YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'testing' into stretch-unstable

Browse source
This commit is contained in:
Alexandre Aubin 2018-05-28 02:26:49 +02:00
commit 742c52f496
8 changed files with 295 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
bin/yunoprompt Executable file
View file

@ -0,0 +1,74 @@
#!/bin/bash
# Fetch ips
ip=$(hostname --all-ip-address)
# Fetch SSH fingerprints
i=0
for key in /etc/ssh/ssh_host_*_key.pub ; do
output=$(ssh-keygen -l -f $key)
fingerprint[$i]=" - $(echo $output | cut -d' ' -f2) $(echo $output| cut -d' ' -f4)"
i=$(($i + 1))
done
#
# Build the logo
#
LOGO=$(cat << 'EOF'
__ __ __ __ __ _ _______ __ __ _______ _______ _______
| | | || | | || | | || || | | || || || |
| |_| || | | || |_| || _ || |_| || _ || _____||_ _|
| || |_| || || | | || || | | || |_____ | |
|_ _|| || _ || |_| || _ || |_| ||_____ | | |
| | | || | | || || | | || | _____| | | |
|___| |_______||_| |__||_______||__| |__||_______||_______| |___|
EOF
)
# ' Put a quote in comment to make vim happy about syntax highlighting :s
#
# Build the actual message
#
LOGO_AND_FINGERPRINTS=$(cat << EOF
$LOGO
IP: ${ip}
SSH fingerprints:
${fingerprint[0]}
${fingerprint[1]}
${fingerprint[2]}
${fingerprint[3]}
${fingerprint[4]}
EOF
)
if [[ -f /etc/yunohost/installed ]]
then
echo "$LOGO_AND_FINGERPRINTS" > /etc/issue
else
sleep 5
chvt 2
echo "$LOGO_AND_FINGERPRINTS"
echo -e "\e[m Post-installation \e[0m"
echo "Congratulations! YunoHost has been successfully installed.\nTwo more steps are required to activate the services of your server."
read -p "Proceed to post-installation? (y/n) " -n 1
RESULT=1
while [ $RESULT -gt 0 ]; do
if [[ $REPLY =~ ^[Nn]$ ]]; then
chvt 1
exit 0
fi
echo -e "\n"
/usr/bin/yunohost tools postinstall
let RESULT=$?
if [ $RESULT -gt 0 ]; then
echo -e "\n"
read -p "Retry? (y/n) " -n 1
fi
done
fi

150
data/helpers.d/psql Normal file
View file

@ -0,0 +1,150 @@
# Create a master password and set up global settings
# Please always call this script in install and restore scripts
#
# usage: ynh_psql_test_if_first_run
ynh_psql_test_if_first_run() {
if [ -f /etc/yunohost/psql ];
then
echo "PostgreSQL is already installed, no need to create master password"
else
pgsql=$(ynh_string_random)
pg_hba=""
echo "$pgsql" >> /etc/yunohost/psql
if [ -e /etc/postgresql/9.4/ ]
then
pg_hba=/etc/postgresql/9.4/main/pg_hba.conf
elif [ -e /etc/postgresql/9.6/ ]
then
pg_hba=/etc/postgresql/9.6/main/pg_hba.conf
else
ynh_die "postgresql shoud be 9.4 or 9.6"
fi
systemctl start postgresql
sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres
# force all user to connect to local database using passwords
# https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF
# Note: we can't use peer since YunoHost create users with nologin
# See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user
sed -i '/local\s*all\s*all\s*peer/i \
local all all password' "$pg_hba"
systemctl enable postgresql
systemctl reload postgresql
fi
}
# Open a connection as a user
#
# example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;"
# example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql
#
# usage: ynh_psql_connect_as user pwd [db]
# | arg: user - the user name to connect as
# | arg: pwd - the user password
# | arg: db - the database to connect to
ynh_psql_connect_as() {
user="$1"
pwd="$2"
db="$3"
sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db"
}
# # Execute a command as root user
#
# usage: ynh_psql_execute_as_root sql [db]
# | arg: sql - the SQL command to execute
# | arg: db - the database to connect to
ynh_psql_execute_as_root () {
sql="$1"
sudo --login --user=postgres psql <<< "$sql"
}
# Execute a command from a file as root user
#
# usage: ynh_psql_execute_file_as_root file [db]
# | arg: file - the file containing SQL commands
# | arg: db - the database to connect to
ynh_psql_execute_file_as_root() {
file="$1"
db="$2"
sudo --login --user=postgres psql "$db" < "$file"
}
# Create a database, an user and its password. Then store the password in the app's config
#
# After executing this helper, the password of the created database will be available in $db_pwd
# It will also be stored as "psqlpwd" into the app settings.
#
# usage: ynh_psql_setup_db user name [pwd]
# | arg: user - Owner of the database
# | arg: name - Name of the database
# | arg: pwd - Password of the database. If not given, a password will be generated
ynh_psql_setup_db () {
db_user="$1"
db_name="$2"
new_db_pwd=$(ynh_string_random) # Generate a random password
# If $3 is not given, use new_db_pwd instead for db_pwd.
db_pwd="${3:-$new_db_pwd}"
ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database
ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config
}
# Create a database and grant privilegies to a user
#
# usage: ynh_psql_create_db db [user [pwd]]
# | arg: db - the database name to create
# | arg: user - the user to grant privilegies
# | arg: pwd - the user password
ynh_psql_create_db() {
db="$1"
user="$2"
pwd="$3"
ynh_psql_create_user "$user" "$pwd"
sudo --login --user=postgres createdb --owner="$user" "$db"
}
# Drop a database
#
# usage: ynh_psql_drop_db db
# | arg: db - the database name to drop
# | arg: user - the user to drop
ynh_psql_remove_db() {
db="$1"
user="$2"
sudo --login --user=postgres dropdb "$db"
ynh_psql_drop_user "$user"
}
# Dump a database
#
# example: ynh_psql_dump_db 'roundcube' > ./dump.sql
#
# usage: ynh_psql_dump_db db
# | arg: db - the database name to dump
# | ret: the psqldump output
ynh_psql_dump_db() {
db="$1"
sudo --login --user=postgres pg_dump "$db"
}
# Create a user
#
# usage: ynh_psql_create_user user pwd [host]
# | arg: user - the user name to create
ynh_psql_create_user() {
user="$1"
pwd="$2"
sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd'" postgres
}
# Drop a user
#
# usage: ynh_psql_drop_user user
# | arg: user - the user name to drop
ynh_psql_drop_user() {
user="$1"
sudo --login --user=postgres dropuser "$user"
}

14
data/other/yunoprompt.service Normal file
View file

@ -0,0 +1,14 @@
[Unit]
Description=YunoHost boot prompt
After=getty@tty2.service
[Service]
Type=simple
ExecStart=/usr/bin/yunoprompt
StandardInput=tty
TTYPath=/dev/tty2
TTYReset=yes
TTYVHangup=yes
[Install]
WantedBy=default.target

21
debian/changelog vendored
View file

@ -24,6 +24,27 @@ yunohost (3.0.0~beta1) testing; urgency=low
-- Alexandre Aubin <alex.aubin@mailoo.org> Thu, 03 May 2018 03:04:45 +0000 -- Alexandre Aubin <alex.aubin@mailoo.org> Thu, 03 May 2018 03:04:45 +0000
yunohost (2.7.13.3) testing; urgency=low
* [enh] Add postgresql helpers (#238)
* [enh] Bring back the bootprompt (#363)
* [enh] Allow to disable the backup during the upgrade (#431)
* [fix] Remove warning from equivs (#439)
* [enh] Add SOURCE_EXTRACT (true/false) in ynh_setup_source (#460)
* [enh] More debug output in services.py (#468)
* [enh] Be able to use more variables in template for nginx conf (#462)
* [enh] Upgrade Meltdown / Spectre diagnosis (#464)
* [enh] Check services status via dbus (#469, #478, #479)
* [mod] Cleaning in services.py code (#470, #472)
* [enh] Improvate and translate service descriptions (#476)
* [fix] Fix "untrusted TLS connection" in mail logs (#471)
* [fix] Make apt-get helper not quiet so we can debug (#475)
* [i18n] Improve Occitan, Portuguese, Arabic, French translations
Contributors : ljf, Maniack, Josue, Aleks, Bram, Quent-in, itxtoledo, ButterflyOfFire, Jibec, ariasuni, Haelwenn
-- Alexandre Aubin <alex.aubin@mailoo.org> Mon, 28 May 2018 02:23:00 +0000
yunohost (2.7.13.2) testing; urgency=low yunohost (2.7.13.2) testing; urgency=low
* [fix] Fix an error with services marked as None (#466) * [fix] Fix an error with services marked as None (#466)

1
debian/install vendored
View file

@ -3,6 +3,7 @@ sbin/* /usr/sbin/
data/bash-completion.d/yunohost /etc/bash_completion.d/ data/bash-completion.d/yunohost /etc/bash_completion.d/
data/actionsmap/* /usr/share/moulinette/actionsmap/ data/actionsmap/* /usr/share/moulinette/actionsmap/
data/hooks/* /usr/share/yunohost/hooks/ data/hooks/* /usr/share/yunohost/hooks/
data/other/yunoprompt.service /etc/systemd/system/
data/other/* /usr/share/yunohost/yunohost-config/moulinette/ data/other/* /usr/share/yunohost/yunohost-config/moulinette/
data/templates/* /usr/share/yunohost/templates/ data/templates/* /usr/share/yunohost/templates/
data/helpers /usr/share/yunohost/ data/helpers /usr/share/yunohost/

3
debian/postinst vendored
View file

@ -24,6 +24,9 @@ do_configure() {
"consider to start it by doing 'service yunohost-firewall start'." "consider to start it by doing 'service yunohost-firewall start'."
fi fi
# Yunoprompt
systemctl enable yunoprompt.service
# remove old PAM config and update it # remove old PAM config and update it
[[ ! -f /usr/share/pam-configs/my_mkhomedir ]] \ [[ ! -f /usr/share/pam-configs/my_mkhomedir ]] \
|| rm /usr/share/pam-configs/my_mkhomedir || rm /usr/share/pam-configs/my_mkhomedir

18
locales/en.json
View file

@ -339,6 +339,24 @@
"service_conf_up_to_date": "The configuration is already up-to-date for service '{service}'", "service_conf_up_to_date": "The configuration is already up-to-date for service '{service}'",
"service_conf_updated": "The configuration has been updated for service '{service}'", "service_conf_updated": "The configuration has been updated for service '{service}'",
"service_conf_would_be_updated": "The configuration would have been updated for service '{service}'", "service_conf_would_be_updated": "The configuration would have been updated for service '{service}'",
"service_description_avahi-daemon": "allows to reach your server using yunohost.local on your local network",
"service_description_dnsmasq": "handles domain name resolution (DNS)",
"service_description_dovecot": "allows e-mail client to access/fetch email (via IMAP and POP3)",
"service_description_fail2ban": "protects against bruteforce and other kind of attacks from the Internet",
"service_description_glances": "monitors system information on your server",
"service_description_metronome": "manage XMPP instant messaging accounts",
"service_description_mysql": "stores applications data (SQL database)",
"service_description_nginx": "serves or provides access to all the websites hosted on your server",
"service_description_nslcd": "handles YunoHost user shell connection",
"service_description_php5-fpm": "runs applications written in PHP with nginx",
"service_description_postfix": "used to send and receive emails",
"service_description_redis-server": "a specialized database used for rapid data access, task queue and communication between programs",
"service_description_rmilter": "checks various parameters in emails",
"service_description_rspamd": "filters spam, and other email-related features",
"service_description_slapd": "stores users, domains and related information",
"service_description_ssh": "allows you to connect remotely to your server via a terminal (SSH protocol)",
"service_description_yunohost-api": "manages interactions between the YunoHost web interface and the system",
"service_description_yunohost-firewall": "manages open and close connexion ports to services",
"service_disable_failed": "Unable to disable service '{service:s}'\n\nRecent service logs:{logs:s}", "service_disable_failed": "Unable to disable service '{service:s}'\n\nRecent service logs:{logs:s}",
"service_disabled": "The service '{service:s}' has been disabled", "service_disabled": "The service '{service:s}' has been disabled",
"service_enable_failed": "Unable to enable service '{service:s}'\n\nRecent service logs:{logs:s}", "service_enable_failed": "Unable to enable service '{service:s}'\n\nRecent service logs:{logs:s}",

15
src/yunohost/service.py
View file

@ -227,6 +227,15 @@ def service_status(names=[]):
status = _get_service_information_from_systemd(name) status = _get_service_information_from_systemd(name)
translation_key = "service_description_%s" % name
description = m18n.n(translation_key)
# that mean that we don't have a translation for this string
# that's the only way to test for that for now
# if we don't have it, uses the one provided by systemd
if description == translation_key:
description = str(status.get("Description", ""))
result[name] = { result[name] = {
'status': str(status.get("SubState", "unknown")), 'status': str(status.get("SubState", "unknown")),
'loaded': "enabled" if str(status.get("LoadState", "unknown")) == "loaded" else str(status.get("LoadState", "unknown")), 'loaded': "enabled" if str(status.get("LoadState", "unknown")) == "loaded" else str(status.get("LoadState", "unknown")),
@ -235,7 +244,7 @@ def service_status(names=[]):
"timestamp": str(status.get("ActiveEnterTimestamp", "unknown")), "timestamp": str(status.get("ActiveEnterTimestamp", "unknown")),
"human": datetime.fromtimestamp(status.get("ActiveEnterTimestamp") / 1000000).strftime("%F %X"), "human": datetime.fromtimestamp(status.get("ActiveEnterTimestamp") / 1000000).strftime("%F %X"),
}, },
'description': str(status.get("Description", "")), 'description': description,
'service_file_path': str(status.get("FragmentPath", "unknown")), 'service_file_path': str(status.get("FragmentPath", "unknown")),
} }
@ -713,6 +722,10 @@ def _get_files_diff(orig_file, new_file, as_string=False, skip_header=True):
def _calculate_hash(path): def _calculate_hash(path):
"""Calculate the MD5 hash of a file""" """Calculate the MD5 hash of a file"""
if not os.path.exists(path):
return None
hasher = hashlib.md5() hasher = hashlib.md5()
try: try: