люди ззовні вашої локальної мережі зможуть отримати доступ до вашого сервера, як і очікувалося, але не люди зсередини локальної мережі (як ви, ймовірно?) При використанні доменного імені або глобального IP. Можливо, ви зможете поліпшити ситуацію, глянувши https://yunohost.org/dns_local_network ", @@ -380,7 +343,7 @@ "diagnosis_security_vulnerable_to_meltdown": "Схоже, що ви вразливі до критичної вразливості безпеки Meltdown", "diagnosis_rootfstotalspace_critical": "Коренева файлова система має тільки {space}, що дуже тривожно! Скоріше за все, дисковий простір закінчиться дуже скоро! Рекомендовано мати не менше 16 ГБ для кореневої файлової системи.", "diagnosis_rootfstotalspace_warning": "Коренева файлова система має тільки {space}. Можливо це нормально, але будьте обережні, тому що в кінцевому підсумку дисковий простір може швидко закінчитися... Рекомендовано мати не менше 16 ГБ для кореневої файлової системи.", - "diagnosis_regenconf_manually_modified_details": "Можливо це нормально, якщо ви знаєте, що робите! YunoHost перестане оновлювати цей файл автоматично... Але врахуйте, що оновлення YunoHost можуть містити важливі рекомендовані зміни. Якщо ви хочете, ви можете перевірити відмінності за допомогою команди yunohost tools regen-conf {category} --dry-run --with-diff і примусово повернути рекомендовану конфігурацію за допомогою команди yunohost tools regen-conf {category} --force", + "diagnosis_regenconf_manually_modified_details": "Можливо це нормально, якщо ви знаєте, що робите! YunoHost перестане оновлювати цей файл автоматично. Але врахуйте, що оновлення YunoHost можуть містити важливі рекомендовані зміни. Якщо хочете, ви можете перевірити відмінності за допомогою команди yunohost tools regen-conf {category} --dry-run --with-diff і примусово повернути рекомендовану конфігурацію за допомогою команди yunohost tools regen-conf {category} --force", "diagnosis_regenconf_manually_modified": "Конфігураційний файл {file}, схоже, було змінено вручну.", "diagnosis_regenconf_allgood": "Усі конфігураційні файли відповідають рекомендованій конфігурації!", "diagnosis_mail_queue_too_big": "Занадто багато відкладених листів у поштовій черзі (листів: {nb_pending})", @@ -439,15 +402,6 @@ "unknown_main_domain_path": "Невідомий домен або шлях для '{app}'. Вам необхідно вказати домен і шлях, щоб мати можливість вказати URL для дозволу.", "unexpected_error": "Щось пішло не так: {error}", "unbackup_app": "{app} НЕ буде збережено", - "tools_upgrade_special_packages_completed": "Оновлення пакета YunoHost завершено.\nНатисніть [Enter] для повернення до командного рядка", - "tools_upgrade_special_packages_explanation": "Спеціальне оновлення триватиме у тлі. Будь ласка, не запускайте ніяких інших дій на вашому сервері протягом наступних ~ 10 хвилин (в залежності від швидкості обладнання). Після цього вам, можливо, доведеться заново увійти в вебадміністрації. Журнал оновлення буде доступний в Засоби → Журнал (в вебадміністрації) або за допомогою 'yunohost log list' (з командного рядка).", - "tools_upgrade_special_packages": "Тепер оновлюємо 'спеціальні' (пов'язані з yunohost) пакети…", - "tools_upgrade_regular_packages_failed": "Не вдалося оновити пакети: {packages_list}", - "tools_upgrade_regular_packages": "Тепер оновлюємо 'звичайні' (не пов'язані з yunohost) пакети…", - "tools_upgrade_cant_unhold_critical_packages": "Не вдалося розтримати критичні пакети…", - "tools_upgrade_cant_hold_critical_packages": "Не вдалося утримати критичні пакети…", - "tools_upgrade_cant_both": "Неможливо оновити систему і застосунки одночасно", - "tools_upgrade_at_least_one": "Будь ласка, вкажіть 'apps', або 'system'", "this_action_broke_dpkg": "Ця дія порушила dpkg/APT (системні менеджери пакетів)... Ви можете спробувати вирішити цю проблему, під'єднавшись по SSH і запустивши `sudo apt install --fix-broken` та/або `sudo dpkg --configure -a`.", "system_username_exists": "Ім'я користувача вже існує в списку користувачів системи", "system_upgraded": "Систему оновлено", @@ -669,13 +623,10 @@ "config_validate_url": "Вебадреса має бути дійсною", "config_version_not_supported": "Версії конфігураційної панелі '{version}' не підтримуються.", "danger": "Небезпека:", - "file_extension_not_accepted": "Файл '{path}' відхиляється, бо його розширення не входить в число прийнятих розширень: {accept}", "invalid_number_min": "Має бути більшим за {min}", "invalid_number_max": "Має бути меншим за {max}", "log_app_config_set": "Застосувати конфігурацію до застосунку '{}'", "service_not_reloading_because_conf_broken": "Неможливо перезавантажити/перезапустити службу '{name}', тому що її конфігурацію порушено: {errors}", - "app_argument_password_help_optional": "Введіть один пробіл, щоб очистити пароль", - "app_argument_password_help_keep": "Натисніть Enter, щоб зберегти поточне значення", "domain_registrar_is_not_configured": "Реєстратор ще не конфігуровано для домену {domain}.", "domain_dns_push_not_applicable": "Функція автоматичної конфігурації DNS не застосовується до домену {domain}. Вам слід вручну конфігурувати записи DNS відповідно до документації за адресою https://yunohost.org/dns_config.", "domain_dns_registrar_not_supported": "YunoHost не зміг автоматично виявити реєстратора, який обробляє цей домен. Вам слід вручну конфігурувати записи DNS відповідно до документації за адресою https://yunohost.org/dns.", @@ -709,5 +660,30 @@ "other_available_options": "...і {n} інших доступних опцій, які не показано", "domain_dns_pushing": "Передання записів DNS...", "ldap_attribute_already_exists": "Атрибут LDAP '{attribute}' вже існує зі значенням '{value}'", - "domain_dns_push_already_up_to_date": "Записи вже оновлені, нічого не потрібно робити." + "domain_dns_push_already_up_to_date": "Записи вже оновлені, нічого не потрібно робити.", + "domain_unknown": "Домен '{domain}' є невідомим", + "migration_0021_start": "Початок міграції на Bullseye", + "migration_0021_patching_sources_list": "Виправлення sources.lists...", + "migration_0021_main_upgrade": "Початок основного оновлення...", + "migration_0021_yunohost_upgrade": "Початок оновлення ядра YunoHost...", + "migration_0021_not_buster": "Поточний дистрибутив Debian не є Buster!", + "migration_0021_problematic_apps_warning": "Зверніть увагу, що були виявлені наступні, ймовірно проблемні встановлені застосунки. Схоже, що вони не були встановлені з каталогу застосунків YunoHost або не зазначені як «робочі». Отже, не можна гарантувати, що вони будуть працювати після оновлення: {problematic_apps}", + "migration_0021_modified_files": "Зверніть увагу, що такі файли були змінені вручну і можуть бути перезаписані після оновлення: {manually_modified_files}", + "migration_0021_cleaning_up": "Очищення кеш-пам'яті і пакетів, які більше не потрібні...", + "migration_0021_patch_yunohost_conflicts": "Застосування виправлення для вирішення проблеми конфлікту...", + "migration_0021_still_on_buster_after_main_upgrade": "Щось пішло не так під час основного оновлення, здається, що система все ще працює на Debian Buster", + "migration_0021_not_enough_free_space": "Вільного місця в /var/ досить мало! У вас повинно бути не менше 1 ГБ вільного місця, щоб запустити цю міграцію.", + "migration_0021_system_not_fully_up_to_date": "Ваша система не повністю оновлена. Будь ласка, виконайте регулярне оновлення перед запуском міграції на Bullseye.", + "migration_0021_general_warning": "Будь ласка, зверніть увагу, що ця міграція є делікатною операцією. Команда YunoHost зробила все можливе, щоб перевірити і протестувати її, але міграція все ще може порушити частину системи або її застосунків.\n\nТому рекомендовано:\n - Виконати резервне копіювання всіх важливих даних або застосунків. Подробиці на сайті https://yunohost.org/backup; \n - Наберіться терпіння після запуску міграції: В залежності від вашого з'єднання з Інтернетом і апаратного забезпечення, оновлення може зайняти до декількох годин.", + "migration_description_0021_migrate_to_bullseye": "Оновлення системи до Debian Bullseye і YunoHost 11.x", + "global_settings_setting_security_ssh_password_authentication": "Дозволити автентифікацію паролем для SSH", + "service_description_postgresql": "Зберігає дані застосунків (база даних SQL)", + "domain_config_default_app": "Типовий застосунок", + "migration_0023_postgresql_13_not_installed": "PostgreSQL 11 встановлено, але не PostgreSQL 13!? У вашій системі могло статися щось неприємне :(...", + "migration_description_0023_postgresql_11_to_13": "Перенесення баз даних з PostgreSQL 11 на 13", + "tools_upgrade": "Оновлення системних пакетів", + "tools_upgrade_failed": "Не вдалося оновити наступні пакети: {packages_list}", + "migration_0023_not_enough_space": "Звільніть достатньо місця в {path} для виконання міграції.", + "migration_0023_postgresql_11_not_installed": "PostgreSQL не було встановлено у вашій системі. Нічого робити.", + "migration_description_0022_php73_to_php74_pools": "Перенесення конфігураційних файлів php7.3-fpm 'pool' на php7.4" } diff --git a/locales/zh_Hans.json b/locales/zh_Hans.json index 9176ebab9..a05a44437 100644 --- a/locales/zh_Hans.json +++ b/locales/zh_Hans.json @@ -137,7 +137,6 @@ "additional_urls_already_removed": "权限'{permission}'的其他URL中已经删除了附加URL'{url}'", "app_manifest_install_ask_path": "选择安装此应用的路径", "app_manifest_install_ask_domain": "选择应安装此应用程序的域", - "app_manifest_invalid": "应用清单错误: {error}", "app_location_unavailable": "该URL不可用,或与已安装的应用冲突:\n{apps}", "app_label_deprecated": "不推荐使用此命令!请使用新命令 'yunohost user permission update'来管理应用标签。", "app_make_default_location_already_used": "无法将'{app}' 设置为域上的默认应用,'{other_app}'已在使用'{domain}'", @@ -218,7 +217,6 @@ "service_description_rspamd": "过滤垃圾邮件和其他与电子邮件相关的功能", "service_description_redis-server": "用于快速数据访问,任务队列和程序之间通信的专用数据库", "service_description_postfix": "用于发送和接收电子邮件", - "service_description_php7.3-fpm": "使用NGINX运行用PHP编写的应用程序", "service_description_nginx": "为你的服务器上托管的所有网站提供服务或访问", "service_description_mysql": "存储应用程序数据(SQL数据库)", "service_description_metronome": "管理XMPP即时消息传递帐户", @@ -235,16 +233,10 @@ "service_reload_failed": "无法重新加载服务'{service}'\n\n最近的服务日志:{logs}", "service_removed": "服务 '{service}' 已删除", "service_remove_failed": "无法删除服务'{service}'", - "service_regen_conf_is_deprecated": "不建议使用'yunohost service regen-conf' ! 请改用'yunohost tools regen-conf'。", "service_enabled": "现在,服务'{service}' 将在系统引导过程中自动启动。", "service_enable_failed": "无法使服务 '{service}'在启动时自动启动。\n\n最近的服务日志:{logs}", "service_disabled": "系统启动时,服务 '{service}' 将不再启动。", "service_disable_failed": "服务'{service}'在启动时无法启动。\n\n最近的服务日志:{logs}", - "tools_upgrade_regular_packages": "现在正在升级 'regular' (与yunohost无关)的软件包…", - "tools_upgrade_cant_unhold_critical_packages": "无法解压关键软件包…", - "tools_upgrade_cant_hold_critical_packages": "无法保存重要软件包…", - "tools_upgrade_cant_both": "无法同时升级系统和应用程序", - "tools_upgrade_at_least_one": "请指定'apps', 或 'system'", "this_action_broke_dpkg": "此操作破坏了dpkg / APT(系统软件包管理器)...您可以尝试通过SSH连接并运行`sudo apt install --fix-broken`和/或`sudo dpkg --configure -a`来解决此问题。", "system_username_exists": "用户名已存在于系统用户列表中", "system_upgraded": "系统升级", @@ -266,10 +258,6 @@ "unknown_main_domain_path": "'{app}'的域或路径未知。您需要指定一个域和一个路径,以便能够指定用于许可的URL。", "unexpected_error": "出乎意料的错误: {error}", "unbackup_app": "{app} 将不会保存", - "tools_upgrade_special_packages_completed": "YunoHost软件包升级完成。\n按[Enter]返回命令行", - "tools_upgrade_special_packages_explanation": "特殊升级将在后台继续。请在接下来的10分钟内(取决于硬件速度)在服务器上不要执行任何其他操作。此后,您可能必须重新登录Webadmin。升级日志将在“工具”→“日志”(在Webadmin中)或使用'yunohost log list'(从命令行)中可用。", - "tools_upgrade_special_packages": "现在正在升级'special'(与yunohost相关的)程序包…", - "tools_upgrade_regular_packages_failed": "无法升级软件包: {packages_list}", "yunohost_installing": "正在安装YunoHost ...", "yunohost_configured": "现在已配置YunoHost", "yunohost_already_installed": "YunoHost已经安装", @@ -353,13 +341,11 @@ "dyndns_ip_updated": "在DynDNS上更新了您的IP", "dyndns_ip_update_failed": "无法将IP地址更新到DynDNS", "dyndns_could_not_check_available": "无法检查{provider}上是否可用 {domain}。", - "dyndns_could_not_check_provide": "无法检查{provider}是否可以提供 {domain}.", "dpkg_lock_not_available": "该命令现在无法运行,因为另一个程序似乎正在使用dpkg锁(系统软件包管理器)", "dpkg_is_broken": "您现在不能执行此操作,因为dpkg / APT(系统软件包管理器)似乎处于损坏状态……您可以尝试通过SSH连接并运行sudo apt install --fix-broken和/或 sudo dpkg --configure-a 来解决此问题.", "downloading": "下载中…", "done": "完成", "domains_available": "可用域:", - "domain_name_unknown": "域'{domain}'未知", "domain_uninstall_app_first": "这些应用程序仍安装在您的域中:\n{apps}\n\n请先使用 'yunohost app remove the_app_id' 将其卸载,或使用 'yunohost app change-url the_app_id'将其移至另一个域,然后再继续删除域", "domain_remove_confirm_apps_removal": "删除该域将删除这些应用程序:\n{apps}\n\n您确定要这样做吗? [{answers}]", "domain_hostname_failed": "无法设置新的主机名。稍后可能会引起问题(可能没问题)。", @@ -550,7 +536,6 @@ "password_too_simple_3": "密码长度至少为8个字符,并且包含数字,大写,小写和特殊字符", "password_too_simple_2": "密码长度至少为8个字符,并且包含数字,大写和小写字符", "password_listed": "该密码是世界上最常用的密码之一。 请选择一些更独特的东西。", - "packages_upgrade_failed": "无法升级所有软件包", "invalid_number": "必须是数字", "not_enough_disk_space": "'{path}'上的可用空间不足", "migrations_to_be_ran_manually": "迁移{id}必须手动运行。请转到webadmin页面上的工具→迁移,或运行`yunohost tools migrations run`。", @@ -569,41 +554,11 @@ "migrations_exclusive_options": "'--auto', '--skip',和'--force-rerun'是互斥的选项。", "migrations_failed_to_load_migration": "无法加载迁移{id}: {error}", "migrations_dependencies_not_satisfied": "在迁移{id}之前运行以下迁移: '{dependencies_id}'。", - "migrations_cant_reach_migration_file": "无法访问路径'%s'处的迁移文件", "migrations_already_ran": "这些迁移已经完成: {ids}", - "migration_0019_slapd_config_will_be_overwritten": "好像您手动编辑了slapd配置。对于此关键迁移,YunoHost需要强制更新slapd配置。原始文件将备份在{conf_backup_folder}中。", - "migration_0019_add_new_attributes_in_ldap": "在LDAP数据库中添加权限的新属性", - "migration_0018_failed_to_reset_legacy_rules": "无法重置旧版iptables规则: {error}", - "migration_0018_failed_to_migrate_iptables_rules": "无法将旧的iptables规则迁移到nftables: {error}", - "migration_0017_not_enough_space": "在{path}中提供足够的空间来运行迁移。", - "migration_0017_postgresql_11_not_installed": "已安装PostgreSQL 9.6,但未安装PostgreSQL11?您的系统上可能发生了一些奇怪的事情:(...", - "migration_0017_postgresql_96_not_installed": "PostgreSQL未安装在您的系统上。无事可做。", - "migration_0015_weak_certs": "发现以下证书仍然使用弱签名算法,并且必须升级以与下一版本的nginx兼容: {certs}", - "migration_0015_cleaning_up": "清理不再有用的缓存和软件包...", - "migration_0015_specific_upgrade": "开始升级需要独立升级的系统软件包...", - "migration_0015_modified_files": "请注意,发现以下文件是手动修改的,并且在升级后可能会被覆盖: {manually_modified_files}", - "migration_0015_problematic_apps_warning": "请注意,已检测到以下可能有问题的已安装应用程序。看起来好像那些不是从YunoHost应用程序目录中安装的,或者没有标记为“正在运行”。因此,不能保证它们在升级后仍然可以使用: {problematic_apps}", - "migration_0015_general_warning": "请注意,此迁移是一项微妙的操作。YunoHost团队竭尽全力对其进行检查和测试,但迁移仍可能会破坏系统或其应用程序的某些部分。\n\n因此,建议:\n -对任何关键数据或应用程序执行备份。有关更多信息,请访问https://yunohost.org/backup;\n -启动迁移后要耐心:根据您的Internet连接和硬件,升级所有内容最多可能需要几个小时。", - "migration_0015_system_not_fully_up_to_date": "您的系统不是最新的。请先执行常规升级,然后再运行向Buster的迁移。", - "migration_0015_not_enough_free_space": "/var/中的可用空间非常低!您应该至少有1GB的可用空间来运行此迁移。", - "migration_0015_not_stretch": "当前的Debian发行版不是Stretch!", - "migration_0015_yunohost_upgrade": "正在启动YunoHost核心升级...", - "migration_0015_still_on_stretch_after_main_upgrade": "在主要升级期间出了点问题,系统似乎仍在Debian Stretch上", - "migration_0015_main_upgrade": "正在开始主要升级...", - "migration_0015_patching_sources_list": "修补sources.lists ...", - "migration_0015_start": "开始迁移至Buster", - "migration_update_LDAP_schema": "正在更新LDAP模式...", "migration_ldap_rollback_success": "系统回滚。", "migration_ldap_migration_failed_trying_to_rollback": "无法迁移...试图回滚系统。", "migration_ldap_can_not_backup_before_migration": "迁移失败之前,无法完成系统的备份。错误: {error}", "migration_ldap_backup_before_migration": "在实际迁移之前,请创建LDAP数据库和应用程序设置的备份。", - "migration_description_0020_ssh_sftp_permissions": "添加SSH和SFTP权限支持", - "migration_description_0019_extend_permissions_features": "扩展/修改应用程序的权限管理系统", - "migration_description_0018_xtable_to_nftable": "将旧的网络流量规则迁移到新的nftable系统", - "migration_description_0017_postgresql_9p6_to_11": "将数据库从PostgreSQL 9.6迁移到11", - "migration_description_0016_php70_to_php73_pools": "将php7.0-fpm'pool'conf文件迁移到php7.3", - "migration_description_0015_migrate_to_buster": "将系统升级到Debian Buster和YunoHost 4.x", - "migrating_legacy_permission_settings": "正在迁移旧版权限设置...", "main_domain_changed": "主域已更改", "main_domain_change_failed": "无法更改主域", "mail_unavailable": "该电子邮件地址是保留的,并且将自动分配给第一个用户", @@ -625,5 +580,30 @@ "log_user_group_delete": "删除组'{}'", "log_user_group_create": "创建组'{}'", "log_user_delete": "删除用户'{}'", - "log_user_create": "添加用户'{}'" + "log_user_create": "添加用户'{}'", + "domain_registrar_is_not_configured": "尚未为域 {domain} 配置注册商。", + "domain_dns_push_not_applicable": "的自动DNS配置的特征是不适用域{domain}。您应该按照 https://yunohost.org/dns_config 上的文档手动配置DNS 记录。", + "disk_space_not_sufficient_update": "没有足够的磁盘空间来更新此应用程序", + "diagnosis_high_number_auth_failures": "最近出现了大量可疑的失败身份验证。您的fail2ban正在运行且配置正确,或使用自定义端口的SSH作为https://yunohost.org/解释的安全性。", + "diagnosis_apps_not_in_app_catalog": "此应用程序不在 YunoHost 的应用程序目录中。如果它过去有被删除过,您应该考虑卸载此应用程,因为它不会更新,并且可能会损害您系统的完整和安全性。", + "app_config_unable_to_apply": "无法应用配置面板值。", + "app_config_unable_to_read": "无法读取配置面板值。", + "config_forbidden_keyword": "关键字“{keyword}”是保留的,您不能创建或使用带有此 ID 的问题的配置面板。", + "config_no_panel": "未找到配置面板。", + "config_unknown_filter_key": "该过滤器钥匙“{filter_key}”有误。", + "diagnosis_apps_outdated_ynh_requirement": "此应用程序的安装 版本只需要 yunohost >= 2.x,这往往表明它与推荐的打包实践和帮助程序不是最新的。你真的应该考虑更新它。", + "disk_space_not_sufficient_install": "没有足够的磁盘空间来安装此应用程序", + "config_apply_failed": "应用新配置 失败:{error}", + "config_cant_set_value_on_section": "无法在整个配置部分设置单个值 。", + "config_validate_color": "是有效的 RGB 十六进制颜色", + "config_validate_date": "有效日期格式为YYYY-MM-DD", + "config_validate_email": "是有效的电子邮件", + "config_validate_time": "应该是像 HH:MM 这样的有效时间", + "config_validate_url": "应该是有效的URL", + "config_version_not_supported": "不支持配置面板版本“{ version }”。", + "danger": "警告:", + "diagnosis_apps_allgood": "所有已安装的应用程序都遵守基本的打包原则", + "diagnosis_apps_deprecated_practices": "此应用程序的安装 版本仍然使用一些超旧的弃用打包原则。推荐您升级它。", + "diagnosis_apps_issue": "发现应用{ app } 存在问题", + "diagnosis_description_apps": "应用" } \ No newline at end of file diff --git a/maintenance/autofix_locale_format.py b/maintenance/autofix_locale_format.py new file mode 100644 index 000000000..1c56ea386 --- /dev/null +++ b/maintenance/autofix_locale_format.py @@ -0,0 +1,170 @@ +import os +import re +import json +import glob +from collections import OrderedDict + +ROOT = os.path.dirname(__file__) + "/../" +LOCALE_FOLDER = ROOT + "/locales/" + +# List all locale files (except en.json being the ref) +TRANSLATION_FILES = glob.glob(LOCALE_FOLDER + "*.json") +TRANSLATION_FILES = [filename.split("/")[-1] for filename in TRANSLATION_FILES] +print(LOCALE_FOLDER) +TRANSLATION_FILES.remove("en.json") + +REFERENCE_FILE = LOCALE_FOLDER + "en.json" + + +def autofix_i18n_placeholders(): + def _autofix_i18n_placeholders(locale_file): + """ + This tries for magically fix mismatch between en.json format and other.json format + e.g. an i18n string with: + source: "Lorem ipsum {some_var}" + fr: "Lorem ipsum {une_variable}" + (ie the keyword in {} was translated but shouldnt have been) + """ + + this_locale = json.loads(open(LOCALE_FOLDER + locale_file).read()) + fixed_stuff = False + reference = json.loads(open(REFERENCE_FILE).read()) + + # We iterate over all keys/string in en.json + for key, string in reference.items(): + + # Ignore check if there's no translation yet for this key + if key not in this_locale: + continue + + # Then we check that every "{stuff}" (for python's .format()) + # should also be in the translated string, otherwise the .format + # will trigger an exception! + subkeys_in_ref = [k[0] for k in re.findall(r"{(\w+)(:\w)?}", string)] + subkeys_in_this_locale = [ + k[0] for k in re.findall(r"{(\w+)(:\w)?}", this_locale[key]) + ] + + if set(subkeys_in_ref) != set(subkeys_in_this_locale) and ( + len(subkeys_in_ref) == len(subkeys_in_this_locale) + ): + for i, subkey in enumerate(subkeys_in_ref): + this_locale[key] = this_locale[key].replace( + "{%s}" % subkeys_in_this_locale[i], "{%s}" % subkey + ) + fixed_stuff = True + + # Validate that now it's okay ? + subkeys_in_ref = [k[0] for k in re.findall(r"{(\w+)(:\w)?}", string)] + subkeys_in_this_locale = [ + k[0] for k in re.findall(r"{(\w+)(:\w)?}", this_locale[key]) + ] + if any(k not in subkeys_in_ref for k in subkeys_in_this_locale): + raise Exception( + """\n +========================== +Format inconsistency for string {key} in {locale_file}:" +en.json -> {string} +{locale_file} -> {translated_string} +Please fix it manually ! + """.format( + key=key, + string=string.encode("utf-8"), + locale_file=locale_file, + translated_string=this_locale[key].encode("utf-8"), + ) + ) + + if fixed_stuff: + json.dump( + this_locale, + open(LOCALE_FOLDER + locale_file, "w"), + indent=4, + ensure_ascii=False, + ) + + for locale_file in TRANSLATION_FILES: + _autofix_i18n_placeholders(locale_file) + + +def autofix_orthotypography_and_standardized_words(): + def reformat(lang, transformations): + + locale = open(f"{LOCALE_FOLDER}{lang}.json").read() + for pattern, replace in transformations.items(): + locale = re.compile(pattern).sub(replace, locale) + + open(f"{LOCALE_FOLDER}{lang}.json", "w").write(locale) + + ###################################################### + + godamn_spaces_of_hell = [ + "\u00a0", + "\u2000", + "\u2001", + "\u2002", + "\u2003", + "\u2004", + "\u2005", + "\u2006", + "\u2007", + "\u2008", + "\u2009", + "\u200A", + "\u202f", + "\u202F", + "\u3000", + ] + + transformations = {s: " " for s in godamn_spaces_of_hell} + transformations.update( + { + "…": "...", + } + ) + + reformat("en", transformations) + + ###################################################### + + transformations.update( + { + "courriel": "email", + "e-mail": "email", + "Courriel": "Email", + "E-mail": "Email", + "« ": "'", + "«": "'", + " »": "'", + "»": "'", + "’": "'", + # r"$(\w{1,2})'|( \w{1,2})'": r"\1\2’", + } + ) + + reformat("fr", transformations) + + +def remove_stale_translated_strings(): + + reference = json.loads(open(LOCALE_FOLDER + "en.json").read()) + + for locale_file in TRANSLATION_FILES: + + print(locale_file) + this_locale = json.loads( + open(LOCALE_FOLDER + locale_file).read(), object_pairs_hook=OrderedDict + ) + this_locale_fixed = {k: v for k, v in this_locale.items() if k in reference} + + json.dump( + this_locale_fixed, + open(LOCALE_FOLDER + locale_file, "w"), + indent=4, + ensure_ascii=False, + ) + + +autofix_orthotypography_and_standardized_words() +remove_stale_translated_strings() +autofix_i18n_placeholders() diff --git a/maintenance/make_changelog.sh b/maintenance/make_changelog.sh new file mode 100644 index 000000000..038d4741d --- /dev/null +++ b/maintenance/make_changelog.sh @@ -0,0 +1,36 @@ +VERSION="?" +RELEASE="testing" +REPO=$(basename $(git rev-parse --show-toplevel)) +REPO_URL=$(git remote get-url origin) +ME=$(git config --global --get user.name) +EMAIL=$(git config --global --get user.email) + +LAST_RELEASE=$(git tag --list | grep debian | tail -n 1) + +echo "$REPO ($VERSION) $RELEASE; urgency=low" +echo "" + +git log $LAST_RELEASE.. -n 10000 --first-parent --pretty=tformat:' - %b%s (%h)' \ +| sed -E "s@Merge .*#([0-9]+).*\$@ \([#\1]\($REPO_URL/pull/\1\)\)@g" \ +| grep -v "Update from Weblate" \ +| tac + +TRANSLATIONS=$(git log $LAST_RELEASE... -n 10000 --pretty=format:"%s" \ + | grep "Translated using Weblate" \ + | sed -E "s/Translated using Weblate \((.*)\)/\1/g" \ + | sort | uniq | tr '\n' ', ' | sed -e 's/,$//g' -e 's/,/, /g') +[[ -z "$TRANSLATIONS" ]] || echo " - [i18n] Translations updated for $TRANSLATIONS" + +echo "" +CONTRIBUTORS=$(git logc $LAST_RELEASE... -n 10000 --pretty=format:"%an" \ + | sort | uniq | grep -v "$ME" \ + | tr '\n' ', ' | sed -e 's/,$//g' -e 's/,/, /g') +[[ -z "$CONTRIBUTORS" ]] || echo " Thanks to all contributors <3 ! ($CONTRIBUTORS)" +echo "" +echo " -- $ME <$EMAIL> $(date -R)" +echo "" + + + +# PR links can be converted to regular texts using : sed -E 's@\[(#[0-9]*)\]\([^ )]*\)@\1@g' +# Or readded with sed -E 's@#([0-9]*)@[YunoHost#\1](https://github.com/yunohost/yunohost/pull/\1)@g' | sed -E 's@\((\w+)\)@([YunoHost/\1](https://github.com/yunohost/yunohost/commit/\1))@g' diff --git a/tests/test_i18n_keys.py b/maintenance/missing_i18n_keys.py similarity index 71% rename from tests/test_i18n_keys.py rename to maintenance/missing_i18n_keys.py index 103241085..3dbca8027 100644 --- a/tests/test_i18n_keys.py +++ b/maintenance/missing_i18n_keys.py @@ -1,12 +1,17 @@ # -*- coding: utf-8 -*- +import toml import os import re import glob import json import yaml import subprocess -import toml +import sys + +ROOT = os.path.dirname(__file__) + "/../" +LOCALE_FOLDER = ROOT + "/locales/" +REFERENCE_FILE = LOCALE_FOLDER + "en.json" ############################################################################### # Find used keys in python code # @@ -25,12 +30,12 @@ def find_expected_string_keys(): p3 = re.compile(r"YunohostValidationError\(\n*\s*[\'\"](\w+)[\'\"]") p4 = re.compile(r"# i18n: [\'\"]?(\w+)[\'\"]?") - python_files = glob.glob("src/yunohost/*.py") - python_files.extend(glob.glob("src/yunohost/utils/*.py")) - python_files.extend(glob.glob("src/yunohost/data_migrations/*.py")) - python_files.extend(glob.glob("src/yunohost/authenticators/*.py")) - python_files.extend(glob.glob("data/hooks/diagnosis/*.py")) - python_files.append("bin/yunohost") + python_files = glob.glob(ROOT + "src/*.py") + python_files.extend(glob.glob(ROOT + "src/utils/*.py")) + python_files.extend(glob.glob(ROOT + "src/migrations/*.py")) + python_files.extend(glob.glob(ROOT + "src/authenticators/*.py")) + python_files.extend(glob.glob(ROOT + "src/diagnosers/*.py")) + python_files.append(ROOT + "bin/yunohost") for python_file in python_files: content = open(python_file).read() @@ -52,7 +57,9 @@ def find_expected_string_keys(): # For each diagnosis, try to find strings like "diagnosis_stuff_foo" (c.f. diagnosis summaries) # Also we expect to have "diagnosis_description_" for each diagnosis p3 = re.compile(r"[\"\'](diagnosis_[a-z]+_\w+)[\"\']") - for python_file in glob.glob("data/hooks/diagnosis/*.py"): + for python_file in glob.glob(ROOT + "src/diagnosers/*.py"): + if "__init__.py" in python_file: + continue content = open(python_file).read() for m in p3.findall(content): if m.endswith("_"): @@ -64,14 +71,14 @@ def find_expected_string_keys(): ] # For each migration, expect to find "migration_description_" - for path in glob.glob("src/yunohost/data_migrations/*.py"): + for path in glob.glob(ROOT + "src/migrations/*.py"): if "__init__" in path: continue yield "migration_description_" + os.path.basename(path)[:-3] # For each default service, expect to find "service_description_" for service, info in yaml.safe_load( - open("data/templates/yunohost/services.yml") + open(ROOT + "conf/yunohost/services.yml") ).items(): if info is None: continue @@ -80,7 +87,7 @@ def find_expected_string_keys(): # For all unit operations, expect to find "log_" # A unit operation is created either using the @is_unit_operation decorator # or using OperationLogger( - cmd = "grep -hr '@is_unit_operation' src/yunohost/ -A3 2>/dev/null | grep '^def' | sed -E 's@^def (\\w+)\\(.*@\\1@g'" + cmd = f"grep -hr '@is_unit_operation' {ROOT}/src/ -A3 2>/dev/null | grep '^def' | sed -E 's@^def (\\w+)\\(.*@\\1@g'" for funcname in ( subprocess.check_output(cmd, shell=True).decode("utf-8").strip().split("\n") ): @@ -95,14 +102,14 @@ def find_expected_string_keys(): # Global settings descriptions # Will be on a line like : ("service.ssh.allow_deprecated_dsa_hostkey", {"type": "bool", ... p5 = re.compile(r" \(\n*\s*[\"\'](\w[\w\.]+)[\"\'],") - content = open("src/yunohost/settings.py").read() + content = open(ROOT + "src/settings.py").read() for m in ( "global_settings_setting_" + s.replace(".", "_") for s in p5.findall(content) ): yield m # Keys for the actionmap ... - for category in yaml.safe_load(open("data/actionsmap/yunohost.yml")).values(): + for category in yaml.safe_load(open(ROOT + "share/actionsmap.yml")).values(): if "actions" not in category.keys(): continue for action in category["actions"].values(): @@ -130,13 +137,13 @@ def find_expected_string_keys(): yield "backup_applying_method_%s" % method yield "backup_method_%s_finished" % method - registrars = toml.load(open("data/other/registrar_list.toml")) + registrars = toml.load(open(ROOT + "share/registrar_list.toml")) supported_registrars = ["ovh", "gandi", "godaddy"] for registrar in supported_registrars: for key in registrars[registrar].keys(): yield f"domain_config_{key}" - domain_config = toml.load(open("data/other/config_domain.toml")) + domain_config = toml.load(open(ROOT + "share/config_domain.toml")) for panel in domain_config.values(): if not isinstance(panel, dict): continue @@ -149,41 +156,53 @@ def find_expected_string_keys(): yield f"domain_config_{key}" -############################################################################### -# Load en locale json keys # -############################################################################### - - -def keys_defined_for_en(): - return json.loads(open("locales/en.json").read()).keys() - - ############################################################################### # Compare keys used and keys defined # ############################################################################### +if len(sys.argv) <= 1 or sys.argv[1] not in ["--check", "--fix"]: + print("Please specify --check or --fix") + sys.exit(1) expected_string_keys = set(find_expected_string_keys()) -keys_defined = set(keys_defined_for_en()) +keys_defined_for_en = json.loads(open(REFERENCE_FILE).read()).keys() +keys_defined = set(keys_defined_for_en) +unused_keys = keys_defined.difference(expected_string_keys) +unused_keys = sorted(unused_keys) -def test_undefined_i18n_keys(): - undefined_keys = expected_string_keys.difference(keys_defined) - undefined_keys = sorted(undefined_keys) +undefined_keys = expected_string_keys.difference(keys_defined) +undefined_keys = sorted(undefined_keys) + +mode = sys.argv[1].strip("-") +if mode == "check": + + # Unused keys are not too problematic, will be automatically + # removed by the other autoreformat script, + # but still informative to display them + if unused_keys: + print( + "Those i18n keys appears unused:\n" " - " + "\n - ".join(unused_keys) + ) if undefined_keys: - raise Exception( + print( "Those i18n keys should be defined in en.json:\n" " - " + "\n - ".join(undefined_keys) ) + sys.exit(1) +elif mode == "fix": + j = json.loads(open(REFERENCE_FILE).read()) + for key in undefined_keys: + j[key] = "FIXME" + for key in unused_keys: + del j[key] -def test_unused_i18n_keys(): - - unused_keys = keys_defined.difference(expected_string_keys) - unused_keys = sorted(unused_keys) - - if unused_keys: - raise Exception( - "Those i18n keys appears unused:\n" " - " + "\n - ".join(unused_keys) - ) + json.dump( + j, + open(REFERENCE_FILE, "w"), + indent=4, + ensure_ascii=False, + sort_keys=True, + ) diff --git a/sbin/yunohost-reset-ldap-password b/sbin/yunohost-reset-ldap-password deleted file mode 100755 index 95f84875f..000000000 --- a/sbin/yunohost-reset-ldap-password +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -echo "Warning: this script is now deprecated. You can simply type 'yunohost tools adminpw' to change the root/admin password." -yunohost tools adminpw diff --git a/data/other/password/100000-most-used.txt.gz b/share/100000-most-used-passwords.txt.gz similarity index 100% rename from data/other/password/100000-most-used.txt.gz rename to share/100000-most-used-passwords.txt.gz diff --git a/data/actionsmap/yunohost.yml b/share/actionsmap.yml similarity index 92% rename from data/actionsmap/yunohost.yml rename to share/actionsmap.yml index c21050b56..5046f9b33 100644 --- a/data/actionsmap/yunohost.yml +++ b/share/actionsmap.yml @@ -33,7 +33,7 @@ # Global parameters # ############################# _global: - name: yunohost.admin + namespace: yunohost authentication: api: ldap_admin cli: null @@ -89,9 +89,6 @@ user: pattern: &pattern_lastname - !!str ^([^\W\d_]{1,30}[ ,.'-]{0,3})+$ - "pattern_lastname" - -m: - full: --mail - help: (Deprecated, see --domain) Main unique email address -p: full: --password help: User password @@ -534,9 +531,6 @@ domain: --self-signed: help: Install self-signed certificate instead of Let's Encrypt action: store_true - --staging: - help: Use the fake/staging Let's Encrypt certification authority. The new certificate won't actually be enabled - it is only intended to test the main steps of the procedure. - action: store_true ### certificate_renew() cert-renew: @@ -555,9 +549,6 @@ domain: --no-checks: help: Does not perform any check that your domain seems correctly configured (DNS, reachability) before attempting to renew. (Not recommended) action: store_true - --staging: - help: Use the fake/staging Let's Encrypt certification authority. The new certificate won't actually be enabled - it is only intended to test the main steps of the procedure. - action: store_true ### domain_url_available() url-available: @@ -680,9 +671,6 @@ domain: --self-signed: help: Install self-signed certificate instead of Let's Encrypt action: store_true - --staging: - help: Use the fake/staging Let's Encrypt certification authority. The new certificate won't actually be enabled - it is only intended to test the main steps of the procedure. - action: store_true ### certificate_renew() renew: @@ -701,9 +689,6 @@ domain: --no-checks: help: Does not perform any check that your domain seems correctly configured (DNS, reachability) before attempting to renew. (Not recommended) action: store_true - --staging: - help: Use the fake/staging Let's Encrypt certification authority. The new certificate won't actually be enabled - it is only intended to test the main steps of the procedure. - action: store_true ############################# @@ -741,9 +726,6 @@ app: app: help: Name, local path or git URL of the app to fetch the manifest of - fetchlist: - deprecated: true - ### app_list() list: action_help: List installed apps @@ -753,12 +735,6 @@ app: full: --full help: Display all details, including the app manifest and various other infos action: store_true - -i: - full: --installed - help: Dummy argument, does nothing anymore (still there only for backward compatibility) - action: store_true - filter: - nargs: '?' ### app_info() info: @@ -908,6 +884,10 @@ app: -d: full: --domain help: Specific domain to put app on (the app domain by default) + -u: + full: --undo + help: Undo redirection + action: store_true ### app_ssowatconf() ssowatconf: @@ -923,36 +903,6 @@ app: new_label: help: New app label - ### app_addaccess() TODO: Write help - addaccess: - action_help: Grant access right to users (everyone by default) - deprecated: true - arguments: - apps: - nargs: "+" - -u: - full: --users - nargs: "*" - - ### app_removeaccess() TODO: Write help - removeaccess: - action_help: Revoke access right to users (everyone by default) - deprecated: true - arguments: - apps: - nargs: "+" - -u: - full: --users - nargs: "*" - - ### app_clearaccess() - clearaccess: - action_help: Reset access rights for the app - deprecated: true - arguments: - apps: - nargs: "+" - subcategories: action: @@ -1197,13 +1147,6 @@ service: full: --log help: Absolute path to log file to display nargs: "+" - -t: - full: --log_type - help: Type of the log (file or systemd) - nargs: "+" - choices: - - file - - systemd --test_status: help: Specify a custom bash command to check the status of the service. Note that it only makes sense to specify this if the corresponding systemd service does not return the proper information already. --test_conf: @@ -1217,9 +1160,6 @@ service: full: --need_lock help: Use this option to prevent deadlocks if the service does invoke yunohost commands. action: store_true - -s: - full: --status - help: Deprecated, old option. Does nothing anymore. Possibly check the --test_status option. ### service_remove() remove: @@ -1321,35 +1261,6 @@ service: default: 50 type: int - ### service_regen_conf() - regen-conf: - action_help: Regenerate the configuration file(s) for a service - deprecated_alias: - - regenconf - arguments: - names: - help: Services name to regenerate configuration of - nargs: "*" - metavar: NAME - -d: - full: --with-diff - help: Show differences in case of configuration changes - action: store_true - -f: - full: --force - help: > - Override all manual modifications in configuration - files - action: store_true - -n: - full: --dry-run - help: Show what would have been regenerated - action: store_true - -p: - full: --list-pending - help: List pending configuration files and exit - action: store_true - ############################# # Firewall # ############################# @@ -1482,9 +1393,6 @@ dyndns: subscribe: action_help: Subscribe to a DynDNS service arguments: - --subscribe-host: - help: Dynette HTTP API to subscribe to - default: "dyndns.yunohost.org" -d: full: --domain help: Full domain to subscribe with @@ -1498,20 +1406,11 @@ dyndns: update: action_help: Update IP on DynDNS platform arguments: - --dyn-host: - help: Dynette DNS server to inform - default: "dyndns.yunohost.org" -d: full: --domain help: Full domain to update extra: pattern: *pattern_domain - -k: - full: --key - help: Public DNS key - -i: - full: --ipv4 - help: IP address to send -f: full: --force help: Force the update (for debugging only) @@ -1520,17 +1419,6 @@ dyndns: full: --dry-run help: Only display the generated zone action: store_true - -6: - full: --ipv6 - help: IPv6 address to send - - ### dyndns_installcron() - installcron: - deprecated: true - - ### dyndns_removecron() - removecron: - deprecated: true ############################# @@ -1611,12 +1499,6 @@ tools: nargs: "?" metavar: TARGET default: all - --apps: - help: (Deprecated, see first positional arg) Fetch the application list to check which apps can be upgraded - action: store_true - --system: - help: (Deprecated, see first positional arg) Fetch available system packages upgrades (equivalent to apt update) - action: store_true ### tools_upgrade() upgrade: @@ -1629,12 +1511,6 @@ tools: - apps - system nargs: "?" - --apps: - help: (Deprecated, see first positional arg) Upgrade all applications - action: store_true - --system: - help: (Deprecated, see first positional arg) Upgrade only the system packages - action: store_true ### tools_shell() shell: diff --git a/data/other/config_domain.toml b/share/config_domain.toml similarity index 89% rename from data/other/config_domain.toml rename to share/config_domain.toml index 93551458b..65e755365 100644 --- a/data/other/config_domain.toml +++ b/share/config_domain.toml @@ -11,6 +11,11 @@ i18n = "domain_config" # [feature] + [feature.app] + [feature.app.default_app] + type = "app" + filter = "is_webapp" + default = "_none" [feature.mail] #services = ['postfix', 'dovecot'] diff --git a/data/other/dnsbl_list.yml b/share/dnsbl_list.yml similarity index 81% rename from data/other/dnsbl_list.yml rename to share/dnsbl_list.yml index 1dc0175a3..ad86fd2a6 100644 --- a/data/other/dnsbl_list.yml +++ b/share/dnsbl_list.yml @@ -5,138 +5,161 @@ ipv4: true ipv6: true domain: false + non_blacklisted_return_code: [] - name: Barracuda Reputation Block List dns_server: b.barracudacentral.org website: https://barracudacentral.org/rbl/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: Hostkarma dns_server: hostkarma.junkemailfilter.com website: https://ipadmin.junkemailfilter.com/remove.php ipv4: true ipv6: false domain: false + non_blacklisted_return_code: ['127.0.0.1', '127.0.0.5'] - name: ImproWare IP based spamlist dns_server: spamrbl.imp.ch website: https://antispam.imp.ch/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: ImproWare IP based wormlist dns_server: wormrbl.imp.ch website: https://antispam.imp.ch/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: Backscatterer.org dns_server: ips.backscatterer.org website: http://www.backscatterer.org/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: inps.de dns_server: dnsbl.inps.de website: http://dnsbl.inps.de/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: LASHBACK dns_server: ubl.unsubscore.com website: https://blacklist.lashback.com/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: Mailspike.org dns_server: bl.mailspike.net website: http://www.mailspike.net/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: NiX Spam dns_server: ix.dnsbl.manitu.net website: http://www.dnsbl.manitu.net/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: REDHAWK dns_server: access.redhawk.org website: https://www.redhawk.org/SpamHawk/query.php ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: SORBS Open SMTP relays dns_server: smtp.dnsbl.sorbs.net website: http://www.sorbs.net/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: SORBS Spamhost (last 28 days) dns_server: recent.spam.dnsbl.sorbs.net website: http://www.sorbs.net/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: SORBS Spamhost (last 48 hours) dns_server: new.spam.dnsbl.sorbs.net website: http://www.sorbs.net/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: SpamCop Blocking List dns_server: bl.spamcop.net website: https://www.spamcop.net/bl.shtml ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: Spam Eating Monkey SEM-BACKSCATTER dns_server: backscatter.spameatingmonkey.net website: https://spameatingmonkey.com/services ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: Spam Eating Monkey SEM-BLACK dns_server: bl.spameatingmonkey.net website: https://spameatingmonkey.com/services ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: Spam Eating Monkey SEM-IPV6BL dns_server: bl.ipv6.spameatingmonkey.net website: https://spameatingmonkey.com/services ipv4: false ipv6: true domain: false + non_blacklisted_return_code: [] - name: SpamRATS! all dns_server: all.spamrats.com website: http://www.spamrats.com/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: PSBL (Passive Spam Block List) dns_server: psbl.surriel.com website: http://psbl.surriel.com/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: SWINOG dns_server: dnsrbl.swinog.ch website: https://antispam.imp.ch/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: GBUdb Truncate dns_server: truncate.gbudb.net website: http://www.gbudb.com/truncate/index.jsp ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] - name: Weighted Private Block List dns_server: db.wpbl.info website: http://www.wpbl.info/ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] # Used by GAFAM - name: Composite Blocking List dns_server: cbl.abuseat.org @@ -144,6 +167,7 @@ ipv4: true ipv6: false domain: false + non_blacklisted_return_code: [] # Used by GAFAM - name: SenderScore Blacklist dns_server: bl.score.senderscore.com @@ -152,18 +176,21 @@ ipv6: false domain: false # Added cause it supports IPv6 + non_blacklisted_return_code: [] - name: AntiCaptcha.NET IPv6 dns_server: dnsbl6.anticaptcha.net website: http://anticaptcha.net/ ipv4: false ipv6: true domain: false + non_blacklisted_return_code: [] - name: Suomispam Blacklist dns_server: bl.suomispam.net website: http://suomispam.net/ ipv4: true ipv6: true domain: false + non_blacklisted_return_code: [] - name: NordSpam dns_server: bl.nordspam.com website: https://www.nordspam.com/ diff --git a/data/other/ffdhe2048.pem b/share/ffdhe2048.pem similarity index 100% rename from data/other/ffdhe2048.pem rename to share/ffdhe2048.pem diff --git a/data/helpers b/share/helpers similarity index 100% rename from data/helpers rename to share/helpers diff --git a/data/other/registrar_list.toml b/share/registrar_list.toml similarity index 100% rename from data/other/registrar_list.toml rename to share/registrar_list.toml diff --git a/src/yunohost/__init__.py b/src/__init__.py similarity index 92% rename from src/yunohost/__init__.py rename to src/__init__.py index dad73e2a4..608917185 100644 --- a/src/yunohost/__init__.py +++ b/src/__init__.py @@ -22,7 +22,14 @@ def cli(debug, quiet, output_as, timeout, args, parser): if not is_installed(): check_command_is_valid_before_postinstall(args) - ret = moulinette.cli(args, output_as=output_as, timeout=timeout, top_parser=parser) + ret = moulinette.cli( + args, + actionsmap="/usr/share/yunohost/actionsmap.yml", + locales_dir="/usr/share/yunohost/locales/", + output_as=output_as, + timeout=timeout, + top_parser=parser, + ) sys.exit(ret) @@ -39,6 +46,8 @@ def api(debug, host, port): ret = moulinette.api( host=host, port=port, + actionsmap="/usr/share/yunohost/actionsmap.yml", + locales_dir="/usr/share/yunohost/locales/", routes={("GET", "/installed"): is_installed_api}, ) sys.exit(ret) @@ -78,7 +87,7 @@ def init(interface="cli", debug=False, quiet=False, logdir="/var/log/yunohost"): def init_i18n(): # This should only be called when not willing to go through moulinette.cli # or moulinette.api but still willing to call m18n.n/g... - m18n.load_namespace("yunohost") + m18n.set_locales_dir("/usr/share/yunohost/locales/") m18n.set_locale(get_locale()) diff --git a/src/yunohost/app.py b/src/app.py similarity index 93% rename from src/yunohost/app.py rename to src/app.py index fb544cab2..c200a66c6 100644 --- a/src/yunohost/app.py +++ b/src/app.py @@ -57,6 +57,7 @@ from yunohost.utils.config import ( ask_questions_and_parse_answers, DomainQuestion, PathQuestion, + hydrate_questions_with_choices, ) from yunohost.utils.i18n import _value_for_locale from yunohost.utils.error import YunohostError, YunohostValidationError @@ -66,7 +67,6 @@ from yunohost.app_catalog import ( # noqa app_catalog, app_search, _load_apps_catalog, - app_fetchlist, ) logger = getActionLogger("yunohost.app") @@ -79,7 +79,7 @@ re_app_instance_name = re.compile( ) APP_REPO_URL = re.compile( - r"^https://[a-zA-Z0-9-_.]+/[a-zA-Z0-9-_./]+/[a-zA-Z0-9-_.]+_ynh(/?(-/)?tree/[a-zA-Z0-9-_.]+)?(\.git)?/?$" + r"^https://[a-zA-Z0-9-_.]+/[a-zA-Z0-9-_./~]+/[a-zA-Z0-9-_.]+_ynh(/?(-/)?tree/[a-zA-Z0-9-_.]+)?(\.git)?/?$" ) APP_FILES_TO_COPY = [ @@ -95,34 +95,17 @@ APP_FILES_TO_COPY = [ ] -def app_list(full=False, installed=False, filter=None): +def app_list(full=False): """ List installed apps """ - # Old legacy argument ... app_list was a combination of app_list and - # app_catalog before 3.8 ... - if installed: - logger.warning( - "Argument --installed ain't needed anymore when using 'yunohost app list'. It directly returns the list of installed apps.." - ) - - # Filter is a deprecated option... - if filter: - logger.warning( - "Using -f $appname in 'yunohost app list' is deprecated. Just use 'yunohost app list | grep -q 'id: $appname' to check a specific app is installed" - ) - out = [] for app_id in sorted(_installed_apps()): - - if filter and not app_id.startswith(filter): - continue - try: app_info_dict = app_info(app_id, full=full) except Exception as e: - logger.error("Failed to read info for %s : %s" % (app_id, e)) + logger.error(f"Failed to read info for {app_id} : {e}") continue app_info_dict["id"] = app_id out.append(app_info_dict) @@ -135,6 +118,7 @@ def app_info(app, full=False): Get info for a specific app """ from yunohost.permission import user_permission_list + from yunohost.domain import domain_config_get _assert_is_installed(app) @@ -171,6 +155,11 @@ def app_info(app, full=False): ret["is_webapp"] = "domain" in settings and "path" in settings + if ret["is_webapp"]: + ret["is_default"] = ( + domain_config_get(settings["domain"], "feature.app.default_app") == app + ) + ret["supports_change_url"] = os.path.exists( os.path.join(setting_path, "scripts", "change_url") ) @@ -188,7 +177,8 @@ def app_info(app, full=False): ret["label"] = permissions.get(app + ".main", {}).get("label") if not ret["label"]: - logger.warning("Failed to get label for app %s ?" % app) + logger.warning(f"Failed to get label for app {app} ?") + ret["label"] = local_manifest["name"] return ret @@ -303,8 +293,7 @@ def app_map(app=None, raw=False, user=None): if user: if not app_id + ".main" in permissions: logger.warning( - "Uhoh, no main permission was found for app %s ... sounds like an app was only partially removed due to another bug :/" - % app_id + f"Uhoh, no main permission was found for app {app_id} ... sounds like an app was only partially removed due to another bug :/" ) continue main_perm = permissions[app_id + ".main"] @@ -424,7 +413,7 @@ def app_change_url(operation_logger, app, domain, path): # Execute App change_url script ret = hook_exec(change_url_script, env=env_dict)[0] if ret != 0: - msg = "Failed to change '%s' url." % app + msg = f"Failed to change '{app}' url." logger.error(msg) operation_logger.error(msg) @@ -690,6 +679,9 @@ def app_manifest(app): shutil.rmtree(extracted_app_folder) + raw_questions = manifest.get("arguments", {}).get("install", []) + manifest["arguments"]["install"] = hydrate_questions_with_choices(raw_questions) + return manifest @@ -863,7 +855,7 @@ def app_install( for question in questions: # Or should it be more generally question.redact ? if question.type == "password": - del env_dict_for_logging["YNH_APP_ARG_%s" % question.name.upper()] + del env_dict_for_logging[f"YNH_APP_ARG_{question.name.upper()}"] operation_logger.extra.update({"env": env_dict_for_logging}) @@ -910,8 +902,7 @@ def app_install( # This option is meant for packagers to debug their apps more easily if no_remove_on_failure: raise YunohostError( - "The installation of %s failed, but was not cleaned up as requested by --no-remove-on-failure." - % app_id, + f"The installation of {app_id} failed, but was not cleaned up as requested by --no-remove-on-failure.", raw_msg=True, ) else: @@ -1009,6 +1000,7 @@ def app_remove(operation_logger, app, purge=False): permission_delete, permission_sync_to_user, ) + from yunohost.domain import domain_list, domain_config_get, domain_config_set if not _is_installed(app): raise YunohostValidationError( @@ -1033,7 +1025,6 @@ def app_remove(operation_logger, app, purge=False): remove_script = f"{tmp_workdir_for_app}/scripts/remove" env_dict = {} - app_id, app_instance_nb = _parse_app_instance_name(app) env_dict = _make_environment_for_app_script(app, workdir=tmp_workdir_for_app) env_dict["YNH_APP_PURGE"] = str(1 if purge else 0) @@ -1069,70 +1060,16 @@ def app_remove(operation_logger, app, purge=False): hook_remove(app) + for domain in domain_list()["domains"]: + if domain_config_get(domain, "feature.app.default_app") == app: + domain_config_set(domain, "feature.app.default_app", "_none") + permission_sync_to_user() _assert_system_is_sane_for_app(manifest, "post") -def app_addaccess(apps, users=[]): - """ - Grant access right to users (everyone by default) - - Keyword argument: - users - apps - - """ - from yunohost.permission import user_permission_update - - output = {} - for app in apps: - permission = user_permission_update( - app + ".main", add=users, remove="all_users" - ) - output[app] = permission["corresponding_users"] - - return {"allowed_users": output} - - -def app_removeaccess(apps, users=[]): - """ - Revoke access right to users (everyone by default) - - Keyword argument: - users - apps - - """ - from yunohost.permission import user_permission_update - - output = {} - for app in apps: - permission = user_permission_update(app + ".main", remove=users) - output[app] = permission["corresponding_users"] - - return {"allowed_users": output} - - -def app_clearaccess(apps): - """ - Reset access rights for the app - - Keyword argument: - apps - - """ - from yunohost.permission import user_permission_reset - - output = {} - for app in apps: - permission = user_permission_reset(app + ".main") - output[app] = permission["corresponding_users"] - - return {"allowed_users": output} - - @is_unit_operation() -def app_makedefault(operation_logger, app, domain=None): +def app_makedefault(operation_logger, app, domain=None, undo=False): """ Redirect domain root to an app @@ -1141,11 +1078,10 @@ def app_makedefault(operation_logger, app, domain=None): domain """ - from yunohost.domain import _assert_domain_exists + from yunohost.domain import _assert_domain_exists, domain_config_set app_settings = _get_app_settings(app) app_domain = app_settings["domain"] - app_path = app_settings["path"] if domain is None: domain = app_domain @@ -1154,36 +1090,12 @@ def app_makedefault(operation_logger, app, domain=None): operation_logger.related_to.append(("domain", domain)) - if "/" in app_map(raw=True)[domain]: - raise YunohostValidationError( - "app_make_default_location_already_used", - app=app, - domain=app_domain, - other_app=app_map(raw=True)[domain]["/"]["id"], - ) - operation_logger.start() - # TODO / FIXME : current trick is to add this to conf.json.persisten - # This is really not robust and should be improved - # e.g. have a flag in /etc/yunohost/apps/$app/ to say that this is the - # default app or idk... - if not os.path.exists("/etc/ssowat/conf.json.persistent"): - ssowat_conf = {} + if undo: + domain_config_set(domain, "feature.app.default_app", "_none") else: - ssowat_conf = read_json("/etc/ssowat/conf.json.persistent") - - if "redirected_urls" not in ssowat_conf: - ssowat_conf["redirected_urls"] = {} - - ssowat_conf["redirected_urls"][domain + "/"] = app_domain + app_path - - write_to_json( - "/etc/ssowat/conf.json.persistent", ssowat_conf, sort_keys=True, indent=4 - ) - chmod("/etc/ssowat/conf.json.persistent", 0o644) - - logger.success(m18n.n("ssowat_conf_updated")) + domain_config_set(domain, "feature.app.default_app", app) def app_setting(app, key, value=None, delete=False): @@ -1219,7 +1131,8 @@ def app_setting(app, key, value=None, delete=False): ) permissions = user_permission_list(full=True, apps=[app])["permissions"] - permission_name = "%s.legacy_%s_uris" % (app, key.split("_")[0]) + key_ = key.split("_")[0] + permission_name = f"{app}.legacy_{key_}_uris" permission = permissions.get(permission_name) # GET @@ -1381,7 +1294,7 @@ def app_ssowatconf(): """ - from yunohost.domain import domain_list, _get_maindomain + from yunohost.domain import domain_list, _get_maindomain, domain_config_get from yunohost.permission import user_permission_list main_domain = _get_maindomain() @@ -1419,6 +1332,23 @@ def app_ssowatconf(): redirected_urls.update(app_settings.get("redirected_urls", {})) redirected_regex.update(app_settings.get("redirected_regex", {})) + from .utils.legacy import ( + translate_legacy_default_app_in_ssowant_conf_json_persistent, + ) + + translate_legacy_default_app_in_ssowant_conf_json_persistent() + + for domain in domains: + default_app = domain_config_get(domain, "feature.app.default_app") + if default_app != "_none" and _is_installed(default_app): + app_settings = _get_app_settings(default_app) + app_domain = app_settings["domain"] + app_path = app_settings["path"] + + # Prevent infinite redirect loop... + if domain + "/" != app_domain + app_path: + redirected_urls[domain + "/"] = app_domain + app_path + # New permission system for perm_name, perm_info in all_permissions.items(): @@ -1460,10 +1390,6 @@ def app_ssowatconf(): write_to_json("/etc/ssowat/conf.json", conf_dict, sort_keys=True, indent=4) - from .utils.legacy import translate_legacy_rules_in_ssowant_conf_json_persistent - - translate_legacy_rules_in_ssowant_conf_json_persistent() - logger.debug(m18n.n("ssowat_conf_generated")) @@ -1507,9 +1433,9 @@ def app_action_run(operation_logger, app, action, args=None): actions = {x["id"]: x for x in actions} if action not in actions: + available_actions = (", ".join(actions.keys()),) raise YunohostValidationError( - "action '%s' not available for app '%s', available actions are: %s" - % (action, app, ", ".join(actions.keys())), + f"action '{action}' not available for app '{app}', available actions are: {available_actions}", raw_msg=True, ) @@ -1562,11 +1488,7 @@ def app_action_run(operation_logger, app, action, args=None): shutil.rmtree(tmp_workdir_for_app) if retcode not in action_declaration.get("accepted_return_codes", [0]): - msg = "Error while executing action '%s' of app '%s': return code %s" % ( - action, - app, - retcode, - ) + msg = f"Error while executing action '{action}' of app '{app}': return code {retcode}" operation_logger.error(msg) raise YunohostError(msg, raw_msg=True) @@ -1608,14 +1530,9 @@ def app_config_set( class AppConfigPanel(ConfigPanel): - def __init__(self, app): - - # Check app is installed - _assert_is_installed(app) - - self.app = app - config_path = os.path.join(APPS_SETTING_PATH, app, "config_panel.toml") - super().__init__(config_path=config_path) + entity_type = "app" + save_path_tpl = os.path.join(APPS_SETTING_PATH, "{entity}/settings.yml") + config_path_tpl = os.path.join(APPS_SETTING_PATH, "{entity}/config_panel.toml") def _load_current_values(self): self.values = self._call_config_script("show") @@ -1635,11 +1552,16 @@ class AppConfigPanel(ConfigPanel): error=message, ) - def _call_config_script(self, action, env={}): + def _call_config_script(self, action, env=None): from yunohost.hook import hook_exec + if env is None: + env = {} + # Add default config script if needed - config_script = os.path.join(APPS_SETTING_PATH, self.app, "scripts", "config") + config_script = os.path.join( + APPS_SETTING_PATH, self.entity, "scripts", "config" + ) if not os.path.exists(config_script): logger.debug("Adding a default config script") default_script = """#!/bin/bash @@ -1651,15 +1573,15 @@ ynh_app_config_run $1 # Call config script to extract current values logger.debug(f"Calling '{action}' action from config script") - app_id, app_instance_nb = _parse_app_instance_name(self.app) + app_id, app_instance_nb = _parse_app_instance_name(self.entity) settings = _get_app_settings(app_id) env.update( { "app_id": app_id, - "app": self.app, + "app": self.entity, "app_instance_nb": str(app_instance_nb), "final_path": settings.get("final_path", ""), - "YNH_APP_BASEDIR": os.path.join(APPS_SETTING_PATH, self.app), + "YNH_APP_BASEDIR": os.path.join(APPS_SETTING_PATH, self.entity), } ) @@ -1936,8 +1858,7 @@ def _get_manifest_of_app(path): manifest = read_json(os.path.join(path, "manifest.json")) else: raise YunohostError( - "There doesn't seem to be any manifest file in %s ... It looks like an app was not correctly installed/removed." - % path, + f"There doesn't seem to be any manifest file in {path} ... It looks like an app was not correctly installed/removed.", raw_msg=True, ) @@ -1992,7 +1913,8 @@ def _set_default_ask_questions(arguments): for question in questions_with_default ): # The key is for example "app_manifest_install_ask_domain" - key = "app_manifest_%s_ask_%s" % (script_name, arg["name"]) + arg_name = arg["name"] + key = f"app_manifest_{script_name}_ask_{arg_name}" arg["ask"] = m18n.n(key) # Also it in fact doesn't make sense for any of those questions to have an example value nor a default value... @@ -2000,7 +1922,7 @@ def _set_default_ask_questions(arguments): if "example" in arg: del arg["example"] if "default" in arg: - del arg["domain"] + del arg["default"] return arguments @@ -2176,7 +2098,7 @@ def _extract_app_from_gitrepo( cmd = f"git ls-remote --exit-code {url} {branch} | awk '{{print $1}}'" manifest["remote"]["revision"] = check_output(cmd) except Exception as e: - logger.warning("cannot get last commit hash because: %s ", e) + logger.warning(f"cannot get last commit hash because: {e}") else: manifest["remote"]["revision"] = revision manifest["lastUpdate"] = app_info.get("lastUpdate") @@ -2362,14 +2284,7 @@ def _assert_no_conflicting_apps(domain, path, ignore_app=None, full_domain=False if conflicts: apps = [] for path, app_id, app_label in conflicts: - apps.append( - " * {domain:s}{path:s} → {app_label:s} ({app_id:s})".format( - domain=domain, - path=path, - app_id=app_id, - app_label=app_label, - ) - ) + apps.append(f" * {domain}{path} → {app_label} ({app_id})") if full_domain: raise YunohostValidationError("app_full_domain_unavailable", domain=domain) @@ -2393,13 +2308,15 @@ def _make_environment_for_app_script( "YNH_APP_INSTANCE_NAME": app, "YNH_APP_INSTANCE_NUMBER": str(app_instance_nb), "YNH_APP_MANIFEST_VERSION": manifest.get("version", "?"), + "YNH_ARCH": check_output("dpkg --print-architecture"), } if workdir: env_dict["YNH_APP_BASEDIR"] = workdir for arg_name, arg_value in args.items(): - env_dict["YNH_%s%s" % (args_prefix, arg_name.upper())] = str(arg_value) + arg_name_upper = arg_name.upper() + env_dict[f"YNH_{args_prefix}{arg_name_upper}"] = str(arg_value) return env_dict @@ -2496,20 +2413,26 @@ def is_true(arg): elif isinstance(arg, str): return arg.lower() in ["yes", "true", "on"] else: - logger.debug("arg should be a boolean or a string, got %r", arg) + logger.debug(f"arg should be a boolean or a string, got {arg}") return True if arg else False def unstable_apps(): output = [] + deprecated_apps = ["mailman"] for infos in app_list(full=True)["apps"]: - if not infos.get("from_catalog") or infos.get("from_catalog").get("state") in [ - "inprogress", - "notworking", - ]: + if ( + not infos.get("from_catalog") + or infos.get("from_catalog").get("state") + in [ + "inprogress", + "notworking", + ] + or infos["id"] in deprecated_apps + ): output.append(infos["id"]) return output @@ -2523,10 +2446,10 @@ def _assert_system_is_sane_for_app(manifest, when): services = manifest.get("services", []) - # Some apps use php-fpm or php5-fpm which is now php7.0-fpm + # Some apps use php-fpm, php5-fpm or php7.x-fpm which is now php7.4-fpm def replace_alias(service): - if service in ["php-fpm", "php5-fpm", "php7.0-fpm"]: - return "php7.3-fpm" + if service in ["php-fpm", "php5-fpm", "php7.0-fpm", "php7.3-fpm"]: + return "php7.4-fpm" else: return service @@ -2535,7 +2458,7 @@ def _assert_system_is_sane_for_app(manifest, when): # We only check those, mostly to ignore "custom" services # (added by apps) and because those are the most popular # services - service_filter = ["nginx", "php7.3-fpm", "mysql", "postfix"] + service_filter = ["nginx", "php7.4-fpm", "mysql", "postfix"] services = [str(s) for s in services if s in service_filter] if "nginx" not in services: @@ -2545,6 +2468,7 @@ def _assert_system_is_sane_for_app(manifest, when): # Wait if a service is reloading test_nb = 0 + while test_nb < 16: if not any(s for s in services if service_status(s)["status"] == "reloading"): break diff --git a/src/yunohost/app_catalog.py b/src/app_catalog.py similarity index 86% rename from src/yunohost/app_catalog.py rename to src/app_catalog.py index e4ffa1db6..5ae8ef30b 100644 --- a/src/yunohost/app_catalog.py +++ b/src/app_catalog.py @@ -23,16 +23,6 @@ APPS_CATALOG_API_VERSION = 2 APPS_CATALOG_DEFAULT_URL = "https://app.yunohost.org/default" -# Old legacy function... -def app_fetchlist(): - logger.warning( - "'yunohost app fetchlist' is deprecated. Please use 'yunohost tools update --apps' instead" - ) - from yunohost.tools import tools_update - - tools_update(target="apps") - - def app_catalog(full=False, with_categories=False): """ Return a dict of apps available to installation from Yunohost's app catalog @@ -114,7 +104,7 @@ def _initialize_apps_catalog_system(): write_to_yaml(APPS_CATALOG_CONF, default_apps_catalog_list) except Exception as e: raise YunohostError( - "Could not initialize the apps catalog system... : %s" % str(e) + f"Could not initialize the apps catalog system... : {e}", raw_msg=True ) logger.success(m18n.n("apps_catalog_init_success")) @@ -131,14 +121,14 @@ def _read_apps_catalog_list(): # by returning [] if list_ is None return list_ if list_ else [] except Exception as e: - raise YunohostError("Could not read the apps_catalog list ... : %s" % str(e)) + raise YunohostError( + f"Could not read the apps_catalog list ... : {e}", raw_msg=True + ) def _actual_apps_catalog_api_url(base_url): - return "{base_url}/v{version}/apps.json".format( - base_url=base_url, version=APPS_CATALOG_API_VERSION - ) + return f"{base_url}/v{APPS_CATALOG_API_VERSION}/apps.json" def _update_apps_catalog(): @@ -182,15 +172,13 @@ def _update_apps_catalog(): apps_catalog_content["from_api_version"] = APPS_CATALOG_API_VERSION # Save the apps_catalog data in the cache - cache_file = "{cache_folder}/{list}.json".format( - cache_folder=APPS_CATALOG_CACHE, list=apps_catalog_id - ) + cache_file = f"{APPS_CATALOG_CACHE}/{apps_catalog_id}.json" try: write_to_json(cache_file, apps_catalog_content) except Exception as e: raise YunohostError( - "Unable to write cache data for %s apps_catalog : %s" - % (apps_catalog_id, str(e)) + f"Unable to write cache data for {apps_catalog_id} apps_catalog : {e}", + raw_msg=True, ) logger.success(m18n.n("apps_catalog_update_success")) @@ -207,9 +195,7 @@ def _load_apps_catalog(): for apps_catalog_id in [L["id"] for L in _read_apps_catalog_list()]: # Let's load the json from cache for this catalog - cache_file = "{cache_folder}/{list}.json".format( - cache_folder=APPS_CATALOG_CACHE, list=apps_catalog_id - ) + cache_file = f"{APPS_CATALOG_CACHE}/{apps_catalog_id}.json" try: apps_catalog_content = ( @@ -217,7 +203,7 @@ def _load_apps_catalog(): ) except Exception as e: raise YunohostError( - "Unable to read cache for apps_catalog %s : %s" % (cache_file, e), + f"Unable to read cache for apps_catalog {cache_file} : {e}", raw_msg=True, ) @@ -240,9 +226,9 @@ def _load_apps_catalog(): # (N.B. : there's a small edge case where multiple apps catalog could be listing the same apps ... # in which case we keep only the first one found) if app in merged_catalog["apps"]: + other_catalog = merged_catalog["apps"][app]["repository"] logger.warning( - "Duplicate app %s found between apps catalog %s and %s" - % (app, apps_catalog_id, merged_catalog["apps"][app]["repository"]) + f"Duplicate app {app} found between apps catalog {apps_catalog_id} and {other_catalog}" ) continue diff --git a/src/yunohost/authenticators/ldap_admin.py b/src/authenticators/ldap_admin.py similarity index 51% rename from src/yunohost/authenticators/ldap_admin.py rename to src/authenticators/ldap_admin.py index 94d68a8db..872dd3c8d 100644 --- a/src/yunohost/authenticators/ldap_admin.py +++ b/src/authenticators/ldap_admin.py @@ -8,10 +8,14 @@ import time from moulinette import m18n from moulinette.authentication import BaseAuthenticator -from yunohost.utils.error import YunohostError +from moulinette.utils.text import random_ascii + +from yunohost.utils.error import YunohostError, YunohostAuthenticationError logger = logging.getLogger("yunohost.authenticators.ldap_admin") +session_secret = random_ascii() + class Authenticator(BaseAuthenticator): @@ -66,3 +70,59 @@ class Authenticator(BaseAuthenticator): # Free the connection, we don't really need it to keep it open as the point is only to check authentication... if con: con.unbind_s() + + def set_session_cookie(self, infos): + + from bottle import response + + assert isinstance(infos, dict) + + # This allows to generate a new session id or keep the existing one + current_infos = self.get_session_cookie(raise_if_no_session_exists=False) + new_infos = {"id": current_infos["id"]} + new_infos.update(infos) + + response.set_cookie( + "yunohost.admin", + new_infos, + secure=True, + secret=session_secret, + httponly=True, + # samesite="strict", # Bottle 0.12 doesn't support samesite, to be added in next versions + ) + + def get_session_cookie(self, raise_if_no_session_exists=True): + + from bottle import request + + try: + # N.B. : here we implicitly reauthenticate the cookie + # because it's signed via the session_secret + # If no session exists (or if session is invalid?) + # it's gonna return the default empty dict, + # which we interpret as an authentication failure + infos = request.get_cookie( + "yunohost.admin", secret=session_secret, default={} + ) + except Exception: + if not raise_if_no_session_exists: + return {"id": random_ascii()} + raise YunohostAuthenticationError("unable_authenticate") + + if not infos and raise_if_no_session_exists: + raise YunohostAuthenticationError("unable_authenticate") + + if "id" not in infos: + infos["id"] = random_ascii() + + # FIXME: Here, maybe we want to re-authenticate the session via the authenticator + # For example to check that the username authenticated is still in the admin group... + + return infos + + def delete_session_cookie(self): + + from bottle import response + + response.set_cookie("yunohost.admin", "", max_age=-1) + response.delete_cookie("yunohost.admin") diff --git a/src/yunohost/backup.py b/src/backup.py similarity index 97% rename from src/yunohost/backup.py rename to src/backup.py index cce66597a..bba60b895 100644 --- a/src/yunohost/backup.py +++ b/src/backup.py @@ -72,7 +72,7 @@ from yunohost.utils.filesystem import free_space_in_directory from yunohost.settings import settings_get BACKUP_PATH = "/home/yunohost.backup" -ARCHIVES_PATH = "%s/archives" % BACKUP_PATH +ARCHIVES_PATH = f"{BACKUP_PATH}/archives" APP_MARGIN_SPACE_SIZE = 100 # In MB CONF_MARGIN_SPACE_SIZE = 10 # IN MB POSTINSTALL_ESTIMATE_SPACE_SIZE = 5 # In MB @@ -80,7 +80,7 @@ MB_ALLOWED_TO_ORGANIZE = 10 logger = getActionLogger("yunohost.backup") -class BackupRestoreTargetsManager(object): +class BackupRestoreTargetsManager: """ BackupRestoreTargetsManager manage the targets @@ -402,7 +402,7 @@ class BackupManager: # backup and restore scripts for app in target_list: - app_script_folder = "/etc/yunohost/apps/%s/scripts" % app + app_script_folder = f"/etc/yunohost/apps/{app}/scripts" backup_script_path = os.path.join(app_script_folder, "backup") restore_script_path = os.path.join(app_script_folder, "restore") @@ -555,7 +555,7 @@ class BackupManager: self._compute_backup_size() # Create backup info file - with open("%s/info.json" % self.work_dir, "w") as f: + with open(f"{self.work_dir}/info.json", "w") as f: f.write(json.dumps(self.info)) def _get_env_var(self, app=None): @@ -732,9 +732,10 @@ class BackupManager: logger.debug(m18n.n("backup_permission", app=app)) permissions = user_permission_list(full=True, apps=[app])["permissions"] this_app_permissions = {name: infos for name, infos in permissions.items()} - write_to_yaml("%s/permissions.yml" % settings_dir, this_app_permissions) + write_to_yaml(f"{settings_dir}/permissions.yml", this_app_permissions) - except Exception: + except Exception as e: + logger.debug(e) abs_tmp_app_dir = os.path.join(self.work_dir, "apps/", app) shutil.rmtree(abs_tmp_app_dir, ignore_errors=True) logger.error(m18n.n("backup_app_failed", app=app)) @@ -861,9 +862,13 @@ class RestoreManager: # FIXME this way to get the info is not compatible with copy or custom # backup methods self.info = backup_info(name, with_details=True) - if not self.info["from_yunohost_version"] or version.parse( - self.info["from_yunohost_version"] - ) < version.parse("3.8.0"): + + from_version = self.info.get("from_yunohost_version", "") + # Remove any '~foobar' in the version ... c.f ~alpha, ~beta version during + # early dev for next debian version + from_version = re.sub(r"~\w+", "", from_version) + + if not from_version or version.parse(from_version) < version.parse("4.2.0"): raise YunohostValidationError("restore_backup_too_old") self.archive_path = self.info["path"] @@ -916,7 +921,7 @@ class RestoreManager: if not os.path.isfile("/etc/yunohost/installed"): # Retrieve the domain from the backup try: - with open("%s/conf/ynh/current_host" % self.work_dir, "r") as f: + with open(f"{self.work_dir}/conf/ynh/current_host", "r") as f: domain = f.readline().rstrip() except IOError: logger.debug( @@ -999,7 +1004,7 @@ class RestoreManager: continue hook_paths = self.info["system"][system_part]["paths"] - hook_paths = ["hooks/restore/%s" % os.path.basename(p) for p in hook_paths] + hook_paths = [f"hooks/restore/{os.path.basename(p)}" for p in hook_paths] # Otherwise, add it from the archive to the system # FIXME: Refactor hook_add and use it instead @@ -1066,7 +1071,7 @@ class RestoreManager: ret = subprocess.call(["umount", self.work_dir]) if ret == 0: subprocess.call(["rmdir", self.work_dir]) - logger.debug("Unmount dir: {}".format(self.work_dir)) + logger.debug(f"Unmount dir: {self.work_dir}") else: raise YunohostError("restore_removing_tmp_dir_failed") elif os.path.isdir(self.work_dir): @@ -1075,7 +1080,7 @@ class RestoreManager: ) ret = subprocess.call(["rm", "-Rf", self.work_dir]) if ret == 0: - logger.debug("Delete dir: {}".format(self.work_dir)) + logger.debug(f"Delete dir: {self.work_dir}") else: raise YunohostError("restore_removing_tmp_dir_failed") @@ -1177,14 +1182,14 @@ class RestoreManager: self._restore_apps() except Exception as e: raise YunohostError( - "The following critical error happened during restoration: %s" % e + f"The following critical error happened during restoration: {e}" ) finally: self.clean() def _patch_legacy_php_versions_in_csv_file(self): """ - Apply dirty patch to redirect php5 and php7.0 files to php7.3 + Apply dirty patch to redirect php5 and php7.0 files to php7.4 """ from yunohost.utils.legacy import LEGACY_PHP_VERSION_REPLACEMENTS @@ -1424,20 +1429,19 @@ class RestoreManager: restore_script = os.path.join(tmp_workdir_for_app, "restore") # Restore permissions - if not os.path.isfile("%s/permissions.yml" % app_settings_new_path): + if not os.path.isfile(f"{app_settings_new_path}/permissions.yml"): raise YunohostError( "Didnt find a permssions.yml for the app !?", raw_msg=True ) - permissions = read_yaml("%s/permissions.yml" % app_settings_new_path) + permissions = read_yaml(f"{app_settings_new_path}/permissions.yml") existing_groups = user_group_list()["groups"] for permission_name, permission_infos in permissions.items(): if "allowed" not in permission_infos: logger.warning( - "'allowed' key corresponding to allowed groups for permission %s not found when restoring app %s … You might have to reconfigure permissions yourself." - % (permission_name, app_instance_name) + f"'allowed' key corresponding to allowed groups for permission {permission_name} not found when restoring app {app_instance_name} … You might have to reconfigure permissions yourself." ) should_be_allowed = ["all_users"] else: @@ -1462,7 +1466,7 @@ class RestoreManager: permission_sync_to_user() - os.remove("%s/permissions.yml" % app_settings_new_path) + os.remove(f"{app_settings_new_path}/permissions.yml") _tools_migrations_run_before_app_restore( backup_version=self.info["from_yunohost_version"], @@ -1569,7 +1573,7 @@ class RestoreManager: # # Backup methods # # -class BackupMethod(object): +class BackupMethod: """ BackupMethod is an abstract class that represents a way to backup and @@ -1811,8 +1815,7 @@ class BackupMethod(object): # where everything is mapped to /dev/mapper/some-stuff # yet there are different devices behind it or idk ... logger.warning( - "Could not link %s to %s (%s) ... falling back to regular copy." - % (src, dest, str(e)) + f"Could not link {src} to {dest} ({e}) ... falling back to regular copy." ) else: # Success, go to next file to organize @@ -2378,8 +2381,8 @@ def backup_list(with_info=False, human_readable=False): """ # Get local archives sorted according to last modification time # (we do a realpath() to resolve symlinks) - archives = glob("%s/*.tar.gz" % ARCHIVES_PATH) + glob("%s/*.tar" % ARCHIVES_PATH) - archives = set([os.path.realpath(archive) for archive in archives]) + archives = glob(f"{ARCHIVES_PATH}/*.tar.gz") + glob(f"{ARCHIVES_PATH}/*.tar") + archives = {os.path.realpath(archive) for archive in archives} archives = sorted(archives, key=lambda x: os.path.getctime(x)) # Extract only filename without the extension @@ -2401,10 +2404,8 @@ def backup_list(with_info=False, human_readable=False): except Exception: import traceback - logger.warning( - "Could not check infos for archive %s: %s" - % (archive, "\n" + traceback.format_exc()) - ) + trace_ = "\n" + traceback.format_exc() + logger.warning(f"Could not check infos for archive {archive}: {trace_}") archives = d @@ -2419,7 +2420,7 @@ def backup_download(name): ) return - archive_file = "%s/%s.tar" % (ARCHIVES_PATH, name) + archive_file = f"{ARCHIVES_PATH}/{name}.tar" # Check file exist (even if it's a broken symlink) if not os.path.lexists(archive_file): @@ -2461,7 +2462,7 @@ def backup_info(name, with_details=False, human_readable=False): elif name.endswith(".tar"): name = name[: -len(".tar")] - archive_file = "%s/%s.tar" % (ARCHIVES_PATH, name) + archive_file = f"{ARCHIVES_PATH}/{name}.tar" # Check file exist (even if it's a broken symlink) if not os.path.lexists(archive_file): @@ -2479,7 +2480,7 @@ def backup_info(name, with_details=False, human_readable=False): "backup_archive_broken_link", path=archive_file ) - info_file = "%s/%s.info.json" % (ARCHIVES_PATH, name) + info_file = f"{ARCHIVES_PATH}/{name}.info.json" if not os.path.exists(info_file): tar = tarfile.open( @@ -2590,10 +2591,10 @@ def backup_delete(name): hook_callback("pre_backup_delete", args=[name]) - archive_file = "%s/%s.tar" % (ARCHIVES_PATH, name) - if os.path.exists(archive_file + ".gz"): + archive_file = f"{ARCHIVES_PATH}/{name}.tar" + if not os.path.exists(archive_file) and os.path.exists(archive_file + ".gz"): archive_file += ".gz" - info_file = "%s/%s.info.json" % (ARCHIVES_PATH, name) + info_file = f"{ARCHIVES_PATH}/{name}.info.json" files_to_delete = [archive_file, info_file] @@ -2692,5 +2693,5 @@ def binary_to_human(n, customary=False): for s in reversed(symbols): if n >= prefix[s]: value = float(n) / prefix[s] - return "%.1f%s" % (value, s) + return "{:.1f}{}".format(value, s) return "%s" % n diff --git a/src/yunohost/certificate.py b/src/certificate.py similarity index 81% rename from src/yunohost/certificate.py rename to src/certificate.py index fe350bf95..2a9fb4ce9 100644 --- a/src/yunohost/certificate.py +++ b/src/certificate.py @@ -54,14 +54,12 @@ WEBROOT_FOLDER = "/tmp/acme-challenge-public/" SELF_CA_FILE = "/etc/ssl/certs/ca-yunohost_crt.pem" ACCOUNT_KEY_FILE = "/etc/yunohost/letsencrypt_account.pem" -SSL_DIR = "/usr/share/yunohost/yunohost-config/ssl/yunoCA" +SSL_DIR = "/usr/share/yunohost/ssl" KEY_SIZE = 3072 VALIDITY_LIMIT = 15 # days -# For tests -STAGING_CERTIFICATION_AUTHORITY = "https://acme-staging-v02.api.letsencrypt.org" # For prod PRODUCTION_CERTIFICATION_AUTHORITY = "https://acme-v02.api.letsencrypt.org" @@ -70,28 +68,28 @@ PRODUCTION_CERTIFICATION_AUTHORITY = "https://acme-v02.api.letsencrypt.org" # -def certificate_status(domain_list, full=False): +def certificate_status(domains, full=False): """ Print the status of certificate for given domains (all by default) Keyword argument: - domain_list -- Domains to be checked + domains -- Domains to be checked full -- Display more info about the certificates """ - import yunohost.domain + from yunohost.domain import domain_list, _assert_domain_exists # If no domains given, consider all yunohost domains - if domain_list == []: - domain_list = yunohost.domain.domain_list()["domains"] + if domains == []: + domains = domain_list()["domains"] # Else, validate that yunohost knows the domains given else: - for domain in domain_list: - yunohost.domain._assert_domain_exists(domain) + for domain in domains: + _assert_domain_exists(domain) certificates = {} - for domain in domain_list: + for domain in domains: status = _get_status(domain) if not full: @@ -113,9 +111,7 @@ def certificate_status(domain_list, full=False): return {"certificates": certificates} -def certificate_install( - domain_list, force=False, no_checks=False, self_signed=False, staging=False -): +def certificate_install(domain_list, force=False, no_checks=False, self_signed=False): """ Install a Let's Encrypt certificate for given domains (all by default) @@ -130,7 +126,7 @@ def certificate_install( if self_signed: _certificate_install_selfsigned(domain_list, force) else: - _certificate_install_letsencrypt(domain_list, force, no_checks, staging) + _certificate_install_letsencrypt(domain_list, force, no_checks) def _certificate_install_selfsigned(domain_list, force=False): @@ -143,11 +139,7 @@ def _certificate_install_selfsigned(domain_list, force=False): # Paths of files and folder we'll need date_tag = datetime.utcnow().strftime("%Y%m%d.%H%M%S") - new_cert_folder = "%s/%s-history/%s-selfsigned" % ( - CERT_FOLDER, - domain, - date_tag, - ) + new_cert_folder = f"{CERT_FOLDER}/{domain}-history/{date_tag}-selfsigned" conf_template = os.path.join(SSL_DIR, "openssl.cnf") @@ -181,10 +173,8 @@ def _certificate_install_selfsigned(domain_list, force=False): # Use OpenSSL command line to create a certificate signing request, # and self-sign the cert commands = [ - "openssl req -new -config %s -days 3650 -out %s -keyout %s -nodes -batch" - % (conf_file, csr_file, key_file), - "openssl ca -config %s -days 3650 -in %s -out %s -batch" - % (conf_file, csr_file, crt_file), + f"openssl req -new -config {conf_file} -out {csr_file} -keyout {key_file} -nodes -batch", + f"openssl ca -config {conf_file} -days 3650 -in {csr_file} -out {crt_file} -batch", ] for command in commands: @@ -234,37 +224,32 @@ def _certificate_install_selfsigned(domain_list, force=False): ) operation_logger.success() else: - msg = ( - "Installation of self-signed certificate installation for %s failed !" - % (domain) - ) + msg = f"Installation of self-signed certificate installation for {domain} failed !" logger.error(msg) operation_logger.error(msg) -def _certificate_install_letsencrypt( - domain_list, force=False, no_checks=False, staging=False -): - import yunohost.domain +def _certificate_install_letsencrypt(domains, force=False, no_checks=False): + from yunohost.domain import domain_list, _assert_domain_exists if not os.path.exists(ACCOUNT_KEY_FILE): _generate_account_key() # If no domains given, consider all yunohost domains with self-signed # certificates - if domain_list == []: - for domain in yunohost.domain.domain_list()["domains"]: + if domains == []: + for domain in domain_list()["domains"]: status = _get_status(domain) if status["CA_type"]["code"] != "self-signed": continue - domain_list.append(domain) + domains.append(domain) # Else, validate that yunohost knows the domains given else: - for domain in domain_list: - yunohost.domain._assert_domain_exists(domain) + for domain in domains: + _assert_domain_exists(domain) # Is it self-signed? status = _get_status(domain) @@ -273,13 +258,8 @@ def _certificate_install_letsencrypt( "certmanager_domain_cert_not_selfsigned", domain=domain ) - if staging: - logger.warning( - "Please note that you used the --staging option, and that no new certificate will actually be enabled !" - ) - # Actual install steps - for domain in domain_list: + for domain in domains: if not no_checks: try: @@ -293,23 +273,19 @@ def _certificate_install_letsencrypt( operation_logger = OperationLogger( "letsencrypt_cert_install", [("domain", domain)], - args={"force": force, "no_checks": no_checks, "staging": staging}, + args={"force": force, "no_checks": no_checks}, ) operation_logger.start() try: - _fetch_and_enable_new_certificate(domain, staging, no_checks=no_checks) + _fetch_and_enable_new_certificate(domain, no_checks=no_checks) except Exception as e: - msg = "Certificate installation for %s failed !\nException: %s" % ( - domain, - e, - ) + msg = f"Certificate installation for {domain} failed !\nException: {e}" logger.error(msg) operation_logger.error(msg) if no_checks: logger.error( - "Please consider checking the 'DNS records' (basic) and 'Web' categories of the diagnosis to check for possible issues that may prevent installing a Let's Encrypt certificate on domain %s." - % domain + f"Please consider checking the 'DNS records' (basic) and 'Web' categories of the diagnosis to check for possible issues that may prevent installing a Let's Encrypt certificate on domain {domain}." ) else: logger.success(m18n.n("certmanager_cert_install_success", domain=domain)) @@ -317,26 +293,24 @@ def _certificate_install_letsencrypt( operation_logger.success() -def certificate_renew( - domain_list, force=False, no_checks=False, email=False, staging=False -): +def certificate_renew(domains, force=False, no_checks=False, email=False): """ Renew Let's Encrypt certificate for given domains (all by default) Keyword argument: - domain_list -- Domains for which to renew the certificates + domains -- Domains for which to renew the certificates force -- Ignore the validity threshold (15 days) no-check -- Disable some checks about the reachability of web server before attempting the renewing email -- Emails root if some renewing failed """ - import yunohost.domain + from yunohost.domain import domain_list, _assert_domain_exists # If no domains given, consider all yunohost domains with Let's Encrypt # certificates - if domain_list == []: - for domain in yunohost.domain.domain_list()["domains"]: + if domains == []: + for domain in domain_list()["domains"]: # Does it have a Let's Encrypt cert? status = _get_status(domain) @@ -354,17 +328,17 @@ def certificate_renew( ) continue - domain_list.append(domain) + domains.append(domain) - if len(domain_list) == 0 and not email: + if len(domains) == 0 and not email: logger.info("No certificate needs to be renewed.") # Else, validate the domain list given else: - for domain in domain_list: + for domain in domains: # Is it in Yunohost domain list? - yunohost.domain._assert_domain_exists(domain) + _assert_domain_exists(domain) status = _get_status(domain) @@ -386,13 +360,8 @@ def certificate_renew( "certmanager_acme_not_configured_for_domain", domain=domain ) - if staging: - logger.warning( - "Please note that you used the --staging option, and that no new certificate will actually be enabled !" - ) - # Actual renew steps - for domain in domain_list: + for domain in domains: if not no_checks: try: @@ -412,26 +381,22 @@ def certificate_renew( args={ "force": force, "no_checks": no_checks, - "staging": staging, "email": email, }, ) operation_logger.start() try: - _fetch_and_enable_new_certificate(domain, staging, no_checks=no_checks) + _fetch_and_enable_new_certificate(domain, no_checks=no_checks) except Exception as e: import traceback from io import StringIO stack = StringIO() traceback.print_exc(file=stack) - msg = "Certificate renewing for %s failed!" % (domain) + msg = f"Certificate renewing for {domain} failed!" if no_checks: - msg += ( - "\nPlease consider checking the 'DNS records' (basic) and 'Web' categories of the diagnosis to check for possible issues that may prevent installing a Let's Encrypt certificate on domain %s." - % domain - ) + msg += f"\nPlease consider checking the 'DNS records' (basic) and 'Web' categories of the diagnosis to check for possible issues that may prevent installing a Let's Encrypt certificate on domain {domain}." logger.error(msg) operation_logger.error(msg) logger.error(stack.getvalue()) @@ -451,44 +416,30 @@ def certificate_renew( def _email_renewing_failed(domain, exception_message, stack=""): - from_ = "certmanager@%s (Certificate Manager)" % domain + from_ = f"certmanager@{domain} (Certificate Manager)" to_ = "root" - subject_ = "Certificate renewing attempt for %s failed!" % domain + subject_ = f"Certificate renewing attempt for {domain} failed!" logs = _tail(50, "/var/log/yunohost/yunohost-cli.log") - text = """ -An attempt for renewing the certificate for domain %s failed with the following + message = f"""\ +From: {from_} +To: {to_} +Subject: {subject_} + + +An attempt for renewing the certificate for domain {domain} failed with the following error : -%s -%s +{exception_message} +{stack} Here's the tail of /var/log/yunohost/yunohost-cli.log, which might help to investigate : -%s +{logs} -- Certificate Manager - -""" % ( - domain, - exception_message, - stack, - logs, - ) - - message = """\ -From: %s -To: %s -Subject: %s - -%s -""" % ( - from_, - to_, - subject_, - text, - ) +""" import smtplib @@ -499,17 +450,11 @@ Subject: %s def _check_acme_challenge_configuration(domain): - domain_conf = "/etc/nginx/conf.d/%s.conf" % domain - if "include /etc/nginx/conf.d/acme-challenge.conf.inc" in read_file(domain_conf): - return True - else: - # This is for legacy setups which haven't updated their domain conf to - # the new conf that include the acme snippet... - legacy_acme_conf = "/etc/nginx/conf.d/%s.d/000-acmechallenge.conf" % domain - return os.path.exists(legacy_acme_conf) + domain_conf = f"/etc/nginx/conf.d/{domain}.conf" + return "include /etc/nginx/conf.d/acme-challenge.conf.inc" in read_file(domain_conf) -def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False): +def _fetch_and_enable_new_certificate(domain, no_checks=False): if not os.path.exists(ACCOUNT_KEY_FILE): _generate_account_key() @@ -532,7 +477,7 @@ def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False): # Prepare certificate signing request logger.debug("Prepare key and certificate signing request (CSR) for %s...", domain) - domain_key_file = "%s/%s.pem" % (TMP_FOLDER, domain) + domain_key_file = f"{TMP_FOLDER}/{domain}.pem" _generate_key(domain_key_file) _set_permissions(domain_key_file, "root", "ssl-cert", 0o640) @@ -541,12 +486,7 @@ def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False): # Sign the certificate logger.debug("Now using ACME Tiny to sign the certificate...") - domain_csr_file = "%s/%s.csr" % (TMP_FOLDER, domain) - - if staging: - certification_authority = STAGING_CERTIFICATION_AUTHORITY - else: - certification_authority = PRODUCTION_CERTIFICATION_AUTHORITY + domain_csr_file = f"{TMP_FOLDER}/{domain}.csr" try: signed_certificate = sign_certificate( @@ -555,7 +495,7 @@ def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False): WEBROOT_FOLDER, log=logger, disable_check=no_checks, - CA=certification_authority, + CA=PRODUCTION_CERTIFICATION_AUTHORITY, ) except ValueError as e: if "urn:acme:error:rateLimited" in str(e): @@ -575,17 +515,7 @@ def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False): # Create corresponding directory date_tag = datetime.utcnow().strftime("%Y%m%d.%H%M%S") - if staging: - folder_flag = "staging" - else: - folder_flag = "letsencrypt" - - new_cert_folder = "%s/%s-history/%s-%s" % ( - CERT_FOLDER, - domain, - date_tag, - folder_flag, - ) + new_cert_folder = f"{CERT_FOLDER}/{domain}-history/{date_tag}-letsencrypt" os.makedirs(new_cert_folder) @@ -604,9 +534,6 @@ def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False): _set_permissions(domain_cert_file, "root", "ssl-cert", 0o640) - if staging: - return - _enable_certificate(domain, new_cert_folder) # Check the status of the certificate is now good @@ -642,7 +569,7 @@ def _prepare_certificate_signing_request(domain, key_file, output_folder): csr.add_extensions( [ crypto.X509Extension( - "subjectAltName".encode("utf8"), + b"subjectAltName", False, ("DNS:" + subdomain).encode("utf8"), ) @@ -676,6 +603,8 @@ def _prepare_certificate_signing_request(domain, key_file, output_folder): def _get_status(domain): + import yunohost.domain + cert_file = os.path.join(CERT_FOLDER, domain, "crt.pem") if not os.path.isfile(cert_file): @@ -704,7 +633,7 @@ def _get_status(domain): ) days_remaining = (valid_up_to - datetime.utcnow()).days - if cert_issuer == "yunohost.org" or cert_issuer == _name_self_CA(): + if cert_issuer in ["yunohost.org"] + yunohost.domain.domain_list()["domains"]: CA_type = { "code": "self-signed", "verbose": "Self-signed", @@ -716,12 +645,6 @@ def _get_status(domain): "verbose": "Let's Encrypt", } - elif cert_issuer.startswith("Fake LE"): - CA_type = { - "code": "fake-lets-encrypt", - "verbose": "Fake Let's Encrypt", - } - else: CA_type = { "code": "other-unknown", @@ -824,6 +747,12 @@ def _enable_certificate(domain, new_cert_folder): logger.debug("Restarting services...") for service in ("postfix", "dovecot", "metronome"): + # Ugly trick to not restart metronome if it's not installed + if ( + service == "metronome" + and os.system("dpkg --list | grep -q 'ii *metronome'") != 0 + ): + continue _run_service_command("restart", service) if os.path.isfile("/etc/yunohost/installed"): @@ -844,7 +773,7 @@ def _backup_current_cert(domain): cert_folder_domain = os.path.join(CERT_FOLDER, domain) date_tag = datetime.utcnow().strftime("%Y%m%d.%H%M%S") - backup_folder = "%s-backups/%s" % (cert_folder_domain, date_tag) + backup_folder = f"{cert_folder_domain}-backups/{date_tag}" shutil.copytree(cert_folder_domain, backup_folder) @@ -853,6 +782,7 @@ def _check_domain_is_ready_for_ACME(domain): from yunohost.domain import _get_parent_domain_of from yunohost.dns import _get_dns_zone_for_domain + from yunohost.utils.dns import is_yunohost_dyndns_domain httpreachable = ( Diagnoser.get_cached_report( @@ -876,14 +806,23 @@ def _check_domain_is_ready_for_ACME(domain): record_name = ( domain.replace(f".{base_dns_zone}", "") if domain != base_dns_zone else "@" ) - A_record_status = dnsrecords.get("data").get(f"A:{record_name}") - AAAA_record_status = dnsrecords.get("data").get(f"AAAA:{record_name}") + + # Stupid edge case for subdomains of ynh dyndns domains ... + # ... related to the fact that we don't actually check subdomains for + # dyndns domains because we assume that there's already the wildcard doing + # the job, hence no "A:foobar" ... Instead, just check that the parent domain + # is correctly configured. + if is_yunohost_dyndns_domain(parent_domain): + record_name = "@" + + A_record_status = dnsrecords.get("data", {}).get(f"A:{record_name}") + AAAA_record_status = dnsrecords.get("data", {}).get(f"AAAA:{record_name}") # Fallback to wildcard in case no result yet for the DNS name? if not A_record_status: - A_record_status = dnsrecords.get("data").get("A:*") + A_record_status = dnsrecords.get("data", {}).get("A:*") if not AAAA_record_status: - AAAA_record_status = dnsrecords.get("data").get("AAAA:*") + AAAA_record_status = dnsrecords.get("data", {}).get("AAAA:*") if ( not httpreachable diff --git a/data/hooks/diagnosis/00-basesystem.py b/src/diagnosers/00-basesystem.py similarity index 91% rename from data/hooks/diagnosis/00-basesystem.py rename to src/diagnosers/00-basesystem.py index b472a2d32..a36394ce8 100644 --- a/data/hooks/diagnosis/00-basesystem.py +++ b/src/diagnosers/00-basesystem.py @@ -3,18 +3,22 @@ import os import json import subprocess +from typing import List +from moulinette.utils import log from moulinette.utils.process import check_output from moulinette.utils.filesystem import read_file, read_json, write_to_json from yunohost.diagnosis import Diagnoser from yunohost.utils.packages import ynh_packages_version +logger = log.getActionLogger("yunohost.diagnosis") -class BaseSystemDiagnoser(Diagnoser): + +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 600 - dependencies = [] + dependencies: List[str] = [] def run(self): @@ -42,10 +46,10 @@ class BaseSystemDiagnoser(Diagnoser): elif os.path.exists("/sys/devices/virtual/dmi/id/sys_vendor"): model = read_file("/sys/devices/virtual/dmi/id/sys_vendor").strip() if os.path.exists("/sys/devices/virtual/dmi/id/product_name"): - model = "%s %s" % ( - model, - read_file("/sys/devices/virtual/dmi/id/product_name").strip(), - ) + product_name = read_file( + "/sys/devices/virtual/dmi/id/product_name" + ).strip() + model = f"{model} {product_name}" hardware["data"]["model"] = model hardware["details"] = ["diagnosis_basesystem_hardware_model"] @@ -116,7 +120,7 @@ class BaseSystemDiagnoser(Diagnoser): bad_sury_packages = list(self.bad_sury_packages()) if bad_sury_packages: cmd_to_fix = "apt install --allow-downgrades " + " ".join( - ["%s=%s" % (package, version) for package, version in bad_sury_packages] + [f"{package}={version}" for package, version in bad_sury_packages] ) yield dict( meta={"test": "packages_from_sury"}, @@ -133,7 +137,7 @@ class BaseSystemDiagnoser(Diagnoser): summary="diagnosis_backports_in_sources_list", ) - if self.number_of_recent_auth_failure() > 500: + if self.number_of_recent_auth_failure() > 750: yield dict( meta={"test": "high_number_auth_failure"}, status="WARNING", @@ -172,7 +176,7 @@ class BaseSystemDiagnoser(Diagnoser): try: return int(n_failures) except Exception: - self.logger_warning( + logger.warning( "Failed to parse number of recent auth failures, expected an int, got '%s'" % n_failures ) @@ -196,20 +200,20 @@ class BaseSystemDiagnoser(Diagnoser): if not os.path.exists(dpkg_log) or os.path.getmtime( cache_file ) > os.path.getmtime(dpkg_log): - self.logger_debug( + logger.debug( "Using cached results for meltdown checker, from %s" % cache_file ) return read_json(cache_file)[0]["VULNERABLE"] # script taken from https://github.com/speed47/spectre-meltdown-checker # script commit id is store directly in the script - SCRIPT_PATH = "/usr/lib/moulinette/yunohost/vendor/spectre-meltdown-checker/spectre-meltdown-checker.sh" + SCRIPT_PATH = "/usr/lib/python3/dist-packages/yunohost/vendor/spectre-meltdown-checker/spectre-meltdown-checker.sh" # '--variant 3' corresponds to Meltdown # example output from the script: # [{"NAME":"MELTDOWN","CVE":"CVE-2017-5754","VULNERABLE":false,"INFOS":"PTI mitigates the vulnerability"}] try: - self.logger_debug("Running meltdown vulnerability checker") + logger.debug("Running meltdown vulnerability checker") call = subprocess.Popen( "bash %s --batch json --variant 3" % SCRIPT_PATH, shell=True, @@ -231,7 +235,7 @@ class BaseSystemDiagnoser(Diagnoser): # stuff which should be the last line output = output.strip() if "\n" in output: - self.logger_debug("Original meltdown checker output : %s" % output) + logger.debug("Original meltdown checker output : %s" % output) output = output.split("\n")[-1] CVEs = json.loads(output) @@ -241,18 +245,14 @@ class BaseSystemDiagnoser(Diagnoser): import traceback traceback.print_exc() - self.logger_warning( + logger.warning( "Something wrong happened when trying to diagnose Meltdown vunerability, exception: %s" % e ) raise Exception("Command output for failed meltdown check: '%s'" % output) - self.logger_debug( + logger.debug( "Writing results from meltdown checker to cache file, %s" % cache_file ) write_to_json(cache_file, CVEs) return CVEs[0]["VULNERABLE"] - - -def main(args, env, loggers): - return BaseSystemDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/10-ip.py b/src/diagnosers/10-ip.py similarity index 93% rename from data/hooks/diagnosis/10-ip.py rename to src/diagnosers/10-ip.py index 408019668..247c486fc 100644 --- a/data/hooks/diagnosis/10-ip.py +++ b/src/diagnosers/10-ip.py @@ -3,7 +3,9 @@ import re import os import random +from typing import List +from moulinette.utils import log from moulinette.utils.network import download_text from moulinette.utils.process import check_output from moulinette.utils.filesystem import read_file @@ -11,12 +13,14 @@ from moulinette.utils.filesystem import read_file from yunohost.diagnosis import Diagnoser from yunohost.utils.network import get_network_interfaces +logger = log.getActionLogger("yunohost.diagnosis") -class IPDiagnoser(Diagnoser): + +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 600 - dependencies = [] + dependencies: List[str] = [] def run(self): @@ -144,16 +148,14 @@ class IPDiagnoser(Diagnoser): ) if not any(is_default_route(r) for r in routes): - self.logger_debug( + logger.debug( "No default route for IPv%s, so assuming there's no IP address for that version" % protocol ) return None # We use the resolver file as a list of well-known, trustable (ie not google ;)) IPs that we can ping - resolver_file = ( - "/usr/share/yunohost/templates/dnsmasq/plain/resolv.dnsmasq.conf" - ) + resolver_file = "/usr/share/yunohost/conf/dnsmasq/plain/resolv.dnsmasq.conf" resolvers = [ r.split(" ")[1] for r in read_file(resolver_file).split("\n") @@ -167,10 +169,7 @@ class IPDiagnoser(Diagnoser): assert ( resolvers != [] - ), "Uhoh, need at least one IPv%s DNS resolver in %s ..." % ( - protocol, - resolver_file, - ) + ), f"Uhoh, need at least one IPv{protocol} DNS resolver in {resolver_file} ..." # So let's try to ping the first 4~5 resolvers (shuffled) # If we succesfully ping any of them, we conclude that we are indeed connected @@ -220,11 +219,7 @@ class IPDiagnoser(Diagnoser): try: return download_text(url, timeout=30).strip() except Exception as e: - self.logger_debug( - "Could not get public IPv%s : %s" % (str(protocol), str(e)) - ) + protocol = str(protocol) + e = str(e) + self.logger_debug(f"Could not get public IPv{protocol} : {e}") return None - - -def main(args, env, loggers): - return IPDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/src/diagnosers/12-dnsrecords.py similarity index 95% rename from data/hooks/diagnosis/12-dnsrecords.py rename to src/diagnosers/12-dnsrecords.py index 677a947a7..91fcf10fa 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/src/diagnosers/12-dnsrecords.py @@ -2,10 +2,11 @@ import os import re - +from typing import List from datetime import datetime, timedelta -from publicsuffix import PublicSuffixList +from publicsuffix2 import PublicSuffixList +from moulinette.utils import log from moulinette.utils.process import check_output from yunohost.utils.dns import ( @@ -18,12 +19,14 @@ from yunohost.diagnosis import Diagnoser from yunohost.domain import domain_list, _get_maindomain from yunohost.dns import _build_dns_conf, _get_dns_zone_for_domain +logger = log.getActionLogger("yunohost.diagnosis") -class DNSRecordsDiagnoser(Diagnoser): + +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 600 - dependencies = ["ip"] + dependencies: List[str] = ["ip"] def run(self): @@ -31,7 +34,7 @@ class DNSRecordsDiagnoser(Diagnoser): major_domains = domain_list(exclude_subdomains=True)["domains"] for domain in major_domains: - self.logger_debug("Diagnosing DNS conf for %s" % domain) + logger.debug("Diagnosing DNS conf for %s" % domain) for report in self.check_domain( domain, @@ -56,13 +59,13 @@ class DNSRecordsDiagnoser(Diagnoser): def check_domain(self, domain, is_main_domain): if is_special_use_tld(domain): - categories = [] yield dict( meta={"domain": domain}, data={}, status="INFO", summary="diagnosis_dns_specialusedomain", ) + return base_dns_zone = _get_dns_zone_for_domain(domain) basename = domain.replace(base_dns_zone, "").rstrip(".") or "@" @@ -97,6 +100,8 @@ class DNSRecordsDiagnoser(Diagnoser): r["current"] = self.get_current_record(fqdn, r["type"]) if r["value"] == "@": r["value"] = domain + "." + elif r["type"] == "CNAME": + r["value"] = r["value"] + f".{base_dns_zone}." if self.current_record_match_expected(r): results[id_] = "OK" @@ -135,7 +140,7 @@ class DNSRecordsDiagnoser(Diagnoser): # If status is okay and there's actually no expected records # (e.g. XMPP disabled) # then let's not yield any diagnosis line - if not records and "status" == "SUCCESS": + if not records and status == "SUCCESS": continue output = dict( @@ -222,7 +227,7 @@ class DNSRecordsDiagnoser(Diagnoser): ) ) else: - self.logger_debug("Dyndns domain: %s" % (domain)) + logger.debug("Dyndns domain: %s" % (domain)) continue expire_in = expire_date - datetime.now() @@ -297,7 +302,3 @@ class DNSRecordsDiagnoser(Diagnoser): return datetime.strptime(match.group(1), "%d-%b-%Y") return "expiration_not_found" - - -def main(args, env, loggers): - return DNSRecordsDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/14-ports.py b/src/diagnosers/14-ports.py similarity index 97% rename from data/hooks/diagnosis/14-ports.py rename to src/diagnosers/14-ports.py index 7581a1ac6..be172e524 100644 --- a/data/hooks/diagnosis/14-ports.py +++ b/src/diagnosers/14-ports.py @@ -1,16 +1,17 @@ #!/usr/bin/env python import os +from typing import List from yunohost.diagnosis import Diagnoser from yunohost.service import _get_services -class PortsDiagnoser(Diagnoser): +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 600 - dependencies = ["ip"] + dependencies: List[str] = ["ip"] def run(self): @@ -146,7 +147,3 @@ class PortsDiagnoser(Diagnoser): "diagnosis_ports_forwarding_tip", ], ) - - -def main(args, env, loggers): - return PortsDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/21-web.py b/src/diagnosers/21-web.py similarity index 98% rename from data/hooks/diagnosis/21-web.py rename to src/diagnosers/21-web.py index 450296e7e..584505ad1 100644 --- a/data/hooks/diagnosis/21-web.py +++ b/src/diagnosers/21-web.py @@ -3,6 +3,7 @@ import os import random import requests +from typing import List from moulinette.utils.filesystem import read_file @@ -13,11 +14,11 @@ from yunohost.utils.dns import is_special_use_tld DIAGNOSIS_SERVER = "diagnosis.yunohost.org" -class WebDiagnoser(Diagnoser): +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 600 - dependencies = ["ip"] + dependencies: List[str] = ["ip"] def run(self): @@ -198,7 +199,3 @@ class WebDiagnoser(Diagnoser): summary="diagnosis_http_partially_unreachable", details=[detail.replace("error_http_check", "diagnosis_http")], ) - - -def main(args, env, loggers): - return WebDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/24-mail.py b/src/diagnosers/24-mail.py similarity index 95% rename from data/hooks/diagnosis/24-mail.py rename to src/diagnosers/24-mail.py index c5af4bbc6..7fe7a08db 100644 --- a/data/hooks/diagnosis/24-mail.py +++ b/src/diagnosers/24-mail.py @@ -3,9 +3,11 @@ import os import dns.resolver import re +from typing import List from subprocess import CalledProcessError +from moulinette.utils import log from moulinette.utils.process import check_output from moulinette.utils.filesystem import read_yaml @@ -14,14 +16,16 @@ from yunohost.domain import _get_maindomain, domain_list from yunohost.settings import settings_get from yunohost.utils.dns import dig -DEFAULT_DNS_BLACKLIST = "/usr/share/yunohost/other/dnsbl_list.yml" +DEFAULT_DNS_BLACKLIST = "/usr/share/yunohost/dnsbl_list.yml" + +logger = log.getActionLogger("yunohost.diagnosis") -class MailDiagnoser(Diagnoser): +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 600 - dependencies = ["ip"] + dependencies: List[str] = ["ip"] def run(self): @@ -42,7 +46,7 @@ class MailDiagnoser(Diagnoser): "check_queue", # i18n: diagnosis_mail_queue_ok ] for check in checks: - self.logger_debug("Running " + check) + logger.debug("Running " + check) reports = list(getattr(self, check)()) for report in reports: yield report @@ -209,8 +213,11 @@ class MailDiagnoser(Diagnoser): query = subdomain + "." + blacklist["dns_server"] # Do the DNS Query - status, _ = dig(query, "A") - if status != "ok": + status, answers = dig(query, "A") + if status != "ok" or ( + answers + and set(answers) <= set(blacklist["non_blacklisted_return_code"]) + ): continue # Try to get the reason @@ -292,7 +299,3 @@ class MailDiagnoser(Diagnoser): if global_ipv6: outgoing_ips.append(global_ipv6) return (outgoing_ipversions, outgoing_ips) - - -def main(args, env, loggers): - return MailDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/30-services.py b/src/diagnosers/30-services.py similarity index 89% rename from data/hooks/diagnosis/30-services.py rename to src/diagnosers/30-services.py index adbcc73b9..f09688911 100644 --- a/data/hooks/diagnosis/30-services.py +++ b/src/diagnosers/30-services.py @@ -1,16 +1,17 @@ #!/usr/bin/env python import os +from typing import List from yunohost.diagnosis import Diagnoser from yunohost.service import service_status -class ServicesDiagnoser(Diagnoser): +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 300 - dependencies = [] + dependencies: List[str] = [] def run(self): @@ -41,7 +42,3 @@ class ServicesDiagnoser(Diagnoser): item["summary"] = "diagnosis_services_running" yield item - - -def main(args, env, loggers): - return ServicesDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/50-systemresources.py b/src/diagnosers/50-systemresources.py similarity index 93% rename from data/hooks/diagnosis/50-systemresources.py rename to src/diagnosers/50-systemresources.py index a662e392e..6ac7f0ec4 100644 --- a/data/hooks/diagnosis/50-systemresources.py +++ b/src/diagnosers/50-systemresources.py @@ -3,21 +3,22 @@ import os import psutil import datetime import re +from typing import List from moulinette.utils.process import check_output from yunohost.diagnosis import Diagnoser -class SystemResourcesDiagnoser(Diagnoser): +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 300 - dependencies = [] + dependencies: List[str] = [] def run(self): - MB = 1024 ** 2 + MB = 1024**2 GB = MB * 1024 # @@ -132,7 +133,7 @@ class SystemResourcesDiagnoser(Diagnoser): d for d in disk_partitions if d.mountpoint in ["/", "/var"] ] main_space = sum( - [psutil.disk_usage(d.mountpoint).total for d in main_disk_partitions] + psutil.disk_usage(d.mountpoint).total for d in main_disk_partitions ) if main_space < 10 * GB: yield dict( @@ -156,7 +157,7 @@ class SystemResourcesDiagnoser(Diagnoser): kills_count = self.recent_kills_by_oom_reaper() if kills_count: kills_summary = "\n".join( - ["%s (x%s)" % (proc, count) for proc, count in kills_count] + [f"{proc} (x{count})" for proc, count in kills_count] ) yield dict( @@ -202,9 +203,11 @@ def human_size(bytes_): # Adapted from https://stackoverflow.com/a/1094933 for unit in ["", "ki", "Mi", "Gi", "Ti", "Pi", "Ei", "Zi"]: if abs(bytes_) < 1024.0: - return "%s %sB" % (round_(bytes_), unit) + bytes_ = round_(bytes_) + return f"{bytes_} {unit}B" bytes_ /= 1024.0 - return "%s %sB" % (round_(bytes_), "Yi") + bytes_ = round_(bytes_) + return f"{bytes_} YiB" def round_(n): @@ -214,7 +217,3 @@ def round_(n): if n > 10: n = int(round(n)) return n - - -def main(args, env, loggers): - return SystemResourcesDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/70-regenconf.py b/src/diagnosers/70-regenconf.py similarity index 94% rename from data/hooks/diagnosis/70-regenconf.py rename to src/diagnosers/70-regenconf.py index 8ccbeed58..591f883a4 100644 --- a/data/hooks/diagnosis/70-regenconf.py +++ b/src/diagnosers/70-regenconf.py @@ -2,6 +2,7 @@ import os import re +from typing import List from yunohost.settings import settings_get from yunohost.diagnosis import Diagnoser @@ -9,11 +10,11 @@ from yunohost.regenconf import _get_regenconf_infos, _calculate_hash from moulinette.utils.filesystem import read_file -class RegenconfDiagnoser(Diagnoser): +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 300 - dependencies = [] + dependencies: List[str] = [] def run(self): @@ -70,7 +71,3 @@ class RegenconfDiagnoser(Diagnoser): for path, hash_ in infos["conffiles"].items(): if hash_ != _calculate_hash(path): yield {"path": path, "category": category} - - -def main(args, env, loggers): - return RegenconfDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/80-apps.py b/src/diagnosers/80-apps.py similarity index 95% rename from data/hooks/diagnosis/80-apps.py rename to src/diagnosers/80-apps.py index 5aec48ed8..56e45f831 100644 --- a/data/hooks/diagnosis/80-apps.py +++ b/src/diagnosers/80-apps.py @@ -1,17 +1,18 @@ #!/usr/bin/env python import os +from typing import List from yunohost.app import app_list from yunohost.diagnosis import Diagnoser -class AppDiagnoser(Diagnoser): +class MyDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] cache_duration = 300 - dependencies = [] + dependencies: List[str] = [] def run(self): @@ -90,7 +91,3 @@ class AppDiagnoser(Diagnoser): == 0 ): yield ("error", "diagnosis_apps_deprecated_practices") - - -def main(args, env, loggers): - return AppDiagnoser(args, env, loggers).diagnose() diff --git a/src/yunohost/data_migrations/__init__.py b/src/diagnosers/__init__.py similarity index 100% rename from src/yunohost/data_migrations/__init__.py rename to src/diagnosers/__init__.py diff --git a/src/yunohost/diagnosis.py b/src/diagnosis.py similarity index 88% rename from src/yunohost/diagnosis.py rename to src/diagnosis.py index 4ac5e2731..007719dfc 100644 --- a/src/yunohost/diagnosis.py +++ b/src/diagnosis.py @@ -27,6 +27,8 @@ import re import os import time +import glob +from importlib import import_module from moulinette import m18n, Moulinette from moulinette.utils import log @@ -38,7 +40,6 @@ from moulinette.utils.filesystem import ( ) from yunohost.utils.error import YunohostError, YunohostValidationError -from yunohost.hook import hook_list, hook_exec logger = log.getActionLogger("yunohost.diagnosis") @@ -48,15 +49,13 @@ DIAGNOSIS_SERVER = "diagnosis.yunohost.org" def diagnosis_list(): - all_categories_names = [h for h, _ in _list_diagnosis_categories()] - return {"categories": all_categories_names} + return {"categories": _list_diagnosis_categories()} def diagnosis_get(category, item): # Get all the categories - all_categories = _list_diagnosis_categories() - all_categories_names = [c for c, _ in all_categories] + all_categories_names = _list_diagnosis_categories() if category not in all_categories_names: raise YunohostValidationError( @@ -84,8 +83,7 @@ def diagnosis_show( return # Get all the categories - all_categories = _list_diagnosis_categories() - all_categories_names = [category for category, _ in all_categories] + all_categories_names = _list_diagnosis_categories() # Check the requested category makes sense if categories == []: @@ -174,8 +172,7 @@ def diagnosis_run( return # Get all the categories - all_categories = _list_diagnosis_categories() - all_categories_names = [category for category, _ in all_categories] + all_categories_names = _list_diagnosis_categories() # Check the requested category makes sense if categories == []: @@ -191,11 +188,12 @@ def diagnosis_run( # Call the hook ... diagnosed_categories = [] for category in categories: - logger.debug("Running diagnosis for %s ..." % category) - path = [p for n, p in all_categories if n == category][0] + logger.debug(f"Running diagnosis for {category} ...") + + diagnoser = _load_diagnoser(category) try: - code, report = hook_exec(path, args={"force": force}, env=None) + code, report = diagnoser.diagnose(force=force) except Exception: import traceback @@ -275,8 +273,7 @@ def _diagnosis_ignore(add_filter=None, remove_filter=None, list=False): def validate_filter_criterias(filter_): # Get all the categories - all_categories = _list_diagnosis_categories() - all_categories_names = [category for category, _ in all_categories] + all_categories_names = _list_diagnosis_categories() # Sanity checks for the provided arguments if len(filter_) == 0: @@ -285,7 +282,7 @@ def _diagnosis_ignore(add_filter=None, remove_filter=None, list=False): ) category = filter_[0] if category not in all_categories_names: - raise YunohostValidationError("%s is not a diagnosis category" % category) + raise YunohostValidationError(f"{category} is not a diagnosis category") if any("=" not in criteria for criteria in filter_[1:]): raise YunohostValidationError( "Criterias should be of the form key=value (e.g. domain=yolo.test)" @@ -404,12 +401,8 @@ def add_ignore_flag_to_issues(report): class Diagnoser: - def __init__(self, args, env, loggers): + def __init__(self): - # FIXME ? That stuff with custom loggers is weird ... (mainly inherited from the bash hooks, idk) - self.logger_debug, self.logger_warning, self.logger_info = loggers - self.env = env - self.args = args or {} self.cache_file = Diagnoser.cache_file(self.id_) self.description = Diagnoser.get_description(self.id_) @@ -424,13 +417,10 @@ class Diagnoser: os.makedirs(DIAGNOSIS_CACHE) return write_to_json(self.cache_file, report) - def diagnose(self): + def diagnose(self, force=False): - if ( - not self.args.get("force", False) - and self.cached_time_ago() < self.cache_duration - ): - self.logger_debug("Cache still valid : %s" % self.cache_file) + if not force and self.cached_time_ago() < self.cache_duration: + logger.debug(f"Cache still valid : {self.cache_file}") logger.info( m18n.n("diagnosis_cache_still_valid", category=self.description) ) @@ -464,7 +454,7 @@ class Diagnoser: new_report = {"id": self.id_, "cached_for": self.cache_duration, "items": items} - self.logger_debug("Updating cache %s" % self.cache_file) + logger.debug(f"Updating cache {self.cache_file}") self.write_cache(new_report) Diagnoser.i18n(new_report) add_ignore_flag_to_issues(new_report) @@ -537,7 +527,7 @@ class Diagnoser: @staticmethod def cache_file(id_): - return os.path.join(DIAGNOSIS_CACHE, "%s.json" % id_) + return os.path.join(DIAGNOSIS_CACHE, f"{id_}.json") @staticmethod def get_cached_report(id_, item=None, warn_if_no_cache=True): @@ -640,7 +630,7 @@ class Diagnoser: elif ipversion == 6: socket.getaddrinfo = getaddrinfo_ipv6_only - url = "https://%s/%s" % (DIAGNOSIS_SERVER, uri) + url = f"https://{DIAGNOSIS_SERVER}/{uri}" try: r = requests.post(url, json=data, timeout=timeout) finally: @@ -648,40 +638,69 @@ class Diagnoser: if r.status_code not in [200, 400]: raise Exception( - "The remote diagnosis server failed miserably while trying to diagnose your server. This is most likely an error on Yunohost's infrastructure and not on your side. Please contact the YunoHost team an provide them with the following information.
URL: %s
Status code: %s" - % (url, r.status_code) + f"The remote diagnosis server failed miserably while trying to diagnose your server. This is most likely an error on Yunohost's infrastructure and not on your side. Please contact the YunoHost team an provide them with the following information.
URL: {url}
Status code: {r.status_code}" ) if r.status_code == 400: - raise Exception("Diagnosis request was refused: %s" % r.content) + raise Exception(f"Diagnosis request was refused: {r.content}") try: r = r.json() except Exception as e: raise Exception( - "Failed to parse json from diagnosis server response.\nError: %s\nOriginal content: %s" - % (e, r.content) + f"Failed to parse json from diagnosis server response.\nError: {e}\nOriginal content: {r.content}" ) return r def _list_diagnosis_categories(): - hooks_raw = hook_list("diagnosis", list_by="priority", show_info=True)["hooks"] - hooks = [] - for _, some_hooks in sorted(hooks_raw.items(), key=lambda h: int(h[0])): - for name, info in some_hooks.items(): - hooks.append((name, info["path"])) - return hooks + paths = glob.glob(os.path.dirname(__file__) + "/diagnosers/??-*.py") + names = [ + name.split("-")[-1] + for name in sorted([os.path.basename(path)[: -len(".py")] for path in paths]) + ] + + return names + + +def _load_diagnoser(diagnoser_name): + + logger.debug(f"Loading diagnoser {diagnoser_name}") + + paths = glob.glob(os.path.dirname(__file__) + f"/diagnosers/??-{diagnoser_name}.py") + + if len(paths) != 1: + raise YunohostError( + f"Uhoh, found several matches (or none?) for diagnoser {diagnoser_name} : {paths}", + raw_msg=True, + ) + + module_id = os.path.basename(paths[0][: -len(".py")]) + + try: + # this is python builtin method to import a module using a name, we + # use that to import the migration as a python object so we'll be + # able to run it in the next loop + module = import_module(f"yunohost.diagnosers.{module_id}") + return module.MyDiagnoser() + except Exception as e: + import traceback + + traceback.print_exc() + + raise YunohostError( + f"Failed to load diagnoser {diagnoser_name} : {e}", raw_msg=True + ) def _email_diagnosis_issues(): from yunohost.domain import _get_maindomain maindomain = _get_maindomain() - from_ = "diagnosis@%s (Automatic diagnosis on %s)" % (maindomain, maindomain) + from_ = f"diagnosis@{maindomain} (Automatic diagnosis on {maindomain})" to_ = "root" - subject_ = "Issues found by automatic diagnosis on %s" % maindomain + subject_ = f"Issues found by automatic diagnosis on {maindomain}" disclaimer = "The automatic diagnosis on your YunoHost server identified some issues on your server. You will find a description of the issues below. You can manage those issues in the 'Diagnosis' section in your webadmin." @@ -691,23 +710,17 @@ def _email_diagnosis_issues(): content = _dump_human_readable_reports(issues) - message = """\ -From: %s -To: %s -Subject: %s + message = f"""\ +From: {from_} +To: {to_} +Subject: {subject_} -%s +{disclaimer} --- -%s -""" % ( - from_, - to_, - subject_, - disclaimer, - content, - ) +{content} +""" import smtplib diff --git a/src/yunohost/dns.py b/src/dns.py similarity index 98% rename from src/yunohost/dns.py rename to src/dns.py index 534ade918..8991aa742 100644 --- a/src/yunohost/dns.py +++ b/src/dns.py @@ -50,7 +50,7 @@ from yunohost.hook import hook_callback logger = getActionLogger("yunohost.domain") -DOMAIN_REGISTRAR_LIST_PATH = "/usr/share/yunohost/other/registrar_list.toml" +DOMAIN_REGISTRAR_LIST_PATH = "/usr/share/yunohost/registrar_list.toml" def domain_dns_suggest(domain): @@ -338,7 +338,7 @@ def _build_dns_conf(base_domain, include_empty_AAAA_if_no_ipv6=False): def _get_DKIM(domain): - DKIM_file = "/etc/dkim/{domain}.mail.txt".format(domain=domain) + DKIM_file = f"/etc/dkim/{domain}.mail.txt" if not os.path.isfile(DKIM_file): return (None, None) @@ -762,7 +762,7 @@ def domain_dns_push(operation_logger, domain, dry_run=False, force=False, purge= changes = {"delete": [], "update": [], "create": [], "unchanged": []} type_and_names = sorted( - set([(r["type"], r["name"]) for r in current_records + wanted_records]) + {(r["type"], r["name"]) for r in current_records + wanted_records} ) comparison = { type_and_name: {"current": [], "wanted": []} for type_and_name in type_and_names @@ -857,7 +857,6 @@ def domain_dns_push(operation_logger, domain, dry_run=False, force=False, purge= ignored = "" if action == "create": - old_content = record.get("old_content", "(None)")[:30] new_content = record.get("content", "(None)")[:30] return f"{name:>20} [{t:^5}] {new_content:^30} {ignored}" elif action == "update": @@ -867,7 +866,7 @@ def domain_dns_push(operation_logger, domain, dry_run=False, force=False, purge= f"{name:>20} [{t:^5}] {old_content:^30} -> {new_content:^30} {ignored}" ) elif action == "unchanged": - old_content = new_content = record.get("content", "(None)")[:30] + old_content = record.get("content", "(None)")[:30] return f"{name:>20} [{t:^5}] {old_content:^30}" else: old_content = record.get("content", "(None)")[:30] diff --git a/src/yunohost/domain.py b/src/domain.py similarity index 80% rename from src/yunohost/domain.py rename to src/domain.py index b40831d25..e40b4f03c 100644 --- a/src/yunohost/domain.py +++ b/src/domain.py @@ -44,7 +44,7 @@ from yunohost.log import is_unit_operation logger = getActionLogger("yunohost.domain") -DOMAIN_CONFIG_PATH = "/usr/share/yunohost/other/config_domain.toml" +DOMAIN_CONFIG_PATH = "/usr/share/yunohost/config_domain.toml" DOMAIN_SETTINGS_DIR = "/etc/yunohost/domains" # Lazy dev caching to avoid re-query ldap every time we need the domain list @@ -68,9 +68,7 @@ def domain_list(exclude_subdomains=False): ldap = _get_ldap_interface() result = [ entry["virtualdomain"][0] - for entry in ldap.search( - "ou=domains,dc=yunohost,dc=org", "virtualdomain=*", ["virtualdomain"] - ) + for entry in ldap.search("ou=domains", "virtualdomain=*", ["virtualdomain"]) ] result_list = [] @@ -102,7 +100,7 @@ def domain_list(exclude_subdomains=False): def _assert_domain_exists(domain): if domain not in domain_list()["domains"]: - raise YunohostValidationError("domain_name_unknown", domain=domain) + raise YunohostValidationError("domain_unknown", domain=domain) def _list_subdomains_of(parent_domain): @@ -167,15 +165,16 @@ def domain_add(operation_logger, domain, dyndns=False): # DynDNS domain if dyndns: - from yunohost.dyndns import _dyndns_provides, _guess_current_dyndns_domain + from yunohost.utils.dns import is_yunohost_dyndns_domain + from yunohost.dyndns import _guess_current_dyndns_domain # Do not allow to subscribe to multiple dyndns domains... - if _guess_current_dyndns_domain("dyndns.yunohost.org") != (None, None): + if _guess_current_dyndns_domain() != (None, None): raise YunohostValidationError("domain_dyndns_already_subscribed") # Check that this domain can effectively be provided by # dyndns.yunohost.org. (i.e. is it a nohost.me / noho.st) - if not _dyndns_provides("dyndns.yunohost.org", domain): + if not is_yunohost_dyndns_domain(domain): raise YunohostValidationError("domain_dyndns_root_unknown") operation_logger.start() @@ -186,7 +185,7 @@ def domain_add(operation_logger, domain, dyndns=False): # Actually subscribe dyndns_subscribe(domain=domain) - _certificate_install_selfsigned([domain], False) + _certificate_install_selfsigned([domain], True) try: attr_dict = { @@ -195,7 +194,7 @@ def domain_add(operation_logger, domain, dyndns=False): } try: - ldap.add("virtualdomain=%s,ou=domains" % domain, attr_dict) + ldap.add(f"virtualdomain={domain},ou=domains", attr_dict) except Exception as e: raise YunohostError("domain_creation_failed", domain=domain, error=e) finally: @@ -214,7 +213,7 @@ def domain_add(operation_logger, domain, dyndns=False): # This is a pretty ad hoc solution and only applied to nginx # because it's one of the major service, but in the long term we # should identify the root of this bug... - _force_clear_hashes(["/etc/nginx/conf.d/%s.conf" % domain]) + _force_clear_hashes([f"/etc/nginx/conf.d/{domain}.conf"]) regen_conf( names=["nginx", "metronome", "dnsmasq", "postfix", "rspamd", "mdns"] ) @@ -281,8 +280,7 @@ def domain_remove(operation_logger, domain, remove_apps=False, force=False): apps_on_that_domain.append( ( app, - ' - %s "%s" on https://%s%s' - % (app, label, domain, settings["path"]) + f" - {app} \"{label}\" on https://{domain}{settings['path']}" if "path" in settings else app, ) @@ -341,14 +339,14 @@ def domain_remove(operation_logger, domain, remove_apps=False, force=False): # This is a pretty ad hoc solution and only applied to nginx # because it's one of the major service, but in the long term we # should identify the root of this bug... - _force_clear_hashes(["/etc/nginx/conf.d/%s.conf" % domain]) + _force_clear_hashes([f"/etc/nginx/conf.d/{domain}.conf"]) # And in addition we even force-delete the file Otherwise, if the file was # manually modified, it may not get removed by the regenconf which leads to # catastrophic consequences of nginx breaking because it can't load the # cert file which disappeared etc.. - if os.path.exists("/etc/nginx/conf.d/%s.conf" % domain): + if os.path.exists(f"/etc/nginx/conf.d/{domain}.conf"): _process_regen_conf( - "/etc/nginx/conf.d/%s.conf" % domain, new_conf=None, save=True + f"/etc/nginx/conf.d/{domain}.conf", new_conf=None, save=True ) regen_conf(names=["nginx", "metronome", "dnsmasq", "postfix", "rspamd", "mdns"]) @@ -387,7 +385,7 @@ def domain_main_domain(operation_logger, new_main_domain=None): domain_list_cache = {} _set_hostname(new_main_domain) except Exception as e: - logger.warning("%s" % e, exc_info=1) + logger.warning(str(e), exc_info=1) raise YunohostError("main_domain_change_failed") # Generate SSOwat configuration file @@ -452,28 +450,54 @@ def domain_config_set( class DomainConfigPanel(ConfigPanel): - def __init__(self, domain): - _assert_domain_exists(domain) - self.domain = domain - self.save_mode = "diff" - super().__init__( - config_path=DOMAIN_CONFIG_PATH, - save_path=f"{DOMAIN_SETTINGS_DIR}/{domain}.yml", - ) + entity_type = "domain" + save_path_tpl = f"{DOMAIN_SETTINGS_DIR}/{{entity}}.yml" + save_mode = "diff" + + def _apply(self): + if ( + "default_app" in self.future_values + and self.future_values["default_app"] != self.values["default_app"] + ): + from yunohost.app import app_ssowatconf, app_map + + if "/" in app_map(raw=True)[self.entity]: + raise YunohostValidationError( + "app_make_default_location_already_used", + app=self.future_values["default_app"], + domain=self.entity, + other_app=app_map(raw=True)[self.entity]["/"]["id"], + ) + + super()._apply() + + # Reload ssowat if default app changed + if ( + "default_app" in self.future_values + and self.future_values["default_app"] != self.values["default_app"] + ): + app_ssowatconf() def _get_toml(self): - from yunohost.dns import _get_registrar_config_section toml = super()._get_toml() toml["feature"]["xmpp"]["xmpp"]["default"] = ( - 1 if self.domain == _get_maindomain() else 0 + 1 if self.entity == _get_maindomain() else 0 ) - toml["dns"]["registrar"] = _get_registrar_config_section(self.domain) - # FIXME: Ugly hack to save the registar id/value and reinject it in _load_current_values ... - self.registar_id = toml["dns"]["registrar"]["registrar"]["value"] - del toml["dns"]["registrar"]["registrar"]["value"] + # Optimize wether or not to load the DNS section, + # e.g. we don't want to trigger the whole _get_registary_config_section + # when just getting the current value from the feature section + filter_key = self.filter_key.split(".") if self.filter_key != "" else [] + if not filter_key or filter_key[0] == "dns": + from yunohost.dns import _get_registrar_config_section + + toml["dns"]["registrar"] = _get_registrar_config_section(self.entity) + + # FIXME: Ugly hack to save the registar id/value and reinject it in _load_current_values ... + self.registar_id = toml["dns"]["registrar"]["registrar"]["value"] + del toml["dns"]["registrar"]["registrar"]["value"] return toml @@ -483,7 +507,9 @@ class DomainConfigPanel(ConfigPanel): super()._load_current_values() # FIXME: Ugly hack to save the registar id/value and reinject it in _load_current_values ... - self.values["registrar"] = self.registar_id + filter_key = self.filter_key.split(".") if self.filter_key != "" else [] + if not filter_key or filter_key[0] == "dns": + self.values["registrar"] = self.registar_id def _get_domain_settings(domain: str) -> dict: @@ -511,29 +537,21 @@ def _set_domain_settings(domain: str, settings: dict) -> None: def domain_cert_status(domain_list, full=False): - import yunohost.certificate + from yunohost.certificate import certificate_status - return yunohost.certificate.certificate_status(domain_list, full) + return certificate_status(domain_list, full) -def domain_cert_install( - domain_list, force=False, no_checks=False, self_signed=False, staging=False -): - import yunohost.certificate +def domain_cert_install(domain_list, force=False, no_checks=False, self_signed=False): + from yunohost.certificate import certificate_install - return yunohost.certificate.certificate_install( - domain_list, force, no_checks, self_signed, staging - ) + return certificate_install(domain_list, force, no_checks, self_signed) -def domain_cert_renew( - domain_list, force=False, no_checks=False, email=False, staging=False -): - import yunohost.certificate +def domain_cert_renew(domain_list, force=False, no_checks=False, email=False): + from yunohost.certificate import certificate_renew - return yunohost.certificate.certificate_renew( - domain_list, force, no_checks, email, staging - ) + return certificate_renew(domain_list, force, no_checks, email) def domain_dns_conf(domain): @@ -541,12 +559,12 @@ def domain_dns_conf(domain): def domain_dns_suggest(domain): - import yunohost.dns + from yunohost.dns import domain_dns_suggest - return yunohost.dns.domain_dns_suggest(domain) + return domain_dns_suggest(domain) def domain_dns_push(domain, dry_run, force, purge): - import yunohost.dns + from yunohost.dns import domain_dns_push - return yunohost.dns.domain_dns_push(domain, dry_run, force, purge) + return domain_dns_push(domain, dry_run, force, purge) diff --git a/src/yunohost/dyndns.py b/src/dyndns.py similarity index 57% rename from src/yunohost/dyndns.py rename to src/dyndns.py index e33cf4f22..34f3dd5dc 100644 --- a/src/yunohost/dyndns.py +++ b/src/dyndns.py @@ -33,98 +33,58 @@ import subprocess from moulinette import m18n from moulinette.core import MoulinetteError from moulinette.utils.log import getActionLogger -from moulinette.utils.filesystem import write_to_file, read_file, rm, chown, chmod +from moulinette.utils.filesystem import write_to_file, rm, chown, chmod from moulinette.utils.network import download_json from yunohost.utils.error import YunohostError, YunohostValidationError from yunohost.domain import _get_maindomain from yunohost.utils.network import get_public_ip -from yunohost.utils.dns import dig +from yunohost.utils.dns import dig, is_yunohost_dyndns_domain from yunohost.log import is_unit_operation from yunohost.regenconf import regen_conf logger = getActionLogger("yunohost.dyndns") -DYNDNS_ZONE = "/etc/yunohost/dyndns/zone" - -RE_DYNDNS_PRIVATE_KEY_MD5 = re.compile(r".*/K(?P[^\s\+]+)\.\+157.+\.private$") - -RE_DYNDNS_PRIVATE_KEY_SHA512 = re.compile( - r".*/K(?P[^\s\+]+)\.\+165.+\.private$" -) +DYNDNS_PROVIDER = "dyndns.yunohost.org" +DYNDNS_DNS_AUTH = ["ns0.yunohost.org", "ns1.yunohost.org"] -def _dyndns_provides(provider, domain): +def _dyndns_available(domain): """ - Checks if a provider provide/manage a given domain. + Checks if a domain is available on dyndns.yunohost.org Keyword arguments: - provider -- The url of the provider, e.g. "dyndns.yunohost.org" - domain -- The full domain that you'd like.. e.g. "foo.nohost.me" - - Returns: - True if the provider provide/manages the domain. False otherwise. - """ - - logger.debug("Checking if %s is managed by %s ..." % (domain, provider)) - - try: - # Dyndomains will be a list of domains supported by the provider - # e.g. [ "nohost.me", "noho.st" ] - dyndomains = download_json("https://%s/domains" % provider, timeout=30) - except MoulinetteError as e: - logger.error(str(e)) - raise YunohostError( - "dyndns_could_not_check_provide", domain=domain, provider=provider - ) - - # Extract 'dyndomain' from 'domain', e.g. 'nohost.me' from 'foo.nohost.me' - dyndomain = ".".join(domain.split(".")[1:]) - - return dyndomain in dyndomains - - -def _dyndns_available(provider, domain): - """ - Checks if a domain is available from a given provider. - - Keyword arguments: - provider -- The url of the provider, e.g. "dyndns.yunohost.org" domain -- The full domain that you'd like.. e.g. "foo.nohost.me" Returns: True if the domain is available, False otherwise. """ - logger.debug("Checking if domain %s is available on %s ..." % (domain, provider)) + logger.debug(f"Checking if domain {domain} is available on {DYNDNS_PROVIDER} ...") try: r = download_json( - "https://%s/test/%s" % (provider, domain), expected_status_code=None + f"https://{DYNDNS_PROVIDER}/test/{domain}", expected_status_code=None ) except MoulinetteError as e: logger.error(str(e)) raise YunohostError( - "dyndns_could_not_check_available", domain=domain, provider=provider + "dyndns_could_not_check_available", domain=domain, provider=DYNDNS_PROVIDER ) - return r == "Domain %s is available" % domain + return r == f"Domain {domain} is available" @is_unit_operation() -def dyndns_subscribe( - operation_logger, subscribe_host="dyndns.yunohost.org", domain=None, key=None -): +def dyndns_subscribe(operation_logger, domain=None, key=None): """ Subscribe to a DynDNS service Keyword argument: domain -- Full domain to subscribe with key -- Public DNS key - subscribe_host -- Dynette HTTP API to subscribe to - """ - if _guess_current_dyndns_domain(subscribe_host) != (None, None): + if _guess_current_dyndns_domain() != (None, None): raise YunohostValidationError("domain_dyndns_already_subscribed") if domain is None: @@ -132,17 +92,21 @@ def dyndns_subscribe( operation_logger.related_to.append(("domain", domain)) # Verify if domain is provided by subscribe_host - if not _dyndns_provides(subscribe_host, domain): + if not is_yunohost_dyndns_domain(domain): raise YunohostValidationError( - "dyndns_domain_not_provided", domain=domain, provider=subscribe_host + "dyndns_domain_not_provided", domain=domain, provider=DYNDNS_PROVIDER ) # Verify if domain is available - if not _dyndns_available(subscribe_host, domain): + if not _dyndns_available(domain): raise YunohostValidationError("dyndns_unavailable", domain=domain) operation_logger.start() + # '165' is the convention identifier for hmac-sha512 algorithm + # '1234' is idk? doesnt matter, but the old format contained a number here... + key_file = f"/etc/yunohost/dyndns/K{domain}.+165+1234.key" + if key is None: if len(glob.glob("/etc/yunohost/dyndns/*.key")) == 0: if not os.path.exists("/etc/yunohost/dyndns"): @@ -150,43 +114,47 @@ def dyndns_subscribe( logger.debug(m18n.n("dyndns_key_generating")) - os.system( - "cd /etc/yunohost/dyndns && " - f"dnssec-keygen -a hmac-sha512 -b 512 -r /dev/urandom -n USER {domain}" - ) + # Here, we emulate the behavior of the old 'dnssec-keygen' utility + # which since bullseye was replaced by ddns-keygen which is now + # in the bind9 package ... but installing bind9 will conflict with dnsmasq + # and is just madness just to have access to a tsig keygen utility -.- + + # Use 512 // 8 = 64 bytes for hmac-sha512 (c.f. https://git.hactrn.net/sra/tsig-keygen/src/master/tsig-keygen.py) + secret = base64.b64encode(os.urandom(512 // 8)).decode("ascii") + + # Idk why but the secret is split in two parts, with the first one + # being 57-long char ... probably some DNS format + secret = f"{secret[:56]} {secret[56:]}" + + key_content = f"{domain}. IN KEY 0 3 165 {secret}" + write_to_file(key_file, key_content) chmod("/etc/yunohost/dyndns", 0o600, recursive=True) chown("/etc/yunohost/dyndns", "root", recursive=True) - private_file = glob.glob("/etc/yunohost/dyndns/*%s*.private" % domain)[0] - key_file = glob.glob("/etc/yunohost/dyndns/*%s*.key" % domain)[0] - with open(key_file) as f: - key = f.readline().strip().split(" ", 6)[-1] - import requests # lazy loading this module for performance reasons # Send subscription try: + # Yeah the secret is already a base64-encoded but we double-bas64-encode it, whatever... + b64encoded_key = base64.b64encode(secret.encode()).decode() r = requests.post( - "https://%s/key/%s?key_algo=hmac-sha512" - % (subscribe_host, base64.b64encode(key.encode()).decode()), + f"https://{DYNDNS_PROVIDER}/key/{b64encoded_key}?key_algo=hmac-sha512", data={"subdomain": domain}, timeout=30, ) except Exception as e: - rm(private_file, force=True) rm(key_file, force=True) raise YunohostError("dyndns_registration_failed", error=str(e)) if r.status_code != 201: - rm(private_file, force=True) rm(key_file, force=True) try: error = json.loads(r.text)["error"] except Exception: - error = 'Server error, code: %s. (Message: "%s")' % (r.status_code, r.text) + error = f'Server error, code: {r.status_code}. (Message: "{r.text}")' raise YunohostError("dyndns_registration_failed", error=error) - # Yunohost regen conf will add the dyndns cron job if a private key exists + # Yunohost regen conf will add the dyndns cron job if a key exists # in /etc/yunohost/dyndns regen_conf(["yunohost"]) @@ -205,11 +173,7 @@ def dyndns_subscribe( @is_unit_operation() def dyndns_update( operation_logger, - dyn_host="dyndns.yunohost.org", domain=None, - key=None, - ipv4=None, - ipv6=None, force=False, dry_run=False, ): @@ -218,58 +182,76 @@ def dyndns_update( Keyword argument: domain -- Full domain to update - dyn_host -- Dynette DNS server to inform - key -- Public DNS key - ipv4 -- IP address to send - ipv6 -- IPv6 address to send - """ from yunohost.dns import _build_dns_conf + import dns.query + import dns.tsig + import dns.tsigkeyring + import dns.update # If domain is not given, try to guess it from keys available... + key = None if domain is None: - (domain, key) = _guess_current_dyndns_domain(dyn_host) + (domain, key) = _guess_current_dyndns_domain() if domain is None: raise YunohostValidationError("dyndns_no_domain_registered") # If key is not given, pick the first file we find with the domain given - else: - if key is None: - keys = glob.glob("/etc/yunohost/dyndns/K{0}.+*.private".format(domain)) + elif key is None: + keys = glob.glob(f"/etc/yunohost/dyndns/K{domain}.+*.key") - if not keys: - raise YunohostValidationError("dyndns_key_not_found") + if not keys: + raise YunohostValidationError("dyndns_key_not_found") - key = keys[0] + key = keys[0] + + # Get current IPv4 and IPv6 + ipv4 = get_public_ip() + ipv6 = get_public_ip(6) + + if ipv4 is None and ipv6 is None: + logger.debug( + "No ipv4 nor ipv6 ?! Sounds like the server is not connected to the internet, or the ip.yunohost.org infrastructure is down somehow" + ) + return # Extract 'host', e.g. 'nohost.me' from 'foo.nohost.me' - host = domain.split(".")[1:] - host = ".".join(host) + zone = domain.split(".")[1:] + zone = ".".join(zone) - logger.debug("Building zone update file ...") + logger.debug("Building zone update ...") - lines = [ - "server %s" % dyn_host, - "zone %s" % host, - ] + with open(key) as f: + key = f.readline().strip().split(" ", 6)[-1] + + keyring = dns.tsigkeyring.from_text({f"{domain}.": key}) + # Python's dns.update is similar to the old nsupdate cli tool + update = dns.update.Update(zone, keyring=keyring, keyalgorithm=dns.tsig.HMAC_SHA512) + + auth_resolvers = [] + + for dns_auth in DYNDNS_DNS_AUTH: + for type_ in ["A", "AAAA"]: + + ok, result = dig(dns_auth, type_) + if ok == "ok" and len(result) and result[0]: + auth_resolvers.append(result[0]) + + if not auth_resolvers: + raise YunohostError( + f"Failed to resolve IPv4/IPv6 for {DYNDNS_DNS_AUTH} ?", raw_msg=True + ) def resolve_domain(domain, rdtype): - # FIXME make this work for IPv6-only hosts too.. - ok, result = dig(dyn_host, "A") - dyn_host_ip = result[0] if ok == "ok" and len(result) else None - if not dyn_host_ip: - raise YunohostError("Failed to resolve %s" % dyn_host, raw_msg=True) - - ok, result = dig(domain, rdtype, resolvers=[dyn_host_ip]) + ok, result = dig(domain, rdtype, resolvers=auth_resolvers) if ok == "ok": return result[0] if len(result) else None elif result[0] == "Timeout": logger.debug( - "Timed-out while trying to resolve %s record for %s using %s" - % (rdtype, domain, dyn_host) + f"Timed-out while trying to resolve {rdtype} record for {domain}" ) else: return None @@ -286,31 +268,13 @@ def dyndns_update( else: return None - raise YunohostError( - "Failed to resolve %s for %s" % (rdtype, domain), raw_msg=True - ) + raise YunohostError(f"Failed to resolve {rdtype} for {domain}", raw_msg=True) old_ipv4 = resolve_domain(domain, "A") old_ipv6 = resolve_domain(domain, "AAAA") - # Get current IPv4 and IPv6 - ipv4_ = get_public_ip() - ipv6_ = get_public_ip(6) - - if ipv4 is None: - ipv4 = ipv4_ - - if ipv6 is None: - ipv6 = ipv6_ - - logger.debug("Old IPv4/v6 are (%s, %s)" % (old_ipv4, old_ipv6)) - logger.debug("Requested IPv4/v6 are (%s, %s)" % (ipv4, ipv6)) - - if ipv4 is None and ipv6 is None: - logger.debug( - "No ipv4 nor ipv6 ?! Sounds like the server is not connected to the internet, or the ip.yunohost.org infrastructure is down somehow" - ) - return + logger.debug(f"Old IPv4/v6 are ({old_ipv4}, {old_ipv6})") + logger.debug(f"Requested IPv4/v6 are ({ipv4}, {ipv6})") # no need to update if (not force and not dry_run) and (old_ipv4 == ipv4 and old_ipv6 == ipv6): @@ -335,9 +299,10 @@ def dyndns_update( # [{"name": "...", "ttl": "...", "type": "...", "value": "..."}] for records in dns_conf.values(): for record in records: - action = "update delete {name}.{domain}.".format(domain=domain, **record) - action = action.replace(" @.", " ") - lines.append(action) + name = ( + f"{record['name']}.{domain}." if record["name"] != "@" else f"{domain}." + ) + update.delete(name) # Add the new records for all domain/subdomains @@ -349,50 +314,34 @@ def dyndns_update( if record["value"] == "@": record["value"] = domain record["value"] = record["value"].replace(";", r"\;") - - action = "update add {name}.{domain}. {ttl} {type} {value}".format( - domain=domain, **record + name = ( + f"{record['name']}.{domain}." if record["name"] != "@" else f"{domain}." ) - action = action.replace(" @.", " ") - lines.append(action) - lines += ["show", "send"] - - # Write the actions to do to update to a file, to be able to pass it - # to nsupdate as argument - write_to_file(DYNDNS_ZONE, "\n".join(lines)) + update.add(name, record["ttl"], record["type"], record["value"]) logger.debug("Now pushing new conf to DynDNS host...") + logger.debug(update) if not dry_run: try: - command = ["/usr/bin/nsupdate", "-k", key, DYNDNS_ZONE] - subprocess.check_call(command) - except subprocess.CalledProcessError: + r = dns.query.tcp(update, auth_resolvers[0]) + except Exception as e: + logger.error(e) + raise YunohostError("dyndns_ip_update_failed") + + if "rcode NOERROR" not in str(r): + logger.error(str(r)) raise YunohostError("dyndns_ip_update_failed") logger.success(m18n.n("dyndns_ip_updated")) else: - print(read_file(DYNDNS_ZONE)) - print("") print( "Warning: dry run, this is only the generated config, it won't be applied" ) -def dyndns_installcron(): - logger.warning( - "This command is deprecated. The dyndns cron job should automatically be added/removed by the regenconf depending if there's a private key in /etc/yunohost/dyndns. You can run the regenconf yourself with 'yunohost tools regen-conf yunohost'." - ) - - -def dyndns_removecron(): - logger.warning( - "This command is deprecated. The dyndns cron job should automatically be added/removed by the regenconf depending if there's a private key in /etc/yunohost/dyndns. You can run the regenconf yourself with 'yunohost tools regen-conf yunohost'." - ) - - -def _guess_current_dyndns_domain(dyn_host): +def _guess_current_dyndns_domain(): """ This function tries to guess which domain should be updated by "dyndns_update()" because there's not proper management of the current @@ -401,21 +350,21 @@ def _guess_current_dyndns_domain(dyn_host): dynette...) """ + DYNDNS_KEY_REGEX = re.compile(r".*/K(?P[^\s\+]+)\.\+165.+\.key$") + # Retrieve the first registered domain - paths = list(glob.iglob("/etc/yunohost/dyndns/K*.private")) + paths = list(glob.iglob("/etc/yunohost/dyndns/K*.key")) for path in paths: - match = RE_DYNDNS_PRIVATE_KEY_MD5.match(path) + match = DYNDNS_KEY_REGEX.match(path) if not match: - match = RE_DYNDNS_PRIVATE_KEY_SHA512.match(path) - if not match: - continue + continue _domain = match.group("domain") # Verify if domain is registered (i.e., if it's available, skip # current domain beause that's not the one we want to update..) # If there's only 1 such key found, then avoid doing the request # for nothing (that's very probably the one we want to find ...) - if len(paths) > 1 and _dyndns_available(dyn_host, _domain): + if len(paths) > 1 and _dyndns_available(_domain): continue else: return (_domain, path) diff --git a/src/yunohost/firewall.py b/src/firewall.py similarity index 100% rename from src/yunohost/firewall.py rename to src/firewall.py diff --git a/src/yunohost/hook.py b/src/hook.py similarity index 96% rename from src/yunohost/hook.py rename to src/hook.py index 20757bf3c..70d3b281b 100644 --- a/src/yunohost/hook.py +++ b/src/hook.py @@ -95,7 +95,7 @@ def hook_info(action, name): priorities = set() # Search in custom folder first - for h in iglob("{:s}{:s}/*-{:s}".format(CUSTOM_HOOK_FOLDER, action, name)): + for h in iglob(f"{CUSTOM_HOOK_FOLDER}{action}/*-{name}"): priority, _ = _extract_filename_parts(os.path.basename(h)) priorities.add(priority) hooks.append( @@ -105,7 +105,7 @@ def hook_info(action, name): } ) # Append non-overwritten system hooks - for h in iglob("{:s}{:s}/*-{:s}".format(HOOK_FOLDER, action, name)): + for h in iglob(f"{HOOK_FOLDER}{action}/*-{name}"): priority, _ = _extract_filename_parts(os.path.basename(h)) if priority not in priorities: hooks.append( @@ -156,7 +156,7 @@ def hook_list(action, list_by="name", show_info=False): try: d[priority].add(name) except KeyError: - d[priority] = set([name]) + d[priority] = {name} elif list_by == "name" or list_by == "folder": if show_info: @@ -197,7 +197,7 @@ def hook_list(action, list_by="name", show_info=False): or (f.startswith("__") and f.endswith("__")) ): continue - path = "%s%s/%s" % (folder, action, f) + path = f"{folder}{action}/{f}" priority, name = _extract_filename_parts(f) _append_hook(d, priority, name, path) @@ -359,6 +359,7 @@ def hook_exec( r"Created symlink /etc/systemd", r"dpkg: warning: while removing .* not empty so not removed", r"apt-key output should not be parsed", + r"update-rc.d: ", ] return all(not re.search(w, msg) for w in irrelevant_warnings) @@ -406,7 +407,7 @@ def _hook_exec_bash(path, args, chdir, env, user, return_format, loggers): if not chdir: # use the script directory as current one chdir, cmd_script = os.path.split(path) - cmd_script = "./{0}".format(cmd_script) + cmd_script = f"./{cmd_script}" else: cmd_script = path @@ -430,14 +431,19 @@ def _hook_exec_bash(path, args, chdir, env, user, return_format, loggers): # use xtrace on fd 7 which is redirected to stdout env["BASH_XTRACEFD"] = "7" - cmd = '/bin/bash -x "{script}" {args} 7>&1' - command.append(cmd.format(script=cmd_script, args=cmd_args)) + command.append(f'/bin/bash -x "{cmd_script}" {cmd_args} 7>&1') logger.debug("Executing command '%s'" % command) _env = os.environ.copy() _env.update(env) + # Remove the 'HOME' var which is causing some inconsistencies between + # cli and webapi (HOME ain't defined in yunohost-api because ran from systemd) + # Apps that need the HOME var should define it in the app scripts + if "HOME" in _env: + del _env["HOME"] + returncode = call_async_output(command, loggers, shell=False, cwd=chdir, env=_env) raw_content = None diff --git a/src/yunohost/log.py b/src/log.py similarity index 91% rename from src/yunohost/log.py rename to src/log.py index d73a62cd0..9f9e0b753 100644 --- a/src/yunohost/log.py +++ b/src/log.py @@ -42,12 +42,36 @@ from yunohost.utils.packages import get_ynh_package_version from moulinette.utils.log import getActionLogger from moulinette.utils.filesystem import read_file, read_yaml +logger = getActionLogger("yunohost.log") + CATEGORIES_PATH = "/var/log/yunohost/categories/" OPERATIONS_PATH = "/var/log/yunohost/categories/operation/" METADATA_FILE_EXT = ".yml" LOG_FILE_EXT = ".log" -logger = getActionLogger("yunohost.log") +BORING_LOG_LINES = [ + r"set [+-]x$", + r"set [+-]o xtrace$", + r"set [+-]o errexit$", + r"set [+-]o nounset$", + r"trap '' EXIT", + r"local \w+$", + r"local exit_code=(1|0)$", + r"local legacy_args=.*$", + r"local -A args_array$", + r"args_array=.*$", + r"ret_code=1", + r".*Helper used in legacy mode.*", + r"ynh_handle_getopts_args", + r"ynh_script_progression", + r"sleep 0.5", + r"'\[' (1|0) -eq (1|0) '\]'$", + r"\[?\['? -n '' '?\]\]?$", + r"rm -rf /var/cache/yunohost/download/$", + r"type -t ynh_clean_setup$", + r"DEBUG - \+ echo '", + r"DEBUG - \+ exit (1|0)$", +] def log_list(limit=None, with_details=False, with_suboperations=False): @@ -163,30 +187,7 @@ def log_show( if filter_irrelevant: def _filter(lines): - filters = [ - r"set [+-]x$", - r"set [+-]o xtrace$", - r"set [+-]o errexit$", - r"set [+-]o nounset$", - r"trap '' EXIT", - r"local \w+$", - r"local exit_code=(1|0)$", - r"local legacy_args=.*$", - r"local -A args_array$", - r"args_array=.*$", - r"ret_code=1", - r".*Helper used in legacy mode.*", - r"ynh_handle_getopts_args", - r"ynh_script_progression", - r"sleep 0.5", - r"'\[' (1|0) -eq (1|0) '\]'$", - r"\[?\['? -n '' '?\]\]?$", - r"rm -rf /var/cache/yunohost/download/$", - r"type -t ynh_clean_setup$", - r"DEBUG - \+ echo '", - r"DEBUG - \+ exit (1|0)$", - ] - filters = [re.compile(f) for f in filters] + filters = [re.compile(f) for f in BORING_LOG_LINES] return [ line for line in lines @@ -468,7 +469,7 @@ class RedactingFormatter(Formatter): ) -class OperationLogger(object): +class OperationLogger: """ Instances of this class represents unit operation done on the ynh instance. @@ -543,7 +544,7 @@ class OperationLogger(object): # We use proc.open_files() to list files opened / actively used by this proc # We only keep files matching a recent yunohost operation log active_logs = sorted( - [f.path for f in proc.open_files() if f.path in recent_operation_logs], + (f.path for f in proc.open_files() if f.path in recent_operation_logs), key=os.path.getctime, reverse=True, ) @@ -658,6 +659,11 @@ class OperationLogger(object): data["error"] = self._error # TODO: detect if 'extra' erase some key of 'data' data.update(self.extra) + # Remove the 'args' arg from args (yodawg). It corresponds to url-encoded args for app install, config panel set, etc + # Because the data are url encoded, it's hell to properly redact secrets inside it, + # and the useful info is usually already available in `env` too + if "args" in data and isinstance(data["args"], dict) and "args" in data["args"]: + data["args"].pop("args") return data def success(self): @@ -738,40 +744,35 @@ class OperationLogger(object): with open(self.log_path, "r") as f: lines = f.readlines() - filters = [ - r"set [+-]x$", - r"set [+-]o xtrace$", - r"local \w+$", - r"local legacy_args=.*$", - r".*Helper used in legacy mode.*", - r"args_array=.*$", - r"local -A args_array$", - r"ynh_handle_getopts_args", - r"ynh_script_progression", + # A line typically looks like + # 2019-10-19 16:10:27,611: DEBUG - + mysql -u piwigo --password=********** -B piwigo + # And we just want the part starting by "DEBUG - " + lines = [line for line in lines if ":" in line.strip()] + lines = [line.strip().split(": ", 1)[1] for line in lines] + # And we ignore boring/irrelevant lines + # Annnnnnd we also ignore lines matching [number] + such as + # 72971 DEBUG 29739 + ynh_exit_properly + # which are lines from backup-before-upgrade or restore-after-failed-upgrade ... + filters = [re.compile(f_) for f_ in BORING_LOG_LINES] + filters.append(re.compile(r"\d+ \+ ")) + lines = [ + line + for line in lines + if not any(filter_.search(line) for filter_ in filters) ] - filters = [re.compile(f_) for f_ in filters] - lines_to_display = [] - for line in lines: - if ": " not in line.strip(): - continue - - # A line typically looks like - # 2019-10-19 16:10:27,611: DEBUG - + mysql -u piwigo --password=********** -B piwigo - # And we just want the part starting by "DEBUG - " - line = line.strip().split(": ", 1)[1] - - if any(filter_.search(line) for filter_ in filters): - continue - - lines_to_display.append(line) - - if line.endswith("+ ynh_exit_properly") or " + ynh_die " in line: + # Get the 20 lines before the last 'ynh_exit_properly' + rev_lines = list(reversed(lines)) + for i, line in enumerate(rev_lines): + if line.endswith("+ ynh_exit_properly"): + lines_to_display = reversed(rev_lines[i : i + 20]) break - elif len(lines_to_display) > 20: - lines_to_display.pop(0) + + # If didnt find anything, just get the last 20 lines + if not lines_to_display: + lines_to_display = lines[-20:] logger.warning( "Here's an extract of the logs before the crash. It might help debugging the error:" diff --git a/src/migrations/0021_migrate_to_bullseye.py b/src/migrations/0021_migrate_to_bullseye.py new file mode 100644 index 000000000..551a6f64b --- /dev/null +++ b/src/migrations/0021_migrate_to_bullseye.py @@ -0,0 +1,442 @@ +import glob +import os + +from moulinette import m18n +from yunohost.utils.error import YunohostError +from moulinette.utils.log import getActionLogger +from moulinette.utils.process import check_output, call_async_output +from moulinette.utils.filesystem import read_file, rm, write_to_file + +from yunohost.tools import ( + Migration, + tools_update, + tools_upgrade, + _apt_log_line_is_relevant, +) +from yunohost.app import unstable_apps +from yunohost.regenconf import manually_modified_files, _force_clear_hashes +from yunohost.utils.filesystem import free_space_in_directory +from yunohost.utils.packages import ( + get_ynh_package_version, + _list_upgradable_apt_packages, +) +from yunohost.service import _get_services, _save_services + +logger = getActionLogger("yunohost.migration") + +N_CURRENT_DEBIAN = 10 +N_CURRENT_YUNOHOST = 4 + +N_NEXT_DEBAN = 11 +N_NEXT_YUNOHOST = 11 + + +class MyMigration(Migration): + + "Upgrade the system to Debian Bullseye and Yunohost 11.x" + + mode = "manual" + + def run(self): + + self.check_assertions() + + logger.info(m18n.n("migration_0021_start")) + + # + # Add new apt .deb signing key + # + + new_apt_key = "https://forge.yunohost.org/yunohost_bullseye.asc" + check_output(f"wget -O- {new_apt_key} -q | apt-key add -qq -") + + # + # Patch sources.list + # + logger.info(m18n.n("migration_0021_patching_sources_list")) + self.patch_apt_sources_list() + + # Force add sury if it's not there yet + # This is to solve some weird issue with php-common breaking php7.3-common, + # hence breaking many php7.3-deps + # hence triggering some dependency conflict (or foobar-ynh-deps uninstall) + # Adding it there shouldnt be a big deal - Yunohost 11.x does add it + # through its regen conf anyway. + if not os.path.exists("/etc/apt/sources.list.d/extra_php_version.list"): + open("/etc/apt/sources.list.d/extra_php_version.list", "w").write( + "deb https://packages.sury.org/php/ bullseye main" + ) + os.system( + 'wget --timeout 900 --quiet "https://packages.sury.org/php/apt.gpg" --output-document=- | gpg --dearmor >"/etc/apt/trusted.gpg.d/extra_php_version.gpg"' + ) + + # + # Run apt update + # + + tools_update(target="system") + + # Tell libc6 it's okay to restart system stuff during the upgrade + os.system( + "echo 'libc6 libraries/restart-without-asking boolean true' | debconf-set-selections" + ) + + # Do not restart nginx during the upgrade of nginx-common and nginx-extras ... + # c.f. https://manpages.debian.org/bullseye/init-system-helpers/deb-systemd-invoke.1p.en.html + # and zcat /usr/share/doc/init-system-helpers/README.policy-rc.d.gz + # and the code inside /usr/bin/deb-systemd-invoke to see how it calls /usr/sbin/policy-rc.d ... + # and also invoke-rc.d ... + write_to_file( + "/usr/sbin/policy-rc.d", + '#!/bin/bash\n[[ "$1" =~ "nginx" ]] && [[ "$2" == "restart" ]] && exit 101 || exit 0', + ) + os.system("chmod +x /usr/sbin/policy-rc.d") + + # Don't send an email to root about the postgresql migration. It should be handled automatically after. + os.system( + "echo 'postgresql-common postgresql-common/obsolete-major seen true' | debconf-set-selections" + ) + + # + # Patch yunohost conflicts + # + logger.info(m18n.n("migration_0021_patch_yunohost_conflicts")) + + self.patch_yunohost_conflicts() + + # + # Specific tweaking to get rid of custom my.cnf and use debian's default one + # (my.cnf is actually a symlink to mariadb.cnf) + # + + _force_clear_hashes(["/etc/mysql/my.cnf"]) + rm("/etc/mysql/mariadb.cnf", force=True) + rm("/etc/mysql/my.cnf", force=True) + ret = self.apt_install( + "mariadb-common --reinstall -o Dpkg::Options::='--force-confmiss'" + ) + if ret != 0: + raise YunohostError("Failed to reinstall mariadb-common ?", raw_msg=True) + + # + # /usr/share/yunohost/yunohost-config/ssl/yunoCA -> /usr/share/yunohost/ssl + # + if os.path.exists("/usr/share/yunohost/yunohost-config/ssl/yunoCA"): + os.system( + "mv /usr/share/yunohost/yunohost-config/ssl/yunoCA /usr/share/yunohost/ssl" + ) + rm("/usr/share/yunohost/yunohost-config", recursive=True, force=True) + + # + # /home/yunohost.conf -> /var/cache/yunohost/regenconf + # + if os.path.exists("/home/yunohost.conf"): + os.system("mv /home/yunohost.conf /var/cache/yunohost/regenconf") + rm("/home/yunohost.conf", recursive=True, force=True) + + # Remove legacy postgresql service record added by helpers, + # will now be dynamically handled by the core in bullseye + services = _get_services() + if "postgresql" in services: + del services["postgresql"] + _save_services(services) + + # + # Main upgrade + # + logger.info(m18n.n("migration_0021_main_upgrade")) + + apps_packages = self.get_apps_equivs_packages() + self.hold(apps_packages) + tools_upgrade(target="system", allow_yunohost_upgrade=False) + + if self.debian_major_version() == N_CURRENT_DEBIAN: + raise YunohostError("migration_0021_still_on_buster_after_main_upgrade") + + # Force explicit install of php7.4-fpm and other old 'default' dependencies + # that are now only in Recommends + # + # Also, we need to install php7.4 equivalents of other php7.3 dependencies. + # For example, Nextcloud may depend on php7.3-zip, and after the php pool migration + # to autoupgrade Nextcloud to 7.4, it will need the php7.4-zip to work. + # The following list is based on an ad-hoc analysis of php deps found in the + # app ecosystem, with a known equivalent on php7.4. + # + # This is kinda a dirty hack as it doesnt properly update the *-ynh-deps virtual packages + # with the proper list of dependencies, and the dependencies install this way + # will get flagged as 'manually installed'. + # + # We'll probably want to do something during the Bullseye->Bookworm migration to re-flag + # these as 'auto' so they get autoremoved if not needed anymore. + # Also hopefully by then we'll have manifestv2 (maybe) and will be able to use + # the apt resource mecanism to regenerate the *-ynh-deps virtual packages ;) + + php73packages_suffixes = [ + "apcu", + "bcmath", + "bz2", + "dom", + "gmp", + "igbinary", + "imagick", + "imap", + "mbstring", + "memcached", + "mysqli", + "mysqlnd", + "pgsql", + "redis", + "simplexml", + "soap", + "sqlite3", + "ssh2", + "tidy", + "xml", + "xmlrpc", + "xsl", + "zip", + ] + + cmd = ( + "apt show '*-ynh-deps' 2>/dev/null" + " | grep Depends" + f" | grep -o -E \"php7.3-({'|'.join(php73packages_suffixes)})\"" + " | sort | uniq" + " | sed 's/php7.3/php7.4/g'" + " || true" + ) + + basephp74packages_to_install = [ + "php7.4-fpm", + "php7.4-common", + "php7.4-ldap", + "php7.4-intl", + "php7.4-mysql", + "php7.4-gd", + "php7.4-curl", + "php-php-gettext", + ] + + php74packages_to_install = basephp74packages_to_install + [ + f.strip() for f in check_output(cmd).split("\n") if f.strip() + ] + + ret = self.apt_install( + f"{' '.join(php74packages_to_install)} " + "$(dpkg --list | grep ynh-deps | awk '{print $2}') " + "-o Dpkg::Options::='--force-confmiss'" + ) + if ret != 0: + raise YunohostError( + "Failed to force the install of php dependencies ?", raw_msg=True + ) + + # Clean the mess + logger.info(m18n.n("migration_0021_cleaning_up")) + os.system("apt autoremove --assume-yes") + os.system("apt clean --assume-yes") + + # + # Yunohost upgrade + # + logger.info(m18n.n("migration_0021_yunohost_upgrade")) + + self.unhold(apps_packages) + + cmd = "LC_ALL=C" + cmd += " DEBIAN_FRONTEND=noninteractive" + cmd += " APT_LISTCHANGES_FRONTEND=none" + cmd += " apt dist-upgrade " + cmd += " --quiet -o=Dpkg::Use-Pty=0 --fix-broken --dry-run" + cmd += " | grep -q 'ynh-deps'" + + logger.info("Simulating upgrade...") + if os.system(cmd) == 0: + raise YunohostError( + "The upgrade cannot be completed, because some app dependencies would need to be removed?", + raw_msg=True, + ) + + postupgradecmds = f"apt-mark auto {' '.join(basephp74packages_to_install)}\n" + postupgradecmds += "rm -f /usr/sbin/policy-rc.d\n" + postupgradecmds += "echo 'Restarting nginx...' >&2\n" + postupgradecmds += "systemctl restart nginx\n" + + tools_upgrade(target="system", postupgradecmds=postupgradecmds) + + def debian_major_version(self): + # The python module "platform" and lsb_release are not reliable because + # on some setup, they may still return Release=9 even after upgrading to + # buster ... (Apparently this is related to OVH overriding some stuff + # with /etc/lsb-release for instance -_-) + # Instead, we rely on /etc/os-release which should be the raw info from + # the distribution... + return int( + check_output( + "grep VERSION_ID /etc/os-release | head -n 1 | tr '\"' ' ' | cut -d ' ' -f2" + ) + ) + + def yunohost_major_version(self): + return int(get_ynh_package_version("yunohost")["version"].split(".")[0]) + + def check_assertions(self): + + # Be on buster (10.x) and yunohost 4.x + # NB : we do both check to cover situations where the upgrade crashed + # in the middle and debian version could be > 9.x but yunohost package + # would still be in 3.x... + if ( + not self.debian_major_version() == N_CURRENT_DEBIAN + and not self.yunohost_major_version() == N_CURRENT_YUNOHOST + ): + raise YunohostError("migration_0021_not_buster") + + # Have > 1 Go free space on /var/ ? + if free_space_in_directory("/var/") / (1024**3) < 1.0: + raise YunohostError("migration_0021_not_enough_free_space") + + # Check system is up to date + # (but we don't if 'bullseye' is already in the sources.list ... + # which means maybe a previous upgrade crashed and we're re-running it) + if " bullseye " not in read_file("/etc/apt/sources.list"): + tools_update(target="system") + upgradable_system_packages = list(_list_upgradable_apt_packages()) + if upgradable_system_packages: + raise YunohostError("migration_0021_system_not_fully_up_to_date") + + @property + def disclaimer(self): + + # Avoid having a super long disclaimer + uncessary check if we ain't + # on buster / yunohost 4.x anymore + # NB : we do both check to cover situations where the upgrade crashed + # in the middle and debian version could be >= 10.x but yunohost package + # would still be in 4.x... + if ( + not self.debian_major_version() == N_CURRENT_DEBIAN + and not self.yunohost_major_version() == N_CURRENT_YUNOHOST + ): + return None + + # Get list of problematic apps ? I.e. not official or community+working + problematic_apps = unstable_apps() + problematic_apps = "".join(["\n - " + app for app in problematic_apps]) + + # Manually modified files ? (c.f. yunohost service regen-conf) + modified_files = manually_modified_files() + modified_files = "".join(["\n - " + f for f in modified_files]) + + message = m18n.n("migration_0021_general_warning") + + # FIXME: update this message with updated topic link once we release the migration as stable + message = ( + "N.B.: **THIS MIGRATION IS STILL IN BETA-STAGE** ! If your server hosts critical services and if you are not too confident with debugging possible issues, we recommend you to wait a little bit more while we gather more feedback and polish things up. If on the other hand you are relatively confident with debugging small issues that may arise, you are encouraged to run this migration ;)! You can read and share feedbacks on this forum thread: https://forum.yunohost.org/t/18531\n\n" + + message + ) + # message = ( + # "N.B.: This migration has been tested by the community over the last few months but has only been declared stable recently. If your server hosts critical services and if you are not too confident with debugging possible issues, we recommend you to wait a little bit more while we gather more feedback and polish things up. If on the other hand you are relatively confident with debugging small issues that may arise, you are encouraged to run this migration ;)! You can read about remaining known issues and feedback from the community here: https://forum.yunohost.org/t/12195\n\n" + # + message + # ) + + if problematic_apps: + message += "\n\n" + m18n.n( + "migration_0021_problematic_apps_warning", + problematic_apps=problematic_apps, + ) + + if modified_files: + message += "\n\n" + m18n.n( + "migration_0021_modified_files", manually_modified_files=modified_files + ) + + return message + + def patch_apt_sources_list(self): + + sources_list = glob.glob("/etc/apt/sources.list.d/*.list") + sources_list.append("/etc/apt/sources.list") + + # This : + # - replace single 'buster' occurence by 'bulleye' + # - comments lines containing "backports" + # - replace 'buster/updates' by 'bullseye/updates' (or same with -) + # Special note about the security suite: + # https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#security-archive + for f in sources_list: + command = ( + f"sed -i {f} " + "-e 's@ buster @ bullseye @g' " + "-e '/backports/ s@^#*@#@' " + "-e 's@ buster/updates @ bullseye-security @g' " + "-e 's@ buster-@ bullseye-@g' " + ) + os.system(command) + + def get_apps_equivs_packages(self): + + command = ( + "dpkg --get-selections" + " | grep -v deinstall" + " | awk '{print $1}'" + " | { grep 'ynh-deps$' || true; }" + ) + + output = check_output(command) + + return output.split("\n") if output else [] + + def hold(self, packages): + for package in packages: + os.system(f"apt-mark hold {package}") + + def unhold(self, packages): + for package in packages: + os.system(f"apt-mark unhold {package}") + + def apt_install(self, cmd): + def is_relevant(line): + return "Reading database ..." not in line.rstrip() + + callbacks = ( + lambda l: logger.info("+ " + l.rstrip() + "\r") + if _apt_log_line_is_relevant(l) + else logger.debug(l.rstrip() + "\r"), + lambda l: logger.warning(l.rstrip()) + if _apt_log_line_is_relevant(l) + else logger.debug(l.rstrip()), + ) + + cmd = ( + "LC_ALL=C DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none apt install --quiet -o=Dpkg::Use-Pty=0 --fix-broken --assume-yes " + + cmd + ) + + logger.debug("Running: %s" % cmd) + + return call_async_output(cmd, callbacks, shell=True) + + def patch_yunohost_conflicts(self): + # + # This is a super dirty hack to remove the conflicts from yunohost's debian/control file + # Those conflicts are there to prevent mistakenly upgrading critical packages + # such as dovecot, postfix, nginx, openssl, etc... usually related to mistakenly + # using backports etc. + # + # The hack consists in savagely removing the conflicts directly in /var/lib/dpkg/status + # + + # We only patch the conflict if we're on yunohost 4.x + if self.yunohost_major_version() != N_CURRENT_YUNOHOST: + return + + conflicts = check_output("dpkg-query -s yunohost | grep '^Conflicts:'").strip() + if conflicts: + # We want to keep conflicting with apache/bind9 tho + new_conflicts = "Conflicts: apache2, bind9" + + command = ( + f"sed -i /var/lib/dpkg/status -e 's@{conflicts}@{new_conflicts}@g'" + ) + logger.debug(f"Running: {command}") + os.system(command) diff --git a/src/yunohost/data_migrations/0016_php70_to_php73_pools.py b/src/migrations/0022_php73_to_php74_pools.py similarity index 50% rename from src/yunohost/data_migrations/0016_php70_to_php73_pools.py rename to src/migrations/0022_php73_to_php74_pools.py index fed96c9c8..a2e5eae54 100644 --- a/src/yunohost/data_migrations/0016_php70_to_php73_pools.py +++ b/src/migrations/0022_php73_to_php74_pools.py @@ -11,74 +11,86 @@ from yunohost.service import _run_service_command logger = getActionLogger("yunohost.migration") -PHP70_POOLS = "/etc/php/7.0/fpm/pool.d" -PHP73_POOLS = "/etc/php/7.3/fpm/pool.d" +OLDPHP_POOLS = "/etc/php/7.3/fpm/pool.d" +NEWPHP_POOLS = "/etc/php/7.4/fpm/pool.d" -PHP70_SOCKETS_PREFIX = "/run/php/php7.0-fpm" -PHP73_SOCKETS_PREFIX = "/run/php/php7.3-fpm" +OLDPHP_SOCKETS_PREFIX = "/run/php/php7.3-fpm" +NEWPHP_SOCKETS_PREFIX = "/run/php/php7.4-fpm" + +# Because of synapse é_è +OLDPHP_SOCKETS_PREFIX2 = "/run/php7.3-fpm" +NEWPHP_SOCKETS_PREFIX2 = "/run/php7.4-fpm" MIGRATION_COMMENT = ( - "; YunoHost note : this file was automatically moved from {}".format(PHP70_POOLS) + "; YunoHost note : this file was automatically moved from {}".format(OLDPHP_POOLS) ) class MyMigration(Migration): - "Migrate php7.0-fpm 'pool' conf files to php7.3" + "Migrate php7.3-fpm 'pool' conf files to php7.4" - dependencies = ["migrate_to_buster"] + dependencies = ["migrate_to_bullseye"] def run(self): - # Get list of php7.0 pool files - php70_pool_files = glob.glob("{}/*.conf".format(PHP70_POOLS)) + # Get list of php7.3 pool files + oldphp_pool_files = glob.glob("{}/*.conf".format(OLDPHP_POOLS)) # Keep only basenames - php70_pool_files = [os.path.basename(f) for f in php70_pool_files] + oldphp_pool_files = [os.path.basename(f) for f in oldphp_pool_files] # Ignore the "www.conf" (default stuff, probably don't want to touch it ?) - php70_pool_files = [f for f in php70_pool_files if f != "www.conf"] + oldphp_pool_files = [f for f in oldphp_pool_files if f != "www.conf"] - for f in php70_pool_files: + for pf in oldphp_pool_files: # Copy the files to the php7.3 pool - src = "{}/{}".format(PHP70_POOLS, f) - dest = "{}/{}".format(PHP73_POOLS, f) + src = "{}/{}".format(OLDPHP_POOLS, pf) + dest = "{}/{}".format(NEWPHP_POOLS, pf) copy2(src, dest) # Replace the socket prefix if it's found c = "sed -i -e 's@{}@{}@g' {}".format( - PHP70_SOCKETS_PREFIX, PHP73_SOCKETS_PREFIX, dest + OLDPHP_SOCKETS_PREFIX, NEWPHP_SOCKETS_PREFIX, dest + ) + os.system(c) + c = "sed -i -e 's@{}@{}@g' {}".format( + OLDPHP_SOCKETS_PREFIX2, NEWPHP_SOCKETS_PREFIX2, dest ) os.system(c) - # Also add a comment that it was automatically moved from php7.0 + # Also add a comment that it was automatically moved from php7.3 # (for human traceability and backward migration) c = "sed -i '1i {}' {}".format(MIGRATION_COMMENT, dest) os.system(c) - app_id = os.path.basename(f)[: -len(".conf")] + app_id = os.path.basename(pf)[: -len(".conf")] if _is_installed(app_id): _patch_legacy_php_versions_in_settings( "/etc/yunohost/apps/%s/" % app_id ) nginx_conf_files = glob.glob("/etc/nginx/conf.d/*.d/%s.conf" % app_id) - for f in nginx_conf_files: + for nf in nginx_conf_files: # Replace the socket prefix if it's found c = "sed -i -e 's@{}@{}@g' {}".format( - PHP70_SOCKETS_PREFIX, PHP73_SOCKETS_PREFIX, f + OLDPHP_SOCKETS_PREFIX, NEWPHP_SOCKETS_PREFIX, nf + ) + os.system(c) + c = "sed -i -e 's@{}@{}@g' {}".format( + OLDPHP_SOCKETS_PREFIX2, NEWPHP_SOCKETS_PREFIX2, nf ) os.system(c) os.system( - "rm /etc/logrotate.d/php7.0-fpm" + "rm /etc/logrotate.d/php7.3-fpm" ) # We remove this otherwise the logrotate cron will be unhappy # Reload/restart the php pools - _run_service_command("restart", "php7.3-fpm") - _run_service_command("enable", "php7.3-fpm") - os.system("systemctl stop php7.0-fpm") - os.system("systemctl disable php7.0-fpm") + os.system("systemctl stop php7.3-fpm") + os.system("systemctl disable php7.3-fpm") + _run_service_command("restart", "php7.4-fpm") + _run_service_command("enable", "php7.4-fpm") # Reload nginx _run_service_command("reload", "nginx") diff --git a/src/yunohost/data_migrations/0017_postgresql_9p6_to_11.py b/src/migrations/0023_postgresql_11_to_13.py similarity index 67% rename from src/yunohost/data_migrations/0017_postgresql_9p6_to_11.py rename to src/migrations/0023_postgresql_11_to_13.py index 1ccf5ccc9..8f03f8c5f 100644 --- a/src/yunohost/data_migrations/0017_postgresql_9p6_to_11.py +++ b/src/migrations/0023_postgresql_11_to_13.py @@ -1,4 +1,5 @@ import subprocess +import time from moulinette import m18n from yunohost.utils.error import YunohostError, YunohostValidationError @@ -12,41 +13,43 @@ logger = getActionLogger("yunohost.migration") class MyMigration(Migration): - "Migrate DBs from Postgresql 9.6 to 11 after migrating to Buster" + "Migrate DBs from Postgresql 11 to 13 after migrating to Bullseye" - dependencies = ["migrate_to_buster"] + dependencies = ["migrate_to_bullseye"] def run(self): - if not self.package_is_installed("postgresql-9.6"): - logger.warning(m18n.n("migration_0017_postgresql_96_not_installed")) + if not self.package_is_installed("postgresql-11"): + logger.warning(m18n.n("migration_0023_postgresql_11_not_installed")) return - if not self.package_is_installed("postgresql-11"): - raise YunohostValidationError("migration_0017_postgresql_11_not_installed") + if not self.package_is_installed("postgresql-13"): + raise YunohostValidationError("migration_0023_postgresql_13_not_installed") - # Make sure there's a 9.6 cluster + # Make sure there's a 11 cluster try: - self.runcmd("pg_lsclusters | grep -q '^9.6 '") + self.runcmd("pg_lsclusters | grep -q '^11 '") except Exception: logger.warning( - "It looks like there's not active 9.6 cluster, so probably don't need to run this migration" + "It looks like there's not active 11 cluster, so probably don't need to run this migration" ) return if not space_used_by_directory( - "/var/lib/postgresql/9.6" + "/var/lib/postgresql/11" ) > free_space_in_directory("/var/lib/postgresql"): raise YunohostValidationError( - "migration_0017_not_enough_space", path="/var/lib/postgresql/" + "migration_0023_not_enough_space", path="/var/lib/postgresql/" ) self.runcmd("systemctl stop postgresql") + time.sleep(3) self.runcmd( - "LC_ALL=C pg_dropcluster --stop 11 main || true" - ) # We do not trigger an exception if the command fails because that probably means cluster 11 doesn't exists, which is fine because it's created during the pg_upgradecluster) - self.runcmd("LC_ALL=C pg_upgradecluster -m upgrade 9.6 main") - self.runcmd("LC_ALL=C pg_dropcluster --stop 9.6 main") + "LC_ALL=C pg_dropcluster --stop 13 main || true" + ) # We do not trigger an exception if the command fails because that probably means cluster 13 doesn't exists, which is fine because it's created during the pg_upgradecluster) + time.sleep(3) + self.runcmd("LC_ALL=C pg_upgradecluster -m upgrade 11 main") + self.runcmd("LC_ALL=C pg_dropcluster --stop 11 main") self.runcmd("systemctl start postgresql") def package_is_installed(self, package_name): diff --git a/src/yunohost/tests/__init__.py b/src/migrations/__init__.py similarity index 100% rename from src/yunohost/tests/__init__.py rename to src/migrations/__init__.py diff --git a/src/yunohost/permission.py b/src/permission.py similarity index 96% rename from src/yunohost/permission.py rename to src/permission.py index 1856046d6..2a6f6d954 100644 --- a/src/yunohost/permission.py +++ b/src/permission.py @@ -58,7 +58,7 @@ def user_permission_list( ldap = _get_ldap_interface() permissions_infos = ldap.search( - "ou=permission,dc=yunohost,dc=org", + "ou=permission", "(objectclass=permissionYnh)", [ "cn", @@ -133,13 +133,13 @@ def user_permission_list( main_perm_name = name.split(".")[0] + ".main" if main_perm_name not in permissions: logger.debug( - "Uhoh, unknown permission %s ? (Maybe we're in the process or deleting the perm for this app...)" - % main_perm_name + f"Uhoh, unknown permission {main_perm_name} ? (Maybe we're in the process or deleting the perm for this app...)" ) continue main_perm_label = permissions[main_perm_name]["label"] infos["sublabel"] = infos["label"] - infos["label"] = "%s (%s)" % (main_perm_label, infos["label"]) + label_ = infos["label"] + infos["label"] = f"{main_perm_label} ({label_})" if short: permissions = list(permissions.keys()) @@ -406,9 +406,7 @@ def permission_create( permission = permission + ".main" # Validate uniqueness of permission in LDAP - if ldap.get_conflict( - {"cn": permission}, base_dn="ou=permission,dc=yunohost,dc=org" - ): + if ldap.get_conflict({"cn": permission}, base_dn="ou=permission"): raise YunohostValidationError("permission_already_exist", permission=permission) # Get random GID @@ -451,7 +449,7 @@ def permission_create( operation_logger.start() try: - ldap.add("cn=%s,ou=permission" % permission, attr_dict) + ldap.add(f"cn={permission},ou=permission", attr_dict) except Exception as e: raise YunohostError( "permission_creation_failed", permission=permission, error=e @@ -584,7 +582,7 @@ def permission_url( try: ldap.update( - "cn=%s,ou=permission" % permission, + f"cn={permission},ou=permission", { "URL": [url] if url is not None else [], "additionalUrls": new_additional_urls, @@ -632,7 +630,7 @@ def permission_delete(operation_logger, permission, force=False, sync_perm=True) operation_logger.start() try: - ldap.remove("cn=%s,ou=permission" % permission) + ldap.remove(f"cn={permission},ou=permission") except Exception as e: raise YunohostError( "permission_deletion_failed", permission=permission, error=e @@ -664,13 +662,11 @@ def permission_sync_to_user(): currently_allowed_users = set(permission_infos["corresponding_users"]) # These are the users that should be allowed because they are member of a group that is allowed for this permission ... - should_be_allowed_users = set( - [ - user - for group in permission_infos["allowed"] - for user in groups[group]["members"] - ] - ) + should_be_allowed_users = { + user + for group in permission_infos["allowed"] + for user in groups[group]["members"] + } # Note that a LDAP operation with the same value that is in LDAP crash SLAP. # So we need to check before each ldap operation that we really change something in LDAP @@ -680,15 +676,14 @@ def permission_sync_to_user(): new_inherited_perms = { "inheritPermission": [ - "uid=%s,ou=users,dc=yunohost,dc=org" % u - for u in should_be_allowed_users + f"uid={u},ou=users,dc=yunohost,dc=org" for u in should_be_allowed_users ], "memberUid": should_be_allowed_users, } # Commit the change with the new inherited stuff try: - ldap.update("cn=%s,ou=permission" % permission_name, new_inherited_perms) + ldap.update(f"cn={permission_name},ou=permission", new_inherited_perms) except Exception as e: raise YunohostError( "permission_update_failed", permission=permission_name, error=e @@ -766,7 +761,7 @@ def _update_ldap_group_permission( update["showTile"] = [str(show_tile).upper()] try: - ldap.update("cn=%s,ou=permission" % permission, update) + ldap.update(f"cn={permission},ou=permission", update) except Exception as e: raise YunohostError("permission_update_failed", permission=permission, error=e) diff --git a/src/yunohost/regenconf.py b/src/regenconf.py similarity index 93% rename from src/yunohost/regenconf.py rename to src/regenconf.py index 1beef8a44..5922e6832 100644 --- a/src/yunohost/regenconf.py +++ b/src/regenconf.py @@ -35,7 +35,7 @@ from yunohost.utils.error import YunohostError from yunohost.log import is_unit_operation from yunohost.hook import hook_callback, hook_list -BASE_CONF_PATH = "/home/yunohost.conf" +BASE_CONF_PATH = "/var/cache/yunohost/regenconf" BACKUP_CONF_DIR = os.path.join(BASE_CONF_PATH, "backup") PENDING_CONF_DIR = os.path.join(BASE_CONF_PATH, "pending") REGEN_CONF_FILE = "/etc/yunohost/regenconf.yml" @@ -48,7 +48,7 @@ logger = log.getActionLogger("yunohost.regenconf") @is_unit_operation([("names", "configuration")]) def regen_conf( operation_logger, - names=[], + names=None, with_diff=False, force=False, dry_run=False, @@ -66,6 +66,9 @@ def regen_conf( """ + if names is None: + names = [] + result = {} # Return the list of pending conf @@ -125,19 +128,6 @@ def regen_conf( if not names: names = hook_list("conf_regen", list_by="name", show_info=False)["hooks"] - # Dirty hack for legacy code : avoid attempting to regen the conf for - # glances because it got removed ... This is only needed *once* - # during the upgrade from 3.7 to 3.8 because Yunohost will attempt to - # regen glance's conf *before* it gets automatically removed from - # services.yml (which will happens only during the regen-conf of - # 'yunohost', so at the very end of the regen-conf cycle) Anyway, - # this can be safely removed once we're in >= 4.0 - if "glances" in names: - names.remove("glances") - - if "avahi-daemon" in names: - names.remove("avahi-daemon") - # [Optimization] We compute and feed the domain list to the conf regen # hooks to avoid having to call "yunohost domain list" so many times which # ends up in wasted time (about 3~5 seconds per call on a RPi2) @@ -454,20 +444,12 @@ def _save_regenconf_infos(infos): categories -- A dict containing the regenconf infos """ - # Ugly hack to get rid of legacy glances stuff - if "glances" in infos: - del infos["glances"] - - # Ugly hack to get rid of legacy avahi stuff - if "avahi-daemon" in infos: - del infos["avahi-daemon"] - try: with open(REGEN_CONF_FILE, "w") as f: yaml.safe_dump(infos, f, default_flow_style=False) except Exception as e: logger.warning( - "Error while saving regenconf infos, exception: %s", e, exc_info=1 + f"Error while saving regenconf infos, exception: {e}", exc_info=1 ) raise @@ -523,9 +505,7 @@ def _calculate_hash(path): return hasher.hexdigest() except IOError as e: - logger.warning( - "Error while calculating file '%s' hash: %s", path, e, exc_info=1 - ) + logger.warning(f"Error while calculating file '{path}' hash: {e}", exc_info=1) return None @@ -577,11 +557,11 @@ def _get_conf_hashes(category): categories = _get_regenconf_infos() if category not in categories: - logger.debug("category %s is not in categories.yml yet.", category) + logger.debug(f"category {category} is not in categories.yml yet.") return {} elif categories[category] is None or "conffiles" not in categories[category]: - logger.debug("No configuration files for category %s.", category) + logger.debug(f"No configuration files for category {category}.") return {} else: @@ -590,7 +570,7 @@ def _get_conf_hashes(category): def _update_conf_hashes(category, hashes): """Update the registered conf hashes for a category""" - logger.debug("updating conf hashes for '%s' with: %s", category, hashes) + logger.debug(f"updating conf hashes for '{category}' with: {hashes}") categories = _get_regenconf_infos() category_conf = categories.get(category, {}) @@ -621,8 +601,7 @@ def _force_clear_hashes(paths): for category in categories.keys(): if path in categories[category]["conffiles"]: logger.debug( - "force-clearing old conf hash for %s in category %s" - % (path, category) + f"force-clearing old conf hash for {path} in category {category}" ) del categories[category]["conffiles"][path] @@ -638,12 +617,9 @@ def _process_regen_conf(system_conf, new_conf=None, save=True): """ if save: - backup_path = os.path.join( - BACKUP_CONF_DIR, - "{0}-{1}".format( - system_conf.lstrip("/"), datetime.utcnow().strftime("%Y%m%d.%H%M%S") - ), - ) + system_conf_ = system_conf.lstrip("/") + now_ = datetime.utcnow().strftime("%Y%m%d.%H%M%S") + backup_path = os.path.join(BACKUP_CONF_DIR, f"{system_conf_}-{now_}") backup_dir = os.path.dirname(backup_path) if not os.path.isdir(backup_dir): @@ -668,9 +644,7 @@ def _process_regen_conf(system_conf, new_conf=None, save=True): logger.debug(m18n.n("regenconf_file_updated", conf=system_conf)) except Exception as e: logger.warning( - "Exception while trying to regenerate conf '%s': %s", - system_conf, - e, + f"Exception while trying to regenerate conf '{system_conf}': {e}", exc_info=1, ) if not new_conf and os.path.exists(system_conf): diff --git a/src/yunohost/service.py b/src/service.py similarity index 88% rename from src/yunohost/service.py rename to src/service.py index f200d08c0..506d3223e 100644 --- a/src/yunohost/service.py +++ b/src/service.py @@ -48,7 +48,7 @@ from moulinette.utils.filesystem import ( MOULINETTE_LOCK = "/var/run/moulinette_yunohost.lock" SERVICES_CONF = "/etc/yunohost/services.yml" -SERVICES_CONF_BASE = "/usr/share/yunohost/templates/yunohost/services.yml" +SERVICES_CONF_BASE = "/usr/share/yunohost/conf/yunohost/services.yml" logger = getActionLogger("yunohost.service") @@ -57,12 +57,10 @@ def service_add( name, description=None, log=None, - log_type=None, test_status=None, test_conf=None, needs_exposed_ports=None, need_lock=False, - status=None, ): """ Add a custom service @@ -71,12 +69,10 @@ def service_add( name -- Service name to add description -- description of the service log -- Absolute path to log file to display - log_type -- (deprecated) Specify if the corresponding log is a file or a systemd log test_status -- Specify a custom bash command to check the status of the service. N.B. : it only makes sense to specify this if the corresponding systemd service does not return the proper information. test_conf -- Specify a custom bash command to check if the configuration of the service is valid or broken, similar to nginx -t. needs_exposed_ports -- A list of ports that needs to be publicly exposed for the service to work as intended. need_lock -- Use this option to prevent deadlocks if the service does invoke yunohost commands. - status -- Deprecated, doesn't do anything anymore. Use test_status instead. """ services = _get_services() @@ -86,15 +82,6 @@ def service_add( if not isinstance(log, list): log = [log] - # Deprecated log_type stuff - if log_type is not None: - logger.warning( - "/!\\ Packagers! --log_type is deprecated. You do not need to specify --log_type systemd anymore ... Yunohost now automatically fetch the journalctl of the systemd service by default." - ) - # Usually when adding such a service, the service name will be provided so we remove it as it's not a log file path - if name in log: - log.remove(name) - service["log"] = log if not description: @@ -123,7 +110,7 @@ def service_add( # Try to get the description from systemd service _, systemd_info = _get_service_information_from_systemd(name) type_ = systemd_info.get("Type") if systemd_info is not None else "" - if type_ == "oneshot" and name != "postgresql": + if type_ == "oneshot": logger.warning( "/!\\ Packagers! Please provide a --test_status when adding oneshot-type services in Yunohost, such that it has a reliable way to check if the service is running or not." ) @@ -420,8 +407,7 @@ def _get_and_format_service_status(service, infos): if raw_status is None: logger.error( - "Failed to get status information via dbus for service %s, systemctl didn't recognize this service ('NoSuchUnit')." - % systemd_service + f"Failed to get status information via dbus for service {systemd_service}, systemctl didn't recognize this service ('NoSuchUnit')." ) return { "status": "unknown", @@ -437,7 +423,7 @@ def _get_and_format_service_status(service, infos): # If no description was there, try to get it from the .json locales if not description: - translation_key = "service_description_%s" % service + translation_key = f"service_description_{service}" if m18n.key_exists(translation_key): description = m18n.n(translation_key) else: @@ -458,7 +444,7 @@ def _get_and_format_service_status(service, infos): "enabled" if glob("/etc/rc[S5].d/S??" + service) else "disabled" ) elif os.path.exists( - "/etc/systemd/system/multi-user.target.wants/%s.service" % service + f"/etc/systemd/system/multi-user.target.wants/{service}.service" ): output["start_on_boot"] = "enabled" @@ -574,29 +560,6 @@ def service_log(name, number=50): return result -def service_regen_conf( - names=[], with_diff=False, force=False, dry_run=False, list_pending=False -): - - services = _get_services() - - if isinstance(names, str): - names = [names] - - for name in names: - if name not in services.keys(): - raise YunohostValidationError("service_unknown", service=name) - - if names is []: - names = list(services.keys()) - - logger.warning(m18n.n("service_regen_conf_is_deprecated")) - - from yunohost.regenconf import regen_conf - - return regen_conf(names, with_diff, force, dry_run, list_pending) - - def _run_service_command(action, service): """ Run services management command (start, stop, enable, disable, restart, reload) @@ -621,11 +584,10 @@ def _run_service_command(action, service): ] if action not in possible_actions: raise ValueError( - "Unknown action '%s', available actions are: %s" - % (action, ", ".join(possible_actions)) + f"Unknown action '{action}', available actions are: {', '.join(possible_actions)}" ) - cmd = "systemctl %s %s" % (action, service) + cmd = f"systemctl {action} {service}" need_lock = services[service].get("need_lock", False) and action in [ "start", @@ -640,7 +602,7 @@ def _run_service_command(action, service): try: # Launch the command - logger.debug("Running '%s'" % cmd) + logger.debug(f"Running '{cmd}'") p = subprocess.Popen(cmd.split(), stderr=subprocess.STDOUT) # If this command needs a lock (because the service uses yunohost # commands inside), find the PID and add a lock for it @@ -673,7 +635,7 @@ def _give_lock(action, service, p): else: systemctl_PID_name = "ControlPID" - cmd_get_son_PID = "systemctl show %s -p %s" % (service, systemctl_PID_name) + cmd_get_son_PID = f"systemctl show {service} -p {systemctl_PID_name}" son_PID = 0 # As long as we did not found the PID and that the command is still running while son_PID == 0 and p.poll() is None: @@ -686,10 +648,8 @@ def _give_lock(action, service, p): # If we found a PID if son_PID != 0: # Append the PID to the lock file - logger.debug( - "Giving a lock to PID %s for service %s !" % (str(son_PID), service) - ) - append_to_file(MOULINETTE_LOCK, "\n%s" % str(son_PID)) + logger.debug(f"Giving a lock to PID {son_PID} for service {service} !") + append_to_file(MOULINETTE_LOCK, f"\n{son_PID}") return son_PID @@ -732,19 +692,29 @@ def _get_services(): # Dirty hack to check the status of ynh-vpnclient if "ynh-vpnclient" in services: - status_check = "systemctl is-active openvpn@client.service" - if "test_status" not in services["ynh-vpnclient"]: - services["ynh-vpnclient"]["test_status"] = status_check if "log" not in services["ynh-vpnclient"]: services["ynh-vpnclient"]["log"] = ["/var/log/ynh-vpnclient.log"] - # Stupid hack for postgresql which ain't an official service ... Can't - # really inject that info otherwise. Real service we want to check for - # status and log is in fact postgresql@x.y-main (x.y being the version) - if "postgresql" in services: - if "description" in services["postgresql"]: - del services["postgresql"]["description"] - services["postgresql"]["actual_systemd_service"] = "postgresql@11-main" + services_with_package_condition = [ + name + for name, infos in services.items() + if infos.get("ignore_if_package_is_not_installed") + ] + for name in services_with_package_condition: + package = services[name]["ignore_if_package_is_not_installed"] + if os.system(f"dpkg --list | grep -q 'ii *{package}'") != 0: + del services[name] + + php_fpm_versions = check_output( + r"dpkg --list | grep -P 'ii php\d.\d-fpm' | awk '{print $2}' | grep -o -P '\d.\d' || true" + ) + php_fpm_versions = [v for v in php_fpm_versions.split("\n") if v.strip()] + for version in php_fpm_versions: + services[f"php{version}-fpm"] = { + "log": f"/var/log/php{version}-fpm.log", + "test_conf": f"php-fpm{version} --test", # ofc the service is phpx.y-fpm but the program is php-fpmx.y because why not ... + "category": "web", + } # Remove legacy /var/log/daemon.log and /var/log/syslog from log entries # because they are too general. Instead, now the journalctl log is @@ -774,14 +744,22 @@ def _save_services(services): diff = {} for service_name, service_infos in services.items(): - service_conf_base = conf_base.get(service_name, {}) + + # Ignore php-fpm services, they are to be added dynamically by the core, + # but not actually saved + if service_name.startswith("php") and service_name.endswith("-fpm"): + continue + + service_conf_base = conf_base.get(service_name, {}) or {} diff[service_name] = {} for key, value in service_infos.items(): if service_conf_base.get(key) != value: diff[service_name][key] = value - diff = {name: infos for name, infos in diff.items() if infos} + diff = { + name: infos for name, infos in diff.items() if infos or name not in conf_base + } write_to_yaml(SERVICES_CONF, diff) @@ -849,7 +827,7 @@ def _find_previous_log_file(file): i = int(i[0]) + 1 if len(i) > 0 else 1 previous_file = file if i == 1 else splitext[0] - previous_file = previous_file + ".%d" % (i) + previous_file = previous_file + f".{i}" if os.path.exists(previous_file): return previous_file @@ -865,14 +843,10 @@ def _get_journalctl_logs(service, number="all"): systemd_service = services.get(service, {}).get("actual_systemd_service", service) try: return check_output( - "journalctl --no-hostname --no-pager -u {0} -n{1}".format( - systemd_service, number - ) + f"journalctl --no-hostname --no-pager -u {systemd_service} -n{number}" ) except Exception: import traceback - return ( - "error while get services logs from journalctl:\n%s" - % traceback.format_exc() - ) + trace_ = traceback.format_exc() + return f"error while get services logs from journalctl:\n{trace_}" diff --git a/src/yunohost/settings.py b/src/settings.py similarity index 94% rename from src/yunohost/settings.py rename to src/settings.py index d59b41a58..cec416550 100644 --- a/src/yunohost/settings.py +++ b/src/settings.py @@ -81,6 +81,10 @@ DEFAULTS = OrderedDict( "security.ssh.port", {"type": "int", "default": 22}, ), + ( + "security.ssh.password_authentication", + {"type": "bool", "default": True}, + ), ( "security.nginx.redirect_to_https", { @@ -224,7 +228,7 @@ def settings_set(key, value): try: trigger_post_change_hook(key, old_value, value) except Exception as e: - logger.error("Post-change hook for setting %s failed : %s" % (key, e)) + logger.error(f"Post-change hook for setting {key} failed : {e}") raise @@ -281,7 +285,7 @@ def settings_reset_all(): def _get_setting_description(key): - return m18n.n("global_settings_setting_%s" % key.replace(".", "_")) + return m18n.n(f"global_settings_setting_{key}".replace(".", "_")) def _get_settings(): @@ -311,7 +315,7 @@ def _get_settings(): try: unknown_settings = json.load(open(unknown_settings_path, "r")) except Exception as e: - logger.warning("Error while loading unknown settings %s" % e) + logger.warning(f"Error while loading unknown settings {e}") try: with open(SETTINGS_PATH) as settings_fd: @@ -337,9 +341,7 @@ def _get_settings(): _save_settings(unknown_settings, location=unknown_settings_path) _save_settings(settings) except Exception as e: - logger.warning( - "Failed to save unknown settings (because %s), aborting." % e - ) + logger.warning(f"Failed to save unknown settings (because {e}), aborting.") return settings @@ -369,13 +371,12 @@ post_change_hooks = {} def post_change_hook(setting_name): def decorator(func): - assert setting_name in DEFAULTS.keys(), ( - "The setting %s does not exists" % setting_name - ) - assert setting_name not in post_change_hooks, ( - "You can only register one post change hook per setting (in particular for %s)" - % setting_name - ) + assert ( + setting_name in DEFAULTS.keys() + ), f"The setting {setting_name} does not exists" + assert ( + setting_name not in post_change_hooks + ), f"You can only register one post change hook per setting (in particular for {setting_name})" post_change_hooks[setting_name] = func return func @@ -384,7 +385,7 @@ def post_change_hook(setting_name): def trigger_post_change_hook(setting_name, old_value, new_value): if setting_name not in post_change_hooks: - logger.debug("Nothing to do after changing setting %s" % setting_name) + logger.debug(f"Nothing to do after changing setting {setting_name}") return f = post_change_hooks[setting_name] @@ -420,6 +421,7 @@ def reconfigure_nginx_and_yunohost(setting_name, old_value, new_value): @post_change_hook("security.ssh.compatibility") +@post_change_hook("security.ssh.password_authentication") def reconfigure_ssh(setting_name, old_value, new_value): if old_value != new_value: regen_conf(names=["ssh"]) diff --git a/src/yunohost/ssh.py b/src/ssh.py similarity index 96% rename from src/yunohost/ssh.py rename to src/ssh.py index ecee39f4a..b89dc6c8e 100644 --- a/src/yunohost/ssh.py +++ b/src/ssh.py @@ -99,7 +99,7 @@ def user_ssh_remove_key(username, key): if not os.path.exists(authorized_keys_file): raise YunohostValidationError( - "this key doesn't exists ({} dosesn't exists)".format(authorized_keys_file), + f"this key doesn't exists ({authorized_keys_file} dosesn't exists)", raw_msg=True, ) @@ -107,7 +107,7 @@ def user_ssh_remove_key(username, key): if key not in authorized_keys_content: raise YunohostValidationError( - "Key '{}' is not present in authorized_keys".format(key), raw_msg=True + f"Key '{key}' is not present in authorized_keys", raw_msg=True ) # don't delete the previous comment because we can't verify if it's legit @@ -172,7 +172,7 @@ def _get_user_for_ssh(username, attrs=None): ldap = _get_ldap_interface() user = ldap.search( - "ou=users,dc=yunohost,dc=org", + "ou=users", "(&(objectclass=person)(uid=%s))" % username, attrs, ) diff --git a/src/yunohost/utils/__init__.py b/src/tests/__init__.py similarity index 100% rename from src/yunohost/utils/__init__.py rename to src/tests/__init__.py diff --git a/src/yunohost/tests/conftest.py b/src/tests/conftest.py similarity index 92% rename from src/yunohost/tests/conftest.py rename to src/tests/conftest.py index a07c44346..cd5cb307e 100644 --- a/src/yunohost/tests/conftest.py +++ b/src/tests/conftest.py @@ -61,12 +61,6 @@ def new_translate(self, key, *args, **kwargs): moulinette.core.Translator.translate = new_translate -def new_m18nn(self, key, *args, **kwargs): - return self._namespaces[self._current_namespace].translate(key, *args, **kwargs) - - -moulinette.core.Moulinette18n.n = new_m18nn - # # Init the moulinette to have the cli loggers stuff # # diff --git a/src/yunohost/tests/test_app_catalog.py b/src/tests/test_app_catalog.py similarity index 99% rename from src/yunohost/tests/test_app_catalog.py rename to src/tests/test_app_catalog.py index 8423b868e..e9ecb1c12 100644 --- a/src/yunohost/tests/test_app_catalog.py +++ b/src/tests/test_app_catalog.py @@ -132,7 +132,7 @@ def test_apps_catalog_update_nominal(mocker): catalog = app_catalog(with_categories=True) assert "apps" in catalog - assert set(catalog["apps"].keys()) == set(["foo", "bar"]) + assert set(catalog["apps"].keys()) == {"foo", "bar"} assert "categories" in catalog assert [c["id"] for c in catalog["categories"]] == ["yolo", "swag"] diff --git a/src/yunohost/tests/test_app_config.py b/src/tests/test_app_config.py similarity index 96% rename from src/yunohost/tests/test_app_config.py rename to src/tests/test_app_config.py index 0eb813672..d6cf8045d 100644 --- a/src/yunohost/tests/test_app_config.py +++ b/src/tests/test_app_config.py @@ -19,6 +19,7 @@ from yunohost.app import ( app_config_set, app_ssowatconf, ) +from yunohost.user import user_create, user_delete from yunohost.utils.error import YunohostError, YunohostValidationError @@ -70,7 +71,7 @@ def legacy_app(request): app_install( os.path.join(get_test_apps_dir(), "legacy_app_ynh"), - args="domain=%s&path=%s&is_public=%s" % (main_domain, "/", 1), + args="domain={}&path={}&is_public={}".format(main_domain, "/", 1), force=True, ) @@ -101,6 +102,8 @@ def config_app(request): def test_app_config_get(config_app): + user_create("alice", "Alice", "White", _get_maindomain(), "test123Ynh") + assert isinstance(app_config_get(config_app), dict) assert isinstance(app_config_get(config_app, full=True), dict) assert isinstance(app_config_get(config_app, export=True), dict) @@ -108,6 +111,8 @@ def test_app_config_get(config_app): assert isinstance(app_config_get(config_app, "main.components"), dict) assert app_config_get(config_app, "main.components.boolean") == "0" + user_delete("alice") + def test_app_config_nopanel(legacy_app): diff --git a/src/yunohost/tests/test_apps.py b/src/tests/test_apps.py similarity index 97% rename from src/yunohost/tests/test_apps.py rename to src/tests/test_apps.py index 22e18ec9a..2a808b5bd 100644 --- a/src/yunohost/tests/test_apps.py +++ b/src/tests/test_apps.py @@ -111,7 +111,7 @@ def secondary_domain(request): def app_expected_files(domain, app): - yield "/etc/nginx/conf.d/%s.d/%s.conf" % (domain, app) + yield "/etc/nginx/conf.d/{}.d/{}.conf".format(domain, app) if app.startswith("legacy_app"): yield "/var/www/%s/index.html" % app yield "/etc/yunohost/apps/%s/settings.yml" % app @@ -152,7 +152,7 @@ def install_legacy_app(domain, path, public=True): app_install( os.path.join(get_test_apps_dir(), "legacy_app_ynh"), - args="domain=%s&path=%s&is_public=%s" % (domain, path, 1 if public else 0), + args="domain={}&path={}&is_public={}".format(domain, path, 1 if public else 0), force=True, ) @@ -170,7 +170,7 @@ def install_break_yo_system(domain, breakwhat): app_install( os.path.join(get_test_apps_dir(), "break_yo_system_ynh"), - args="domain=%s&breakwhat=%s" % (domain, breakwhat), + args="domain={}&breakwhat={}".format(domain, breakwhat), force=True, ) @@ -338,7 +338,7 @@ def test_legacy_app_failed_remove(mocker, secondary_domain): # The remove script runs with set -eu and attempt to remove this # file without -f, so will fail if it's not there ;) - os.remove("/etc/nginx/conf.d/%s.d/%s.conf" % (secondary_domain, "legacy_app")) + os.remove("/etc/nginx/conf.d/{}.d/{}.conf".format(secondary_domain, "legacy_app")) # TODO / FIXME : can't easily validate that 'app_not_properly_removed' # is triggered for weird reasons ... diff --git a/src/yunohost/tests/test_appurl.py b/src/tests/test_appurl.py similarity index 95% rename from src/yunohost/tests/test_appurl.py rename to src/tests/test_appurl.py index 7b4c6e2e3..c036ae28a 100644 --- a/src/yunohost/tests/test_appurl.py +++ b/src/tests/test_appurl.py @@ -70,6 +70,7 @@ def test_repo_url_definition(): ) assert _is_app_repo_url("https://github.com/YunoHost-Apps/foobar_ynh/tree/1.23.4") assert _is_app_repo_url("git@github.com:YunoHost-Apps/foobar_ynh.git") + assert _is_app_repo_url("https://git.super.host/~max/foobar_ynh") assert not _is_app_repo_url("github.com/YunoHost-Apps/foobar_ynh") assert not _is_app_repo_url("http://github.com/YunoHost-Apps/foobar_ynh") @@ -98,7 +99,7 @@ def test_registerurl(): app_install( os.path.join(get_test_apps_dir(), "register_url_app_ynh"), - args="domain=%s&path=%s" % (maindomain, "/urlregisterapp"), + args="domain={}&path={}".format(maindomain, "/urlregisterapp"), force=True, ) @@ -108,7 +109,7 @@ def test_registerurl(): with pytest.raises(YunohostError): app_install( os.path.join(get_test_apps_dir(), "register_url_app_ynh"), - args="domain=%s&path=%s" % (maindomain, "/urlregisterapp"), + args="domain={}&path={}".format(maindomain, "/urlregisterapp"), force=True, ) @@ -118,7 +119,7 @@ def test_registerurl_baddomain(): with pytest.raises(YunohostError): app_install( os.path.join(get_test_apps_dir(), "register_url_app_ynh"), - args="domain=%s&path=%s" % ("yolo.swag", "/urlregisterapp"), + args="domain={}&path={}".format("yolo.swag", "/urlregisterapp"), force=True, ) @@ -233,7 +234,7 @@ def test_normalize_permission_path_with_unknown_domain(): def test_normalize_permission_path_conflicting_path(): app_install( os.path.join(get_test_apps_dir(), "register_url_app_ynh"), - args="domain=%s&path=%s" % (maindomain, "/url/registerapp"), + args="domain={}&path={}".format(maindomain, "/url/registerapp"), force=True, ) diff --git a/src/yunohost/tests/test_backuprestore.py b/src/tests/test_backuprestore.py similarity index 93% rename from src/yunohost/tests/test_backuprestore.py rename to src/tests/test_backuprestore.py index 6e2c3b514..03c3aa0c7 100644 --- a/src/yunohost/tests/test_backuprestore.py +++ b/src/tests/test_backuprestore.py @@ -48,8 +48,8 @@ def setup_function(function): for m in function.__dict__.get("pytestmark", []) } - if "with_wordpress_archive_from_3p8" in markers: - add_archive_wordpress_from_3p8() + if "with_wordpress_archive_from_4p2" in markers: + add_archive_wordpress_from_4p2() assert len(backup_list()["archives"]) == 1 if "with_legacy_app_installed" in markers: @@ -71,8 +71,8 @@ def setup_function(function): ) assert app_is_installed("backup_recommended_app") - if "with_system_archive_from_3p8" in markers: - add_archive_system_from_3p8() + if "with_system_archive_from_4p2" in markers: + add_archive_system_from_4p2() assert len(backup_list()["archives"]) == 1 if "with_permission_app_installed" in markers: @@ -139,7 +139,7 @@ def app_is_installed(app): # These are files we know should be installed by the app app_files = [] - app_files.append("/etc/nginx/conf.d/%s.d/%s.conf" % (maindomain, app)) + app_files.append("/etc/nginx/conf.d/{}.d/{}.conf".format(maindomain, app)) app_files.append("/var/www/%s/index.html" % app) app_files.append("/etc/importantfile") @@ -150,7 +150,7 @@ def backup_test_dependencies_are_met(): # Dummy test apps (or backup archives) assert os.path.exists( - os.path.join(get_test_apps_dir(), "backup_wordpress_from_3p8") + os.path.join(get_test_apps_dir(), "backup_wordpress_from_4p2") ) assert os.path.exists(os.path.join(get_test_apps_dir(), "legacy_app_ynh")) assert os.path.exists( @@ -214,30 +214,30 @@ def install_app(app, path, additionnal_args=""): app_install( os.path.join(get_test_apps_dir(), app), - args="domain=%s&path=%s%s" % (maindomain, path, additionnal_args), + args="domain={}&path={}{}".format(maindomain, path, additionnal_args), force=True, ) -def add_archive_wordpress_from_3p8(): +def add_archive_wordpress_from_4p2(): os.system("mkdir -p /home/yunohost.backup/archives") os.system( "cp " - + os.path.join(get_test_apps_dir(), "backup_wordpress_from_3p8/backup.tar.gz") - + " /home/yunohost.backup/archives/backup_wordpress_from_3p8.tar.gz" + + os.path.join(get_test_apps_dir(), "backup_wordpress_from_4p2/backup.tar") + + " /home/yunohost.backup/archives/backup_wordpress_from_4p2.tar" ) -def add_archive_system_from_3p8(): +def add_archive_system_from_4p2(): os.system("mkdir -p /home/yunohost.backup/archives") os.system( "cp " - + os.path.join(get_test_apps_dir(), "backup_system_from_3p8/backup.tar.gz") - + " /home/yunohost.backup/archives/backup_system_from_3p8.tar.gz" + + os.path.join(get_test_apps_dir(), "backup_system_from_4p2/backup.tar") + + " /home/yunohost.backup/archives/backup_system_from_4p2.tar" ) @@ -307,8 +307,8 @@ def test_backup_and_restore_all_sys(mocker): # -@pytest.mark.with_system_archive_from_3p8 -def test_restore_system_from_Ynh3p8(monkeypatch, mocker): +@pytest.mark.with_system_archive_from_4p2 +def test_restore_system_from_Ynh4p2(monkeypatch, mocker): # Backup current system with message(mocker, "backup_created"): @@ -453,9 +453,9 @@ def test_backup_using_copy_method(mocker): # -@pytest.mark.with_wordpress_archive_from_3p8 +@pytest.mark.with_wordpress_archive_from_4p2 @pytest.mark.with_custom_domain("yolo.test") -def test_restore_app_wordpress_from_Ynh3p8(mocker): +def test_restore_app_wordpress_from_Ynh4p2(mocker): with message(mocker, "restore_complete"): backup_restore( @@ -463,7 +463,7 @@ def test_restore_app_wordpress_from_Ynh3p8(mocker): ) -@pytest.mark.with_wordpress_archive_from_3p8 +@pytest.mark.with_wordpress_archive_from_4p2 @pytest.mark.with_custom_domain("yolo.test") def test_restore_app_script_failure_handling(monkeypatch, mocker): def custom_hook_exec(name, *args, **kwargs): @@ -484,7 +484,7 @@ def test_restore_app_script_failure_handling(monkeypatch, mocker): assert not _is_installed("wordpress") -@pytest.mark.with_wordpress_archive_from_3p8 +@pytest.mark.with_wordpress_archive_from_4p2 def test_restore_app_not_enough_free_space(monkeypatch, mocker): def custom_free_space_in_directory(dirpath): return 0 @@ -503,7 +503,7 @@ def test_restore_app_not_enough_free_space(monkeypatch, mocker): assert not _is_installed("wordpress") -@pytest.mark.with_wordpress_archive_from_3p8 +@pytest.mark.with_wordpress_archive_from_4p2 def test_restore_app_not_in_backup(mocker): assert not _is_installed("wordpress") @@ -519,7 +519,7 @@ def test_restore_app_not_in_backup(mocker): assert not _is_installed("yoloswag") -@pytest.mark.with_wordpress_archive_from_3p8 +@pytest.mark.with_wordpress_archive_from_4p2 @pytest.mark.with_custom_domain("yolo.test") def test_restore_app_already_installed(mocker): @@ -629,7 +629,7 @@ def test_restore_archive_with_no_json(mocker): # Create a backup with no info.json associated os.system("touch /tmp/afile") - os.system("tar -czvf /home/yunohost.backup/archives/badbackup.tar.gz /tmp/afile") + os.system("tar -cvf /home/yunohost.backup/archives/badbackup.tar /tmp/afile") assert "badbackup" in backup_list()["archives"] @@ -637,18 +637,18 @@ def test_restore_archive_with_no_json(mocker): backup_restore(name="badbackup", force=True) -@pytest.mark.with_wordpress_archive_from_3p8 +@pytest.mark.with_wordpress_archive_from_4p2 def test_restore_archive_with_bad_archive(mocker): # Break the archive os.system( - "head -n 1000 /home/yunohost.backup/archives/backup_wordpress_from_3p8.tar.gz > /home/yunohost.backup/archives/backup_wordpress_from_3p8_bad.tar.gz" + "head -n 1000 /home/yunohost.backup/archives/backup_wordpress_from_4p2.tar > /home/yunohost.backup/archives/backup_wordpress_from_4p2_bad.tar" ) - assert "backup_wordpress_from_3p8_bad" in backup_list()["archives"] + assert "backup_wordpress_from_4p2_bad" in backup_list()["archives"] with raiseYunohostError(mocker, "backup_archive_corrupted"): - backup_restore(name="backup_wordpress_from_3p8_bad", force=True) + backup_restore(name="backup_wordpress_from_4p2_bad", force=True) clean_tmp_backup_directory() diff --git a/src/yunohost/tests/test_changeurl.py b/src/tests/test_changeurl.py similarity index 96% rename from src/yunohost/tests/test_changeurl.py rename to src/tests/test_changeurl.py index e375bd9f0..04cb4a1a9 100644 --- a/src/yunohost/tests/test_changeurl.py +++ b/src/tests/test_changeurl.py @@ -26,7 +26,7 @@ def teardown_function(function): def install_changeurl_app(path): app_install( os.path.join(get_test_apps_dir(), "change_url_app_ynh"), - args="domain=%s&path=%s" % (maindomain, path), + args="domain={}&path={}".format(maindomain, path), force=True, ) diff --git a/src/yunohost/tests/test_dns.py b/src/tests/test_dns.py similarity index 100% rename from src/yunohost/tests/test_dns.py rename to src/tests/test_dns.py diff --git a/src/yunohost/tests/test_domains.py b/src/tests/test_domains.py similarity index 96% rename from src/yunohost/tests/test_domains.py rename to src/tests/test_domains.py index 02d60ead4..95a33e0ba 100644 --- a/src/yunohost/tests/test_domains.py +++ b/src/tests/test_domains.py @@ -3,7 +3,7 @@ import os from moulinette.core import MoulinetteError -from yunohost.utils.error import YunohostValidationError +from yunohost.utils.error import YunohostError, YunohostValidationError from yunohost.domain import ( DOMAIN_SETTINGS_DIR, _get_maindomain, @@ -114,5 +114,5 @@ def test_domain_config_set(): def test_domain_configs_unknown(): - with pytest.raises(YunohostValidationError): + with pytest.raises(YunohostError): domain_config_get(TEST_DOMAINS[2], "feature.xmpp.xmpp.xmpp") diff --git a/src/yunohost/tests/test_ldapauth.py b/src/tests/test_ldapauth.py similarity index 100% rename from src/yunohost/tests/test_ldapauth.py rename to src/tests/test_ldapauth.py diff --git a/src/yunohost/tests/test_permission.py b/src/tests/test_permission.py similarity index 98% rename from src/yunohost/tests/test_permission.py rename to src/tests/test_permission.py index 00799d0fd..4e7f9f53d 100644 --- a/src/yunohost/tests/test_permission.py +++ b/src/tests/test_permission.py @@ -236,17 +236,17 @@ def check_LDAP_db_integrity(): ldap = _get_ldap_interface() user_search = ldap.search( - "ou=users,dc=yunohost,dc=org", + "ou=users", "(&(objectclass=person)(!(uid=root))(!(uid=nobody)))", ["uid", "memberOf", "permission"], ) group_search = ldap.search( - "ou=groups,dc=yunohost,dc=org", + "ou=groups", "(objectclass=groupOfNamesYnh)", ["cn", "member", "memberUid", "permission"], ) permission_search = ldap.search( - "ou=permission,dc=yunohost,dc=org", + "ou=permission", "(objectclass=permissionYnh)", ["cn", "groupPermission", "inheritPermission", "memberUid"], ) @@ -347,7 +347,7 @@ def check_permission_for_apps(): # {"bar", "foo"} # and compare this to the list of installed apps ... - app_perms_prefix = set(p.split(".")[0] for p in app_perms) + app_perms_prefix = {p.split(".")[0] for p in app_perms} assert set(_installed_apps()) == app_perms_prefix @@ -398,7 +398,7 @@ def test_permission_list(): assert res["wiki.main"]["allowed"] == ["all_users"] assert res["blog.main"]["allowed"] == ["alice"] assert res["blog.api"]["allowed"] == ["visitors"] - assert set(res["wiki.main"]["corresponding_users"]) == set(["alice", "bob"]) + assert set(res["wiki.main"]["corresponding_users"]) == {"alice", "bob"} assert res["blog.main"]["corresponding_users"] == ["alice"] assert res["blog.api"]["corresponding_users"] == [] assert res["wiki.main"]["url"] == "/" @@ -442,7 +442,7 @@ def test_permission_create_main(mocker): res = user_permission_list(full=True)["permissions"] assert "site.main" in res assert res["site.main"]["allowed"] == ["all_users"] - assert set(res["site.main"]["corresponding_users"]) == set(["alice", "bob"]) + assert set(res["site.main"]["corresponding_users"]) == {"alice", "bob"} assert res["site.main"]["protected"] is False @@ -630,8 +630,8 @@ def test_permission_add_group(mocker): user_permission_update("wiki.main", add="alice") res = user_permission_list(full=True)["permissions"] - assert set(res["wiki.main"]["allowed"]) == set(["all_users", "alice"]) - assert set(res["wiki.main"]["corresponding_users"]) == set(["alice", "bob"]) + assert set(res["wiki.main"]["allowed"]) == {"all_users", "alice"} + assert set(res["wiki.main"]["corresponding_users"]) == {"alice", "bob"} def test_permission_remove_group(mocker): @@ -680,7 +680,7 @@ def test_permission_reset(mocker): res = user_permission_list(full=True)["permissions"] assert res["blog.main"]["allowed"] == ["all_users"] - assert set(res["blog.main"]["corresponding_users"]) == set(["alice", "bob"]) + assert set(res["blog.main"]["corresponding_users"]) == {"alice", "bob"} def test_permission_reset_idempotency(): @@ -690,7 +690,7 @@ def test_permission_reset_idempotency(): res = user_permission_list(full=True)["permissions"] assert res["blog.main"]["allowed"] == ["all_users"] - assert set(res["blog.main"]["corresponding_users"]) == set(["alice", "bob"]) + assert set(res["blog.main"]["corresponding_users"]) == {"alice", "bob"} def test_permission_change_label(mocker): @@ -1013,9 +1013,7 @@ def test_permission_app_install(): assert res["permissions_app.dev"]["url"] == "/dev" assert res["permissions_app.main"]["allowed"] == ["all_users"] - assert set(res["permissions_app.main"]["corresponding_users"]) == set( - ["alice", "bob"] - ) + assert set(res["permissions_app.main"]["corresponding_users"]) == {"alice", "bob"} assert res["permissions_app.admin"]["allowed"] == ["alice"] assert res["permissions_app.admin"]["corresponding_users"] == ["alice"] diff --git a/src/yunohost/tests/test_questions.py b/src/tests/test_questions.py similarity index 99% rename from src/yunohost/tests/test_questions.py rename to src/tests/test_questions.py index c21ff8c40..5917d32d4 100644 --- a/src/yunohost/tests/test_questions.py +++ b/src/tests/test_questions.py @@ -1977,7 +1977,7 @@ def test_question_file_from_api(): from base64 import b64encode - b64content = b64encode("helloworld".encode()) + b64content = b64encode(b"helloworld") questions = [ { "name": "some_file", diff --git a/src/yunohost/tests/test_regenconf.py b/src/tests/test_regenconf.py similarity index 100% rename from src/yunohost/tests/test_regenconf.py rename to src/tests/test_regenconf.py diff --git a/src/yunohost/tests/test_service.py b/src/tests/test_service.py similarity index 100% rename from src/yunohost/tests/test_service.py rename to src/tests/test_service.py diff --git a/src/yunohost/tests/test_settings.py b/src/tests/test_settings.py similarity index 100% rename from src/yunohost/tests/test_settings.py rename to src/tests/test_settings.py diff --git a/src/yunohost/tests/test_user-group.py b/src/tests/test_user-group.py similarity index 98% rename from src/yunohost/tests/test_user-group.py rename to src/tests/test_user-group.py index 60e748108..e561118e0 100644 --- a/src/yunohost/tests/test_user-group.py +++ b/src/tests/test_user-group.py @@ -221,7 +221,7 @@ def test_create_user_already_exists(mocker): def test_create_user_with_domain_that_doesnt_exists(mocker): - with raiseYunohostError(mocker, "domain_name_unknown"): + with raiseYunohostError(mocker, "domain_unknown"): user_create("alice", "Alice", "White", "doesnt.exists", "test123Ynh") @@ -281,7 +281,7 @@ def test_update_group_add_user(mocker): user_group_update("dev", add=["bob"]) group_res = user_group_list()["groups"] - assert set(group_res["dev"]["members"]) == set(["alice", "bob"]) + assert set(group_res["dev"]["members"]) == {"alice", "bob"} def test_update_group_add_user_already_in(mocker): diff --git a/src/yunohost/tools.py b/src/tools.py similarity index 75% rename from src/yunohost/tools.py rename to src/tools.py index e89081abd..c6283e701 100644 --- a/src/yunohost/tools.py +++ b/src/tools.py @@ -33,7 +33,7 @@ from typing import List from moulinette import Moulinette, m18n from moulinette.utils.log import getActionLogger -from moulinette.utils.process import check_output, call_async_output +from moulinette.utils.process import call_async_output from moulinette.utils.filesystem import read_yaml, write_to_yaml, cp, mkdir, rm from yunohost.app import ( @@ -45,7 +45,6 @@ from yunohost.app_catalog import ( _update_apps_catalog, ) from yunohost.domain import domain_add -from yunohost.dyndns import _dyndns_available, _dyndns_provides from yunohost.firewall import firewall_upnp from yunohost.service import service_start, service_enable from yunohost.regenconf import regen_conf @@ -100,7 +99,7 @@ def tools_adminpw(new_password, check_strength=True): {"userPassword": [new_hash]}, ) except Exception as e: - logger.error("unable to change admin password : %s" % e) + logger.error(f"unable to change admin password : {e}") raise YunohostError("admin_password_change_failed") else: # Write as root password @@ -147,7 +146,7 @@ def _set_hostname(hostname, pretty_hostname=None): """ if not pretty_hostname: - pretty_hostname = "(YunoHost/%s)" % hostname + pretty_hostname = f"(YunoHost/{hostname})" # First clear nsswitch cache for hosts to make sure hostname is resolved... subprocess.call(["nscd", "-i", "hosts"]) @@ -205,12 +204,12 @@ def tools_postinstall( password -- YunoHost admin password """ + from yunohost.dyndns import _dyndns_available + from yunohost.utils.dns import is_yunohost_dyndns_domain from yunohost.utils.password import assert_password_is_strong_enough from yunohost.domain import domain_main_domain import psutil - dyndns_provider = "dyndns.yunohost.org" - # Do some checks at first if os.path.isfile("/etc/yunohost/installed"): raise YunohostValidationError("yunohost_already_installed") @@ -225,9 +224,9 @@ def tools_postinstall( disk_partitions = sorted(psutil.disk_partitions(), key=lambda k: k.mountpoint) main_disk_partitions = [d for d in disk_partitions if d.mountpoint in ["/", "/var"]] main_space = sum( - [psutil.disk_usage(d.mountpoint).total for d in main_disk_partitions] + psutil.disk_usage(d.mountpoint).total for d in main_disk_partitions ) - GB = 1024 ** 3 + GB = 1024**3 if not force_diskspace and main_space < 10 * GB: raise YunohostValidationError("postinstall_low_rootfsspace") @@ -235,33 +234,24 @@ def tools_postinstall( if not force_password: assert_password_is_strong_enough("admin", password) - if not ignore_dyndns: - # Check if yunohost dyndns can handle the given domain - # (i.e. is it a .nohost.me ? a .noho.st ?) + # If this is a nohost.me/noho.st, actually check for availability + if not ignore_dyndns and is_yunohost_dyndns_domain(domain): + # Check if the domain is available... try: - is_nohostme_or_nohost = _dyndns_provides(dyndns_provider, domain) + available = _dyndns_available(domain) # If an exception is thrown, most likely we don't have internet # connectivity or something. Assume that this domain isn't manageable # and inform the user that we could not contact the dyndns host server. except Exception: logger.warning( - m18n.n("dyndns_provider_unreachable", provider=dyndns_provider) + m18n.n("dyndns_provider_unreachable", provider="dyndns.yunohost.org") ) - is_nohostme_or_nohost = False - # If this is a nohost.me/noho.st, actually check for availability - if is_nohostme_or_nohost: - # (Except if the user explicitly said he/she doesn't care about dyndns) - if ignore_dyndns: - dyndns = False - # Check if the domain is available... - elif _dyndns_available(dyndns_provider, domain): - dyndns = True - # If not, abort the postinstall - else: - raise YunohostValidationError("dyndns_unavailable", domain=domain) + if available: + dyndns = True + # If not, abort the postinstall else: - dyndns = False + raise YunohostValidationError("dyndns_unavailable", domain=domain) else: dyndns = False @@ -332,29 +322,17 @@ def tools_regen_conf( return regen_conf(names, with_diff, force, dry_run, list_pending) -def tools_update(target=None, apps=False, system=False): +def tools_update(target=None): """ Update apps & system package cache """ - # Legacy options (--system, --apps) - if apps or system: - logger.warning( - "Using 'yunohost tools update' with --apps / --system is deprecated, just write 'yunohost tools update apps system' (no -- prefix anymore)" - ) - if apps and system: - target = "all" - elif apps: - target = "apps" - else: - target = "system" - - elif not target: + if not target: target = "all" if target not in ["system", "apps", "all"]: raise YunohostError( - "Unknown target %s, should be 'system', 'apps' or 'all'" % target, + f"Unknown target {target}, should be 'system', 'apps' or 'all'", raw_msg=True, ) @@ -457,9 +435,7 @@ def _list_upgradable_apps(): @is_unit_operation() -def tools_upgrade( - operation_logger, target=None, apps=False, system=False, allow_yunohost_upgrade=True -): +def tools_upgrade(operation_logger, target=None): """ Update apps & package cache, then display changelog @@ -476,23 +452,8 @@ def tools_upgrade( if not packages.dpkg_lock_available(): raise YunohostValidationError("dpkg_lock_not_available") - # Legacy options management (--system, --apps) - if target is None: - - logger.warning( - "Using 'yunohost tools upgrade' with --apps / --system is deprecated, just write 'yunohost tools upgrade apps' or 'system' (no -- prefix anymore)" - ) - - if (system, apps) == (True, True): - raise YunohostValidationError("tools_upgrade_cant_both") - - if (system, apps) == (False, False): - raise YunohostValidationError("tools_upgrade_at_least_one") - - target = "apps" if apps else "system" - if target not in ["apps", "system"]: - raise Exception( + raise YunohostValidationError( "Uhoh ?! tools_upgrade should have 'apps' or 'system' value for argument target" ) @@ -516,7 +477,7 @@ def tools_upgrade( try: app_upgrade(app=upgradable_apps) except Exception as e: - logger.warning("unable to upgrade apps: %s" % str(e)) + logger.warning(f"unable to upgrade apps: {e}") logger.error(m18n.n("app_upgrade_some_app_failed")) return @@ -535,19 +496,10 @@ def tools_upgrade( logger.info(m18n.n("upgrading_packages")) operation_logger.start() - # Critical packages are packages that we can't just upgrade - # randomly from yunohost itself... upgrading them is likely to - critical_packages = ["moulinette", "yunohost", "yunohost-admin", "ssowat"] - - critical_packages_upgradable = [ - p["name"] for p in upgradables if p["name"] in critical_packages - ] - noncritical_packages_upgradable = [ - p["name"] for p in upgradables if p["name"] not in critical_packages - ] - # Prepare dist-upgrade command dist_upgrade = "DEBIAN_FRONTEND=noninteractive" + if Moulinette.interface.type == "api": + dist_upgrade += " YUNOHOST_API_RESTART_WILL_BE_HANDLED_BY_YUNOHOST=yes" dist_upgrade += " APT_LISTCHANGES_FRONTEND=none" dist_upgrade += " apt-get" dist_upgrade += ( @@ -557,136 +509,72 @@ def tools_upgrade( dist_upgrade += ' -o Dpkg::Options::="--force-conf{}"'.format(conf_flag) dist_upgrade += " dist-upgrade" - # - # "Regular" packages upgrade - # - if noncritical_packages_upgradable: + logger.info(m18n.n("tools_upgrade")) - logger.info(m18n.n("tools_upgrade_regular_packages")) + logger.debug("Running apt command :\n{}".format(dist_upgrade)) - # Mark all critical packages as held - for package in critical_packages: - check_output("apt-mark hold %s" % package) + def is_relevant(line): + irrelevants = [ + "service sudo-ldap already provided", + "Reading database ...", + ] + return all(i not in line.rstrip() for i in irrelevants) - # Doublecheck with apt-mark showhold that packages are indeed held ... - held_packages = check_output("apt-mark showhold").split("\n") - if any(p not in held_packages for p in critical_packages): - logger.warning(m18n.n("tools_upgrade_cant_hold_critical_packages")) - operation_logger.error(m18n.n("packages_upgrade_failed")) - raise YunohostError(m18n.n("packages_upgrade_failed")) + callbacks = ( + lambda l: logger.info("+ " + l.rstrip() + "\r") + if _apt_log_line_is_relevant(l) + else logger.debug(l.rstrip() + "\r"), + lambda l: logger.warning(l.rstrip()) + if _apt_log_line_is_relevant(l) + else logger.debug(l.rstrip()), + ) + returncode = call_async_output(dist_upgrade, callbacks, shell=True) - logger.debug("Running apt command :\n{}".format(dist_upgrade)) + # If yunohost is being upgraded from the webadmin + if "yunohost" in upgradables and Moulinette.interface.type == "api": - def is_relevant(line): - irrelevants = [ - "service sudo-ldap already provided", - "Reading database ...", - ] - return all(i not in line.rstrip() for i in irrelevants) + # Restart the API after 10 sec (at now doesn't support sub-minute times...) + # We do this so that the API / webadmin still gets the proper HTTP response + # It's then up to the webadmin to implement a proper UX process to wait 10 sec and then auto-fresh the webadmin + cmd = 'at -M now >/dev/null 2>&1 <<< "sleep 10; systemctl restart yunohost-api"' + # For some reason subprocess doesn't like the redirections so we have to use bash -c explicity... + subprocess.check_call(["bash", "-c", cmd]) - callbacks = ( - lambda l: logger.info("+ " + l.rstrip() + "\r") - if is_relevant(l) - else logger.debug(l.rstrip() + "\r"), - lambda l: logger.warning(l.rstrip()) - if is_relevant(l) - else logger.debug(l.rstrip()), - ) - returncode = call_async_output(dist_upgrade, callbacks, shell=True) - if returncode != 0: - upgradables = list(_list_upgradable_apt_packages()) - noncritical_packages_upgradable = [ - p["name"] for p in upgradables if p["name"] not in critical_packages - ] - logger.warning( - m18n.n( - "tools_upgrade_regular_packages_failed", - packages_list=", ".join(noncritical_packages_upgradable), - ) - ) - operation_logger.error(m18n.n("packages_upgrade_failed")) - raise YunohostError(m18n.n("packages_upgrade_failed")) - - # - # Critical packages upgrade - # - if critical_packages_upgradable and allow_yunohost_upgrade: - - logger.info(m18n.n("tools_upgrade_special_packages")) - - # Mark all critical packages as unheld - for package in critical_packages: - check_output("apt-mark unhold %s" % package) - - # Doublecheck with apt-mark showhold that packages are indeed unheld ... - held_packages = check_output("apt-mark showhold").split("\n") - if any(p in held_packages for p in critical_packages): - logger.warning(m18n.n("tools_upgrade_cant_unhold_critical_packages")) - operation_logger.error(m18n.n("packages_upgrade_failed")) - raise YunohostError(m18n.n("packages_upgrade_failed")) - - # - # Here we use a dirty hack to run a command after the current - # "yunohost tools upgrade", because the upgrade of yunohost - # will also trigger other yunohost commands (e.g. "yunohost tools migrations run") - # (also the upgrade of the package, if executed from the webadmin, is - # likely to kill/restart the api which is in turn likely to kill this - # command before it ends...) - # - logfile = operation_logger.log_path - dist_upgrade = dist_upgrade + " 2>&1 | tee -a {}".format(logfile) - - MOULINETTE_LOCK = "/var/run/moulinette_yunohost.lock" - wait_until_end_of_yunohost_command = ( - "(while [ -f {} ]; do sleep 2; done)".format(MOULINETTE_LOCK) - ) - mark_success = ( - "(echo 'Done!' | tee -a {} && echo 'success: true' >> {})".format( - logfile, operation_logger.md_path + if returncode != 0: + upgradables = list(_list_upgradable_apt_packages()) + logger.warning( + m18n.n( + "tools_upgrade_failed", + packages_list=", ".join(upgradables), ) ) - mark_failure = ( - "(echo 'Failed :(' | tee -a {} && echo 'success: false' >> {})".format( - logfile, operation_logger.md_path - ) - ) - update_log_metadata = "sed -i \"s/ended_at: .*$/ended_at: $(date -u +'%Y-%m-%d %H:%M:%S.%N')/\" {}" - update_log_metadata = update_log_metadata.format(operation_logger.md_path) - # Dirty hack such that the operation_logger does not add ended_at - # and success keys in the log metadata. (c.f. the code of the - # is_unit_operation + operation_logger.close()) We take care of - # this ourselves (c.f. the mark_success and updated_log_metadata in - # the huge command launched by os.system) - operation_logger.ended_at = "notyet" + logger.success(m18n.n("system_upgraded")) + operation_logger.success() - upgrade_completed = "\n" + m18n.n( - "tools_upgrade_special_packages_completed" - ) - command = "({wait} && {dist_upgrade}) && {mark_success} || {mark_failure}; {update_metadata}; echo '{done}'".format( - wait=wait_until_end_of_yunohost_command, - dist_upgrade=dist_upgrade, - mark_success=mark_success, - mark_failure=mark_failure, - update_metadata=update_log_metadata, - done=upgrade_completed, - ) - logger.warning(m18n.n("tools_upgrade_special_packages_explanation")) - logger.debug("Running command :\n{}".format(command)) - open("/tmp/yunohost-selfupgrade", "w").write( - "rm /tmp/yunohost-selfupgrade; " + command - ) - # Using systemd-run --scope is like nohup/disown and &, but more robust somehow - # (despite using nohup/disown and &, the self-upgrade process was still getting killed...) - # ref: https://unix.stackexchange.com/questions/420594/why-process-killed-with-nohup - # (though I still don't understand it 100%...) - os.system("systemd-run --scope bash /tmp/yunohost-selfupgrade &") - return - - else: - logger.success(m18n.n("system_upgraded")) - operation_logger.success() +def _apt_log_line_is_relevant(line): + irrelevants = [ + "service sudo-ldap already provided", + "Reading database ...", + "Preparing to unpack", + "Selecting previously unselected package", + "Created symlink /etc/systemd", + "Replacing config file", + "Creating config file", + "Installing new version of config file", + "Installing new config file as you requested", + ", does not exist on system.", + "unable to delete old directory", + "update-alternatives:", + "Configuration file '/etc", + "==> Modified (by you or by a script) since installation.", + "==> Package distributor has shipped an updated version.", + "==> Keeping old config file as default.", + "is a disabled or a static unit", + " update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults", + ] + return line.rstrip() and all(i not in line.rstrip() for i in irrelevants) @is_unit_operation() @@ -961,19 +849,6 @@ def _write_migration_state(migration_id, state): def _get_migrations_list(): - migrations = [] - - try: - from . import data_migrations - except ImportError: - # not data migrations present, return empty list - return migrations - - migrations_path = data_migrations.__path__[0] - - if not os.path.exists(migrations_path): - logger.warn(m18n.n("migrations_cant_reach_migration_file", migrations_path)) - return migrations # states is a datastructure that represents the last run migration # it has this form: @@ -986,9 +861,11 @@ def _get_migrations_list(): # (in particular, pending migrations / not already ran are not listed states = tools_migrations_state()["migrations"] + migrations = [] + migrations_folder = os.path.dirname(__file__) + "/migrations/" for migration_file in [ x - for x in os.listdir(migrations_path) + for x in os.listdir(migrations_folder) if re.match(r"^\d+_[a-zA-Z0-9_]+\.py$", x) ]: m = _load_migration(migration_file) @@ -1004,20 +881,20 @@ def _get_migration_by_name(migration_name): """ try: - from . import data_migrations + from . import migrations except ImportError: - raise AssertionError("Unable to find migration with name %s" % migration_name) + raise AssertionError(f"Unable to find migration with name {migration_name}") - migrations_path = data_migrations.__path__[0] + migrations_path = migrations.__path__[0] migrations_found = [ x for x in os.listdir(migrations_path) if re.match(r"^\d+_%s\.py$" % migration_name, x) ] - assert len(migrations_found) == 1, ( - "Unable to find migration with name %s" % migration_name - ) + assert ( + len(migrations_found) == 1 + ), f"Unable to find migration with name {migration_name}" return _load_migration(migrations_found[0]) @@ -1032,7 +909,7 @@ def _load_migration(migration_file): # this is python builtin method to import a module using a name, we # use that to import the migration as a python object so we'll be # able to run it in the next loop - module = import_module("yunohost.data_migrations.{}".format(migration_id)) + module = import_module("yunohost.migrations.{}".format(migration_id)) return module.MyMigration(migration_id) except Exception as e: import traceback @@ -1111,7 +988,7 @@ def _tools_migrations_run_before_app_restore(backup_version, app_id): raise -class Migration(object): +class Migration: # Those are to be implemented by daughter classes @@ -1136,9 +1013,9 @@ class Migration(object): @property def description(self): - return m18n.n("migration_description_%s" % self.id) + return m18n.n(f"migration_description_{self.id}") - def ldap_migration(run): + def ldap_migration(self, run): def func(self): # Backup LDAP before the migration diff --git a/src/yunohost/user.py b/src/user.py similarity index 94% rename from src/yunohost/user.py rename to src/user.py index c9f70e152..7d023fd83 100644 --- a/src/yunohost/user.py +++ b/src/user.py @@ -97,7 +97,7 @@ def user_list(fields=None): and values[0].strip() == "/bin/false", } - attrs = set(["uid"]) + attrs = {"uid"} users = {} if not fields: @@ -111,7 +111,7 @@ def user_list(fields=None): ldap = _get_ldap_interface() result = ldap.search( - "ou=users,dc=yunohost,dc=org", + "ou=users", "(&(objectclass=person)(!(uid=root))(!(uid=nobody)))", attrs, ) @@ -138,7 +138,6 @@ def user_create( domain, password, mailbox_quota="0", - mail=None, from_import=False, ): @@ -150,12 +149,6 @@ def user_create( # Ensure sufficiently complex password assert_password_is_strong_enough("user", password) - if mail is not None: - logger.warning( - "Packagers ! Using --mail in 'yunohost user create' is deprecated ... please use --domain instead." - ) - domain = mail.split("@")[-1] - # Validate domain used for email address/xmpp account if domain is None: if Moulinette.interface.type == "api": @@ -166,11 +159,11 @@ def user_create( # On affiche les differents domaines possibles Moulinette.display(m18n.n("domains_available")) for domain in domain_list()["domains"]: - Moulinette.display("- {}".format(domain)) + Moulinette.display(f"- {domain}") maindomain = _get_maindomain() domain = Moulinette.prompt( - m18n.n("ask_user_domain") + " (default: %s)" % maindomain + m18n.n("ask_user_domain") + f" (default: {maindomain})" ) if not domain: domain = maindomain @@ -215,7 +208,7 @@ def user_create( uid_guid_found = uid not in all_uid and uid not in all_gid # Adapt values for LDAP - fullname = "%s %s" % (firstname, lastname) + fullname = f"{firstname} {lastname}" attr_dict = { "objectClass": [ @@ -240,11 +233,11 @@ def user_create( } # If it is the first user, add some aliases - if not ldap.search(base="ou=users,dc=yunohost,dc=org", filter="uid=*"): + if not ldap.search(base="ou=users", filter="uid=*"): attr_dict["mail"] = [attr_dict["mail"]] + aliases try: - ldap.add("uid=%s,ou=users" % username, attr_dict) + ldap.add(f"uid={username},ou=users", attr_dict) except Exception as e: raise YunohostError("user_creation_failed", user=username, error=e) @@ -261,11 +254,9 @@ def user_create( logger.warning(m18n.n("user_home_creation_failed", home=home), exc_info=1) try: - subprocess.check_call( - ["setfacl", "-m", "g:all_users:---", "/home/%s" % username] - ) + subprocess.check_call(["setfacl", "-m", "g:all_users:---", f"/home/{username}"]) except subprocess.CalledProcessError: - logger.warning("Failed to protect /home/%s" % username, exc_info=1) + logger.warning(f"Failed to protect /home/{username}", exc_info=1) # Create group for user and add to group 'all_users' user_group_create(groupname=username, gid=uid, primary_group=True, sync_perm=False) @@ -325,7 +316,7 @@ def user_delete(operation_logger, username, purge=False, from_import=False): ldap = _get_ldap_interface() try: - ldap.remove("uid=%s,ou=users" % username) + ldap.remove(f"uid={username},ou=users") except Exception as e: raise YunohostError("user_deletion_failed", user=username, error=e) @@ -333,8 +324,8 @@ def user_delete(operation_logger, username, purge=False, from_import=False): subprocess.call(["nscd", "-i", "passwd"]) if purge: - subprocess.call(["rm", "-rf", "/home/{0}".format(username)]) - subprocess.call(["rm", "-rf", "/var/mail/{0}".format(username)]) + subprocess.call(["rm", "-rf", f"/home/{username}"]) + subprocess.call(["rm", "-rf", f"/var/mail/{username}"]) hook_callback("post_user_delete", args=[username, purge]) @@ -384,7 +375,7 @@ def user_update( ldap = _get_ldap_interface() attrs_to_fetch = ["givenName", "sn", "mail", "maildrop"] result = ldap.search( - base="ou=users,dc=yunohost,dc=org", + base="ou=users", filter="uid=" + username, attrs=attrs_to_fetch, ) @@ -513,7 +504,7 @@ def user_update( operation_logger.start() try: - ldap.update("uid=%s,ou=users" % username, new_attr_dict) + ldap.update(f"uid={username},ou=users", new_attr_dict) except Exception as e: raise YunohostError("user_update_failed", user=username, error=e) @@ -545,7 +536,7 @@ def user_info(username): else: filter = "uid=" + username - result = ldap.search("ou=users,dc=yunohost,dc=org", filter, user_attrs) + result = ldap.search("ou=users", filter, user_attrs) if result: user = result[0] @@ -584,11 +575,11 @@ def user_info(username): logger.warning(m18n.n("mailbox_disabled", user=username)) else: try: - cmd = "doveadm -f flow quota get -u %s" % user["uid"][0] - cmd_result = check_output(cmd) + uid_ = user["uid"][0] + cmd_result = check_output(f"doveadm -f flow quota get -u {uid_}") except Exception as e: cmd_result = "" - logger.warning("Failed to fetch quota info ... : %s " % str(e)) + logger.warning(f"Failed to fetch quota info ... : {e}") # Exemple of return value for cmd: # """Quota name=User quota Type=STORAGE Value=0 Limit=- %=0 @@ -714,8 +705,7 @@ def user_import(operation_logger, csvfile, update=False, delete=False): unknown_groups = [g for g in user["groups"] if g not in existing_groups] if unknown_groups: format_errors.append( - f"username '{user['username']}': unknown groups %s" - % ", ".join(unknown_groups) + f"username '{user['username']}': unknown groups {', '.join(unknown_groups)}" ) # Validate that domains exist @@ -736,8 +726,7 @@ def user_import(operation_logger, csvfile, update=False, delete=False): if unknown_domains: format_errors.append( - f"username '{user['username']}': unknown domains %s" - % ", ".join(unknown_domains) + f"username '{user['username']}': unknown domains {', '.join(unknown_domains)}" ) if format_errors: @@ -945,7 +934,7 @@ def user_group_list(short=False, full=False, include_primary_groups=True): ldap = _get_ldap_interface() groups_infos = ldap.search( - "ou=groups,dc=yunohost,dc=org", + "ou=groups", "(objectclass=groupOfNamesYnh)", ["cn", "member", "permission"], ) @@ -995,9 +984,7 @@ def user_group_create( ldap = _get_ldap_interface() # Validate uniqueness of groupname in LDAP - conflict = ldap.get_conflict( - {"cn": groupname}, base_dn="ou=groups,dc=yunohost,dc=org" - ) + conflict = ldap.get_conflict({"cn": groupname}, base_dn="ou=groups") if conflict: raise YunohostValidationError("group_already_exist", group=groupname) @@ -1009,7 +996,7 @@ def user_group_create( m18n.n("group_already_exist_on_system_but_removing_it", group=groupname) ) subprocess.check_call( - "sed --in-place '/^%s:/d' /etc/group" % groupname, shell=True + f"sed --in-place '/^{groupname}:/d' /etc/group", shell=True ) else: raise YunohostValidationError( @@ -1039,7 +1026,7 @@ def user_group_create( operation_logger.start() try: - ldap.add("cn=%s,ou=groups" % groupname, attr_dict) + ldap.add(f"cn={groupname},ou=groups", attr_dict) except Exception as e: raise YunohostError("group_creation_failed", group=groupname, error=e) @@ -1082,7 +1069,7 @@ def user_group_delete(operation_logger, groupname, force=False, sync_perm=True): operation_logger.start() ldap = _get_ldap_interface() try: - ldap.remove("cn=%s,ou=groups" % groupname) + ldap.remove(f"cn={groupname},ou=groups") except Exception as e: raise YunohostError("group_deletion_failed", group=groupname, error=e) @@ -1178,7 +1165,7 @@ def user_group_update( ldap = _get_ldap_interface() try: ldap.update( - "cn=%s,ou=groups" % groupname, + f"cn={groupname},ou=groups", {"member": set(new_group_dns), "memberUid": set(new_group)}, ) except Exception as e: @@ -1211,7 +1198,7 @@ def user_group_info(groupname): # Fetch info for this group result = ldap.search( - "ou=groups,dc=yunohost,dc=org", + "ou=groups", "cn=" + groupname, ["cn", "member", "permission"], ) @@ -1263,25 +1250,23 @@ def user_group_remove(groupname, usernames, force=False, sync_perm=True): def user_permission_list(short=False, full=False, apps=[]): - import yunohost.permission + from yunohost.permission import user_permission_list - return yunohost.permission.user_permission_list( - short, full, absolute_urls=True, apps=apps - ) + return user_permission_list(short, full, absolute_urls=True, apps=apps) def user_permission_update(permission, label=None, show_tile=None, sync_perm=True): - import yunohost.permission + from yunohost.permission import user_permission_update - return yunohost.permission.user_permission_update( + return user_permission_update( permission, label=label, show_tile=show_tile, sync_perm=sync_perm ) def user_permission_add(permission, names, protected=None, force=False, sync_perm=True): - import yunohost.permission + from yunohost.permission import user_permission_update - return yunohost.permission.user_permission_update( + return user_permission_update( permission, add=names, protected=protected, force=force, sync_perm=sync_perm ) @@ -1289,23 +1274,23 @@ def user_permission_add(permission, names, protected=None, force=False, sync_per def user_permission_remove( permission, names, protected=None, force=False, sync_perm=True ): - import yunohost.permission + from yunohost.permission import user_permission_update - return yunohost.permission.user_permission_update( + return user_permission_update( permission, remove=names, protected=protected, force=force, sync_perm=sync_perm ) def user_permission_reset(permission, sync_perm=True): - import yunohost.permission + from yunohost.permission import user_permission_reset - return yunohost.permission.user_permission_reset(permission, sync_perm=sync_perm) + return user_permission_reset(permission, sync_perm=sync_perm) def user_permission_info(permission): - import yunohost.permission + from yunohost.permission import user_permission_info - return yunohost.permission.user_permission_info(permission) + return user_permission_info(permission) # @@ -1334,9 +1319,9 @@ def user_ssh_remove_key(username, key): def _convertSize(num, suffix=""): for unit in ["K", "M", "G", "T", "P", "E", "Z"]: if abs(num) < 1024.0: - return "%3.1f%s%s" % (num, unit, suffix) + return "{:3.1f}{}{}".format(num, unit, suffix) num /= 1024.0 - return "%.1f%s%s" % (num, "Yi", suffix) + return "{:.1f}{}{}".format(num, "Yi", suffix) def _hash_user_password(password): diff --git a/src/yunohost/vendor/__init__.py b/src/utils/__init__.py similarity index 100% rename from src/yunohost/vendor/__init__.py rename to src/utils/__init__.py diff --git a/src/yunohost/utils/config.py b/src/utils/config.py similarity index 84% rename from src/yunohost/utils/config.py rename to src/utils/config.py index 4ee62c6f7..b8ea93589 100644 --- a/src/yunohost/utils/config.py +++ b/src/utils/config.py @@ -19,6 +19,7 @@ """ +import glob import os import re import urllib.parse @@ -27,7 +28,7 @@ import shutil import ast import operator as op from collections import OrderedDict -from typing import Optional, Dict, List, Union, Any, Mapping +from typing import Optional, Dict, List, Union, Any, Mapping, Callable from moulinette.interfaces.cli import colorize from moulinette import Moulinette, m18n @@ -51,7 +52,10 @@ CONFIG_PANEL_VERSION_SUPPORTED = 1.0 # Those js-like evaluate functions are used to eval safely visible attributes # The goal is to evaluate in the same way than js simple-evaluate # https://github.com/shepherdwind/simple-evaluate -def evaluate_simple_ast(node, context={}): +def evaluate_simple_ast(node, context=None): + if context is None: + context = {} + operators = { ast.Not: op.not_, ast.Mult: op.mul, @@ -189,13 +193,64 @@ def evaluate_simple_js_expression(expr, context={}): class ConfigPanel: - def __init__(self, config_path, save_path=None): + entity_type = "config" + save_path_tpl: Union[str, None] = None + config_path_tpl = "/usr/share/yunohost/config_{entity_type}.toml" + save_mode = "full" + + @classmethod + def list(cls): + """ + List available config panel + """ + try: + entities = [ + re.match( + "^" + cls.save_path_tpl.format(entity="(?p)") + "$", f + ).group("entity") + for f in glob.glob(cls.save_path_tpl.format(entity="*")) + if os.path.isfile(f) + ] + except FileNotFoundError: + entities = [] + return entities + + def __init__(self, entity, config_path=None, save_path=None, creation=False): + self.entity = entity self.config_path = config_path + if not config_path: + self.config_path = self.config_path_tpl.format( + entity=entity, entity_type=self.entity_type + ) self.save_path = save_path + if not save_path and self.save_path_tpl: + self.save_path = self.save_path_tpl.format(entity=entity) self.config = {} self.values = {} self.new_values = {} + if ( + self.save_path + and self.save_mode != "diff" + and not creation + and not os.path.exists(self.save_path) + ): + raise YunohostValidationError( + f"{self.entity_type}_unknown", **{self.entity_type: entity} + ) + if self.save_path and creation and os.path.exists(self.save_path): + raise YunohostValidationError( + f"{self.entity_type}_exists", **{self.entity_type: entity} + ) + + # Search for hooks in the config panel + self.hooks = { + func: getattr(self, func) + for func in dir(self) + if callable(getattr(self, func)) + and re.match("^(validate|post_ask)__", func) + } + def get(self, key="", mode="classic"): self.filter_key = key or "" @@ -230,8 +285,10 @@ class ConfigPanel: ask = m18n.n(self.config["i18n"] + "_" + option["id"]) if mode == "full": - # edit self.config directly option["ask"] = ask + question_class = ARGUMENTS_TYPE_PARSERS[option.get("type", "string")] + # FIXME : maybe other properties should be taken from the question, not just choices ?. + option["choices"] = question_class(option).choices else: result[key] = {"ask": ask} if "current_value" in option: @@ -274,19 +331,12 @@ class ConfigPanel: # Import and parse pre-answered options logger.debug("Import and parse pre-answered options") - args = urllib.parse.parse_qs(args or "", keep_blank_values=True) - self.args = {key: ",".join(value_) for key, value_ in args.items()} - - if args_file: - # Import YAML / JSON file but keep --args values - self.args = {**read_yaml(args_file), **self.args} - - if value is not None: - self.args = {self.filter_key.split(".")[-1]: value} + self._parse_pre_answered(args, value, args_file) # Read or get values and hydrate the config self._load_current_values() self._hydrate() + Question.operation_logger = operation_logger self._ask() if operation_logger: @@ -390,6 +440,7 @@ class ConfigPanel: "step", "accept", "redact", + "filter", ], "defaults": {}, }, @@ -525,7 +576,15 @@ class ConfigPanel: display_header(f"\n# {name}") # Check and ask unanswered questions - questions = ask_questions_and_parse_answers(section["options"], self.args) + prefilled_answers = self.args.copy() + prefilled_answers.update(self.new_values) + + questions = ask_questions_and_parse_answers( + section["options"], + prefilled_answers=prefilled_answers, + current_values=self.values, + hooks=self.hooks, + ) self.new_values.update( { question.name: question.value @@ -543,20 +602,42 @@ class ConfigPanel: if "default" in option } + @property + def future_values(self): # TODO put this in ConfigPanel ? + return {**self.values, **self.new_values} + + def __getattr__(self, name): + if "new_values" in self.__dict__ and name in self.new_values: + return self.new_values[name] + + if "values" in self.__dict__ and name in self.values: + return self.values[name] + + return self.__dict__[name] + def _load_current_values(self): """ Retrieve entries in YAML file And set default values if needed """ - # Retrieve entries in the YAML - on_disk_settings = {} - if os.path.exists(self.save_path) and os.path.isfile(self.save_path): - on_disk_settings = read_yaml(self.save_path) or {} - # Inject defaults if needed (using the magic .update() ;)) self.values = self._get_default_values() - self.values.update(on_disk_settings) + + # Retrieve entries in the YAML + if os.path.exists(self.save_path) and os.path.isfile(self.save_path): + self.values.update(read_yaml(self.save_path) or {}) + + def _parse_pre_answered(self, args, value, args_file): + args = urllib.parse.parse_qs(args or "", keep_blank_values=True) + self.args = {key: ",".join(value_) for key, value_ in args.items()} + + if args_file: + # Import YAML / JSON file but keep --args values + self.args = {**read_yaml(args_file), **self.args} + + if value is not None: + self.args = {self.filter_key.split(".")[-1]: value} def _apply(self): logger.info("Saving the new configuration...") @@ -564,7 +645,7 @@ class ConfigPanel: if not os.path.exists(dir_path): mkdir(dir_path, mode=0o700) - values_to_save = {**self.values, **self.new_values} + values_to_save = self.future_values if self.save_mode == "diff": defaults = self._get_default_values() values_to_save = { @@ -587,8 +668,8 @@ class ConfigPanel: if services_to_reload: logger.info("Reloading services...") for service in services_to_reload: - if hasattr(self, "app"): - service = service.replace("__APP__", self.app) + if hasattr(self, "entity"): + service = service.replace("__APP__", self.entity) service_reload_or_restart(service) def _iterate(self, trigger=["option"]): @@ -603,26 +684,35 @@ class ConfigPanel: yield (panel, section, option) -class Question(object): +class Question: hide_user_input_in_prompt = False pattern: Optional[Dict] = None - def __init__(self, question: Dict[str, Any], context: Mapping[str, Any] = {}): + def __init__( + self, + question: Dict[str, Any], + context: Mapping[str, Any] = {}, + hooks: Dict[str, Callable] = {}, + ): self.name = question["name"] + self.context = context + self.hooks = hooks self.type = question.get("type", "string") self.default = question.get("default", None) self.optional = question.get("optional", False) self.visible = question.get("visible", None) - self.context = context self.choices = question.get("choices", []) self.pattern = question.get("pattern", self.pattern) self.ask = question.get("ask", {"en": self.name}) self.help = question.get("help") self.redact = question.get("redact", False) + self.filter = question.get("filter", "true") # .current_value is the currently stored value self.current_value = question.get("current_value") # .value is the "proposed" value which we got from the user self.value = question.get("value") + # Use to return several values in case answer is in mutipart + self.values: Dict[str, Any] = {} # Empty value is parsed as empty string if self.default == "": @@ -663,8 +753,8 @@ class Question(object): # - we doesn't want to give a specific value # - we want to keep the previous value # - we want the default value - self.value = None - return self.value + self.value = self.values[self.name] = None + return self.values for i in range(5): # Display question if no value filled or if it's a readonly message @@ -698,9 +788,14 @@ class Question(object): break - self.value = self._post_parse_value() + self.value = self.values[self.name] = self._post_parse_value() - return self.value + # Search for post actions in hooks + post_hook = f"post_ask__{self.name}" + if post_hook in self.hooks: + self.values.update(self.hooks[post_hook](self)) + + return self.values def _prevalidate(self): if self.value in [None, ""] and not self.optional: @@ -864,8 +959,10 @@ class PasswordQuestion(Question): default_value = "" forbidden_chars = "{}" - def __init__(self, question, context: Mapping[str, Any] = {}): - super().__init__(question, context) + def __init__( + self, question, context: Mapping[str, Any] = {}, hooks: Dict[str, Callable] = {} + ): + super().__init__(question, context, hooks) self.redact = True if self.default is not None: raise YunohostValidationError( @@ -983,8 +1080,10 @@ class BooleanQuestion(Question): choices="yes/no", ) - def __init__(self, question, context: Mapping[str, Any] = {}): - super().__init__(question, context) + def __init__( + self, question, context: Mapping[str, Any] = {}, hooks: Dict[str, Callable] = {} + ): + super().__init__(question, context, hooks) self.yes = question.get("yes", 1) self.no = question.get("no", 0) if self.default is None: @@ -1004,15 +1103,20 @@ class BooleanQuestion(Question): class DomainQuestion(Question): argument_type = "domain" - def __init__(self, question, context: Mapping[str, Any] = {}): + def __init__( + self, question, context: Mapping[str, Any] = {}, hooks: Dict[str, Callable] = {} + ): from yunohost.domain import domain_list, _get_maindomain - super().__init__(question, context) + super().__init__(question, context, hooks) if self.default is None: self.default = _get_maindomain() - self.choices = domain_list()["domains"] + self.choices = { + domain: domain + " ★" if domain == self.default else domain + for domain in domain_list()["domains"] + } @staticmethod def normalize(value, option={}): @@ -1027,15 +1131,48 @@ class DomainQuestion(Question): return value +class AppQuestion(Question): + argument_type = "app" + + def __init__( + self, question, context: Mapping[str, Any] = {}, hooks: Dict[str, Callable] = {} + ): + from yunohost.app import app_list + + super().__init__(question, context, hooks) + + apps = app_list(full=True)["apps"] + + if self.filter: + apps = [ + app + for app in apps + if evaluate_simple_js_expression(self.filter, context=app) + ] + + def _app_display(app): + domain_path_or_id = f" ({app.get('domain_path', app['id'])})" + return app["label"] + domain_path_or_id + + self.choices = {"_none": "---"} + self.choices.update({app["id"]: _app_display(app) for app in apps}) + + class UserQuestion(Question): argument_type = "user" - def __init__(self, question, context: Mapping[str, Any] = {}): + def __init__( + self, question, context: Mapping[str, Any] = {}, hooks: Dict[str, Callable] = {} + ): from yunohost.user import user_list, user_info from yunohost.domain import _get_maindomain - super().__init__(question, context) - self.choices = list(user_list()["users"].keys()) + super().__init__(question, context, hooks) + + self.choices = { + username: f"{infos['fullname']} ({infos['mail']})" + for username, infos in user_list()["users"].items() + } if not self.choices: raise YunohostValidationError( @@ -1046,7 +1183,7 @@ class UserQuestion(Question): if self.default is None: root_mail = "root@%s" % _get_maindomain() - for user in self.choices: + for user in self.choices.keys(): if root_mail in user_info(user).get("mail-aliases", []): self.default = user break @@ -1056,8 +1193,10 @@ class NumberQuestion(Question): argument_type = "number" default_value = None - def __init__(self, question, context: Mapping[str, Any] = {}): - super().__init__(question, context) + def __init__( + self, question, context: Mapping[str, Any] = {}, hooks: Dict[str, Callable] = {} + ): + super().__init__(question, context, hooks) self.min = question.get("min", None) self.max = question.get("max", None) self.step = question.get("step", None) @@ -1108,8 +1247,10 @@ class DisplayTextQuestion(Question): argument_type = "display_text" readonly = True - def __init__(self, question, context: Mapping[str, Any] = {}): - super().__init__(question, context) + def __init__( + self, question, context: Mapping[str, Any] = {}, hooks: Dict[str, Callable] = {} + ): + super().__init__(question, context, hooks) self.optional = True self.style = question.get( @@ -1143,8 +1284,10 @@ class FileQuestion(Question): if os.path.exists(upload_dir): shutil.rmtree(upload_dir) - def __init__(self, question, context: Mapping[str, Any] = {}): - super().__init__(question, context) + def __init__( + self, question, context: Mapping[str, Any] = {}, hooks: Dict[str, Callable] = {} + ): + super().__init__(question, context, hooks) self.accept = question.get("accept", "") def _prevalidate(self): @@ -1210,11 +1353,15 @@ ARGUMENTS_TYPE_PARSERS = { "alert": DisplayTextQuestion, "markdown": DisplayTextQuestion, "file": FileQuestion, + "app": AppQuestion, } def ask_questions_and_parse_answers( - raw_questions: Dict, prefilled_answers: Union[str, Mapping[str, Any]] = {} + raw_questions: Dict, + prefilled_answers: Union[str, Mapping[str, Any]] = {}, + current_values: Mapping[str, Any] = {}, + hooks: Dict[str, Callable[[], None]] = {}, ) -> List[Question]: """Parse arguments store in either manifest.json or actions.json or from a config panel against the user answers when they are present. @@ -1241,13 +1388,31 @@ def ask_questions_and_parse_answers( else: answers = {} + context = {**current_values, **answers} out = [] for raw_question in raw_questions: question_class = ARGUMENTS_TYPE_PARSERS[raw_question.get("type", "string")] raw_question["value"] = answers.get(raw_question["name"]) - question = question_class(raw_question, context=answers) - answers[question.name] = question.ask_if_needed() + question = question_class(raw_question, context=context, hooks=hooks) + new_values = question.ask_if_needed() + answers.update(new_values) + context.update(new_values) out.append(question) return out + + +def hydrate_questions_with_choices(raw_questions: List) -> List: + out = [] + + for raw_question in raw_questions: + question = ARGUMENTS_TYPE_PARSERS[raw_question.get("type", "string")]( + raw_question + ) + if question.choices: + raw_question["choices"] = question.choices + raw_question["default"] = question.default + out.append(raw_question) + + return out diff --git a/src/yunohost/utils/dns.py b/src/utils/dns.py similarity index 100% rename from src/yunohost/utils/dns.py rename to src/utils/dns.py diff --git a/src/yunohost/utils/error.py b/src/utils/error.py similarity index 92% rename from src/yunohost/utils/error.py rename to src/utils/error.py index 8405830e7..a92f3bd5a 100644 --- a/src/yunohost/utils/error.py +++ b/src/utils/error.py @@ -19,7 +19,7 @@ """ -from moulinette.core import MoulinetteError +from moulinette.core import MoulinetteError, MoulinetteAuthenticationError from moulinette import m18n @@ -60,3 +60,8 @@ class YunohostValidationError(YunohostError): def content(self): return {"error": self.strerror, "error_key": self.key, **self.kwargs} + + +class YunohostAuthenticationError(MoulinetteAuthenticationError): + + pass diff --git a/src/yunohost/utils/filesystem.py b/src/utils/filesystem.py similarity index 100% rename from src/yunohost/utils/filesystem.py rename to src/utils/filesystem.py diff --git a/src/yunohost/utils/i18n.py b/src/utils/i18n.py similarity index 100% rename from src/yunohost/utils/i18n.py rename to src/utils/i18n.py diff --git a/src/yunohost/utils/ldap.py b/src/utils/ldap.py similarity index 98% rename from src/yunohost/utils/ldap.py rename to src/utils/ldap.py index 651d09f75..98c0fecf7 100644 --- a/src/yunohost/utils/ldap.py +++ b/src/utils/ldap.py @@ -140,6 +140,8 @@ class LDAPInterface: """ if not base: base = self.basedn + else: + base = base + "," + self.basedn try: result = self.con.search_s(base, ldap.SCOPE_SUBTREE, filter, attrs) @@ -241,7 +243,7 @@ class LDAPInterface: """ dn = rdn + "," + self.basedn - actual_entry = self.search(base=dn, attrs=None) + actual_entry = self.search(rdn, attrs=None) ldif = modlist.modifyModlist(actual_entry[0], attr_dict, ignore_oldexistent=1) if ldif == []: diff --git a/src/yunohost/utils/legacy.py b/src/utils/legacy.py similarity index 52% rename from src/yunohost/utils/legacy.py rename to src/utils/legacy.py index 87c163f1b..85898f28d 100644 --- a/src/yunohost/utils/legacy.py +++ b/src/utils/legacy.py @@ -1,28 +1,16 @@ import os import re import glob -from moulinette import m18n from moulinette.core import MoulinetteError from moulinette.utils.log import getActionLogger from moulinette.utils.filesystem import ( read_file, write_to_file, - write_to_json, write_to_yaml, + write_to_json, read_yaml, ) -from yunohost.user import user_list -from yunohost.app import ( - _installed_apps, - _get_app_settings, - _set_app_settings, -) -from yunohost.permission import ( - permission_create, - user_permission_update, - permission_sync_to_user, -) from yunohost.utils.error import YunohostValidationError @@ -81,93 +69,9 @@ def legacy_permission_label(app, permission_type): ) -def migrate_legacy_permission_settings(app=None): - - logger.info(m18n.n("migrating_legacy_permission_settings")) - apps = _installed_apps() - - if app: - if app not in apps: - logger.error( - "Can't migrate permission for app %s because it ain't installed..." - % app - ) - apps = [] - else: - apps = [app] - - for app in apps: - - settings = _get_app_settings(app) or {} - if settings.get("label"): - user_permission_update( - app + ".main", label=settings["label"], sync_perm=False - ) - del settings["label"] - - def _setting(name): - s = settings.get(name) - return s.split(",") if s else [] - - skipped_urls = [uri for uri in _setting("skipped_uris") if uri != "/"] - skipped_urls += ["re:" + regex for regex in _setting("skipped_regex")] - unprotected_urls = [uri for uri in _setting("unprotected_uris") if uri != "/"] - unprotected_urls += ["re:" + regex for regex in _setting("unprotected_regex")] - protected_urls = [uri for uri in _setting("protected_uris") if uri != "/"] - protected_urls += ["re:" + regex for regex in _setting("protected_regex")] - - if skipped_urls != []: - permission_create( - app + ".legacy_skipped_uris", - additional_urls=skipped_urls, - auth_header=False, - label=legacy_permission_label(app, "skipped"), - show_tile=False, - allowed="visitors", - protected=True, - sync_perm=False, - ) - if unprotected_urls != []: - permission_create( - app + ".legacy_unprotected_uris", - additional_urls=unprotected_urls, - auth_header=True, - label=legacy_permission_label(app, "unprotected"), - show_tile=False, - allowed="visitors", - protected=True, - sync_perm=False, - ) - if protected_urls != []: - permission_create( - app + ".legacy_protected_uris", - additional_urls=protected_urls, - auth_header=True, - label=legacy_permission_label(app, "protected"), - show_tile=False, - allowed=[], - protected=True, - sync_perm=False, - ) - - legacy_permission_settings = [ - "skipped_uris", - "unprotected_uris", - "protected_uris", - "skipped_regex", - "unprotected_regex", - "protected_regex", - ] - for key in legacy_permission_settings: - if key in settings: - del settings[key] - - _set_app_settings(app, settings) - - permission_sync_to_user() - - -def translate_legacy_rules_in_ssowant_conf_json_persistent(): +def translate_legacy_default_app_in_ssowant_conf_json_persistent(): + from yunohost.app import app_list + from yunohost.domain import domain_config_set persistent_file_name = "/etc/ssowat/conf.json.persistent" if not os.path.exists(persistent_file_name): @@ -179,91 +83,67 @@ def translate_legacy_rules_in_ssowant_conf_json_persistent(): # Ugly hack to try not to misarably fail migration persistent = read_yaml(persistent_file_name) - legacy_rules = [ - "skipped_urls", - "unprotected_urls", - "protected_urls", - "skipped_regex", - "unprotected_regex", - "protected_regex", - ] - - if not any(legacy_rule in persistent for legacy_rule in legacy_rules): + if "redirected_urls" not in persistent: return - if not isinstance(persistent.get("permissions"), dict): - persistent["permissions"] = {} + redirected_urls = persistent["redirected_urls"] - skipped_urls = persistent.get("skipped_urls", []) + [ - "re:" + r for r in persistent.get("skipped_regex", []) - ] - protected_urls = persistent.get("protected_urls", []) + [ - "re:" + r for r in persistent.get("protected_regex", []) - ] - unprotected_urls = persistent.get("unprotected_urls", []) + [ - "re:" + r for r in persistent.get("unprotected_regex", []) - ] + if not any( + from_url.count("/") == 1 and from_url.endswith("/") + for from_url in redirected_urls + ): + return - known_users = list(user_list()["users"].keys()) + apps = app_list()["apps"] - for legacy_rule in legacy_rules: - if legacy_rule in persistent: - del persistent[legacy_rule] + if not any(app.get("domain_path") in redirected_urls.values() for app in apps): + return - if skipped_urls: - persistent["permissions"]["custom_skipped"] = { - "users": [], - "label": "Custom permissions - skipped", - "show_tile": False, - "auth_header": False, - "public": True, - "uris": skipped_urls - + persistent["permissions"].get("custom_skipped", {}).get("uris", []), - } + for from_url, dest_url in redirected_urls.copy().items(): + # Not a root domain, skip + if from_url.count("/") != 1 or not from_url.endswith("/"): + continue + for app in apps: + if app.get("domain_path") != dest_url: + continue + domain_config_set(from_url.strip("/"), "feature.app.default_app", app["id"]) + del redirected_urls[from_url] - if unprotected_urls: - persistent["permissions"]["custom_unprotected"] = { - "users": [], - "label": "Custom permissions - unprotected", - "show_tile": False, - "auth_header": True, - "public": True, - "uris": unprotected_urls - + persistent["permissions"].get("custom_unprotected", {}).get("uris", []), - } - - if protected_urls: - persistent["permissions"]["custom_protected"] = { - "users": known_users, - "label": "Custom permissions - protected", - "show_tile": False, - "auth_header": True, - "public": False, - "uris": protected_urls - + persistent["permissions"].get("custom_protected", {}).get("uris", []), - } + persistent["redirected_urls"] = redirected_urls write_to_json(persistent_file_name, persistent, sort_keys=True, indent=4) logger.warning( - "YunoHost automatically translated some legacy rules in /etc/ssowat/conf.json.persistent to match the new permission system" + "YunoHost automatically translated some legacy redirections in /etc/ssowat/conf.json.persistent to match the new default application using domain configuration" ) LEGACY_PHP_VERSION_REPLACEMENTS = [ - ("/etc/php5", "/etc/php/7.3"), - ("/etc/php/7.0", "/etc/php/7.3"), - ("/var/run/php5-fpm", "/var/run/php/php7.3-fpm"), - ("/var/run/php/php7.0-fpm", "/var/run/php/php7.3-fpm"), - ("php5", "php7.3"), - ("php7.0", "php7.3"), + ("/etc/php5", "/etc/php/7.4"), + ("/etc/php/7.0", "/etc/php/7.4"), + ("/etc/php/7.3", "/etc/php/7.4"), + ("/var/run/php5-fpm", "/var/run/php/php7.4-fpm"), + ("/var/run/php/php7.0-fpm", "/var/run/php/php7.4-fpm"), + ("/var/run/php/php7.3-fpm", "/var/run/php/php7.4-fpm"), + ("php5", "php7.4"), + ("php7.0", "php7.4"), + ("php7.3", "php7.4"), + ('YNH_PHP_VERSION="7.3"', 'YNH_PHP_VERSION="7.4"'), ( 'phpversion="${phpversion:-7.0}"', + 'phpversion="${phpversion:-7.4}"', + ), # Many helpers like the composer ones use 7.0 by default ... + ( 'phpversion="${phpversion:-7.3}"', + 'phpversion="${phpversion:-7.4}"', ), # Many helpers like the composer ones use 7.0 by default ... ( '"$phpversion" == "7.0"', - '$(bc <<< "$phpversion >= 7.3") -eq 1', + '$(bc <<< "$phpversion >= 7.4") -eq 1', + ), # patch ynh_install_php to refuse installing/removing php <= 7.3 + ( + '"$phpversion" == "7.3"', + '$(bc <<< "$phpversion >= 7.4") -eq 1', ), # patch ynh_install_php to refuse installing/removing php <= 7.3 ] @@ -286,10 +166,7 @@ def _patch_legacy_php_versions(app_folder): c = ( "sed -i " - + "".join( - "-e 's@{pattern}@{replace}@g' ".format(pattern=p, replace=r) - for p, r in LEGACY_PHP_VERSION_REPLACEMENTS - ) + + "".join(f"-e 's@{p}@{r}@g' " for p, r in LEGACY_PHP_VERSION_REPLACEMENTS) + "%s" % filename ) os.system(c) @@ -299,15 +176,19 @@ def _patch_legacy_php_versions_in_settings(app_folder): settings = read_yaml(os.path.join(app_folder, "settings.yml")) - if settings.get("fpm_config_dir") == "/etc/php/7.0/fpm": - settings["fpm_config_dir"] = "/etc/php/7.3/fpm" - if settings.get("fpm_service") == "php7.0-fpm": - settings["fpm_service"] = "php7.3-fpm" - if settings.get("phpversion") == "7.0": - settings["phpversion"] = "7.3" + if settings.get("fpm_config_dir") in ["/etc/php/7.0/fpm", "/etc/php/7.3/fpm"]: + settings["fpm_config_dir"] = "/etc/php/7.4/fpm" + if settings.get("fpm_service") in ["php7.0-fpm", "php7.3-fpm"]: + settings["fpm_service"] = "php7.4-fpm" + if settings.get("phpversion") in ["7.0", "7.3"]: + settings["phpversion"] = "7.4" # We delete these checksums otherwise the file will appear as manually modified - list_to_remove = ["checksum__etc_php_7.0_fpm_pool", "checksum__etc_nginx_conf.d"] + list_to_remove = [ + "checksum__etc_php_7.3_fpm_pool", + "checksum__etc_php_7.0_fpm_pool", + "checksum__etc_nginx_conf.d", + ] settings = { k: v for k, v in settings.items() @@ -324,36 +205,10 @@ def _patch_legacy_helpers(app_folder): files_to_patch.extend(glob.glob("%s/scripts/.*" % app_folder)) stuff_to_replace = { - # Replace - # sudo yunohost app initdb $db_user -p $db_pwd - # by - # ynh_mysql_setup_db --db_user=$db_user --db_name=$db_user --db_pwd=$db_pwd - "yunohost app initdb": { - "pattern": r"(sudo )?yunohost app initdb \"?(\$\{?\w+\}?)\"?\s+-p\s\"?(\$\{?\w+\}?)\"?", - "replace": r"ynh_mysql_setup_db --db_user=\2 --db_name=\2 --db_pwd=\3", - "important": True, - }, - # Replace - # sudo yunohost app checkport whaterver - # by - # ynh_port_available whatever - "yunohost app checkport": { - "pattern": r"(sudo )?yunohost app checkport", - "replace": r"ynh_port_available", - "important": True, - }, - # We can't migrate easily port-available - # .. but at the time of writing this code, only two non-working apps are using it. + "yunohost app initdb": {"important": True}, + "yunohost app checkport": {"important": True}, "yunohost tools port-available": {"important": True}, - # Replace - # yunohost app checkurl "${domain}${path_url}" -a "${app}" - # by - # ynh_webpath_register --app=${app} --domain=${domain} --path_url=${path_url} - "yunohost app checkurl": { - "pattern": r"(sudo )?yunohost app checkurl \"?(\$\{?\w+\}?)\/?(\$\{?\w+\}?)\"?\s+-a\s\"?(\$\{?\w+\}?)\"?", - "replace": r"ynh_webpath_register --app=\4 --domain=\2 --path_url=\3", - "important": True, - }, + "yunohost app checkurl": {"important": True}, # Remove # Automatic diagnosis data from YunoHost # __PRE_TAG1__$(yunohost tools diagnosis | ...)__PRE_TAG2__" @@ -366,24 +221,15 @@ def _patch_legacy_helpers(app_folder): # Old $1, $2 in backup/restore scripts... "app=$2": { "only_for": ["scripts/backup", "scripts/restore"], - "pattern": r"app=\$2", - "replace": r"app=$YNH_APP_INSTANCE_NAME", "important": True, }, # Old $1, $2 in backup/restore scripts... "backup_dir=$1": { "only_for": ["scripts/backup", "scripts/restore"], - "pattern": r"backup_dir=\$1", - "replace": r"backup_dir=.", "important": True, }, # Old $1, $2 in backup/restore scripts... - "restore_dir=$1": { - "only_for": ["scripts/restore"], - "pattern": r"restore_dir=\$1", - "replace": r"restore_dir=.", - "important": True, - }, + "restore_dir=$1": {"only_for": ["scripts/restore"], "important": True}, # Old $1, $2 in install scripts... # We ain't patching that shit because it ain't trivial to patch all args... "domain=$1": {"only_for": ["scripts/install"], "important": True}, diff --git a/src/yunohost/utils/network.py b/src/utils/network.py similarity index 97% rename from src/yunohost/utils/network.py rename to src/utils/network.py index 4474af14f..28dcb204c 100644 --- a/src/yunohost/utils/network.py +++ b/src/utils/network.py @@ -44,7 +44,7 @@ def get_public_ip(protocol=4): ): ip = read_file(cache_file).strip() ip = ip if ip else None # Empty file (empty string) means there's no IP - logger.debug("Reusing IPv%s from cache: %s" % (protocol, ip)) + logger.debug(f"Reusing IPv{protocol} from cache: {ip}") else: ip = get_public_ip_from_remote_server(protocol) logger.debug("IP fetched: %s" % ip) @@ -87,7 +87,7 @@ def get_public_ip_from_remote_server(protocol=4): try: return download_text(url, timeout=30).strip() except Exception as e: - logger.debug("Could not get public IPv%s : %s" % (str(protocol), str(e))) + logger.debug(f"Could not get public IPv{protocol} : {e}") return None diff --git a/src/yunohost/utils/packages.py b/src/utils/packages.py similarity index 100% rename from src/yunohost/utils/packages.py rename to src/utils/packages.py diff --git a/src/yunohost/utils/password.py b/src/utils/password.py similarity index 98% rename from src/yunohost/utils/password.py rename to src/utils/password.py index 188850183..5b8372962 100644 --- a/src/yunohost/utils/password.py +++ b/src/utils/password.py @@ -36,7 +36,7 @@ SMALL_PWD_LIST = [ "rpi", ] -MOST_USED_PASSWORDS = "/usr/share/yunohost/other/password/100000-most-used.txt" +MOST_USED_PASSWORDS = "/usr/share/yunohost/100000-most-used-passwords.txt" # Length, digits, lowers, uppers, others STRENGTH_LEVELS = [ @@ -51,7 +51,7 @@ def assert_password_is_strong_enough(profile, password): PasswordValidator(profile).validate(password) -class PasswordValidator(object): +class PasswordValidator: def __init__(self, profile): """ Initialize a password validator. diff --git a/src/yunohost/utils/yunopaste.py b/src/utils/yunopaste.py similarity index 98% rename from src/yunohost/utils/yunopaste.py rename to src/utils/yunopaste.py index 0c3e3c998..35e829991 100644 --- a/src/yunohost/utils/yunopaste.py +++ b/src/utils/yunopaste.py @@ -49,7 +49,7 @@ def yunopaste(data): raw_msg=True, ) - return "%s/raw/%s" % (paste_server, url) + return "{}/raw/{}".format(paste_server, url) def anonymize(data): diff --git a/src/yunohost/vendor/acme_tiny/__init__.py b/src/vendor/__init__.py similarity index 100% rename from src/yunohost/vendor/acme_tiny/__init__.py rename to src/vendor/__init__.py diff --git a/src/vendor/acme_tiny/__init__.py b/src/vendor/acme_tiny/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/src/yunohost/vendor/acme_tiny/acme_tiny.py b/src/vendor/acme_tiny/acme_tiny.py similarity index 91% rename from src/yunohost/vendor/acme_tiny/acme_tiny.py rename to src/vendor/acme_tiny/acme_tiny.py index 3c13d13ec..0d2534df9 100644 --- a/src/yunohost/vendor/acme_tiny/acme_tiny.py +++ b/src/vendor/acme_tiny/acme_tiny.py @@ -38,7 +38,7 @@ def get_crt( ) out, err = proc.communicate(cmd_input) if proc.returncode != 0: - raise IOError("{0}\n{1}".format(err_msg, err)) + raise IOError("{}\n{}".format(err_msg, err)) return out # helper function - make request and automatically parse json response @@ -74,7 +74,7 @@ def get_crt( raise IndexError(resp_data) # allow 100 retrys for bad nonces if code not in [200, 201, 204]: raise ValueError( - "{0}:\nUrl: {1}\nData: {2}\nResponse Code: {3}\nResponse: {4}".format( + "{}:\nUrl: {}\nData: {}\nResponse Code: {}\nResponse: {}".format( err_msg, url, data, code, resp_data ) ) @@ -89,7 +89,7 @@ def get_crt( {"jwk": jwk} if acct_headers is None else {"kid": acct_headers["Location"]} ) protected64 = _b64(json.dumps(protected).encode("utf8")) - protected_input = "{0}.{1}".format(protected64, payload64).encode("utf8") + protected_input = "{}.{}".format(protected64, payload64).encode("utf8") out = _cmd( ["openssl", "dgst", "-sha256", "-sign", account_key], stdin=subprocess.PIPE, @@ -125,8 +125,8 @@ def get_crt( pub_hex, pub_exp = re.search( pub_pattern, out.decode("utf8"), re.MULTILINE | re.DOTALL ).groups() - pub_exp = "{0:x}".format(int(pub_exp)) - pub_exp = "0{0}".format(pub_exp) if len(pub_exp) % 2 else pub_exp + pub_exp = "{:x}".format(int(pub_exp)) + pub_exp = "0{}".format(pub_exp) if len(pub_exp) % 2 else pub_exp alg = "RS256" jwk = { "e": _b64(binascii.unhexlify(pub_exp.encode("utf-8"))), @@ -140,9 +140,9 @@ def get_crt( log.info("Parsing CSR...") out = _cmd( ["openssl", "req", "-in", csr, "-noout", "-text"], - err_msg="Error loading {0}".format(csr), + err_msg="Error loading {}".format(csr), ) - domains = set([]) + domains = set() common_name = re.search(r"Subject:.*? CN\s?=\s?([^\s,;/]+)", out.decode("utf8")) if common_name is not None: domains.add(common_name.group(1)) @@ -155,7 +155,7 @@ def get_crt( for san in subject_alt_names.group(1).split(", "): if san.startswith("DNS:"): domains.add(san[4:]) - log.info("Found domains: {0}".format(", ".join(domains))) + log.info("Found domains: {}".format(", ".join(domains))) # get the ACME directory of urls log.info("Getting directory...") @@ -178,7 +178,7 @@ def get_crt( {"contact": contact}, "Error updating contact details", ) - log.info("Updated contact details:\n{0}".format("\n".join(account["contact"]))) + log.info("Updated contact details:\n{}".format("\n".join(account["contact"]))) # create a new order log.info("Creating new order...") @@ -194,46 +194,46 @@ def get_crt( auth_url, None, "Error getting challenges" ) domain = authorization["identifier"]["value"] - log.info("Verifying {0}...".format(domain)) + log.info("Verifying {}...".format(domain)) # find the http-01 challenge and write the challenge file challenge = [c for c in authorization["challenges"] if c["type"] == "http-01"][ 0 ] token = re.sub(r"[^A-Za-z0-9_\-]", "_", challenge["token"]) - keyauthorization = "{0}.{1}".format(token, thumbprint) + keyauthorization = "{}.{}".format(token, thumbprint) wellknown_path = os.path.join(acme_dir, token) with open(wellknown_path, "w") as wellknown_file: wellknown_file.write(keyauthorization) # check that the file is in place try: - wellknown_url = "http://{0}/.well-known/acme-challenge/{1}".format( + wellknown_url = "http://{}/.well-known/acme-challenge/{}".format( domain, token ) assert disable_check or _do_request(wellknown_url)[0] == keyauthorization except (AssertionError, ValueError) as e: raise ValueError( - "Wrote file to {0}, but couldn't download {1}: {2}".format( + "Wrote file to {}, but couldn't download {}: {}".format( wellknown_path, wellknown_url, e ) ) # say the challenge is done _send_signed_request( - challenge["url"], {}, "Error submitting challenges: {0}".format(domain) + challenge["url"], {}, "Error submitting challenges: {}".format(domain) ) authorization = _poll_until_not( auth_url, ["pending"], - "Error checking challenge status for {0}".format(domain), + "Error checking challenge status for {}".format(domain), ) if authorization["status"] != "valid": raise ValueError( - "Challenge did not pass for {0}: {1}".format(domain, authorization) + "Challenge did not pass for {}: {}".format(domain, authorization) ) os.remove(wellknown_path) - log.info("{0} verified!".format(domain)) + log.info("{} verified!".format(domain)) # finalize the order with the csr log.info("Signing certificate...") @@ -251,7 +251,7 @@ def get_crt( "Error checking order status", ) if order["status"] != "valid": - raise ValueError("Order failed: {0}".format(order)) + raise ValueError("Order failed: {}".format(order)) # download the certificate certificate_pem, _, _ = _send_signed_request( diff --git a/src/yunohost/vendor/spectre-meltdown-checker/Dockerfile b/src/vendor/spectre-meltdown-checker/Dockerfile similarity index 100% rename from src/yunohost/vendor/spectre-meltdown-checker/Dockerfile rename to src/vendor/spectre-meltdown-checker/Dockerfile diff --git a/src/yunohost/vendor/spectre-meltdown-checker/LICENSE b/src/vendor/spectre-meltdown-checker/LICENSE similarity index 100% rename from src/yunohost/vendor/spectre-meltdown-checker/LICENSE rename to src/vendor/spectre-meltdown-checker/LICENSE diff --git a/src/yunohost/vendor/spectre-meltdown-checker/README.md b/src/vendor/spectre-meltdown-checker/README.md similarity index 100% rename from src/yunohost/vendor/spectre-meltdown-checker/README.md rename to src/vendor/spectre-meltdown-checker/README.md diff --git a/src/yunohost/vendor/spectre-meltdown-checker/docker-compose.yml b/src/vendor/spectre-meltdown-checker/docker-compose.yml similarity index 100% rename from src/yunohost/vendor/spectre-meltdown-checker/docker-compose.yml rename to src/vendor/spectre-meltdown-checker/docker-compose.yml diff --git a/src/yunohost/vendor/spectre-meltdown-checker/spectre-meltdown-checker.sh b/src/vendor/spectre-meltdown-checker/spectre-meltdown-checker.sh similarity index 100% rename from src/yunohost/vendor/spectre-meltdown-checker/spectre-meltdown-checker.sh rename to src/vendor/spectre-meltdown-checker/spectre-meltdown-checker.sh diff --git a/src/yunohost/data_migrations/0015_migrate_to_buster.py b/src/yunohost/data_migrations/0015_migrate_to_buster.py deleted file mode 100644 index 4f2d4caf8..000000000 --- a/src/yunohost/data_migrations/0015_migrate_to_buster.py +++ /dev/null @@ -1,291 +0,0 @@ -import glob -import os - -from moulinette import m18n -from yunohost.utils.error import YunohostError -from moulinette.utils.log import getActionLogger -from moulinette.utils.process import check_output, call_async_output -from moulinette.utils.filesystem import read_file - -from yunohost.tools import Migration, tools_update, tools_upgrade -from yunohost.app import unstable_apps -from yunohost.regenconf import manually_modified_files -from yunohost.utils.filesystem import free_space_in_directory -from yunohost.utils.packages import ( - get_ynh_package_version, - _list_upgradable_apt_packages, -) - -logger = getActionLogger("yunohost.migration") - - -class MyMigration(Migration): - - "Upgrade the system to Debian Buster and Yunohost 4.x" - - mode = "manual" - - def run(self): - - self.check_assertions() - - logger.info(m18n.n("migration_0015_start")) - - # - # Make sure certificates do not use weak signature hash algorithms (md5, sha1) - # otherwise nginx will later refuse to start which result in - # catastrophic situation - # - self.validate_and_upgrade_cert_if_necessary() - - # - # Patch sources.list - # - logger.info(m18n.n("migration_0015_patching_sources_list")) - self.patch_apt_sources_list() - tools_update(target="system") - - # Tell libc6 it's okay to restart system stuff during the upgrade - os.system( - "echo 'libc6 libraries/restart-without-asking boolean true' | debconf-set-selections" - ) - - # Don't send an email to root about the postgresql migration. It should be handled automatically after. - os.system( - "echo 'postgresql-common postgresql-common/obsolete-major seen true' | debconf-set-selections" - ) - - # - # Specific packages upgrades - # - logger.info(m18n.n("migration_0015_specific_upgrade")) - - # Update unscd independently, was 0.53-1+yunohost on stretch (custom build of ours) but now it's 0.53-1+b1 on vanilla buster, - # which for apt appears as a lower version (hence the --allow-downgrades and the hardcoded version number) - unscd_version = check_output( - 'dpkg -s unscd | grep "^Version: " | cut -d " " -f 2' - ) - if "yunohost" in unscd_version: - new_version = check_output( - "LC_ALL=C apt policy unscd 2>/dev/null | grep -v '\\*\\*\\*' | grep http -B1 | head -n 1 | awk '{print $1}'" - ).strip() - if new_version: - self.apt_install("unscd=%s --allow-downgrades" % new_version) - else: - logger.warning("Could not identify which version of unscd to install") - - # Upgrade libpam-modules independently, small issue related to willing to overwrite a file previously provided by Yunohost - libpammodules_version = check_output( - 'dpkg -s libpam-modules | grep "^Version: " | cut -d " " -f 2' - ) - if not libpammodules_version.startswith("1.3"): - self.apt_install('libpam-modules -o Dpkg::Options::="--force-overwrite"') - - # - # Main upgrade - # - logger.info(m18n.n("migration_0015_main_upgrade")) - - apps_packages = self.get_apps_equivs_packages() - self.hold(apps_packages) - tools_upgrade(target="system", allow_yunohost_upgrade=False) - - if self.debian_major_version() == 9: - raise YunohostError("migration_0015_still_on_stretch_after_main_upgrade") - - # Clean the mess - logger.info(m18n.n("migration_0015_cleaning_up")) - os.system("apt autoremove --assume-yes") - os.system("apt clean --assume-yes") - - # - # Yunohost upgrade - # - logger.info(m18n.n("migration_0015_yunohost_upgrade")) - self.unhold(apps_packages) - tools_upgrade(target="system") - - def debian_major_version(self): - # The python module "platform" and lsb_release are not reliable because - # on some setup, they may still return Release=9 even after upgrading to - # buster ... (Apparently this is related to OVH overriding some stuff - # with /etc/lsb-release for instance -_-) - # Instead, we rely on /etc/os-release which should be the raw info from - # the distribution... - return int( - check_output( - "grep VERSION_ID /etc/os-release | head -n 1 | tr '\"' ' ' | cut -d ' ' -f2" - ) - ) - - def yunohost_major_version(self): - return int(get_ynh_package_version("yunohost")["version"].split(".")[0]) - - def check_assertions(self): - - # Be on stretch (9.x) and yunohost 3.x - # NB : we do both check to cover situations where the upgrade crashed - # in the middle and debian version could be > 9.x but yunohost package - # would still be in 3.x... - if ( - not self.debian_major_version() == 9 - and not self.yunohost_major_version() == 3 - ): - raise YunohostError("migration_0015_not_stretch") - - # Have > 1 Go free space on /var/ ? - if free_space_in_directory("/var/") / (1024 ** 3) < 1.0: - raise YunohostError("migration_0015_not_enough_free_space") - - # Check system is up to date - # (but we don't if 'stretch' is already in the sources.list ... - # which means maybe a previous upgrade crashed and we're re-running it) - if " buster " not in read_file("/etc/apt/sources.list"): - tools_update(target="system") - upgradable_system_packages = list(_list_upgradable_apt_packages()) - if upgradable_system_packages: - raise YunohostError("migration_0015_system_not_fully_up_to_date") - - @property - def disclaimer(self): - - # Avoid having a super long disclaimer + uncessary check if we ain't - # on stretch / yunohost 3.x anymore - # NB : we do both check to cover situations where the upgrade crashed - # in the middle and debian version could be >= 10.x but yunohost package - # would still be in 3.x... - if ( - not self.debian_major_version() == 9 - and not self.yunohost_major_version() == 3 - ): - return None - - # Get list of problematic apps ? I.e. not official or community+working - problematic_apps = unstable_apps() - problematic_apps = "".join(["\n - " + app for app in problematic_apps]) - - # Manually modified files ? (c.f. yunohost service regen-conf) - modified_files = manually_modified_files() - modified_files = "".join(["\n - " + f for f in modified_files]) - - message = m18n.n("migration_0015_general_warning") - - message = ( - "N.B.: This migration has been tested by the community over the last few months but has only been declared stable recently. If your server hosts critical services and if you are not too confident with debugging possible issues, we recommend you to wait a little bit more while we gather more feedback and polish things up. If on the other hand you are relatively confident with debugging small issues that may arise, you are encouraged to run this migration ;)! You can read about remaining known issues and feedback from the community here: https://forum.yunohost.org/t/12195\n\n" - + message - ) - - if problematic_apps: - message += "\n\n" + m18n.n( - "migration_0015_problematic_apps_warning", - problematic_apps=problematic_apps, - ) - - if modified_files: - message += "\n\n" + m18n.n( - "migration_0015_modified_files", manually_modified_files=modified_files - ) - - return message - - def patch_apt_sources_list(self): - - sources_list = glob.glob("/etc/apt/sources.list.d/*.list") - sources_list.append("/etc/apt/sources.list") - - # This : - # - replace single 'stretch' occurence by 'buster' - # - comments lines containing "backports" - # - replace 'stretch/updates' by 'strech/updates' (or same with -) - for f in sources_list: - command = ( - "sed -i -e 's@ stretch @ buster @g' " - "-e '/backports/ s@^#*@#@' " - "-e 's@ stretch/updates @ buster/updates @g' " - "-e 's@ stretch-@ buster-@g' " - "{}".format(f) - ) - os.system(command) - - def get_apps_equivs_packages(self): - - command = ( - "dpkg --get-selections" - " | grep -v deinstall" - " | awk '{print $1}'" - " | { grep 'ynh-deps$' || true; }" - ) - - output = check_output(command) - - return output.split("\n") if output else [] - - def hold(self, packages): - for package in packages: - os.system("apt-mark hold {}".format(package)) - - def unhold(self, packages): - for package in packages: - os.system("apt-mark unhold {}".format(package)) - - def apt_install(self, cmd): - def is_relevant(line): - return "Reading database ..." not in line.rstrip() - - callbacks = ( - lambda l: logger.info("+ " + l.rstrip() + "\r") - if is_relevant(l) - else logger.debug(l.rstrip() + "\r"), - lambda l: logger.warning(l.rstrip()), - ) - - cmd = ( - "LC_ALL=C DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none apt install --quiet -o=Dpkg::Use-Pty=0 --fix-broken --assume-yes " - + cmd - ) - - logger.debug("Running: %s" % cmd) - - call_async_output(cmd, callbacks, shell=True) - - def validate_and_upgrade_cert_if_necessary(self): - - active_certs = set( - check_output("grep -roh '/.*crt.pem' /etc/nginx/").split("\n") - ) - - cmd = "LC_ALL=C openssl x509 -in %s -text -noout | grep -i 'Signature Algorithm:' | awk '{print $3}' | uniq" - - default_crt = "/etc/yunohost/certs/yunohost.org/crt.pem" - default_key = "/etc/yunohost/certs/yunohost.org/key.pem" - default_signature = ( - check_output(cmd % default_crt) if default_crt in active_certs else None - ) - if default_signature is not None and ( - default_signature.startswith("md5") or default_signature.startswith("sha1") - ): - logger.warning( - "%s is using a pretty old certificate incompatible with newer versions of nginx ... attempting to regenerate a fresh one" - % default_crt - ) - - os.system("mv %s %s.old" % (default_crt, default_crt)) - os.system("mv %s %s.old" % (default_key, default_key)) - ret = os.system("/usr/share/yunohost/hooks/conf_regen/02-ssl init") - - if ret != 0 or not os.path.exists(default_crt): - logger.error("Upgrading the certificate failed ... reverting") - os.system("mv %s.old %s" % (default_crt, default_crt)) - os.system("mv %s.old %s" % (default_key, default_key)) - - signatures = {cert: check_output(cmd % cert) for cert in active_certs} - - def cert_is_weak(cert): - sig = signatures[cert] - return sig.startswith("md5") or sig.startswith("sha1") - - weak_certs = [cert for cert in signatures.keys() if cert_is_weak(cert)] - if weak_certs: - raise YunohostError( - "migration_0015_weak_certs", certs=", ".join(weak_certs) - ) diff --git a/src/yunohost/data_migrations/0018_xtable_to_nftable.py b/src/yunohost/data_migrations/0018_xtable_to_nftable.py deleted file mode 100644 index 94b47d944..000000000 --- a/src/yunohost/data_migrations/0018_xtable_to_nftable.py +++ /dev/null @@ -1,126 +0,0 @@ -import os -import subprocess - -from moulinette import m18n -from yunohost.utils.error import YunohostError -from moulinette.utils.log import getActionLogger - -from yunohost.firewall import firewall_reload -from yunohost.service import service_restart -from yunohost.tools import Migration - -logger = getActionLogger("yunohost.migration") - - -class MyMigration(Migration): - - "Migrate legacy iptables rules from stretch that relied on xtable and should now rely on nftable" - - dependencies = ["migrate_to_buster"] - - def run(self): - - self.do_ipv4 = os.system("iptables -w -L >/dev/null") == 0 - self.do_ipv6 = os.system("ip6tables -w -L >/dev/null") == 0 - - if not self.do_ipv4: - logger.warning(m18n.n("iptables_unavailable")) - if not self.do_ipv6: - logger.warning(m18n.n("ip6tables_unavailable")) - - backup_folder = "/home/yunohost.backup/premigration/xtable_to_nftable/" - if not os.path.exists(backup_folder): - os.makedirs(backup_folder, 0o750) - self.backup_rules_ipv4 = os.path.join(backup_folder, "legacy_rules_ipv4") - self.backup_rules_ipv6 = os.path.join(backup_folder, "legacy_rules_ipv6") - - # Backup existing legacy rules to be able to rollback - if self.do_ipv4 and not os.path.exists(self.backup_rules_ipv4): - self.runcmd( - "iptables-legacy -L >/dev/null" - ) # For some reason if we don't do this, iptables-legacy-save is empty ? - self.runcmd("iptables-legacy-save > %s" % self.backup_rules_ipv4) - assert ( - open(self.backup_rules_ipv4).read().strip() - ), "Uhoh backup of legacy ipv4 rules is empty !?" - if self.do_ipv6 and not os.path.exists(self.backup_rules_ipv6): - self.runcmd( - "ip6tables-legacy -L >/dev/null" - ) # For some reason if we don't do this, iptables-legacy-save is empty ? - self.runcmd("ip6tables-legacy-save > %s" % self.backup_rules_ipv6) - assert ( - open(self.backup_rules_ipv6).read().strip() - ), "Uhoh backup of legacy ipv6 rules is empty !?" - - # We inject the legacy rules (iptables-legacy) into the new iptable (just "iptables") - try: - if self.do_ipv4: - self.runcmd("iptables-legacy-save | iptables-restore") - if self.do_ipv6: - self.runcmd("ip6tables-legacy-save | ip6tables-restore") - except Exception as e: - self.rollback() - raise YunohostError( - "migration_0018_failed_to_migrate_iptables_rules", error=e - ) - - # Reset everything in iptables-legacy - # Stolen from https://serverfault.com/a/200642 - try: - if self.do_ipv4: - self.runcmd( - "iptables-legacy-save | awk '/^[*]/ { print $1 }" # Keep lines like *raw, *filter and *nat - ' /^:[A-Z]+ [^-]/ { print $1 " ACCEPT" ; }' # Turn all policies to accept - " /COMMIT/ { print $0; }'" # Keep the line COMMIT - " | iptables-legacy-restore" - ) - if self.do_ipv6: - self.runcmd( - "ip6tables-legacy-save | awk '/^[*]/ { print $1 }" # Keep lines like *raw, *filter and *nat - ' /^:[A-Z]+ [^-]/ { print $1 " ACCEPT" ; }' # Turn all policies to accept - " /COMMIT/ { print $0; }'" # Keep the line COMMIT - " | ip6tables-legacy-restore" - ) - except Exception as e: - self.rollback() - raise YunohostError("migration_0018_failed_to_reset_legacy_rules", error=e) - - # You might be wondering "uh but is it really useful to - # iptables-legacy-save | iptables-restore considering firewall_reload() - # flush/resets everything anyway ?" - # But the answer is : firewall_reload() only resets the *filter table. - # On more complex setups (e.g. internet cube or docker) you will also - # have rules in the *nat (or maybe *raw?) sections of iptables. - firewall_reload() - service_restart("fail2ban") - - def rollback(self): - - if self.do_ipv4: - self.runcmd("iptables-legacy-restore < %s" % self.backup_rules_ipv4) - if self.do_ipv6: - self.runcmd("iptables-legacy-restore < %s" % self.backup_rules_ipv6) - - def runcmd(self, cmd, raise_on_errors=True): - - logger.debug("Running command: " + cmd) - - p = subprocess.Popen( - cmd, - shell=True, - executable="/bin/bash", - stdout=subprocess.PIPE, - stderr=subprocess.PIPE, - ) - - out, err = p.communicate() - returncode = p.returncode - if raise_on_errors and returncode != 0: - raise YunohostError( - "Failed to run command '{}'.\nreturncode: {}\nstdout:\n{}\nstderr:\n{}\n".format( - cmd, returncode, out, err - ) - ) - - out = out.strip().split(b"\n") - return (returncode, out, err) diff --git a/src/yunohost/data_migrations/0019_extend_permissions_features.py b/src/yunohost/data_migrations/0019_extend_permissions_features.py deleted file mode 100644 index 5d4343deb..000000000 --- a/src/yunohost/data_migrations/0019_extend_permissions_features.py +++ /dev/null @@ -1,107 +0,0 @@ -from moulinette import m18n -from moulinette.utils.log import getActionLogger - -from yunohost.tools import Migration -from yunohost.permission import user_permission_list -from yunohost.utils.legacy import migrate_legacy_permission_settings - -logger = getActionLogger("yunohost.migration") - - -class MyMigration(Migration): - """ - Add protected attribute in LDAP permission - """ - - @Migration.ldap_migration - def run(self, backup_folder): - - # Update LDAP database - self.add_new_ldap_attributes() - - # Migrate old settings - migrate_legacy_permission_settings() - - def add_new_ldap_attributes(self): - - from yunohost.utils.ldap import _get_ldap_interface - from yunohost.regenconf import regen_conf, BACKUP_CONF_DIR - - # Check if the migration can be processed - ldap_regen_conf_status = regen_conf(names=["slapd"], dry_run=True) - # By this we check if the have been customized - if ldap_regen_conf_status and ldap_regen_conf_status["slapd"]["pending"]: - logger.warning( - m18n.n( - "migration_0019_slapd_config_will_be_overwritten", - conf_backup_folder=BACKUP_CONF_DIR, - ) - ) - - # Update LDAP schema restart slapd - logger.info(m18n.n("migration_update_LDAP_schema")) - regen_conf(names=["slapd"], force=True) - - logger.info(m18n.n("migration_0019_add_new_attributes_in_ldap")) - ldap = _get_ldap_interface() - permission_list = user_permission_list(full=True)["permissions"] - - for permission in permission_list: - system_perms = { - "mail": "E-mail", - "xmpp": "XMPP", - "ssh": "SSH", - "sftp": "STFP", - } - if permission.split(".")[0] in system_perms: - update = { - "authHeader": ["FALSE"], - "label": [system_perms[permission.split(".")[0]]], - "showTile": ["FALSE"], - "isProtected": ["TRUE"], - } - else: - app, subperm_name = permission.split(".") - if permission.endswith(".main"): - update = { - "authHeader": ["TRUE"], - "label": [ - app - ], # Note that this is later re-changed during the call to migrate_legacy_permission_settings() if a 'label' setting exists - "showTile": ["TRUE"], - "isProtected": ["FALSE"], - } - else: - update = { - "authHeader": ["TRUE"], - "label": [subperm_name.title()], - "showTile": ["FALSE"], - "isProtected": ["TRUE"], - } - - ldap.update("cn=%s,ou=permission" % permission, update) - - introduced_in_version = "4.1" - - def run_after_system_restore(self): - # Update LDAP database - self.add_new_ldap_attributes() - - def run_before_app_restore(self, app_id): - from yunohost.app import app_setting - from yunohost.utils.legacy import migrate_legacy_permission_settings - - # Migrate old settings - legacy_permission_settings = [ - "skipped_uris", - "unprotected_uris", - "protected_uris", - "skipped_regex", - "unprotected_regex", - "protected_regex", - ] - if any( - app_setting(app_id, setting) is not None - for setting in legacy_permission_settings - ): - migrate_legacy_permission_settings(app=app_id) diff --git a/src/yunohost/data_migrations/0020_ssh_sftp_permissions.py b/src/yunohost/data_migrations/0020_ssh_sftp_permissions.py deleted file mode 100644 index f1dbcd1e7..000000000 --- a/src/yunohost/data_migrations/0020_ssh_sftp_permissions.py +++ /dev/null @@ -1,100 +0,0 @@ -import subprocess -import os - -from moulinette import m18n -from moulinette.utils.log import getActionLogger - -from yunohost.tools import Migration -from yunohost.permission import user_permission_update, permission_sync_to_user -from yunohost.regenconf import manually_modified_files - -logger = getActionLogger("yunohost.migration") - -################################################### -# Tools used also for restoration -################################################### - - -class MyMigration(Migration): - """ - Add new permissions around SSH/SFTP features - """ - - introduced_in_version = "4.2.2" - dependencies = ["extend_permissions_features"] - - @Migration.ldap_migration - def run(self, *args): - - from yunohost.utils.ldap import _get_ldap_interface - - ldap = _get_ldap_interface() - - existing_perms_raw = ldap.search( - "ou=permission,dc=yunohost,dc=org", "(objectclass=permissionYnh)", ["cn"] - ) - existing_perms = [perm["cn"][0] for perm in existing_perms_raw] - - # Add SSH and SFTP permissions - if "sftp.main" not in existing_perms: - ldap.add( - "cn=sftp.main,ou=permission", - { - "cn": "sftp.main", - "gidNumber": "5004", - "objectClass": ["posixGroup", "permissionYnh"], - "groupPermission": [], - "authHeader": "FALSE", - "label": "SFTP", - "showTile": "FALSE", - "isProtected": "TRUE", - }, - ) - - if "ssh.main" not in existing_perms: - ldap.add( - "cn=ssh.main,ou=permission", - { - "cn": "ssh.main", - "gidNumber": "5003", - "objectClass": ["posixGroup", "permissionYnh"], - "groupPermission": [], - "authHeader": "FALSE", - "label": "SSH", - "showTile": "FALSE", - "isProtected": "TRUE", - }, - ) - - # Add a bash terminal to each users - users = ldap.search( - "ou=users,dc=yunohost,dc=org", - filter="(loginShell=*)", - attrs=["dn", "uid", "loginShell"], - ) - for user in users: - if user["loginShell"][0] == "/bin/false": - dn = user["dn"][0].replace(",dc=yunohost,dc=org", "") - ldap.update(dn, {"loginShell": ["/bin/bash"]}) - else: - user_permission_update( - "ssh.main", add=user["uid"][0], sync_perm=False - ) - - permission_sync_to_user() - - # Somehow this is needed otherwise the PAM thing doesn't forget about the - # old loginShell value ? - subprocess.call(["nscd", "-i", "passwd"]) - - if ( - "/etc/ssh/sshd_config" in manually_modified_files() - and os.system( - "grep -q '^ *AllowGroups\\|^ *AllowUsers' /etc/ssh/sshd_config" - ) - != 0 - ): - logger.error(m18n.n("diagnosis_sshd_config_insecure")) - - def run_after_system_restore(self): - self.run() diff --git a/tests/add_missing_keys.py b/tests/add_missing_keys.py deleted file mode 100644 index 30c6c6640..000000000 --- a/tests/add_missing_keys.py +++ /dev/null @@ -1,193 +0,0 @@ -# -*- coding: utf-8 -*- - -import os -import re -import glob -import json -import yaml -import subprocess - -############################################################################### -# Find used keys in python code # -############################################################################### - - -def find_expected_string_keys(): - - # Try to find : - # m18n.n( "foo" - # YunohostError("foo" - # YunohostValidationError("foo" - # # i18n: foo - p1 = re.compile(r"m18n\.n\(\n*\s*[\"\'](\w+)[\"\']") - p2 = re.compile(r"YunohostError\(\n*\s*[\'\"](\w+)[\'\"]") - p3 = re.compile(r"YunohostValidationError\(\n*\s*[\'\"](\w+)[\'\"]") - p4 = re.compile(r"# i18n: [\'\"]?(\w+)[\'\"]?") - - python_files = glob.glob("src/yunohost/*.py") - python_files.extend(glob.glob("src/yunohost/utils/*.py")) - python_files.extend(glob.glob("src/yunohost/data_migrations/*.py")) - python_files.extend(glob.glob("src/yunohost/authenticators/*.py")) - python_files.extend(glob.glob("data/hooks/diagnosis/*.py")) - python_files.append("bin/yunohost") - - for python_file in python_files: - content = open(python_file).read() - for m in p1.findall(content): - if m.endswith("_"): - continue - yield m - for m in p2.findall(content): - if m.endswith("_"): - continue - yield m - for m in p3.findall(content): - if m.endswith("_"): - continue - yield m - for m in p4.findall(content): - yield m - - # For each diagnosis, try to find strings like "diagnosis_stuff_foo" (c.f. diagnosis summaries) - # Also we expect to have "diagnosis_description_" for each diagnosis - p3 = re.compile(r"[\"\'](diagnosis_[a-z]+_\w+)[\"\']") - for python_file in glob.glob("data/hooks/diagnosis/*.py"): - content = open(python_file).read() - for m in p3.findall(content): - if m.endswith("_"): - # Ignore some name fragments which are actually concatenated with other stuff.. - continue - yield m - yield "diagnosis_description_" + os.path.basename(python_file)[:-3].split("-")[ - -1 - ] - - # For each migration, expect to find "migration_description_" - for path in glob.glob("src/yunohost/data_migrations/*.py"): - if "__init__" in path: - continue - yield "migration_description_" + os.path.basename(path)[:-3] - - # For each default service, expect to find "service_description_" - for service, info in yaml.safe_load( - open("data/templates/yunohost/services.yml") - ).items(): - if info is None: - continue - yield "service_description_" + service - - # For all unit operations, expect to find "log_" - # A unit operation is created either using the @is_unit_operation decorator - # or using OperationLogger( - cmd = "grep -hr '@is_unit_operation' src/yunohost/ -A3 2>/dev/null | grep '^def' | sed -E 's@^def (\\w+)\\(.*@\\1@g'" - for funcname in ( - subprocess.check_output(cmd, shell=True).decode("utf-8").strip().split("\n") - ): - yield "log_" + funcname - - p4 = re.compile(r"OperationLogger\(\n*\s*[\"\'](\w+)[\"\']") - for python_file in python_files: - content = open(python_file).read() - for m in ("log_" + match for match in p4.findall(content)): - yield m - - # Global settings descriptions - # Will be on a line like : ("service.ssh.allow_deprecated_dsa_hostkey", {"type": "bool", ... - p5 = re.compile(r" \(\n*\s*[\"\'](\w[\w\.]+)[\"\'],") - content = open("src/yunohost/settings.py").read() - for m in ( - "global_settings_setting_" + s.replace(".", "_") for s in p5.findall(content) - ): - yield m - - # Keys for the actionmap ... - for category in yaml.safe_load(open("data/actionsmap/yunohost.yml")).values(): - if "actions" not in category.keys(): - continue - for action in category["actions"].values(): - if "arguments" not in action.keys(): - continue - for argument in action["arguments"].values(): - extra = argument.get("extra") - if not extra: - continue - if "password" in extra: - yield extra["password"] - if "ask" in extra: - yield extra["ask"] - if "comment" in extra: - yield extra["comment"] - if "pattern" in extra: - yield extra["pattern"][1] - if "help" in extra: - yield extra["help"] - - # Hardcoded expected keys ... - yield "admin_password" # Not sure that's actually used nowadays... - - for method in ["tar", "copy", "custom"]: - yield "backup_applying_method_%s" % method - yield "backup_method_%s_finished" % method - - for level in ["danger", "thirdparty", "warning"]: - yield "confirm_app_install_%s" % level - - for errortype in ["not_found", "error", "warning", "success", "not_found_details"]: - yield "diagnosis_domain_expiration_%s" % errortype - yield "diagnosis_domain_not_found_details" - - for errortype in ["bad_status_code", "connection_error", "timeout"]: - yield "diagnosis_http_%s" % errortype - - yield "password_listed" - for i in [1, 2, 3, 4]: - yield "password_too_simple_%s" % i - - checks = [ - "outgoing_port_25_ok", - "ehlo_ok", - "fcrdns_ok", - "blacklist_ok", - "queue_ok", - "ehlo_bad_answer", - "ehlo_unreachable", - "ehlo_bad_answer_details", - "ehlo_unreachable_details", - ] - for check in checks: - yield "diagnosis_mail_%s" % check - - -############################################################################### -# Load en locale json keys # -############################################################################### - - -def keys_defined_for_en(): - return json.loads(open("locales/en.json").read()).keys() - - -############################################################################### -# Compare keys used and keys defined # -############################################################################### - - -expected_string_keys = set(find_expected_string_keys()) -keys_defined = set(keys_defined_for_en()) - - -undefined_keys = expected_string_keys.difference(keys_defined) -undefined_keys = sorted(undefined_keys) - - -j = json.loads(open("locales/en.json").read()) -for key in undefined_keys: - j[key] = "FIXME" - -json.dump( - j, - open("locales/en.json", "w"), - indent=4, - ensure_ascii=False, - sort_keys=True, -) diff --git a/tests/autofix_locale_format.py b/tests/autofix_locale_format.py deleted file mode 100644 index f3825bd30..000000000 --- a/tests/autofix_locale_format.py +++ /dev/null @@ -1,53 +0,0 @@ -import re -import json -import glob - -# List all locale files (except en.json being the ref) -locale_folder = "../locales/" -locale_files = glob.glob(locale_folder + "*.json") -locale_files = [filename.split("/")[-1] for filename in locale_files] -locale_files.remove("en.json") - -reference = json.loads(open(locale_folder + "en.json").read()) - - -def fix_locale(locale_file): - - this_locale = json.loads(open(locale_folder + locale_file).read()) - fixed_stuff = False - - # We iterate over all keys/string in en.json - for key, string in reference.items(): - - # Ignore check if there's no translation yet for this key - if key not in this_locale: - continue - - # Then we check that every "{stuff}" (for python's .format()) - # should also be in the translated string, otherwise the .format - # will trigger an exception! - subkeys_in_ref = [k[0] for k in re.findall(r"{(\w+)(:\w)?}", string)] - subkeys_in_this_locale = [ - k[0] for k in re.findall(r"{(\w+)(:\w)?}", this_locale[key]) - ] - - if set(subkeys_in_ref) != set(subkeys_in_this_locale) and ( - len(subkeys_in_ref) == len(subkeys_in_this_locale) - ): - for i, subkey in enumerate(subkeys_in_ref): - this_locale[key] = this_locale[key].replace( - "{%s}" % subkeys_in_this_locale[i], "{%s}" % subkey - ) - fixed_stuff = True - - if fixed_stuff: - json.dump( - this_locale, - open(locale_folder + locale_file, "w"), - indent=4, - ensure_ascii=False, - ) - - -for locale_file in locale_files: - fix_locale(locale_file) diff --git a/tests/reformat_locales.py b/tests/reformat_locales.py deleted file mode 100644 index 86c2664d7..000000000 --- a/tests/reformat_locales.py +++ /dev/null @@ -1,60 +0,0 @@ -import re - - -def reformat(lang, transformations): - - locale = open(f"../locales/{lang}.json").read() - for pattern, replace in transformations.items(): - locale = re.compile(pattern).sub(replace, locale) - - open(f"../locales/{lang}.json", "w").write(locale) - - -###################################################### - -godamn_spaces_of_hell = [ - "\u00a0", - "\u2000", - "\u2001", - "\u2002", - "\u2003", - "\u2004", - "\u2005", - "\u2006", - "\u2007", - "\u2008", - "\u2009", - "\u200A", - "\u202f", - "\u202F", - "\u3000", -] - -transformations = {s: " " for s in godamn_spaces_of_hell} -transformations.update( - { - "…": "...", - } -) - - -reformat("en", transformations) - -###################################################### - -transformations.update( - { - "courriel": "email", - "e-mail": "email", - "Courriel": "Email", - "E-mail": "Email", - "« ": "'", - "«": "'", - " »": "'", - "»": "'", - "’": "'", - # r"$(\w{1,2})'|( \w{1,2})'": r"\1\2’", - } -) - -reformat("fr", transformations) diff --git a/tests/remove_stale_translated_strings.py b/tests/remove_stale_translated_strings.py deleted file mode 100644 index 48f2180e4..000000000 --- a/tests/remove_stale_translated_strings.py +++ /dev/null @@ -1,25 +0,0 @@ -import json -import glob -from collections import OrderedDict - -locale_folder = "../locales/" -locale_files = glob.glob(locale_folder + "*.json") -locale_files = [filename.split("/")[-1] for filename in locale_files] -locale_files.remove("en.json") - -reference = json.loads(open(locale_folder + "en.json").read()) - -for locale_file in locale_files: - - print(locale_file) - this_locale = json.loads( - open(locale_folder + locale_file).read(), object_pairs_hook=OrderedDict - ) - this_locale_fixed = {k: v for k, v in this_locale.items() if k in reference} - - json.dump( - this_locale_fixed, - open(locale_folder + locale_file, "w"), - indent=4, - ensure_ascii=False, - ) diff --git a/tests/test_actionmap.py b/tests/test_actionmap.py index 0b8abb152..e482bdfe1 100644 --- a/tests/test_actionmap.py +++ b/tests/test_actionmap.py @@ -2,4 +2,4 @@ import yaml def test_yaml_syntax(): - yaml.safe_load(open("data/actionsmap/yunohost.yml")) + yaml.safe_load(open("share/actionsmap.yml")) diff --git a/tests/test_helpers.d/ynhtest_apt.sh b/tests/test_helpers.d/ynhtest_apt.sh new file mode 100644 index 000000000..074bc2e60 --- /dev/null +++ b/tests/test_helpers.d/ynhtest_apt.sh @@ -0,0 +1,22 @@ +ynhtest_apt_install_apt_deps_regular() { + + dpkg --list | grep -q "ii *$app-ynh-deps" && apt remove $app-ynh-deps --assume-yes || true + dpkg --list | grep -q 'ii *nyancat' && apt remove nyancat --assume-yes || true + dpkg --list | grep -q 'ii *sl' && apt remove sl --assume-yes || true + + ! ynh_package_is_installed "$app-ynh-deps" + ! ynh_package_is_installed "nyancat" + ! ynh_package_is_installed "sl" + + ynh_install_app_dependencies "nyancat sl" + + ynh_package_is_installed "$app-ynh-deps" + ynh_package_is_installed "nyancat" + ynh_package_is_installed "sl" + + ynh_remove_app_dependencies + + ! ynh_package_is_installed "$app-ynh-deps" + ! ynh_package_is_installed "nyancat" + ! ynh_package_is_installed "sl" +} diff --git a/tests/test_helpers.d/ynhtest_logging.sh b/tests/test_helpers.d/ynhtest_logging.sh new file mode 100644 index 000000000..bb1241614 --- /dev/null +++ b/tests/test_helpers.d/ynhtest_logging.sh @@ -0,0 +1,92 @@ +ynhtest_exec_warn_less() { + + FOO='foo' + bar="" + BAR='$bar' + FOOBAR="foo bar" + + # These looks like stupid edge case + # but in fact happens when dealing with passwords + # (which could also contain bash chars like [], {}, ...) + # or urls containing &, ... + FOOANDBAR="foo&bar" + FOO1QUOTEBAR="foo'bar" + FOO2QUOTEBAR="foo\"bar" + + ynh_exec_warn_less uptime + + test ! -e $FOO + ynh_exec_warn_less touch $FOO + test -e $FOO + rm $FOO + + test ! -e $FOO1QUOTEBAR + ynh_exec_warn_less touch $FOO1QUOTEBAR + test -e $FOO1QUOTEBAR + rm $FOO1QUOTEBAR + + test ! -e $FOO2QUOTEBAR + ynh_exec_warn_less touch $FOO2QUOTEBAR + test -e $FOO2QUOTEBAR + rm $FOO2QUOTEBAR + + test ! -e $BAR + ynh_exec_warn_less touch $BAR + test -e $BAR + rm $BAR + + test ! -e "$FOOBAR" + ynh_exec_warn_less touch "$FOOBAR" + test -e "$FOOBAR" + rm "$FOOBAR" + + test ! -e "$FOOANDBAR" + ynh_exec_warn_less touch $FOOANDBAR + test -e "$FOOANDBAR" + rm "$FOOANDBAR" + + ########################### + # Legacy stuff using eval # + ########################### + + test ! -e $FOO + ynh_exec_warn_less "touch $FOO" + test -e $FOO + rm $FOO + + test ! -e $FOO1QUOTEBAR + ynh_exec_warn_less "touch \"$FOO1QUOTEBAR\"" + # (this works but expliciy *double* quotes have to be provided) + test -e $FOO1QUOTEBAR + rm $FOO1QUOTEBAR + + #test ! -e $FOO2QUOTEBAR + #ynh_exec_warn_less "touch \'$FOO2QUOTEBAR\'" + ## (this doesn't work with simple or double quotes) + #test -e $FOO2QUOTEBAR + #rm $FOO2QUOTEBAR + + test ! -e $BAR + ynh_exec_warn_less 'touch $BAR' + # That one works because $BAR is only interpreted during eval + test -e $BAR + rm $BAR + + #test ! -e $BAR + #ynh_exec_warn_less "touch $BAR" + # That one doesn't work because $bar gets interpreted as empty var by eval... + #test -e $BAR + #rm $BAR + + test ! -e "$FOOBAR" + ynh_exec_warn_less "touch \"$FOOBAR\"" + # (works but requires explicit double quotes otherwise eval would interpret 'foo bar' as two separate args..) + test -e "$FOOBAR" + rm "$FOOBAR" + + test ! -e "$FOOANDBAR" + ynh_exec_warn_less "touch \"$FOOANDBAR\"" + # (works but requires explicit double quotes otherwise eval would interpret '&' as a "run command in background" and also bar is not a valid command) + test -e "$FOOANDBAR" + rm "$FOOANDBAR" +} diff --git a/tests/test_helpers.d/ynhtest_secure_remove.sh b/tests/test_helpers.d/ynhtest_secure_remove.sh new file mode 100644 index 000000000..04d85fa7a --- /dev/null +++ b/tests/test_helpers.d/ynhtest_secure_remove.sh @@ -0,0 +1,71 @@ +ynhtest_acceptable_path_to_delete() { + + mkdir -p /home/someuser + mkdir -p /home/$app + mkdir -p /home/yunohost.app/$app + mkdir -p /var/www/$app + touch /var/www/$app/bar + touch /etc/cron.d/$app + + ! _acceptable_path_to_delete / + ! _acceptable_path_to_delete //// + ! _acceptable_path_to_delete " //// " + ! _acceptable_path_to_delete /var + ! _acceptable_path_to_delete /var/www + ! _acceptable_path_to_delete /var/cache + ! _acceptable_path_to_delete /usr + ! _acceptable_path_to_delete /usr/bin + ! _acceptable_path_to_delete /home + ! _acceptable_path_to_delete /home/yunohost.backup + ! _acceptable_path_to_delete /home/yunohost.app + ! _acceptable_path_to_delete /home/yunohost.app/ + ! _acceptable_path_to_delete ///home///yunohost.app/// + ! _acceptable_path_to_delete /home/yunohost.app/$app/.. + ! _acceptable_path_to_delete ///home///yunohost.app///$app///..// + ! _acceptable_path_to_delete /home/yunohost.app/../$app/.. + ! _acceptable_path_to_delete /home/someuser + ! _acceptable_path_to_delete /home/yunohost.app//../../$app + ! _acceptable_path_to_delete " /home/yunohost.app/// " + ! _acceptable_path_to_delete /etc/cron.d/ + ! _acceptable_path_to_delete /etc/yunohost/ + + _acceptable_path_to_delete /home/yunohost.app/$app + _acceptable_path_to_delete /home/yunohost.app/$app/bar + _acceptable_path_to_delete /etc/cron.d/$app + _acceptable_path_to_delete /var/www/$app/bar + _acceptable_path_to_delete /var/www/$app + + rm /var/www/$app/bar + rm /etc/cron.d/$app + rmdir /home/yunohost.app/$app + rmdir /home/$app + rmdir /home/someuser + rmdir /var/www/$app +} + +ynhtest_secure_remove() { + + mkdir -p /home/someuser + mkdir -p /home/yunohost.app/$app + mkdir -p /var/www/$app + mkdir -p /var/whatever + touch /var/www/$app/bar + touch /etc/cron.d/$app + + ! ynh_secure_remove --file="/home/someuser" + ! ynh_secure_remove --file="/home/yunohost.app/" + ! ynh_secure_remove --file="/var/whatever" + ynh_secure_remove --file="/home/yunohost.app/$app" + ynh_secure_remove --file="/var/www/$app" + ynh_secure_remove --file="/etc/cron.d/$app" + + test -e /home/someuser + test -e /home/yunohost.app + test -e /var/whatever + ! test -e /home/yunohost.app/$app + ! test -e /var/www/$app + ! test -e /etc/cron.d/$app + + rmdir /home/someuser + rmdir /var/whatever +} diff --git a/tests/test_helpers.d/ynhtest_settings.sh b/tests/test_helpers.d/ynhtest_settings.sh new file mode 100644 index 000000000..e916c146b --- /dev/null +++ b/tests/test_helpers.d/ynhtest_settings.sh @@ -0,0 +1,29 @@ +ynhtest_settings() { + + test -n "$app" + + mkdir -p "/etc/yunohost/apps/$app" + echo "label: $app" > "/etc/yunohost/apps/$app/settings.yml" + + test -z "$(ynh_app_setting_get --key="foo")" + test -z "$(ynh_app_setting_get --key="bar")" + test -z "$(ynh_app_setting_get --app="$app" --key="baz")" + + ynh_app_setting_set --key="foo" --value="foovalue" + ynh_app_setting_set --app="$app" --key="bar" --value="barvalue" + ynh_app_setting_set "$app" baz bazvalue + + test "$(ynh_app_setting_get --key="foo")" == "foovalue" + test "$(ynh_app_setting_get --key="bar")" == "barvalue" + test "$(ynh_app_setting_get --app="$app" --key="baz")" == "bazvalue" + + ynh_app_setting_delete --key="foo" + ynh_app_setting_delete --app="$app" --key="bar" + ynh_app_setting_delete "$app" baz + + test -z "$(ynh_app_setting_get --key="foo")" + test -z "$(ynh_app_setting_get --key="bar")" + test -z "$(ynh_app_setting_get --app="$app" --key="baz")" + + rm -rf "/etc/yunohost/apps/$app" +} diff --git a/tests/test_helpers.d/ynhtest_user.sh b/tests/test_helpers.d/ynhtest_user.sh new file mode 100644 index 000000000..46f2a0cd6 --- /dev/null +++ b/tests/test_helpers.d/ynhtest_user.sh @@ -0,0 +1,25 @@ + +ynhtest_system_user_create() { + username=$(head -c 12 /dev/urandom | md5sum | head -c 12) + + ! ynh_system_user_exists --username="$username" + + ynh_system_user_create --username="$username" + + ynh_system_user_exists --username="$username" + + ynh_system_user_delete --username="$username" + + ! ynh_system_user_exists --username="$username" +} + +ynhtest_system_user_with_group() { + username=$(head -c 12 /dev/urandom | md5sum | head -c 12) + + ynh_system_user_create --username="$username" --groups="ssl-cert,ssh.app" + + grep -q "^ssl-cert:.*$username" /etc/group + grep -q "^ssh.app:.*$username" /etc/group + + ynh_system_user_delete --username="$username" +} diff --git a/tests/test_translation_format_consistency.py b/tests/test_translation_format_consistency.py deleted file mode 100644 index 86d1c3279..000000000 --- a/tests/test_translation_format_consistency.py +++ /dev/null @@ -1,52 +0,0 @@ -import re -import json -import glob -import pytest - -# List all locale files (except en.json being the ref) -locale_folder = "locales/" -locale_files = glob.glob(locale_folder + "*.json") -locale_files = [filename.split("/")[-1] for filename in locale_files] -locale_files.remove("en.json") - -reference = json.loads(open(locale_folder + "en.json").read()) - - -def find_inconsistencies(locale_file): - - this_locale = json.loads(open(locale_folder + locale_file).read()) - - # We iterate over all keys/string in en.json - for key, string in reference.items(): - - # Ignore check if there's no translation yet for this key - if key not in this_locale: - continue - - # Then we check that every "{stuff}" (for python's .format()) - # should also be in the translated string, otherwise the .format - # will trigger an exception! - subkeys_in_ref = set(k[0] for k in re.findall(r"{(\w+)(:\w)?}", string)) - subkeys_in_this_locale = set( - k[0] for k in re.findall(r"{(\w+)(:\w)?}", this_locale[key]) - ) - - if any(k not in subkeys_in_ref for k in subkeys_in_this_locale): - yield """\n -========================== -Format inconsistency for string {key} in {locale_file}:" -en.json -> {string} -{locale_file} -> {translated_string} -""".format( - key=key, - string=string.encode("utf-8"), - locale_file=locale_file, - translated_string=this_locale[key].encode("utf-8"), - ) - - -@pytest.mark.parametrize("locale_file", locale_files) -def test_translation_format_consistency(locale_file): - inconsistencies = list(find_inconsistencies(locale_file)) - if inconsistencies: - raise Exception("".join(inconsistencies)) diff --git a/tox.ini b/tox.ini index 267134e57..dc2c52074 100644 --- a/tox.ini +++ b/tox.ini @@ -1,15 +1,15 @@ [tox] -envlist = py37-{lint,invalidcode},py37-black-{run,check} +envlist = py39-{lint,invalidcode},py39-black-{run,check} [testenv] skip_install=True deps = - py37-{lint,invalidcode}: flake8 - py37-black-{run,check}: black - py37-mypy: mypy >= 0.900 + py39-{lint,invalidcode}: flake8 + py39-black-{run,check}: black + py39-mypy: mypy >= 0.900 commands = - py37-lint: flake8 src doc data tests --ignore E402,E501,E203,W503 --exclude src/yunohost/vendor - py37-invalidcode: flake8 src data --exclude src/yunohost/tests,src/yunohost/vendor --select F,E722,W605 - py37-black-check: black --check --diff src doc data tests - py37-black-run: black src doc data tests - py37-mypy: mypy --ignore-missing-import --install-types --non-interactive --follow-imports silent src/yunohost/ --exclude (acme_tiny|data_migrations) + py39-lint: flake8 src doc maintenance tests --ignore E402,E501,E203,W503 --exclude src/vendor + py39-invalidcode: flake8 src bin maintenance --exclude src/tests,src/vendor --select F,E722,W605 + py39-black-check: black --check --diff bin src doc maintenance tests + py39-black-run: black bin src doc maintenance tests + py39-mypy: mypy --ignore-missing-import --install-types --non-interactive --follow-imports silent src/ --exclude (acme_tiny|migrations)