YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'stretch-unstable' of https://github.com/YunoHost/yunohost into cracklib

Browse source
This commit is contained in:
ljf 2018-08-27 01:01:02 +02:00
commit cda8bcf206
124 changed files with 19923 additions and 2785 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View file

@ -0,0 +1,22 @@
## The problem
...
## Solution
...
## PR Status
...
## How to test
...
## Validation
- [ ] Principle agreement 0/2 :
- [ ] Quick review 0/1 :
- [ ] Simple test 0/1 :
- [ ] Deep review 0/1 :

5
.travis.yml Normal file
View file

@ -0,0 +1,5 @@
language: python
install: "pip install pytest pyyaml"
python:
- "2.7"
script: "py.test tests"

101
CONTRIBUTORS.md Normal file
View file

@ -0,0 +1,101 @@
YunoHost core contributors
==========================
YunoHost is built and maintained by the YunoHost project community.
Everyone is encouraged to submit issues and changes, and to contribute in other ways -- see https://yunohost.org/contribute to find out how.
--
Initial YunoHost core was built by Kload & beudbeud, for YunoHost v2.
Most of code was written by Kload and jerome, with help of numerous contributors.
Translation is made by a bunch of lovely people all over the world.
We would like to thank anyone who ever helped the YunoHost project <3
YunoHost core Contributors
--------------------------
- Jérôme Lebleu
- Kload
- Laurent 'Bram' Peuch
- Julien 'ju' Malik
- opi
- Aleks
- Adrien 'beudbeud' Beudin
- M5oul
- Valentin 'zamentur' / 'ljf' Grimaud
- Jocelyn Delalande
- infertux
- Taziden
- ZeHiro
- Josue-T
- nahoj
- a1ex
- JimboJoe
- vetetix
- jellium
- Sebastien 'sebian' Badia
- lmangani
- Julien Vaubourg
- thardev
- zimo2001
YunoHost core Translators
-------------------------
If you want to help translation, please visit https://translate.yunohost.org/projects/yunohost/yunohost/
### Dutch
- DUBWiSE
- Jeroen Keerl
- marut
### English
- Bugsbane
- rokaz
### French
- aoz roon
- Genma
- Jean-Baptiste Holcroft
- Jean P.
- Jérôme Lebleu
- Lapineige
- paddy
### German
- david.bartke
- Fabian Gruber
- Felix Bartels
- Jeroen Keerl
- martin kistner
- Philip Gatzka
### Hindi
- Anmol
### Italian
- bricabrac
- Thomas Bille
### Portuguese
- Deleted User
- Trollken
### Spanish
- Juanu

6
README.md
View file

@ -4,8 +4,12 @@
This repository is the core of YunoHost code.
<a href="https://translate.yunohost.org/engage/yunohost/?utm_source=widget">
<img src="https://translate.yunohost.org/widgets/yunohost/-/287x66-white.png" alt="Translation status" />
</a>
## Issues
- [Please report issues on YunoHost bugtracker](https://dev.yunohost.org/projects/yunohost/issues) (no registration needed).
- [Please report issues on YunoHost bugtracker](https://github.com/YunoHost/issues).
## Contribute
- You can develop on this repository using [ynh-dev tool](https://github.com/YunoHost/ynh-dev) with `use-git` sub-command.

27
bin/yunohost
View file

@ -9,8 +9,8 @@ import argparse
IN_DEVEL = False
# Level for which loggers will log
LOGGERS_LEVEL = 'INFO'
TTY_LOG_LEVEL = 'SUCCESS'
LOGGERS_LEVEL = 'DEBUG'
TTY_LOG_LEVEL = 'INFO'
# Handlers that will be used by loggers
# - file: log to the file LOG_DIR/LOG_FILE
@ -58,14 +58,14 @@ def _parse_cli_args():
action='store_true', default=False,
help="Log and print debug messages",
)
parser.add_argument('--verbose',
action='store_true', default=False,
help="Be more verbose in the output",
)
parser.add_argument('--quiet',
action='store_true', default=False,
help="Don't produce any output",
)
parser.add_argument('--timeout',
type=int, default=None,
help="Number of seconds before this command will timeout because it can't acquire the lock (meaning that another command is currently running), by default there is no timeout and the command will wait until it can get the lock",
)
parser.add_argument('--admin-password',
default=None, dest='password', metavar='PASSWORD',
help="The admin password to use to authenticate",
@ -88,13 +88,13 @@ def _parse_cli_args():
return (parser, opts, args)
def _init_moulinette(debug=False, verbose=False, quiet=False):
def _init_moulinette(debug=False, quiet=False):
"""Configure logging and initialize the moulinette"""
# Define loggers handlers
handlers = set(LOGGERS_HANDLERS)
if quiet and 'tty' in handlers:
handlers.remove('tty')
elif verbose and 'tty' not in handlers:
elif 'tty' not in handlers:
handlers.append('tty')
root_handlers = set(handlers)
@ -104,10 +104,8 @@ def _init_moulinette(debug=False, verbose=False, quiet=False):
# Define loggers level
level = LOGGERS_LEVEL
tty_level = TTY_LOG_LEVEL
if verbose:
tty_level = 'INFO'
if debug:
tty_level = level = 'DEBUG'
tty_level = 'DEBUG'
# Custom logging configuration
logging = {
@ -192,12 +190,14 @@ if __name__ == '__main__':
sys.exit(1)
parser, opts, args = _parse_cli_args()
_init_moulinette(opts.debug, opts.verbose, opts.quiet)
_init_moulinette(opts.debug, opts.quiet)
# Check that YunoHost is installed
if not os.path.isfile('/etc/yunohost/installed') and \
(len(args) < 2 or (args[0] +' '+ args[1] != 'tools postinstall' and \
args[0] +' '+ args[1] != 'backup restore')):
from moulinette import m18n
# Init i18n
m18n.load_namespace('yunohost')
m18n.set_locale(get_locale())
@ -209,6 +209,7 @@ if __name__ == '__main__':
ret = moulinette.cli(
_retrieve_namespaces(), args,
use_cache=opts.use_cache, output_as=opts.output_as,
password=opts.password, parser_kwargs={'top_parser': parser}
password=opts.password, parser_kwargs={'top_parser': parser},
timeout=opts.timeout,
)
sys.exit(ret)

74
bin/yunoprompt Executable file
View file

@ -0,0 +1,74 @@
#!/bin/bash
# Fetch ips
ip=$(hostname --all-ip-address)
# Fetch SSH fingerprints
i=0
for key in /etc/ssh/ssh_host_*_key.pub ; do
output=$(ssh-keygen -l -f $key)
fingerprint[$i]=" - $(echo $output | cut -d' ' -f2) $(echo $output| cut -d' ' -f4)"
i=$(($i + 1))
done
#
# Build the logo
#
LOGO=$(cat << 'EOF'
__ __ __ __ __ _ _______ __ __ _______ _______ _______
| | | || | | || | | || || | | || || || |
| |_| || | | || |_| || _ || |_| || _ || _____||_ _|
| || |_| || || | | || || | | || |_____ | |
|_ _|| || _ || |_| || _ || |_| ||_____ | | |
| | | || | | || || | | || | _____| | | |
|___| |_______||_| |__||_______||__| |__||_______||_______| |___|
EOF
)
# ' Put a quote in comment to make vim happy about syntax highlighting :s
#
# Build the actual message
#
LOGO_AND_FINGERPRINTS=$(cat << EOF
$LOGO
IP: ${ip}
SSH fingerprints:
${fingerprint[0]}
${fingerprint[1]}
${fingerprint[2]}
${fingerprint[3]}
${fingerprint[4]}
EOF
)
if [[ -f /etc/yunohost/installed ]]
then
echo "$LOGO_AND_FINGERPRINTS" > /etc/issue
else
sleep 5
chvt 2
echo "$LOGO_AND_FINGERPRINTS"
echo -e "\e[m Post-installation \e[0m"
echo "Congratulations! YunoHost has been successfully installed.\nTwo more steps are required to activate the services of your server."
read -p "Proceed to post-installation? (y/n) " -n 1
RESULT=1
while [ $RESULT -gt 0 ]; do
if [[ $REPLY =~ ^[Nn]$ ]]; then
chvt 1
exit 0
fi
echo -e "\n"
/usr/bin/yunohost tools postinstall
let RESULT=$?
if [ $RESULT -gt 0 ]; then
echo -e "\n"
read -p "Retry? (y/n) " -n 1
fi
done
fi

536
data/actionsmap/yunohost.yml
View file

@ -50,7 +50,6 @@ _global:
uri: ldap://localhost:389
base_dn: dc=yunohost,dc=org
argument_auth: true
lock: true
arguments:
-v:
full: --version
@ -78,17 +77,6 @@ user:
--fields:
help: fields to fetch
nargs: "+"
-f:
full: --filter
help: LDAP filter used to search
-l:
full: --limit
help: Maximum number of user fetched
type: int
-o:
full: --offset
help: Starting number for user fetching
type: int
### user_create()
create:
@ -226,6 +214,78 @@ user:
username:
help: Username or email to get information
subcategories:
ssh:
subcategory_help: Manage ssh access
actions:
### user_ssh_enable()
allow:
action_help: Allow the user to uses ssh
api: POST /users/ssh/enable
configuration:
authenticate: all
arguments:
username:
help: Username of the user
extra:
pattern: *pattern_username
### user_ssh_disable()
disallow:
action_help: Disallow the user to uses ssh
api: POST /users/ssh/disable
configuration:
authenticate: all
arguments:
username:
help: Username of the user
extra:
pattern: *pattern_username
### user_ssh_keys_list()
list-keys:
action_help: Show user's authorized ssh keys
api: GET /users/ssh/keys
configuration:
authenticate: all
arguments:
username:
help: Username of the user
extra:
pattern: *pattern_username
### user_ssh_keys_add()
add-key:
action_help: Add a new authorized ssh key for this user
api: POST /users/ssh/key
configuration:
authenticate: all
arguments:
username:
help: Username of the user
extra:
pattern: *pattern_username
key:
help: The key to be added
-c:
full: --comment
help: Optionnal comment about the key
### user_ssh_keys_remove()
remove-key:
action_help: Remove an authorized ssh key for this user
api: DELETE /users/ssh/key
configuration:
authenticate: all
arguments:
username:
help: Username of the user
extra:
pattern: *pattern_username
key:
help: The key to be removed
#############################
# Domain #
@ -241,25 +301,12 @@ domain:
configuration:
authenticate: all
authenticator: ldap-anonymous
arguments:
-f:
full: --filter
help: LDAP filter used to search
-l:
full: --limit
help: Maximum number of domain fetched
type: int
-o:
full: --offset
help: Starting number for domain fetching
type: int
### domain_add()
add:
action_help: Create a custom domain
api: POST /domains
configuration:
lock: false
authenticate: all
arguments:
domain:
@ -278,7 +325,6 @@ domain:
action_help: Delete domains
api: DELETE /domains/<domain>
configuration:
lock: false
authenticate: all
arguments:
domain:
@ -291,7 +337,6 @@ domain:
action_help: Generate DNS configuration for a domain
api: GET /domains/<domain>/dns
configuration:
lock: false
authenticate:
- api
arguments:
@ -305,8 +350,86 @@ domain:
- !!str ^[0-9]+$
- "pattern_positive_number"
### certificate_status()
cert-status:
action_help: List status of current certificates (all by default).
api: GET /domains/cert-status/<domain_list>
configuration:
authenticate: all
authenticator: ldap-anonymous
arguments:
domain_list:
help: Domains to check
nargs: "*"
--full:
help: Show more details
action: store_true
### domain_info()
### certificate_install()
cert-install:
action_help: Install Let's Encrypt certificates for given domains (all by default).
api: POST /domains/cert-install/<domain_list>
configuration:
authenticate: all
authenticator: ldap-anonymous
arguments:
domain_list:
help: Domains for which to install the certificates
nargs: "*"
--force:
help: Install even if current certificate is not self-signed
action: store_true
--no-checks:
help: Does not perform any check that your domain seems correctly configured (DNS, reachability) before attempting to install. (Not recommended)
action: store_true
--self-signed:
help: Install self-signed certificate instead of Let's Encrypt
action: store_true
--staging:
help: Use the fake/staging Let's Encrypt certification authority. The new certificate won't actually be enabled - it is only intended to test the main steps of the procedure.
action: store_true
### certificate_renew()
cert-renew:
action_help: Renew the Let's Encrypt certificates for given domains (all by default).
api: POST /domains/cert-renew/<domain_list>
configuration:
authenticate: all
authenticator: ldap-anonymous
arguments:
domain_list:
help: Domains for which to renew the certificates
nargs: "*"
--force:
help: Ignore the validity threshold (30 days)
action: store_true
--email:
help: Send an email to root with logs if some renewing fails
action: store_true
--no-checks:
help: Does not perform any check that your domain seems correctly configured (DNS, reachability) before attempting to renew. (Not recommended)
action: store_true
--staging:
help: Use the fake/staging Let's Encrypt certification authority. The new certificate won't actually be enabled - it is only intended to test the main steps of the procedure.
action: store_true
### domain_url_available()
url-available:
action_help: Check availability of a web path
api: GET /domain/urlavailable
configuration:
authenticate: all
authenticator: ldap-anonymous
arguments:
domain:
help: The domain for the web path (e.g. your.domain.tld)
extra:
pattern: *pattern_domain
path:
help: The path to check (e.g. /coffee)
### domain_info()
# info:
# action_help: Get domain informations
# api: GET /domains/<domain>
@ -328,28 +451,28 @@ app:
### app_fetchlist()
fetchlist:
action_help: Fetch application list from app server
action_help: Fetch application lists from app servers, or register a new one.
api: PUT /appslists
arguments:
-u:
full: --url
help: URL of remote JSON list (default https://app.yunohost.org/official.json)
-n:
full: --name
help: Name of the list (default yunohost)
help: Name of the list to fetch (fetches all registered lists if empty)
extra:
pattern: &pattern_listname
- !!str ^[a-z0-9_]+$
- "pattern_listname"
-u:
full: --url
help: URL of a new application list to register. To be specified with -n.
### app_listlists()
listlists:
action_help: List fetched lists
action_help: List registered application lists
api: GET /appslists
### app_removelist()
removelist:
action_help: Remove list from the repositories
action_help: Remove and forget about a given application list
api: DELETE /appslists
arguments:
name:
@ -363,12 +486,6 @@ app:
action_help: List apps
api: GET /apps
arguments:
-l:
full: --limit
help: Maximum number of app fetched
-o:
full: --offset
help: Starting number for app fetching
-f:
full: --filter
help: Name filter of app_id or app_name
@ -426,7 +543,6 @@ app:
configuration:
authenticate: all
authenticator: ldap-anonymous
lock: false
arguments:
app:
help: Name, local path or git URL of the app to install
@ -436,6 +552,10 @@ app:
-a:
full: --args
help: Serialized arguments for app script (i.e. "domain=domain.tld&path=/path")
-n:
full: --no-remove-on-failure
help: Debug option to avoid removing the app on a failed installation
action: store_true
### app_remove() TODO: Write help
remove:
@ -444,7 +564,6 @@ app:
configuration:
authenticate: all
authenticator: ldap-anonymous
lock: false
arguments:
app:
help: App(s) to delete
@ -456,7 +575,6 @@ app:
configuration:
authenticate: all
authenticator: ldap-anonymous
lock: false
arguments:
app:
help: App(s) to upgrade (default all)
@ -468,6 +586,30 @@ app:
full: --file
help: Folder or tarball for upgrade
### app_change_url()
change-url:
action_help: Change app's URL
api: PUT /apps/<app>/changeurl
configuration:
authenticate: all
authenticator: ldap-anonymous
arguments:
app:
help: Target app instance name
-d:
full: --domain
help: New app domain on which the application will be moved
extra:
ask: ask_main_domain
pattern: *pattern_domain
required: True
-p:
full: --path
help: New path at which the application will be moved
extra:
ask: ask_path
required: True
### app_setting()
setting:
action_help: Set or get an app setting value
@ -489,6 +631,7 @@ app:
checkport:
action_help: Check availability of a local port
api: GET /tools/checkport
deprecated: true
arguments:
port:
help: Port to check
@ -501,6 +644,7 @@ app:
checkurl:
action_help: Check availability of a web path
api: GET /tools/checkurl
deprecated: True
configuration:
authenticate: all
authenticator: ldap-anonymous
@ -511,6 +655,22 @@ app:
full: --app
help: Write domain & path to app settings for further checks
### app_register_url()
register-url:
action_help: Book/register a web path for a given app
api: PUT /tools/registerurl
configuration:
authenticate: all
authenticator: ldap-anonymous
arguments:
app:
help: App which will use the web path
domain:
help: The domain on which the app should be registered (e.g. your.domain.tld)
path:
help: The path to be registered (e.g. /coffee)
### app_initdb()
initdb:
action_help: Create database and initialize it with optionnal attached script
@ -559,6 +719,19 @@ app:
authenticate: all
authenticator: ldap-anonymous
### app_change_label()
change-label:
action_help: Change app label
api: PUT /apps/<app>/label
configuration:
authenticate: all
authenticator: ldap-anonymous
arguments:
app:
help: App ID
new_label:
help: New app label
### app_addaccess() TODO: Write help
addaccess:
action_help: Grant access right to users (everyone by default)
@ -598,6 +771,56 @@ app:
apps:
nargs: "+"
subcategories:
action:
subcategory_help: Handle apps actions
actions:
### app_action_list()
list:
action_help: List app actions
api: GET /apps/<app_id>/actions
arguments:
app_id:
help: app id
### app_action_run()
run:
action_help: Run app action
api: PUT /apps/<app_id>/actions/<action>
arguments:
app_id:
help: app id
action:
help: action id
-a:
full: --args
help: Serialized arguments for app script (i.e. "domain=domain.tld&path=/path")
config:
subcategory_help: Applications configuration panel
actions:
### app_config_show_panel()
show-panel:
action_help: show config panel for the application
api: GET /apps/<app_id>/config-panel
arguments:
app_id:
help: App ID
### app_config_apply()
apply:
action_help: apply the new configuration
api: POST /apps/<app_id>/config
arguments:
app_id:
help: App ID
-a:
full: --args
help: Serialized arguments for new configuration (i.e. "domain=domain.tld&path=/path")
#############################
# Backup #
#############################
@ -607,17 +830,15 @@ backup:
### backup_create()
create:
action_help: Create a backup local archive
action_help: Create a backup local archive. If neither --apps or --system are given, this will backup all apps and all system parts. If only --apps if given, this will only backup apps and no system parts. Similarly, if only --system is given, this will only backup system parts and no apps.
api: POST /backup
configuration:
lock: false
arguments:
-n:
full: --name
help: Name of the backup archive
extra:
pattern: &pattern_backup_archive_name
- !!str ^[\w\-\.]{1,30}(?<!\.)$
- !!str ^[\w\-\._]{1,50}(?<!\.)$
- "pattern_backup_archive_name"
-d:
full: --description
@ -629,42 +850,32 @@ backup:
full: --no-compress
help: Do not create an archive file
action: store_true
--hooks:
help: List of backup hooks names to execute
--methods:
help: List of backup methods to apply (copy or tar by default)
nargs: "*"
--system:
help: List of system parts to backup (or all if none given).
nargs: "*"
--ignore-hooks:
help: Do not execute backup hooks
action: store_true
--apps:
help: List of application names to backup
help: List of application names to backup (or all if none given)
nargs: "*"
--ignore-apps:
help: Do not backup apps
action: store_true
### backup_restore()
restore:
action_help: Restore from a local backup archive
action_help: Restore from a local backup archive. If neither --apps or --system are given, this will restore all apps and all system parts in the archive. If only --apps if given, this will only restore apps and no system parts. Similarly, if only --system is given, this will only restore system parts and no apps.
api: POST /backup/restore/<name>
configuration:
authenticate: all
authenticator: ldap-anonymous
lock: false
arguments:
name:
help: Name of the local backup archive
--hooks:
help: List of restauration hooks names to execute
--system:
help: List of system parts to restore (or all if none is given)
nargs: "*"
--apps:
help: List of application names to restore
help: List of application names to restore (or all if none is given)
nargs: "*"
--ignore-apps:
help: Do not restore apps
action: store_true
--ignore-hooks:
help: Do not restore hooks
action: store_true
--force:
help: Force restauration on an already installed system
action: store_true
@ -673,8 +884,6 @@ backup:
list:
action_help: List available local backup archives
api: GET /backup/archives
configuration:
lock: false
arguments:
-i:
full: --with-info
@ -689,8 +898,6 @@ backup:
info:
action_help: Show info about a local backup archive
api: GET /backup/archives/<name>
configuration:
lock: false
arguments:
name:
help: Name of the local backup archive
@ -707,8 +914,6 @@ backup:
delete:
action_help: Delete a backup archive
api: DELETE /backup/archives/<name>
configuration:
lock: false
arguments:
name:
help: Name of the archive to delete
@ -857,6 +1062,55 @@ monitor:
action_help: Disable server monitoring
#############################
# Settings #
#############################
settings:
category_help: Manage YunoHost global settings
actions:
### settings_list()
list:
action_help: list all entries of the settings
api: GET /settings
### settings_get()
get:
action_help: get an entry value in the settings
api: GET /settings/<key>
arguments:
key:
help: Settings key
--full:
help: Show more details
action: store_true
### settings_set()
set:
action_help: set an entry value in the settings
api: POST /settings/<key>
arguments:
key:
help: Settings key
-v:
full: --value
help: new value
extra:
required: True
### settings_reset_all()
reset-all:
action_help: reset all settings to their default value
api: DELETE /settings
### settings_reset()
reset:
action_help: set an entry value to its default one
api: DELETE /settings/<key>
arguments:
key:
help: Settings key
#############################
# Service #
#############################
@ -960,8 +1214,6 @@ service:
regen-conf:
action_help: Regenerate the configuration file(s) for a service
api: PUT /services/regenconf
configuration:
lock: false
deprecated_alias:
- regenconf
arguments:
@ -1200,20 +1452,16 @@ tools:
### tools_maindomain()
maindomain:
action_help: Main domain change tool
action_help: Check the current main domain, or change it
api:
- GET /domains/main
- PUT /domains/main
configuration:
authenticate: all
lock: false
arguments:
-o:
full: --old-domain
extra:
pattern: *pattern_domain
-n:
full: --new-domain
help: Change the current main domain
extra:
pattern: *pattern_domain
@ -1223,7 +1471,6 @@ tools:
api: POST /postinstall
configuration:
authenticate: false
lock: false
arguments:
-d:
full: --domain
@ -1247,8 +1494,6 @@ tools:
update:
action_help: YunoHost update
api: PUT /update
configuration:
lock: false
arguments:
--ignore-apps:
help: Ignore apps cache update and changelog
@ -1264,7 +1509,6 @@ tools:
configuration:
authenticate: all
authenticator: ldap-anonymous
lock: false
arguments:
--ignore-apps:
help: Ignore apps upgrade
@ -1280,13 +1524,95 @@ tools:
configuration:
authenticate: all
authenticator: ldap-anonymous
lock: false
arguments:
-p:
full: --private
help: Show private data (domain, IP)
action: store_true
### tools_port_available()
port-available:
action_help: Check availability of a local port
api: GET /tools/portavailable
arguments:
port:
help: Port to check
extra:
pattern: *pattern_port
### tools_shell()
shell:
configuration:
authenticate: all
action_help: Launch a development shell
arguments:
-c:
help: python command to execute
full: --command
### tools_shutdown()
shutdown:
action_help: Shutdown the server
api: PUT /shutdown
arguments:
-f:
help: skip the shutdown confirmation
full: --force
action: store_true
### tools_reboot()
reboot:
action_help: Reboot the server
api: PUT /reboot
arguments:
-f:
help: skip the reboot confirmation
full: --force
action: store_true
subcategories:
migrations:
subcategory_help: Manage migrations
actions:
### tools_migrations_list()
list:
action_help: List migrations
api: GET /migrations
arguments:
--pending:
help: list only pending migrations
action: store_true
--done:
help: list only migrations already performed
action: store_true
### tools_migrations_migrate()
migrate:
action_help: Perform migrations
api: POST /migrations/migrate
arguments:
-t:
help: target migration number (or 0), latest one by default
type: int
full: --target
-s:
help: skip the migration(s), use it only if you know what you are doing
full: --skip
action: store_true
--auto:
help: automatic mode, won't run manual migrations, use it only if you know what you are doing
action: store_true
--accept-disclaimer:
help: accept disclaimers of migration (please read them before using this option)
action: store_true
### tools_migrations_state()
state:
action_help: Show current migrations state
api: GET /migrations/state
#############################
# Hook #
@ -1384,3 +1710,39 @@ hook:
-d:
full: --chdir
help: The directory from where the script will be executed
#############################
# Log #
#############################
log:
category_help: Manage debug logs
actions:
### log_list()
list:
action_help: List logs
api: GET /logs
arguments:
category:
help: Log category to display (default operations), could be operation, history, package, system, access, service or app
nargs: "*"
-l:
full: --limit
help: Maximum number of logs
type: int
### log_display()
display:
action_help: Display a log content
api: GET /logs/display
arguments:
path:
help: Log file which to display the content
-n:
full: --number
help: Number of lines to display
default: 50
type: int
--share:
help: Share the full log using yunopaste
action: store_true

239
data/helpers.d/backend Normal file
View file

@ -0,0 +1,239 @@
# Use logrotate to manage the logfile
#
# usage: ynh_use_logrotate [logfile] [--non-append]
# | arg: logfile - absolute path of logfile
# | arg: --non-append - (Option) Replace the config file instead of appending this new config.
#
# If no argument provided, a standard directory will be use. /var/log/${app}
# You can provide a path with the directory only or with the logfile.
# /parentdir/logdir
# /parentdir/logdir/logfile.log
#
# It's possible to use this helper several times, each config will be added to the same logrotate config file.
# Unless you use the option --non-append
ynh_use_logrotate () {
local customtee="tee -a"
if [ $# -gt 0 ] && [ "$1" == "--non-append" ]; then
customtee="tee"
# Destroy this argument for the next command.
shift
elif [ $# -gt 1 ] && [ "$2" == "--non-append" ]; then
customtee="tee"
fi
if [ $# -gt 0 ]; then
if [ "$(echo ${1##*.})" == "log" ]; then # Keep only the extension to check if it's a logfile
local logfile=$1 # In this case, focus logrotate on the logfile
else
local logfile=$1/*.log # Else, uses the directory and all logfile into it.
fi
else
local logfile="/var/log/${app}/*.log" # Without argument, use a defaut directory in /var/log
fi
cat > ./${app}-logrotate << EOF # Build a config file for logrotate
$logfile {
# Rotate if the logfile exceeds 100Mo
size 100M
# Keep 12 old log maximum
rotate 12
# Compress the logs with gzip
compress
# Compress the log at the next cycle. So keep always 2 non compressed logs
delaycompress
# Copy and truncate the log to allow to continue write on it. Instead of move the log.
copytruncate
# Do not do an error if the log is missing
missingok
# Not rotate if the log is empty
notifempty
# Keep old logs in the same dir
noolddir
}
EOF
sudo mkdir -p $(dirname "$logfile") # Create the log directory, if not exist
cat ${app}-logrotate | sudo $customtee /etc/logrotate.d/$app > /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee)
}
# Remove the app's logrotate config.
#
# usage: ynh_remove_logrotate
ynh_remove_logrotate () {
if [ -e "/etc/logrotate.d/$app" ]; then
sudo rm "/etc/logrotate.d/$app"
fi
}
# Create a dedicated systemd config
#
# usage: ynh_add_systemd_config [service] [template]
# | arg: service - Service name (optionnal, $app by default)
# | arg: template - Name of template file (optionnal, this is 'systemd' by default, meaning ./conf/systemd.service will be used as template)
#
# This will use the template ../conf/<templatename>.service
# to generate a systemd config, by replacing the following keywords
# with global variables that should be defined before calling
# this helper :
#
# __APP__ by $app
# __FINALPATH__ by $final_path
#
ynh_add_systemd_config () {
local service_name="${1:-$app}"
finalsystemdconf="/etc/systemd/system/$service_name.service"
ynh_backup_if_checksum_is_different "$finalsystemdconf"
sudo cp ../conf/${2:-systemd.service} "$finalsystemdconf"
# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
# Substitute in a nginx config file only if the variable is not empty
if test -n "${final_path:-}"; then
ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf"
fi
if test -n "${app:-}"; then
ynh_replace_string "__APP__" "$app" "$finalsystemdconf"
fi
ynh_store_file_checksum "$finalsystemdconf"
sudo chown root: "$finalsystemdconf"
sudo systemctl enable $service_name
sudo systemctl daemon-reload
}
# Remove the dedicated systemd config
#
# usage: ynh_remove_systemd_config [service]
# | arg: service - Service name (optionnal, $app by default)
#
ynh_remove_systemd_config () {
local service_name="${1:-$app}"
local finalsystemdconf="/etc/systemd/system/$service_name.service"
if [ -e "$finalsystemdconf" ]; then
sudo systemctl stop $service_name
sudo systemctl disable $service_name
ynh_secure_remove "$finalsystemdconf"
sudo systemctl daemon-reload
fi
}
# Create a dedicated nginx config
#
# usage: ynh_add_nginx_config "list of others variables to replace"
#
# | arg: list of others variables to replace separeted by a space
# | for example : 'path_2 port_2 ...'
#
# This will use a template in ../conf/nginx.conf
# __PATH__ by $path_url
# __DOMAIN__ by $domain
# __PORT__ by $port
# __NAME__ by $app
# __FINALPATH__ by $final_path
#
# And dynamic variables (from the last example) :
# __PATH_2__ by $path_2
# __PORT_2__ by $port_2
#
ynh_add_nginx_config () {
finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf"
local others_var=${1:-}
ynh_backup_if_checksum_is_different "$finalnginxconf"
sudo cp ../conf/nginx.conf "$finalnginxconf"
# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
# Substitute in a nginx config file only if the variable is not empty
if test -n "${path_url:-}"; then
# path_url_slash_less is path_url, or a blank value if path_url is only '/'
local path_url_slash_less=${path_url%/}
ynh_replace_string "__PATH__/" "$path_url_slash_less/" "$finalnginxconf"
ynh_replace_string "__PATH__" "$path_url" "$finalnginxconf"
fi
if test -n "${domain:-}"; then
ynh_replace_string "__DOMAIN__" "$domain" "$finalnginxconf"
fi
if test -n "${port:-}"; then
ynh_replace_string "__PORT__" "$port" "$finalnginxconf"
fi
if test -n "${app:-}"; then
ynh_replace_string "__NAME__" "$app" "$finalnginxconf"
fi
if test -n "${final_path:-}"; then
ynh_replace_string "__FINALPATH__" "$final_path" "$finalnginxconf"
fi
# Replace all other variable given as arguments
for var_to_replace in $others_var
do
# ${var_to_replace^^} make the content of the variable on upper-cases
# ${!var_to_replace} get the content of the variable named $var_to_replace
ynh_replace_string "__${var_to_replace^^}__" "${!var_to_replace}" "$finalnginxconf"
done
if [ "${path_url:-}" != "/" ]
then
ynh_replace_string "^#sub_path_only" "" "$finalnginxconf"
else
ynh_replace_string "^#root_path_only" "" "$finalnginxconf"
fi
ynh_store_file_checksum "$finalnginxconf"
sudo systemctl reload nginx
}
# Remove the dedicated nginx config
#
# usage: ynh_remove_nginx_config
ynh_remove_nginx_config () {
ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf"
sudo systemctl reload nginx
}
# Create a dedicated php-fpm config
#
# usage: ynh_add_fpm_config
ynh_add_fpm_config () {
# Configure PHP-FPM 7.0 by default
local fpm_config_dir="/etc/php/7.0/fpm"
local fpm_service="php7.0-fpm"
# Configure PHP-FPM 5 on Debian Jessie
if [ "$(ynh_get_debian_release)" == "jessie" ]; then
fpm_config_dir="/etc/php5/fpm"
fpm_service="php5-fpm"
fi
ynh_app_setting_set $app fpm_config_dir "$fpm_config_dir"
ynh_app_setting_set $app fpm_service "$fpm_service"
finalphpconf="$fpm_config_dir/pool.d/$app.conf"
ynh_backup_if_checksum_is_different "$finalphpconf"
sudo cp ../conf/php-fpm.conf "$finalphpconf"
ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf"
ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf"
ynh_replace_string "__USER__" "$app" "$finalphpconf"
sudo chown root: "$finalphpconf"
ynh_store_file_checksum "$finalphpconf"
if [ -e "../conf/php-fpm.ini" ]
then
finalphpini="$fpm_config_dir/conf.d/20-$app.ini"
ynh_backup_if_checksum_is_different "$finalphpini"
sudo cp ../conf/php-fpm.ini "$finalphpini"
sudo chown root: "$finalphpini"
ynh_store_file_checksum "$finalphpini"
fi
sudo systemctl reload $fpm_service
}
# Remove the dedicated php-fpm config
#
# usage: ynh_remove_fpm_config
ynh_remove_fpm_config () {
local fpm_config_dir=$(ynh_app_setting_get $app fpm_config_dir)
local fpm_service=$(ynh_app_setting_get $app fpm_service)
# Assume php version 5 if not set
if [ -z "$fpm_config_dir" ]; then
fpm_config_dir="/etc/php5/fpm"
fpm_service="php5-fpm"
fi
ynh_secure_remove "$fpm_config_dir/pool.d/$app.conf"
ynh_secure_remove "$fpm_config_dir/conf.d/20-$app.ini" 2>&1
sudo systemctl reload $fpm_service
}

344
data/helpers.d/filesystem
View file

@ -1,76 +1,328 @@
CAN_BIND=${CAN_BIND:-1}
# Mark a file or a directory for backup
# Note: currently, SRCPATH will be copied or binded to DESTPATH
# Add a file or a directory to the list of paths to backup
#
# Note: this helper could be used in backup hook or in backup script inside an
# app package
#
# Details: ynh_backup writes SRC and the relative DEST into a CSV file. And it
# creates the parent destination directory
#
# If DEST is ended by a slash it complete this path with the basename of SRC.
#
# usage: ynh_backup src [dest [is_big [arg]]]
# | arg: src - file or directory to bind or symlink or copy. it shouldn't be in
# the backup dir.
# | arg: dest - destination file or directory inside the
# backup dir
# | arg: is_big - 1 to indicate data are big (mail, video, image ...)
# | arg: arg - Deprecated arg
#
# example:
# # Wordpress app context
#
# ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
# # => This line will be added into CSV file
# # "/etc/nginx/conf.d/$domain.d/$app.conf","apps/wordpress/etc/nginx/conf.d/$domain.d/$app.conf"
#
# ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "conf/nginx.conf"
# # => "/etc/nginx/conf.d/$domain.d/$app.conf","apps/wordpress/conf/nginx.conf"
#
# ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "conf/"
# # => "/etc/nginx/conf.d/$domain.d/$app.conf","apps/wordpress/conf/$app.conf"
#
# ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "conf"
# # => "/etc/nginx/conf.d/$domain.d/$app.conf","apps/wordpress/conf"
#
# #Deprecated usages (maintained for retro-compatibility)
# ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "${backup_dir}/conf/nginx.conf"
# # => "/etc/nginx/conf.d/$domain.d/$app.conf","apps/wordpress/conf/nginx.conf"
#
# ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "/conf/"
# # => "/etc/nginx/conf.d/$domain.d/$app.conf","apps/wordpress/conf/$app.conf"
#
# usage: ynh_backup srcdir destdir to_bind no_root
# | arg: srcdir - directory to bind or copy
# | arg: destdir - mountpoint or destination directory
# | arg: to_bind - 1 to bind mounting the directory if possible
# | arg: no_root - 1 to execute commands as current user
ynh_backup() {
local SRCPATH=$1
local DESTPATH=$2
local TO_BIND=${3:-0}
local SUDO_CMD="sudo"
[[ "${4:-}" = "1" ]] && SUDO_CMD=
# TODO find a way to avoid injection by file strange naming !
local SRC_PATH="$1"
local DEST_PATH="${2:-}"
local IS_BIG="${3:-0}"
BACKUP_CORE_ONLY=${BACKUP_CORE_ONLY:-0}
# validate arguments
[[ -e "${SRCPATH}" ]] || {
echo "Source path '${DESTPATH}' does not exist" >&2
# If backing up core only (used by ynh_backup_before_upgrade),
# don't backup big data items
if [ "$IS_BIG" == "1" ] && [ "$BACKUP_CORE_ONLY" == "1" ] ; then
echo "$SRC_PATH will not be saved, because backup_core_only is set." >&2
return 0
fi
# ==============================================================================
# Format correctly source and destination paths
# ==============================================================================
# Be sure the source path is not empty
[[ -e "${SRC_PATH}" ]] || {
echo "Source path '${SRC_PATH}' does not exist" >&2
return 1
}
# prepend the backup directory
[[ -n "${YNH_APP_BACKUP_DIR:-}" && "${DESTPATH:0:1}" != "/" ]] \
&& DESTPATH="${YNH_APP_BACKUP_DIR}/${DESTPATH}"
[[ ! -e "${DESTPATH}" ]] || {
echo "Destination path '${DESTPATH}' already exist" >&2
return 1
}
# Transform the source path as an absolute path
# If it's a dir remove the ending /
SRC_PATH=$(realpath "$SRC_PATH")
# attempt to bind mounting the directory
if [[ "${CAN_BIND}" = "1" && "${TO_BIND}" = "1" ]]; then
eval $SUDO_CMD mkdir -p "${DESTPATH}"
# If there is no destination path, initialize it with the source path
# relative to "/".
# eg: SRC_PATH=/etc/yunohost -> DEST_PATH=etc/yunohost
if [[ -z "$DEST_PATH" ]]; then
if sudo mount --rbind "${SRCPATH}" "${DESTPATH}"; then
# try to remount destination directory as read-only
sudo mount -o remount,ro,bind "${SRCPATH}" "${DESTPATH}" \
|| true
return 0
else
CAN_BIND=0
echo "Bind mounting seems to be disabled on your system."
echo "You have maybe to check your apparmor configuration."
DEST_PATH="${SRC_PATH#/}"
else
if [[ "${DEST_PATH:0:1}" == "/" ]]; then
# If the destination path is an absolute path, transform it as a path
# relative to the current working directory ($YNH_CWD)
#
# If it's an app backup script that run this helper, YNH_CWD is equal to
# $YNH_BACKUP_DIR/apps/APP_INSTANCE_NAME/backup/
#
# If it's a system part backup script, YNH_CWD is equal to $YNH_BACKUP_DIR
DEST_PATH="${DEST_PATH#$YNH_CWD/}"
# Case where $2 is an absolute dir but doesn't begin with $YNH_CWD
[[ "${DEST_PATH:0:1}" == "/" ]] \
&& DEST_PATH="${DEST_PATH#/}"
fi
# delete mountpoint directory safely
mountpoint -q "${DESTPATH}" && sudo umount -R "${DESTPATH}"
eval $SUDO_CMD rm -rf "${DESTPATH}"
# Complete DEST_PATH if ended by a /
[[ "${DEST_PATH: -1}" == "/" ]] \
&& DEST_PATH="${DEST_PATH}/$(basename $SRC_PATH)"
fi
# ... or just copy the directory
eval $SUDO_CMD mkdir -p $(dirname "${DESTPATH}")
eval $SUDO_CMD cp -a "${SRCPATH}" "${DESTPATH}"
# Check if DEST_PATH already exists in tmp archive
[[ ! -e "${DEST_PATH}" ]] || {
echo "Destination path '${DEST_PATH}' already exist" >&2
return 1
}
# Add the relative current working directory to the destination path
local REL_DIR="${YNH_CWD#$YNH_BACKUP_DIR}"
REL_DIR="${REL_DIR%/}/"
DEST_PATH="${REL_DIR}${DEST_PATH}"
DEST_PATH="${DEST_PATH#/}"
# ==============================================================================
# ==============================================================================
# Write file to backup into backup_list
# ==============================================================================
local SRC=$(echo "${SRC_PATH}" | sed -r 's/"/\"\"/g')
local DEST=$(echo "${DEST_PATH}" | sed -r 's/"/\"\"/g')
echo "\"${SRC}\",\"${DEST}\"" >> "${YNH_BACKUP_CSV}"
# ==============================================================================
# Create the parent dir of the destination path
# It's for retro compatibility, some script consider ynh_backup creates this dir
mkdir -p $(dirname "$YNH_BACKUP_DIR/${DEST_PATH}")
}
# Restore all files linked to the restore hook or to the restore app script
#
# usage: ynh_restore
#
ynh_restore () {
# Deduce the relative path of $YNH_CWD
local REL_DIR="${YNH_CWD#$YNH_BACKUP_DIR/}"
REL_DIR="${REL_DIR%/}/"
# For each destination path begining by $REL_DIR
cat ${YNH_BACKUP_CSV} | tr -d $'\r' | grep -ohP "^\".*\",\"$REL_DIR.*\"$" | \
while read line; do
local ORIGIN_PATH=$(echo "$line" | grep -ohP "^\"\K.*(?=\",\".*\"$)")
local ARCHIVE_PATH=$(echo "$line" | grep -ohP "^\".*\",\"$REL_DIR\K.*(?=\"$)")
ynh_restore_file "$ARCHIVE_PATH" "$ORIGIN_PATH"
done
}
# Return the path in the archive where has been stocked the origin path
#
# [internal]
#
# usage: _get_archive_path ORIGIN_PATH
_get_archive_path () {
# For security reasons we use csv python library to read the CSV
sudo python -c "
import sys
import csv
with open(sys.argv[1], 'r') as backup_file:
backup_csv = csv.DictReader(backup_file, fieldnames=['source', 'dest'])
for row in backup_csv:
if row['source']==sys.argv[2].strip('\"'):
print row['dest']
sys.exit(0)
raise Exception('Original path for %s not found' % sys.argv[2])
" "${YNH_BACKUP_CSV}" "$1"
return $?
}
# Restore a file or a directory
#
# Use the registered path in backup_list by ynh_backup to restore the file at
# the good place.
#
# usage: ynh_restore_file ORIGIN_PATH [ DEST_PATH ]
# | arg: ORIGIN_PATH - Path where was located the file or the directory before
# to be backuped or relative path to $YNH_CWD where it is located in the backup archive
# | arg: DEST_PATH - Path where restore the file or the dir, if unspecified,
# the destination will be ORIGIN_PATH or if the ORIGIN_PATH doesn't exist in
# the archive, the destination will be searched into backup.csv
#
# If DEST_PATH already exists and is lighter than 500 Mo, a backup will be made in
# /home/yunohost.conf/backup/. Otherwise, the existing file is removed.
#
# examples:
# ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
# # if apps/wordpress/etc/nginx/conf.d/$domain.d/$app.conf exists, restore it into
# # /etc/nginx/conf.d/$domain.d/$app.conf
# # if no, search a correspondance in the csv (eg: conf/nginx.conf) and restore it into
# # /etc/nginx/conf.d/$domain.d/$app.conf
#
# # DON'T GIVE THE ARCHIVE PATH:
# ynh_restore_file "conf/nginx.conf"
#
ynh_restore_file () {
local ORIGIN_PATH="/${1#/}"
local ARCHIVE_PATH="$YNH_CWD${ORIGIN_PATH}"
# Default value for DEST_PATH = /$ORIGIN_PATH
local DEST_PATH="${2:-$ORIGIN_PATH}"
# If ARCHIVE_PATH doesn't exist, search for a corresponding path in CSV
if [ ! -d "$ARCHIVE_PATH" ] && [ ! -f "$ARCHIVE_PATH" ] && [ ! -L "$ARCHIVE_PATH" ]; then
ARCHIVE_PATH="$YNH_BACKUP_DIR/$(_get_archive_path \"$ORIGIN_PATH\")"
fi
# Move the old directory if it already exists
if [[ -e "${DEST_PATH}" ]]
then
# Check if the file/dir size is less than 500 Mo
if [[ $(du -sb ${DEST_PATH} | cut -d"/" -f1) -le "500000000" ]]
then
local backup_file="/home/yunohost.conf/backup/${DEST_PATH}.backup.$(date '+%Y%m%d.%H%M%S')"
mkdir -p "$(dirname "$backup_file")"
mv "${DEST_PATH}" "$backup_file" # Move the current file or directory
else
ynh_secure_remove ${DEST_PATH}
fi
fi
# Restore ORIGIN_PATH into DEST_PATH
mkdir -p $(dirname "$DEST_PATH")
# Do a copy if it's just a mounting point
if mountpoint -q $YNH_BACKUP_DIR; then
if [[ -d "${ARCHIVE_PATH}" ]]; then
ARCHIVE_PATH="${ARCHIVE_PATH}/."
mkdir -p "$DEST_PATH"
fi
cp -a "$ARCHIVE_PATH" "${DEST_PATH}"
# Do a move if YNH_BACKUP_DIR is already a copy
else
mv "$ARCHIVE_PATH" "${DEST_PATH}"
fi
}
# Deprecated helper since it's a dangerous one!
#
# [internal]
#
ynh_bind_or_cp() {
local AS_ROOT=${3:-0}
local NO_ROOT=0
[[ "${AS_ROOT}" = "1" ]] || NO_ROOT=1
echo "This helper is deprecated, you should use ynh_backup instead" >&2
ynh_backup "$1" "$2" 1 "$NO_ROOT"
ynh_backup "$1" "$2" 1
}
# Create a directory under /tmp
#
# [internal]
#
# Deprecated helper
#
# usage: ynh_mkdir_tmp
# | ret: the created directory path
ynh_mkdir_tmp() {
TMPDIR="/tmp/$(ynh_string_random 6)"
while [ -d $TMPDIR ]; do
TMPDIR="/tmp/$(ynh_string_random 6)"
done
mkdir -p "$TMPDIR" && echo "$TMPDIR"
echo "The helper ynh_mkdir_tmp is deprecated." >&2
echo "You should use 'mktemp -d' instead and manage permissions \
properly with chmod/chown." >&2
local TMP_DIR=$(mktemp -d)
# Give rights to other users could be a security risk.
# But for retrocompatibility we need it. (This helpers is deprecated)
chmod 755 $TMP_DIR
echo $TMP_DIR
}
# Calculate and store a file checksum into the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_store_file_checksum file
# | arg: file - The file on which the checksum will performed, then stored.
ynh_store_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_set $app $checksum_setting_name $(sudo md5sum "$1" | cut -d' ' -f1)
}
# Verify the checksum and backup the file if it's different
# This helper is primarily meant to allow to easily backup personalised/manually
# modified config files.
#
# $app should be defined when calling this helper
#
# usage: ynh_backup_if_checksum_is_different file
# | arg: file - The file on which the checksum test will be perfomed.
#
# | ret: Return the name a the backup file, or nothing
ynh_backup_if_checksum_is_different () {
local file=$1
local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
local checksum_value=$(ynh_app_setting_get $app $checksum_setting_name)
if [ -n "$checksum_value" ]
then # Proceed only if a value was stored into the app settings
if ! echo "$checksum_value $file" | sudo md5sum -c --status
then # If the checksum is now different
local backup_file="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')"
sudo mkdir -p "$(dirname "$backup_file")"
sudo cp -a "$file" "$backup_file" # Backup the current file
echo "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file" >&2
echo "$backup_file" # Return the name of the backup file
fi
fi
}
# Remove a file or a directory securely
#
# usage: ynh_secure_remove path_to_remove
# | arg: path_to_remove - File or directory to remove
ynh_secure_remove () {
local path_to_remove=$1
local forbidden_path=" \
/var/www \
/home/yunohost.app"
if [[ "$forbidden_path" =~ "$path_to_remove" \
# Match all paths or subpaths in $forbidden_path
|| "$path_to_remove" =~ ^/[[:alnum:]]+$ \
# Match all first level paths from / (Like /var, /root, etc...)
|| "${path_to_remove:${#path_to_remove}-1}" = "/" ]]
# Match if the path finishes by /. Because it seems there is an empty variable
then
echo "Avoid deleting $path_to_remove." >&2
else
if [ -e "$path_to_remove" ]
then
sudo rm -R "$path_to_remove"
else
echo "$path_to_remove wasn't deleted because it doesn't exist." >&2
fi
fi
}

20
data/helpers.d/ip
View file

@ -1,19 +1,19 @@
# Validate an IP address
#
# usage: ynh_validate_ip [family] [ip_address]
# | ret: 0 for valid ip addresses, 1 otherwise
#
# example: ynh_validate_ip 4 111.222.333.444
#
# usage: ynh_validate_ip <family> <ip_address>
#
# exit code : 0 for valid ip addresses, 1 otherwise
ynh_validate_ip()
{
# http://stackoverflow.com/questions/319279/how-to-validate-ip-address-in-python#319298
IP_ADDRESS_FAMILY=$1
IP_ADDRESS=$2
local IP_ADDRESS_FAMILY=$1
local IP_ADDRESS=$2
[ "$IP_ADDRESS_FAMILY" == "4" ] || [ "$IP_ADDRESS_FAMILY" == "6" ] || return 1
python /dev/stdin << EOF
import socket
import sys
@ -31,8 +31,8 @@ EOF
# example: ynh_validate_ip4 111.222.333.444
#
# usage: ynh_validate_ip4 <ip_address>
# | ret: 0 for valid ipv4 addresses, 1 otherwise
#
# exit code : 0 for valid ipv4 addresses, 1 otherwise
ynh_validate_ip4()
{
ynh_validate_ip 4 $1
@ -44,8 +44,8 @@ ynh_validate_ip4()
# example: ynh_validate_ip6 2000:dead:beef::1
#
# usage: ynh_validate_ip6 <ip_address>
# | ret: 0 for valid ipv6 addresses, 1 otherwise
#
# exit code : 0 for valid ipv6 addresses, 1 otherwise
ynh_validate_ip6()
{
ynh_validate_ip 6 $1

92
data/helpers.d/mysql
View file

@ -8,7 +8,7 @@ MYSQL_ROOT_PWD_FILE=/etc/yunohost/mysql
# usage: ynh_mysql_connect_as user pwd [db]
# | arg: user - the user name to connect as
# | arg: pwd - the user password
# | arg: db - the database to connect to
# | arg: db - the database to connect to
ynh_mysql_connect_as() {
mysql -u "$1" --password="$2" -B "${3:-}"
}
@ -17,7 +17,7 @@ ynh_mysql_connect_as() {
#
# usage: ynh_mysql_execute_as_root sql [db]
# | arg: sql - the SQL command to execute
# | arg: db - the database to connect to
# | arg: db - the database to connect to
ynh_mysql_execute_as_root() {
ynh_mysql_connect_as "root" "$(sudo cat $MYSQL_ROOT_PWD_FILE)" \
"${2:-}" <<< "$1"
@ -27,7 +27,7 @@ ynh_mysql_execute_as_root() {
#
# usage: ynh_mysql_execute_file_as_root file [db]
# | arg: file - the file containing SQL commands
# | arg: db - the database to connect to
# | arg: db - the database to connect to
ynh_mysql_execute_file_as_root() {
ynh_mysql_connect_as "root" "$(sudo cat $MYSQL_ROOT_PWD_FILE)" \
"${2:-}" < "$1"
@ -35,14 +35,16 @@ ynh_mysql_execute_file_as_root() {
# Create a database and grant optionnaly privilegies to a user
#
# [internal]
#
# usage: ynh_mysql_create_db db [user [pwd]]
# | arg: db - the database name to create
# | arg: user - the user to grant privilegies
# | arg: pwd - the password to identify user by
ynh_mysql_create_db() {
db=$1
local db=$1
sql="CREATE DATABASE ${db};"
local sql="CREATE DATABASE ${db};"
# grant all privilegies to user
if [[ $# -gt 1 ]]; then
@ -56,6 +58,11 @@ ynh_mysql_create_db() {
# Drop a database
#
# [internal]
#
# If you intend to drop the database *and* the associated user,
# consider using ynh_mysql_remove_db instead.
#
# usage: ynh_mysql_drop_db db
# | arg: db - the database name to drop
ynh_mysql_drop_db() {
@ -70,11 +77,13 @@ ynh_mysql_drop_db() {
# | arg: db - the database name to dump
# | ret: the mysqldump output
ynh_mysql_dump_db() {
mysqldump -u "root" -p"$(sudo cat $MYSQL_ROOT_PWD_FILE)" "$1"
mysqldump -u "root" -p"$(sudo cat $MYSQL_ROOT_PWD_FILE)" --single-transaction --skip-dump-date "$1"
}
# Create a user
#
# [internal]
#
# usage: ynh_mysql_create_user user pwd [host]
# | arg: user - the user name to create
# | arg: pwd - the password to identify user by
@ -83,10 +92,81 @@ ynh_mysql_create_user() {
"CREATE USER '${1}'@'localhost' IDENTIFIED BY '${2}';"
}
# Check if a mysql user exists
#
# usage: ynh_mysql_user_exists user
# | arg: user - the user for which to check existence
ynh_mysql_user_exists()
{
local user=$1
if [[ -z $(ynh_mysql_execute_as_root "SELECT User from mysql.user WHERE User = '$user';") ]]
then
return 1
else
return 0
fi
}
# Drop a user
#
# [internal]
#
# usage: ynh_mysql_drop_user user
# | arg: user - the user name to drop
ynh_mysql_drop_user() {
ynh_mysql_execute_as_root "DROP USER '${1}'@'localhost';"
}
# Create a database, an user and its password. Then store the password in the app's config
#
# After executing this helper, the password of the created database will be available in $db_pwd
# It will also be stored as "mysqlpwd" into the app settings.
#
# usage: ynh_mysql_setup_db user name [pwd]
# | arg: user - Owner of the database
# | arg: name - Name of the database
# | arg: pwd - Password of the database. If not given, a password will be generated
ynh_mysql_setup_db () {
local db_user="$1"
local db_name="$2"
local new_db_pwd=$(ynh_string_random) # Generate a random password
# If $3 is not given, use new_db_pwd instead for db_pwd.
db_pwd="${3:-$new_db_pwd}"
ynh_mysql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database
ynh_app_setting_set $app mysqlpwd $db_pwd # Store the password in the app's config
}
# Remove a database if it exists, and the associated user
#
# usage: ynh_mysql_remove_db user name
# | arg: user - Owner of the database
# | arg: name - Name of the database
ynh_mysql_remove_db () {
local db_user="$1"
local db_name="$2"
local mysql_root_password=$(sudo cat $MYSQL_ROOT_PWD_FILE)
if mysqlshow -u root -p$mysql_root_password | grep -q "^| $db_name"; then # Check if the database exists
echo "Removing database $db_name" >&2
ynh_mysql_drop_db $db_name # Remove the database
else
echo "Database $db_name not found" >&2
fi
# Remove mysql user if it exists
if $(ynh_mysql_user_exists $db_user); then
ynh_mysql_drop_user $db_user
fi
}
# Sanitize a string intended to be the name of a database
# (More specifically : replace - and . by _)
#
# example: dbname=$(ynh_sanitize_dbid $app)
#
# usage: ynh_sanitize_dbid name
# | arg: name - name to correct/sanitize
# | ret: the corrected name
ynh_sanitize_dbid () {
local dbid=${1//[-.]/_} # We should avoid having - and . in the name of databases. They are replaced by _
echo $dbid
}

67
data/helpers.d/network Normal file
View file

@ -0,0 +1,67 @@
# Normalize the url path syntax
# Handle the slash at the beginning of path and its absence at ending
# Return a normalized url path
#
# example: url_path=$(ynh_normalize_url_path $url_path)
# ynh_normalize_url_path example -> /example
# ynh_normalize_url_path /example -> /example
# ynh_normalize_url_path /example/ -> /example
# ynh_normalize_url_path / -> /
#
# usage: ynh_normalize_url_path path_to_normalize
# | arg: url_path_to_normalize - URL path to normalize before using it
ynh_normalize_url_path () {
local path_url=$1
test -n "$path_url" || ynh_die "ynh_normalize_url_path expect a URL path as first argument and received nothing."
if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a /
path_url="/$path_url" # Add / at begin of path variable
fi
if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character.
path_url="${path_url:0:${#path_url}-1}" # Delete the last character
fi
echo $path_url
}
# Find a free port and return it
#
# example: port=$(ynh_find_port 8080)
#
# usage: ynh_find_port begin_port
# | arg: begin_port - port to start to search
ynh_find_port () {
local port=$1
test -n "$port" || ynh_die "The argument of ynh_find_port must be a valid port."
while netcat -z 127.0.0.1 $port # Check if the port is free
do
port=$((port+1)) # Else, pass to next port
done
echo $port
}
# Check availability of a web path
#
# example: ynh_webpath_available some.domain.tld /coffee
#
# usage: ynh_webpath_available domain path
# | arg: domain - the domain/host of the url
# | arg: path - the web path to check the availability of
ynh_webpath_available () {
local domain=$1
local path=$2
sudo yunohost domain url-available $domain $path
}
# Register/book a web path for an app
#
# example: ynh_webpath_register wordpress some.domain.tld /coffee
#
# usage: ynh_webpath_register app domain path
# | arg: app - the app for which the domain should be registered
# | arg: domain - the domain/host of the web path
# | arg: path - the web path to be registered
ynh_webpath_register () {
local app=$1
local domain=$2
local path=$3
sudo yunohost app register-url $app $domain $path
}

198
data/helpers.d/nodejs Normal file
View file

@ -0,0 +1,198 @@
n_install_dir="/opt/node_n"
node_version_path="$n_install_dir/n/versions/node"
# N_PREFIX is the directory of n, it needs to be loaded as a environment variable.
export N_PREFIX="$n_install_dir"
# Install Node version management
#
# [internal]
#
# usage: ynh_install_n
ynh_install_n () {
echo "Installation of N - Node.js version management" >&2
# Build an app.src for n
mkdir -p "../conf"
echo "SOURCE_URL=https://github.com/tj/n/archive/v2.1.7.tar.gz
SOURCE_SUM=2ba3c9d4dd3c7e38885b37e02337906a1ee91febe6d5c9159d89a9050f2eea8f" > "../conf/n.src"
# Download and extract n
ynh_setup_source "$n_install_dir/git" n
# Install n
(cd "$n_install_dir/git"
PREFIX=$N_PREFIX make install 2>&1)
}
# Load the version of node for an app, and set variables.
#
# ynh_use_nodejs has to be used in any app scripts before using node for the first time.
#
# 2 variables are available:
# - $nodejs_path: The absolute path of node for the chosen version.
# - $nodejs_version: Just the version number of node for this app. Stored as 'nodejs_version' in settings.yml.
# And 2 alias stored in variables:
# - $nodejs_use_version: An old variable, not used anymore. Keep here to not break old apps
# NB: $PATH will contain the path to node, it has to be propagated to any other shell which needs to use it.
# That's means it has to be added to any systemd script.
#
# usage: ynh_use_nodejs
ynh_use_nodejs () {
nodejs_version=$(ynh_app_setting_get $app nodejs_version)
nodejs_use_version="echo \"Deprecated command, should be removed\""
# Get the absolute path of this version of node
nodejs_path="$node_version_path/$nodejs_version/bin"
# Load the path of this version of node in $PATH
[[ :$PATH: == *":$nodejs_path"* ]] || PATH="$nodejs_path:$PATH"
}
# Install a specific version of nodejs
#
# n (Node version management) uses the PATH variable to store the path of the version of node it is going to use.
# That's how it changes the version
#
# ynh_install_nodejs will install the version of node provided as argument by using n.
#
# usage: ynh_install_nodejs [nodejs_version]
# | arg: nodejs_version - Version of node to install.
# If possible, prefer to use major version number (e.g. 8 instead of 8.10.0).
# The crontab will handle the update of minor versions when needed.
ynh_install_nodejs () {
# Use n, https://github.com/tj/n to manage the nodejs versions
nodejs_version="$1"
# Create $n_install_dir
mkdir -p "$n_install_dir"
# Load n path in PATH
CLEAR_PATH="$n_install_dir/bin:$PATH"
# Remove /usr/local/bin in PATH in case of node prior installation
PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@')
# Move an existing node binary, to avoid to block n.
test -x /usr/bin/node && mv /usr/bin/node /usr/bin/node_n
test -x /usr/bin/npm && mv /usr/bin/npm /usr/bin/npm_n
# If n is not previously setup, install it
if ! test $(n --version > /dev/null 2>&1)
then
ynh_install_n
fi
# Modify the default N_PREFIX in n script
ynh_replace_string "^N_PREFIX=\${N_PREFIX-.*}$" "N_PREFIX=\${N_PREFIX-$N_PREFIX}" "$n_install_dir/bin/n"
# Restore /usr/local/bin in PATH
PATH=$CLEAR_PATH
# And replace the old node binary.
test -x /usr/bin/node_n && mv /usr/bin/node_n /usr/bin/node
test -x /usr/bin/npm_n && mv /usr/bin/npm_n /usr/bin/npm
# Install the requested version of nodejs
n $nodejs_version
# Find the last "real" version for this major version of node.
real_nodejs_version=$(find $node_version_path/$nodejs_version* -maxdepth 0 | sort --version-sort | tail --lines=1)
real_nodejs_version=$(basename $real_nodejs_version)
# Create a symbolic link for this major version if the file doesn't already exist
if [ ! -e "$node_version_path/$nodejs_version" ]
then
ln --symbolic --force --no-target-directory $node_version_path/$real_nodejs_version $node_version_path/$nodejs_version
fi
# Store the ID of this app and the version of node requested for it
echo "$YNH_APP_ID:$nodejs_version" | tee --append "$n_install_dir/ynh_app_version"
# Store nodejs_version into the config of this app
ynh_app_setting_set $app nodejs_version $nodejs_version
# Build the update script and set the cronjob
ynh_cron_upgrade_node
ynh_use_nodejs
}
# Remove the version of node used by the app.
#
# This helper will check if another app uses the same version of node,
# if not, this version of node will be removed.
# If no other app uses node, n will be also removed.
#
# usage: ynh_remove_nodejs
ynh_remove_nodejs () {
nodejs_version=$(ynh_app_setting_get $app nodejs_version)
# Remove the line for this app
sed --in-place "/$YNH_APP_ID:$nodejs_version/d" "$n_install_dir/ynh_app_version"
# If no other app uses this version of nodejs, remove it.
if ! grep --quiet "$nodejs_version" "$n_install_dir/ynh_app_version"
then
$n_install_dir/bin/n rm $nodejs_version
fi
# If no other app uses n, remove n
if [ ! -s "$n_install_dir/ynh_app_version" ]
then
ynh_secure_remove "$n_install_dir"
ynh_secure_remove "/usr/local/n"
sed --in-place "/N_PREFIX/d" /root/.bashrc
rm -f /etc/cron.daily/node_update
fi
}
# Set a cron design to update your node versions
#
# [internal]
#
# This cron will check and update all minor node versions used by your apps.
#
# usage: ynh_cron_upgrade_node
ynh_cron_upgrade_node () {
# Build the update script
cat > "$n_install_dir/node_update.sh" << EOF
#!/bin/bash
version_path="$node_version_path"
n_install_dir="$n_install_dir"
# Log the date
date
# List all real installed version of node
all_real_version="\$(find \$version_path/* -maxdepth 0 -type d | sed "s@\$version_path/@@g")"
# Keep only the major version number of each line
all_real_version=\$(echo "\$all_real_version" | sed 's/\..*\$//')
# Remove double entries
all_real_version=\$(echo "\$all_real_version" | sort --unique)
# Read each major version
while read version
do
echo "Update of the version \$version"
sudo \$n_install_dir/bin/n \$version
# Find the last "real" version for this major version of node.
real_nodejs_version=\$(find \$version_path/\$version* -maxdepth 0 | sort --version-sort | tail --lines=1)
real_nodejs_version=\$(basename \$real_nodejs_version)
# Update the symbolic link for this version
sudo ln --symbolic --force --no-target-directory \$version_path/\$real_nodejs_version \$version_path/\$version
done <<< "\$(echo "\$all_real_version")"
EOF
chmod +x "$n_install_dir/node_update.sh"
# Build the cronjob
cat > "/etc/cron.daily/node_update" << EOF
#!/bin/bash
$n_install_dir/node_update.sh >> $n_install_dir/node_update.log
EOF
chmod +x "/etc/cron.daily/node_update"
}

144
data/helpers.d/package
View file

@ -26,9 +26,11 @@ ynh_package_version() {
# APT wrapper for non-interactive operation
#
# [internal]
#
# usage: ynh_apt update
ynh_apt() {
DEBIAN_FRONTEND=noninteractive sudo apt-get -y -qq $@
DEBIAN_FRONTEND=noninteractive sudo apt-get -y $@
}
# Update package index files
@ -43,48 +45,10 @@ ynh_package_update() {
# usage: ynh_package_install name [name [...]]
# | arg: name - the package name to install
ynh_package_install() {
ynh_apt -o Dpkg::Options::=--force-confdef \
ynh_apt --no-remove -o Dpkg::Options::=--force-confdef \
-o Dpkg::Options::=--force-confold install $@
}
# Build and install a package from an equivs control file
#
# example: generate an empty control file with `equivs-control`, adjust its
# content and use helper to build and install the package:
# ynh_package_install_from_equivs /path/to/controlfile
#
# usage: ynh_package_install_from_equivs controlfile
# | arg: controlfile - path of the equivs control file
ynh_package_install_from_equivs() {
controlfile=$1
# install equivs package as needed
ynh_package_is_installed 'equivs' \
|| ynh_package_install equivs
# retrieve package information
pkgname=$(grep '^Package: ' $controlfile | cut -d' ' -f 2)
pkgversion=$(grep '^Version: ' $controlfile | cut -d' ' -f 2)
[[ -z "$pkgname" || -z "$pkgversion" ]] \
&& echo "Invalid control file" && exit 1
# update packages cache
ynh_package_update
# build and install the package
TMPDIR=$(ynh_mkdir_tmp)
(cp "$controlfile" "${TMPDIR}/control" \
&& cd "$TMPDIR" \
&& equivs-build ./control 1>/dev/null \
&& sudo dpkg --force-depends \
-i "./${pkgname}_${pkgversion}_all.deb" 2>&1 \
&& ynh_package_install -f) \
&& ([[ -n "$TMPDIR" ]] && rm -rf $TMPDIR)
# check if the package is actually installed
ynh_package_is_installed "$pkgname"
}
# Remove package(s)
#
# usage: ynh_package_remove name [name [...]]
@ -100,3 +64,103 @@ ynh_package_remove() {
ynh_package_autoremove() {
ynh_apt autoremove $@
}
# Purge package(s) and their uneeded dependencies
#
# usage: ynh_package_autopurge name [name [...]]
# | arg: name - the package name to autoremove and purge
ynh_package_autopurge() {
ynh_apt autoremove --purge $@
}
# Build and install a package from an equivs control file
#
# [internal]
#
# example: generate an empty control file with `equivs-control`, adjust its
# content and use helper to build and install the package:
# ynh_package_install_from_equivs /path/to/controlfile
#
# usage: ynh_package_install_from_equivs controlfile
# | arg: controlfile - path of the equivs control file
ynh_package_install_from_equivs () {
local controlfile=$1
# retrieve package information
local pkgname=$(grep '^Package: ' $controlfile | cut -d' ' -f 2) # Retrieve the name of the debian package
local pkgversion=$(grep '^Version: ' $controlfile | cut -d' ' -f 2) # And its version number
[[ -z "$pkgname" || -z "$pkgversion" ]] \
&& echo "Invalid control file" && exit 1 # Check if this 2 variables aren't empty.
# Update packages cache
ynh_package_update
# Build and install the package
local TMPDIR=$(mktemp -d)
# Force the compatibility level at 10, levels below are deprecated
echo 10 > /usr/share/equivs/template/debian/compat
# Note that the cd executes into a sub shell
# Create a fake deb package with equivs-build and the given control file
# Install the fake package without its dependencies with dpkg
# Install missing dependencies with ynh_package_install
(cp "$controlfile" "${TMPDIR}/control" && cd "$TMPDIR" \
&& equivs-build ./control 1>/dev/null \
&& sudo dpkg --force-depends \
-i "./${pkgname}_${pkgversion}_all.deb" 2>&1 \
&& ynh_package_install -f) || ynh_die "Unable to install dependencies"
[[ -n "$TMPDIR" ]] && rm -rf $TMPDIR # Remove the temp dir.
# check if the package is actually installed
ynh_package_is_installed "$pkgname"
}
# Define and install dependencies with a equivs control file
# This helper can/should only be called once per app
#
# usage: ynh_install_app_dependencies dep [dep [...]]
# | arg: dep - the package name to install in dependence
# You can give a choice between some package with this syntax : "dep1|dep2"
# Example : ynh_install_app_dependencies dep1 dep2 "dep3|dep4|dep5"
# This mean in the dependence tree : dep1 & dep2 & (dep3 | dep4 | dep5)
ynh_install_app_dependencies () {
local dependencies=$@
local dependencies=${dependencies// /, }
local dependencies=${dependencies//|/ | }
local manifest_path="../manifest.json"
if [ ! -e "$manifest_path" ]; then
manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place
fi
local version=$(grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file.
if [ ${#version} -eq 0 ]; then
version="1.0"
fi
local dep_app=${app//_/-} # Replace all '_' by '-'
cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build
Section: misc
Priority: optional
Package: ${dep_app}-ynh-deps
Version: ${version}
Depends: ${dependencies}
Architecture: all
Description: Fake package for ${app} (YunoHost app) dependencies
This meta-package is only responsible of installing its dependencies.
EOF
ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \
|| ynh_die "Unable to install dependencies" # Install the fake package and its dependencies
rm /tmp/${dep_app}-ynh-deps.control
ynh_app_setting_set $app apt_dependencies $dependencies
}
# Remove fake package and its dependencies
#
# Dependencies will removed only if no other package need them.
#
# usage: ynh_remove_app_dependencies
ynh_remove_app_dependencies () {
local dep_app=${app//_/-} # Replace all '_' by '-'
ynh_package_autopurge ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used.
}

25
data/helpers.d/print
View file

@ -4,3 +4,28 @@ ynh_die() {
echo "$1" 1>&2
exit "${2:-1}"
}
# Display a message in the 'INFO' logging category
#
# usage: ynh_info "Some message"
ynh_info()
{
echo "$1" >>"$YNH_STDINFO"
}
# Ignore the yunohost-cli log to prevent errors with conditionals commands
#
# [internal]
#
# usage: ynh_no_log COMMAND
#
# Simply duplicate the log, execute the yunohost command and replace the log without the result of this command
# It's a very badly hack...
ynh_no_log() {
local ynh_cli_log=/var/log/yunohost/yunohost-cli.log
sudo cp -a ${ynh_cli_log} ${ynh_cli_log}-move
eval $@
local exit_code=$?
sudo mv ${ynh_cli_log}-move ${ynh_cli_log}
return $?
}

148
data/helpers.d/psql Normal file
View file

@ -0,0 +1,148 @@
# Create a master password and set up global settings
# Please always call this script in install and restore scripts
#
# usage: ynh_psql_test_if_first_run
ynh_psql_test_if_first_run() {
if [ -f /etc/yunohost/psql ];
then
echo "PostgreSQL is already installed, no need to create master password"
else
local pgsql="$(ynh_string_random)"
echo "$pgsql" > /etc/yunohost/psql
if [ -e /etc/postgresql/9.4/ ]
then
local pg_hba=/etc/postgresql/9.4/main/pg_hba.conf
elif [ -e /etc/postgresql/9.6/ ]
then
local pg_hba=/etc/postgresql/9.6/main/pg_hba.conf
else
ynh_die "postgresql shoud be 9.4 or 9.6"
fi
systemctl start postgresql
sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres
# force all user to connect to local database using passwords
# https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF
# Note: we can't use peer since YunoHost create users with nologin
# See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user
sed -i '/local\s*all\s*all\s*peer/i \
local all all password' "$pg_hba"
systemctl enable postgresql
systemctl reload postgresql
fi
}
# Open a connection as a user
#
# example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;"
# example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql
#
# usage: ynh_psql_connect_as user pwd [db]
# | arg: user - the user name to connect as
# | arg: pwd - the user password
# | arg: db - the database to connect to
ynh_psql_connect_as() {
local user="$1"
local pwd="$2"
local db="$3"
sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db"
}
# # Execute a command as root user
#
# usage: ynh_psql_execute_as_root sql [db]
# | arg: sql - the SQL command to execute
ynh_psql_execute_as_root () {
local sql="$1"
sudo --login --user=postgres psql <<< "$sql"
}
# Execute a command from a file as root user
#
# usage: ynh_psql_execute_file_as_root file [db]
# | arg: file - the file containing SQL commands
# | arg: db - the database to connect to
ynh_psql_execute_file_as_root() {
local file="$1"
local db="$2"
sudo --login --user=postgres psql "$db" < "$file"
}
# Create a database, an user and its password. Then store the password in the app's config
#
# After executing this helper, the password of the created database will be available in $db_pwd
# It will also be stored as "psqlpwd" into the app settings.
#
# usage: ynh_psql_setup_db user name [pwd]
# | arg: user - Owner of the database
# | arg: name - Name of the database
# | arg: pwd - Password of the database. If not given, a password will be generated
ynh_psql_setup_db () {
local db_user="$1"
local db_name="$2"
local new_db_pwd=$(ynh_string_random) # Generate a random password
# If $3 is not given, use new_db_pwd instead for db_pwd.
local db_pwd="${3:-$new_db_pwd}"
ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database
ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config
}
# Create a database and grant privilegies to a user
#
# usage: ynh_psql_create_db db [user [pwd]]
# | arg: db - the database name to create
# | arg: user - the user to grant privilegies
# | arg: pwd - the user password
ynh_psql_create_db() {
local db="$1"
local user="$2"
local pwd="$3"
ynh_psql_create_user "$user" "$pwd"
sudo --login --user=postgres createdb --owner="$user" "$db"
}
# Drop a database
#
# usage: ynh_psql_drop_db db
# | arg: db - the database name to drop
# | arg: user - the user to drop
ynh_psql_remove_db() {
local db="$1"
local user="$2"
sudo --login --user=postgres dropdb "$db"
ynh_psql_drop_user "$user"
}
# Dump a database
#
# example: ynh_psql_dump_db 'roundcube' > ./dump.sql
#
# usage: ynh_psql_dump_db db
# | arg: db - the database name to dump
# | ret: the psqldump output
ynh_psql_dump_db() {
local db="$1"
sudo --login --user=postgres pg_dump "$db"
}
# Create a user
#
# usage: ynh_psql_create_user user pwd [host]
# | arg: user - the user name to create
ynh_psql_create_user() {
local user="$1"
local pwd="$2"
sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd'" postgres
}
# Drop a user
#
# usage: ynh_psql_drop_user user
# | arg: user - the user name to drop
ynh_psql_drop_user() {
local user="$1"
sudo --login --user=postgres dropuser "$user"
}

2
data/helpers.d/setting
View file

@ -14,7 +14,7 @@ ynh_app_setting_get() {
# | arg: key - the setting name to set
# | arg: value - the setting value to set
ynh_app_setting_set() {
sudo yunohost app setting "$1" "$2" -v "$3" --quiet
sudo yunohost app setting "$1" "$2" --value="$3" --quiet
}
# Delete an application setting

50
data/helpers.d/string
View file

@ -6,6 +6,54 @@
# | arg: length - the string length to generate (default: 24)
ynh_string_random() {
dd if=/dev/urandom bs=1 count=200 2> /dev/null \
| tr -c -d '[A-Za-z0-9]' \
| tr -c -d 'A-Za-z0-9' \
| sed -n 's/\(.\{'"${1:-24}"'\}\).*/\1/p'
}
# Substitute/replace a string (or expression) by another in a file
#
# usage: ynh_replace_string match_string replace_string target_file
# | arg: match_string - String to be searched and replaced in the file
# | arg: replace_string - String that will replace matches
# | arg: target_file - File in which the string will be replaced.
#
# As this helper is based on sed command, regular expressions and
# references to sub-expressions can be used
# (see sed manual page for more information)
ynh_replace_string () {
local delimit=@
local match_string=$1
local replace_string=$2
local workfile=$3
# Escape the delimiter if it's in the string.
match_string=${match_string//${delimit}/"\\${delimit}"}
replace_string=${replace_string//${delimit}/"\\${delimit}"}
sudo sed --in-place "s${delimit}${match_string}${delimit}${replace_string}${delimit}g" "$workfile"
}
# Substitute/replace a special string by another in a file
#
# usage: ynh_replace_special_string match_string replace_string target_file
# | arg: match_string - String to be searched and replaced in the file
# | arg: replace_string - String that will replace matches
# | arg: target_file - File in which the string will be replaced.
#
# This helper will use ynh_replace_string, but as you can use special
# characters, you can't use some regular expressions and sub-expressions.
ynh_replace_special_string () {
local match_string=$1
local replace_string=$2
local workfile=$3
# Escape any backslash to preserve them as simple backslash.
match_string=${match_string//\\/"\\\\"}
replace_string=${replace_string//\\/"\\\\"}
# Escape the & character, who has a special function in sed.
match_string=${match_string//&/"\&"}
replace_string=${replace_string//&/"\&"}
ynh_replace_string "$match_string" "$replace_string" "$workfile"
}

55
data/helpers.d/system Normal file
View file

@ -0,0 +1,55 @@
# Manage a fail of the script
#
# [internal]
#
# usage:
# ynh_exit_properly is used only by the helper ynh_abort_if_errors.
# You should not use it directly.
# Instead, add to your script:
# ynh_clean_setup () {
# instructions...
# }
#
# This function provide a way to clean some residual of installation that not managed by remove script.
#
# It prints a warning to inform that the script was failed, and execute the ynh_clean_setup function if used in the app script
#
ynh_exit_properly () {
local exit_code=$?
if [ "$exit_code" -eq 0 ]; then
exit 0 # Exit without error if the script ended correctly
fi
trap '' EXIT # Ignore new exit signals
set +eu # Do not exit anymore if a command fail or if a variable is empty
echo -e "!!\n $app's script has encountered an error. Its execution was cancelled.\n!!" >&2
if type -t ynh_clean_setup > /dev/null; then # Check if the function exist in the app script.
ynh_clean_setup # Call the function to do specific cleaning for the app.
fi
ynh_die # Exit with error status
}
# Exits if an error occurs during the execution of the script.
#
# usage: ynh_abort_if_errors
#
# This configure the rest of the script execution such that, if an error occurs
# or if an empty variable is used, the execution of the script stops
# immediately and a call to `ynh_clean_setup` is triggered if it has been
# defined by your script.
#
ynh_abort_if_errors () {
set -eu # Exit if a command fail, and if a variable is used unset.
trap ynh_exit_properly EXIT # Capturing exit signals on shell script
}
# Fetch the Debian release codename
#
# usage: ynh_get_debian_release
# | ret: The Debian release codename (i.e. jessie, stretch, ...)
ynh_get_debian_release () {
echo $(lsb_release --codename --short)
}

35
data/helpers.d/user
View file

@ -1,4 +1,4 @@
# Check if a YunoHost user exists
# Check if a YunoHost user exists
#
# example: ynh_user_exists 'toto' || exit 1
#
@ -31,10 +31,41 @@ ynh_user_list() {
| awk '/^##username$/{getline; print}'
}
# Check if a user exists on the system
# Check if a user exists on the system
#
# usage: ynh_system_user_exists username
# | arg: username - the username to check
ynh_system_user_exists() {
getent passwd "$1" &>/dev/null
}
# Create a system user
#
# usage: ynh_system_user_create user_name [home_dir]
# | arg: user_name - Name of the system user that will be create
# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home
ynh_system_user_create () {
if ! ynh_system_user_exists "$1" # Check if the user exists on the system
then # If the user doesn't exist
if [ $# -ge 2 ]; then # If a home dir is mentioned
local user_home_dir="-d $2"
else
local user_home_dir="--no-create-home"
fi
sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account"
fi
}
# Delete a system user
#
# usage: ynh_system_user_delete user_name
# | arg: user_name - Name of the system user that will be create
ynh_system_user_delete () {
if ynh_system_user_exists "$1" # Check if the user exists on the system
then
echo "Remove the user $1" >&2
sudo userdel $1
else
echo "The user $1 was not found" >&2
fi
}

256
data/helpers.d/utils
View file

@ -5,9 +5,9 @@
# usage: ynh_get_plain_key key [subkey [subsubkey ...]]
# | ret: string - the key's value
ynh_get_plain_key() {
prefix="#"
founded=0
key=$1
local prefix="#"
local founded=0
local key=$1
shift
while read line; do
if [[ "$founded" == "1" ]] ; then
@ -24,3 +24,253 @@ ynh_get_plain_key() {
fi
done
}
# Restore a previous backup if the upgrade process failed
#
# usage:
# ynh_backup_before_upgrade
# ynh_clean_setup () {
# ynh_restore_upgradebackup
# }
# ynh_abort_if_errors
#
ynh_restore_upgradebackup () {
echo "Upgrade failed." >&2
local app_bck=${app//_/-} # Replace all '_' by '-'
NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0}
if [ "$NO_BACKUP_UPGRADE" -eq 0 ]
then
# Check if an existing backup can be found before removing and restoring the application.
if sudo yunohost backup list | grep -q $app_bck-pre-upgrade$backup_number
then
# Remove the application then restore it
sudo yunohost app remove $app
# Restore the backup
sudo yunohost backup restore $app_bck-pre-upgrade$backup_number --apps $app --force
ynh_die "The app was restored to the way it was before the failed upgrade."
fi
else
echo "\$NO_BACKUP_UPGRADE is set, that means there's no backup to restore. You have to fix this upgrade by yourself !" >&2
fi
}
# Make a backup in case of failed upgrade
#
# usage:
# ynh_backup_before_upgrade
# ynh_clean_setup () {
# ynh_restore_upgradebackup
# }
# ynh_abort_if_errors
#
ynh_backup_before_upgrade () {
if [ ! -e "/etc/yunohost/apps/$app/scripts/backup" ]
then
echo "This app doesn't have any backup script." >&2
return
fi
backup_number=1
local old_backup_number=2
local app_bck=${app//_/-} # Replace all '_' by '-'
NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0}
if [ "$NO_BACKUP_UPGRADE" -eq 0 ]
then
# Check if a backup already exists with the prefix 1
if sudo yunohost backup list | grep -q $app_bck-pre-upgrade1
then
# Prefix becomes 2 to preserve the previous backup
backup_number=2
old_backup_number=1
fi
# Create backup
sudo BACKUP_CORE_ONLY=1 yunohost backup create --apps $app --name $app_bck-pre-upgrade$backup_number
if [ "$?" -eq 0 ]
then
# If the backup succeeded, remove the previous backup
if sudo yunohost backup list | grep -q $app_bck-pre-upgrade$old_backup_number
then
# Remove the previous backup only if it exists
sudo yunohost backup delete $app_bck-pre-upgrade$old_backup_number > /dev/null
fi
else
ynh_die "Backup failed, the upgrade process was aborted."
fi
else
echo "\$NO_BACKUP_UPGRADE is set, backup will be avoided. Be careful, this upgrade is going to be operated without a security backup"
fi
}
# Download, check integrity, uncompress and patch the source from app.src
#
# The file conf/app.src need to contains:
#
# SOURCE_URL=Address to download the app archive
# SOURCE_SUM=Control sum
# # (Optional) Program to check the integrity (sha256sum, md5sum...)
# # default: sha256
# SOURCE_SUM_PRG=sha256
# # (Optional) Archive format
# # default: tar.gz
# SOURCE_FORMAT=tar.gz
# # (Optional) Put false if sources are directly in the archive root
# # default: true
# SOURCE_IN_SUBDIR=false
# # (Optionnal) Name of the local archive (offline setup support)
# # default: ${src_id}.${src_format}
# SOURCE_FILENAME=example.tar.gz
# # (Optional) If it set as false don't extract the source.
# # (Useful to get a debian package or a python wheel.)
# # default: true
# SOURCE_EXTRACT=(true|false)
#
# Details:
# This helper downloads sources from SOURCE_URL if there is no local source
# archive in /opt/yunohost-apps-src/APP_ID/SOURCE_FILENAME
#
# Next, it checks the integrity with "SOURCE_SUM_PRG -c --status" command.
#
# If it's ok, the source archive will be uncompressed in $dest_dir. If the
# SOURCE_IN_SUBDIR is true, the first level directory of the archive will be
# removed.
#
# Finally, patches named sources/patches/${src_id}-*.patch and extra files in
# sources/extra_files/$src_id will be applied to dest_dir
#
#
# usage: ynh_setup_source dest_dir [source_id]
# | arg: dest_dir - Directory where to setup sources
# | arg: source_id - Name of the app, if the package contains more than one app
ynh_setup_source () {
local dest_dir=$1
local src_id=${2:-app} # If the argument is not given, source_id equals "app"
# Load value from configuration file (see above for a small doc about this file
# format)
local src_url=$(grep 'SOURCE_URL=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_sum=$(grep 'SOURCE_SUM=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_format=$(grep 'SOURCE_FORMAT=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_extract=$(grep 'SOURCE_EXTRACT=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_filename=$(grep 'SOURCE_FILENAME=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
# Default value
src_sumprg=${src_sumprg:-sha256sum}
src_in_subdir=${src_in_subdir:-true}
src_format=${src_format:-tar.gz}
src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]')
src_extract=${src_extract:-true}
if [ "$src_filename" = "" ] ; then
src_filename="${src_id}.${src_format}"
fi
local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}"
if test -e "$local_src"
then # Use the local source file if it is present
cp $local_src $src_filename
else # If not, download the source
wget -nv -O $src_filename $src_url
fi
# Check the control sum
echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \
|| ynh_die "Corrupt source"
# Extract source into the app dir
mkdir -p "$dest_dir"
if ! "$src_extract"
then
mv $src_filename $dest_dir
elif [ "$src_format" = "zip" ]
then
# Zip format
# Using of a temp directory, because unzip doesn't manage --strip-components
if $src_in_subdir ; then
local tmp_dir=$(mktemp -d)
unzip -quo $src_filename -d "$tmp_dir"
cp -a $tmp_dir/*/. "$dest_dir"
ynh_secure_remove "$tmp_dir"
else
unzip -quo $src_filename -d "$dest_dir"
fi
else
local strip=""
if $src_in_subdir ; then
strip="--strip-components 1"
fi
if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then
tar -xf $src_filename -C "$dest_dir" $strip
else
ynh_die "Archive format unrecognized."
fi
fi
# Apply patches
if (( $(find $YNH_CWD/../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then
local old_dir=$(pwd)
(cd "$dest_dir" \
&& for p in $YNH_CWD/../sources/patches/${src_id}-*.patch; do \
patch -p1 < $p; done) \
|| ynh_die "Unable to apply patches"
cd $old_dir
fi
# Add supplementary files
if test -e "$YNH_CWD/../sources/extra_files/${src_id}"; then
cp -a $YNH_CWD/../sources/extra_files/$src_id/. "$dest_dir"
fi
}
# Curl abstraction to help with POST requests to local pages (such as installation forms)
#
# $domain and $path_url should be defined externally (and correspond to the domain.tld and the /path (of the app?))
#
# example: ynh_local_curl "/install.php?installButton" "foo=$var1" "bar=$var2"
#
# usage: ynh_local_curl "page_uri" "key1=value1" "key2=value2" ...
# | arg: page_uri - Path (relative to $path_url) of the page where POST data will be sent
# | arg: key1=value1 - (Optionnal) POST key and corresponding value
# | arg: key2=value2 - (Optionnal) Another POST key and corresponding value
# | arg: ... - (Optionnal) More POST keys and values
ynh_local_curl () {
# Define url of page to curl
local full_page_url=https://localhost$path_url$1
# Concatenate all other arguments with '&' to prepare POST data
local POST_data=""
local arg=""
for arg in "${@:2}"
do
POST_data="${POST_data}${arg}&"
done
if [ -n "$POST_data" ]
then
# Add --data arg and remove the last character, which is an unecessary '&'
POST_data="--data ${POST_data::-1}"
fi
# Curl the URL
curl --silent --show-error -kL -H "Host: $domain" --resolve $domain:443:127.0.0.1 $POST_data "$full_page_url"
}
# Render templates with Jinja2
#
# Attention : Variables should be exported before calling this helper to be
# accessible inside templates.
#
# usage: ynh_render_template some_template output_path
# | arg: some_template - Template file to be rendered
# | arg: output_path - The path where the output will be redirected to
ynh_render_template() {
local template_path=$1
local output_path=$2
# Taken from https://stackoverflow.com/a/35009576
python2.7 -c 'import os, sys, jinja2; sys.stdout.write(
jinja2.Template(sys.stdin.read()
).render(os.environ));' < $template_path > $output_path
}

23
data/hooks/conf_regen/01-yunohost
View file

@ -53,37 +53,58 @@ do_pre_regen() {
else
sudo cp services.yml /etc/yunohost/services.yml
fi
mkdir -p "$pending_dir"/etc/etckeeper/
cp etckeeper.conf "$pending_dir"/etc/etckeeper/
}
_update_services() {
sudo python2 - << EOF
import yaml
with open('services.yml') as f:
new_services = yaml.load(f)
with open('/etc/yunohost/services.yml') as f:
services = yaml.load(f)
updated = False
for service, conf in new_services.items():
# remove service with empty conf
if not conf:
if conf is None:
if service in services:
print("removing '{0}' from services".format(service))
del services[service]
updated = True
# add new service
elif not services.get(service, None):
print("adding '{0}' to services".format(service))
services[service] = conf
updated = True
# update service conf
else:
conffiles = services[service].pop('conffiles', {})
# status need to be removed
if "status" not in conf and "status" in services[service]:
print("update '{0}' service status access".format(service))
del services[service]["status"]
updated = True
if services[service] != conf:
print("update '{0}' service".format(service))
services[service].update(conf)
updated = True
if conffiles:
services[service]['conffiles'] = conffiles
if updated:
with open('/etc/yunohost/services.yml-new', 'w') as f:
yaml.safe_dump(services, f, default_flow_style=False)

16
data/hooks/conf_regen/02-ssl
View file

@ -10,6 +10,14 @@ do_init_regen() {
exit 1
fi
LOGFILE="/tmp/yunohost-ssl-init"
echo "Initializing a local SSL certification authority ..."
echo "(logs available in $LOGFILE)"
rm -f $LOGFILE
touch $LOGFILE
# create certs and SSL directories
mkdir -p "/etc/yunohost/certs/yunohost.org"
mkdir -p "${ssl_dir}/"{ca,certs,crl,newcerts}
@ -24,9 +32,10 @@ do_init_regen() {
# create default certificates
if [[ ! -f /etc/yunohost/certs/yunohost.org/ca.pem ]]; then
echo -e "\n# Creating the CA key (?)\n" >>$LOGFILE
openssl req -x509 -new -config "$openssl_conf" \
-days 3650 -out "${ssl_dir}/ca/cacert.pem" \
-keyout "${ssl_dir}/ca/cakey.pem" -nodes -batch 2>&1
-keyout "${ssl_dir}/ca/cakey.pem" -nodes -batch >>$LOGFILE 2>&1
cp "${ssl_dir}/ca/cacert.pem" \
/etc/yunohost/certs/yunohost.org/ca.pem
ln -sf /etc/yunohost/certs/yunohost.org/ca.pem \
@ -35,12 +44,13 @@ do_init_regen() {
fi
if [[ ! -f /etc/yunohost/certs/yunohost.org/crt.pem ]]; then
echo -e "\n# Creating initial key and certificate (?)\n" >>$LOGFILE
openssl req -new -config "$openssl_conf" \
-days 730 -out "${ssl_dir}/certs/yunohost_csr.pem" \
-keyout "${ssl_dir}/certs/yunohost_key.pem" -nodes -batch 2>&1
-keyout "${ssl_dir}/certs/yunohost_key.pem" -nodes -batch >>$LOGFILE 2>&1
openssl ca -config "$openssl_conf" \
-days 730 -in "${ssl_dir}/certs/yunohost_csr.pem" \
-out "${ssl_dir}/certs/yunohost_crt.pem" -batch 2>&1
-out "${ssl_dir}/certs/yunohost_crt.pem" -batch >>$LOGFILE 2>&1
last_cert=$(ls $ssl_dir/newcerts/*.pem | sort -V | tail -n 1)
chmod 640 "${ssl_dir}/certs/yunohost_key.pem"

19
data/hooks/conf_regen/06-slapd
View file

@ -46,7 +46,7 @@ do_pre_regen() {
sudo rm -f "$tmp_backup_dir_file"
# retrieve current and new backends
curr_backend=$(grep '^database' /etc/ldap/slapd.conf | awk '{print $2}')
curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}')
new_backend=$(grep '^database' slapd.conf | awk '{print $2}')
# save current database before any conf changes
@ -102,6 +102,23 @@ do_post_regen() {
fi
sudo service slapd force-reload
# on slow hardware/vm this regen conf would exit before the admin user that
# is stored in ldap is available because ldap seems to slow to restart
# so we'll wait either until we are able to log as admin or until a timeout
# is reached
# we need to do this because the next hooks executed after this one during
# postinstall requires to run as admin thus breaking postinstall on slow
# hardware which mean yunohost can't be correctly installed on those hardware
# and this sucks
# wait a maximum time of 5 minutes
# yes, force-reload behave like a restart
number_of_wait=0
while ! sudo su admin -c '' && ((number_of_wait < 60))
do
sleep 5
((number_of_wait += 1))
done
}
FORCE=${2:-0}

17
data/hooks/conf_regen/15-nginx
View file

@ -38,12 +38,19 @@ do_pre_regen() {
for domain in $domain_list; do
domain_conf_dir="${nginx_conf_dir}/${domain}.d"
mkdir -p "$domain_conf_dir"
mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/"
mkdir -p "$mail_autoconfig_dir"
# NGINX server configuration
cat server.tpl.conf \
| sed "s/{{ domain }}/${domain}/g" \
> "${nginx_conf_dir}/${domain}.conf"
cat autoconfig.tpl.xml \
| sed "s/{{ domain }}/${domain}/g" \
> "${mail_autoconfig_dir}/config-v1.1.xml"
[[ $main_domain != $domain ]] \
&& touch "${domain_conf_dir}/yunohost_local.conf" \
|| cp yunohost_local.conf "${domain_conf_dir}/yunohost_local.conf"
@ -58,6 +65,14 @@ do_pre_regen() {
|| touch "${nginx_conf_dir}/${file}"
done
# remove old mail-autoconfig files
autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true)
for file in $autoconfig_files; do
domain=$(basename $(readlink -f $(dirname $file)/../..))
[[ $domain_list =~ $domain ]] \
|| (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}")
done
# disable default site
mkdir -p "${nginx_dir}/sites-enabled"
touch "${nginx_dir}/sites-enabled/default"
@ -77,7 +92,7 @@ do_post_regen() {
done
# Reload nginx configuration
sudo service nginx reload
pgrep nginx && sudo service nginx reload
}
FORCE=${2:-0}

13
data/hooks/conf_regen/19-postfix
View file

@ -10,15 +10,25 @@ do_pre_regen() {
postfix_dir="${pending_dir}/etc/postfix"
mkdir -p "$postfix_dir"
default_dir="${pending_dir}/etc/default/"
mkdir -p "$default_dir"
# install plain conf files
cp plain/* "$postfix_dir"
# prepare main.cf conf file
main_domain=$(cat /etc/yunohost/current_host)
domain_list=$(sudo yunohost domain list --output-as plain --quiet | tr '\n' ' ')
cat main.cf \
| sed "s/{{ main_domain }}/${main_domain}/g" \
> "${postfix_dir}/main.cf"
cat postsrsd \
| sed "s/{{ main_domain }}/${main_domain}/g" \
| sed "s/{{ domain_list }}/${domain_list}/g" \
> "${default_dir}/postsrsd"
# adapt it for IPv4-only hosts
if [ ! -f /proc/net/if_inet6 ]; then
sed -i \
@ -34,7 +44,8 @@ do_post_regen() {
regen_conf_files=$1
[[ -z "$regen_conf_files" ]] \
|| sudo service postfix restart
|| { sudo service postfix restart && sudo service postsrsd restart; }
}
FORCE=${2:-0}

7
data/hooks/conf_regen/25-dovecot
View file

@ -26,11 +26,18 @@ do_pre_regen() {
's/^\(listen =\).*/\1 */' \
"${dovecot_dir}/dovecot.conf"
fi
mkdir -p "${dovecot_dir}/yunohost.d"
cp pre-ext.conf "${dovecot_dir}/yunohost.d"
cp post-ext.conf "${dovecot_dir}/yunohost.d"
}
do_post_regen() {
regen_conf_files=$1
sudo mkdir -p "/etc/dovecot/yunohost.d/pre-ext.d"
sudo mkdir -p "/etc/dovecot/yunohost.d/post-ext.d"
# create vmail user
id vmail > /dev/null 2>&1 \
|| sudo adduser --system --ingroup mail --uid 500 vmail

69
data/hooks/conf_regen/28-rmilter
View file

@ -1,69 +0,0 @@
#!/bin/bash
set -e
do_pre_regen() {
pending_dir=$1
cd /usr/share/yunohost/templates/rmilter
install -D -m 644 rmilter.conf \
"${pending_dir}/etc/rmilter.conf"
install -D -m 644 rmilter.socket \
"${pending_dir}/etc/systemd/system/rmilter.socket"
}
do_post_regen() {
regen_conf_files=$1
# retrieve variables
domain_list=$(sudo yunohost domain list --output-as plain --quiet)
# create DKIM directory
sudo mkdir -p /etc/dkim
# create DKIM key for domains
for domain in $domain_list; do
domain_key="/etc/dkim/${domain}.mail.key"
[ ! -f $domain_key ] && {
sudo opendkim-genkey --domain="$domain" \
--selector=mail --directory=/etc/dkim
sudo mv /etc/dkim/mail.private "$domain_key"
sudo mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt"
}
done
# fix DKIM keys permissions
sudo chown _rmilter /etc/dkim/*.mail.key
sudo chmod 400 /etc/dkim/*.mail.key
[ -z "$regen_conf_files" ] && exit 0
# reload systemd daemon
[[ "$regen_conf_files" =~ rmilter\.socket ]] && {
sudo systemctl -q daemon-reload
}
# ensure that the socket is listening and stop the service - it will be
# started again by the socket as needed
sudo systemctl -q start rmilter.socket
sudo systemctl -q stop rmilter.service 2>&1 || true
}
FORCE=${2:-0}
DRY_RUN=${3:-0}
case "$1" in
pre)
do_pre_regen $4
;;
post)
do_post_regen $4
;;
*)
echo "hook called with unknown argument \`$1'" >&2
exit 1
;;
esac
exit 0

39
data/hooks/conf_regen/31-rspamd
View file

@ -9,13 +9,43 @@ do_pre_regen() {
install -D -m 644 metrics.local.conf \
"${pending_dir}/etc/rspamd/local.d/metrics.conf"
install -D -m 644 dkim_signing.conf \
"${pending_dir}/etc/rspamd/local.d/dkim_signing.conf"
install -D -m 644 rspamd.sieve \
"${pending_dir}/etc/dovecot/global_script/rspamd.sieve"
}
do_post_regen() {
regen_conf_files=$1
##
## DKIM key generation
##
# create DKIM directory with proper permission
sudo mkdir -p /etc/dkim
sudo chown _rspamd /etc/dkim
# retrieve domain list
domain_list=$(sudo yunohost domain list --output-as plain --quiet)
# create DKIM key for domains
for domain in $domain_list; do
domain_key="/etc/dkim/${domain}.mail.key"
[ ! -f "$domain_key" ] && {
# We use a 1024 bit size because nsupdate doesn't seem to be able to
# handle 2048...
sudo opendkim-genkey --domain="$domain" \
--selector=mail --directory=/etc/dkim -b 1024
sudo mv /etc/dkim/mail.private "$domain_key"
sudo mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt"
}
done
# fix DKIM keys permissions
sudo chown _rspamd /etc/dkim/*.mail.key
sudo chmod 400 /etc/dkim/*.mail.key
regen_conf_files=$1
[ -z "$regen_conf_files" ] && exit 0
# compile sieve script
@ -25,10 +55,9 @@ do_post_regen() {
sudo systemctl restart dovecot
}
# ensure that the socket is listening and stop the service - it will be
# started again by the socket as needed
sudo systemctl -q start rspamd.socket
sudo systemctl -q stop rspamd.service 2>&1 || true
# Restart rspamd due to the upgrade
# https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html
sudo systemctl -q restart rspamd.service
}
FORCE=${2:-0}

12
data/hooks/conf_regen/34-mysql
View file

@ -1,6 +1,7 @@
#!/bin/bash
set -e
MYSQL_PKG="mariadb-server-10.1"
do_pre_regen() {
pending_dir=$1
@ -31,19 +32,14 @@ do_post_regen() {
"applications, and is going to reset the MySQL root password." \
"You can find this new password in /etc/yunohost/mysql." >&2
# retrieve MySQL package provider
ynh_package_is_installed "mariadb-server-10.0" \
&& mysql_pkg="mariadb-server-10.0" \
|| mysql_pkg="mysql-server-5.5"
# set new password with debconf
sudo debconf-set-selections << EOF
$mysql_pkg mysql-server/root_password password $mysql_password
$mysql_pkg mysql-server/root_password_again password $mysql_password
$MYSQL_PKG mysql-server/root_password password $mysql_password
$MYSQL_PKG mysql-server/root_password_again password $mysql_password
EOF
# reconfigure Debian package
sudo dpkg-reconfigure -freadline -u "$mysql_pkg" 2>&1
sudo dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1
else
echo "It seems that you have already configured MySQL." \
"YunoHost needs to have a root access to MySQL to runs its" \

11
data/hooks/conf_regen/43-dnsmasq
View file

@ -13,11 +13,20 @@ do_pre_regen() {
# create directory for pending conf
dnsmasq_dir="${pending_dir}/etc/dnsmasq.d"
mkdir -p "$dnsmasq_dir"
etcdefault_dir="${pending_dir}/etc/default"
mkdir -p "$etcdefault_dir"
# add general conf files
cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq
cp plain/dnsmasq.conf ${pending_dir}/etc/dnsmasq.conf
# add resolver file
cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf > ${pending_dir}/etc/resolv.dnsmasq.conf
# retrieve variables
ipv4=$(curl -s -4 https://ip.yunohost.org 2>/dev/null || true)
ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1'
ipv6=$(curl -s -6 http://ip6.yunohost.org 2>/dev/null || true)
ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true)
ynh_validate_ip6 "$ipv6" || ipv6=''
domain_list=$(sudo yunohost domain list --output-as plain --quiet)

2
data/hooks/conf_regen/46-nsswitch
View file

@ -14,7 +14,7 @@ do_post_regen() {
regen_conf_files=$1
[[ -z "$regen_conf_files" ]] \
|| sudo service nscd restart
|| sudo service unscd restart
}
FORCE=${2:-0}

2
data/hooks/conf_regen/52-fail2ban
View file

@ -9,9 +9,11 @@ do_pre_regen() {
fail2ban_dir="${pending_dir}/etc/fail2ban"
mkdir -p "${fail2ban_dir}/filter.d"
mkdir -p "${fail2ban_dir}/jail.d"
cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf"
cp jail.conf "${fail2ban_dir}/jail.conf"
cp yunohost-jails.conf "${fail2ban_dir}/jail.d/"
}
do_post_regen() {

13
data/hooks/post_backup_create/99-umount
View file

@ -1,13 +0,0 @@
tmp_dir=$1
retcode=$2
FAILURE=0
# Iterate over inverted ordered mountpoints to prevent issues
for m in $(mount | grep " ${tmp_dir}" | awk '{ print $3 }' | tac); do
sudo umount $m
[[ $? != 0 ]] && FAILURE=1
done
exit $FAILURE

20
data/hooks/restore/11-conf_ynh_mysql
View file

@ -1,4 +1,5 @@
backup_dir="$1/conf/ynh/mysql"
MYSQL_PKG="mariadb-server-10.1"
# ensure that mysql is running
service mysql status >/dev/null 2>&1 \
@ -6,9 +7,13 @@ service mysql status >/dev/null 2>&1 \
# retrieve current and new password
[ -f /etc/yunohost/mysql ] \
&& curr_pwd=$(sudo cat /etc/yunohost/mysql) \
|| curr_pwd="yunohost"
&& curr_pwd=$(sudo cat /etc/yunohost/mysql)
new_pwd=$(sudo cat "${backup_dir}/root_pwd" || sudo cat "${backup_dir}/mysql")
[ -z "$curr_pwd" ] && curr_pwd="yunohost"
[ -z "$new_pwd" ] && {
. /usr/share/yunohost/helpers.d/string
new_pwd=$(ynh_string_random 10)
}
# attempt to change it
sudo mysqladmin -s -u root -p"$curr_pwd" password "$new_pwd" || {
@ -19,19 +24,14 @@ sudo mysqladmin -s -u root -p"$curr_pwd" password "$new_pwd" || {
"applications, and is going to reset the MySQL root password." \
"You can find this new password in /etc/yunohost/mysql." >&2
# retrieve MySQL package provider
ynh_package_is_installed "mariadb-server-10.0" \
&& mysql_pkg="mariadb-server-10.0" \
|| mysql_pkg="mysql-server-5.5"
# set new password with debconf
sudo debconf-set-selections << EOF
$mysql_pkg mysql-server/root_password password $new_pwd
$mysql_pkg mysql-server/root_password_again password $new_pwd
$MYSQL_PKG mysql-server/root_password password $new_pwd
$MYSQL_PKG mysql-server/root_password_again password $new_pwd
EOF
# reconfigure Debian package
sudo dpkg-reconfigure -freadline -u "$mysql_pkg" 2>&1
sudo dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1
}
# store new root password

1
data/hooks/restore/23-data_mail
View file

@ -1,6 +1,7 @@
backup_dir="$1/data/mail"
sudo cp -a $backup_dir/. /var/mail/ || echo 'No mail found'
sudo chown -R vmail:mail /var/mail/
# Restart services to use migrated certs
sudo service postfix restart

14
data/other/yunoprompt.service Normal file
View file

@ -0,0 +1,14 @@
[Unit]
Description=YunoHost boot prompt
After=getty@tty2.service
[Service]
Type=simple
ExecStart=/usr/bin/yunoprompt
StandardInput=tty
TTYPath=/dev/tty2
TTYReset=yes
TTYVHangup=yes
[Install]
WantedBy=default.target

2
data/templates/dnsmasq/domain.tpl
View file

@ -1,7 +1,5 @@
resolv-file=
address=/{{ domain }}/{{ ip }}
txt-record={{ domain }},"v=spf1 mx a -all"
mx-host={{ domain }},{{ domain }},5
srv-host=_xmpp-client._tcp.{{ domain }},{{ domain }},5222,0,5
srv-host=_xmpp-server._tcp.{{ domain }},{{ domain }},5269,0,5
srv-host=_jabber._tcp.{{ domain }},{{ domain }},5269,0,5

6
data/templates/dnsmasq/plain/dnsmasq.conf Normal file
View file

@ -0,0 +1,6 @@
domain-needed
expand-hosts
listen-address=127.0.0.1
resolv-file=/etc/resolv.dnsmasq.conf
cache-size=256

33
data/templates/dnsmasq/plain/etcdefault Normal file
View file

@ -0,0 +1,33 @@
# This file has five functions:
# 1) to completely disable starting dnsmasq,
# 2) to set DOMAIN_SUFFIX by running `dnsdomainname`
# 3) to select an alternative config file
# by setting DNSMASQ_OPTS to --conf-file=<file>
# 4) to tell dnsmasq to read the files in /etc/dnsmasq.d for
# more configuration variables.
# 5) to stop the resolvconf package from controlling dnsmasq's
# idea of which upstream nameservers to use.
# For upgraders from very old versions, all the shell variables set
# here in previous versions are still honored by the init script
# so if you just keep your old version of this file nothing will break.
#DOMAIN_SUFFIX=`dnsdomainname`
#DNSMASQ_OPTS="--conf-file=/etc/dnsmasq.alt"
# Whether or not to run the dnsmasq daemon; set to 0 to disable.
ENABLED=1
# By default search this drop directory for configuration options.
# Libvirt leaves a file here to make the system dnsmasq play nice.
# Comment out this line if you don't want this. The dpkg-* are file
# endings which cause dnsmasq to skip that file. This avoids pulling
# in backups made by dpkg.
CONFIG_DIR=/etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new
# If the resolvconf package is installed, dnsmasq will use its output
# rather than the contents of /etc/resolv.conf to find upstream
# nameservers. Uncommenting this line inhibits this behaviour.
# Note that including a "resolv-file=<filename>" line in
# /etc/dnsmasq.conf is not enough to override resolvconf if it is
# installed: the line below must be uncommented.
IGNORE_RESOLVCONF=yes

31
data/templates/dnsmasq/plain/resolv.dnsmasq.conf Normal file
View file

@ -0,0 +1,31 @@
# This file will be used to generate /etc/resolv.dnsmasq.conf
# To avoid that every instance rely on the first server as primary
# server, this list is *shuffled* during every regen-conf of dnsmasq
# In the possibility where the first nameserver is down, dnsmasq
# will automatically switch to the next as primary server.
# List taken from
# http://diyisp.org/dokuwiki/doku.php?id=technical:dnsresolver
# (FR) FDN
nameserver 80.67.169.12
nameserver 80.67.169.40
# (FR) LDN
nameserver 80.67.188.188
# (FR) ARN
nameserver 89.234.141.66
# (FR) gozmail / grifon
nameserver 89.234.186.18
# (DE) FoeBud / Digital Courage
nameserver 85.214.20.141
# (FR) Aquilenet [added manually, following comments from @sachaz]
nameserver 141.255.128.100
nameserver 141.255.128.101
# (DE) CCC Berlin
nameserver 213.73.91.35
# (DE) Ideal-Hosting
nameserver 84.200.69.80
nameserver 84.200.70.40
# (DK) censurfridns
nameserver 91.239.100.100
nameserver 89.233.43.71

77
data/templates/dovecot/dovecot.conf
View file

@ -1,18 +1,48 @@
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-3-686-pae i686 Debian wheezy/sid ext4
!include yunohost.d/pre-ext.conf
listen = *, ::
auth_mechanisms = plain login
login_greeting = Dovecot ready!!
mail_gid = 8
mail_home = /var/mail/%n
mail_location = maildir:/var/mail/%n
mail_uid = 500
protocols = imap sieve
mail_plugins = $mail_plugins quota
ssl = yes
ssl_cert = </etc/yunohost/certs/{{ main_domain }}/crt.pem
ssl_key = </etc/yunohost/certs/{{ main_domain }}/key.pem
ssl_protocols = !SSLv3
passdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
protocols = imap sieve
mail_plugins = $mail_plugins quota
userdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
protocol imap {
imap_client_workarounds =
mail_plugins = $mail_plugins imap_quota antispam
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
mail_plugins = quota sieve
postmaster_address = postmaster@{{ main_domain }}
}
protocol sieve {
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
@ -26,26 +56,11 @@ service auth {
}
}
protocol sieve {
}
ssl = yes
ssl_cert = </etc/yunohost/certs/{{ main_domain }}/crt.pem
ssl_key = </etc/yunohost/certs/{{ main_domain }}/key.pem
ssl_protocols = !SSLv2 !SSLv3
userdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
protocol imap {
imap_client_workarounds =
mail_plugins = $mail_plugins imap_quota antispam
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
mail_plugins = quota sieve
postmaster_address = postmaster@{{ main_domain }}
service quota-warning {
executable = script /usr/bin/quota-warning.sh
user = vmail
unix_listener quota-warning {
}
}
plugin {
@ -66,11 +81,6 @@ plugin {
antispam_pipe_program_notspam_arg = learn_ham
}
plugin {
autosubscribe = Trash
autosubscribe2 = Junk
}
plugin {
quota = maildir:User quota
quota_rule2 = SPAM:ignore
@ -83,9 +93,4 @@ plugin {
quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over quota
}
service quota-warning {
executable = script /usr/bin/quota-warning.sh
user = vmail
unix_listener quota-warning {
}
}
!include yunohost.d/post-ext.conf

1
data/templates/dovecot/post-ext.conf Normal file
View file

@ -0,0 +1 @@
!include_try post-ext.d/*.conf

1
data/templates/dovecot/pre-ext.conf Normal file
View file

@ -0,0 +1 @@
!include_try pre-ext.d/*.conf

955
data/templates/fail2ban/jail.conf
View file

File diff suppressed because it is too large Load diff

32
data/templates/fail2ban/yunohost-jails.conf Normal file
View file

@ -0,0 +1,32 @@
[sshd]
enabled = true
[sshd-ddos]
enabled = true
[nginx-http-auth]
enabled = true
[postfix]
enabled = true
[dovecot]
enabled = true
[postfix-sasl]
enabled = true
[recidive]
enabled = true
[pam-generic]
enabled = true
[yunohost]
enabled = true
port = http,https
protocol = tcp
filter = yunohost
logpath = /var/log/nginx/*error.log
/var/log/nginx/*access.log
maxretry = 6

4
data/templates/fail2ban/yunohost.conf
View file

@ -14,8 +14,8 @@
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#
failregex = access.lua:[1-9]+: authenticate\(\): Connection failed for: .*, client: <HOST>
^<HOST> -.*\"POST /yunohost/api/login HTTP/1.1\" 401 22
failregex = helpers.lua:[0-9]+: authenticate\(\): Connection failed for: .*, client: <HOST>
^<HOST> -.*\"POST /yunohost/api/login HTTP/1.1\" 401
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.

19
data/templates/nginx/autoconfig.tpl.xml Normal file
View file

@ -0,0 +1,19 @@
<clientConfig version="1.1">
<emailProvider id="{{ domain }}">
<domain>{{ domain }}</domain>
<incomingServer type="imap">
<hostname>{{ domain }}</hostname>
<port>993</port>
<socketType>SSL</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILLOCALPART%</username>
</incomingServer>
<outgoingServer type="smtp">
<hostname>{{ domain }}</hostname>
<port>587</port>
<socketType>STARTTLS</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILLOCALPART%</username>
</outgoingServer>
</emailProvider>
</clientConfig>

1
data/templates/nginx/plain/global.conf
View file

@ -1 +1,2 @@
server_tokens off;
gzip_types text/css text/javascript application/javascript;

42
data/templates/nginx/plain/yunohost_admin.conf
View file

@ -12,6 +12,9 @@ server {
}
server {
# Disabling http2 for now as it's causing weird issues with curl
#listen 443 ssl http2 default_server;
#listen [::]:443 ssl http2 default_server;
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
@ -19,11 +22,42 @@ server {
ssl_certificate_key /etc/yunohost/certs/yunohost.org/key.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!aNULL:!eNULL:!LOW:!EXP:!RC4:!3DES:+HIGH:+MEDIUM;
add_header Strict-Transport-Security "max-age=31536000;";
# As suggested by Mozilla : https://wiki.mozilla.org/Security/Server_Side_TLS and https://en.wikipedia.org/wiki/Curve25519
# (this doesn't work on jessie though ...?)
# ssl_ecdh_curve secp521r1:secp384r1:prime256v1;
# As suggested by https://cipherli.st/
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;
# Ciphers with intermediate compatibility
# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.6.2&openssl=1.0.1t&hsts=yes&profile=intermediate
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
# Ciphers with modern compatibility
# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.6.2&openssl=1.0.1t&hsts=yes&profile=modern
# Uncomment the following to use modern ciphers, but remove compatibility with some old clients (android < 5.0, Internet Explorer < 10, ...)
#ssl_protocols TLSv1.2;
#ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
# Uncomment the following directive after DH generation
# > openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048
#ssl_dhparam /etc/ssl/private/dh2048.pem;
# Follows the Web Security Directives from the Mozilla Dev Lab and the Mozilla Obervatory + Partners
# https://wiki.mozilla.org/Security/Guidelines/Web_Security
# https://observatory.mozilla.org/
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header 'Referrer-Policy' 'same-origin';
add_header Content-Security-Policy "upgrade-insecure-requests; object-src 'none'; script-src https: 'unsafe-eval'";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Frame-Options "SAMEORIGIN";
location / {
return 302 https://$http_host/yunohost/admin;

5
data/templates/nginx/plain/yunohost_admin.conf.inc
View file

@ -1,4 +1,7 @@
location /yunohost/admin {
# Avoid the nginx path/alias traversal weakness ( #1037 )
rewrite ^/yunohost/admin$ /yunohost/admin/ permanent;
location /yunohost/admin/ {
alias /usr/share/yunohost/admin/;
default_type text/html;
index index.html;

6
data/templates/nginx/plain/yunohost_panel.conf.inc
View file

@ -1,2 +1,8 @@
# Insert YunoHost panel
sub_filter </head> '<script type="text/javascript" src="/ynhpanel.js"></script></head>';
sub_filter_once on;
# Apply to other mime types than text/html
sub_filter_types application/xhtml+xml;
# Prevent YunoHost panel files from being blocked by specific app rules
location ~ ynhpanel\.(js|json|css) {
}

42
data/templates/nginx/server.tpl.conf
View file

@ -11,11 +11,18 @@ server {
return 301 https://$http_host$request_uri;
}
location /.well-known/autoconfig/mail {
alias /var/www/.well-known/{{ domain }}/autoconfig/mail;
}
access_log /var/log/nginx/{{ domain }}-access.log;
error_log /var/log/nginx/{{ domain }}-error.log;
}
server {
# Disabling http2 for now as it's causing weird issues with curl
#listen 443 ssl http2;
#listen [::]:443 ssl http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name {{ domain }};
@ -24,16 +31,43 @@ server {
ssl_certificate_key /etc/yunohost/certs/{{ domain }}/key.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!aNULL:!eNULL:!LOW:!EXP:!RC4:!3DES:+HIGH:+MEDIUM;
add_header Strict-Transport-Security "max-age=31536000;";
# As suggested by Mozilla : https://wiki.mozilla.org/Security/Server_Side_TLS and https://en.wikipedia.org/wiki/Curve25519
# (this doesn't work on jessie though ...?)
# ssl_ecdh_curve secp521r1:secp384r1:prime256v1;
# As suggested by https://cipherli.st/
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;
# Ciphers with intermediate compatibility
# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.6.2&openssl=1.0.1t&hsts=yes&profile=intermediate
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
# Ciphers with modern compatibility
# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.6.2&openssl=1.0.1t&hsts=yes&profile=modern
# Uncomment the following to use modern ciphers, but remove compatibility with some old clients (android < 5.0, Internet Explorer < 10, ...)
#ssl_protocols TLSv1.2;
#ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
# Uncomment the following directive after DH generation
# > openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048
#ssl_dhparam /etc/ssl/private/dh2048.pem;
# Follows the Web Security Directives from the Mozilla Dev Lab and the Mozilla Obervatory + Partners
# https://wiki.mozilla.org/Security/Guidelines/Web_Security
# https://observatory.mozilla.org/
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header Content-Security-Policy "upgrade-insecure-requests";
add_header Content-Security-Policy-Report-Only "default-src https: data: 'unsafe-inline' 'unsafe-eval'";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Frame-Options "SAMEORIGIN";
access_by_lua_file /usr/share/ssowat/access.lua;
include conf.d/{{ domain }}.d/*.conf;

2
data/templates/nsswitch/nsswitch.conf
View file

@ -9,7 +9,7 @@ group: compat ldap
shadow: compat ldap
gshadow: files
hosts: files mdns4_minimal [NOTFOUND=return] dns
hosts: files myhostname mdns4_minimal [NOTFOUND=return] dns
networks: files
protocols: db files

19
data/templates/postfix/main.cf
View file

@ -45,6 +45,11 @@ smtp_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers
smtp_tls_mandatory_ciphers= $smtpd_tls_mandatory_ciphers
smtp_tls_loglevel=1
# Configure Root CA certificates
# (for example, avoids getting "Untrusted TLS connection established to" messages in logs)
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
@ -60,8 +65,8 @@ mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
#### Fit to the maximum message size allowed by GMail or Yahoo ####
message_size_limit = 26214400
#### Fit to the maximum message size to 30mb, more than allowed by GMail or Yahoo ####
message_size_limit = 31457280
# Virtual Domains Control
virtual_mailbox_domains = ldap:/etc/postfix/ldap-domains.cf
@ -72,6 +77,7 @@ virtual_alias_domains =
virtual_minimum_uid = 100
virtual_uid_maps = static:vmail
virtual_gid_maps = static:mail
smtpd_sender_login_maps= ldap:/etc/postfix/ldap-accounts.cf
# Dovecot LDA
virtual_transport = dovecot
@ -113,7 +119,8 @@ smtpd_helo_restrictions =
permit
# Requirements for the sender address
smtpd_sender_restrictions =
smtpd_sender_restrictions =
reject_sender_login_mismatch,
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_sender,
@ -130,8 +137,10 @@ smtpd_recipient_restrictions =
permit
# SRS
sender_canonical_maps = regexp:/etc/postfix/sender_canonical
sender_canonical_maps = tcp:localhost:10001
sender_canonical_classes = envelope_sender
recipient_canonical_maps = tcp:localhost:10002
recipient_canonical_classes= envelope_recipient,header_recipient
# Ignore some headers
smtp_header_checks = regexp:/etc/postfix/header_checks
@ -141,7 +150,7 @@ smtp_reply_filter = pcre:/etc/postfix/smtp_reply_filter
# Rmilter
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_protocol = 6
smtpd_milters = inet:localhost:11000
smtpd_milters = inet:localhost:11332
# Skip email without checking if milter has died
milter_default_action = accept

85
data/templates/postfix/plain/master.cf
View file

@ -1,53 +1,67 @@
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - - - - smtpd
submission inet n - - - - smtpd
smtp inet n - y - - smtpd
#smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
smtps inet n - - - - smtpd
-o header_checks=pcre:/etc/postfix/header_checks
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - y - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
#628 inet n - y - - qmqpd
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o smtp_fallback_relay=
smtp unix - - y - - smtp
relay unix - - y - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
@ -111,8 +125,3 @@ mailman unix - n n - - pipe
# Dovecot LDA
dovecot unix - n n - - pipe
flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -m ${extension}
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
# Added using postfix-add-filter script:

43
data/templates/postfix/postsrsd Normal file
View file

@ -0,0 +1,43 @@
# Default settings for postsrsd
# Local domain name.
# Addresses are rewritten to originate from this domain. The default value
# is taken from `postconf -h mydomain` and probably okay.
#
SRS_DOMAIN={{ main_domain }}
# Exclude additional domains.
# You may list domains which shall not be subjected to address rewriting.
# If a domain name starts with a dot, it matches all subdomains, but not
# the domain itself. Separate multiple domains by space or comma.
# We have to put some "dummy" stuff at start and end... see this comment :
# https://github.com/roehling/postsrsd/issues/64#issuecomment-284003762
SRS_EXCLUDE_DOMAINS=dummy {{ domain_list }} dummy
# First separator character after SRS0 or SRS1.
# Can be one of: -+=
SRS_SEPARATOR==
# Secret key to sign rewritten addresses.
# When postsrsd is installed for the first time, a random secret is generated
# and stored in /etc/postsrsd.secret. For most installations, that's just fine.
#
SRS_SECRET=/etc/postsrsd.secret
# Local ports for TCP list.
# These ports are used to bind the TCP list for postfix. If you change
# these, you have to modify the postfix settings accordingly. The ports
# are bound to the loopback interface, and should never be exposed on
# the internet.
#
SRS_FORWARD_PORT=10001
SRS_REVERSE_PORT=10002
# Drop root privileges and run as another user after initialization.
# This is highly recommended as postsrsd handles untrusted input.
#
RUN_AS=postsrsd
# Jail daemon in chroot environment
CHROOT=/var/lib/postsrsd

18
data/templates/rmilter/rmilter.conf
View file

@ -1,18 +0,0 @@
# systemd-specific settings for rmilter
.include /etc/rmilter.conf.common
# pidfile - path to pid file
pidfile = /run/rmilter/rmilter.pid;
# rmilter is socket-activated under systemd
bind_socket = fd:3;
# DKIM signing
dkim {
domain {
key = /etc/dkim;
domain = "*";
selector = "mail";
};
};

5
data/templates/rmilter/rmilter.socket
View file

@ -1,5 +0,0 @@
.include /lib/systemd/system/rmilter.socket
[Socket]
ListenStream=
ListenStream=127.0.0.1:11000

16
data/templates/rspamd/dkim_signing.conf Normal file
View file

@ -0,0 +1,16 @@
allow_envfrom_empty = true;
allow_hdrfrom_mismatch = false;
allow_hdrfrom_multiple = false;
allow_username_mismatch = true;
auth_only = true;
path = "/etc/dkim/$domain.$selector.key";
selector = "mail";
sign_local = true;
symbol = "DKIM_SIGNED";
try_fallback = true;
use_domain = "header";
use_esld = false;
use_redis = false;
key_prefix = "DKIM_KEYS";

9
data/templates/rspamd/milter_headers.conf Normal file
View file

@ -0,0 +1,9 @@
use = ["spam-header"];
routines {
spam-header {
header = "X-Spam";
value = "Yes";
remove = 1;
}
}

3
data/templates/ssh/sshd_config
View file

@ -66,6 +66,9 @@ PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
# keep ssh sessions fresh
ClientAliveInterval 60
#MaxStartups 10:30:60
Banner /etc/issue.net

3
data/templates/unattended/02periodic
View file

@ -1,5 +1,4 @@
02periodic 50unattended-upgrades
root@65ba01d0c078:/usr/share/yunohost/yunohost-config/unattended# cat 02periodic
# https://wiki.debian.org/UnattendedUpgrades#automatic_call_via_.2Fetc.2Fapt.2Fapt.conf.d.2F02periodic
APT::Periodic::Enable "1";
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";

43
data/templates/yunohost/etckeeper.conf Normal file
View file

@ -0,0 +1,43 @@
# The VCS to use.
#VCS="hg"
VCS="git"
#VCS="bzr"
#VCS="darcs"
# Options passed to git commit when run by etckeeper.
GIT_COMMIT_OPTIONS="--quiet"
# Options passed to hg commit when run by etckeeper.
HG_COMMIT_OPTIONS=""
# Options passed to bzr commit when run by etckeeper.
BZR_COMMIT_OPTIONS=""
# Options passed to darcs record when run by etckeeper.
DARCS_COMMIT_OPTIONS="-a"
# Uncomment to avoid etckeeper committing existing changes
# to /etc automatically once per day.
#AVOID_DAILY_AUTOCOMMITS=1
# Uncomment the following to avoid special file warning
# (the option is enabled automatically by cronjob regardless).
#AVOID_SPECIAL_FILE_WARNING=1
# Uncomment to avoid etckeeper committing existing changes to
# /etc before installation. It will cancel the installation,
# so you can commit the changes by hand.
#AVOID_COMMIT_BEFORE_INSTALL=1
# The high-level package manager that's being used.
# (apt, pacman-g2, yum, zypper etc)
HIGHLEVEL_PACKAGE_MANAGER=apt
# The low-level package manager that's being used.
# (dpkg, rpm, pacman, pacman-g2, etc)
LOWLEVEL_PACKAGE_MANAGER=dpkg
# To push each commit to a remote, put the name of the remote here.
# (eg, "origin" for git). Space-separated lists of multiple remotes
# also work (eg, "origin gitlab github" for git).
PUSH_REMOTE=""

8
data/templates/yunohost/firewall.yml
View file

@ -1,10 +1,10 @@
uPnP:
enabled: false
TCP: [22, 25, 53, 80, 443, 465, 587, 993, 5222, 5269]
UDP: [53]
TCP: [22, 25, 80, 443, 587, 993, 5222, 5269]
UDP: []
ipv4:
TCP: [22, 25, 53, 80, 443, 465, 587, 993, 5222, 5269]
TCP: [22, 25, 53, 80, 443, 587, 993, 5222, 5269]
UDP: [53, 5353]
ipv6:
TCP: [22, 25, 53, 80, 443, 465, 587, 993, 5222, 5269]
TCP: [22, 25, 53, 80, 443, 587, 993, 5222, 5269]
UDP: [53, 5353]

70
data/templates/yunohost/services.yml
View file

@ -1,56 +1,50 @@
nginx:
status: service
log: /var/log/nginx
log: /var/log/nginx
avahi-daemon:
status: service
log: /var/log/daemon.log
log: /var/log/daemon.log
dnsmasq:
status: service
log: /var/log/daemon.log
log: /var/log/daemon.log
fail2ban:
log: /var/log/fail2ban.log
dovecot:
status: service
log: [/var/log/mail.log,/var/log/mail.err]
log: [/var/log/mail.log,/var/log/mail.err]
postfix:
status: service
log: [/var/log/mail.log,/var/log/mail.err]
rmilter:
status: systemctl status rmilter.socket
log: /var/log/mail.log
log: [/var/log/mail.log,/var/log/mail.err]
rspamd:
status: systemctl status rspamd.socket
log: /var/log/mail.log
log: /var/log/rspamd/rspamd.log
redis-server:
status: service
log: /var/log/redis/redis-server.log
log: /var/log/redis/redis-server.log
mysql:
status: service
log: [/var/log/mysql.log,/var/log/mysql.err]
glances:
status: service
log: [/var/log/mysql.log,/var/log/mysql.err]
alternates: ['mariadb']
glances: {}
ssh:
status: service
log: /var/log/auth.log
log: /var/log/auth.log
ssl:
status: null
metronome:
status: metronomectl status
log: [/var/log/metronome/metronome.log,/var/log/metronome/metronome.err]
log: [/var/log/metronome/metronome.log,/var/log/metronome/metronome.err]
slapd:
status: service
log: /var/log/syslog
php5-fpm:
status: service
log: /var/log/php5-fpm.log
log: /var/log/syslog
php7.0-fpm:
log: /var/log/php7.0-fpm.log
yunohost-api:
status: service
log: /var/log/yunohost/yunohost-api.log
log: /var/log/yunohost/yunohost-api.log
yunohost-firewall:
status: service
need_lock: true
nslcd:
status: service
log: /var/log/syslog
log: /var/log/syslog
nsswitch:
status: service
udisks2:
status: service
status: null
yunohost:
status: null
bind9: null
tahoe-lafs: null
memcached: null
udisks2: null
udisk-glue: null
amavis: null
postgrey: null
spamassassin: null
rmilter: null
php5-fpm: null

895
debian/changelog vendored
View file

@ -1,3 +1,898 @@
yunohost (3.2.0~testing1) testing; urgency=low
* Add logging system of every unit operation (#165)
* Add a helper `ynh_info` for apps, so that they can comment on what is going on during scripts execution (#383)
* Fix the Sender Rewriting Scheme (#331)
* Add `ynh_render_template` to be able to render Jinja 2 templates (#463)
Thanks to all contributors : Bram, ljf, Aleks !
-- Alexandre Aubin <alex.aubin@mailoo.org> Thu, 23 Aug 2018 21:45:00 +0000
yunohost (3.1.0) stable; urgency=low
Highlights
==========
* Add MUA autoconfiguration (e.g. for Thunderbird) (#495)
* Experimental : Configuration panel for applications (#488)
* Experimental : Allow applications to ship custom actions (#486, #505)
Other fixes / improvements
==========================
* Fix an issue with mail permission after restoring them (#496)
* Optimize imports in certificate.py (#497)
* Add timeout to get_public_ip so that 'dyndns update' don't get stuck (#502)
* Use human-friendly choices for booleans during apps installations (#498)
* Fix the way we detect we're inside a container (#508)
* List existing users during app install if the app ask for a user (#506)
* Allow apps to tell they don't want to be displayed in the SSO (#507)
* After postinstall, advice the admin to create a first user (#510)
* Disable checks in acme_tiny lib is --no-checks is used (#509)
* Better UX in case of url conflicts when installing app (#512)
* Misc fixes / improvements
Thanks to all contributors : pitchum, ljf, Bram, Josue, Aleks !
-- Alexandre Aubin <alex.aubin@mailoo.org> Wed, 15 Aug 2018 21:34:00 +0000
yunohost (3.0.0.1) stable; urgency=low
* Fix remaining use of --verbose and --ignore-system during backup/restore
of app upgrades
-- Alexandre Aubin <alex.aubin@mailoo.org> Mon, 18 Jun 2018 18:31:00 +0000
yunohost (3.0.0) stable; urgency=low
* Merge with jessie's branches
* Release as stable
-- Alexandre Aubin <alex.aubin@mailoo.org> Sun, 17 Jun 2018 03:25:00 +0000
yunohost (3.0.0~beta1.7) testing; urgency=low
* Merge with jessie's branches
* Set verbose by default
* Remove archivemount stuff
* Correctly patch php5/php7 stuff when doing a backup restore
* Fix counter-intuitive backup API
-- Alexandre Aubin <alex.aubin@mailoo.org> Sat, 16 Jun 2018 16:20:00 +0000
yunohost (3.0.0~beta1.6) testing; urgency=low
* [fix] Service description for php7.0-fpm
* [fix] Remove old logrotate for php5-fpm during migration
* [fix] Explicitly enable php7.0-fpm and disable php5-fpm during migration
* [fix] Don't open the old SMTP port anymore (465)
* [enh] Check space available before running the postgresql migration
-- Alexandre Aubin <alex.aubin@mailoo.org> Tue, 12 Jun 2018 01:00:00 +0000
yunohost (3.0.0~beta1.5) testing; urgency=low
* (c.f. 2.7.13.4)
-- Alexandre Aubin <alex.aubin@mailoo.org> Mon, 02 Jun 2018 00:14:00 +0000
yunohost (3.0.0~beta1.4) testing; urgency=low
* Merge with jessie's branches
-- Alexandre Aubin <alex.aubin@mailoo.org> Mon, 28 May 2018 02:30:00 +0000
yunohost (3.0.0~beta1.3) testing; urgency=low
* Use mariadb 10.1 now
* Convert old php comment starting with # for php5->7 migration
-- Alexandre Aubin <alex.aubin@mailoo.org> Sat, 12 May 2018 19:26:00 +0000
yunohost (3.0.0~beta1.2) testing; urgency=low
Removing http2 also from yunohost_admin.conf since there still are some
issues with wordpress ?
-- Alexandre Aubin <alex.aubin@mailoo.org> Tue, 08 May 2018 05:52:00 +0000
yunohost (3.0.0~beta1.1) testing; urgency=low
Fixes in the postgresql migration
-- Alexandre Aubin <alex.aubin@mailoo.org> Sun, 06 May 2018 03:06:00 +0000
yunohost (3.0.0~beta1) testing; urgency=low
Beta release for Stretch
-- Alexandre Aubin <alex.aubin@mailoo.org> Thu, 03 May 2018 03:04:45 +0000
yunohost (2.7.14) stable; urgency=low
* Last minute fix : install php7.0-acpu to hopefully make stretch still work after the upgrade
* Improve Occitan, French, Portuguese, Arabic translations
* [fix] local variables and various fix on psql helpers
-- Alexandre Aubin <alex.aubin@mailoo.org> Sun, 17 Jun 2018 01:16:13 +0000
yunohost (2.7.13.6) testing; urgency=low
* Misc fixes
* [stretch-migration] Disable predictable network interface names
Fixes by Bram and Aleks
-- Alexandre Aubin <alex.aubin@mailoo.org> Fri, 15 Jun 2018 16:20:00 +0000
yunohost (2.7.13.5) testing; urgency=low
* [fix] a bug when log to be fetched is empty
* [fix] a bug when computing diff in regen_conf
* [stretch-migration] Tell postgresql-common to not send an email about 9.4->9.6 migration
* [stretch-migration] Close port 465 / open port 587 during migration according to SMTP port change in postfix
* [stretch-migration] Rely on /etc/os-release to get debian release number
Fixes by Bram and Aleks
-- Alexandre Aubin <alex.aubin@mailoo.org> Tue, 12 Jun 2018 01:00:00 +0000
yunohost (2.7.13.4) testing; urgency=low
* Fix a bug for services with alternate names (mysql<->mariadb)
* Fix a bug in regen conf when computing diff with files that don't exists
* Increase backup filename length
(Fixes by Bram <3)
-- Alexandre Aubin <alex.aubin@mailoo.org> Tue, 05 Jun 2018 18:22:00 +0000
yunohost (2.7.13.3) testing; urgency=low
* [enh] Add postgresql helpers (#238)
* [enh] Bring back the bootprompt (#363)
* [enh] Allow to disable the backup during the upgrade (#431)
* [fix] Remove warning from equivs (#439)
* [enh] Add SOURCE_EXTRACT (true/false) in ynh_setup_source (#460)
* [enh] More debug output in services.py (#468)
* [enh] Be able to use more variables in template for nginx conf (#462)
* [enh] Upgrade Meltdown / Spectre diagnosis (#464)
* [enh] Check services status via dbus (#469, #478, #479)
* [mod] Cleaning in services.py code (#470, #472)
* [enh] Improvate and translate service descriptions (#476)
* [fix] Fix "untrusted TLS connection" in mail logs (#471)
* [fix] Make apt-get helper not quiet so we can debug (#475)
* [i18n] Improve Occitan, Portuguese, Arabic, French translations
Contributors : ljf, Maniack, Josue, Aleks, Bram, Quent-in, itxtoledo, ButterflyOfFire, Jibec, ariasuni, Haelwenn
-- Alexandre Aubin <alex.aubin@mailoo.org> Mon, 28 May 2018 02:23:00 +0000
yunohost (2.7.13.2) testing; urgency=low
* [fix] Fix an error with services marked as None (#466)
* [fix] Issue with nginx not upgrading correctly /etc/nginx/nginx.conf if it was manually modified
-- Alexandre Aubin <alex.aubin@mailoo.org> Fri, 11 May 2018 02:06:42 +0000
yunohost (2.7.13.1) testing; urgency=low
* [fix] Misc fixes on stretch migration following feedback
-- Alexandre Aubin <alex.aubin@mailoo.org> Wed, 09 May 2018 00:44:50 +0000
yunohost (2.7.13) testing; urgency=low
* [enh] Add 'manual migration' mechanism to the migration framework (#429)
* [enh] Add Stretch migration (#433)
* [enh] Use recommended ECDH curves (#454)
-- Alexandre Aubin <alex.aubin@mailoo.org> Sun, 06 May 2018 23:10:13 +0000
yunohost (2.7.12) stable; urgency=low
* [i18n] Improve translation for Portuguese
* Bump version number for stable release
-- Alexandre Aubin <alex.aubin@mailoo.org> Sun, 06 May 2018 16:40:11 +0000
yunohost (2.7.11.1) testing; urgency=low
* [fix] Nginx Regression typo (#459)
-- Alexandre Aubin <alex.aubin@mailoo.org> Wed, 02 May 2018 12:12:45 +0000
yunohost (2.7.11) testing; urgency=low
Important changes / fixes
-------------------------
* [enh] Add commands to manage user ssh accesses and keys (#403, #445)
* [fix] Fix Lets Encrypt install when an app is installed at root (#428)
* [enh] Improve performances by lazy-loading some modules (#451)
* [enh] Use Mozilla's recommended headers in nginx conf (#399, #456)
* [fix] Fix path traversal issues in yunohost admin nginx conf (#420)
* [helpers] Add nodejs helpers (#441, #446)
Other changes
-------------
* [enh] Enable gzip compression for common text mimetypes in nginx (#356)
* [enh] Add 'post' hooks on app management operations (#360)
* [fix] Fix an issue with custom backup methods and crons (#421)
* [mod] Simplify the way we fetch and test global ip (#424)
* [enh] Manage etckeeper.conf to make etckeeper quiet (#426)
* [fix] Be able to access conf folder in change_url scripts (#427)
* [enh] Verbosify backup/restores that are performed during app upgrades (#432)
* [enh] Display debug information on cert-install/renew failure (#447)
* [fix] Add mailutils and wget as a dependencies
* [mod] Misc tweaks to display more info when some commands fail
* [helpers] More explicit depreciation warning for 'app checkurl'
* [helpers] Fix an issue in ynh_restore_file if destination already exists (#384)
* [helpers] Update php-fpm helpers to handle stretch/php7 and a smooth migration (#373)
* [helpers] Add helper 'ynh_get_debian_release' (#373)
* [helpers] Trigger an error when failing to install dependencies (#381)
* [helpers] Allow for 'or' in dependencies (#381)
* [helpers] Tweak the usage of BACKUP_CORE_ONLY (#398)
* [helpers] Tweak systemd config helpers (optional service name and template name) (#425)
* [i18n] Improve translations for Arabic, French, German, Occitan, Spanish
Thanks to all contributors (ariasuni, ljf, JimboJoe, frju365, Maniack, J-B Lescher, Josue, Aleks, Bram, jibec) and the several translators (ButterflyOfFire, Eric G., Cedric, J. Keerl, beyercenter, P. Gatzka, Quenti, bjarkan) <3 !
-- Alexandre Aubin <alex.aubin@mailoo.org> Tue, 01 May 2018 22:04:40 +0000
yunohost (2.7.10) stable; urgency=low
* [fix] Fail2ban conf/filter was not matching failed login attempts...
-- Alexandre Aubin <alex.aubin@mailoo.org> Wed, 07 Mar 2018 12:43:35 +0000
yunohost (2.7.9) stable; urgency=low
(Bumping version number for stable release)
-- Alexandre Aubin <alex.aubin@mailoo.org> Tue, 30 Jan 2018 17:42:00 +0000
yunohost (2.7.8) testing; urgency=low
* [fix] Use HMAC-SHA512 for DynDNS TSIG
* [fix] Fix ynh_restore_upgradebackup
* [i18n] Improve french translation
Thanks to all contributors (Bram, Maniack, jibec, Aleks) ! <3
-- Alexandre Aubin <alex.aubin@mailoo.org> Wed, 24 Jan 2018 12:15:12 -0500
yunohost (2.7.7) stable; urgency=low
(Bumping version number for stable release)
-- Alexandre Aubin <alex.aubin@mailoo.org> Thu, 18 Jan 2018 17:45:21 -0500
yunohost (2.7.6.1) testing; urgency=low
* [fix] Fix Meltdown diagnosis
* [fix] Improve error handling of 'nginx -t' and Metdown diagnosis
-- Alexandre Aubin <alex.aubin@mailoo.org> Wed, 17 Jan 2018 13:11:02 -0500
yunohost (2.7.6) testing; urgency=low
Major changes:
* [enh] Add new api entry point to check for Meltdown vulnerability
* [enh] New command 'app change-label'
Misc fixes/improvements:
* [helpers] Fix upgrade of fake package
* [helpers] Fix ynh_use_logrotate
* [helpers] Fix broken ynh_replace_string
* [helpers] Use local variables
* [enh/fix] Save the conf/ directory of app during installation and upgrade
* [enh] Improve UX for app messages
* [enh] Keep SSH sessions alive
* [enh] --version now display stable/testing/unstable information
* [enh] Backup: add ability to symlink the archives dir
* [enh] Add regen-conf messages, nginx -t and backports .deb to diagnosis output
* [fix] Comment line syntax for DNS zone recommendation (use ';')
* [fix] Fix a bug in disk diagnosis
* [mod] Use systemctl for all service operations
* [i18n] Improved Spanish and French translations
Thanks to all contributors (Maniack, Josue, Bram, ljf, Aleks, Jocelyn, JimboeJoe, David B, Lapineige, ...) ! <3
-- Alexandre Aubin <alex.aubin@mailoo.org> Tue, 16 Jan 2018 17:17:34 -0500
yunohost (2.7.5) stable; urgency=low
(Bumping version number for stable release)
-- Alexandre Aubin <alex.aubin@mailoo.org> Sat, 02 Dec 2017 12:38:00 -0500
yunohost (2.7.4) testing; urgency=low
* [fix] Update acme-tiny as LE updated its ToS (#386)
* [fix] Fix helper for old apps without backup script (#388)
* [mod] Remove port 53 from UPnP (but keep it open on local network) (#362)
* [i18n] Improve French translation
Thanks to all contributors <3 ! (jibec, Moul, Maniack, Aleks)
-- Alexandre Aubin <alex.aubin@mailoo.org> Tue, 28 Nov 2017 19:01:41 -0500
yunohost (2.7.3) testing; urgency=low
Major changes :
* [fix] Refactor/clean madness related to DynDNS (#353)
* [i18n] Improve french translation (#355)
* [fix] Use cryptorandom to generate password (#358)
* [enh] Support for single app upgrade from the webadmin (#359)
* [enh] Be able to give lock to son processes detached by systemctl (#367)
* [enh] Make MySQL dumps with a single transaction to ensure backup consistency (#370)
Misc fixes/improvements :
* [enh] Escape some special character in ynh_replace_string (#354)
* [fix] Allow dash at the beginning of app settings value (#357)
* [enh] Handle root path in nginx conf (#361)
* [enh] Add debugging in ldap init (#365)
* [fix] Fix app_upgrade_string with missing key
* [fix] Fix for change_url path normalizing with root url (#368)
* [fix] Missing 'ask_path' string (#369)
* [enh] Remove date from sql dump (#371)
* [fix] Fix unicode error in backup/restore (#375)
* [fix] Fix an error in ynh_replace_string (#379)
Thanks to all contributors <3 ! (Bram, Maniack C, ljf, JimboJoe, ariasuni, Jibec, Aleks)
-- Alexandre Aubin <alex.aubin@mailoo.org> Thu, 12 Oct 2017 16:18:51 -0400
yunohost (2.7.2) stable; urgency=low
* [mod] pep8
* [fix] Explicitly require moulinette and ssowat >= 2.7.1
* [fix] Set firewall start as background task (to be done right after postinstall) to avoid lock issues
Thanks to all contributors <3 ! (Bram, Alex)
-- Alexandre Aubin <alex.aubin@mailoo.org> Tue, 22 Aug 2017 21:25:17 -0400
yunohost (2.7.1) testing; urgency=low
## Security: uses sha-512 to store password and auto upgrade old password on login
* [fix] use real random for hash selection (Laurent Peuch)
* [enh] use the full length of available chars for salt generation (Laurent Peuch)
* [mod] add more salt because life is miserable (Laurent Peuch)
* [fix] move to sh512 because it's fucking year 2017 (Laurent Peuch)
* [enh] according to https://www.safaribooksonline.com/library/view/practical-unix-and/0596003234/ch04s03.html we can go up to 16 salt caracters (Laurent Peuch)
* [fix] also uses sha512 in user_update() (Laurent Peuch)
* [fix] uses strong hash for admin password (Laurent Peuch)
## Add a reboot/shutdown action
* [enh] Add reboot/shutdown actions in tools (#190) (Laurent Peuch, opi)
## Change lock mechanism
* Remove old 'lock' configuration (Alexandre Aubin)
* Removed unusted socket import (Alexandre Aubin)
## Various fix
### backup
* [fix] Remove check that domain is resolved locally (Alexandre Aubin)
* [fix] Tell user that domain dns-conf shows a recommendation only (Alexandre Aubin)
* [fix] Backup without info.json (#342) (ljf)
* [fix] Make read-only mount bind actually read-only (#343) (ljf)
### dyndns
* Regen dnsmasq conf if it's not up to date :| (Alexandre Aubin)
* [fix] timeout on request to avoid blocking process (Laurent Peuch)
* Put request url in an intermediate variable (Alexandre Aubin)
### other
* clean users.py (Laurent Peuch)
* clean domains.py (Laurent Peuch)
* [enh] add 'yunohost tools shell' (Laurent Peuch)
* Use app_ssowatconf instead of os.system call (Alexandre Aubin)
Thanks to all contributors <3 ! (Bram, ljf, Aleks, opi)
-- Laurent Peuch <cortex@worlddomination.be> Sat, 19 Aug 2017 23:16:44 +0000
yunohost (2.7.0) testing; urgency=low
Thanks to all contributors <3 ! (Bram, Maniack C, ljf, Aleks, JimboJoe, anmol26s, e-lie, Ozhiganov)
Major fixes / improvements
==========================
* [enh] Add a migration framework (#195)
* [enh] Remove m18n (and other globals) black magic (#336)
* [fix] Refactor DNS conf management for domains (#299)
* [enh] Support custom backup methods (#326)
App helpers
===========
* New helper autopurge (#321)
* New helpers ynh_add_fpm_config and ynh_remove_fpm_config (#284)
* New helpers ynh_restore_upgradebackup and ynh_backup_before_upgrade (#289)
* New helpers ynh_add_nginx_config and ynh_remove_nginx_config (#285)
* New helpers ynh_add_systemd_config and ynh_remove_systemd_config (#287)
Smaller fixes / improvements
============================
* [fix] Run change_url scripts as root as a matter of homogeneity (#329)
* [fix] Don't verify SSL during changeurl tests :/ (#332)
* [fix] Depreciation warning for --hooks was always shown (#333)
* [fix] Logrotate append (#328)
* [enh] Check that url is available and normalize path before app install (#304)
* [enh] Check that user is legitimate to use an email adress when sending mail (#330)
* [fix] Properly catch Invalid manifest json with ValueError. (#324)
* [fix] No default backup method (redmine 968) (#339)
* [enh] Add a script to test m18n keys usage (#308)
* [i18] Started russian translation (#340)
-- Alexandre Aubin <alex.aubin@mailoo.org> Mon, 07 Aug 2017 13:16:08 -0400
yunohost (2.6.5) stable; urgency=low
Minor fix
---------
* Do not crash backup restore if archivemount is not there (#325)
-- Alexandre Aubin <alex.aubin@mailoo.org> Wed, 26 Jul 2017 11:56:09 -0400
yunohost (2.6.4) stable; urgency=low
Changes
-------------
* Misc fixes here and there
* [i18n] Update Spanish, German and French translations (#323)
Thanks to all contributors : opi, Maniack C, Alex, JuanuSt, franzos, Jibec, Jeroen and beyercenter !
-- ljf <ljf+yunohost@grimaud.me> Wed, 21 Jun 2017 17:18:00 -0400
yunohost (2.6.3) testing; urgency=low
Major changes
-------------
* [love] Add missing contributors & translators.
* [enh] Introduce global settings (#229)
* [enh] Refactor backup management to pave the way to borg (#275)
* [enh] Changing nginx ciphers to intermediate compatiblity (#298)
* [enh] Use ssl-cert group for certificates, instead of metronome (#222)
* [enh] Allow regen-conf to manage new files already present on the system (#311)
* [apps] New helpers
* ynh_secure_remove (#281)
* ynh_setup_source (#282)
* ynh_webpath_available and ynh_webpath_register (#235)
* ynh_mysql_generate_db and ynh_mysql_remove_db (#236)
* ynh_store_file_checksum and ynh_backup_if_checksum_is_different (#286)
* Misc fixes here and there
* [i18n] Update Spanish, German and French translations (#318)
Thanks to all contributors : Bram, ljf, opi, Maniack C, Alex, JimboJoe, Moul, Jibec, JuanuSt and franzos !
-- Alexandre Aubin <alex.aubin@mailoo.org> Fri, 02 Jun 2017 09:15:05 -0400
yunohost (2.6.2) testing; urgency=low
New Features
------------
* [enh] Allow applications to ship a script to change its url (#185)
* New helper ynh_replace_string (#280)
* New helper ynh_local_curl (#288)
Fixes
-----
* Fix for missing YunoHost tiles (#276)
* [fix] Properly define app upgradability / Fix app part of tools update (#255)
* [fix] Properly manage resolv.conf, dns resolvers and dnsmasq (#290)
* [fix] Add random delay to app fetchlist cron job (#297)
Improvements
-------------
* [fix] Avoid to remove a apt package accidentally (#292)
* [enh] Refactor applist management (#160)
* [enh] Add libnss-mdns as Debian dependency. (#279)
* [enh] ip6.yunohost is now served through HTTPS.
* [enh] Adding new port availability checker (#266)
* [fix] Split checkurl into two functions : availability + booking (#267)
* [enh] Cleaner postinstall logs during CA creation (#250)
* Allow underscore in backup name
* Rewrite text for "appslist_retrieve_bad_format"
* Rewrite text for "certmanager_http_check_timeout"
* Updated Spanish, German, Italian, French, German and Dutch translations
-- Alexandre Aubin <alex.aubin@mailoo.org> Mon, 24 Apr 2017 09:07:51 -0400
yunohost (2.6.1) testing; urgency=low
[ Maniack Crudelis ]
* Hack dégueux pour éviter d'écrire dans le log cli
* [enh] New helpers for equivs use
* [enh] New helpers for logrotate
* Update package
* Restore use of subshell
[ Trollken ]
* [i18n] Translated using Weblate (Portuguese)
[ rokaz ]
* [i18n] Translated using Weblate (Spanish)
* [i18n] Translated using Weblate (French)
[ Jean-Baptiste Holcroft ]
* [i18n] Translated using Weblate (French)
[ rokaz ]
* [i18n] Translated using Weblate (English)
[ Fabian Gruber ]
* [i18n] Translated using Weblate (German)
[ bricabraque ]
* [i18n] Translated using Weblate (Italian)
[ Trollken ]
* [i18n] Translated using Weblate (Portuguese)
[ rokaz ]
* [i18n] Translated using Weblate (Spanish)
[ Fabian Gruber ]
* [i18n] Translated using Weblate (German)
* [i18n] Translated using Weblate (German)
[ bricabraque ]
* [i18n] Translated using Weblate (Italian)
[ Fabian Gruber ]
* [i18n] Translated using Weblate (German)
[ Lapineige ]
* [i18n] Translated using Weblate (French)
[ Laurent Peuch ]
* [enh] upgrade ciphers suit to more secure ones
[ ljf (zamentur) ]
* [fix] Can't use common.sh on restore operation (#246)
[ thardev ]
* show fail2ban logs on admin web interface
[ Maniack Crudelis ]
* Fix ynh_app_dependencies
* Fix ynh_remove_app_dependencies too...
[ Moul ]
* [mod] dnsmasq conf: remove deprecated XMPP DNS record line.
* [fix] dnsmasq conf: remove 'resolv-file' line. - there is no file specified for this line. - dns resolution isn't working on some cases: - metronome could not works. - https://forum.yunohost.org/t/xmpp-cant-connect-to-conference-yunohost-org/2142
[ Laurent Peuch ]
* [enh] defaulting running hook_exec as root
* [mod] change behavior, admin by default, as to explicitly set root as user
* [enh] use root for app related hook_exec
* [mod] remove unused import
* [fix] run missing backup scripts as root
* [enh] run hooks as root
* [mod] try to clean a bit app_list code
[ Alexandre Aubin ]
* Trying to add comments and simplify some overly complicated parts
* Trying to make offset / limit consistent
[ Laurent Peuch ]
* [mod] remove useless addition
* [fix] if a service don't have a 'status' entry, don't list it
* [fix] nsswitch and udisks2 aren't used anymore
* [fix] we don't use bind9, add null entry to remove it from old services.yml
* [enh] add other services to remove
* [fix] launch ssowatconf at the end of a broken install to avoid sso bad state
[ opi ]
* [love] adding thardev to contributors
[ Alexandre Aubin ]
* [enh] Trigger exception during unit tests if string key aint defined (#261)
* Updating ciphers with recommendation from mozilla with modern compatibility
[ Maniack Crudelis ]
* Failed if $1 not set
[ Laurent Peuch ]
* [mod] remove offset/limit from app_list, they aren't used anymore
* [mod] implement ljf comment
[ Maniack Crudelis ]
* Remove use of deprecated helper
[ opi ]
* [enh] Use _get_maindomain helper.
[ Maniack Crudelis ]
* Add app setting
[ opi ]
* [fix] Regenerate SSOwat conf during main_domain operation. #672
[ Maniack Crudelis ]
* Nouveau helper ynh_normalize_url_path (#234)
* Prevent to rewrite the previous control file
[ Alexandre Aubin ]
* Rename ynh_app_dependencies to ynh_install_app_dependencies
[ Maniack Crudelis ]
* [enh] New helper ynh_abort_if_errors (#245)
[ ljf ]
* [fix] Apply cipher suite into webadmin nginx conf
[ Laurent Peuch ]
* [fix] only remove a service if it is setted to null
[ Moul ]
-- Moul <moul@moul.re> Thu, 23 Mar 2017 09:53:06 +0000
yunohost (2.6.0) testing; urgency=low
Important changes
- [enh] Add unit test mechanism (#254)
- [fix] Any address in the range 127.0.0.0/8 is a valid loopback address for localhost
- [enh] include script to reset ldap password (#217)
- [enh] Set main domain as hostname (#219)
- [enh] New bash helpers for app scripts: ynh_system_user_create, ynh_system_user_delete, helper ynh_find_port
Thanks to every contributors (Bram, Aleks, Maniack Crudelis, ZeHiro, opi, julienmalik
Full changes log:
8486f440fb18d513468b696f84c0efe833298d77 [enh] Add unit test mechanism (#254)
45e85fef821bd8c60c9ed1856b3b7741b45e4158 Merge pull request #252 from ZeHiro/fix-785
834cf459dcd544919f893e73c6be6a471c7e0554 Please Bram :D
088abd694e0b0be8c8a9b7d96a3894baaf436459 Merge branch 'testing' into unstable
f80653580cd7be31484496dbe124b88e34ca066b Merge pull request #257 from YunoHost/fix_localhost_address_range
f291d11c844d9e6f532f1ec748a5e1eddb24c2f6 [fix] cert-renew email headers appear as text in the body
accb78271ebefd4130ea23378d6289ac0fa9d0e4 [fix] Any address in the range 127.0.0.0/8 is a valid loopback address
cc4451253917040c3a464dce4c12e9e7cf486b15 Clean app upgrade (#193)
d4feb879d44171447be33a65538503223b4a56fb [enh] include script to reset ldap password (#217)
1d561123b6f6fad1712c795c31409dedc24d0160 [enh] Set main domain as hostname (#219)
0e55b17665cf1cd05c157950cbc5601421910a2e Fixing also get_conf_hashes
035100d6dbcd209dceb68af49b593208179b0595 Merge pull request #251 from YunoHost/uppercase_for_global_variables
f28be91b5d25120aa13d9861b0b3be840f330ac0 [fix] Uppercase global variable even in comment.
5abcaadaeabdd60b40baf6e79fff3273c1dd6108 [fix] handle the case where services[service] is set to null in the services.yml. Fix #785
5d3e1c92126d861605bd209ff56b8b0d77d3ff39 Merge pull request #233 from YunoHost/ynh_find_port
83dca8e7c6ec4efb206140c234f51dfa5b3f3bf7 Merge pull request #237 from YunoHost/ynh_system_user_create_delete
f6c7702dfaf3a7879323a9df60fde6ac58d3aff7 [mod] rename all global variables to uppercase
3804f33b2f712eb067a0fcbb6fb5c60f3a813db4 Merge pull request #159 from YunoHost/clean_app_fetchlist
8b44276af627ec05ac376c57e098716cacd165f9 Merge branch 'testing' into unstable
dea89fc6bb209047058f050352e3c082b9e62f32 Merge pull request #243 from YunoHost/fix-rspamd-rmilter-status
dea6177c070b9176e3955c4f32b8a602977cf424 Merge pull request #244 from YunoHost/fix-unattended-upgrade-syntax
a61445c9c3d231b9248fd247a0dd3345fc0ac6df Checking for 404 error and valid json format
991b64db92e60f3bc92cb1ba4dc25f7e11fb1a8d Merge branch 'unstable' into clean_app_fetchlist
730156dd92bbd1b0c479821ffc829e8d4f3d2019 Using request insteqd of urlretrieve, to have timeout
5b006dbf0e074f4070f6832d2c64f3b306935e3f Adding info/debug message for fetchlist
98d88f2364eda28ddc6b98d45a7fbe2bbbaba3d4 [fix] Unattended upgrades configuration syntax.
7d4aa63c430516f815a8cdfd2f517f79565efe2f [fix] Rspamd & Rmilter are no more sockets
5be13fd07e12d95f05272b9278129da4be0bc2d7 Merge pull request #220 from YunoHost/conf-hashes-logs
901e3df9b604f542f2c460aad05bcc8efc9fd054 Pas de correction de l'argument
cd93427a97378ab635c85c0ae9a1e45132d6245c Retire la commande ynh
abb9f44b87cfed5fa14be9471b536fc27939d920 Nouveaux helpers ynh_system_user_create et ynh_system_user_delete
3e9d086f7ff64f923b2d623df41ec42c88c8a8ef Nouveau helper ynh_find_port
0b6ccaf31a8301b50648ec0ba0473d2190384355 Implementing comments
5b7536cf1036cecee6fcc187b2d1c3f9b7124093 Style for Bram :)
e857f4f0b27d71299c498305b24e4b3f7e4571c4 [mod] Cleaner logs for _get_conf_hashes
99f0f761a5e2737b55f9f8b6ce6094b5fd7fb1ca [mod] include execption into appslist_retrieve_error message
2aab7bdf1bcc6f025c7c5bf618d0402439abd0f4 [mod] simplify code
97128d7d636836068ad6353f331d051121023136 [mod] exception should only be used for exceptional situations and not when buildin functions allow you to do the expected stuff
d9081bddef1b2129ad42b05b28a26cc7680f7d51 [mod] directly use python to retreive json list
c4cecfcea5f51f1f9fb410358386eb5a6782cdb2 [mod] use python instead of os.system
cf3e28786cf829bc042226283399699195e21d79 [mod] remove useless line
-- opi <opi@zeropi.net> Mon, 20 Feb 2017 16:31:52 +0100
yunohost (2.5.6) stable; urgency=low
[ julienmalik ]
* [fix] Any address in the range 127.0.0.0/8 is a valid loopback address
[ opi ]
* [fix] Update Rmilter configuration to fix dkim signing.
-- opi <opi@zeropi.net> Sat, 18 Feb 2017 15:51:13 +0100
yunohost (2.5.5) stable; urgency=low
Hotfix release
[ ljf ]
* [fix] Permission issue on install of some apps 778
-- opi <opi@zeropi.net> Thu, 09 Feb 2017 22:27:08 +0100
yunohost (2.5.4) stable; urgency=low
[ Maniack Crudelis ]
* Remove helper ynh_mkdir_tmp
* Update filesystem
[ opi ]
* [enh] Add warning about deprecated ynh_mkdir_tmp helper
* [enh] Increase fail2ban maxretry on user login, narrow nginx log files
[ Juanu ]
* [i18n] Translated using Weblate (Spanish)
[ Jean-Baptiste Holcroft ]
* [i18n] Translated using Weblate (French)
[ Laurent Peuch ]
* [mod] start putting timeout in certificate code
[ Alexandre Aubin ]
* Implement timeout exceptions
* Implementing opi's comments
[ JimboJoe ]
* ynh_backup: Fix error message when source path doesn't exist
[ paddy ]
* [i18n] Translated using Weblate (Spanish)
* [i18n] Translated using Weblate (French)
-- opi <opi@zeropi.net> Thu, 02 Feb 2017 11:24:55 +0100
yunohost (2.5.3.1) testing; urgency=low
* super quickfix release for a typo that break LE certificates
-- Laurent Peuch <cortex@worlddomination.be> Tue, 10 Jan 2017 02:58:56 +0100
yunohost (2.5.3) testing; urgency=low
Love:
* [enh][love] Add CONTRIBUTORS.md
LE:
* Check acme challenge conf exists in nginx when renewing cert
* Fix bad validity check..
Fix a situation where to domain for the LE cert can't be locally resolved:
* Adding check that domain is resolved locally for cert management
* Changing the way to check domain is locally resolved
Fix a situation where a cert could end up with bad perms for metronome:
* Attempt to fix missing perm for metronome in weird cases
Rspamd cannot be activate on socket anymore:
* [fix] new rspamd version replace rspamd.socket with rspamd.service
* [fix] Remove residual rmilter socket file
* [fix] Postfix can't access rmilter socket due to chroot
Various:
* fix fail2ban rules to take into account failed loggin on ssowat
* [fix] Ignore dyndns option is not needed with small domain
* [enh] add yaml syntax check in travis.yml
* [mod] autopep8 on all files that aren't concerned by a PR
* [fix] add timeout to fetchlist's wget
Thanks to all contributors: Aleks, Bram, ju, ljf, opi, zimo2001 and to the
people who are participating to the beta and giving us feedback <3
-- Laurent Peuch <cortex@worlddomination.be> Mon, 09 Jan 2017 18:38:30 +0100
yunohost (2.5.2) testing; urgency=low
LDAP admin user:
* [fix] wait for admin user to be available after a slapd regen-conf, this fix install on slow hardware/vps
Dovecot/emails:
* [enh] reorder dovecot main configuration so that it is easier to read and extend
* [enh] Allow for dovecot configuration extensions
* [fix] Can't get mailbos used space if dovecot is down
Backup:
* [fix] Need to create archives_path even for custom output directory
* Keep track of backups with custom directory using symlinks
Security:
* [fix] Improve dnssec key generation on low entropy devices
* [enh] Add haveged as dependency
Random broken app installed on slow hardware:
* [enh] List available domains when installing an app by CLI.
Translation:
* French by Jibec and Genma
* German by Philip Gatzka
* Hindi by Anmol
* Spanish by Juanu
Other fixes and improvements:
* [enh] remove timeout from cli interface
* [fix] [#662](https://dev.yunohost.org/issues/662): missing 'python-openssl' dependency for Let's Encrypt integration.
* [fix] --no-remove-on-failure for app install should behave as a flag.
* [fix] don't remove trailing char if it's not a slash
Thanks to all contributors: Aleks, alex, Anmol, Bram, Genma, jibec, ju,
Juanu, ljf, Moul, opi, Philip Gatzka and to the people who are participating
to the beta and giving us feedback <3
-- Laurent Peuch <cortex@worlddomination.be> Fri, 16 Dec 2016 00:49:08 +0100
yunohost (2.5.1) testing; urgency=low
* [fix] Raise error on malformed SSOwat persistent conf.
* [enh] Catch SSOwat persistent configuration write error.
* [fix] Write SSOwat configuration file only if needed.
* [enh] Display full exception error message.
* [enh] cli option to avoid removing an application on installation failure
* [mod] give instructions on how to solve the conf.json.persistant parsing error
* [fix] avoid random bug on post-install due to nscd cache
* [enh] Adding check that user is actually created + minor refactor of ldap/auth init
* [fix] Fix the way name of self-CA is determined
* [fix] Add missing dependency to nscd package #656
* [fix] Refactoring tools_maindomain and disabling removal of main domain to avoid breaking things
* [fix] Bracket in passwd from ynh_string_random
Thanks to all contributors: Aleks, Bram, ju, jibec, ljf, M5oul, opi
-- Laurent Peuch <cortex@worlddomination.be> Sun, 11 Dec 2016 15:26:21 +0100
yunohost (2.5.0) testing; urgency=low
* Certificate management integration (e.g. Let's Encrypt certificate install)
* [fix] Support git ynh app with submodules #533 (#174)
* [enh] display file path on file_not_exist error
* [mod] move a part of os.system calls to native shutil/os
* [fix] Can't restore app on a root domain
Miscellaneous
* Update backup.py
* [mod] autopep8
* [mod] trailing spaces
* [mod] pep8
* [mod] remove useless imports
* [mod] more pythonic and explicit tests with more verbose errors
* [fix] correctly handle all cases
* [mod] simplier condition
* [fix] uses https
* [mod] uses logger string concatenation api
* [mod] small opti, getting domain list can be slow
* [mod] pylint
* [mod] os.path.join
* [mod] remove useless assign
* [enh] include tracebak into error email
* [mod] remove the summary code concept and switch to code/verbose duet instead
* [mod] I only need to reload nginx, not restart it
* [mod] top level constants should be upper case (pep8)
* Check that the DNS A record matches the global IP now using dnspython and FDN's DNS
* Refactored the self-signed cert generation, some steps were overly complicated for no reason
* Using a single generic skipped regex for acme challenge in ssowat conf
* Adding an option to use the staging Let's Encrypt CA, sort of a dry-run
* [enh] Complete readme (#183)
* [fix] avoid reverse order log display on web admin
Thanks to all contributors: Aleks, Bram, JimboJoe, ljf, M5oul
Kudos to Aleks for leading the Let's Encrypt integration to YunoHost core \o/
-- opi <opi@zeropi.net> Thu, 01 Dec 2016 21:22:19 +0100
yunohost (2.4.2) stable; urgency=low
[ Laurent Peuch ]

26
debian/control vendored
View file

@ -10,25 +10,27 @@ Homepage: https://yunohost.org/
Package: yunohost
Architecture: all
Depends: ${python:Depends}, ${misc:Depends}
, moulinette (>= 2.3.5.1)
, python-psutil, python-requests, python-dnspython
, python-apt, python-miniupnpc, python-cracklib
, moulinette (>= 2.7.1), ssowat (>= 2.7.1)
, python-psutil, python-requests, python-dnspython, python-openssl
, python-apt, python-miniupnpc, python-dbus, python-jinja2, python-cracklib
, glances
, dnsutils, bind9utils, unzip, git, curl, cron
, dnsutils, bind9utils, unzip, git, curl, cron, wget
, ca-certificates, netcat-openbsd, iproute
, mariadb-server | mysql-server, php5-mysql | php5-mysqlnd
, slapd, ldap-utils, sudo-ldap, libnss-ldapd
, postfix-ldap, postfix-policyd-spf-perl, postfix-pcre, procmail
, mariadb-server, php-mysql | php-mysqlnd
, slapd, ldap-utils, sudo-ldap, libnss-ldapd, unscd
, postfix-ldap, postfix-policyd-spf-perl, postfix-pcre, procmail, mailutils, postsrsd
, dovecot-ldap, dovecot-lmtpd, dovecot-managesieved
, dovecot-antispam, fail2ban
, nginx-extras (>=1.6.2), php5-fpm, php5-ldap, php5-intl
, dnsmasq, openssl, avahi-daemon
, ssowat, metronome
, rspamd (>= 1.2.0), rmilter (>=1.7.0), redis-server, opendkim-tools
, nginx-extras (>=1.6.2), php-fpm, php-ldap, php-intl
, dnsmasq, openssl, avahi-daemon, libnss-mdns, resolvconf, libnss-myhostname
, metronome
, rspamd (>= 1.6.0), redis-server, opendkim-tools
, haveged
, equivs
Recommends: yunohost-admin
, openssh-server, ntp, inetutils-ping | iputils-ping
, bash-completion, rsyslog, etckeeper
, php5-gd, php5-curl, php-gettext, php5-mcrypt
, php-gd, php-curl, php-gettext, php-mcrypt
, python-pip
, unattended-upgrades
, libdbd-ldap-perl, libnet-dns-perl

2
debian/install vendored
View file

@ -1,7 +1,9 @@
bin/* /usr/bin/
sbin/* /usr/sbin/
data/bash-completion.d/yunohost /etc/bash_completion.d/
data/actionsmap/* /usr/share/moulinette/actionsmap/
data/hooks/* /usr/share/yunohost/hooks/
data/other/yunoprompt.service /etc/systemd/system/
data/other/* /usr/share/yunohost/yunohost-config/moulinette/
data/templates/* /usr/share/yunohost/templates/
data/helpers /usr/share/yunohost/

6
debian/postinst vendored
View file

@ -14,6 +14,9 @@ do_configure() {
echo "Regenerating configuration, this might take a while..."
yunohost service regen-conf --output-as none
echo "Launching migrations.."
yunohost tools migrations migrate --auto
# restart yunohost-firewall if it's running
service yunohost-firewall status >/dev/null \
&& restart_yunohost_firewall \
@ -21,6 +24,9 @@ do_configure() {
"consider to start it by doing 'service yunohost-firewall start'."
fi
# Yunoprompt
systemctl enable yunoprompt.service
# remove old PAM config and update it
[[ ! -f /usr/share/pam-configs/my_mkhomedir ]] \
|| rm /usr/share/pam-configs/my_mkhomedir

9
debian/postrm vendored
View file

@ -1,11 +1,20 @@
#!/bin/bash
# See https://manpages.debian.org/testing/dpkg-dev/deb-postrm.5.en.html
# to understand when / how this script is called...
set -e
if [ "$1" = "purge" ]; then
update-rc.d yunohost-firewall remove >/dev/null
rm -f /etc/yunohost/installed
fi
if [ "$1" = "remove" ]; then
rm -f /etc/yunohost/installed
fi
#DEBHELPER#
exit 0

384
locales/ar.json Normal file
View file

@ -0,0 +1,384 @@
{
"action_invalid": "إجراء غير صالح '{action:s}'",
"admin_password": "كلمة السر الإدارية",
"admin_password_change_failed": "تعذرت عملية تعديل كلمة السر",
"admin_password_changed": "تم تعديل الكلمة السرية الإدارية",
"app_already_installed": "{app:s} تم تنصيبه مِن قبل",
"app_already_installed_cant_change_url": "",
"app_already_up_to_date": "{app:s} تم تحديثه مِن قَبل",
"app_argument_choice_invalid": "",
"app_argument_invalid": "",
"app_argument_required": "",
"app_change_no_change_url_script": "",
"app_change_url_failed_nginx_reload": "",
"app_change_url_identical_domains": "The old and new domain/url_path are identical ('{domain:s}{path:s}'), nothing to do.",
"app_change_url_no_script": "This application '{app_name:s}' doesn't support url modification yet. Maybe you should upgrade the application.",
"app_change_url_success": "Successfully changed {app:s} url to {domain:s}{path:s}",
"app_extraction_failed": "تعذر فك الضغط عن ملفات التنصيب",
"app_id_invalid": "Invalid app id",
"app_incompatible": "إن التطبيق {app} غير متوافق مع إصدار واي يونوهوست YunoHost الخاص بك",
"app_install_files_invalid": "ملفات التنصيب خاطئة",
"app_location_already_used": "The app '{app}' is already installed on that location ({path})",
"app_make_default_location_already_used": "Can't make the app '{app}' the default on the domain {domain} is already used by the other app '{other_app}'",
"app_location_install_failed": "Unable to install the app in this location because it conflit with the app '{other_app}' already installed on '{other_path}'",
"app_location_unavailable": "This url is not available or conflicts with an already installed app",
"app_manifest_invalid": "Invalid app manifest: {error}",
"app_no_upgrade": "البرمجيات لا تحتاج إلى تحديث",
"app_not_correctly_installed": "يبدو أن التطبيق {app:s} لم يتم تنصيبه بشكل صحيح",
"app_not_installed": "إنّ التطبيق {app:s} غير مُنصَّب",
"app_not_properly_removed": "لم يتم حذف تطبيق {app:s} بشكلٍ جيّد",
"app_package_need_update": "The app {app} package needs to be updated to follow YunoHost changes",
"app_removed": "تمت إزالة تطبيق {app:s}",
"app_requirements_checking": "جار فحص الحزم اللازمة لـ {app} ...",
"app_requirements_failed": "Unable to meet requirements for {app}: {error}",
"app_requirements_unmeet": "Requirements are not met for {app}, the package {pkgname} ({version}) must be {spec}",
"app_sources_fetch_failed": "تعذرت عملية جلب مصادر الملفات",
"app_unknown": "برنامج مجهول",
"app_unsupported_remote_type": "Unsupported remote type used for the app",
"app_upgrade_app_name": "جارٍ تحديث برنامج {app}...",
"app_upgrade_failed": "تعذرت عملية ترقية {app:s}",
"app_upgrade_some_app_failed": "تعذرت عملية ترقية بعض البرمجيات",
"app_upgraded": "تم تحديث التطبيق {app:s}",
"appslist_corrupted_json": "Could not load the application lists. It looks like {filename:s} is corrupted.",
"appslist_could_not_migrate": "Could not migrate app list {appslist:s} ! Unable to parse the url... The old cron job has been kept in {bkp_file:s}.",
"appslist_fetched": "تم جلب قائمة تطبيقات {appslist:s}",
"appslist_migrating": "Migrating application list {appslist:s} ...",
"appslist_name_already_tracked": "There is already a registered application list with name {name:s}.",
"appslist_removed": "تم حذف قائمة البرمجيات {appslist:s}",
"appslist_retrieve_bad_format": "Retrieved file for application list {appslist:s} is not valid",
"appslist_retrieve_error": "Unable to retrieve the remote application list {appslist:s}: {error:s}",
"appslist_unknown": "قائمة البرمجيات {appslist:s} مجهولة.",
"appslist_url_already_tracked": "There is already a registered application list with url {url:s}.",
"ask_current_admin_password": "كلمة السر الإدارية الحالية",
"ask_email": "عنوان البريد الإلكتروني",
"ask_firstname": "الإسم",
"ask_lastname": "اللقب",
"ask_list_to_remove": "القائمة المختارة للحذف",
"ask_main_domain": "النطاق الرئيسي",
"ask_new_admin_password": "كلمة السر الإدارية الجديدة",
"ask_password": "كلمة السر",
"ask_path": "المسار",
"backup_abstract_method": "This backup method hasn't yet been implemented",
"backup_action_required": "You must specify something to save",
"backup_app_failed": "Unable to back up the app '{app:s}'",
"backup_applying_method_borg": "Sending all files to backup into borg-backup repository...",
"backup_applying_method_copy": "جارٍ نسخ كافة الملفات إلى النسخة الإحتياطية …",
"backup_applying_method_custom": "Calling the custom backup method '{method:s}'...",
"backup_applying_method_tar": "Creating the backup tar archive...",
"backup_archive_app_not_found": "App '{app:s}' not found in the backup archive",
"backup_archive_broken_link": "Unable to access backup archive (broken link to {path:s})",
"backup_archive_mount_failed": "Mounting the backup archive failed",
"backup_archive_name_exists": "The backup's archive name already exists",
"backup_archive_name_unknown": "Unknown local backup archive named '{name:s}'",
"backup_archive_open_failed": "Unable to open the backup archive",
"backup_archive_system_part_not_available": "System part '{part:s}' not available in this backup",
"backup_archive_writing_error": "Unable to add files to backup into the compressed archive",
"backup_ask_for_copying_if_needed": "Some files couldn't be prepared to be backuped using the method that avoid to temporarily waste space on the system. To perform the backup, {size:s}MB should be used temporarily. Do you agree?",
"backup_borg_not_implemented": "Borg backup method is not yet implemented",
"backup_cant_mount_uncompress_archive": "Unable to mount in readonly mode the uncompress archive directory",
"backup_cleaning_failed": "Unable to clean-up the temporary backup directory",
"backup_copying_to_organize_the_archive": "Copying {size:s}MB to organize the archive",
"backup_couldnt_bind": "Couldn't bind {src:s} to {dest:s}.",
"backup_created": "تم إنشاء النسخة الإحتياطية",
"backup_creating_archive": "Creating the backup archive...",
"backup_creation_failed": "Backup creation failed",
"backup_csv_addition_failed": "Unable to add files to backup into the CSV file",
"backup_csv_creation_failed": "Unable to create the CSV file needed for future restore operations",
"backup_custom_backup_error": "Custom backup method failure on 'backup' step",
"backup_custom_mount_error": "Custom backup method failure on 'mount' step",
"backup_custom_need_mount_error": "Custom backup method failure on 'need_mount' step",
"backup_delete_error": "Unable to delete '{path:s}'",
"backup_deleted": "The backup has been deleted",
"backup_extracting_archive": "Extracting the backup archive...",
"backup_hook_unknown": "Backup hook '{hook:s}' unknown",
"backup_invalid_archive": "نسخة إحتياطية غير صالحة",
"backup_method_borg_finished": "Backup into borg finished",
"backup_method_copy_finished": "إنتهت عملية النسخ الإحتياطي",
"backup_method_custom_finished": "Custom backup method '{method:s}' finished",
"backup_method_tar_finished": "Backup tar archive created",
"backup_no_uncompress_archive_dir": "Uncompress archive directory doesn't exist",
"backup_nothings_done": "ليس هناك أي شيء للحفظ",
"backup_output_directory_forbidden": "Forbidden output directory. Backups can't be created in /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var or /home/yunohost.backup/archives sub-folders",
"backup_output_directory_not_empty": "The output directory is not empty",
"backup_output_directory_required": "يتوجب عليك تحديد مجلد لتلقي النسخ الإحتياطية",
"backup_output_symlink_dir_broken": "You have a broken symlink instead of your archives directory '{path:s}'. You may have a specific setup to backup your data on an other filesystem, in this case you probably forgot to remount or plug your hard dirve or usb key.",
"backup_running_app_script": "Running backup script of app '{app:s}'...",
"backup_running_hooks": "Running backup hooks...",
"backup_system_part_failed": "Unable to backup the '{part:s}' system part",
"backup_unable_to_organize_files": "Unable to organize files in the archive with the quick method",
"backup_with_no_backup_script_for_app": "App {app:s} has no backup script. Ignoring.",
"backup_with_no_restore_script_for_app": "App {app:s} has no restore script, you won't be able to automatically restore the backup of this app.",
"certmanager_acme_not_configured_for_domain": "Certificate for domain {domain:s} does not appear to be correctly installed. Please run cert-install for this domain first.",
"certmanager_attempt_to_renew_nonLE_cert": "The certificate for domain {domain:s} is not issued by Let's Encrypt. Cannot renew it automatically!",
"certmanager_attempt_to_renew_valid_cert": "The certificate for domain {domain:s} is not about to expire! Use --force to bypass",
"certmanager_attempt_to_replace_valid_cert": "You are attempting to overwrite a good and valid certificate for domain {domain:s}! (Use --force to bypass)",
"certmanager_cannot_read_cert": "Something wrong happened when trying to open current certificate for domain {domain:s} (file: {file:s}), reason: {reason:s}",
"certmanager_cert_install_success": "تمت عملية تنصيب شهادة Let's Encrypt بنجاح على النطاق {domain:s} !",
"certmanager_cert_install_success_selfsigned": "Successfully installed a self-signed certificate for domain {domain:s}!",
"certmanager_cert_renew_success": "نجحت عملية تجديد شهادة Let's Encrypt الخاصة باسم النطاق {domain:s} !",
"certmanager_cert_signing_failed": "فشل إجراء توقيع الشهادة الجديدة",
"certmanager_certificate_fetching_or_enabling_failed": "Sounds like enabling the new certificate for {domain:s} failed somehow...",
"certmanager_conflicting_nginx_file": "Unable to prepare domain for ACME challenge: the nginx configuration file {filepath:s} is conflicting and should be removed first",
"certmanager_couldnt_fetch_intermediate_cert": "Timed out when trying to fetch intermediate certificate from Let's Encrypt. Certificate installation/renewal aborted - please try again later.",
"certmanager_domain_cert_not_selfsigned": "The certificate for domain {domain:s} is not self-signed. Are you sure you want to replace it? (Use --force)",
"certmanager_domain_dns_ip_differs_from_public_ip": "The DNS 'A' record for domain {domain:s} is different from this server IP. If you recently modified your A record, please wait for it to propagate (some DNS propagation checkers are available online). (If you know what you are doing, use --no-checks to disable those checks.)",
"certmanager_domain_http_not_working": "It seems that the domain {domain:s} cannot be accessed through HTTP. Please check your DNS and nginx configuration is okay",
"certmanager_domain_not_resolved_locally": "The domain {domain:s} cannot be resolved from inside your Yunohost server. This might happen if you recently modified your DNS record. If so, please wait a few hours for it to propagate. If the issue persists, consider adding {domain:s} to /etc/hosts. (If you know what you are doing, use --no-checks to disable those checks.)",
"certmanager_domain_unknown": "النطاق مجهول {domain:s}",
"certmanager_error_no_A_record": "No DNS 'A' record found for {domain:s}. You need to make your domain name point to your machine to be able to install a Let's Encrypt certificate! (If you know what you are doing, use --no-checks to disable those checks.)",
"certmanager_hit_rate_limit": "Too many certificates already issued for exact set of domains {domain:s} recently. Please try again later. See https://letsencrypt.org/docs/rate-limits/ for more details",
"certmanager_http_check_timeout": "Timed out when server tried to contact itself through HTTP using public IP address (domain {domain:s} with ip {ip:s}). You may be experiencing hairpinning issue or the firewall/router ahead of your server is misconfigured.",
"certmanager_no_cert_file": "تعذرت عملية قراءة شهادة نطاق {domain:s} (الملف : {file:s})",
"certmanager_old_letsencrypt_app_detected": "",
"certmanager_self_ca_conf_file_not_found": "Configuration file not found for self-signing authority (file: {file:s})",
"certmanager_unable_to_parse_self_CA_name": "Unable to parse name of self-signing authority (file: {file:s})",
"custom_app_url_required": "You must provide a URL to upgrade your custom app {app:s}",
"custom_appslist_name_required": "You must provide a name for your custom app list",
"diagnosis_debian_version_error": "لم نتمكن من العثور على إصدار ديبيان : {error}",
"diagnosis_kernel_version_error": "Can't retrieve kernel version: {error}",
"diagnosis_monitor_disk_error": "Can't monitor disks: {error}",
"diagnosis_monitor_network_error": "Can't monitor network: {error}",
"diagnosis_monitor_system_error": "Can't monitor system: {error}",
"diagnosis_no_apps": "لم تقم بتنصيب أية تطبيقات بعد",
"dnsmasq_isnt_installed": "dnsmasq does not seem to be installed, please run 'apt-get remove bind9 && apt-get install dnsmasq'",
"domain_cannot_remove_main": "Cannot remove main domain. Set a new main domain first",
"domain_cert_gen_failed": "Unable to generate certificate",
"domain_created": "تم إنشاء النطاق",
"domain_creation_failed": "تعذرت عملية إنشاء النطاق",
"domain_deleted": "تم حذف النطاق",
"domain_deletion_failed": "Unable to delete domain",
"domain_dns_conf_is_just_a_recommendation": "This command shows you what is the *recommended* configuration. It does not actually set up the DNS configuration for you. It is your responsability to configure your DNS zone in your registrar according to this recommendation.",
"domain_dyndns_already_subscribed": "You've already subscribed to a DynDNS domain",
"domain_dyndns_dynette_is_unreachable": "Unable to reach YunoHost dynette, either your YunoHost is not correctly connected to the internet or the dynette server is down. Error: {error}",
"domain_dyndns_invalid": "Invalid domain to use with DynDNS",
"domain_dyndns_root_unknown": "Unknown DynDNS root domain",
"domain_exists": "Domain already exists",
"domain_hostname_failed": "Failed to set new hostname",
"domain_uninstall_app_first": "One or more apps are installed on this domain. Please uninstall them before proceeding to domain removal",
"domain_unknown": "النطاق مجهول",
"domain_zone_exists": "DNS zone file already exists",
"domain_zone_not_found": "DNS zone file not found for domain {:s}",
"domains_available": "النطاقات المتوفرة :",
"done": "تم",
"downloading": "عملية التنزيل جارية …",
"dyndns_could_not_check_provide": "Could not check if {provider:s} can provide {domain:s}.",
"dyndns_cron_installed": "The DynDNS cron job has been installed",
"dyndns_cron_remove_failed": "Unable to remove the DynDNS cron job",
"dyndns_cron_removed": "The DynDNS cron job has been removed",
"dyndns_ip_update_failed": "Unable to update IP address on DynDNS",
"dyndns_ip_updated": "Your IP address has been updated on DynDNS",
"dyndns_key_generating": "DNS key is being generated, it may take a while...",
"dyndns_key_not_found": "DNS key not found for the domain",
"dyndns_no_domain_registered": "No domain has been registered with DynDNS",
"dyndns_registered": "The DynDNS domain has been registered",
"dyndns_registration_failed": "Unable to register DynDNS domain: {error:s}",
"dyndns_domain_not_provided": "Dyndns provider {provider:s} cannot provide domain {domain:s}.",
"dyndns_unavailable": "Domain {domain:s} is not available.",
"executing_command": "Executing command '{command:s}'...",
"executing_script": "Executing script '{script:s}'...",
"extracting": "عملية فك الضغط جارية …",
"field_invalid": "Invalid field '{:s}'",
"firewall_reload_failed": "Unable to reload the firewall",
"firewall_reloaded": "The firewall has been reloaded",
"firewall_rules_cmd_failed": "Some firewall rules commands have failed. For more information, see the log.",
"format_datetime_short": "%m/%d/%Y %I:%M %p",
"global_settings_bad_choice_for_enum": "Bad value for setting {setting:s}, received {received_type:s}, except {expected_type:s}",
"global_settings_bad_type_for_setting": "Bad type for setting {setting:s}, received {received_type:s}, except {expected_type:s}",
"global_settings_cant_open_settings": "Failed to open settings file, reason: {reason:s}",
"global_settings_cant_serialize_settings": "Failed to serialize settings data, reason: {reason:s}",
"global_settings_cant_write_settings": "Failed to write settings file, reason: {reason:s}",
"global_settings_key_doesnt_exists": "The key '{settings_key:s}' doesn't exists in the global settings, you can see all the available keys by doing 'yunohost settings list'",
"global_settings_reset_success": "Success. Your previous settings have been backuped in {path:s}",
"global_settings_setting_example_bool": "Example boolean option",
"global_settings_setting_example_enum": "Example enum option",
"global_settings_setting_example_int": "Example int option",
"global_settings_setting_example_string": "Example string option",
"global_settings_unknown_setting_from_settings_file": "Unknown key in settings: '{setting_key:s}', discarding it and save it in /etc/yunohost/unkown_settings.json",
"global_settings_unknown_type": "Unexpected situation, the setting {setting:s} appears to have the type {unknown_type:s} but it's not a type supported by the system.",
"hook_exec_failed": "Script execution failed: {path:s}",
"hook_exec_not_terminated": "Script execution hasnt terminated: {path:s}",
"hook_list_by_invalid": "Invalid property to list hook by",
"hook_name_unknown": "Unknown hook name '{name:s}'",
"installation_complete": "إكتملت عملية التنصيب",
"installation_failed": "Installation failed",
"invalid_url_format": "Invalid URL format",
"ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it",
"iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it",
"ldap_init_failed_to_create_admin": "LDAP initialization failed to create admin user",
"ldap_initialized": "LDAP has been initialized",
"license_undefined": "undefined",
"mail_alias_remove_failed": "Unable to remove mail alias '{mail:s}'",
"mail_domain_unknown": "Unknown mail address domain '{domain:s}'",
"mail_forward_remove_failed": "Unable to remove mail forward '{mail:s}'",
"mailbox_used_space_dovecot_down": "Dovecot mailbox service need to be up, if you want to get mailbox used space",
"maindomain_change_failed": "Unable to change the main domain",
"maindomain_changed": "The main domain has been changed",
"migrate_tsig_end": "Migration to hmac-sha512 finished",
"migrate_tsig_failed": "Migrating the dyndns domain {domain} to hmac-sha512 failed, rolling back. Error: {error_code} - {error}",
"migrate_tsig_start": "Not secure enough key algorithm detected for TSIG signature of domain '{domain}', initiating migration to the more secure one hmac-sha512",
"migrate_tsig_wait": "Let's wait 3min for the dyndns server to take the new key into account...",
"migrate_tsig_wait_2": "دقيقتين …",
"migrate_tsig_wait_3": "دقيقة واحدة …",
"migrate_tsig_wait_4": "30 ثانية …",
"migrate_tsig_not_needed": "You do not appear to use a dyndns domain, so no migration is needed !",
"migrations_backward": "Migrating backward.",
"migrations_bad_value_for_target": "Invalid number for target argument, available migrations numbers are 0 or {}",
"migrations_cant_reach_migration_file": "Can't access migrations files at path %s",
"migrations_current_target": "Migration target is {}",
"migrations_error_failed_to_load_migration": "ERROR: failed to load migration {number} {name}",
"migrations_forward": "Migrating forward",
"migrations_loading_migration": "Loading migration {number} {name}...",
"migrations_migration_has_failed": "Migration {number} {name} has failed with exception {exception}, aborting",
"migrations_no_migrations_to_run": "No migrations to run",
"migrations_show_currently_running_migration": "Running migration {number} {name}...",
"migrations_show_last_migration": "Last ran migration is {}",
"migrations_skip_migration": "Skipping migration {number} {name}...",
"monitor_disabled": "The server monitoring has been disabled",
"monitor_enabled": "The server monitoring has been enabled",
"monitor_glances_con_failed": "Unable to connect to Glances server",
"monitor_not_enabled": "Server monitoring is not enabled",
"monitor_period_invalid": "Invalid time period",
"monitor_stats_file_not_found": "Statistics file not found",
"monitor_stats_no_update": "No monitoring statistics to update",
"monitor_stats_period_unavailable": "No available statistics for the period",
"mountpoint_unknown": "Unknown mountpoint",
"mysql_db_creation_failed": "MySQL database creation failed",
"mysql_db_init_failed": "MySQL database init failed",
"mysql_db_initialized": "The MySQL database has been initialized",
"network_check_mx_ko": "DNS MX record is not set",
"network_check_smtp_ko": "Outbound mail (SMTP port 25) seems to be blocked by your network",
"network_check_smtp_ok": "Outbound mail (SMTP port 25) is not blocked",
"new_domain_required": "You must provide the new main domain",
"no_appslist_found": "No app list found",
"no_internet_connection": "Server is not connected to the Internet",
"no_ipv6_connectivity": "IPv6 connectivity is not available",
"no_restore_script": "No restore script found for the app '{app:s}'",
"not_enough_disk_space": "Not enough free disk space on '{path:s}'",
"package_not_installed": "Package '{pkgname}' is not installed",
"package_unexpected_error": "An unexpected error occurred processing the package '{pkgname}'",
"package_unknown": "Unknown package '{pkgname}'",
"packages_no_upgrade": "لا يوجد هناك أية حزمة بحاجة إلى تحديث",
"packages_upgrade_critical_later": "Critical packages ({packages:s}) will be upgraded later",
"packages_upgrade_failed": "Unable to upgrade all of the packages",
"path_removal_failed": "Unable to remove path {:s}",
"pattern_backup_archive_name": "Must be a valid filename with max 30 characters, and alphanumeric and -_. characters only",
"pattern_domain": "يتوجب أن يكون إسم نطاق صالح (مثل my-domain.org)",
"pattern_email": "يتوجب أن يكون عنوان بريد إلكتروني صالح (مثل someone@domain.org)",
"pattern_firstname": "Must be a valid first name",
"pattern_lastname": "Must be a valid last name",
"pattern_listname": "Must be alphanumeric and underscore characters only",
"pattern_mailbox_quota": "Must be a size with b/k/M/G/T suffix or 0 to disable the quota",
"pattern_password": "يتوجب أن تكون مكونة من 3 حروف على الأقل",
"pattern_port": "يجب أن يكون رقم منفذ صالح (مثال 0-65535)",
"pattern_port_or_range": "Must be a valid port number (i.e. 0-65535) or range of ports (e.g. 100:200)",
"pattern_positive_number": "يجب أن يكون عددا إيجابيا",
"pattern_username": "Must be lower-case alphanumeric and underscore characters only",
"port_already_closed": "Port {port:d} is already closed for {ip_version:s} connections",
"port_already_opened": "Port {port:d} is already opened for {ip_version:s} connections",
"port_available": "المنفذ {port:d} متوفر",
"port_unavailable": "Port {port:d} is not available",
"restore_action_required": "You must specify something to restore",
"restore_already_installed_app": "An app is already installed with the id '{app:s}'",
"restore_app_failed": "Unable to restore the app '{app:s}'",
"restore_cleaning_failed": "Unable to clean-up the temporary restoration directory",
"restore_complete": "Restore complete",
"restore_confirm_yunohost_installed": "Do you really want to restore an already installed system? [{answers:s}]",
"restore_extracting": "فك الضغط عن الملفات التي نحتاجها من النسخة الإحتياطية ...",
"restore_failed": "Unable to restore the system",
"restore_hook_unavailable": "Restoration script for '{part:s}' not available on your system and not in the archive either",
"restore_may_be_not_enough_disk_space": "Your system seems not to have enough disk space (freespace: {free_space:d} B, needed space: {needed_space:d} B, security margin: {margin:d} B)",
"restore_mounting_archive": "تنصيب النسخة الإحتياطية على المسار '{path:s}'",
"restore_not_enough_disk_space": "Not enough disk space (freespace: {free_space:d} B, needed space: {needed_space:d} B, security margin: {margin:d} B)",
"restore_nothings_done": "Nothing has been restored",
"restore_removing_tmp_dir_failed": "Unable to remove an old temporary directory",
"restore_running_app_script": "Running restore script of app '{app:s}'...",
"restore_running_hooks": "Running restoration hooks...",
"restore_system_part_failed": "Unable to restore the '{part:s}' system part",
"server_shutdown": "سوف ينطفئ الخادوم",
"server_shutdown_confirm": "سوف ينطفئ الخادوم حالا. متأكد ؟ [{answers:s}]",
"server_reboot": "The server will reboot",
"server_reboot_confirm": "The server will reboot immediatly, are you sure? [{answers:s}]",
"service_add_failed": "تعذرت إضافة خدمة '{service:s}'",
"service_added": "The service '{service:s}' has been added",
"service_already_started": "Service '{service:s}' has already been started",
"service_already_stopped": "Service '{service:s}' has already been stopped",
"service_cmd_exec_failed": "Unable to execute command '{command:s}'",
"service_conf_file_backed_up": "The configuration file '{conf}' has been backed up to '{backup}'",
"service_conf_file_copy_failed": "Unable to copy the new configuration file '{new}' to '{conf}'",
"service_conf_file_kept_back": "The configuration file '{conf}' is expected to be deleted by service {service} but has been kept back.",
"service_conf_file_manually_modified": "The configuration file '{conf}' has been manually modified and will not be updated",
"service_conf_file_manually_removed": "The configuration file '{conf}' has been manually removed and will not be created",
"service_conf_file_remove_failed": "Unable to remove the configuration file '{conf}'",
"service_conf_file_removed": "The configuration file '{conf}' has been removed",
"service_conf_file_updated": "The configuration file '{conf}' has been updated",
"service_conf_new_managed_file": "The configuration file '{conf}' is now managed by the service {service}.",
"service_conf_up_to_date": "The configuration is already up-to-date for service '{service}'",
"service_conf_updated": "The configuration has been updated for service '{service}'",
"service_conf_would_be_updated": "The configuration would have been updated for service '{service}'",
"service_disable_failed": "",
"service_disabled": "The service '{service:s}' has been disabled",
"service_enable_failed": "",
"service_enabled": "تم تنشيط خدمة '{service:s}'",
"service_no_log": "ليس لخدمة '{service:s}' أي سِجلّ للعرض",
"service_regenconf_dry_pending_applying": "Checking pending configuration which would have been applied for service '{service}'...",
"service_regenconf_failed": "Unable to regenerate the configuration for service(s): {services}",
"service_regenconf_pending_applying": "Applying pending configuration for service '{service}'...",
"service_remove_failed": "Unable to remove service '{service:s}'",
"service_removed": "تمت إزالة خدمة '{service:s}'",
"service_start_failed": "",
"service_started": "تم إطلاق تشغيل خدمة '{service:s}'",
"service_status_failed": "Unable to determine status of service '{service:s}'",
"service_stop_failed": "",
"service_stopped": "The service '{service:s}' has been stopped",
"service_unknown": "Unknown service '{service:s}'",
"ssowat_conf_generated": "The SSOwat configuration has been generated",
"ssowat_conf_updated": "The SSOwat configuration has been updated",
"ssowat_persistent_conf_read_error": "Error while reading SSOwat persistent configuration: {error:s}. Edit /etc/ssowat/conf.json.persistent file to fix the JSON syntax",
"ssowat_persistent_conf_write_error": "Error while saving SSOwat persistent configuration: {error:s}. Edit /etc/ssowat/conf.json.persistent file to fix the JSON syntax",
"system_upgraded": "تمت عملية ترقية النظام",
"system_username_exists": "Username already exists in the system users",
"unbackup_app": "App '{app:s}' will not be saved",
"unexpected_error": "An unexpected error occured",
"unit_unknown": "Unknown unit '{unit:s}'",
"unlimit": "دون تحديد الحصة",
"unrestore_app": "App '{app:s}' will not be restored",
"update_cache_failed": "Unable to update APT cache",
"updating_apt_cache": "جارٍ تحديث قائمة الحُزم المتوفرة …",
"upgrade_complete": "إكتملت عملية الترقية و التحديث",
"upgrading_packages": "عملية ترقية الحُزم جارية …",
"upnp_dev_not_found": "No UPnP device found",
"upnp_disabled": "UPnP has been disabled",
"upnp_enabled": "UPnP has been enabled",
"upnp_port_open_failed": "Unable to open UPnP ports",
"user_created": "تم إنشاء المستخدم",
"user_creation_failed": "Unable to create user",
"user_deleted": "تم حذف المستخدم",
"user_deletion_failed": "لا يمكن حذف المستخدم",
"user_home_creation_failed": "Unable to create user home folder",
"user_info_failed": "Unable to retrieve user information",
"user_unknown": "المستخدم {user:s} مجهول",
"user_update_failed": "لا يمكن تحديث المستخدم",
"user_updated": "تم تحديث المستخدم",
"yunohost_already_installed": "YunoHost is already installed",
"yunohost_ca_creation_failed": "تعذرت عملية إنشاء هيئة الشهادات",
"yunohost_ca_creation_success": "تم إنشاء هيئة الشهادات المحلية.",
"yunohost_configured": "YunoHost has been configured",
"yunohost_installing": "عملية تنصيب يونوهوست جارية …",
"yunohost_not_installed": "إنَّ واي يونوهوست ليس مُنَصَّب أو هو مثبت حاليا بشكل خاطئ. قم بتنفيذ الأمر 'yunohost tools postinstall'",
"migration_description_0003_migrate_to_stretch": "تحديث النظام إلى ديبيان ستريتش و واي يونوهوست 3.0",
"migration_0003_patching_sources_list": "عملية تعديل ملف المصادر sources.lists جارية ...",
"migration_0003_main_upgrade": "بداية عملية التحديث الأساسية ...",
"migration_0003_fail2ban_upgrade": "بداية عملية تحديث fail2ban ...",
"migration_0003_not_jessie": "إن توزيعة ديبيان الحالية تختلف عن جيسي !",
"migration_description_0002_migrate_to_tsig_sha256": "يقوم بتحسين أمان TSIG لنظام أسماء النطاقات الديناميكة باستخدام SHA512 بدلًا مِن MD5",
"migration_0003_backward_impossible": "لا يُمكن إلغاء عملية الإنتقال إلى ستريتش.",
"migration_0003_system_not_fully_up_to_date": "إنّ نظامك غير مُحدَّث بعدُ لذا يرجى القيام بتحديث عادي أولا قبل إطلاق إجراء الإنتقال إلى نظام ستريتش.",
"migrations_list_conflict_pending_done": "لا يمكنك استخدام --previous و --done معًا على نفس سطر الأوامر.",
"service_description_avahi-daemon": "يسمح لك بالنفاذ إلى خادومك عبر الشبكة المحلية باستخدام yunohost.local",
"service_description_glances": "يقوم بمراقبة معلومات النظام على خادومك",
"service_description_metronome": "يُدير حسابات الدردشة الفورية XMPP",
"service_description_nginx": "يقوم بتوفير النفاذ و السماح بالوصول إلى كافة مواقع الويب المستضافة على خادومك",
"service_description_php5-fpm": "يقوم بتشغيل تطبيقات الـ PHP مع خادوم الويب nginx",
"service_description_postfix": "يقوم بإرسال و تلقي الرسائل البريدية الإلكترونية",
"service_description_yunohost-api": "يقوم بإدارة التفاعلات ما بين واجهة الويب لواي يونوهوست و النظام"
}

1
locales/br.json Normal file
View file

@ -0,0 +1 @@
{}

244
locales/de.json
View file

@ -1,35 +1,35 @@
{
"action_invalid": "Ungültige Aktion '{action:s}'",
"admin_password": "Verwaltungspasswort",
"admin_password": "Administrator-Passwort",
"admin_password_change_failed": "Passwort kann nicht geändert werden",
"admin_password_changed": "Verwaltungspasswort wurde erfolgreich geändert",
"admin_password_changed": "Das Administrator-Kennwort wurde erfolgreich geändert",
"app_already_installed": "{app:s} ist schon installiert",
"app_argument_choice_invalid": "Invalide Auswahl für Argument '{name:s}'. Muss einer der folgenden Werte sein {choices:s}",
"app_argument_choice_invalid": "Ungültige Auswahl für Argument '{name:s}'. Es muss einer der folgenden Werte sein {choices:s}",
"app_argument_invalid": "Das Argument '{name:s}' hat einen falschen Wert: {error:s}",
"app_argument_required": "Argument '{name:s}' wird benötigt",
"app_extraction_failed": "Installationsdateien konnten nicht entpackt werden",
"app_id_invalid": "Falsche App ID",
"app_id_invalid": "Falsche App-ID",
"app_install_files_invalid": "Ungültige Installationsdateien",
"app_location_already_used": "Eine andere App ist bereits an diesem Ort installiert",
"app_location_install_failed": "Die App kann an diesem Ort nicht installiert werden",
"app_manifest_invalid": "Ungültiges App Manifest",
"app_location_already_used": "Eine andere App ({app}) ist bereits an diesem Ort ({path}) installiert",
"app_location_install_failed": "Die App kann nicht an diesem Ort installiert werden, da es mit der App {other_app} die bereits in diesem Pfad ({other_path}) installiert ist Probleme geben würde",
"app_manifest_invalid": "Ungültiges App-Manifest",
"app_no_upgrade": "Keine Aktualisierungen für Apps verfügbar",
"app_not_installed": "{app:s} ist nicht intalliert",
"app_not_installed": "{app:s} ist nicht installiert",
"app_recent_version_required": "Für {:s} benötigt eine aktuellere Version von moulinette",
"app_removed": "{app:s} wurde erfolgreich entfernt",
"app_sources_fetch_failed": "Quelldateien konnten nicht abgerufen werden",
"app_unknown": "Unbekannte App",
"app_upgrade_failed": "Apps konnten nicht aktualisiert werden",
"app_upgrade_failed": "{app:s} konnte nicht aktualisiert werden",
"app_upgraded": "{app:s} wurde erfolgreich aktualisiert",
"appslist_fetched": "Liste der Apps wurde erfolgreich heruntergelanden",
"appslist_removed": "Appliste erfolgreich entfernt",
"appslist_retrieve_error": "Entfernte App Liste kann nicht gezogen werden",
"appslist_unknown": "Unbekannte App Liste",
"ask_current_admin_password": "Derzeitiges Verwaltungspasswort",
"ask_email": "E-Mail Adresse",
"appslist_fetched": "Appliste {appslist:s} wurde erfolgreich heruntergelanden",
"appslist_removed": "Appliste {appslist:s} wurde erfolgreich entfernt",
"appslist_retrieve_error": "Entfernte Appliste {appslist:s} kann nicht empfangen werden: {error:s}",
"appslist_unknown": "Appliste {appslist:s} ist unbekannt.",
"ask_current_admin_password": "Derzeitiges Administrator-Kennwort",
"ask_email": "E-Mail-Adresse",
"ask_firstname": "Vorname",
"ask_lastname": "Nachname",
"ask_list_to_remove": "Liste enternen",
"ask_list_to_remove": "zu entfernende Liste",
"ask_main_domain": "Hauptdomain",
"ask_new_admin_password": "Neues Verwaltungskennwort",
"ask_password": "Passwort",
@ -40,74 +40,74 @@
"backup_archive_name_exists": "Datensicherung mit dem selben Namen existiert bereits",
"backup_archive_name_unknown": "Unbekanntes lokale Datensicherung mit Namen '{name:s}' gefunden",
"backup_archive_open_failed": "Kann Sicherungsarchiv nicht öfnen",
"backup_cleaning_failed": "Verzeichnis von temporäre Sicherungsdaten konnte nicht geleert werden",
"backup_cleaning_failed": "Temporäres Sicherungsverzeichnis konnte nicht geleert werden",
"backup_created": "Datensicherung komplett",
"backup_creating_archive": "Datensicherung wird erstellt...",
"backup_delete_error": "Pfad '{path:s}' konnte nicht gelöscht werden",
"backup_deleted": "Datensicherung erfolgreich gelöscht",
"backup_deleted": "Datensicherung wurde entfernt",
"backup_extracting_archive": "Entpacke Sicherungsarchiv...",
"backup_hook_unknown": "Datensicherungshook '{hook:s}' unbekannt",
"backup_invalid_archive": "Ungültige Datensicherung",
"backup_nothings_done": "Es gibt keine Änderungen zur Speicherung",
"backup_output_directory_forbidden": "Verbotenes Ausgabeverzeichnis",
"backup_output_directory_forbidden": "Verbotenes Ausgabeverzeichnis. Datensicherung können nicht in /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var oder in Unterordnern von /home/yunohost.backup/archives erstellt werden",
"backup_output_directory_not_empty": "Ausgabeordner ist nicht leer",
"backup_output_directory_required": "Für die Datensicherung muss ein Zielverzeichnis angegeben werden",
"backup_running_app_script": "Datensicherung für App '{app:s}' wurd durchgeführt...",
"backup_running_hooks": "Datensicherunghook wird ausgeführt...",
"custom_app_url_required": "Es muss eine URL angegeben um deine benutzerdefinierte App {app:s} zu aktualisieren",
"custom_app_url_required": "Es muss eine URL angegeben werden, um deine benutzerdefinierte App {app:s} zu aktualisieren",
"custom_appslist_name_required": "Du musst einen Namen für deine benutzerdefinierte Appliste angeben",
"dnsmasq_isnt_installed": "dnsmasq scheint nicht installiert zu sein. Bitte führe 'apt-get remove bind9 && apt-get install dnsmasq' aus",
"domain_cert_gen_failed": "Zertifikat konnte nicht erzeugt werden",
"domain_created": "Domain erfolgreich erzeugt",
"domain_created": "Die Domain wurde angelegt",
"domain_creation_failed": "Konnte Domain nicht erzeugen",
"domain_deleted": "Domain erfolgreich gelöscht",
"domain_deleted": "Die Domain wurde gelöscht",
"domain_deletion_failed": "Konnte Domain nicht löschen",
"domain_dyndns_already_subscribed": "Du hast dich schon für einen DynDNS-Domain angemeldet",
"domain_dyndns_already_subscribed": "Du hast dich schon für eine DynDNS-Domain angemeldet",
"domain_dyndns_invalid": "Domain nicht mittels DynDNS nutzbar",
"domain_dyndns_root_unknown": "Unbekannte DynDNS Hauptdomain",
"domain_exists": "Die Domain existiert bereits",
"domain_uninstall_app_first": "Mindestens eine App ist noch für diese Domain installiert. Bitte zuerst die App deinstallieren und erst dann die Domain löschen..",
"domain_uninstall_app_first": "Mindestens eine App ist noch für diese Domain installiert. Bitte deinstalliere zuerst die App, bevor du die Domain löschst",
"domain_unknown": "Unbekannte Domain",
"domain_zone_exists": "DNS Zonen Datei existiert bereits",
"domain_zone_not_found": "DNS Zonen Datei kann nicht für Domäne {:s} gefunden werden",
"done": "Erledigt.",
"done": "Erledigt",
"downloading": "Wird heruntergeladen...",
"dyndns_cron_installed": "DynDNS Cronjob erfolgreich installiert",
"dyndns_cron_remove_failed": "DynDNS Cronjob konnte nicht entfernt werden",
"dyndns_cron_removed": "DynDNS Cronjob wurde erfolgreich gelöscht",
"dyndns_cron_installed": "DynDNS Cronjob erfolgreich angelegt",
"dyndns_cron_remove_failed": "Der DynDNS Cronjob konnte nicht entfernt werden",
"dyndns_cron_removed": "Der DynDNS Cronjob wurde gelöscht",
"dyndns_ip_update_failed": "IP Adresse konnte nicht für DynDNS aktualisiert werden",
"dyndns_ip_updated": "IP Adresse wurde erfolgreich für DynDNS aktualisiert",
"dyndns_ip_updated": "Deine IP Adresse wurde bei DynDNS aktualisiert",
"dyndns_key_generating": "DNS Schlüssel wird generiert, das könnte eine Weile dauern...",
"dyndns_registered": "DynDNS Domain erfolgreich registriert",
"dyndns_registered": "Deine DynDNS Domain wurde registriert",
"dyndns_registration_failed": "DynDNS Domain konnte nicht registriert werden: {error:s}",
"dyndns_unavailable": "DynDNS Subdomain ist nicht verfügbar",
"executing_command": "Führe Kommendo '{command:s}' aus...",
"executing_command": "Führe den Behfehl '{command:s}' aus...",
"executing_script": "Skript '{script:s}' wird ausgeührt...",
"extracting": "Wird entpackt...",
"field_invalid": "Feld '{:s}' ist unbekannt",
"firewall_reload_failed": "Firewall konnte nicht neu geladen werden",
"firewall_reloaded": "Firewall erfolgreich neu geladen",
"firewall_reload_failed": "Die Firewall konnte nicht neu geladen werden",
"firewall_reloaded": "Die Firewall wurde neu geladen",
"firewall_rules_cmd_failed": "Einzelne Firewallregeln konnten nicht übernommen werden. Mehr Informationen sind im Log zu finden.",
"format_datetime_short": "%m/%d/%Y %I:%M %p",
"format_datetime_short": "%d/%m/%Y %I:%M %p",
"hook_argument_missing": "Fehlend Argument '{:s}'",
"hook_choice_invalid": "ungültige Wahl '{:s}'",
"hook_exec_failed": "Skriptausführung fehlgeschlagen",
"hook_exec_not_terminated": "Skriptausführung noch nicht beendet",
"hook_exec_failed": "Skriptausführung fehlgeschlagen: {path:s}",
"hook_exec_not_terminated": "Skriptausführung noch nicht beendet: {path:s}",
"hook_list_by_invalid": "Ungültiger Wert zur Anzeige von Hooks",
"hook_name_unknown": "Hook '{name:s}' ist nicht bekannt",
"installation_complete": "Installation vollständig",
"installation_failed": "Installation fehlgeschlagen",
"ip6tables_unavailable": "ip6tables kann nicht verwendet werden. Du befindest dich entweder in einem Container, oder es wird nicht vom Kernel unterstützt.",
"iptables_unavailable": "iptables kann nicht verwendet werden. Du befindest dich entweder in einem Container, oder es wird nicht vom Kernel unterstützt.",
"ldap_initialized": "LDAP erfolgreich initialisiert",
"ip6tables_unavailable": "ip6tables kann nicht verwendet werden. Du befindest dich entweder in einem Container oder es wird nicht vom Kernel unterstützt",
"iptables_unavailable": "iptables kann nicht verwendet werden. Du befindest dich entweder in einem Container oder es wird nicht vom Kernel unterstützt",
"ldap_initialized": "LDAP wurde initialisiert",
"license_undefined": "Undeiniert",
"mail_alias_remove_failed": "E-Mail Alias '{mail:s}' konnte nicht entfernt werden",
"mail_domain_unknown": "Unbekannte Mail Domain '{domain:s}'",
"mail_forward_remove_failed": "Mailweiterleitung '{mail:s}' konnte nicht entfernt werden",
"maindomain_change_failed": "Hauptdomain konnte nicht geändert werden",
"maindomain_changed": "Hauptdomain wurde erfolgreich geändert",
"monitor_disabled": "Servermonitoring erfolgreich deaktiviert",
"monitor_enabled": "Servermonitoring erfolgreich aktiviert",
"maindomain_change_failed": "Die Hauptdomain konnte nicht geändert werden",
"maindomain_changed": "Die Hauptdomain wurde geändert",
"monitor_disabled": "Das Servermonitoring wurde erfolgreich deaktiviert",
"monitor_enabled": "Das Servermonitoring wurde aktiviert",
"monitor_glances_con_failed": "Verbindung mit Glances nicht möglich",
"monitor_not_enabled": "Servermonitoring ist nicht aktiviert",
"monitor_period_invalid": "Falscher Zeitraum",
@ -117,7 +117,7 @@
"mountpoint_unknown": "Unbekannten Einhängepunkt",
"mysql_db_creation_failed": "MySQL Datenbankerzeugung fehlgeschlagen",
"mysql_db_init_failed": "MySQL Datenbankinitialisierung fehlgeschlagen",
"mysql_db_initialized": "MySQL Datenbank erfolgreich initialisiert",
"mysql_db_initialized": "Die MySQL Datenbank wurde initialisiert",
"network_check_mx_ko": "Es ist kein DNS MX Eintrag vorhanden",
"network_check_smtp_ko": "Ausgehender Mailverkehr (SMTP Port 25) scheint in deinem Netzwerk blockiert zu sein",
"network_check_smtp_ok": "Ausgehender Mailverkehr (SMTP Port 25) ist blockiert",
@ -128,10 +128,10 @@
"no_restore_script": "Es konnte kein Wiederherstellungsskript für '{app:s}' gefunden werden",
"no_such_conf_file": "Datei {file:s}: konnte nicht kopiert werden, da diese nicht existiert",
"packages_no_upgrade": "Es müssen keine Pakete aktualisiert werden",
"packages_upgrade_critical_later": "Wichtiges Paket ({packages:s}) wird später aktualisiert",
"packages_upgrade_critical_later": "Ein wichtiges Paket ({packages:s}) wird später aktualisiert",
"packages_upgrade_failed": "Es konnten nicht alle Pakete aktualisiert werden",
"path_removal_failed": "Pfad {:s} konnte nicht entfernt werden",
"pattern_backup_archive_name": "Ein gültiger Dateiname kann nur aus alphanumerischen und -_. bestehen",
"pattern_backup_archive_name": "Ein gültiger Dateiname kann nur aus maximal 30 alphanumerischen sowie -_. Zeichen bestehen",
"pattern_domain": "Muss ein gültiger Domainname sein (z.B. meine-domain.org)",
"pattern_email": "Muss eine gültige E-Mail Adresse sein (z.B. someone@domain.org)",
"pattern_firstname": "Muss ein gültiger Vorname sein",
@ -142,46 +142,46 @@
"pattern_port": "Es muss ein valider Port (zwischen 0 und 65535) angegeben werden",
"pattern_port_or_range": "Muss ein valider Port (z.B. 0-65535) oder ein Bereich (z.B. 100:200) sein",
"pattern_username": "Darf nur aus klein geschriebenen alphanumerischen Zeichen und Unterstrichen bestehen",
"port_already_closed": "Port {port:d} wurde bereits für {ip_version:s} Verbindungen geschlossen",
"port_already_closed": "Der Port {port:d} wurde bereits für {ip_version:s} Verbindungen geschlossen",
"port_already_opened": "Der Port {port:d} wird bereits von {ip_version:s} benutzt",
"port_available": "Port {port:d} ist verfügbar",
"port_available": "Der Port {port:d} ist verfügbar",
"port_unavailable": "Der Port {port:d} ist nicht verfügbar",
"restore_action_required": "Du musst etwas zum Wiederherstellen auswählen",
"restore_already_installed_app": "Es ist bereits eine App mit der ID '{app:s}' installiet",
"restore_app_failed": "App '{app:s}' konnte nicht wiederhergestellt werden",
"restore_cleaning_failed": "Temporäres Wiederherstellungsverzeichnis konnte nicht geleert werden",
"restore_cleaning_failed": "Das temporäre Wiederherstellungsverzeichnis konnte nicht geleert werden",
"restore_complete": "Wiederherstellung abgeschlossen",
"restore_confirm_yunohost_installed": "Möchtest du die Wiederherstellung wirklich starten? [{answers:s}]",
"restore_failed": "System kann nicht Wiederhergestellt werden",
"restore_hook_unavailable": "Der Wiederherstellungshook '{hook:s}' steht auf deinem System nicht zur Verfügung",
"restore_hook_unavailable": "Das Wiederherstellungsskript für '{part:s}' steht weder in deinem System noch im Archiv zur Verfügung",
"restore_nothings_done": "Es wurde nicht wiederhergestellt",
"restore_running_app_script": "Wiederherstellung wird ausfeührt für App '{app:s}'...",
"restore_running_hooks": "Wiederherstellung wird gestartet...",
"service_add_configuration": "Füge Konfigurationsdatei {file:s} hinzu",
"service_add_failed": "Dienst '{service:s}' kann nicht hinzugefügt werden",
"service_added": "Service erfolgreich hinzugefügt",
"service_already_started": "Der Dienst '{service:s}' läutt bereits",
"service_add_failed": "Der Dienst '{service:s}' kann nicht hinzugefügt werden",
"service_added": "Der Service '{service:s}' wurde erfolgreich hinzugefügt",
"service_already_started": "Der Dienst '{service:s}' läuft bereits",
"service_already_stopped": "Dienst '{service:s}' wurde bereits gestoppt",
"service_cmd_exec_failed": "Kommando '{command:s}' kann nicht ausgeführt werden",
"service_cmd_exec_failed": "Der Befehl '{command:s}' konnte nicht ausgeführt werden",
"service_configuration_conflict": "Die Datei {file:s} wurde zwischenzeitlich verändert. Bitte übernehme die Änderungen manuell oder nutze die Option --force (diese wird alle Änderungen überschreiben).",
"service_disable_failed": "Dienst '{service:s}' konnte nicht deaktiviert werden",
"service_disable_failed": "Der Dienst '{service:s}' konnte nicht deaktiviert werden",
"service_disabled": "Der Dienst '{service:s}' wurde erfolgreich deaktiviert",
"service_enable_failed": "Dienst '{service:s}' konnte nicht aktiviert werden",
"service_enabled": "Dienst '{service:s}' erfolgreich aktiviert",
"service_enable_failed": "Der Dienst '{service:s}' konnte nicht aktiviert werden",
"service_enabled": "Der Dienst '{service:s}' wurde erfolgreich aktiviert",
"service_no_log": "Für den Dienst '{service:s}' kann kein Log angezeigt werden",
"service_remove_failed": "Dienst '{service:s}' konnte nicht entfernt werden",
"service_removed": "Dienst erfolgreich enternt",
"service_start_failed": "Dienst '{service:s}' konnte nicht gestartet werden",
"service_started": "der Dienst '{service:s}' wurde erfolgreich gestartet",
"service_status_failed": "Status von '{service:s}' kann nicht festgestellt werden",
"service_stop_failed": "Dienst '{service:s}' kann nicht gestoppt werden",
"service_stopped": "Dienst '{service:s}' wurde erfolgreich beendet",
"service_unknown": "Unbekannte Dienst '{service:s}'",
"service_remove_failed": "Der Dienst '{service:s}' konnte nicht entfernt werden",
"service_removed": "Der Dienst '{service:s}' wurde erfolgreich entfernt",
"service_start_failed": "Der Dienst '{service:s}' konnte nicht gestartet werden",
"service_started": "Der Dienst '{service:s}' wurde erfolgreich gestartet",
"service_status_failed": "Der Status von '{service:s}' kann nicht festgestellt werden",
"service_stop_failed": "Der Dienst '{service:s}' kann nicht gestoppt werden",
"service_stopped": "Der Dienst '{service:s}' wurde erfolgreich beendet",
"service_unknown": "Unbekannter Dienst '{service:s}'",
"services_configured": "Konfiguration erfolgreich erstellt",
"show_diff": "Es gibt folgende Änderungen:\n{diff:s}",
"ssowat_conf_generated": "Konfiguration von SSOwat erfolgreich",
"ssowat_conf_updated": "Persistente SSOwat Einstellung erfolgreich aktualisiert",
"system_upgraded": "System wurde erfolgreich aktualisiert",
"ssowat_conf_generated": "Die Konfiguration von SSOwat war erfolgreich",
"ssowat_conf_updated": "Die persistente SSOwat Einstellung wurde aktualisiert",
"system_upgraded": "Das System wurde aktualisiert",
"system_username_exists": "Der Benutzername existiert bereits",
"unbackup_app": "App '{app:s}' konnte nicht gespeichert werden",
"unexpected_error": "Ein unerwarteter Fehler ist aufgetreten",
@ -189,25 +189,117 @@
"unlimit": "Kein Kontingent",
"unrestore_app": "App '{app:s}' kann nicht Wiederhergestellt werden",
"update_cache_failed": "Konnte APT cache nicht aktualisieren",
"updating_apt_cache": "Liste der verfügbaren Pakete wird aktualisiert...",
"updating_apt_cache": "Die Liste der verfügbaren Pakete wird aktualisiert...",
"upgrade_complete": "Upgrade vollständig",
"upgrading_packages": "Pakete werden aktualisiert...",
"upnp_dev_not_found": "Es konnten keine UPnP Geräte gefunden werden",
"upnp_disabled": "UPnP wurde erfolgreich deaktiviert",
"upnp_disabled": "UPnP wurde deaktiviert",
"upnp_enabled": "UPnP wurde aktiviert",
"upnp_port_open_failed": "UPnP Ports konnten nicht geöffnet werden",
"user_created": "Benutzer erfolgreich erstellt",
"user_created": "Der Benutzer wurde erstellt",
"user_creation_failed": "Nutzer konnte nicht erstellt werden",
"user_deleted": "Benutzer wurde erfolgreich entfernt",
"user_deleted": "Der Benutzer wurde entfernt",
"user_deletion_failed": "Nutzer konnte nicht gelöscht werden",
"user_home_creation_failed": "Benutzer Home konnte nicht erstellt werden",
"user_info_failed": "Nutzerinformationen können nicht angezeigt werden",
"user_unknown": "Unbekannter Benutzer",
"user_unknown": "Unbekannter Benutzer: {user:s}",
"user_update_failed": "Benutzer kann nicht aktualisiert werden",
"user_updated": "Benutzer wurde erfolgreich aktualisiert",
"user_updated": "Der Benutzer wurde aktualisiert",
"yunohost_already_installed": "YunoHost ist bereits installiert",
"yunohost_ca_creation_failed": "Zertifikatsstelle konnte nicht erstellt werden",
"yunohost_configured": "YunoHost wurde erfolgreich konfiguriert",
"yunohost_configured": "YunoHost wurde konfiguriert",
"yunohost_installing": "YunoHost wird installiert...",
"yunohost_not_installed": "Die YunoHost ist unvollständig. Bitte 'yunohost tools postinstall' ausführen."
"yunohost_not_installed": "YunoHost ist nicht oder unvollständig installiert worden. Bitte 'yunohost tools postinstall' ausführen",
"app_not_properly_removed": "{app:s} wurde nicht ordnungsgemäß entfernt",
"service_regenconf_failed": "Konnte die Konfiguration für folgende Dienste nicht neu erzeugen: {services}",
"not_enough_disk_space": "Zu wenig freier Speicherplatz unter '{path:s}' verfügbar",
"backup_creation_failed": "Erstellen des Backups fehlgeschlagen",
"service_conf_up_to_date": "Die Konfiguration für den Dienst '{service}' ist bereits aktuell",
"package_not_installed": "Das Paket '{pkgname}' ist nicht installiert",
"pattern_positive_number": "Muss eine positive Zahl sein",
"diagnosis_kernel_version_error": "Kann Kernelversion nicht abrufen: {error}",
"package_unexpected_error": "Ein unerwarteter Fehler trat bei der Verarbeitung des Pakets '{pkgname}' auf",
"app_incompatible": "Die Anwendung {app} ist nicht mit deiner YunoHost-Version kompatibel",
"app_not_correctly_installed": "{app:s} scheint nicht korrekt installiert zu sein",
"app_requirements_checking": "Überprüfe notwendige Pakete für {app}...",
"app_requirements_failed": "Anforderungen für {app} werden nicht erfüllt: {error}",
"app_requirements_unmeet": "Anforderungen für {app} werden nicht erfüllt, das Paket {pkgname} ({version}) muss {spec} sein",
"app_unsupported_remote_type": "Für die App wurde ein nicht unterstützer Steuerungstyp verwendet",
"backup_archive_broken_link": "Auf das Backup-Archiv konnte nicht zugegriffen werden (ungültiger Link zu {path:s})",
"diagnosis_debian_version_error": "Debian Version konnte nicht abgerufen werden: {error}",
"diagnosis_monitor_disk_error": "Festplatten können nicht aufgelistet werden: {error}",
"diagnosis_monitor_network_error": "Netzwerk kann nicht angezeigt werden: {error}",
"diagnosis_monitor_system_error": "System kann nicht angezeigt werden: {error}",
"diagnosis_no_apps": "Keine Anwendung ist installiert",
"domains_available": "Verfügbare Domains:",
"dyndns_key_not_found": "DNS-Schlüssel für die Domain wurde nicht gefunden",
"dyndns_no_domain_registered": "Es wurde keine Domain mit DynDNS registriert",
"ldap_init_failed_to_create_admin": "Die LDAP Initialisierung konnte keinen admin Benutzer erstellen",
"mailbox_used_space_dovecot_down": "Der Dovecot Mailbox Dienst muss gestartet sein, wenn du den von der Mailbox belegten Speicher angezeigen lassen willst",
"package_unknown": "Unbekanntes Paket '{pkgname}'",
"service_conf_file_backed_up": "Von der Konfigurationsdatei {conf} wurde ein Backup in {backup} erstellt",
"service_conf_file_copy_failed": "Die neue Konfigurationsdatei konnte von {new} nach {conf} nicht kopiert werden",
"service_conf_file_manually_modified": "Die Konfigurationsdatei {conf} wurde manuell verändert und wird nicht aktualisiert",
"service_conf_file_manually_removed": "Die Konfigurationsdatei {conf} wurde manuell entfern und wird nicht erstellt",
"service_conf_file_not_managed": "Die Konfigurationsdatei {conf} wurde noch nicht verwaltet und wird nicht aktualisiert",
"service_conf_file_remove_failed": "Die Konfigurationsdatei {conf} konnte nicht entfernt werden",
"service_conf_file_removed": "Die Konfigurationsdatei {conf} wurde entfernt",
"service_conf_file_updated": "Die Konfigurationsdatei {conf} wurde aktualisiert",
"service_conf_updated": "Die Konfigurationsdatei wurde für den Service {service} aktualisiert",
"service_conf_would_be_updated": "Die Konfigurationsdatei sollte für den Service {service} aktualisiert werden",
"ssowat_persistent_conf_read_error": "Ein Fehler ist aufgetreten, als die persistente SSOwat Konfiguration eingelesen wurde {error:s} Bearbeite die persistente Datei /etc/ssowat/conf.json , um die JSON syntax zu korregieren",
"ssowat_persistent_conf_write_error": "Ein Fehler ist aufgetreten, als die persistente SSOwat Konfiguration gespeichert wurde {error:s} Bearbeite die persistente Datei /etc/ssowat/conf.json , um die JSON syntax zu korregieren",
"certmanager_attempt_to_replace_valid_cert": "Du versuchst gerade eine richtiges und gültiges Zertifikat der Domain {domain:s} zu überschreiben! (Benutze --force , um diese Nachricht zu umgehen)",
"certmanager_domain_unknown": "Unbekannte Domain {domain:s}",
"certmanager_domain_cert_not_selfsigned": "Das Zertifikat der Domain {domain:s} is kein selbstsigniertes Zertifikat. Bist du dir sicher, dass du es ersetzen willst? (Benutze --force)",
"certmanager_certificate_fetching_or_enabling_failed": "Es scheint so als wäre die Aktivierung des Zertifikats für die Domain {domain:s} fehlgeschlagen...",
"certmanager_attempt_to_renew_nonLE_cert": "Das Zertifikat der Domain {domain:s} wurde nicht von Let's Encrypt ausgestellt. Es kann nicht automatisch erneuert werden!",
"certmanager_attempt_to_renew_valid_cert": "Das Zertifikat der Domain {domain:s} läuft in Kürze ab! Benutze --force um diese Nachricht zu umgehen",
"certmanager_domain_http_not_working": "Es scheint so, dass die Domain {domain:s} nicht über HTTP erreicht werden kann. Bitte überprüfe, ob deine DNS und nginx Konfiguration in Ordnung ist",
"certmanager_error_no_A_record": "Kein DNS 'A' Eintrag für die Domain {domain:s} gefunden. Dein Domainname muss auf diese Maschine weitergeleitet werden, um ein Let's Encrypt Zertifikat installieren zu können! (Wenn du weißt was du tust, kannst du --no-checks benutzen, um diese Überprüfung zu überspringen. )",
"certmanager_domain_dns_ip_differs_from_public_ip": "Der DNS 'A' Eintrag der Domain {domain:s} unterscheidet sich von dieser Server-IP. Wenn du gerade deinen A Eintrag verändert hast, warte bitte etwas, damit die Änderungen wirksam werden (du kannst die DNS Propagation mittels Website überprüfen) (Wenn du weißt was du tust, kannst du --no-checks benutzen, um diese Überprüfung zu überspringen. )",
"certmanager_domain_not_resolved_locally": "Die Domain {domain:s} konnte von innerhalb des Yunohost-Servers nicht aufgelöst werden. Das kann passieren, wenn du den DNS Eintrag vor Kurzem verändert hast. Falls dies der Fall ist, warte bitte ein paar Stunden, damit die Änderungen wirksam werden. Wenn der Fehler bestehen bleibt, ziehe in Betracht die Domain {domain:s} in /etc/hosts einzutragen. (Wenn du weißt was du tust, benutze --no-checks , um diese Nachricht zu umgehen. )",
"certmanager_cannot_read_cert": "Es ist ein Fehler aufgetreten, als es versucht wurde das aktuelle Zertifikat für die Domain {domain:s} zu öffnen (Datei: {file:s}), Grund: {reason:s}",
"certmanager_cert_install_success_selfsigned": "Ein selbstsigniertes Zertifikat für die Domain {domain:s} wurde erfolgreich installiert!",
"certmanager_cert_install_success": "Für die Domain {domain:s} wurde erfolgreich ein Let's Encrypt installiert!",
"certmanager_cert_renew_success": "Das Let's Encrypt Zertifikat für die Domain {domain:s} wurde erfolgreich erneuert!",
"certmanager_old_letsencrypt_app_detected": "\nYunohost hat erkannt, dass eine Version von 'letsencrypt' installiert ist, die mit den neuen, integrierten Zertifikatsmanagement-Features in Yunohost kollidieren. Wenn du die neuen Features nutzen willst, führe die folgenden Befehle aus:\n\n yunohost app remove letsencrypt\n yunohost domain cert-install\n\nAnm.: Diese Befehle werden die selbstsignierten und Let's Encrypt Zertifikate aller Domains neu installieren",
"certmanager_hit_rate_limit": "Es wurden innerhalb kurzer Zeit schon zu viele Zertifikate für die exakt gleiche Domain {domain:s} ausgestellt. Bitte versuche es später nochmal. Besuche https://letsencrypt.org/docs/rate-limits/ für mehr Informationen",
"certmanager_cert_signing_failed": "Signieren des neuen Zertifikats ist fehlgeschlagen",
"certmanager_no_cert_file": "Die Zertifikatsdatei für die Domain {domain:s} (Datei: {file:s}) konnte nicht gelesen werden",
"certmanager_conflicting_nginx_file": "Die Domain konnte nicht für die ACME challenge vorbereitet werden: Die nginx Konfigurationsdatei {filepath:s} verursacht Probleme und sollte vorher entfernt werden",
"domain_cannot_remove_main": "Die primäre Domain konnten nicht entfernt werden. Lege zuerst einen neue primäre Domain fest",
"certmanager_self_ca_conf_file_not_found": "Die Konfigurationsdatei der Zertifizierungsstelle für selbstsignierte Zertifikate wurde nicht gefunden (Datei {file:s})",
"certmanager_acme_not_configured_for_domain": "Das Zertifikat für die Domain {domain:s} scheint nicht richtig installiert zu sein. Bitte führe den Befehl cert-install für diese Domain nochmals aus.",
"certmanager_unable_to_parse_self_CA_name": "Der Name der Zertifizierungsstelle für selbstsignierte Zertifikate konnte nicht analysiert werden (Datei: {file:s})",
"app_package_need_update": "Es ist notwendig das Paket {app} zu aktualisieren, um Aktualisierungen für YunoHost zu erhalten",
"service_regenconf_dry_pending_applying": "Überprüfe ausstehende Konfigurationen, die für den Server {service} notwendig sind...",
"service_regenconf_pending_applying": "Überprüfe ausstehende Konfigurationen, die für den Server '{service}' notwendig sind...",
"certmanager_http_check_timeout": "Eine Zeitüberschreitung ist aufgetreten als der Server versuchte sich selbst über HTTP mit der öffentlichen IP (Domain {domain:s} mit der IP {ip:s}) zu erreichen. Möglicherweise ist dafür hairpinning oder eine falsch konfigurierte Firewall/Router deines Servers dafür verantwortlich.",
"certmanager_couldnt_fetch_intermediate_cert": "Eine Zeitüberschreitung ist aufgetreten als der Server versuchte die Teilzertifikate von Let's Encrypt zusammenzusetzen. Die Installation/Erneuerung des Zertifikats wurde abgebrochen - bitte versuche es später erneut.",
"appslist_retrieve_bad_format": "Die empfangene Datei der Appliste {appslist:s} ist ungültig",
"domain_hostname_failed": "Erstellen des neuen Hostnamens fehlgeschlagen",
"appslist_name_already_tracked": "Es gibt bereits eine registrierte App-Liste mit Namen {name:s}.",
"appslist_url_already_tracked": "Es gibt bereits eine registrierte Anwendungsliste mit dem URL {url:s}.",
"appslist_migrating": "Migriere Anwendungsliste {appslist:s} ...",
"appslist_could_not_migrate": "Konnte Anwendungsliste {appslist:s} nicht migrieren. Konnte die URL nicht verarbeiten... Der alte Cron-Job wurde unter {bkp_file:s} beibehalten.",
"appslist_corrupted_json": "Konnte die Anwendungslisten. Es scheint, dass {filename:s} beschädigt ist.",
"yunohost_ca_creation_success": "Die lokale Zertifizierungs-Authorität wurde angelegt.",
"app_already_installed_cant_change_url": "Diese Application ist bereits installiert. Die URL kann durch diese Funktion nicht modifiziert werden. Überprüfe ob `app changeurl` verfügbar ist.",
"app_change_no_change_url_script": "Die Application {app_name:s} unterstützt das anpassen der URL noch nicht. Sie muss gegebenenfalls erweitert werden.",
"app_change_url_failed_nginx_reload": "NGINX konnte nicht neu gestartet werden. Hier ist der Output von 'nginx -t':\n{nginx_errors:s}",
"app_change_url_identical_domains": "Die alte und neue domain/url_path sind identisch: ('{domain:s} {path:s}'). Es gibt nichts zu tun.",
"app_already_up_to_date": "{app:s} ist schon aktuell",
"backup_abstract_method": "Diese Backup-Methode wird noch nicht unterstützt",
"backup_applying_method_tar": "Erstellen des Backup-tar Archives...",
"backup_applying_method_copy": "Kopiere alle Dateien ins Backup...",
"app_change_url_no_script": "Die Anwendung '{app_name:s}' unterstützt bisher keine URL-Modufikation. Vielleicht gibt es eine Aktualisierung der Anwendung.",
"app_location_unavailable": "Diese URL ist nicht verfügbar oder wird von einer installierten Anwendung genutzt",
"backup_applying_method_custom": "Rufe die benutzerdefinierte Backup-Methode '{method:s}' auf...",
"backup_archive_system_part_not_available": "Der System-Teil '{part:s}' ist in diesem Backup nicht enthalten",
"backup_archive_mount_failed": "Das Einbinden des Backup-Archives ist fehlgeschlagen",
"backup_archive_writing_error": "Die Dateien konnten nicht in der komprimierte Archiv-Backup hinzugefügt werden",
"app_change_url_success": "Erfolgreiche Änderung der URL von {app:s} zu {domain:s}{path:s}",
"backup_applying_method_borg": "Sende alle Dateien zur Sicherung ins borg-backup repository...",
"invalid_url_format": "ungültiges URL Format"
}

284
locales/en.json
View file

@ -4,34 +4,51 @@
"admin_password_change_failed": "Unable to change password",
"admin_password_changed": "The administration password has been changed",
"app_already_installed": "{app:s} is already installed",
"app_already_installed_cant_change_url": "This app is already installed. The url cannot be changed just by this function. Look into `app changeurl` if it's available.",
"app_already_up_to_date": "{app:s} is already up to date",
"app_argument_choice_invalid": "Invalid choice for argument '{name:s}', it must be one of {choices:s}",
"app_argument_invalid": "Invalid value for argument '{name:s}': {error:s}",
"app_argument_required": "Argument '{name:s}' is required",
"app_change_no_change_url_script": "The application {app_name:s} doesn't support changing it's URL yet, you might need to upgrade it.",
"app_change_url_failed_nginx_reload": "Failed to reload nginx. Here is the output of 'nginx -t':\n{nginx_errors:s}",
"app_change_url_identical_domains": "The old and new domain/url_path are identical ('{domain:s}{path:s}'), nothing to do.",
"app_change_url_no_script": "This application '{app_name:s}' doesn't support url modification yet. Maybe you should upgrade the application.",
"app_change_url_success": "Successfully changed {app:s} url to {domain:s}{path:s}",
"app_extraction_failed": "Unable to extract installation files",
"app_id_invalid": "Invalid app id",
"app_incompatible": "The app is incompatible with your YunoHost version",
"app_incompatible": "The app {app} is incompatible with your YunoHost version",
"app_install_files_invalid": "Invalid installation files",
"app_location_already_used": "An app is already installed in this location",
"app_location_install_failed": "Unable to install the app in this location",
"app_manifest_invalid": "Invalid app manifest",
"app_location_already_used": "The app '{app}' is already installed on that location ({path})",
"app_make_default_location_already_used": "Can't make the app '{app}' the default on the domain {domain} is already used by the other app '{other_app}'",
"app_location_install_failed": "Unable to install the app in this location because it conflit with the app '{other_app}' already installed on '{other_path}'",
"app_location_unavailable": "This url is not available or conflicts with the already installed app(s):\n{apps:s}",
"app_manifest_invalid": "Invalid app manifest: {error}",
"app_no_upgrade": "No app to upgrade",
"app_not_correctly_installed": "{app:s} seems to be incorrectly installed",
"app_not_installed": "{app:s} is not installed",
"app_not_properly_removed": "{app:s} has not been properly removed",
"app_package_need_update": "The app package needs to be updated to follow YunoHost changes",
"app_package_need_update": "The app {app} package needs to be updated to follow YunoHost changes",
"app_removed": "{app:s} has been removed",
"app_requirements_checking": "Checking required packages...",
"app_requirements_failed": "Unable to meet requirements: {error}",
"app_requirements_unmeet": "Requirements are not met, the package {pkgname} ({version}) must be {spec}",
"app_requirements_checking": "Checking required packages for {app}...",
"app_requirements_failed": "Unable to meet requirements for {app}: {error}",
"app_requirements_unmeet": "Requirements are not met for {app}, the package {pkgname} ({version}) must be {spec}",
"app_sources_fetch_failed": "Unable to fetch sources files",
"app_unknown": "Unknown app",
"app_unsupported_remote_type": "Unsupported remote type used for the app",
"app_upgrade_app_name": "Upgrading app {app}...",
"app_upgrade_failed": "Unable to upgrade {app:s}",
"app_upgrade_some_app_failed": "Unable to upgrade some applications",
"app_upgraded": "{app:s} has been upgraded",
"appslist_fetched": "The app list has been fetched",
"appslist_removed": "The app list has been removed",
"appslist_retrieve_error": "Unable to retrieve the remote app list",
"appslist_unknown": "Unknown app list",
"appslist_corrupted_json": "Could not load the application lists. It looks like {filename:s} is corrupted.",
"appslist_could_not_migrate": "Could not migrate app list {appslist:s} ! Unable to parse the url... The old cron job has been kept in {bkp_file:s}.",
"appslist_fetched": "The application list {appslist:s} has been fetched",
"appslist_migrating": "Migrating application list {appslist:s} ...",
"appslist_name_already_tracked": "There is already a registered application list with name {name:s}.",
"appslist_removed": "The application list {appslist:s} has been removed",
"appslist_retrieve_bad_format": "Retrieved file for application list {appslist:s} is not valid",
"appslist_retrieve_error": "Unable to retrieve the remote application list {appslist:s}: {error:s}",
"appslist_unknown": "Application list {appslist:s} unknown.",
"appslist_url_already_tracked": "There is already a registered application list with url {url:s}.",
"ask_current_admin_password": "Current administration password",
"ask_email": "Email address",
"ask_firstname": "First name",
@ -40,52 +57,112 @@
"ask_main_domain": "Main domain",
"ask_new_admin_password": "New administration password",
"ask_password": "Password",
"ask_path": "Path",
"backup_abstract_method": "This backup method hasn't yet been implemented",
"backup_action_required": "You must specify something to save",
"backup_app_failed": "Unable to back up the app '{app:s}'",
"backup_applying_method_borg": "Sending all files to backup into borg-backup repository...",
"backup_applying_method_copy": "Copying all files to backup...",
"backup_applying_method_custom": "Calling the custom backup method '{method:s}'...",
"backup_applying_method_tar": "Creating the backup tar archive...",
"backup_archive_app_not_found": "App '{app:s}' not found in the backup archive",
"backup_archive_hook_not_exec": "Hook '{hook:s}' not executed in this backup",
"backup_archive_broken_link": "Unable to access backup archive (broken link to {path:s})",
"backup_archive_mount_failed": "Mounting the backup archive failed",
"backup_archive_name_exists": "The backup's archive name already exists",
"backup_archive_name_unknown": "Unknown local backup archive named '{name:s}'",
"backup_archive_open_failed": "Unable to open the backup archive",
"backup_archive_system_part_not_available": "System part '{part:s}' not available in this backup",
"backup_archive_writing_error": "Unable to add files to backup into the compressed archive",
"backup_ask_for_copying_if_needed": "Some files couldn't be prepared to be backuped using the method that avoid to temporarily waste space on the system. To perform the backup, {size:s}MB should be used temporarily. Do you agree?",
"backup_borg_not_implemented": "Borg backup method is not yet implemented",
"backup_cant_mount_uncompress_archive": "Unable to mount in readonly mode the uncompress archive directory",
"backup_cleaning_failed": "Unable to clean-up the temporary backup directory",
"backup_copying_to_organize_the_archive": "Copying {size:s}MB to organize the archive",
"backup_couldnt_bind": "Couldn't bind {src:s} to {dest:s}.",
"backup_created": "Backup created",
"backup_creating_archive": "Creating the backup archive...",
"backup_creation_failed": "Backup creation failed",
"backup_csv_addition_failed": "Unable to add files to backup into the CSV file",
"backup_csv_creation_failed": "Unable to create the CSV file needed for future restore operations",
"backup_custom_backup_error": "Custom backup method failure on 'backup' step",
"backup_custom_mount_error": "Custom backup method failure on 'mount' step",
"backup_custom_need_mount_error": "Custom backup method failure on 'need_mount' step",
"backup_delete_error": "Unable to delete '{path:s}'",
"backup_deleted": "The backup has been deleted",
"backup_extracting_archive": "Extracting the backup archive...",
"backup_hook_unknown": "Backup hook '{hook:s}' unknown",
"backup_invalid_archive": "Invalid backup archive",
"backup_method_borg_finished": "Backup into borg finished",
"backup_method_copy_finished": "Backup copy finished",
"backup_method_custom_finished": "Custom backup method '{method:s}' finished",
"backup_method_tar_finished": "Backup tar archive created",
"backup_no_uncompress_archive_dir": "Uncompress archive directory doesn't exist",
"backup_nothings_done": "There is nothing to save",
"backup_output_directory_forbidden": "Forbidden output directory. Backups can't be created in /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var or /home/yunohost.backup/archives sub-folders.",
"backup_output_directory_forbidden": "Forbidden output directory. Backups can't be created in /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var or /home/yunohost.backup/archives sub-folders",
"backup_output_directory_not_empty": "The output directory is not empty",
"backup_output_directory_required": "You must provide an output directory for the backup",
"backup_output_symlink_dir_broken": "You have a broken symlink instead of your archives directory '{path:s}'. You may have a specific setup to backup your data on an other filesystem, in this case you probably forgot to remount or plug your hard dirve or usb key.",
"backup_php5_to_php7_migration_may_fail": "Could not convert your archive to support php7, your php apps may fail to restore (reason: {error:s})",
"backup_running_app_script": "Running backup script of app '{app:s}'...",
"backup_running_hooks": "Running backup hooks...",
"backup_system_part_failed": "Unable to backup the '{part:s}' system part",
"backup_unable_to_organize_files": "Unable to organize files in the archive with the quick method",
"backup_with_no_backup_script_for_app": "App {app:s} has no backup script. Ignoring.",
"backup_with_no_restore_script_for_app": "App {app:s} has no restore script, you won't be able to automatically restore the backup of this app.",
"certmanager_acme_not_configured_for_domain": "Certificate for domain {domain:s} does not appear to be correctly installed. Please run cert-install for this domain first.",
"certmanager_attempt_to_renew_nonLE_cert": "The certificate for domain {domain:s} is not issued by Let's Encrypt. Cannot renew it automatically!",
"certmanager_attempt_to_renew_valid_cert": "The certificate for domain {domain:s} is not about to expire! Use --force to bypass",
"certmanager_attempt_to_replace_valid_cert": "You are attempting to overwrite a good and valid certificate for domain {domain:s}! (Use --force to bypass)",
"certmanager_cannot_read_cert": "Something wrong happened when trying to open current certificate for domain {domain:s} (file: {file:s}), reason: {reason:s}",
"certmanager_cert_install_success": "Successfully installed Let's Encrypt certificate for domain {domain:s}!",
"certmanager_cert_install_success_selfsigned": "Successfully installed a self-signed certificate for domain {domain:s}!",
"certmanager_cert_renew_success": "Successfully renewed Let's Encrypt certificate for domain {domain:s}!",
"certmanager_cert_signing_failed": "Signing the new certificate failed",
"certmanager_certificate_fetching_or_enabling_failed": "Sounds like enabling the new certificate for {domain:s} failed somehow...",
"certmanager_conflicting_nginx_file": "Unable to prepare domain for ACME challenge: the nginx configuration file {filepath:s} is conflicting and should be removed first",
"certmanager_couldnt_fetch_intermediate_cert": "Timed out when trying to fetch intermediate certificate from Let's Encrypt. Certificate installation/renewal aborted - please try again later.",
"certmanager_domain_cert_not_selfsigned": "The certificate for domain {domain:s} is not self-signed. Are you sure you want to replace it? (Use --force)",
"certmanager_domain_dns_ip_differs_from_public_ip": "The DNS 'A' record for domain {domain:s} is different from this server IP. If you recently modified your A record, please wait for it to propagate (some DNS propagation checkers are available online). (If you know what you are doing, use --no-checks to disable those checks.)",
"certmanager_domain_http_not_working": "It seems that the domain {domain:s} cannot be accessed through HTTP. Please check your DNS and nginx configuration is okay",
"certmanager_domain_not_resolved_locally": "The domain {domain:s} cannot be resolved from inside your Yunohost server. This might happen if you recently modified your DNS record. If so, please wait a few hours for it to propagate. If the issue persists, consider adding {domain:s} to /etc/hosts. (If you know what you are doing, use --no-checks to disable those checks.)",
"certmanager_domain_unknown": "Unknown domain {domain:s}",
"certmanager_error_no_A_record": "No DNS 'A' record found for {domain:s}. You need to make your domain name point to your machine to be able to install a Let's Encrypt certificate! (If you know what you are doing, use --no-checks to disable those checks.)",
"certmanager_hit_rate_limit": "Too many certificates already issued for exact set of domains {domain:s} recently. Please try again later. See https://letsencrypt.org/docs/rate-limits/ for more details",
"certmanager_http_check_timeout": "Timed out when server tried to contact itself through HTTP using public IP address (domain {domain:s} with ip {ip:s}). You may be experiencing hairpinning issue or the firewall/router ahead of your server is misconfigured.",
"certmanager_no_cert_file": "Unable to read certificate file for domain {domain:s} (file: {file:s})",
"certmanager_old_letsencrypt_app_detected": "\nYunohost detected that the 'letsencrypt' app is installed, which conflits with the new built-in certificate management features in Yunohost. If you wish to use the new built-in features, please run the following commands to migrate your installation:\n\n yunohost app remove letsencrypt\n yunohost domain cert-install\n\nN.B.: this will attempt to re-install certificates for all domains with a Let's Encrypt certificate or self-signed certificate",
"certmanager_self_ca_conf_file_not_found": "Configuration file not found for self-signing authority (file: {file:s})",
"certmanager_unable_to_parse_self_CA_name": "Unable to parse name of self-signing authority (file: {file:s})",
"custom_app_url_required": "You must provide a URL to upgrade your custom app {app:s}",
"custom_appslist_name_required": "You must provide a name for your custom app list",
"diagnostic_debian_version_error": "Can't retrieve the Debian version: {error}",
"diagnostic_kernel_version_error": "Can't retrieve kernel version: {error}",
"diagnostic_monitor_disk_error": "Can't monitor disks: {error}",
"diagnostic_monitor_network_error": "Can't monitor network: {error}",
"diagnostic_monitor_system_error": "Can't monitor system: {error}",
"diagnostic_no_apps": "No installed application",
"diagnosis_debian_version_error": "Can't retrieve the Debian version: {error}",
"diagnosis_kernel_version_error": "Can't retrieve kernel version: {error}",
"diagnosis_monitor_disk_error": "Can't monitor disks: {error}",
"diagnosis_monitor_network_error": "Can't monitor network: {error}",
"diagnosis_monitor_system_error": "Can't monitor system: {error}",
"diagnosis_no_apps": "No installed application",
"dnsmasq_isnt_installed": "dnsmasq does not seem to be installed, please run 'apt-get remove bind9 && apt-get install dnsmasq'",
"domain_cannot_remove_main": "Cannot remove main domain. Set a new main domain first",
"domain_cert_gen_failed": "Unable to generate certificate",
"domain_created": "The domain has been created",
"domain_creation_failed": "Unable to create domain",
"domain_deleted": "The domain has been deleted",
"domain_deletion_failed": "Unable to delete domain",
"domain_dns_conf_is_just_a_recommendation": "This command shows you what is the *recommended* configuration. It does not actually set up the DNS configuration for you. It is your responsability to configure your DNS zone in your registrar according to this recommendation.",
"domain_dyndns_already_subscribed": "You've already subscribed to a DynDNS domain",
"domain_dyndns_dynette_is_unreachable": "Unable to reach YunoHost dynette, either your YunoHost is not correctly connected to the internet or the dynette server is down. Error: {error}",
"domain_dyndns_invalid": "Invalid domain to use with DynDNS",
"domain_dyndns_root_unknown": "Unknown DynDNS root domain",
"domain_exists": "Domain already exists",
"domain_uninstall_app_first": "One or more apps are installed on this domain. Please uninstall them before proceeding to domain removal.",
"domain_hostname_failed": "Failed to set new hostname",
"domain_uninstall_app_first": "One or more apps are installed on this domain. Please uninstall them before proceeding to domain removal",
"domain_unknown": "Unknown domain",
"domain_zone_exists": "DNS zone file already exists",
"domain_zone_not_found": "DNS zone file not found for domain {:s}",
"done": "Done.",
"domains_available": "Available domains:",
"done": "Done",
"downloading": "Downloading...",
"dyndns_could_not_check_provide": "Could not check if {provider:s} can provide {domain:s}.",
"dyndns_cron_installed": "The DynDNS cron job has been installed",
"dyndns_cron_remove_failed": "Unable to remove the DynDNS cron job",
"dyndns_cron_removed": "The DynDNS cron job has been removed",
@ -96,30 +173,135 @@
"dyndns_no_domain_registered": "No domain has been registered with DynDNS",
"dyndns_registered": "The DynDNS domain has been registered",
"dyndns_registration_failed": "Unable to register DynDNS domain: {error:s}",
"dyndns_unavailable": "Unavailable DynDNS subdomain",
"dyndns_domain_not_provided": "Dyndns provider {provider:s} cannot provide domain {domain:s}.",
"dyndns_unavailable": "Domain {domain:s} is not available.",
"executing_command": "Executing command '{command:s}'...",
"executing_script": "Executing script '{script:s}'...",
"extracting": "Extracting...",
"experimental_feature": "Warning: this feature is experimental and not consider stable, you shouldn't be using it except if you know what you are doing.",
"field_invalid": "Invalid field '{:s}'",
"firewall_reload_failed": "Unable to reload the firewall",
"firewall_reloaded": "The firewall has been reloaded",
"firewall_rules_cmd_failed": "Some firewall rules commands have failed. For more information, see the log.",
"format_datetime_short": "%m/%d/%Y %I:%M %p",
"global_settings_bad_choice_for_enum": "Bad value for setting {setting:s}, received {received_type:s}, except {expected_type:s}",
"global_settings_bad_type_for_setting": "Bad type for setting {setting:s}, received {received_type:s}, except {expected_type:s}",
"global_settings_cant_open_settings": "Failed to open settings file, reason: {reason:s}",
"global_settings_cant_serialize_settings": "Failed to serialize settings data, reason: {reason:s}",
"global_settings_cant_write_settings": "Failed to write settings file, reason: {reason:s}",
"global_settings_key_doesnt_exists": "The key '{settings_key:s}' doesn't exists in the global settings, you can see all the available keys by doing 'yunohost settings list'",
"global_settings_reset_success": "Success. Your previous settings have been backuped in {path:s}",
"global_settings_setting_example_bool": "Example boolean option",
"global_settings_setting_example_enum": "Example enum option",
"global_settings_setting_example_int": "Example int option",
"global_settings_setting_example_string": "Example string option",
"global_settings_unknown_setting_from_settings_file": "Unknown key in settings: '{setting_key:s}', discarding it and save it in /etc/yunohost/unkown_settings.json",
"global_settings_unknown_type": "Unexpected situation, the setting {setting:s} appears to have the type {unknown_type:s} but it's not a type supported by the system.",
"hook_exec_failed": "Script execution failed: {path:s}",
"hook_exec_not_terminated": "Script execution hasnt terminated: {path:s}",
"hook_exec_not_terminated": "Script execution hasn\u2019t terminated: {path:s}",
"hook_list_by_invalid": "Invalid property to list hook by",
"hook_name_unknown": "Unknown hook name '{name:s}'",
"installation_complete": "Installation complete",
"installation_failed": "Installation failed",
"ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it.",
"iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it.",
"invalid_url_format": "Invalid URL format",
"ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it",
"iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it",
"log_corrupted_md_file": "The yaml metadata file associated with logs is corrupted : '{md_file}'",
"log_category_404": "The log category '{category}' does not exist",
"log_link_to_log": "Full log of this operation: '<a href=\"#/tools/logs/{name}\" style=\"text-decoration:underline\">{desc}</a>'",
"log_help_to_get_log": "To view the log of the operation '{desc}', use the command 'yunohost log display {name}'",
"log_link_to_failed_log": "The operation '{desc}' has failed ! To get help, please <a href=\"#/tools/logs/{name}\">provide the full log of this operation</a>",
"log_help_to_get_failed_log": "The operation '{desc}' has failed ! To get help, please share the full log of this operation using the command 'yunohost log display {name} --share'",
"log_category_404": "The log category '{category}' does not exist",
"log_does_exists": "There is not operation log with the name '{log}', use 'yunohost log list to see all available operation logs'",
"log_operation_unit_unclosed_properly": "Operation unit has not been closed properly",
"log_app_addaccess": "Add access to '{}'",
"log_app_removeaccess": "Remove access to '{}'",
"log_app_clearaccess": "Remove all access to '{}'",
"log_app_fetchlist": "Add an application list",
"log_app_removelist": "Remove an application list",
"log_app_change_url": "Change the url of '{}' application",
"log_app_install": "Install '{}' application",
"log_app_remove": "Remove '{}' application",
"log_app_upgrade": "Upgrade '{}' application",
"log_app_makedefault": "Make '{}' as default application",
"log_available_on_yunopaste": "This log is now available via {url}",
"log_backup_restore_system": "Restore system from a backup archive",
"log_backup_restore_app": "Restore '{}' from a backup archive",
"log_remove_on_failed_restore": "Remove '{}' after a failed restore from a backup archive",
"log_remove_on_failed_install": "Remove '{}' after a failed installation",
"log_domain_add": "Add '{}' domain into system configuration",
"log_domain_remove": "Remove '{}' domain from system configuration",
"log_dyndns_subscribe": "Subscribe to a YunoHost subdomain '{}'",
"log_dyndns_update": "Update the ip associated with your YunoHost subdomain '{}'",
"log_letsencrypt_cert_install": "Install Let's encrypt certificate on '{}' domain",
"log_selfsigned_cert_install": "Install self signed certificate on '{}' domain",
"log_letsencrypt_cert_renew": "Renew '{}' Let's encrypt certificate",
"log_service_enable": "Enable '{}' service",
"log_service_regen_conf": "Regenerate system configurations '{}'",
"log_user_create": "Add '{}' user",
"log_user_delete": "Delete '{}' user",
"log_user_update": "Update information of '{}' user",
"log_tools_maindomain": "Make '{}' as main domain",
"log_tools_migrations_migrate_forward": "Migrate forward",
"log_tools_migrations_migrate_backward": "Migrate backward",
"log_tools_postinstall": "Postinstall your YunoHost server",
"log_tools_upgrade": "Upgrade debian packages",
"log_tools_shutdown": "Shutdown your server",
"log_tools_reboot": "Reboot your server",
"ldap_init_failed_to_create_admin": "LDAP initialization failed to create admin user",
"ldap_initialized": "LDAP has been initialized",
"license_undefined": "undefined",
"mail_alias_remove_failed": "Unable to remove mail alias '{mail:s}'",
"mail_domain_unknown": "Unknown mail address domain '{domain:s}'",
"mail_forward_remove_failed": "Unable to remove mail forward '{mail:s}'",
"mailbox_used_space_dovecot_down": "Dovecot mailbox service need to be up, if you want to get mailbox used space",
"maindomain_change_failed": "Unable to change the main domain",
"maindomain_changed": "The main domain has been changed",
"migrate_tsig_end": "Migration to hmac-sha512 finished",
"migrate_tsig_failed": "Migrating the dyndns domain {domain} to hmac-sha512 failed, rolling back. Error: {error_code} - {error}",
"migrate_tsig_start": "Not secure enough key algorithm detected for TSIG signature of domain '{domain}', initiating migration to the more secure one hmac-sha512",
"migrate_tsig_wait": "Let's wait 3min for the dyndns server to take the new key into account...",
"migrate_tsig_wait_2": "2min...",
"migrate_tsig_wait_3": "1min...",
"migrate_tsig_wait_4": "30 secondes...",
"migrate_tsig_not_needed": "You do not appear to use a dyndns domain, so no migration is needed !",
"migration_description_0001_change_cert_group_to_sslcert": "Change certificates group permissions from 'metronome' to 'ssl-cert'",
"migration_description_0002_migrate_to_tsig_sha256": "Improve security of dyndns TSIG by using SHA512 instead of MD5",
"migration_description_0003_migrate_to_stretch": "Upgrade the system to Debian Stretch and YunoHost 3.0",
"migration_description_0004_php5_to_php7_pools": "Reconfigure the PHP pools to use PHP 7 instead of 5",
"migration_description_0005_postgresql_9p4_to_9p6": "Migrate databases from postgresql 9.4 to 9.6",
"migration_0003_backward_impossible": "The stretch migration cannot be reverted.",
"migration_0003_start": "Starting migration to Stretch. The logs will be available in {logfile}.",
"migration_0003_patching_sources_list": "Patching the sources.lists ...",
"migration_0003_main_upgrade": "Starting main upgrade ...",
"migration_0003_fail2ban_upgrade": "Starting the fail2ban upgrade ...",
"migration_0003_restoring_origin_nginx_conf": "Your file /etc/nginx/nginx.conf was edited somehow. The migration is going to reset back to its original state first... The previous file will be available as {backup_dest}.",
"migration_0003_yunohost_upgrade": "Starting the yunohost package upgrade ... The migration will end, but the actual upgrade will happen right after. After the operation is complete, you might have to re-log on the webadmin.",
"migration_0003_not_jessie": "The current debian distribution is not Jessie !",
"migration_0003_system_not_fully_up_to_date": "Your system is not fully up to date. Please perform a regular upgrade before running the migration to stretch.",
"migration_0003_still_on_jessie_after_main_upgrade": "Something wrong happened during the main upgrade : system is still on Jessie !? To investigate the issue, please look at {log} :s ...",
"migration_0003_general_warning": "Please note that this migration is a delicate operation. While the YunoHost team did its best to review and test it, the migration might still break parts of the system or apps.\n\nTherefore, we recommend you to :\n - Perform a backup of any critical data or app. More infos on https://yunohost.org/backup ;\n - Be patient after launching the migration : depending on your internet connection and hardware, it might take up to a few hours for everything to upgrade.\n\nAdditionally, the port for SMTP, used by external email clients (like Thunderbird or K9-Mail) was changed from 465 (SSL/TLS) to 587 (STARTTLS). The old port 465 will automatically be closed and the new port 587 will be opened in the firewall. You and your users *will* have to adapt the configuration of your email clients accordingly!",
"migration_0003_problematic_apps_warning": "Please note that the following possibly problematic installed apps were detected. It looks like those were not installed from an applist or are not flagged as 'working'. Consequently, we cannot guarantee that they will still work after the upgrade : {problematic_apps}",
"migration_0003_modified_files": "Please note that the following files were found to be manually modified and might be overwritten at the end of the upgrade : {manually_modified_files}",
"migration_0005_postgresql_94_not_installed": "Postgresql was not installed on your system. Nothing to do!",
"migration_0005_postgresql_96_not_installed": "Postgresql 9.4 has been found to be installed, but not postgresql 9.6 !? Something weird might have happened on your system :( ...",
"migration_0005_not_enough_space": "Not enough space is available in {path} to run the migration right now :(.",
"migrations_backward": "Migrating backward.",
"migrations_bad_value_for_target": "Invalid number for target argument, available migrations numbers are 0 or {}",
"migrations_cant_reach_migration_file": "Can't access migrations files at path %s",
"migrations_current_target": "Migration target is {}",
"migrations_error_failed_to_load_migration": "ERROR: failed to load migration {number} {name}",
"migrations_forward": "Migrating forward",
"migrations_list_conflict_pending_done": "You cannot use both --previous and --done at the same time.",
"migrations_loading_migration": "Loading migration {number} {name}...",
"migrations_migration_has_failed": "Migration {number} {name} has failed with exception {exception}, aborting",
"migrations_no_migrations_to_run": "No migrations to run",
"migrations_show_currently_running_migration": "Running migration {number} {name}...",
"migrations_show_last_migration": "Last ran migration is {}",
"migrations_skip_migration": "Skipping migration {number} {name}...",
"migrations_to_be_ran_manually": "Migration {number} {name} has to be ran manually. Please go to Tools > Migrations on the webadmin, or run `yunohost tools migrations migrate`.",
"migrations_need_to_accept_disclaimer": "To run the migration {number} {name}, your must accept the following disclaimer:\n---\n{disclaimer}\n---\nIf you accept to run the migration, please re-run the command with the option --accept-disclaimer.",
"monitor_disabled": "The server monitoring has been disabled",
"monitor_enabled": "The server monitoring has been enabled",
"monitor_glances_con_failed": "Unable to connect to Glances server",
@ -148,7 +330,7 @@
"packages_upgrade_critical_later": "Critical packages ({packages:s}) will be upgraded later",
"packages_upgrade_failed": "Unable to upgrade all of the packages",
"path_removal_failed": "Unable to remove path {:s}",
"pattern_backup_archive_name": "Must be a valid filename with alphanumeric and -_. characters only",
"pattern_backup_archive_name": "Must be a valid filename with max 30 characters, and alphanumeric and -_. characters only",
"pattern_domain": "Must be a valid domain name (e.g. my-domain.org)",
"pattern_email": "Must be a valid email address (e.g. someone@domain.org)",
"pattern_firstname": "Must be a valid first name",
@ -164,17 +346,28 @@
"port_already_opened": "Port {port:d} is already opened for {ip_version:s} connections",
"port_available": "Port {port:d} is available",
"port_unavailable": "Port {port:d} is not available",
"recommend_to_add_first_user": "The post-install is finished but YunoHost needs at least one user to work correctly, you should add one using 'yunohost user create' or the admin interface.",
"restore_action_required": "You must specify something to restore",
"restore_already_installed_app": "An app is already installed with the id '{app:s}'",
"restore_app_failed": "Unable to restore the app '{app:s}'",
"restore_cleaning_failed": "Unable to clean-up the temporary restoration directory",
"restore_complete": "Restore complete",
"restore_confirm_yunohost_installed": "Do you really want to restore an already installed system? [{answers:s}]",
"restore_extracting": "Extracting needed files from the archive...",
"restore_failed": "Unable to restore the system",
"restore_hook_unavailable": "Restoration hook '{hook:s}' not available on your system",
"restore_hook_unavailable": "Restoration script for '{part:s}' not available on your system and not in the archive either",
"restore_may_be_not_enough_disk_space": "Your system seems not to have enough disk space (freespace: {free_space:d} B, needed space: {needed_space:d} B, security margin: {margin:d} B)",
"restore_mounting_archive": "Mounting archive into '{path:s}'",
"restore_not_enough_disk_space": "Not enough disk space (freespace: {free_space:d} B, needed space: {needed_space:d} B, security margin: {margin:d} B)",
"restore_nothings_done": "Nothing has been restored",
"restore_removing_tmp_dir_failed": "Unable to remove an old temporary directory",
"restore_running_app_script": "Running restore script of app '{app:s}'...",
"restore_running_hooks": "Running restoration hooks...",
"restore_system_part_failed": "Unable to restore the '{part:s}' system part",
"server_shutdown": "The server will shutdown",
"server_shutdown_confirm": "The server will shutdown immediatly, are you sure? [{answers:s}]",
"server_reboot": "The server will reboot",
"server_reboot_confirm": "The server will reboot immediatly, are you sure? [{answers:s}]",
"service_add_failed": "Unable to add service '{service:s}'",
"service_added": "The service '{service:s}' has been added",
"service_already_started": "Service '{service:s}' has already been started",
@ -182,18 +375,37 @@
"service_cmd_exec_failed": "Unable to execute command '{command:s}'",
"service_conf_file_backed_up": "The configuration file '{conf}' has been backed up to '{backup}'",
"service_conf_file_copy_failed": "Unable to copy the new configuration file '{new}' to '{conf}'",
"service_conf_file_kept_back": "The configuration file '{conf}' is expected to be deleted by service {service} but has been kept back.",
"service_conf_file_manually_modified": "The configuration file '{conf}' has been manually modified and will not be updated",
"service_conf_file_manually_removed": "The configuration file '{conf}' has been manually removed and will not be created",
"service_conf_file_not_managed": "The configuration file '{conf}' is not managed yet and will not be updated",
"service_conf_file_remove_failed": "Unable to remove the configuration file '{conf}'",
"service_conf_file_removed": "The configuration file '{conf}' has been removed",
"service_conf_file_updated": "The configuration file '{conf}' has been updated",
"service_conf_new_managed_file": "The configuration file '{conf}' is now managed by the service {service}.",
"service_conf_up_to_date": "The configuration is already up-to-date for service '{service}'",
"service_conf_updated": "The configuration has been updated for service '{service}'",
"service_conf_would_be_updated": "The configuration would have been updated for service '{service}'",
"service_disable_failed": "Unable to disable service '{service:s}'",
"service_description_avahi-daemon": "allows to reach your server using yunohost.local on your local network",
"service_description_dnsmasq": "handles domain name resolution (DNS)",
"service_description_dovecot": "allows e-mail client to access/fetch email (via IMAP and POP3)",
"service_description_fail2ban": "protects against bruteforce and other kind of attacks from the Internet",
"service_description_glances": "monitors system information on your server",
"service_description_metronome": "manage XMPP instant messaging accounts",
"service_description_mysql": "stores applications data (SQL database)",
"service_description_nginx": "serves or provides access to all the websites hosted on your server",
"service_description_nslcd": "handles YunoHost user shell connection",
"service_description_php7.0-fpm": "runs applications written in PHP with nginx",
"service_description_postfix": "used to send and receive emails",
"service_description_redis-server": "a specialized database used for rapid data access, task queue and communication between programs",
"service_description_rmilter": "checks various parameters in emails",
"service_description_rspamd": "filters spam, and other email-related features",
"service_description_slapd": "stores users, domains and related information",
"service_description_ssh": "allows you to connect remotely to your server via a terminal (SSH protocol)",
"service_description_yunohost-api": "manages interactions between the YunoHost web interface and the system",
"service_description_yunohost-firewall": "manages open and close connexion ports to services",
"service_disable_failed": "Unable to disable service '{service:s}'\n\nRecent service logs:{logs:s}",
"service_disabled": "The service '{service:s}' has been disabled",
"service_enable_failed": "Unable to enable service '{service:s}'",
"service_enable_failed": "Unable to enable service '{service:s}'\n\nRecent service logs:{logs:s}",
"service_enabled": "The service '{service:s}' has been enabled",
"service_no_log": "No log to display for service '{service:s}'",
"service_regenconf_dry_pending_applying": "Checking pending configuration which would have been applied for service '{service}'...",
@ -201,14 +413,16 @@
"service_regenconf_pending_applying": "Applying pending configuration for service '{service}'...",
"service_remove_failed": "Unable to remove service '{service:s}'",
"service_removed": "The service '{service:s}' has been removed",
"service_start_failed": "Unable to start service '{service:s}'",
"service_start_failed": "Unable to start service '{service:s}'\n\nRecent service logs:{logs:s}",
"service_started": "The service '{service:s}' has been started",
"service_status_failed": "Unable to determine status of service '{service:s}'",
"service_stop_failed": "Unable to stop service '{service:s}'",
"service_stop_failed": "Unable to stop service '{service:s}'\n\nRecent service logs:{logs:s}",
"service_stopped": "The service '{service:s}' has been stopped",
"service_unknown": "Unknown service '{service:s}'",
"ssowat_conf_generated": "The SSOwat configuration has been generated",
"ssowat_conf_updated": "The SSOwat configuration has been updated",
"ssowat_persistent_conf_read_error": "Error while reading SSOwat persistent configuration: {error:s}. Edit /etc/ssowat/conf.json.persistent file to fix the JSON syntax",
"ssowat_persistent_conf_write_error": "Error while saving SSOwat persistent configuration: {error:s}. Edit /etc/ssowat/conf.json.persistent file to fix the JSON syntax",
"system_upgraded": "The system has been upgraded",
"system_username_exists": "Username already exists in the system users",
"unbackup_app": "App '{app:s}' will not be saved",
@ -233,9 +447,11 @@
"user_unknown": "Unknown user: {user:s}",
"user_update_failed": "Unable to update user",
"user_updated": "The user has been updated",
"users_available": "Available users:",
"yunohost_already_installed": "YunoHost is already installed",
"yunohost_ca_creation_failed": "Unable to create certificate authority",
"yunohost_ca_creation_success": "The local certification authority has been created.",
"yunohost_configured": "YunoHost has been configured",
"yunohost_installing": "Installing YunoHost...",
"yunohost_not_installed": "YunoHost is not or not correctly installed. Please execute 'yunohost tools postinstall'."
"yunohost_not_installed": "YunoHost is not or not correctly installed. Please execute 'yunohost tools postinstall'"
}

1
locales/eo.json Normal file
View file

@ -0,0 +1 @@
{}

169
locales/es.json
View file

@ -1,38 +1,38 @@
{
"action_invalid": "Acción no válida '{action:s}'",
"action_invalid": "Acción no válida '{action:s} 1'",
"admin_password": "Contraseña administrativa",
"admin_password_change_failed": "No se pudo cambiar la contraseña",
"admin_password_change_failed": "No se puede cambiar la contraseña",
"admin_password_changed": "La contraseña administrativa ha sido cambiada",
"app_already_installed": "{app:s} ya está instalada",
"app_argument_choice_invalid": "Opción no válida para el argumento '{name:s}', deber una de {choices:s}",
"app_argument_invalid": "Valor no válido para el argumento '{name:s}': {error:s}",
"app_argument_required": "Se requiere el argumento '{name:s}'",
"app_already_installed": "{app:s} 2 ya está instalada",
"app_argument_choice_invalid": "Opción no válida para el argumento '{name:s} 3', deber una de {choices:s} 4",
"app_argument_invalid": "Valor no válido para el argumento '{name:s} 5': {error:s} 6",
"app_argument_required": "Se requiere el argumento '{name:s} 7'",
"app_extraction_failed": "No se pudieron extraer los archivos de instalación",
"app_id_invalid": "Id de la aplicación no válida",
"app_incompatible": "La aplicación no es compatible con su versión de YunoHost",
"app_incompatible": "La aplicación {app} no es compatible con su versión de YunoHost",
"app_install_files_invalid": "Los archivos de instalación no son válidos",
"app_location_already_used": "Una aplicación ya está instalada en esta localización",
"app_location_install_failed": "No se puede instalar la aplicación en esta localización",
"app_manifest_invalid": "El manifiesto de la aplicación no es válido",
"app_location_already_used": "La aplicación {app} ya está instalada en esta localización ({path})",
"app_location_install_failed": "No se puede instalar la aplicación en esta localización porque entra en conflicto con la aplicación '{other_app}' ya instalada en '{other_path}'",
"app_manifest_invalid": "El manifiesto de la aplicación no es válido: {error}",
"app_no_upgrade": "No hay aplicaciones para actualizar",
"app_not_correctly_installed": "La aplicación {app:s} parece estar incorrectamente instalada",
"app_not_installed": "{app:s} no está instalada",
"app_not_properly_removed": "La {app:s} no ha sido desinstalada correctamente",
"app_package_need_update": "Es necesario actualizar el paquete de la aplicación debido a los cambios en YunoHost",
"app_not_correctly_installed": "La aplicación {app:s} 8 parece estar incorrectamente instalada",
"app_not_installed": "{app:s} 9 no está instalada",
"app_not_properly_removed": "La {app:s} 0 no ha sido desinstalada correctamente",
"app_package_need_update": "El paquete de la aplicación {app} necesita ser actualizada debido a los cambios en YunoHost",
"app_recent_version_required": "{:s} requiere una versión más reciente de moulinette ",
"app_removed": "{app:s} ha sido eliminada",
"app_requirements_checking": "Comprobando los paquetes requeridos...",
"app_requirements_failed": "No se cumplen los requisitos: {error}",
"app_requirements_unmeet": "No se cumplen los requisitos, el paquete {pkgname} ({version}) debe ser {spec}",
"app_requirements_checking": "Comprobando los paquetes requeridos por {app}...",
"app_requirements_failed": "No se cumplen los requisitos para {app}: {error}",
"app_requirements_unmeet": "No se cumplen los requisitos para {app}, el paquete {pkgname} ({version}) debe ser {spec}",
"app_sources_fetch_failed": "No se pudieron descargar los archivos del código fuente",
"app_unknown": "Aplicación desconocida",
"app_unsupported_remote_type": "Tipo remoto no soportado por la aplicación",
"app_upgrade_failed": "No se pudo actualizar la aplicación {app:s}",
"app_upgraded": "{app:s} ha sido actualizada",
"appslist_fetched": "Lista de aplicaciones ha sido descargada",
"appslist_removed": "La lista de aplicaciones ha sido eliminada",
"appslist_retrieve_error": "No se pudo recuperar la lista remota de aplicaciones",
"appslist_unknown": "Lista de aplicaciones desconocida",
"appslist_fetched": "La lista de aplicaciones {appslist:s} ha sido descargada",
"appslist_removed": "La lista de aplicaciones {appslist:s} ha sido eliminada",
"appslist_retrieve_error": "No se pudo recuperar la lista remota de aplicaciones {appslist:s} : {error:s}",
"appslist_unknown": "Lista de aplicaciones {appslist:s} desconocida.",
"ask_current_admin_password": "Contraseña administrativa actual",
"ask_email": "Dirección de correo electrónico",
"ask_firstname": "Nombre",
@ -58,20 +58,20 @@
"backup_hook_unknown": "Hook de copia de seguridad desconocido '{hook:s}'",
"backup_invalid_archive": "La copia de seguridad no es válida",
"backup_nothings_done": "No hay nada que guardar",
"backup_output_directory_forbidden": "Directorio de salida no permitido. Las copias de seguridad no pueden ser creadas en /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var o en los subdirectorios /home/yunohost.backup.",
"backup_output_directory_forbidden": "Directorio de salida no permitido. Las copias de seguridad no pueden ser creadas en /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var o en los subdirectorios de /home/yunohost.backup/archives",
"backup_output_directory_not_empty": "El directorio de salida no está vacío",
"backup_output_directory_required": "Debe proporcionar un directorio de salida para la copia de seguridad",
"backup_running_app_script": "Ejecutando la script de copia de seguridad de la aplicación '{app:s}'...",
"backup_running_hooks": "Ejecutando los hooks de copia de seguridad...",
"custom_app_url_required": "Debe proporcionar una URL para actualizar su aplicación personalizada {app:s}",
"custom_appslist_name_required": "Debe proporcionar un nombre para su lista de aplicaciones personalizadas",
"diagnostic_debian_version_error": "No se puede obtener la versión de Debian: {error}",
"diagnostic_kernel_version_error": "No se puede obtener la versión del kernel: {error}",
"diagnostic_monitor_disk_error": "No se pueden monitorizar los discos: {error}",
"diagnostic_monitor_network_error": "No se puede monitorizar la red: {error}",
"diagnostic_monitor_system_error": "No se puede monitorizar el sistema: {error}",
"diagnostic_no_apps": "Aplicación no instalada",
"dnsmasq_isnt_installed": "Parece que dnsmasq no está instalado, ejecuta 'apt-get remove bind9 && apt-get install dnsmasq'",
"diagnosis_debian_version_error": "No se puede obtener la versión de Debian: {error}",
"diagnosis_kernel_version_error": "No se puede obtener la versión del kernel: {error}",
"diagnosis_monitor_disk_error": "No se pueden monitorizar los discos: {error}",
"diagnosis_monitor_network_error": "No se puede monitorizar la red: {error}",
"diagnosis_monitor_system_error": "No se puede monitorizar el sistema: {error}",
"diagnosis_no_apps": "Aplicación no instalada",
"dnsmasq_isnt_installed": "Parece que dnsmasq no está instalado, ejecute 'apt-get remove bind9 && apt-get install dnsmasq'",
"domain_cert_gen_failed": "No se pudo crear el certificado",
"domain_created": "El dominio ha sido creado",
"domain_creation_failed": "No se pudo crear el dominio",
@ -81,14 +81,14 @@
"domain_dyndns_invalid": "Dominio no válido para usar con DynDNS",
"domain_dyndns_root_unknown": "Dominio raíz de DynDNS desconocido",
"domain_exists": "El dominio ya existe",
"domain_uninstall_app_first": "Una o más aplicaciones están instaladas en este dominio. Debe desinstalarlas antes de eliminarlo.",
"domain_uninstall_app_first": "Una o más aplicaciones están instaladas en este dominio. Debe desinstalarlas antes de eliminar el dominio",
"domain_unknown": "Dominio desconocido",
"domain_zone_exists": "El archivo de zona del DNS ya existe",
"domain_zone_not_found": "No se ha encontrado el archivo de zona DNS para el dominio [:s]",
"domain_zone_not_found": "No se ha encontrado el archivo de zona del DNS para el dominio [:s]",
"done": "Hecho.",
"downloading": "Descargando...",
"dyndns_cron_installed": "La tarea cron para DynDNS ha sido instalada",
"dyndns_cron_remove_failed": "No se pudo eliminar la tarea del cron DynDNS",
"dyndns_cron_remove_failed": "No se pudo eliminar la tarea cron DynDNS",
"dyndns_cron_removed": "La tarea cron DynDNS ha sido eliminada",
"dyndns_ip_update_failed": "No se pudo actualizar la dirección IP en el DynDNS",
"dyndns_ip_updated": "Su dirección IP ha sido actualizada en el DynDNS",
@ -110,19 +110,19 @@
"hook_choice_invalid": "Selección inválida '{:s}'",
"hook_exec_failed": "No se puede ejecutar el script: {path:s}",
"hook_exec_not_terminated": "La ejecución del script no ha terminado: {path:s}",
"hook_list_by_invalid": "Propiedad no válida para listar por hook",
"hook_list_by_invalid": "Enumerar los hooks por validez",
"hook_name_unknown": "Nombre de hook desconocido '{name:s}'",
"installation_complete": "Instalación finalizada",
"installation_failed": "No pudo realizar la instalación",
"ip6tables_unavailable": "No puede modificar ip6tables aquí. O bien está en un 'container' o su kernel no soporta esta opción.",
"iptables_unavailable": "No puede modificar iptables aquí. O bien está en un 'container' o su kernel no soporta esta opción.",
"ldap_initialized": "LDAP iniciado",
"installation_failed": "No se pudo realizar la instalación",
"ip6tables_unavailable": "No puede modificar ip6tables aquí. O bien está en un 'container' o su kernel no soporta esta opción",
"iptables_unavailable": "No puede modificar iptables aquí. O bien está en un 'container' o su kernel no soporta esta opción",
"ldap_initialized": "Se ha inicializado LDAP",
"license_undefined": "indefinido",
"mail_alias_remove_failed": "No se pudo eliminar el alias de correo '{mail:s}'",
"mail_domain_unknown": "El dominio de correo '{domain:s}' es desconocido",
"mail_forward_remove_failed": "No se pudo eliminar el reenvío de correo '{mail:s}'",
"maindomain_change_failed": "No se pudo cambiar el dominio principal",
"maindomain_changed": "El dominio principal ha sido cambiado",
"maindomain_changed": "Se ha cambiado el dominio principal",
"monitor_disabled": "La monitorización del sistema ha sido deshabilitada",
"monitor_enabled": "La monitorización del sistema ha sido habilitada",
"monitor_glances_con_failed": "No se pudo conectar al servidor Glances",
@ -130,13 +130,13 @@
"monitor_period_invalid": "Período de tiempo no válido",
"monitor_stats_file_not_found": "No se pudo encontrar el archivo de estadísticas",
"monitor_stats_no_update": "No hay estadísticas de monitorización para actualizar",
"monitor_stats_period_unavailable": "No hay estadísticas para ese período",
"monitor_stats_period_unavailable": "No hay estadísticas para el período",
"mountpoint_unknown": "Punto de montaje desconocido",
"mysql_db_creation_failed": "No se pudo crear la base de datos MySQL",
"mysql_db_init_failed": "No se pudo iniciar la base de datos MySQL",
"mysql_db_initialized": "La base de datos MySQL ha sido iniciada",
"mysql_db_initialized": "La base de datos MySQL ha sido inicializada",
"network_check_mx_ko": "El registro DNS MX no está configurado",
"network_check_smtp_ko": "El puerto 25 (SMTP) para el correo saliente parece estar bloqueado en su red",
"network_check_smtp_ko": "El puerto 25 (SMTP) para el correo saliente parece estar bloqueado por su red",
"network_check_smtp_ok": "El puerto de salida del correo electrónico (25, SMTP) no está bloqueado",
"new_domain_required": "Debe proporcionar el nuevo dominio principal",
"no_appslist_found": "No se ha encontrado ninguna lista de aplicaciones",
@ -145,13 +145,13 @@
"no_restore_script": "No se ha encontrado un script de restauración para la aplicación '{app:s}'",
"not_enough_disk_space": "No hay suficiente espacio en '{path:s}'",
"package_not_installed": "El paquete '{pkgname}' no está instalado",
"package_unexpected_error": "Un error inesperado procesando el paquete '{pkgname}'",
"package_unexpected_error": "Ha ocurrido un error inesperado procesando el paquete '{pkgname}'",
"package_unknown": "Paquete desconocido '{pkgname}'",
"packages_no_upgrade": "No hay paquetes que actualizar",
"packages_no_upgrade": "No hay paquetes para actualizar",
"packages_upgrade_critical_later": "Los paquetes críticos ({packages:s}) serán actualizados más tarde",
"packages_upgrade_failed": "No se pudieron actualizar todos los paquetes",
"path_removal_failed": "No se pudo borrar la ruta {:s}",
"pattern_backup_archive_name": "Debe que ser un nombre de archivo válido, solo se admiten caracteres alfanuméricos y los guiones -_",
"path_removal_failed": "No se pudo eliminar la ruta {:s}",
"pattern_backup_archive_name": "Debe ser un nombre de archivo válido con un máximo de 30 caracteres, solo se admiten caracteres alfanuméricos, los guiones -_ y el punto",
"pattern_domain": "El nombre de dominio debe ser válido (por ejemplo mi-dominio.org)",
"pattern_email": "Debe ser una dirección de correo electrónico válida (por ejemplo, alguien@dominio.org)",
"pattern_firstname": "Debe ser un nombre válido",
@ -180,7 +180,7 @@
"restore_running_hooks": "Ejecutando los hooks de restauración...",
"service_add_failed": "No se pudo añadir el servicio '{service:s}'",
"service_added": "Servicio '{service:s}' ha sido añadido",
"service_already_started": "El servicio '{service:s}' ya ha sido iniciado",
"service_already_started": "El servicio '{service:s}' ya ha sido inicializado",
"service_already_stopped": "El servicio '{service:s}' ya ha sido detenido",
"service_cmd_exec_failed": "No se pudo ejecutar el comando '{command:s}'",
"service_conf_file_backed_up": "Se ha realizado una copia de seguridad del archivo de configuración '{conf}' en '{backup}'",
@ -193,15 +193,15 @@
"service_conf_file_updated": "El archivo de configuración '{conf}' ha sido actualizado",
"service_conf_up_to_date": "La configuración del servicio '{service}' ya está actualizada",
"service_conf_updated": "La configuración ha sido actualizada para el servicio '{service}'",
"service_conf_would_be_updated": "La configuración podría haber sido actualizada para el servicio '{service}'",
"service_conf_would_be_updated": "La configuración podría haber sido actualizada para el servicio '{service} 1'",
"service_disable_failed": "No se pudo deshabilitar el servicio '{service:s}'",
"service_disabled": "El servicio '{service:s}' ha sido deshabilitado",
"service_enable_failed": "No se pudo habilitar el servicio '{service:s}'",
"service_enabled": "El servicio '{service:s}' ha sido habilitado",
"service_no_log": "No hay ningún registro para el servicio '{service:s}'",
"service_regenconf_dry_pending_applying": "Comprobando configuración que podría haber sido aplicada al servicio '{service}'...",
"service_regenconf_dry_pending_applying": "Comprobando configuración pendiente que podría haber sido aplicada al servicio '{service}'...",
"service_regenconf_failed": "No se puede regenerar la configuración para el servicio(s): {services}",
"service_regenconf_pending_applying": "Aplicando la configuración para el servicio '{service}'...",
"service_regenconf_pending_applying": "Aplicando la configuración pendiente para el servicio '{service}'...",
"service_remove_failed": "No se pudo desinstalar el servicio '{service:s}'",
"service_removed": "El servicio '{service:s}' ha sido desinstalado",
"service_start_failed": "No se pudo iniciar el servicio '{service:s}'",
@ -219,7 +219,7 @@
"unit_unknown": "Unidad desconocida '{unit:s}'",
"unlimit": "Sin cuota",
"unrestore_app": "La aplicación '{app:s}' no será restaurada",
"update_cache_failed": "No se pudo actualizar la caché APT",
"update_cache_failed": "No se pudo actualizar la caché de APT",
"updating_apt_cache": "Actualizando lista de paquetes disponibles...",
"upgrade_complete": "Actualización finalizada",
"upgrading_packages": "Actualizando paquetes...",
@ -240,5 +240,72 @@
"yunohost_ca_creation_failed": "No se pudo crear el certificado de autoridad",
"yunohost_configured": "YunoHost ha sido configurado",
"yunohost_installing": "Instalando YunoHost...",
"yunohost_not_installed": "YunoHost no está instalado o ha habido errores en la instalación. Ejecute 'yunohost tools postinstall'."
"yunohost_not_installed": "YunoHost no está instalado o ha habido errores en la instalación. Ejecute 'yunohost tools postinstall'",
"ldap_init_failed_to_create_admin": "La inicialización de LDAP falló al crear el usuario administrador",
"mailbox_used_space_dovecot_down": "El servicio de e-mail Dovecot debe estar funcionando si desea obtener el espacio utilizado por el buzón de correo",
"ssowat_persistent_conf_read_error": "Error al leer la configuración persistente de SSOwat: {error:s}. Edite el archivo /etc/ssowat/conf.json.persistent para corregir la sintaxis de JSON",
"ssowat_persistent_conf_write_error": "Error al guardar la configuración persistente de SSOwat: {error:s}. Edite el archivo /etc/ssowat/conf.json.persistent para corregir la sintaxis de JSON",
"certmanager_attempt_to_replace_valid_cert": "Está intentando sobrescribir un certificado correcto y válido para el dominio {domain:s}! (Use --force para omitir este mensaje)",
"certmanager_domain_unknown": "Dominio desconocido {domain:s}",
"certmanager_domain_cert_not_selfsigned": "El certificado para el dominio {domain:s} no es un certificado autofirmado. ¿Está seguro de que quiere reemplazarlo? (Use --force para omitir este mensaje)",
"certmanager_certificate_fetching_or_enabling_failed": "Parece que al habilitar el nuevo certificado para el dominio {domain:s} ha fallado de alguna manera...",
"certmanager_attempt_to_renew_nonLE_cert": "El certificado para el dominio {domain:s} no ha sido emitido por Let's Encrypt. ¡No se puede renovar automáticamente!",
"certmanager_attempt_to_renew_valid_cert": "El certificado para el dominio {domain:s} no está a punto de expirar! Utilice --force para omitir este mensaje",
"certmanager_domain_http_not_working": "Parece que no se puede acceder al dominio {domain:s} a través de HTTP. Compruebe que la configuración del DNS y de nginx es correcta",
"certmanager_error_no_A_record": "No se ha encontrado un registro DNS 'A' para el dominio {domain:s}. Debe hacer que su nombre de dominio apunte a su máquina para poder instalar un certificado Let's Encrypt. (Si sabe lo que está haciendo, use --no-checks para desactivar esas comprobaciones.)",
"certmanager_domain_dns_ip_differs_from_public_ip": "El registro DNS 'A' para el dominio {domain:s} es diferente de la IP de este servidor. Si recientemente modificó su registro A, espere a que se propague (existen algunos controladores de propagación DNS disponibles en línea). (Si sabe lo que está haciendo, use --no-checks para desactivar esas comprobaciones.)",
"certmanager_cannot_read_cert": "Se ha producido un error al intentar abrir el certificado actual para el dominio {domain:s} (archivo: {file:s}), razón: {reason:s}",
"certmanager_cert_install_success_selfsigned": "¡Se ha instalado correctamente un certificado autofirmado para el dominio {domain:s}!",
"certmanager_cert_install_success": "¡Se ha instalado correctamente un certificado Let's Encrypt para el dominio {domain:s}!",
"certmanager_cert_renew_success": "¡Se ha renovado correctamente el certificado Let's Encrypt para el dominio {domain:s}!",
"certmanager_old_letsencrypt_app_detected": "\nYunohost ha detectado que la aplicación 'letsencrypt' está instalada, esto produce conflictos con las nuevas funciones de administración de certificados integradas en Yunohost. Si desea utilizar las nuevas funciones integradas, ejecute los siguientes comandos para migrar su instalación:\n\n Yunohost app remove letsencrypt\n Yunohost domain cert-install\n\nP.D.: esto intentará reinstalar los certificados para todos los dominios con un certificado Let's Encrypt o con un certificado autofirmado",
"certmanager_hit_rate_limit": "Se han emitido demasiados certificados recientemente para el conjunto de dominios {domain:s}. Por favor, inténtelo de nuevo más tarde. Consulte https://letsencrypt.org/docs/rate-limits/ para obtener más detalles",
"certmanager_cert_signing_failed": "No se pudo firmar el nuevo certificado",
"certmanager_no_cert_file": "No se puede leer el certificado para el dominio {domain:s} (archivo: {file:s})",
"certmanager_conflicting_nginx_file": "No se puede preparar el dominio para el desafío ACME: el archivo de configuración nginx {filepath:s} está en conflicto y debe ser eliminado primero",
"domain_cannot_remove_main": "No se puede eliminar el dominio principal. Primero debe establecer un nuevo dominio principal",
"certmanager_self_ca_conf_file_not_found": "No se ha encontrado el archivo de configuración para la autoridad de autofirma (file: {file:s})",
"certmanager_unable_to_parse_self_CA_name": "No se puede procesar el nombre de la autoridad de autofirma (file: {file:s} 1)",
"domains_available": "Dominios disponibles:",
"backup_archive_broken_link": "Imposible acceder a la copia de seguridad (enlace roto {path:s})",
"certmanager_domain_not_resolved_locally": "Su servidor Yunohost no consigue resolver el dominio {domain:s}. Esto puede suceder si ha modificado su registro DNS. Si es el caso, espere unas horas hasta que se propague la modificación. Si el problema persiste, considere añadir {domain:s} a /etc/hosts. (Si sabe lo que está haciendo, use --no-checks para deshabilitar estas verificaciones.)",
"certmanager_acme_not_configured_for_domain": "El certificado para el dominio {domain:s} no parece instalado correctamente. Ejecute primero cert-install para este dominio.",
"certmanager_http_check_timeout": "Plazo expirado, el servidor no ha podido contactarse a si mismo a través de HTTP usando su dirección IP pública (dominio {domain:s} con ip {ip:s}). Puede ser debido a hairpinning o a una mala configuración del cortafuego/router al que está conectado su servidor.",
"certmanager_couldnt_fetch_intermediate_cert": "Plazo expirado, no se ha podido descargar el certificado intermedio de Let's Encrypt. La instalación/renovación del certificado ha sido cancelada - vuelva a intentarlo más tarde.",
"appslist_retrieve_bad_format": "El archivo obtenido para la lista de aplicaciones {appslist:s} no es válido",
"domain_hostname_failed": "Error al establecer nuevo nombre de host",
"yunohost_ca_creation_success": "Se ha creado la autoridad de certificación local.",
"app_already_installed_cant_change_url": "Esta aplicación ya está instalada. No se puede cambiar el URL únicamente mediante esta función. Compruebe si está disponible la opción 'app changeurl'.",
"app_change_no_change_url_script": "La aplicacion {app_name:s} aún no permite cambiar su URL, es posible que deba actualizarla.",
"app_change_url_failed_nginx_reload": "No se pudo recargar nginx. Compruebe la salida de 'nginx -t':\n{nginx_errors:s}",
"app_change_url_identical_domains": "El antiguo y nuevo dominio/url_path son idénticos ('{domain:s} {path:s}'), no se realizarán cambios.",
"app_change_url_no_script": "Esta aplicación '{app_name:s}' aún no permite modificar su URL. Quizás debería actualizar la aplicación.",
"app_change_url_success": "El URL de la aplicación {app:s} ha sido cambiado correctamente a {domain:s} {path:s}",
"app_location_unavailable": "Este URL no está disponible o está en conflicto con otra aplicación instalada",
"app_already_up_to_date": "La aplicación {app:s} ya está actualizada",
"appslist_name_already_tracked": "Ya existe una lista de aplicaciones registrada con el nombre {name:s}.",
"appslist_url_already_tracked": "Ya existe una lista de aplicaciones registrada con el URL {url:s}.",
"appslist_migrating": "Migrando la lista de aplicaciones {appslist:s} ...",
"appslist_could_not_migrate": "No se pudo migrar la lista de aplicaciones {appslist:s}! No se pudo analizar el URL ... El antiguo cronjob se ha mantenido en {bkp_file:s}.",
"appslist_corrupted_json": "No se pudieron cargar las listas de aplicaciones. Parece que {filename:s} está dañado.",
"invalid_url_format": "Formato de URL no válido",
"app_upgrade_some_app_failed": "No se pudieron actualizar algunas aplicaciones",
"app_make_default_location_already_used": "No puede hacer la aplicación '{app}' por defecto en el dominio {domain} dado que está siendo usado por otra aplicación '{other_app}'",
"app_upgrade_app_name": "Actualizando la aplicación {app}...",
"ask_path": "Camino",
"backup_abstract_method": "Este método de backup no ha sido implementado aún",
"backup_applying_method_borg": "Enviando todos los ficheros al backup en el repositorio borg-backup...",
"backup_applying_method_copy": "Copiado todos los ficheros al backup...",
"backup_applying_method_custom": "Llamando el método de backup {method:s} ...",
"backup_applying_method_tar": "Creando el archivo tar de backup...",
"backup_archive_mount_failed": "Fallo en el montado del archivo de backup",
"backup_archive_system_part_not_available": "La parte del sistema {part:s} no está disponible en este backup",
"backup_archive_writing_error": "No se pueden añadir archivos de backup en el archivo comprimido",
"backup_ask_for_copying_if_needed": "Algunos ficheros no pudieron ser preparados para hacer backup usando el método que evita el gasto de espacio temporal en el sistema. Para hacer el backup, {size:s} MB deberían ser usados temporalmente. ¿Está de acuerdo?",
"backup_borg_not_implemented": "Método de backup Borg no está implementado aún",
"backup_cant_mount_uncompress_archive": "No se puede montar en modo solo lectura el directorio del archivo descomprimido",
"backup_copying_to_organize_the_archive": "Copiando {size:s}MB para organizar el archivo",
"backup_couldnt_bind": "No puede enlazar {src:s} con {dest:s}",
"backup_csv_addition_failed": "No puede añadir archivos al backup en el archivo CSV",
"backup_csv_creation_failed": "No se puede crear el archivo CSV necesario para futuras operaciones de restauración"
}

250
locales/fr.json
View file

@ -1,7 +1,7 @@
{
"action_invalid": "Action « {action:s} » incorrecte",
"admin_password": "Mot de passe d'administration",
"admin_password_change_failed": "Impossible de modifier le mot de passe d'administration",
"admin_password_change_failed": "Impossible de changer le mot de passe",
"admin_password_changed": "Le mot de passe d'administration a été modifié",
"app_already_installed": "{app:s} est déjà installé",
"app_argument_choice_invalid": "Choix invalide pour le paramètre « {name:s} », il doit être l'un de {choices:s}",
@ -10,30 +10,30 @@
"app_argument_required": "Le paramètre « {name:s} » est requis",
"app_extraction_failed": "Impossible d'extraire les fichiers d'installation",
"app_id_invalid": "Id d'application incorrect",
"app_incompatible": "L'application est incompatible avec votre version de YunoHost",
"app_incompatible": "L'application {app} est incompatible avec votre version de YunoHost",
"app_install_files_invalid": "Fichiers d'installation incorrects",
"app_location_already_used": "Une application est déjà installée à cet emplacement",
"app_location_install_failed": "Impossible d'installer l'application à cet emplacement",
"app_manifest_invalid": "Manifeste d'application incorrect",
"app_location_already_used": "L'application '{app}' est déjà installée à cet emplacement ({path})",
"app_location_install_failed": "Impossible d'installer l'application à cet emplacement pour cause de conflit avec l'app '{other_app}' déjà installée sur '{other_path}'",
"app_manifest_invalid": "Manifeste d'application incorrect : {error}",
"app_no_upgrade": "Aucune application à mettre à jour",
"app_not_correctly_installed": "{app:s} semble être mal installé",
"app_not_installed": "{app:s} n'est pas installé",
"app_not_properly_removed": "{app:s} n'a pas été supprimé correctement",
"app_package_need_update": "Le paquet de l'application doit être mis à jour pour suivre les changements de YunoHost",
"app_package_need_update": "Le paquet de l'application {app} doit être mis à jour pour suivre les changements de YunoHost",
"app_recent_version_required": "{app:s} nécessite une version plus récente de YunoHost",
"app_removed": "{app:s} a été supprimé",
"app_requirements_checking": "Vérification des paquets requis...",
"app_requirements_failed": "Impossible de satisfaire les pré-requis : {error}",
"app_requirements_unmeet": "Les pré-requis ne sont pas satisfaits, le paquet {pkgname} ({version}) doit être {spec}",
"app_requirements_checking": "Vérification des paquets requis pour {app}...",
"app_requirements_failed": "Impossible de satisfaire les pré-requis pour {app} : {error}",
"app_requirements_unmeet": "Les pré-requis de {app} ne sont pas satisfaits, le paquet {pkgname} ({version}) doit être {spec}",
"app_sources_fetch_failed": "Impossible de récupérer les fichiers sources",
"app_unknown": "Application inconnue",
"app_unsupported_remote_type": "Le type distant utilisé par l'application n'est pas supporté",
"app_upgrade_failed": "Impossible de mettre à jour {app:s}",
"app_upgraded": "{app:s} a été mis à jour",
"appslist_fetched": "La liste d'applications a été récupérée",
"appslist_removed": "La liste d'applications a été supprimée",
"appslist_retrieve_error": "Impossible de récupérer la liste d'applications distante",
"appslist_unknown": "Liste d'applications inconnue",
"appslist_fetched": "La liste dapplications {appslist:s} a été récupérée",
"appslist_removed": "La liste dapplications {appslist:s} a été supprimée",
"appslist_retrieve_error": "Impossible de récupérer la liste dapplications distante {appslist:s} : {error:s}",
"appslist_unknown": "La liste dapplications {appslist:s} est inconnue.",
"ask_current_admin_password": "Mot de passe d'administration actuel",
"ask_email": "Adresse courriel",
"ask_firstname": "Prénom",
@ -59,19 +59,19 @@
"backup_hook_unknown": "Script de sauvegarde « {hook:s} » inconnu",
"backup_invalid_archive": "Archive de sauvegarde incorrecte",
"backup_nothings_done": "Il n'y a rien à sauvegarder",
"backup_output_directory_forbidden": "Dossier de sortie interdit. Les sauvegardes ne peuvent être créées dans les dossiers /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var ou /home/yunohost.backup/archives.",
"backup_output_directory_forbidden": "Dossier de destination interdit. Les sauvegardes ne peuvent être créées dans les dossiers /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var ou /home/yunohost.backup/archives",
"backup_output_directory_not_empty": "Le dossier de sortie n'est pas vide",
"backup_output_directory_required": "Vous devez spécifier un dossier de sortie pour la sauvegarde",
"backup_running_app_script": "Lancement du script de sauvegarde de l'application « {app:s} »...",
"backup_running_hooks": "Exécution des scripts de sauvegarde...",
"custom_app_url_required": "Vous devez spécifier une URL pour mettre à jour votre application locale {app:s}",
"custom_appslist_name_required": "Vous devez spécifier un nom pour votre liste d'applications personnalisée",
"diagnostic_debian_version_error": "Impossible de déterminer la version de Debian : {error}",
"diagnostic_kernel_version_error": "Impossible de récupérer la version du noyau : {error}",
"diagnostic_monitor_disk_error": "Impossible de superviser les disques : {error}",
"diagnostic_monitor_network_error": "Impossible de superviser le réseau : {error}",
"diagnostic_monitor_system_error": "Impossible de superviser le système : {error}",
"diagnostic_no_apps": "Aucune application installée",
"diagnosis_debian_version_error": "Impossible de déterminer la version de Debian : {error}",
"diagnosis_kernel_version_error": "Impossible de récupérer la version du noyau : {error}",
"diagnosis_monitor_disk_error": "Impossible de superviser les disques : {error}",
"diagnosis_monitor_network_error": "Impossible de superviser le réseau : {error}",
"diagnosis_monitor_system_error": "Impossible de superviser le système : {error}",
"diagnosis_no_apps": "Aucune application installée",
"dnsmasq_isnt_installed": "dnsmasq ne semble pas être installé, veuillez lancer « apt-get remove bind9 && apt-get install dnsmasq »",
"domain_cert_gen_failed": "Impossible de générer le certificat",
"domain_created": "Le domaine a été créé",
@ -82,11 +82,11 @@
"domain_dyndns_invalid": "Domaine incorrect pour un usage avec DynDNS",
"domain_dyndns_root_unknown": "Domaine DynDNS principal inconnu",
"domain_exists": "Le domaine existe déjà",
"domain_uninstall_app_first": "Une ou plusieurs applications sont installées sur ce domaine. Veuillez d'abord les désinstaller avant de supprimer ce domaine.",
"domain_uninstall_app_first": "Une ou plusieurs applications sont installées sur ce domaine. Veuillez d'abord les désinstaller avant de supprimer ce domaine",
"domain_unknown": "Domaine inconnu",
"domain_zone_exists": "Le fichier de zone DNS existe déjà",
"domain_zone_not_found": "Fichier de zone DNS introuvable pour le domaine {:s}",
"done": "Terminé.",
"done": "Terminé",
"downloading": "Téléchargement...",
"dyndns_cron_installed": "La tâche cron pour le domaine DynDNS a été installée",
"dyndns_cron_remove_failed": "Impossible d'enlever la tâche cron pour le domaine DynDNS",
@ -98,7 +98,7 @@
"dyndns_no_domain_registered": "Aucun domaine n'a été enregistré avec DynDNS",
"dyndns_registered": "Le domaine DynDNS a été enregistré",
"dyndns_registration_failed": "Impossible d'enregistrer le domaine DynDNS : {error:s}",
"dyndns_unavailable": "Sous-domaine DynDNS indisponible",
"dyndns_unavailable": "Le domaine {domain:s} est indisponible.",
"executing_command": "Exécution de la commande « {command:s} »...",
"executing_script": "Exécution du script « {script:s} »...",
"extracting": "Extraction...",
@ -109,19 +109,19 @@
"format_datetime_short": "%d/%m/%Y %H:%M",
"hook_argument_missing": "Argument manquant : '{:s}'",
"hook_choice_invalid": "Choix incorrect : '{:s}'",
"hook_exec_failed": "Échec de l'exécution du script « {path:s} »",
"hook_exec_not_terminated": "L'exécution du script « {path:s} » ne s'est pas terminée",
"hook_list_by_invalid": "Propriété pour lister les scripts incorrecte",
"hook_exec_failed": "Échec de lexécution du script « {path:s} »",
"hook_exec_not_terminated": "Lexécution du script « {path:s} » ne sest pas terminée",
"hook_list_by_invalid": "La propriété de tri des actions est invalide",
"hook_name_unknown": "Nom de script « {name:s} » inconnu",
"installation_complete": "Installation terminée",
"installation_failed": "Échec de l'installation",
"ip6tables_unavailable": "Vous ne pouvez pas jouer avec ip6tables ici. Vous êtes sûrement dans un conteneur, ou alors votre noyau ne le supporte pas.",
"iptables_unavailable": "Vous ne pouvez pas jouer avec iptables ici. Vous êtes sûrement dans un conteneur, autrement votre noyau ne le supporte pas.",
"ip6tables_unavailable": "Vous ne pouvez pas jouer avec ip6tables ici. Vous êtes soit dans un conteneur, soit votre noyau ne le supporte pas",
"iptables_unavailable": "Vous ne pouvez pas jouer avec iptables ici. Vous êtes soit dans un conteneur, soit votre noyau ne le supporte pas",
"ldap_initialized": "L'annuaire LDAP a été initialisé",
"license_undefined": "indéfinie",
"mail_alias_remove_failed": "Impossible de supprimer l'adresse courriel supplémentaire « {mail:s} »",
"mail_domain_unknown": "Le domaine « {domain:s} » de l'adresse courriel est inconnu",
"mail_forward_remove_failed": "Impossible de supprimer l'adresse courriel de transfert « {mail:s} »",
"mail_alias_remove_failed": "Impossible de supprimer l'alias courriel « {mail:s} »",
"mail_domain_unknown": "Le domaine « {domain:s} » du courriel est inconnu",
"mail_forward_remove_failed": "Impossible de supprimer le courriel de transfert « {mail:s} »",
"maindomain_change_failed": "Impossible de modifier le domaine principal",
"maindomain_changed": "Le domaine principal a été modifié",
"monitor_disabled": "La supervision du serveur a été désactivé",
@ -135,12 +135,12 @@
"mountpoint_unknown": "Point de montage inconnu",
"mysql_db_creation_failed": "Impossible de créer la base de données MySQL",
"mysql_db_init_failed": "Impossible d'initialiser la base de données MySQL",
"mysql_db_initialized": "La base de donnée MySQL a été initialisée",
"mysql_db_initialized": "La base de données MySQL a été initialisée",
"network_check_mx_ko": "L'enregistrement DNS MX n'est pas précisé",
"network_check_smtp_ko": "Le trafic courriel sortant (port 25 SMTP) semble bloqué par votre réseau",
"network_check_smtp_ok": "Le trafic courriel sortant (port 25 SMTP) n'est pas bloqué",
"new_domain_required": "Vous devez spécifier le nouveau domaine principal",
"no_appslist_found": "Aucune liste d'applications trouvée",
"no_appslist_found": "Aucune liste dapplications na été trouvée",
"no_internet_connection": "Le serveur n'est pas connecté à Internet",
"no_ipv6_connectivity": "La connectivité IPv6 n'est pas disponible",
"no_restore_script": "Le script de sauvegarde n'a pas été trouvé pour l'application « {app:s} »",
@ -153,9 +153,9 @@
"packages_upgrade_critical_later": "Les paquets critiques ({packages:s}) seront mis à jour ultérieurement",
"packages_upgrade_failed": "Impossible de mettre à jour tous les paquets",
"path_removal_failed": "Impossible de supprimer le chemin {:s}",
"pattern_backup_archive_name": "Doit être un nom de fichier valide composé de caractères alphanumérique et -_. uniquement",
"pattern_backup_archive_name": "Doit être un nom de fichier valide composé uniquement de caractères alphanumériques et de -_.",
"pattern_domain": "Doit être un nom de domaine valide (ex : mon-domaine.org)",
"pattern_email": "Doit être une adresse courriel valide (ex. : someone@domain.org)",
"pattern_email": "Doit être une adresse courriel valide (ex. : pseudo@domain.org)",
"pattern_firstname": "Doit être un prénom valide",
"pattern_lastname": "Doit être un nom valide",
"pattern_listname": "Doit être composé uniquement de caractères alphanumériques et de tirets bas",
@ -176,7 +176,7 @@
"restore_complete": "Restauration terminée",
"restore_confirm_yunohost_installed": "Voulez-vous vraiment restaurer un système déjà installé ? [{answers:s}]",
"restore_failed": "Impossible de restaurer le système",
"restore_hook_unavailable": "Le script de restauration « {hook:s} » n'est pas disponible sur votre système",
"restore_hook_unavailable": "Le script de restauration « {part:s} » n'est pas disponible sur votre système, et nest pas non plus dans larchive",
"restore_nothings_done": "Rien n'a été restauré",
"restore_running_app_script": "Lancement du script de restauration pour l'application « {app:s} »...",
"restore_running_hooks": "Exécution des scripts de restauration...",
@ -200,9 +200,9 @@
"service_configuration_conflict": "Le fichier {file:s} a été modifié depuis sa dernière génération. Veuillez y appliquer les modifications manuellement ou utiliser loption --force (ce qui écrasera toutes les modifications effectuées sur le fichier).",
"service_configured": "La configuration du service « {service:s} » a été générée avec succès",
"service_configured_all": "La configuration de tous les services a été générée avec succès",
"service_disable_failed": "Impossible de désactiver le service « {service:s} »",
"service_disable_failed": "Impossible de désactiver le service « {service:s} »\n\nJournaux récents : {logs:s}",
"service_disabled": "Le service « {service:s} » a été désactivé",
"service_enable_failed": "Impossible d'activer le service « {service:s} »",
"service_enable_failed": "Impossible dactiver le service « {service:s} »\n\nJournaux récents : {logs:s}",
"service_enabled": "Le service « {service:s} » a été activé",
"service_no_log": "Aucun journal à afficher pour le service « {service:s} »",
"service_regenconf_dry_pending_applying": "Vérification des configurations en attentes qui pourraient être appliquées pour le service « {service} »…",
@ -210,10 +210,10 @@
"service_regenconf_pending_applying": "Application des configurations en attentes pour le service « {service} »…",
"service_remove_failed": "Impossible d'enlever le service « {service:s} »",
"service_removed": "Le service « {service:s} » a été enlevé",
"service_start_failed": "Impossible de démarrer le service « {service:s} »",
"service_start_failed": "Impossible de démarrer le service « {service:s} »\n\nJournaux récents : {logs:s}",
"service_started": "Le service « {service:s} » a été démarré",
"service_status_failed": "Impossible de déterminer le statut du service « {service:s} »",
"service_stop_failed": "Impossible d'arrêter le service « {service:s} »",
"service_stop_failed": "Impossible darrêter le service « {service:s} »\n\nJournaux récents : {logs:s}",
"service_stopped": "Le service « {service:s} » a été arrêté",
"service_unknown": "Service « {service:s} » inconnu",
"services_configured": "La configuration a été générée avec succès",
@ -248,5 +248,173 @@
"yunohost_ca_creation_failed": "Impossible de créer l'autorité de certification",
"yunohost_configured": "YunoHost a été configuré",
"yunohost_installing": "Installation de YunoHost...",
"yunohost_not_installed": "YunoHost n'est pas ou pas correctement installé. Veuillez exécuter « yunohost tools postinstall »."
"yunohost_not_installed": "YunoHost n'est pas ou pas correctement installé. Veuillez exécuter « yunohost tools postinstall »",
"certmanager_attempt_to_replace_valid_cert": "Vous êtes en train de remplacer un certificat correct et valide pour le domaine {domain:s} ! (Utilisez --force pour contourner)",
"certmanager_domain_unknown": "Domaine inconnu {domain:s}",
"certmanager_domain_cert_not_selfsigned": "Le certificat du domaine {domain:s} nest pas auto-signé. Voulez-vous vraiment le remplacer ? (Utilisez --force)",
"certmanager_certificate_fetching_or_enabling_failed": "Il semble que l'activation du nouveau certificat pour {domain:s} a échoué…",
"certmanager_attempt_to_renew_nonLE_cert": "Le certificat pour le domaine {domain:s} nest pas fourni par Lets Encrypt. Impossible de le renouveler automatiquement !",
"certmanager_attempt_to_renew_valid_cert": "Le certificat pour le domaine {domain:s} est sur le point dexpirer ! Utilisez --force pour contourner",
"certmanager_domain_http_not_working": "Il semble que le domaine {domain:s} nest pas accessible via HTTP. Veuillez vérifier que vos configuration DNS et nginx sont correctes",
"certmanager_error_no_A_record": "Aucun enregistrement DNS « A » na été trouvé pour {domain:s}. De devez faire pointer votre nom de domaine vers votre machine pour être capable dinstaller un certificat Lets Encrypt ! (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)",
"certmanager_domain_dns_ip_differs_from_public_ip": "Lenregistrement DNS « A » du domaine {domain:s} est différent de ladresse IP de ce serveur. Si vous avez modifié récemment votre enregistrement « A », veuillez attendre sa propagation (quelques vérificateur de propagation sont disponibles en ligne). (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)",
"certmanager_cannot_read_cert": "Quelque chose sest mal passé lors de la tentative douverture du certificat actuel pour le domaine {domain:s} (fichier : {file:s}), cause : {reason:s}",
"certmanager_cert_install_success_selfsigned": "Installation avec succès dun certificat auto-signé pour le domaine {domain:s} !",
"certmanager_cert_install_success": "Installation avec succès dun certificat Lets Encrypt pour le domaine {domain:s} !",
"certmanager_cert_renew_success": "Renouvellement avec succès dun certificat Lets Encrypt pour le domaine {domain:s} !",
"certmanager_old_letsencrypt_app_detected": "\nYunoHost a détecté que lapplication « letsencrypt » est installé, ce qui est en conflit avec les nouvelles fonctionnalités de gestion intégrée de certificats dans YunoHost. Si vous souhaitez utiliser ces nouvelles fonctionnalités intégrées, veuillez lancer les commandes suivantes pour migrer votre installation :\n\n yunohost app remove letsencrypt\n yunohost domain cert-install\n\nN.B. : cela tentera de réinstaller les certificats de tous les domaines avec un certificat Let's Encrypt ou ceux auto-signés",
"certmanager_cert_signing_failed": "La signature du nouveau certificat a échoué",
"certmanager_no_cert_file": "Impossible de lire le fichier de certificat pour le domaine {domain:s} (fichier : {file:s})",
"certmanager_conflicting_nginx_file": "Impossible de préparer le domaine pour de défi ACME : le fichier de configuration nginx {filepath:s} est en conflit et doit être retiré au préalable",
"certmanager_hit_rate_limit": "Trop de certificats ont déjà été demandés récemment pour cet ensemble précis de domaines {domain:s}. Veuillez réessayer plus tard. Lisez https://letsencrypt.org/docs/rate-limits/ pour obtenir plus de détails",
"ldap_init_failed_to_create_admin": "Linitialisation de LDAP na pas réussi à créer lutilisateur admin",
"ssowat_persistent_conf_read_error": "Erreur lors de la lecture de la configuration persistante de SSOwat : {error:s}. Modifiez le fichier /etc/ssowat/conf.json.persistent pour réparer la syntaxe JSON",
"ssowat_persistent_conf_write_error": "Erreur lors de la sauvegarde de la configuration persistante de SSOwat : {error:s}. Modifiez le fichier /etc/ssowat/conf.json.persistent pour réparer la syntaxe JSON",
"domain_cannot_remove_main": "Impossible de retirer le domaine principal. Définissez un nouveau domaine principal au préalable.",
"certmanager_self_ca_conf_file_not_found": "Le fichier de configuration pour lautorité du certificat auto-signé est introuvable (fichier : {file:s})",
"certmanager_unable_to_parse_self_CA_name": "Impossible danalyser le nom de lautorité du certificat auto-signé (fichier : {file:s})",
"mailbox_used_space_dovecot_down": "Le service de mail Dovecot doit être démarré, si vous souhaitez voir l'espace disque occupé par la messagerie",
"domains_available": "Domaines disponibles :",
"backup_archive_broken_link": "Impossible d'accéder à l'archive de sauvegarde (lien invalide vers {path:s})",
"certmanager_acme_not_configured_for_domain": "Le certificat du domaine {domain:s} ne semble pas être correctement installé. Veuillez préalablement exécuter cert-install pour ce domaine.",
"certmanager_domain_not_resolved_locally": "Le domaine {domain:s} ne peut être déterminé depuis votre serveur YunoHost. Cela peut arriver si vous avez récemment modifié votre enregistrement DNS. Auquel cas, merci dattendre quelques heures quil se propage. Si le problème persiste, envisager dajouter {domain:s} au fichier /etc/hosts. (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces vérifications.)",
"certmanager_http_check_timeout": "Expiration du délai lors de la tentative du serveur de se contacter via HTTP en utilisant son adresse IP publique (domaine {domain:s} avec lIP {ip:s}). Vous rencontrez peut-être un problème dhairpinning ou alors le pare-feu/routeur en amont de votre serveur est mal configuré.",
"certmanager_couldnt_fetch_intermediate_cert": "Expiration du délai lors de la tentative de récupération du certificat intermédiaire depuis Lets Encrypt. Linstallation/le renouvellement du certificat a été interrompu - veuillez réessayer prochainement.",
"appslist_retrieve_bad_format": "Le fichier récupéré pour la liste dapplications {appslist:s} nest pas valide",
"domain_hostname_failed": "Échec de la création d'un nouveau nom d'hôte",
"yunohost_ca_creation_success": "Lautorité de certification locale a été créée.",
"appslist_name_already_tracked": "Il y a déjà une liste dapplications enregistrée avec le nom {name:s}.",
"appslist_url_already_tracked": "Il y a déjà une liste dapplications enregistrée avec lURL {url:s}.",
"appslist_migrating": "Migration de la liste dapplications {appslist:s}…",
"appslist_could_not_migrate": "Impossible de migrer la liste {appslist:s} ! Impossible dexploiter lURL… Lancienne tâche cron a été conservée dans {bkp_file:s}.",
"appslist_corrupted_json": "Impossible de charger la liste dapplications. Il semble que {filename:s} soit corrompu.",
"app_already_installed_cant_change_url": "Cette application est déjà installée. LURL ne peut pas être changé simplement par cette fonction. Regardez avec « app changeurl » si cest disponible.",
"app_change_no_change_url_script": "Lapplication {app_name:s} ne prend pas encore en charge le changement dURL, vous pourriez avoir besoin de la mettre à jour.",
"app_change_url_failed_nginx_reload": "Le redémarrage de nginx a échoué. Voici la sortie de « nginx -t » :\n{nginx_errors:s}",
"app_change_url_identical_domains": "Lancien et le nouveau couple domaine/chemin sont identiques pour {domain:s}{path:s}, aucune action.",
"app_change_url_no_script": "Lapplication {app_name:s} ne prend pas encore en charge le changement dURL. Vous devriez peut-être la mettre à jour.",
"app_change_url_success": "LURL de lapplication {app:s} a été changée en {domain:s}{path:s}",
"app_location_unavailable": "Cette URL nest pas disponible ou est en conflit avec une application existante",
"app_already_up_to_date": "{app:s} est déjà à jour",
"invalid_url_format": "Format dURL non valide",
"global_settings_bad_choice_for_enum": "La valeur du paramètre {setting:s} est incorrecte. Reçu : {received_type:s}; attendu : {expected_type:s}",
"global_settings_bad_type_for_setting": "Le type du paramètre {setting:s} est incorrect. Reçu : {received_type:s}; attendu : {expected_type:s}.",
"global_settings_cant_open_settings": "Échec de louverture du ficher de configurations, cause : {reason:s}",
"global_settings_cant_serialize_setings": "Échec de sérialisation des données de configurations, cause : {reason:s}",
"global_settings_cant_write_settings": "Échec décriture du fichier de configurations, cause : {reason:s}",
"global_settings_key_doesnt_exists": "La clef « {settings_key:s} » nexiste pas dans les configurations globales, vous pouvez voir toutes les clefs disponibles en saisissant « yunohost settings list »",
"global_settings_reset_success": "Réussite ! Vos configurations précédentes ont été sauvegardées dans {path:s}",
"global_settings_setting_example_bool": "Exemple doption booléenne",
"global_settings_setting_example_int": "Exemple doption de type entier",
"global_settings_setting_example_string": "Exemple doption de type chaîne",
"global_settings_setting_example_enum": "Exemple doption de type énumération",
"global_settings_unknown_type": "Situation inattendue, la configuration {setting:s} semble avoir le type {unknown_type:s} mais ce nest pas un type pris en charge par le système.",
"global_settings_unknown_setting_from_settings_file": "Clef inconnue dans les configurations : {setting_key:s}, rejet de cette clef et sauvegarde de celle-ci dans /etc/yunohost/unkown_settings.json",
"service_conf_new_managed_file": "Le fichier de configuration « {conf} » est désormais géré par le service {service}.",
"service_conf_file_kept_back": "Le fichier de configuration « {conf} » devrait être supprimé par le service {service} mais a été conservé.",
"backup_abstract_method": "Cette méthode de sauvegarde na pas encore été implémentée",
"backup_applying_method_tar": "Création de larchive tar de la sauvegarde…",
"backup_applying_method_copy": "Copie de tous les fichiers dans la sauvegarde…",
"backup_applying_method_borg": "Envoi de tous les fichiers dans la sauvegarde dans de référentiel borg-backup…",
"backup_applying_method_custom": "Appel de la méthode de sauvegarde personnalisée « {method:s} »…",
"backup_archive_system_part_not_available": "La partie « {part:s} » du système nest pas disponible dans cette sauvegarde",
"backup_archive_mount_failed": "Le montage de larchive de sauvegarde a échoué",
"backup_archive_writing_error": "Impossible dajouter les fichiers à la sauvegarde dans larchive compressée",
"backup_ask_for_copying_if_needed": "Certains fichiers nont pas pu être préparés pour être sauvegardés en utilisant la méthode qui évite temporairement de gaspiller de lespace sur le système. Pour mener la sauvegarde, {size:s} Mo doivent être temporairement utilisés. Acceptez-vous ?",
"backup_borg_not_implemented": "La méthode de sauvegarde Bord nest pas encore implémentée",
"backup_cant_mount_uncompress_archive": "Impossible de monter en lecture seule le dossier de larchive décompressée",
"backup_copying_to_organize_the_archive": "Copie de {size:s} Mio pour organiser larchive",
"backup_csv_creation_failed": "Impossible de créer le fichier CSV nécessaire aux opérations futures de restauration",
"backup_csv_addition_failed": "Impossible dajouter des fichiers à sauvegarder dans le fichier CSV",
"backup_custom_need_mount_error": "Échec de la méthode de sauvegarde personnalisée à létape « need_mount »",
"backup_custom_backup_error": "Échec de la méthode de sauvegarde personnalisée à létape « backup »",
"backup_custom_mount_error": "Échec de la méthode de sauvegarde personnalisée à létape « mount »",
"backup_no_uncompress_archive_dir": "Le dossier de larchive décompressée nexiste pas",
"backup_method_tar_finished": "Larchive tar de la sauvegarde a été créée",
"backup_method_copy_finished": "La copie de la sauvegarde est terminée",
"backup_method_borg_finished": "La sauvegarde dans Borg est terminée",
"backup_method_custom_finished": "La méthode se sauvegarde personnalisée « {method:s} » est terminée",
"backup_system_part_failed": "Impossible de sauvegarder la partie « {part:s} » du système",
"backup_unable_to_organize_files": "Impossible dorganiser les fichiers dans larchive avec la méthode rapide",
"backup_with_no_backup_script_for_app": "Lapplication {app:s} na pas de script de sauvegarde. Ignorer.",
"backup_with_no_restore_script_for_app": "Lapplication {app:s} na pas de script de restauration, vous ne pourrez pas restaurer automatiquement la sauvegarde de cette application.",
"global_settings_cant_serialize_settings": "Échec de la sérialisation des données de paramétrage, cause : {reason:s}",
"restore_removing_tmp_dir_failed": "Impossible de sauvegarder un ancien dossier temporaire",
"restore_extracting": "Extraction des fichiers nécessaires depuis larchive…",
"restore_mounting_archive": "Montage de larchive dans « {path:s} »",
"restore_may_be_not_enough_disk_space": "Votre système semble ne pas avoir suffisamment despace disponible (libre : {free_space:d} octets, nécessaire : {needed_space:d} octets, marge de sécurité : {margin:d} octets)",
"restore_not_enough_disk_space": "Espace disponible insuffisant (libre : {free_space:d} octets, nécessaire : {needed_space:d} octets, marge de sécurité : {margin:d} octets)",
"restore_system_part_failed": "Impossible de restaurer la partie « {part:s} » du système",
"backup_couldnt_bind": "Impossible de lier {src:s} avec {dest:s}.",
"domain_dns_conf_is_just_a_recommendation": "Cette page montre la configuration *recommandée*. Elle ne configure *pas* le DNS pour vous. Il est de votre responsabilité que de configurer votre zone DNS chez votre registrar DNS avec cette recommandation.",
"domain_dyndns_dynette_is_unreachable": "Impossible de contacter la dynette YunoHost, soit YunoHost nest pas correctement connecté à internet ou alors le serveur de dynette est arrêté. Erreur : {error}",
"migrations_backward": "Migration en arrière.",
"migrations_bad_value_for_target": "Nombre invalide pour le paramètre « target », les numéros de migration sont ou {}",
"migrations_cant_reach_migration_file": "Impossible daccéder aux fichiers de migrations avec le chemin %s",
"migrations_current_target": "La cible de migration est {}",
"migrations_error_failed_to_load_migration": "ERREUR : échec du chargement de migration {number} {name}",
"migrations_forward": "Migration en avant",
"migrations_loading_migration": "Chargement de la migration {number} {name}…",
"migrations_migration_has_failed": "La migration {number} {name} a échoué avec lexception {exception}, annulation",
"migrations_no_migrations_to_run": "Aucune migration à lancer",
"migrations_show_currently_running_migration": "Application de la migration {number} {name}…",
"migrations_show_last_migration": "La dernière migration appliquée est {}",
"migrations_skip_migration": "Omission de la migration {number} {name}…",
"server_shutdown": "Le serveur sera éteint",
"server_shutdown_confirm": "Le serveur immédiatement être éteint, le voulez-vous vraiment ? [{answers:s}]",
"server_reboot": "Le serveur va redémarrer",
"server_reboot_confirm": "Le serveur va redémarrer immédiatement, le voulez-vous vraiment ? [{answers:s}]",
"app_upgrade_some_app_failed": "Impossible de mettre à jour certaines applications",
"ask_path": "Chemin",
"dyndns_could_not_check_provide": "Impossible de vérifier si {provider:s} peut fournir {domain:s}.",
"dyndns_domain_not_provided": "Le fournisseur Dyndns {provider:s} ne peut pas fournir le domaine {domain:s}.",
"app_make_default_location_already_used": "Impossible de configurer l'app '{app}' par défaut pour le domaine {domain}, déjà utilisé par l'autre app '{other_app}'",
"app_upgrade_app_name": "Mise à jour de l'application {app}...",
"backup_output_symlink_dir_broken": "Vous avez un lien symbolique cassé à la place de votre dossier darchives « {path:s} ». Vous pourriez avoir une configuration personnalisée pour sauvegarder vos données sur un autre système de fichiers, dans ce cas, vous avez probablement oublié de monter ou de connecter votre disque / clef USB.",
"migrate_tsig_end": "La migration à hmac-sha512 est terminée",
"migrate_tsig_failed": "La migration du domaine dyndns {domain} à hmac-sha512 a échoué, annulation des modifications. Erreur : {error_code} - {error}",
"migrate_tsig_start": "Lalgorithme de génération des clefs nest pas suffisamment sécurisé pour la signature TSIG du domaine « {domain} », lancement de la migration vers hmac-sha512 qui est plus sécurisé",
"migrate_tsig_wait": "Attendons 3 minutes pour que le serveur dyndns prenne en compte la nouvelle clef…",
"migrate_tsig_wait_2": "2 minutes…",
"migrate_tsig_wait_3": "1 minute…",
"migrate_tsig_wait_4": "30 secondes…",
"migrate_tsig_not_needed": "Il ne semble pas que vous utilisez un domaine dyndns, donc aucune migration nest nécessaire !",
"app_checkurl_is_deprecated": "Packagers /!\\ 'app checkurl' est obsolète ! Utilisez 'app register-url' en remplacement !",
"migration_description_0001_change_cert_group_to_sslcert": "Change les permissions de groupe des certificats de « metronome » à « ssl-cert »",
"migration_description_0002_migrate_to_tsig_sha256": "Améliore la sécurité de DynDNDS TSIG en utilisant SHA512 au lieu de MD5",
"migration_description_0003_migrate_to_stretch": "Mise à niveau du système vers Debian Stretch et YunoHost 3.0",
"migration_0003_backward_impossible": "La migration Stretch nest pas réversible.",
"migration_0003_start": "Démarrage de la migration vers Stretch. Les journaux seront disponibles dans {logfile}.",
"migration_0003_patching_sources_list": "Modification de sources.lists…",
"migration_0003_main_upgrade": "Démarrage de la mise à niveau principale…",
"migration_0003_fail2ban_upgrade": "Démarrage de la mise à niveau de fail2ban…",
"migration_0003_restoring_origin_nginx_conf": "Votre fichier /etc/nginx/nginx.conf a été modifié dune manière ou dune autre. La migration va dabords le réinitialiser à son état initial… Le fichier précédent sera disponible en tant que {backup_dest}.",
"migration_0003_yunohost_upgrade": "Démarrage de la mise à niveau du paquet YunoHost… La migration terminera, mais la mise à jour réelle aura lieu immédiatement après. Après cette opération terminée, vous pourriez avoir à vous reconnecter à ladministration web.",
"migration_0003_not_jessie": "La distribution Debian actuelle nest pas Jessie !",
"migration_0003_system_not_fully_up_to_date": "Votre système nest pas complètement à jour. Veuillez mener une mise à jour classique avant de lancer à migration à Stretch.",
"migration_0003_still_on_jessie_after_main_upgrade": "Quelque chose sest ma passé pendant la mise à niveau principale : le système est toujours sur Jessie ?!? Pour investiguer le problème, veuillez regarder {log} 🙁…",
"migration_0003_general_warning": "Veuillez noter que cette migration est une opération délicate. Si léquipe YunoHost a fait de son mieux pour la relire et la tester, la migration pourrait tout de même casser des parties de votre système ou de vos applications.\n\nEn conséquence, nous vous recommandons :\n - de lancer une sauvegarde de vos données ou applications critiques. Plus dinformations sur https://yunohost.org/backup ;\n - dêtre patient après avoir lancé la migration : selon votre connexion internet et matériel, cela pourrait prendre jusqu'à quelques heures pour que tout soit à niveau.\n\nDe plus, le port SMTP utilisé par les clients de messagerie externes comme (Thunderbird ou K9-Mail) a été changé de 465 (SSL/TLS) à 587 (STARTTLS). Lancien port 465 sera automatiquement fermé et le nouveau port 587 sera ouvert dans le pare-feu. Vous et vos utilisateurs *devront* adapter la configuration de vos clients de messagerie en conséquence !",
"migration_0003_problematic_apps_warning": "Veuillez noter que les applications suivantes, éventuellement problématiques, ont été détectées. Il semble quelles naient pas été installées depuis une liste dapplication ou quelles ne soit pas marquées «working ». En conséquence, nous ne pouvons pas garantir quelles fonctionneront après la mise à niveau : {problematic_apps}",
"migration_0003_modified_files": "Veuillez noter que les fichiers suivants ont été détectés comme modifiés manuellement et pourraient être écrasés à la fin de la mise à niveau : {manually_modified_files}",
"migrations_list_conflict_pending_done": "Vous ne pouvez pas utiliser --previous et --done simultanément.",
"migrations_to_be_ran_manually": "La migration {number} {name} doit être lancée manuellement. Veuillez aller dans Outils > Migration dans linterface admin, ou lancer `yunohost tools migrations migrate`.",
"migrations_need_to_accept_disclaimer": "Pour lancer la migration {number} {name}, vous devez accepter cette clause de non-responsabilité :\n---\n{disclaimer}\n---\nSi vous acceptez de lancer la migration, veuillez relancer la commande avec loption --accept-disclaimer.",
"service_description_avahi-daemon": "permet datteindre votre serveur via yunohost.local sur votre réseau local",
"service_description_dnsmasq": "assure la résolution des noms de domaine (DNS)",
"service_description_dovecot": "permet aux clients de messagerie daccéder/récupérer les courriels (via IMAP et POP3)",
"service_description_fail2ban": "protège contre les attaques brute-force et autres types dattaques venant dInternet",
"service_description_glances": "surveille les informations système de votre serveur",
"service_description_metronome": "gère les comptes de messagerie instantanée XMPP",
"service_description_mysql": "stocke les données des applications (bases de données SQL)",
"service_description_nginx": "sert ou permet laccès à tous les sites web hébergés sur votre serveur",
"service_description_nslcd": "gère la connexion en ligne de commande des utilisateurs YunoHost",
"service_description_php5-fpm": "exécute des applications écrites en PHP avec nginx",
"service_description_postfix": "utilisé pour envoyer et recevoir des courriels",
"service_description_redis-server": "une base de donnée spécialisée utilisée pour laccès rapide aux données, les files dattentes et la communication inter-programmes",
"service_description_rmilter": "vérifie divers paramètres dans les courriels",
"service_description_rspamd": "filtre le pourriel, et dautres fonctionnalités liées au courriel",
"service_description_slapd": "stocke les utilisateurs, domaines et leurs informations liées",
"service_description_ssh": "vous permet de vous connecter à distance à votre serveur via un terminal (protocole SSH)",
"service_description_yunohost-api": "permet les interactions entre linterface web de YunoHost et le système",
"service_description_yunohost-firewall": "gère les ports de connexion ouverts et fermés aux services"
}

82
locales/hi.json
View file

@ -1 +1,81 @@
{}
{
"action_invalid": "अवैध कार्रवाई '{action:s}'",
"admin_password": "व्यवस्थापक पासवर्ड",
"admin_password_change_failed": "पासवर्ड बदलने में असमर्थ",
"admin_password_changed": "व्यवस्थापक पासवर्ड बदल दिया गया है",
"app_already_installed": "'{app:s}' पहले से ही इंस्टाल्ड है",
"app_argument_choice_invalid": "गलत तर्क का चयन किया गया '{name:s}' , तर्क इन विकल्पों में से होने चाहिए {choices:s}",
"app_argument_invalid": "तर्क के लिए अमान्य मान '{name:s}': {error:s}",
"app_argument_required": "तर्क '{name:s}' की आवश्यकता है",
"app_extraction_failed": "इन्सटाल्ड फ़ाइलों को निकालने में असमर्थ",
"app_id_invalid": "अवैध एप्लिकेशन id",
"app_incompatible": "यह एप्लिकेशन युनोहोस्ट की इस वर्जन के लिए नहीं है",
"app_install_files_invalid": "फाइलों की अमान्य स्थापना",
"app_location_already_used": "इस लोकेशन पे पहले से ही कोई एप्लीकेशन इन्सटाल्ड है",
"app_location_install_failed": "इस लोकेशन पे एप्लीकेशन इंस्टाल करने में असमर्थ",
"app_manifest_invalid": "एप्लीकेशन का मैनिफेस्ट अमान्य",
"app_no_upgrade": "कोई भी एप्लीकेशन को अपडेट की जरूरत नहीं",
"app_not_correctly_installed": "{app:s} ठीक ढंग से इनस्टॉल नहीं हुई",
"app_not_installed": "{app:s} इनस्टॉल नहीं हुई",
"app_not_properly_removed": "{app:s} ठीक ढंग से नहीं अनइन्सटॉल की गई",
"app_package_need_update": "इस एप्लीकेशन पैकेज को युनोहोस्ट के नए बदलावों/गाइडलिनेज़ के कारण उपडटेशन की जरूरत",
"app_removed": "{app:s} को अनइन्सटॉल कर दिया गया",
"app_requirements_checking": "जरूरी पैकेजेज़ की जाँच हो रही है ....",
"app_requirements_failed": "आवश्यकताओं को पूरा करने में असमर्थ: {error}",
"app_requirements_unmeet": "आवश्यकताए पूरी नहीं हो सकी, पैकेज {pkgname}({version})यह होना चाहिए {spec}",
"app_sources_fetch_failed": "सोर्स फाइल्स प्राप्त करने में असमर्थ",
"app_unknown": "अनजान एप्लीकेशन",
"app_unsupported_remote_type": "एप्लीकेशन के लिए उन्सुपपोर्टेड रिमोट टाइप इस्तेमाल किया गया",
"app_upgrade_failed": "{app:s} अपडेट करने में असमर्थ",
"app_upgraded": "{app:s} अपडेट हो गयी हैं",
"appslist_fetched": "एप्लीकेशन की सूचि अपडेट हो गयी",
"appslist_removed": "एप्लीकेशन की सूचि निकल दी गयी है",
"appslist_retrieve_error": "दूरस्थ एप्लिकेशन सूची प्राप्त करने में असमर्थ",
"appslist_unknown": "अनजान एप्लिकेशन सूची",
"ask_current_admin_password": "वर्तमान व्यवस्थापक पासवर्ड",
"ask_email": "ईमेल का पता",
"ask_firstname": "नाम",
"ask_lastname": "अंतिम नाम",
"ask_list_to_remove": "सूचि जिसको हटाना है",
"ask_main_domain": "मुख्य डोमेन",
"ask_new_admin_password": "नया व्यवस्थापक पासवर्ड",
"ask_password": "पासवर्ड",
"backup_action_required": "आप को सेव करने के लिए कुछ लिखना होगा",
"backup_app_failed": "एप्लीकेशन का बैकअप करने में असमर्थ '{app:s}'",
"backup_archive_app_not_found": "'{app:s}' बैकअप आरचिव में नहीं मिला",
"backup_archive_hook_not_exec": "हुक '{hook:s}' इस बैकअप में एक्सेक्युट नहीं किया गया",
"backup_archive_name_exists": "इस बैकअप आरचिव का नाम पहले से ही मौजूद है",
"backup_archive_name_unknown": "'{name:s}' इस नाम की लोकल बैकअप आरचिव मौजूद नहीं",
"backup_archive_open_failed": "बैकअप आरचिव को खोलने में असमर्थ",
"backup_cleaning_failed": "टेम्पोरेरी बैकअप डायरेक्टरी को उड़ने में असमर्थ",
"backup_created": "बैकअप सफलतापूर्वक किया गया",
"backup_creating_archive": "बैकअप आरचिव बनाई जा रही है ...",
"backup_creation_failed": "बैकअप बनाने में विफल",
"backup_delete_error": "'{path:s}' डिलीट करने में असमर्थ",
"backup_deleted": "इस बैकअप को डिलीट दिया गया है",
"backup_extracting_archive": "बैकअप आरचिव को एक्सट्रेक्ट किया जा रहा है ...",
"backup_hook_unknown": "'{hook:s}' यह बैकअप हुक नहीं मिला",
"backup_invalid_archive": "अवैध बैकअप आरचिव",
"backup_nothings_done": "सेव करने के लिए कुछ नहीं",
"backup_output_directory_forbidden": "निषिद्ध आउटपुट डायरेक्टरी। निम्न दिए गए डायरेक्टरी में बैकअप नहीं बन सकता /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var और /home/yunohost.backup/archives के सब-फोल्डर।",
"backup_output_directory_not_empty": "आउटपुट डायरेक्टरी खाली नहीं है",
"backup_output_directory_required": "बैकअप करने के लिए आउट पुट डायरेक्टरी की आवश्यकता है",
"backup_running_app_script": "'{app:s}' एप्लीकेशन की बैकअप स्क्रिप्ट चल रही है...",
"backup_running_hooks": "बैकअप हुक्स चल रहे है...",
"custom_app_url_required": "आप को अपनी कस्टम एप्लिकेशन '{app:s}' को अपग्रेड करने के लिए यूआरएल(URL) देने की आवश्यकता है",
"custom_appslist_name_required": "आप को अपनी कस्टम एप्लीकेशन के लिए नाम देने की आवश्यकता है",
"diagnosis_debian_version_error": "डेबियन वर्जन प्राप्त करने में असफलता {error}",
"diagnosis_kernel_version_error": "कर्नेल वर्जन प्राप्त नहीं की जा पा रही : {error}",
"diagnosis_monitor_disk_error": "डिस्क की मॉनिटरिंग नहीं की जा पा रही: {error}",
"diagnosis_monitor_network_error": "नेटवर्क की मॉनिटरिंग नहीं की जा पा रही: {error}",
"diagnosis_monitor_system_error": "सिस्टम की मॉनिटरिंग नहीं की जा पा रही: {error}",
"diagnosis_no_apps": "कोई एप्लीकेशन इन्सटाल्ड नहीं है",
"dnsmasq_isnt_installed": "dnsmasq इन्सटाल्ड नहीं लगता,इनस्टॉल करने के लिए किप्या ये कमांड चलाये 'apt-get remove bind9 && apt-get install dnsmasq'",
"domain_cert_gen_failed": "सर्टिफिकेट उत्पन करने में असमर्थ",
"domain_created": "डोमेन बनाया गया",
"domain_creation_failed": "डोमेन बनाने में असमर्थ",
"domain_deleted": "डोमेन डिलीट कर दिया गया है",
"domain_deletion_failed": "डोमेन डिलीट करने में असमर्थ",
"domain_dyndns_already_subscribed": "DynDNS डोमेन पहले ही सब्स्क्राइड है",
"domain_dyndns_invalid": "DynDNS के साथ इनवैलिड डोमिन इस्तेमाल किया गया"
}

263
locales/it.json
View file

@ -1,31 +1,254 @@
{
"app_already_installed": "{app:s} è già installato",
"app_already_installed": "{app:s} è già installata",
"app_extraction_failed": "Impossibile estrarre i file di installazione",
"app_not_installed": "{app:s} non è installato",
"app_not_installed": "{app:s} non è installata",
"app_unknown": "Applicazione sconosciuta",
"ask_email": "Indirizzo email",
"ask_password": "Password",
"backup_archive_name_exists": "Il nome dell'archivio del backup esiste già",
"backup_archive_name_exists": "Il nome dell'archivio del backup è già esistente",
"backup_created": "Backup completo",
"backup_invalid_archive": "Archivio di backup non valido",
"backup_output_directory_not_empty": "Directory di output non è vuota",
"backup_running_app_script": "Esecuzione script di backup dell'applicazione '{app:s}'...",
"domain_created": "Dominio creato con successo",
"domain_dyndns_invalid": "Dominio non valido da utilizzare con DynDNS",
"domain_exists": "Dominio esiste già",
"ldap_initialized": "LDAP inizializzato con successo",
"pattern_email": "Deve essere un indirizzo e-mail valido (es someone@domain.org)",
"pattern_mailbox_quota": "Deve essere una dimensione con un suffisso b/k/M/G/T o 0 per disabilitare la quota",
"port_already_opened": "Port {port:d} è già aperto per {ip_version:s} connessioni",
"port_unavailable": "Porta {port:d} non è disponibile",
"service_add_failed": "Impossibile aggiungere servizio '{service:s}'",
"backup_output_directory_not_empty": "La directory di output non è vuota",
"backup_running_app_script": "Esecuzione del script di backup dell'applicazione '{app:s}'...",
"domain_created": "Il dominio è stato creato",
"domain_dyndns_invalid": "Il dominio non è valido per essere usato con DynDNS",
"domain_exists": "Il dominio è già esistente",
"ldap_initialized": "LDAP è stato inizializzato",
"pattern_email": "L'indirizzo email deve essere valido (es. someone@domain.org)",
"pattern_mailbox_quota": "La dimensione deve avere un suffisso b/k/M/G/T o 0 per disattivare la quota",
"port_already_opened": "La porta {port:d} è già aperta per {ip_version:s} connessioni",
"port_unavailable": "La porta {port:d} non è disponibile",
"service_add_failed": "Impossibile aggiungere il servizio '{service:s}'",
"service_cmd_exec_failed": "Impossibile eseguire il comando '{command:s}'",
"service_disabled": "Servizio '{service:s}' disattivato con successo",
"service_disabled": "Il servizio '{service:s}' è stato disattivato",
"service_remove_failed": "Impossibile rimuovere il servizio '{service:s}'",
"service_removed": "Servizio rimosso con successo",
"service_stop_failed": "Impossibile arrestare il servizio '{service:s}'",
"system_username_exists": "Nome utente esiste già negli utenti del sistema",
"unrestore_app": "Applicazione '{app:s}' non verrà ripristinato",
"service_removed": "Il servizio '{service:s}' è stato rimosso",
"service_stop_failed": "Impossibile fermare il servizio '{service:s}'",
"system_username_exists": "il nome utente esiste già negli utenti del sistema",
"unrestore_app": "L'applicazione '{app:s}' non verrà ripristinata",
"upgrading_packages": "Aggiornamento dei pacchetti...",
"user_deleted": "Utente cancellato con successo"
"user_deleted": "L'utente è stato cancellato",
"admin_password": "Password dell'amministrazione",
"admin_password_change_failed": "Impossibile cambiare la password",
"admin_password_changed": "La password dell'amministrazione è stata cambiata",
"app_incompatible": "L'app non è compatibile con la tua versione di Yunohost",
"app_install_files_invalid": "Non sono validi i file di installazione",
"app_location_already_used": "Un'app è già installata in questa posizione",
"app_location_install_failed": "Impossibile installare l'applicazione in questa posizione",
"app_manifest_invalid": "Manifesto dell'applicazione non valido",
"app_no_upgrade": "Nessun applicazione da aggiornare",
"app_not_correctly_installed": "{app:s} sembra di non essere installata correttamente",
"app_not_properly_removed": "{app:s} non è stata correttamente rimossa",
"action_invalid": "L'azione '{action:s}' non è valida",
"app_removed": "{app:s} è stata rimossa",
"app_sources_fetch_failed": "Impossibile riportare i file sorgenti",
"app_upgrade_failed": "Impossibile aggiornare {app:s}",
"app_upgraded": "{app:s} è stata aggiornata",
"appslist_fetched": "La lista delle applicazioni è stata recuperata",
"appslist_removed": "La lista delle applicazioni è stata rimossa",
"app_package_need_update": "Il pacchetto dell'app deve esser aggiornato per seguire le modifiche di Yunohost",
"app_requirements_checking": "Controllo dei pacchetti necessari...",
"app_requirements_failed": "Impossibile rispondere ai requisiti: {error}",
"app_requirements_unmeet": "Non sono soddisfatti i requisiti, il pacchetto {pkgname} ({version}) deve esser {spec}",
"appslist_unknown": "Lista di applicazioni sconosciuta",
"ask_current_admin_password": "Password attuale dell'amministrazione",
"ask_firstname": "Nome",
"ask_lastname": "Cognome",
"ask_list_to_remove": "Lista da rimuovere",
"ask_main_domain": "Dominio principale",
"ask_new_admin_password": "Nuova password dell'amministrazione",
"backup_action_required": "Devi specificare qualcosa da salvare",
"backup_app_failed": "Non è possibile fare il backup dell'applicazione '{app:s}'",
"backup_archive_app_not_found": "L'applicazione '{app:s}' non è stata trovata nel archivio di backup",
"app_argument_choice_invalid": "Scelta non valida per l'argomento '{name:s}', deve essere uno di {choices:s}",
"app_argument_invalid": "Valore non valido per '{name:s}': {error:s}",
"app_argument_required": "L'argomento '{name:s}' è requisito",
"app_id_invalid": "Identificativo dell'applicazione non valido",
"app_unsupported_remote_type": "Il tipo remoto usato per l'applicazione non è supportato",
"appslist_retrieve_error": "Non è possibile riportare la lista remota delle applicazioni: {error}",
"appslist_retrieve_bad_format": "Il file recuperato non è una lista di applicazioni valida",
"backup_archive_broken_link": "Non è possibile accedere al archivio di backup (link rotto verso {path:s})",
"backup_archive_hook_not_exec": "Il hook '{hook:s}' non è stato eseguito in questo backup",
"backup_archive_name_unknown": "Archivio di backup locale chiamato '{name:s}' sconosciuto",
"backup_archive_open_failed": "Non è possibile aprire l'archivio di backup",
"backup_cleaning_failed": "Non è possibile pulire la directory temporanea di backup",
"backup_creating_archive": "Creazione del archivio di backup...",
"backup_creation_failed": "La creazione del backup è fallita",
"backup_delete_error": "Impossibile cancellare '{path:s}'",
"backup_deleted": "Il backup è stato cancellato",
"backup_extracting_archive": "Estrazione del archivio di backup...",
"backup_hook_unknown": "Hook di backup '{hook:s}' sconosciuto",
"backup_nothings_done": "Non c'è niente da salvare",
"backup_output_directory_forbidden": "Directory di output vietata. I backup non possono esser creati nelle sotto-cartelle /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var o /home/yunohost.backup/archives",
"backup_output_directory_required": "Devi fornire una directory di output per il backup",
"backup_running_hooks": "Esecuzione dei hook di backup...",
"custom_app_url_required": "Devi fornire un URL per essere in grado di aggiornare l'applicazione personalizzata {app:s}",
"custom_appslist_name_required": "Devi fornire un nome per la lista di applicazioni personalizzata",
"diagnosis_debian_version_error": "Impossibile riportare la versione di Debian: {error}",
"diagnosis_kernel_version_error": "Impossibile riportare la versione del kernel: {error}",
"diagnosis_monitor_disk_error": "Impossibile controllare i dischi: {error}",
"diagnosis_monitor_network_error": "Impossibile controllare la rete: {error}",
"diagnosis_monitor_system_error": "Impossibile controllare il sistema: {error}",
"diagnosis_no_apps": "Nessuna applicazione installata",
"dnsmasq_isnt_installed": "dnsmasq non sembra installato, impartisci il comando 'apt-get remove bind9 && apt-get install dnsmasq'",
"domain_creation_failed": "Impossibile creare un dominio",
"domain_deleted": "Il dominio è stato cancellato",
"domain_deletion_failed": "Impossibile cancellare il dominio",
"domain_dyndns_already_subscribed": "Hai già sottoscritto un dominio DynDNS",
"domain_dyndns_root_unknown": "Dominio radice DynDNS sconosciuto",
"domain_hostname_failed": "La definizione del nuovo hostname è fallita",
"domain_uninstall_app_first": "Una o più applicazioni sono installate su questo dominio. Disinstalla loro prima di procedere alla cancellazione di un dominio",
"domain_unknown": "Dominio sconosciuto",
"domain_zone_exists": "Il file di zona DNS è già esistente",
"domain_zone_not_found": "Il file di zona DNS non è stato trovato per il dominio {:s}",
"done": "Terminato",
"domains_available": "Domini disponibili:",
"downloading": "Scaricamento...",
"dyndns_cron_installed": "Il cronjob DynDNS è stato installato",
"dyndns_cron_remove_failed": "Impossibile rimuovere il cronjob DynDNS",
"dyndns_cron_removed": "Il cronjob DynDNS è stato rimosso",
"dyndns_ip_update_failed": "Impossibile aggiornare l'indirizzo IP in DynDNS",
"dyndns_ip_updated": "Il tuo indirizzo IP è stato aggiornato in DynDNS",
"dyndns_key_generating": "La chiave DNS sta generando, potrebbe richiedere del tempo...",
"dyndns_key_not_found": "La chiave DNS non è stata trovata per il dominio",
"dyndns_no_domain_registered": "Nessuno dominio è stato registrato con DynDNS",
"dyndns_registered": "Il dominio DynDNS è stato registrato",
"dyndns_registration_failed": "Non è possibile registrare il dominio DynDNS: {error:s}",
"dyndns_unavailable": "Il sottodominio DynDNS non è disponibile",
"executing_command": "Esecuzione del comando '{command:s}'...",
"executing_script": "Esecuzione dello script '{script:s}'...",
"extracting": "Estrazione...",
"field_invalid": "Campo '{:s}' non valido",
"firewall_reload_failed": "Impossibile ricaricare il firewall",
"firewall_reloaded": "Il firewall è stato ricaricato",
"firewall_rules_cmd_failed": "Alcune regole del firewall sono fallite. Per ulteriori informazioni, vedi il registro.",
"format_datetime_short": "%m/%d/%Y %I:%M %p",
"hook_exec_failed": "L'esecuzione dello script è fallita: {path:s}",
"hook_exec_not_terminated": "L'esecuzione dello script non è stata terminata: {path:s}",
"hook_name_unknown": "Nome di hook '{name:s}' sconosciuto",
"installation_complete": "Installazione finita",
"installation_failed": "Installazione fallita",
"ip6tables_unavailable": "Non puoi giocare con ip6tables qui. O sei in un container o il tuo kernel non lo supporta",
"iptables_unavailable": "Non puoi giocare con iptables qui. O sei in un container o il tuo kernel non lo supporta",
"ldap_init_failed_to_create_admin": "L'inizializzazione LDAP non è riuscita a creare un utente admin",
"license_undefined": "Indeterminato",
"mail_alias_remove_failed": "Impossibile rimuovere l'alias mail '{mail:s}'",
"mail_domain_unknown": "Dominio d'indirizzo mail '{domain:s}' sconosciuto",
"mail_forward_remove_failed": "Impossibile rimuovere la mail inoltrata '{mail:s}'",
"mailbox_used_space_dovecot_down": "Il servizio di posta elettronica Dovecot deve essere attivato se vuoi riportare lo spazio usato dalla posta elettronica",
"maindomain_change_failed": "Impossibile cambiare il dominio principale",
"maindomain_changed": "Il dominio principale è stato cambiato",
"monitor_disabled": "Il monitoraggio del sistema è stato disattivato",
"monitor_enabled": "Il monitoraggio del sistema è stato attivato",
"monitor_glances_con_failed": "Impossibile collegarsi al server Glances",
"monitor_not_enabled": "Il monitoraggio del server non è attivato",
"monitor_period_invalid": "Periodo di tempo non valido",
"monitor_stats_file_not_found": "I file statistici non sono stati trovati",
"monitor_stats_no_update": "Nessuna statistica di monitoraggio da aggiornare",
"monitor_stats_period_unavailable": "Nessuna statistica disponibile per il periodo",
"mountpoint_unknown": "Punto di mount sconosciuto",
"mysql_db_creation_failed": "La creazione del database MySQL è fallita",
"mysql_db_init_failed": "L'inizializzazione del database MySQL è fallita",
"mysql_db_initialized": "Il database MySQL è stato inizializzato",
"new_domain_required": "Devi fornire il nuovo dominio principale",
"no_appslist_found": "Nessuna lista di applicazioni trovata",
"no_internet_connection": "Il server non è collegato a Internet",
"no_ipv6_connectivity": "La connessione IPv6 non è disponibile",
"not_enough_disk_space": "Non c'è abbastanza spazio libero in '{path:s}'",
"package_not_installed": "Il pacchetto '{pkgname}' non è installato",
"package_unknown": "Pacchetto '{pkgname}' sconosciuto",
"packages_no_upgrade": "Nessuno pacchetto da aggiornare",
"packages_upgrade_critical_later": "I pacchetti critici {packages:s} verranno aggiornati più tardi",
"packages_upgrade_failed": "Impossibile aggiornare tutti i pacchetti",
"path_removal_failed": "Impossibile rimuovere il percorso {:s}",
"pattern_backup_archive_name": "Deve essere un nome di file valido con caratteri alfanumerici e -_. soli",
"pattern_domain": "Deve essere un nome di dominio valido (es. il-mio-dominio.org)",
"pattern_firstname": "Deve essere un nome valido",
"pattern_lastname": "Deve essere un cognome valido",
"pattern_listname": "Caratteri alfanumerici e trattini bassi soli",
"pattern_password": "Deve contenere almeno 3 caratteri",
"pattern_port": "Deve essere un numero di porta valido (es. 0-65535)",
"pattern_port_or_range": "Deve essere un numero di porta valido (es. 0-65535) o una fascia di porte valida (es. 100:200)",
"pattern_positive_number": "Deve essere un numero positivo",
"pattern_username": "Caratteri minuscoli alfanumerici o trattini bassi soli",
"port_already_closed": "La porta {port:d} è già chiusa per le connessioni {ip_version:s}",
"port_available": "La porta {port:d} è disponibile",
"restore_action_required": "Devi specificare qualcosa da ripristinare",
"restore_already_installed_app": "Un'applicazione è già installata con l'identificativo '{app:s}'",
"restore_app_failed": "Impossibile ripristinare l'applicazione '{app:s}'",
"restore_cleaning_failed": "Impossibile pulire la directory temporanea di ripristino",
"restore_complete": "Ripristino completo",
"restore_confirm_yunohost_installed": "Sei sicuro di volere ripristinare un sistema già installato? {answers:s}",
"restore_failed": "Impossibile ripristinare il sistema",
"user_update_failed": "Impossibile aggiornare l'utente",
"network_check_smtp_ko": "La posta in uscita (SMTP porta 25) sembra bloccata dalla tua rete",
"network_check_smtp_ok": "La posta in uscita (SMTP porta 25) non è bloccata",
"no_restore_script": "Nessuno script di ripristino trovato per l'applicazone '{app:s}'",
"package_unexpected_error": "Un'errore inaspettata si è verificata durante il trattamento del pacchetto '{pkgname}'",
"restore_hook_unavailable": "Il hook di ripristino '{hook:s}' non è disponibile sul tuo sistema",
"restore_nothings_done": "Non è stato ripristinato nulla",
"restore_running_app_script": "Esecuzione dello script di ripristino dell'applcicazione '{app:s}'...",
"restore_running_hooks": "Esecuzione dei hook di ripristino...",
"service_added": "Il servizio '{service:s}' è stato aggiunto",
"service_already_started": "Il servizio '{service:s}' è già stato avviato",
"service_already_stopped": "Il servizio '{service:s}' è già stato fermato",
"service_conf_file_backed_up": "Il file di configurazione '{conf}' è stato salvato in '{backup}'",
"service_conf_file_copy_failed": "Impossibile copiare il nuovo file di configurazione '{new}' in '{conf}'",
"service_conf_file_manually_modified": "Il file di configurazione '{conf}' è stato modificato manualmente e non verrà aggiornato",
"service_conf_file_manually_removed": "Il file di configurazione '{conf}' è stato rimosso manualmente e non verrà creato",
"service_conf_file_not_managed": "Il file di configurazione '{conf}' non è ancora amministrato e non verrà aggiornato",
"service_conf_file_remove_failed": "Impossibile rimuovere il file di configurazione '{conf}'",
"service_conf_file_removed": "Il file di configurazione '{conf}' è stato rimosso",
"service_conf_file_updated": "Il file di configurazione '{conf}' è stato aggiornato",
"service_conf_up_to_date": "La configurazione è già aggiornata per il servizio '{service}'",
"service_conf_updated": "La configurazione è stata aggiornata per il servizio '{service}'",
"service_conf_would_be_updated": "La configurazione sarebbe stata aggiornata per il servizio '{service}'",
"service_disable_failed": "Impossibile disattivare il servizio '{service:s}'",
"service_enable_failed": "Impossibile attivare il servizio '{service:s}'",
"service_enabled": "Il servizio '{service:s}' è stato attivato",
"service_no_log": "Nessuno registro da visualizzare per il servizio '{service:s}'",
"service_regenconf_dry_pending_applying": "Verificazione della configurazione in attesa che sarebbe stata applicata per il servizio '{service}'...",
"service_regenconf_failed": "Impossibile rigenerare la configurazione per il/i servizio/i: {services}",
"service_regenconf_pending_applying": "Applicazione della configurazione in attesa per il servizio '{service}'...",
"service_start_failed": "Impossibile avviare il servizio '{service:s}'",
"service_started": "Il servizio '{service:s}' è stato avviato",
"service_status_failed": "Impossibile determinare lo stato del servizio '{service:s}'",
"service_stopped": "Il servizio '{service:s}' è stato fermato",
"service_unknown": "Servizio '{service:s}' sconosciuto",
"ssowat_conf_generated": "La configurazione SSOwat è stata generata",
"ssowat_conf_updated": "La configurazione SSOwat è stata aggiornata",
"ssowat_persistent_conf_read_error": "Un'errore si è verificata durante la lettura della configurazione persistente SSOwat: {error:s}. Modifica il file persistente /etc/ssowat/conf.json per correggere la sintassi JSON",
"ssowat_persistent_conf_write_error": "Un'errore si è verificata durante la registrazione della configurazione persistente SSOwat: {error:s}. Modifica il file persistente /etc/ssowat/conf.json per correggere la sintassi JSON",
"system_upgraded": "Il sistema è stato aggiornato",
"unbackup_app": "L'applicazione '{app:s}' non verrà salvata",
"unexpected_error": "Un'errore inaspettata si è verificata",
"unit_unknown": "Unità '{unit:s}' sconosciuta",
"unlimit": "Nessuna quota",
"update_cache_failed": "Impossibile aggiornare la cache APT",
"updating_apt_cache": "Aggiornamento della lista dei pacchetti disponibili...",
"upgrade_complete": "Aggiornamento completo",
"upnp_dev_not_found": "Nessuno supporto UPnP trovato",
"upnp_disabled": "UPnP è stato disattivato",
"upnp_enabled": "UPnP è stato attivato",
"upnp_port_open_failed": "Impossibile aprire le porte UPnP",
"user_created": "L'utente è stato creato",
"user_creation_failed": "Impossibile creare l'utente",
"user_deletion_failed": "Impossibile cancellare l'utente",
"user_home_creation_failed": "Impossibile creare la home directory del utente",
"user_info_failed": "Impossibile riportare le informazioni del utente",
"user_unknown": "Utente sconosciuto: {user:s}",
"user_updated": "L'utente è stato aggiornato",
"yunohost_already_installed": "YunoHost è già installato",
"yunohost_ca_creation_failed": "Impossibile creare una certificate authority",
"yunohost_configured": "YunoHost è stato configurato",
"yunohost_installing": "Installazione di YunoHost...",
"yunohost_not_installed": "YunoHost non è o non corretamente installato. Esegui 'yunohost tools postinstall'",
"domain_cert_gen_failed": "Impossibile generare il certificato",
"certmanager_attempt_to_replace_valid_cert": "Stai provando a sovrascrivere un certificato buono e valido per il dominio {domain:s}! (Usa --force per ignorare)",
"certmanager_domain_unknown": "Dominio {domain:s} sconosciuto",
"certmanager_domain_cert_not_selfsigned": "Il ceritifcato per il dominio {domain:s} non è auto-firmato. Sei sicuro di volere sostituirlo? (Usa --force)",
"certmanager_certificate_fetching_or_enabling_failed": "L'attivazione del nuovo certificato per {domain:s} sembra fallita in qualche modo...",
"certmanager_attempt_to_renew_nonLE_cert": "Il certificato per il dominio {domain:s} non è emesso da Let's Encrypt. Impossibile rinnovarlo automaticamente!",
"certmanager_attempt_to_renew_valid_cert": "Il certificato per il dominio {domain:s} non è a scadere! Usa --force per ignorare",
"certmanager_domain_http_not_working": "Sembra che non sia possibile accedere al dominio {domain:s} attraverso HTTP. Verifica la configurazione del DNS e di nginx"
}

79
locales/nl.json
View file

@ -1,9 +1,9 @@
{
"action_invalid": "Ongeldige actie '{action:s}'",
"admin_password": "Administration password",
"admin_password_changed": "Het admin-wachtwoord is gewijzigd",
"admin_password": "Administrator wachtwoord",
"admin_password_changed": "Het administratie wachtwoord is gewijzigd",
"app_already_installed": "{app:s} is al geïnstalleerd",
"app_argument_invalid": "'{name:s}' bevat geldige waarde: {error:s}",
"app_argument_invalid": "'{name:s}' bevat ongeldige waarde: {error:s}",
"app_argument_required": "Het '{name:s}' moet ingevuld worden",
"app_extraction_failed": "Kan installatiebestanden niet uitpakken",
"app_id_invalid": "Ongeldige app-id",
@ -12,24 +12,24 @@
"app_location_install_failed": "Kan app niet installeren op deze locatie",
"app_manifest_invalid": "Ongeldig app-manifest",
"app_no_upgrade": "Geen apps op te upgraden",
"app_not_installed": "{app:s} is niet geinstalleerd",
"app_not_installed": "{app:s} is niet geïnstalleerd",
"app_recent_version_required": "{:s} vereist een nieuwere versie van moulinette",
"app_removed": "{app:s} succesvol verwijderd",
"app_sources_fetch_failed": "Kan bronbestanden niet ophalen",
"app_unknown": "Onbekende app",
"app_upgrade_failed": "Kan niet alle apps updaten",
"app_upgraded": "{app:s} succesvol geüpgrade",
"appslist_fetched": "App-lijst succesvol aangemaakt.",
"appslist_removed": "App-lijst succesvol verwijderd",
"appslist_unknown": "Onbekende app-lijst",
"app_upgrade_failed": "Kan app {app:s} niet updaten",
"app_upgraded": "{app:s} succesvol geüpgraded",
"appslist_fetched": "App-lijst {appslist:s} succesvol opgehaald",
"appslist_removed": "App-lijst {appslist:s} succesvol verwijderd",
"appslist_unknown": "App-lijst {appslist:s} is onbekend.",
"ask_current_admin_password": "Huidig administratorwachtwoord",
"ask_email": "Email-adres",
"ask_firstname": "Voornaam",
"ask_lastname": "Achternaam",
"ask_new_admin_password": "Nieuw administratorwachtwoord",
"ask_password": "Wachtwoord",
"backup_archive_name_exists": "Backuparchief bestaat al",
"backup_cleaning_failed": "Kan tijdelijke backup directory niet leeg maken",
"backup_archive_name_exists": "Een backuparchief met dezelfde naam bestaat al",
"backup_cleaning_failed": "Kan tijdelijke backup map niet leeg maken",
"backup_creating_archive": "Backup wordt gestart...",
"backup_invalid_archive": "Ongeldig backup archief",
"backup_output_directory_not_empty": "Doelmap is niet leeg",
@ -42,15 +42,15 @@
"domain_creation_failed": "Kan domein niet aanmaken",
"domain_deleted": "Domein succesvol verwijderd",
"domain_deletion_failed": "Kan domein niet verwijderen",
"domain_dyndns_already_subscribed": "Dit domein is al geregistreed bij DynDNS",
"domain_dyndns_already_subscribed": "U heeft reeds een domein bij DynDNS geregistreerd",
"domain_dyndns_invalid": "Het domein is ongeldig voor DynDNS",
"domain_dyndns_root_unknown": "Onbekend DynDNS root domein",
"domain_exists": "Domein bestaat al",
"domain_uninstall_app_first": "Een of meerdere apps zijn geïnstalleerd op dit domein, verwijder deze voordat u het domein verwijderd.",
"domain_uninstall_app_first": "Een of meerdere apps zijn geïnstalleerd op dit domein, verwijder deze voordat u het domein verwijdert",
"domain_unknown": "Onbekend domein",
"domain_zone_exists": "DNS zone bestand bestaat al",
"domain_zone_not_found": "DNS zone bestand niet gevonden voor domein: {:s}",
"done": "Voltooid.",
"done": "Voltooid",
"downloading": "Downloaden...",
"dyndns_cron_remove_failed": "De cron-job voor DynDNS kon niet worden verwijderd",
"dyndns_ip_update_failed": "Kan het IP adres niet updaten bij DynDNS",
@ -61,15 +61,15 @@
"extracting": "Uitpakken...",
"installation_complete": "Installatie voltooid",
"installation_failed": "Installatie gefaald",
"ldap_initialized": "LDAP staat klaar voor gebruik",
"license_undefined": "undefined",
"mail_alias_remove_failed": "Kan mail alias niet verwijderen '{mail:s}'",
"ldap_initialized": "LDAP is klaar voor gebruik",
"license_undefined": "Niet gedefinieerd",
"mail_alias_remove_failed": "Kan mail-alias '{mail:s}' niet verwijderen",
"monitor_stats_no_update": "Er zijn geen recente monitoringstatistieken bij te werken",
"mysql_db_creation_failed": "Aanmaken MySQL database gefaald",
"mysql_db_init_failed": "Initialiseren MySQL database gefaald",
"mysql_db_initialized": "MySQL database succesvol geïnitialiseerd",
"mysql_db_initialized": "MySQL database is succesvol geïnitialiseerd",
"network_check_smtp_ko": "Uitgaande mail (SMPT port 25) wordt blijkbaar geblokkeerd door uw het netwerk",
"no_appslist_found": "Geen app-lijsten gevonden",
"no_appslist_found": "Geen app-lijst gevonden",
"no_internet_connection": "Server is niet verbonden met het internet",
"no_ipv6_connectivity": "IPv6-stack is onbeschikbaar",
"path_removal_failed": "Kan pad niet verwijderen {:s}",
@ -82,7 +82,7 @@
"port_available": "Poort {port:d} is beschikbaar",
"port_unavailable": "Poort {port:d} is niet beschikbaar",
"restore_app_failed": "De app '{app:s}' kon niet worden terug gezet",
"restore_hook_unavailable": "De restauration hook '{hook:s}' is niet beschikbaar op dit systeem",
"restore_hook_unavailable": "De herstel-hook '{hook:s}' is niet beschikbaar op dit systeem",
"service_add_failed": "Kan service '{service:s}' niet toevoegen",
"service_already_started": "Service '{service:s}' draait al",
"service_cmd_exec_failed": "Kan '{command:s}' niet uitvoeren",
@ -98,12 +98,45 @@
"upgrade_complete": "Upgrade voltooid",
"upgrading_packages": "Pakketten worden geüpdate...",
"upnp_dev_not_found": "Geen UPnP apparaten gevonden",
"upnp_disabled": "UPnP successvol uitgeschakeld",
"upnp_disabled": "UPnP succesvol uitgeschakeld",
"upnp_enabled": "UPnP succesvol ingeschakeld",
"upnp_port_open_failed": "Kan UPnP poorten niet openen",
"user_deleted": "Gebruiker werd verwijderd",
"user_home_creation_failed": "Kan de map voor deze gebruiker niet aanmaken",
"user_unknown": "Gebruikersnaam is onbekend",
"user_unknown": "Gebruikersnaam {user:s} is onbekend",
"user_update_failed": "Kan gebruiker niet bijwerken",
"yunohost_configured": "YunoHost configuratie is OK"
"yunohost_configured": "YunoHost configuratie is OK",
"admin_password_change_failed": "Wachtwoord kan niet veranderd worden",
"app_argument_choice_invalid": "Ongeldige keuze voor argument '{name:s}'. Het moet een van de volgende keuzes zijn {choices:s}",
"app_incompatible": "Deze applicatie is incompatibel met uw YunoHost versie",
"app_not_correctly_installed": "{app:s} schijnt niet juist geïnstalleerd te zijn",
"app_not_properly_removed": "{app:s} werd niet volledig verwijderd",
"app_package_need_update": "Het is noodzakelijk om het app pakket te updaten, in navolging van veranderingen aan YunoHost",
"app_requirements_checking": "Controleer noodzakelijke pakketten...",
"app_requirements_failed": "Er wordt niet aan de aanvorderingen voldaan: {error}",
"app_requirements_unmeet": "Er wordt niet aan de aanvorderingen voldaan, het pakket {pkgname} ({version}) moet {spec} zijn",
"app_unsupported_remote_type": "Niet ondersteund besturings type voor de app",
"appslist_retrieve_error": "Niet mogelijk om de externe applicatie lijst op te halen {appslist:s}: {error:s}",
"appslist_retrieve_bad_format": "Opgehaald bestand voor applicatie lijst {appslist:s} is geen geldige applicatie lijst",
"appslist_name_already_tracked": "Er is reeds een geregistreerde applicatie lijst met de naam {name:s}.",
"appslist_url_already_tracked": "Er is reeds een geregistreerde applicatie lijst met de url {url:s}.",
"appslist_migrating": "Migreer applicatielijst {appslist:s} ...",
"appslist_could_not_migrate": "Kon applicatielijst {appslist:s} niet migreren! Niet in staat om de url te verwerken... De oude cron job is opgeslagen onder {bkp_file:s}.",
"appslist_corrupted_json": "Kon de applicatielijst niet laden. Het schijnt, dat {filename:s} beschadigd is.",
"ask_list_to_remove": "Te verwijderen lijst",
"ask_main_domain": "Hoofd-domein",
"backup_action_required": "U moet iets om op te slaan uitkiezen",
"backup_app_failed": "Kon geen backup voor app '{app:s}' aanmaken",
"backup_archive_app_not_found": "App '{app:s}' kon niet in het backup archief gevonden worden",
"backup_archive_broken_link": "Het backup archief kon niet geopend worden (Ongeldig verwijs naar {path:s})",
"backup_archive_hook_not_exec": "Hook '{hook:s}' kon voor deze backup niet uitgevoerd worden",
"backup_archive_name_unknown": "Onbekend lokaal backup archief namens '{name:s}' gevonden",
"backup_archive_open_failed": "Kan het backup archief niet openen",
"backup_created": "Backup aangemaakt",
"backup_creation_failed": "Aanmaken van backup mislukt",
"backup_delete_error": "Kon pad '{path:s}' niet verwijderen",
"backup_deleted": "Backup werd verwijderd",
"backup_extracting_archive": "Backup archief uitpakken...",
"backup_hook_unknown": "backup hook '{hook:s}' onbekend",
"backup_nothings_done": "Niets om op te slaan"
}

406
locales/oc.json Normal file
View file

@ -0,0 +1,406 @@
{
"admin_password": "Senhal dadministracion",
"admin_password_change_failed": "Impossible de cambiar lo senhal",
"admin_password_changed": "Lo senhal dadministracion es ben estat cambiat",
"app_already_installed": "{app:s} es ja installat",
"app_already_up_to_date": "{app:s} es ja a jorn",
"installation_complete": "Installacion acabada",
"app_id_invalid": "Id daplicacion incorrècte",
"app_install_files_invalid": "Fichièrs dinstallacion incorrèctes",
"app_no_upgrade": "Pas cap daplicacion de metre a jorn",
"app_not_correctly_installed": "{app:s} sembla pas ben installat",
"app_not_installed": "{app:s} es pas installat",
"app_not_properly_removed": "{app:s} es pas estat corrèctament suprimit",
"app_removed": "{app:s} es estat suprimit",
"app_unknown": "Aplicacion desconeguda",
"app_upgrade_app_name": "Mesa a jorn de laplicacion {app}...",
"app_upgrade_failed": "Impossible de metre a jorn {app:s}",
"app_upgrade_some_app_failed": "Daplicacions se pòdon pas metre a jorn",
"app_upgraded": "{app:s} es estat mes a jorn",
"appslist_fetched": "Recuperacion de la lista daplicacions {appslist:s} corrèctament realizada",
"appslist_migrating": "Migracion de la lista daplicacion{appslist:s}…",
"appslist_name_already_tracked": "I a ja una lista daplicacion enregistrada amb lo nom {name:s}.",
"appslist_removed": "Supression de la lista daplicacions {appslist:s} corrèctament realizada",
"appslist_retrieve_bad_format": "Lo fichièr recuperat per la lista daplicacions {appslist:s} es pas valid",
"appslist_unknown": "La lista daplicacions {appslist:s} es desconeguda.",
"appslist_url_already_tracked": "I a ja una lista daplicacions enregistrada amb lURL {url:s}.",
"ask_current_admin_password": "Senhal administrator actual",
"ask_email": "Adreça de corrièl",
"ask_firstname": "Prenom",
"ask_lastname": "Nom",
"ask_list_to_remove": "Lista de suprimir",
"ask_main_domain": "Domeni màger",
"ask_new_admin_password": "Nòu senhal administrator",
"ask_password": "Senhal",
"ask_path": "Camin",
"backup_action_required": "Devètz precisar çò que cal salvagardar",
"backup_app_failed": "Impossible de salvagardar laplicacion « {app:s} »",
"backup_applying_method_copy": "Còpia de totes los fichièrs dins la salvagarda…",
"backup_applying_method_tar": "Creacion de larchiu tar de la salvagarda…",
"backup_archive_name_exists": "Un archiu de salvagarda amb aquesta nom existís ja",
"backup_archive_name_unknown": "Larchiu local de salvagarda apelat « {name:s} »es desconegut",
"action_invalid": "Accion « {action:s} »incorrècta",
"app_argument_choice_invalid": "Causida invalida pel paramètre « {name:s} », cal que siá un de {choices:s}",
"app_argument_invalid": "Valor invalida pel paramètre « {name:s} » : {error:s}",
"app_argument_required": "Lo paramètre « {name:s}»es requesit",
"app_change_url_failed_nginx_reload": "La reaviada de nginx a fracassat. Vaquí la sortida de «nginx -t»:\n{nginx_errors:s}",
"app_change_url_identical_domains": "Lancian e lo novèl coble domeni/camin son identics per {domain:s}{path:s}, pas res a far.",
"app_change_url_success": "LURL de laplicacion {app:s} a cambiat per {domain:s}{path:s}",
"app_checkurl_is_deprecated": "Packagers /!\\ app checkurl es obsolèt! Utilizatz app register-url a la plaça!",
"app_extraction_failed": "Extraccion dels fichièrs dinstallacion impossibla",
"app_incompatible": "Laplicacion {app} es pas compatibla amb vòstra version de YunoHost",
"app_location_already_used": "Laplicacion « {app}»es ja installada a aqueste emplaçament ({path})",
"app_manifest_invalid": "Manifest daplicacion incorrècte: {error}",
"app_package_need_update": "Lo paquet de laplicacion {app} deu èsser mes a jorn per seguir los cambiaments de YunoHost",
"app_requirements_checking": "Verificacion dels paquets requesida per {app}...",
"app_sources_fetch_failed": "Recuperacion dels fichièrs fonts impossibla",
"app_unsupported_remote_type": "Lo tipe alonhat utilizat per laplicacion es pas suportat",
"appslist_retrieve_error": "Impossible de recuperar la lista daplicacions alonhadas {appslist:s}: {error:s}",
"backup_archive_app_not_found": "Laplicacion « {app:s}»es pas estada trobada dins larchiu de la salvagarda",
"backup_archive_broken_link": "Impossible daccedir a larchiu de salvagarda (ligam invalid cap a {path:s})",
"backup_archive_mount_failed": "Lo montatge de larchiu de salvagarda a fracassat",
"backup_archive_open_failed": "Impossible de dobrir larchiu de salvagarda",
"backup_archive_system_part_not_available": "La part « {part:s}»del sistèma es pas disponibla dins aquesta salvagarda",
"backup_cleaning_failed": "Impossible de netejar lo repertòri temporari de salvagarda",
"backup_copying_to_organize_the_archive": "Còpia de {size:s} Mio per organizar larchiu",
"backup_created": "Salvagarda acabada",
"backup_creating_archive": "Creacion de larchiu de salvagarda...",
"backup_creation_failed": "Impossible de crear la salvagarda",
"app_already_installed_cant_change_url": "Aquesta aplicacion es ja installada. Aquesta foncion pòt pas simplament cambiar lURL. Agachatz «app changeurl »ses disponible.",
"app_change_no_change_url_script": "Laplicacion {app_name:s} pren pas en compte lo cambiament dURL, poiretz aver de la metre a jorn.",
"app_change_url_no_script": "Laplicacion {app_name:s} pren pas en compte lo cambiament dURL, benlèu que vos cal la metre a jorn.",
"app_make_default_location_already_used": "Impossible de configurar laplicacion « {app} »per defaut pel domeni {domain} perque es ja utilizat per laplicacion {other_app}",
"app_location_install_failed": "Impossible dinstallar laplicacion a aqueste emplaçament per causa de conflicte amb laplicacion {other_app} ques ja installada sus {other_path}",
"app_location_unavailable": "Aquesta URL es pas disponibla o en conflicte amb una aplicacion existenta",
"appslist_corrupted_json": "Cargament impossible de la lista daplicacion. Sembla que {filename:s} siá gastat.",
"backup_delete_error": "Impossible de suprimir « {path:s} »",
"backup_deleted": "La salvagarda es estada suprimida",
"backup_hook_unknown": "Script de salvagarda « {hook:s} »desconegut",
"backup_invalid_archive": "Archiu de salvagarda incorrècte",
"backup_method_borg_finished": "La salvagarda dins Borg es acabada",
"backup_method_copy_finished": "La còpia de salvagarda es acabada",
"backup_method_tar_finished": "Larchiu tar de la salvagarda es estat creat",
"backup_output_directory_not_empty": "Lo dorsièr de sortida es pas void",
"backup_output_directory_required": "Vos cal especificar un dorsièr de sortida per la salvagarda",
"backup_running_app_script": "Lançament de lescript de salvagarda de laplicacion « {app:s} »...",
"backup_running_hooks": "Execucion dels scripts de salvagarda...",
"backup_system_part_failed": "Impossible de salvagardar la part « {part:s} »del sistèma",
"app_requirements_failed": "Impossible de complir las condicions requesidas per {app}: {error}",
"app_requirements_unmeet": "Las condicions requesidas per {app} son pas complidas, lo paquet {pkgname} ({version}) deu èsser {spec}",
"appslist_could_not_migrate": "Migracion de la lista impossibla {appslist:s}! Impossible danalizar lURL… Lanciana tasca cron es estada servada dins {bkp_file:s}.",
"backup_abstract_method": "Aqueste metòde de salvagarda es pas encara implementat",
"backup_applying_method_custom": "Crida lo metòde de salvagarda personalizat « {method:s} »…",
"backup_borg_not_implemented": "Lo metòde de salvagarda Bord es pas encara implementat",
"backup_couldnt_bind": "Impossible de ligar {src:s} amb {dest:s}.",
"backup_csv_addition_failed": "Impossible dajustar de fichièrs a la salvagarda dins lo fichièr CSV",
"backup_custom_backup_error": "Fracàs del metòde de salvagarda personalizat a letapa «backup »",
"backup_custom_mount_error": "Fracàs del metòde de salvagarda personalizat a letapa «mount »",
"backup_custom_need_mount_error": "Fracàs del metòde de salvagarda personalizat a letapa «need_mount »",
"backup_method_custom_finished": "Lo metòde de salvagarda personalizat « {method:s} »es acabat",
"backup_nothings_done": "I a pas res de salvagardar",
"backup_unable_to_organize_files": "Impossible dorganizar los fichièrs dins larchiu amb lo metòde rapid",
"service_status_failed": "Impossible de determinar lestat del servici « {service:s} »",
"service_stopped": "Lo servici « {service:s} »es estat arrestat",
"service_unknown": "Servici « {service:s} »desconegut",
"unbackup_app": "Laplicacion « {app:s} »serà pas salvagardada",
"unit_unknown": "Unitat « {unit:s} »desconeguda",
"unlimit": "Cap de quòta",
"unrestore_app": "Laplicacion « {app:s} »serà pas restaurada",
"upnp_dev_not_found": "Cap de periferic compatible UPnP pas trobat",
"upnp_disabled": "UPnP es desactivat",
"upnp_enabled": "UPnP es activat",
"upnp_port_open_failed": "Impossible de dobrir los pòrts amb UPnP",
"yunohost_already_installed": "YunoHost es ja installat",
"yunohost_configured": "YunoHost es estat configurat",
"yunohost_installing": "Installacion de YunoHost...",
"backup_applying_method_borg": "Mandadís de totes los fichièrs a la salvagarda dins lo repertòri borg-backup…",
"backup_csv_creation_failed": "Creacion impossibla del fichièr CSV necessari a las operacions futuras de restauracion",
"backup_extracting_archive": "Extraccion de larchiu de salvagarda…",
"backup_output_symlink_dir_broken": "Avètz un ligam simbolic copat allòc de vòstre repertòri darchiu « {path:s} ». Poiriatz aver una configuracion personalizada per salvagardar vòstras donadas sus un autre sistèma de fichièrs, en aquel cas, saique oblidèretz de montar o de connectar lo disc o la clau USB.",
"backup_with_no_backup_script_for_app": "Laplicacion {app:s} a pas cap de script de salvagarda. I fasèm pas cas.",
"backup_with_no_restore_script_for_app": "Laplicacion {app:s} a pas cap de script de restauracion, poiretz pas restaurar automaticament la salvagarda daquesta aplicacion.",
"certmanager_acme_not_configured_for_domain": "Lo certificat del domeni {domain:s} sembla pas corrèctament installat. Mercés de lançar den primièr cert-install per aqueste domeni.",
"certmanager_attempt_to_renew_nonLE_cert": "Lo certificat pel domeni {domain:s} es pas provesit per Lets Encrypt. Impossible de lo renovar automaticament!",
"certmanager_attempt_to_renew_valid_cert": "Lo certificat pel domeni {domain:s} es a man dexpirar! Utilizatz --force per cortcircuitar",
"certmanager_cannot_read_cert": "Quicòm a trucat en ensajar de dobrir lo certificat actual pel domeni {domain:s} (fichièr: {file:s}), rason: {reason:s}",
"certmanager_cert_install_success": "Installacion capitada del certificat Lets Encrypt pel domeni {domain:s}!",
"certmanager_cert_install_success_selfsigned": "Installacion capitada del certificat auto-signat pel domeni {domain:s}!",
"certmanager_cert_signing_failed": "Fracàs de la signatura del nòu certificat",
"certmanager_domain_cert_not_selfsigned": "Lo certificat del domeni {domain:s} es pas auto-signat. Volètz vertadièrament lo remplaçar? (Utiliatz --force)",
"certmanager_domain_dns_ip_differs_from_public_ip": "Lenregistrament DNS «A »del domeni {domain:s} es diferent de ladreça IP daqueste servidor. Se fa pauc quavètz modificat lenregistrament «A », mercés desperar lespandiment (qualques verificadors despandiment son disponibles en linha). (Se sabètz çò que fasèm, utilizatz --no-checks per desactivar aqueles contraròtles)",
"certmanager_domain_http_not_working": "Sembla que lo domeni {domain:s} es pas accessible via HTTP. Mercés de verificar que las configuracions DNS e nginx son corrèctas",
"certmanager_domain_unknown": "Domeni desconegut {domain:s}",
"certmanager_no_cert_file": "Lectura impossibla del fichièr del certificat pel domeni {domain:s} (fichièr: {file:s})",
"certmanager_self_ca_conf_file_not_found": "Lo fichièr de configuracion per lautoritat del certificat auto-signat es introbabla (fichièr: {file:s})",
"certmanager_unable_to_parse_self_CA_name": "Analisi impossible lo nom de lautoritat del certificat auto-signat (fichièr: {file:s})",
"custom_app_url_required": "Cal que donetz una URL per actualizar vòstra aplicacion personalizada {app:s}",
"custom_appslist_name_required": "Cal que nomenetz vòstra lista daplicacions personalizadas",
"diagnosis_debian_version_error": "Impossible de determinar la version de Debian: {error}",
"diagnosis_kernel_version_error": "Impossible de recuperar la version del nuclèu: {error}",
"diagnosis_no_apps": "Pas cap daplicacion installada",
"dnsmasq_isnt_installed": "dnsmasq sembla pas èsser installat, mercés de lançar «apt-get remove bind9 && apt-get install dnsmasq »",
"domain_cannot_remove_main": "Impossible de levar lo domeni màger. Definissètz un novèl domeni màger den primièr",
"domain_cert_gen_failed": "Generacion del certificat impossibla",
"domain_created": "Lo domeni es creat",
"domain_creation_failed": "Creacion del certificat impossibla",
"domain_deleted": "Lo domeni es suprimit",
"domain_deletion_failed": "Supression impossibla del domeni",
"domain_dyndns_invalid": "Domeni incorrècte per una utilizacion amb DynDNS",
"domain_dyndns_root_unknown": "Domeni DynDNS màger desconegut",
"domain_exists": "Lo domeni existís ja",
"domain_hostname_failed": "Fracàs de la creacion dun nòu nom dòst",
"domain_unknown": "Domeni desconegut",
"domain_zone_exists": "Lo fichièr zòna DNS existís ja",
"domain_zone_not_found": "Fichèr de zòna DNS introbable pel domeni {:s}",
"domains_available": "Domenis disponibles:",
"done": "Acabat",
"downloading": "Telecargament…",
"dyndns_could_not_check_provide": "Impossible de verificar se {provider:s} pòt provesir {domain:s}.",
"dyndns_cron_installed": "La tasca cron pel domeni DynDNS es installada",
"dyndns_cron_remove_failed": "Impossible de levar la tasca cron pel domeni DynDNS",
"dyndns_cron_removed": "La tasca cron pel domeni DynDNS es levada",
"dyndns_ip_update_failed": "Impossible dactualizar ladreça IP sul domeni DynDNS",
"dyndns_ip_updated": "Vòstra adreça IP es estada actualizada pel domeni DynDNS",
"dyndns_key_generating": "La clau DNS es a se generar, pòt trigar una estona...",
"dyndns_key_not_found": "Clau DNS introbabla pel domeni",
"dyndns_no_domain_registered": "Cap de domeni pas enregistrat amb DynDNS",
"dyndns_registered": "Lo domeni DynDNS es enregistrat",
"dyndns_registration_failed": "Enregistrament del domeni DynDNS impossibla: {error:s}",
"dyndns_domain_not_provided": "Lo provesidor DynDNS {provider:s} pòt pas fornir lo domeni {domain:s}.",
"dyndns_unavailable": "Lo domeni {domain:s} es pas disponible.",
"extracting": "Extraccion…",
"field_invalid": "Camp incorrècte: « {:s} »",
"format_datetime_short": "%d/%m/%Y %H:%M",
"global_settings_cant_open_settings": "Fracàs de la dobertura del fichièr de configuracion, rason: {reason:s}",
"global_settings_key_doesnt_exists": "La clau « {settings_key:s} »existís pas dins las configuracions globalas, podètz veire totas las claus disponiblas en picant «yunohost settings list »",
"global_settings_reset_success": "Capitada! Vòstra configuracion precedenta es estada salvagarda dins {path:s}",
"global_settings_setting_example_bool": "Exemple dopcion booleana",
"global_settings_unknown_setting_from_settings_file": "Clau desconeguda dins los paramètres: {setting_key:s}, apartada e salvagardada dins /etc/yunohost/unkown_settings.json",
"installation_failed": "Fracàs de linstallacion",
"invalid_url_format": "Format dURL pas valid",
"ldap_initialized": "Lannuari LDAP es inicializat",
"license_undefined": "indefinida",
"maindomain_change_failed": "Modificacion impossibla del domeni màger",
"maindomain_changed": "Lo domeni màger es estat modificat",
"migrate_tsig_end": "La migracion cap a hmac-sha512 es acabada",
"migrate_tsig_wait_2": "2 minutas…",
"migrate_tsig_wait_3": "1 minuta…",
"migrate_tsig_wait_4": "30 segondas…",
"migration_description_0002_migrate_to_tsig_sha256": "Melhora la seguretat de DynDNS TSIG en utilizar SHA512 allòc de MD5",
"migration_description_0003_migrate_to_stretch": "Mesa a nivèl del sistèma cap a Debian Stretch e YunoHost 3.0",
"migration_0003_backward_impossible": "La migracion Stretch es pas reversibla.",
"migration_0003_start": "Aviada de la migracion cap a Stretech. Los jornals seràn disponibles dins {logfile}.",
"migration_0003_patching_sources_list": "Petaçatge de sources.lists…",
"migration_0003_main_upgrade": "Aviada de la mesa a nivèl màger…",
"migration_0003_fail2ban_upgrade": "Aviada de la mesa a nivèl de fail2ban…",
"migration_0003_not_jessie": "La distribucion Debian actuala es pas Jessie!",
"migrations_cant_reach_migration_file": "Impossible daccedir als fichièrs de migracion amb lo camin %s",
"migrations_current_target": "La cibla de migracion est {}",
"migrations_error_failed_to_load_migration": "ERROR: fracàs del cargament de la migracion {number} {name}",
"migrations_list_conflict_pending_done": "Podètz pas utilizar --previous e --done a lencòp.",
"migrations_loading_migration": "Cargament de la migracion{number} {name}…",
"migrations_no_migrations_to_run": "Cap de migracion de lançar",
"migrations_show_currently_running_migration": "Realizacion de la migracion {number} {name}…",
"migrations_show_last_migration": "La darrièra migracion realizada es {}",
"monitor_glances_con_failed": "Connexion impossibla al servidor Glances",
"monitor_not_enabled": "Lo seguiment de lestat del servidor es pas activat",
"monitor_stats_no_update": "Cap de donadas destat del servidor dactualizar",
"mountpoint_unknown": "Ponch de montatge desconegut",
"mysql_db_creation_failed": "Creacion de la basa de donadas MySQL impossibla",
"no_appslist_found": "Cap de lista daplicacions pas trobada",
"no_internet_connection": "Lo servidor es pas connectat a Internet",
"package_not_installed": "Lo paquet « {pkgname} »es pas installat",
"package_unknown": "Paquet « {pkgname} »desconegut",
"packages_no_upgrade": "I a pas cap de paquet dactualizar",
"packages_upgrade_failed": "Actualizacion de totes los paquets impossibla",
"path_removal_failed": "Impossible de suprimir lo camin {:s}",
"pattern_domain": "Deu èsser un nom de domeni valid (ex: mon-domeni.org)",
"pattern_email": "Deu èsser una adreça electronica valida (ex: escais@domeni.org)",
"pattern_firstname": "Deu èsser un pichon nom valid",
"pattern_lastname": "Deu èsser un nom valid",
"pattern_password": "Deu conténer almens 3 caractèrs",
"pattern_port": "Deu èsser un numèro de pòrt valid (ex: 0-65535)",
"pattern_port_or_range": "Deu èsser un numèro de pòrt valid (ex: 0-65535) o un interval de pòrt (ex: 100:200)",
"pattern_positive_number": "Deu èsser un nombre positiu",
"port_already_closed": "Lo pòrt {port:d} es ja tampat per las connexions {ip_version:s}",
"port_already_opened": "Lo pòrt {port:d} es ja dubèrt per las connexions {ip_version:s}",
"port_available": "Lo pòrt {port:d} es disponible",
"port_unavailable": "Lo pòrt {port:d} es pas disponible",
"restore_already_installed_app": "Una aplicacion es ja installada amb lid « {app:s} »",
"restore_app_failed": "Impossible de restaurar laplicacion « {app:s} »",
"backup_ask_for_copying_if_needed": "Dunes fichièrs an pas pogut èsser preparatz per la salvagarda en utilizar lo metòde quevita de gastar despaci sul sistèma de manièra temporària. Per lançar la salvagarda, cal utilizar temporàriament {size:s} Mo. Acceptatz?",
"yunohost_not_installed": "YunoHost es pas installat o corrèctament installat. Mercés dexecutar «yunohost tools postinstall »",
"backup_output_directory_forbidden": "Repertòri de destinacion defendut. Las salvagardas pòdon pas se realizar dins los repertòris bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var ou /home/yunohost.backup/archives",
"certmanager_attempt_to_replace_valid_cert": "Sètz a remplaçar un certificat corrècte e valid pel domeni {domain:s}! (Utilizatz --force per cortcircuitar)",
"certmanager_cert_renew_success": "Renovèlament capitat dun certificat Lets Encrypt pel domeni {domain:s}!",
"certmanager_certificate_fetching_or_enabling_failed": "Sembla daver fracassat lactivacion dun nòu certificat per {domain:s}…",
"certmanager_conflicting_nginx_file": "Impossible de preparar lo domeni pel desfís ACME: lo fichièr de configuracion nginx {filepath:s} es en conflicte e deu èsser levat den primièr",
"certmanager_couldnt_fetch_intermediate_cert": "Expiracion del relambi pendent lensag de recuperacion del certificat intermediari dins de Lets Encrypt. Linstallacion / lo renovèlament es estat interromput - tornatz ensajar mai tard.",
"certmanager_domain_not_resolved_locally": "Lo domeni {domain:s} pòt pas èsser determinat dins de vòstre servidor YunoHost. Pòt arribar savètz recentament modificat vòstre enregistrament DNS. Dins aqueste cas, mercés desperar unas oras per lespandiment. Se lo problèma dura, consideratz ajustar {domain:s} a /etc/hosts. (Se sabètz çò que fasètz, utilizatz --no-checks per desactivar las verificacions.)",
"certmanager_error_no_A_record": "Cap denregistrament DNS «A »pas trobat per {domain:s}. Vos cal indicar que lo nom de domeni mene a vòstra maquina per poder installar un certificat LetS Encrypt! (Se sabètz çò que fasètz, utilizatz --no-checks per desactivar las verificacions.)",
"certmanager_hit_rate_limit": "Tròp de certificats son ja estats demandats recentament per aqueste ensem de domeni {domain:s}. Mercés de tornar ensajar mai tard. Legissètz https://letsencrypt.org/docs/rate-limits/ per mai detalhs",
"certmanager_http_check_timeout": "Expiracion del relambi densag del servidor de se contactar via HTTP amb son adreça IP publica {domain:s} amb ladreça {ip:s}. Coneissètz benlèu de problèmas dhairpinning o lo parafuòc/router amont de vòstre servidor es mal configurat.",
"domain_dns_conf_is_just_a_recommendation": "Aqueste pagina mòstra la configuracion *recomandada*. Non configura *pas* lo DNS per vos. Sètz responsable de la configuracion de vòstra zòna DNS en çò de vòstre registrar DNS amb aquesta recomandacion.",
"domain_dyndns_already_subscribed": "Avètz ja soscrich a un domeni DynDNS",
"domain_dyndns_dynette_is_unreachable": "Impossible de contactar la dynette YunoHost, siá YunoHost pas es pas corrèctament connectat a Internet, siá lo servidor de la dynett es arrestat. Error: {error}",
"domain_uninstall_app_first": "Una o mantuna aplicacions son installadas sus aqueste domeni. Mercés de las desinstallar den primièr abans de suprimir aqueste domeni",
"firewall_reload_failed": "Impossible de recargar lo parafuòc",
"firewall_reloaded": "Lo parafuòc es estat recargat",
"firewall_rules_cmd_failed": "Unas règlas del parafuòc an fracassat. Per mai informacions, consultatz lo jornal.",
"global_settings_bad_choice_for_enum": "La valor del paramètre {setting:s} es incorrècta. Recebut: {received_type:s}, esperat {expected_type:s}",
"global_settings_bad_type_for_setting": "Lo tipe del paramètre {setting:s} es incorrècte. Recebut: {received_type:s}, esperat {expected_type:s}",
"global_settings_cant_write_settings": "Fracàs de lescritura del fichièr de configuracion, rason: {reason:s}",
"global_settings_setting_example_enum": "Exemple dopcion de tipe enumeracion",
"global_settings_setting_example_int": "Exemple dopcion de tipe entièr",
"global_settings_setting_example_string": "Exemple dopcion de tipe cadena",
"global_settings_unknown_type": "Situacion inesperada, la configuracion {setting:s} sembla daver lo tipe {unknown_type:s} mas es pas un tipe pres en carga pel sistèma.",
"hook_exec_failed": "Fracàs de lexecucion del script « {path:s} »",
"hook_exec_not_terminated": "Lexecucion del escript « {path:s} »es pas acabada",
"hook_list_by_invalid": "La proprietat de tria de las accions es invalida",
"hook_name_unknown": "Nom de script « {name:s} »desconegut",
"ldap_init_failed_to_create_admin": "Linicializacion de LDAP a pas pogut crear lutilizaire admin",
"mail_domain_unknown": "Lo domeni de corrièl « {domain:s} »es desconegut",
"mailbox_used_space_dovecot_down": "Lo servici corrièl Dovecot deu èsser aviat, se volètz conéisser lespaci ocupat per la messatjariá",
"migrate_tsig_failed": "La migracion del domeni dyndns {domain} cap a hmac-sha512 a pas capitat, anullacion de las modificacions. Error: {error_code} - {error}",
"migrate_tsig_wait": "Esperem 3 minutas que lo servidor dyndns prenga en compte la novèla clau…",
"migrate_tsig_not_needed": "Sembla quutilizatz pas un domeni dyndns, donc cap de migracion es pas necessària!",
"migration_0003_yunohost_upgrade": "Aviada de la mesa a nivèl del paquet YunoHost… La migracion acabarà, mas la mesa a jorn reala se realizarà tot bèl aprèp. Un còp acabada, poiretz vos reconnectar a ladministracion web.",
"migration_0003_system_not_fully_up_to_date": "Lo sistèma es pas complètament a jorn. Mercés de lançar una mesa a jorn classica abans de començar la migracion per Stretch.",
"migration_0003_modified_files": "Mercés de notar que los fichièrs seguents son estats detectats coma modificats manualament e poiràn èsser escafats a la fin de la mesa a nivèl: {manually_modified_files}",
"monitor_period_invalid": "Lo periòde de temps es incorrècte",
"monitor_stats_file_not_found": "Lo fichièr destatisticas es introbable",
"monitor_stats_period_unavailable": "Cap destatisticas son pas disponiblas pel periòde",
"mysql_db_init_failed": "Impossible dinicializar la basa de donadas MySQL",
"service_disable_failed": "Impossible de desactivar lo servici « {service:s} »↵\n↵\nJornals recents: {logs:s}",
"service_disabled": "Lo servici « {service:s} »es desactivat",
"service_enable_failed": "Impossible dactivar lo servici « {service:s} »↵\n↵\nJornals recents: {logs:s}",
"service_enabled": "Lo servici « {service:s} »es activat",
"service_no_log": "Cap de jornal de far veire pel servici « {service:s} »",
"service_regenconf_dry_pending_applying": "Verificacion de las configuracions en espèra que poirián èsser aplicadas pel servici « {service} »…",
"service_regenconf_failed": "Regeneracion impossibla de la configuracion pels servicis: {services}",
"service_regenconf_pending_applying": "Aplicacion de las configuracions en espèra pel servici « {service} »…",
"service_remove_failed": "Impossible de levar lo servici « {service:s} »",
"service_removed": "Lo servici « {service:s} »es estat levat",
"service_start_failed": "Impossible daviar lo servici « {service:s} »↵\n↵\nJornals recents: {logs:s}",
"service_started": "Lo servici « {service:s} »es aviat",
"service_stop_failed": "Impossible darrestar lo servici « {service:s} »↵\n\nJornals recents: {logs:s}",
"ssowat_conf_generated": "La configuracion SSowat es generada",
"ssowat_conf_updated": "La configuracion SSOwat es estada actualizada",
"system_upgraded": "Lo sistèma es estat actualizat",
"system_username_exists": "Lo nom dutilizaire existís ja dins los utilizaires sistèma",
"unexpected_error": "Una error inesperada ses producha",
"upgrade_complete": "Actualizacion acabada",
"upgrading_packages": "Actualizacion dels paquets…",
"user_created": "Lutilizaire es creat",
"user_creation_failed": "Creacion de lutilizaire impossibla",
"user_deleted": "Lutilizaire es suprimit",
"user_deletion_failed": "Supression impossibla de lutilizaire",
"user_home_creation_failed": "Creacion impossibla del repertòri personal a lutilizaire",
"user_info_failed": "Recuperacion impossibla de las informacions tocant lutilizaire",
"user_unknown": "Utilizaire « {user:s} »desconegut",
"user_update_failed": "Modificacion impossibla de lutilizaire",
"user_updated": "Lutilizaire es estat modificat",
"yunohost_ca_creation_failed": "Creacion impossibla de lautoritat de certificacion",
"yunohost_ca_creation_success": "Lautoritat de certificacion locala es creada.",
"service_conf_file_kept_back": "Lo fichièr de configuracion « {conf} »deuriá èsser suprimit pel servici {service} mas es estat servat.",
"service_conf_file_manually_modified": "Lo fichièr de configuracion « {conf} »es estat modificat manualament e serà pas actualizat",
"service_conf_file_manually_removed": "Lo fichièr de configuracion « {conf} »es suprimit manualament e serà pas creat",
"service_conf_file_remove_failed": "Supression impossibla del fichièr de configuracion « {conf} »",
"service_conf_file_removed": "Lo fichièr de configuracion « {conf} »es suprimit",
"service_conf_file_updated": "Lo fichièr de configuracion « {conf} »es actualizat",
"service_conf_new_managed_file": "Lo servici {service} gerís ara lo fichièr de configuracion « {conf} ».",
"service_conf_up_to_date": "La configuracion del servici « {service} »es ja actualizada",
"service_conf_would_be_updated": "La configuracion del servici « {service} »seriá estada actualizada",
"service_description_avahi-daemon": "permet daténher vòstre servidor via yunohost.local sus vòstre ret local",
"service_description_dnsmasq": "gerís la resolucion dels noms de domeni (DNS)",
"updating_apt_cache": "Actualizacion de la lista dels paquets disponibles...",
"service_conf_file_backed_up": "Lo fichièr de configuracion « {conf} »es salvagardat dins « {backup} »",
"service_conf_file_copy_failed": "Còpia impossibla del nòu fichièr de configuracion « {new} »cap a « {conf} »",
"server_reboot_confirm": "Lo servidor es per reaviar sul pic, o volètz vertadièrament? {answers:s}",
"service_add_failed": "Apondon impossible del servici « {service:s} »",
"service_added": "Lo servici « {service:s} »es ajustat",
"service_already_started": "Lo servici « {service:s} »es ja aviat",
"service_already_stopped": "Lo servici « {service:s} »es ja arrestat",
"restore_cleaning_failed": "Impossible de netejar lo repertòri temporari de restauracion",
"restore_complete": "Restauracion acabada",
"restore_confirm_yunohost_installed": "Volètz vertadièrament restaurar un sistèma ja installat? {answers:s}",
"restore_extracting": "Extraccions dels fichièrs necessaris dins de larchiu…",
"restore_failed": "Impossible de restaurar lo sistèma",
"restore_hook_unavailable": "Lo script de restauracion « {part:s} »es pas disponible sus vòstre sistèma e es pas tanpauc dins larchiu",
"restore_may_be_not_enough_disk_space": "Lo sistèma sembla daver pas pro despaci disponible (liure: {free_space:d} octets, necessari: {needed_space:d} octets, marge de seguretat: {margin:d} octets)",
"restore_mounting_archive": "Montatge de larchiu dins « {path:s} »",
"restore_not_enough_disk_space": "Espaci disponible insufisent (liure: {free_space:d} octets, necessari: {needed_space:d} octets, marge de seguretat: {margin:d} octets)",
"restore_nothings_done": "Res es pas estat restaurat",
"restore_removing_tmp_dir_failed": "Impossible de levar u ancian repertòri temporari",
"restore_running_app_script": "Lançament del script de restauracion per laplicacion « {app:s} »…",
"restore_running_hooks": "Execucion dels scripts de restauracion…",
"restore_system_part_failed": "Restauracion impossibla de la part « {part:s} »del sistèma",
"server_shutdown": "Lo servidor serà atudat",
"server_shutdown_confirm": "Lo servidor es per satudar sul pic, o volètz vertadièrament? {answers:s}",
"server_reboot": "Lo servidor es per reaviar",
"network_check_mx_ko": "Lenregistrament DNS MX es pas especificat",
"new_domain_required": "Vos cal especificar lo domeni màger",
"no_ipv6_connectivity": "La connectivitat IPv6 es pas disponibla",
"not_enough_disk_space": "Espaci disc insufisent sus « {path:s} »",
"package_unexpected_error": "Una error inesperada es apareguda amb lo paquet « {pkgname} »",
"packages_upgrade_critical_later": "Los paquets critics {packages:s} seràn actualizats mai tard",
"restore_action_required": "Devètz precisar çò que cal restaurar",
"service_cmd_exec_failed": "Impossible dexecutar la comanda « {command:s} »",
"service_conf_updated": "La configuracion es estada actualizada pel servici « {service} »",
"service_description_mysql": "garda las donadas de las aplicacions (base de donadas SQL)",
"service_description_php5-fpm": "executa daplicacions escrichas en PHP amb nginx",
"service_description_postfix": "emplegat per enviar e recebre de corrièls",
"service_description_rmilter": "verifica mantun paramètres dels corrièls",
"service_description_slapd": "garda los utilizaires, domenis e lors informacions ligadas",
"service_description_ssh": "vos permet de vos connectar a distància a vòstre servidor via un teminal (protocòl SSH)",
"service_description_yunohost-api": "permet las interaccions entre linterfàcia web de YunoHost e le sistèma",
"service_description_yunohost-firewall": "gerís los pòrts de connexion dobèrts e tampats als servicis",
"ssowat_persistent_conf_read_error": "Error en legir la configuracion duradissa de SSOwat: {error:s}. Modificatz lo fichièr /etc/ssowat/conf.json.persistent per reparar la sintaxi JSON",
"ssowat_persistent_conf_write_error": "Error en salvagardar la configuracion duradissa de SSOwat: {error:s}. Modificatz lo fichièr /etc/ssowat/conf.json.persistent per reparar la sintaxi JSON",
"certmanager_old_letsencrypt_app_detected": "\nYunohost a detectat que laplicacion letsencrypt es installada, aquò es en conflicte amb las novèlas foncionalitats integradas de gestion dels certificats de Yunohost. Se volètz utilizar aquelas foncionalitats integradas, mercés de lançar las comandas seguentas per migrar vòstra installacion:\n\n yunohost app remove letsencrypt\n yunohost domain cert-install\n\nN.B.: aquò provarà de tornar installar los certificats de totes los domenis amb un certificat Lets Encrypt o las auto-signats",
"diagnosis_monitor_disk_error": "Impossible de supervisar los disques: {error}",
"diagnosis_monitor_network_error": "Impossible de supervisar la ret: {error}",
"diagnosis_monitor_system_error": "Impossible de supervisar lo sistèma: {error}",
"executing_command": "Execucion de la comanda « {command:s} »…",
"executing_script": "Execucion del script « {script:s} »…",
"global_settings_cant_serialize_settings": "Fracàs de la serializacion de las donadas de parametratge, rason: {reason:s}",
"ip6tables_unavailable": "Podètz pas jogar amb ip6tables aquí. Siá sèts dins un contenedor, siá vòstre nuclèu es pas compatible amb aquela opcion",
"iptables_unavailable": "Podètz pas jogar amb iptables aquí. Siá sèts dins un contenedor, siá vòstre nuclèu es pas compatible amb aquela opcion",
"update_cache_failed": "Impossible dactualizar lo cache de lAPT",
"mail_alias_remove_failed": "Supression impossibla de lalias de corrièl « {mail:s} »",
"mail_forward_remove_failed": "Supression impossibla del corrièl de transferiment « {mail:s} »",
"migrate_tsig_start": "Lalgorisme de generacion de claus es pas pro securizat per la signatura TSIG del domeni « {domain} », lançament de la migracion cap a hmac-sha512 ques mai securizat",
"migration_description_0001_change_cert_group_to_sslcert": "Càmbia las permissions de grop dels certificats de «metronome »per «ssl-cert »",
"migration_0003_restoring_origin_nginx_conf": "Vòstre fichièr /etc/nginx/nginx.conf es estat modificat manualament. La migracion reïnicializarà den primièr son estat origina… Lo fichièr precedent serà disponible coma {backup_dest}.",
"migration_0003_still_on_jessie_after_main_upgrade": "Quicòm a trucat pendent la mesa a nivèl màger: lo sistèma es encara jos Jessie?!? Per trobar lo problèma, agachatz {log} …",
"migration_0003_general_warning": "Notatz quaquesta migracion es una operacion delicata. Encara que la còla YunoHost aguèsse fach çò melhor per la tornar legir e provar, la migracion poiriá copar de parts del sistèma o de las aplicacions.\n\nEn consequéncia, vos recomandam:\n· · · · - de lançar una salvagarda de vòstras donadas o aplicacions criticas. Mai dinformacions a https://yunohost.org/backup ;\n· · · · - dèsser pacient aprèp aver lançat la migracion: segon vòstra connexion Internet e material, pòt trigar qualques oras per que tot siá mes al nivèl.\n\nEn mai, lo pòrt per SMTP, utilizat pels clients de corrièls extèrns (coma Thunderbird o K9-Mail per exemple) foguèt cambiat de 465 (SSL/TLS) per 587 (STARTTLS). Lancian pòrt 465 serà automaticament tampat e lo nòu pòrt 587 serà dobèrt dins lo parafuòc. Vosautres e vòstres utilizaires *auretz* dadaptar la configuracion de vòstre client de corrièl segon aqueles cambiaments!",
"migration_0003_problematic_apps_warning": "Notatz que las aplicacions seguentas, saique problematicas, son estadas desactivadas. Semblan daver estadas installadas duna lista daplicacions o que son pas marcadas coma «working ». En consequéncia, podèm pas assegurar que tendràn de foncionar aprèp la mesa a nivèl: {problematic_apps}",
"migrations_bad_value_for_target": "Nombre invalid pel paramètre «target », los numèros de migracion son 0 o {}",
"migrations_migration_has_failed": "La migracion {number} {name} a pas capitat amb lexcepcion {exception}, anullacion",
"migrations_skip_migration": "Passatge de la migracion {number} {name}…",
"migrations_to_be_ran_manually": "La migracion {number} {name} deu èsser lançada manualament. Mercés danar a Aisinas > Migracion dins linterfàcia admin, o lançar «yunohost tools migrations migrate ».",
"migrations_need_to_accept_disclaimer": "Per lançar la migracion {number} {name} , avètz dacceptar aquesta clausa de non-responsabilitat:\n---\n{disclaimer}\n---\nSacceptatz de lançar la migracion, mercés de tornar executar la comanda amb lopcion accept-disclaimer.",
"monitor_disabled": "La supervision del servidor es desactivada",
"monitor_enabled": "La supervision del servidor es activada",
"mysql_db_initialized": "La basa de donadas MySQL es estada inicializada",
"no_restore_script": "Lo script de salvagarda es pas estat trobat per laplicacion « {app:s} »",
"pattern_backup_archive_name": "Deu èsser un nom de fichièr valid compausat de 30 caractèrs alfanumerics al maximum e « -_. »",
"pattern_listname": "Deu èsser compausat solament de caractèrs alfanumerics e de tirets basses",
"service_description_dovecot": "permet als clients de messatjariá daccedir/recuperar los corrièls (via IMAP e POP3)",
"service_description_fail2ban": "protegís contra los atacs brute-force e dautres atacs venents dInternet",
"service_description_glances": "susvelha las informacions sistèma de vòstre servidor",
"service_description_metronome": "gerís los comptes de messatjariás instantanèas XMPP",
"service_description_nginx": "fornís o permet laccès a totes los sites web albergats sus vòstre servidor",
"service_description_nslcd": "gerís la connexion en linha de comanda dels utilizaires YunoHost",
"service_description_redis-server": "una basa de donadas especializada per un accès rapid a las donadas, las filas despèra e la comunicacion entre programas",
"service_description_rspamd": "filtra lo corrièl pas desirat e mai foncionalitats ligadas al corrièl",
"migrations_backward": "Migracion en darrièr.",
"migrations_forward": "Migracion en avant",
"network_check_smtp_ko": "Lo trafic de corrièl sortent (pòrt 25 SMTP) sembla blocat per vòstra ret",
"network_check_smtp_ok": "Lo trafic de corrièl sortent (pòrt 25 SMTP) es pas blocat",
"pattern_mailbox_quota": "Deu èsser una talha amb lo sufixe b/k/M/G/T o 0 per desactivar la quòta",
"backup_archive_writing_error": "Impossible dajustar los fichièrs a la salvagarda dins larchiu comprimit",
"backup_cant_mount_uncompress_archive": "Impossible de montar en lectura sola lo repertòri de larchiu descomprimit",
"backup_no_uncompress_archive_dir": "Lo repertòri de larchiu descomprimit existís pas",
"pattern_username": "Deu èsser compausat solament de caractèrs alfanumerics en letras minusculas e de tirets basses"
}

84
locales/pt.json
View file

@ -2,39 +2,39 @@
"action_invalid": "Acção Inválida '{action:s}'",
"admin_password": "Senha de administração",
"admin_password_change_failed": "Não foi possível alterar a senha",
"admin_password_changed": "Senha de administração alterada com êxito",
"admin_password_changed": "A palavra-passe de administração foi alterada com sucesso",
"app_already_installed": "{app:s} já está instalada",
"app_extraction_failed": "Não foi possível extrair os ficheiros para instalação",
"app_id_invalid": "ID da aplicação invélida",
"app_id_invalid": "A ID da aplicação é inválida",
"app_install_files_invalid": "Ficheiros para instalação corrompidos",
"app_location_already_used": "Já existe uma aplicação instalada neste diretório",
"app_location_install_failed": "Não foi possível instalar a aplicação neste diretório",
"app_manifest_invalid": "Manifesto da aplicação inválido",
"app_location_already_used": "A aplicação {app} Já está instalada nesta localização ({path})",
"app_location_install_failed": "Não é possível instalar a aplicação neste diretório porque está em conflito com a aplicação '{other_app}', que já está instalada no diretório '{other_path}'",
"app_manifest_invalid": "Manifesto da aplicação inválido: {error}",
"app_no_upgrade": "Não existem aplicações para atualizar",
"app_not_installed": "{app:s} não está instalada",
"app_recent_version_required": "{:s} requer uma versão mais recente da moulinette",
"app_removed": "{app:s} removida com êxito",
"app_sources_fetch_failed": "Impossível obter os códigos fontes",
"app_sources_fetch_failed": "Incapaz obter os ficheiros fonte",
"app_unknown": "Aplicação desconhecida",
"app_upgrade_failed": "Unable to upgrade all apps",
"app_upgraded": "{app:s} atualizada com êxito",
"appslist_fetched": "Lista de aplicações processada com êxito",
"appslist_removed": "Lista de aplicações removida com êxito",
"appslist_retrieve_error": "Não foi possível obter a lista de aplicações remotas",
"appslist_unknown": "Lista de aplicaçoes desconhecida",
"ask_current_admin_password": "Senha de administração atual",
"ask_email": "Correio eletrónico",
"app_upgrade_failed": "Não foi possível atualizar {app:s}",
"app_upgraded": "{app:s} atualizada com sucesso",
"appslist_fetched": "A lista de aplicações, {appslist:s}, foi trazida com sucesso",
"appslist_removed": "A Lista de aplicações {appslist:s} foi removida",
"appslist_retrieve_error": "Não foi possível obter a lista de aplicações remotas {appslist:s}: {error:s}",
"appslist_unknown": "Desconhece-se a lista de aplicaçoes {appslist:s}.",
"ask_current_admin_password": "Senha atual da administração",
"ask_email": "Endereço de Email",
"ask_firstname": "Primeiro nome",
"ask_lastname": "Último nome",
"ask_list_to_remove": "Lista para remover",
"ask_main_domain": "Domínio principal",
"ask_new_admin_password": "Senha de administração nova",
"ask_new_admin_password": "Nova senha de administração",
"ask_password": "Senha",
"backup_created": "Backup completo",
"backup_creating_archive": "A criar ficheiro de backup...",
"backup_invalid_archive": "Arquivo de backup inválido",
"backup_output_directory_not_empty": "A pasta de destino não se encontra vazia",
"custom_app_url_required": "Deve proporcionar uma URL para atualizar a sua aplicação personalizada {app:s}",
"custom_app_url_required": "Deve fornecer um link para atualizar a sua aplicação personalizada {app:s}",
"custom_appslist_name_required": "Deve fornecer um nome para a sua lista de aplicações personalizada",
"domain_cert_gen_failed": "Não foi possível gerar o certificado",
"domain_created": "Domínio criado com êxito",
@ -102,7 +102,7 @@
"pattern_listname": "Apenas são permitidos caracteres alfanuméricos e travessões",
"pattern_password": "Deve ter no mínimo 3 caracteres",
"pattern_port": "Deve ser um número de porta válido (entre 0-65535)",
"pattern_username": "Must be lower-case alphanumeric and underscore characters only",
"pattern_username": "Devem apenas ser carácteres minúsculos alfanuméricos e subtraços",
"restore_confirm_yunohost_installed": "Quer mesmo restaurar um sistema já instalado? [{answers:s}]",
"service_add_failed": "Incapaz adicionar serviço '{service:s}'",
"service_added": "Serviço adicionado com êxito",
@ -144,5 +144,53 @@
"yunohost_ca_creation_failed": "Incapaz criar o certificado de autoridade",
"yunohost_configured": "YunoHost configurada com êxito",
"yunohost_installing": "A instalar a YunoHost...",
"yunohost_not_installed": "YunoHost ainda não está corretamente configurado. Por favor execute as 'ferramentas pós-instalação yunohost'."
"yunohost_not_installed": "YunoHost ainda não está corretamente configurado. Por favor execute as 'ferramentas pós-instalação yunohost'.",
"app_incompatible": "A aplicação {app} é incompatível com a sua versão de Yunohost",
"app_not_correctly_installed": "{app:s} parece não estar corretamente instalada",
"app_not_properly_removed": "{app:s} não foi corretamente removido",
"app_requirements_checking": "Verificando os pacotes necessários para {app}...",
"app_unsupported_remote_type": "A aplicação não possui suporte ao tipo remoto utilizado",
"backup_archive_app_not_found": "A aplicação '{app:s}' não foi encontrada no arquivo de backup",
"backup_archive_broken_link": "Impossível acessar o arquivo de backup (link quebrado ao {path:s})",
"backup_archive_hook_not_exec": "O gancho '{hook:s}' não foi executado neste backup",
"backup_archive_name_exists": "O nome do arquivo de backup já existe",
"backup_archive_open_failed": "Não é possível abrir o arquivo de backup",
"backup_cleaning_failed": "Não é possível limpar a pasta temporária de backups",
"backup_creation_failed": "A criação do backup falhou",
"backup_delete_error": "Impossível apagar '{path:s}'",
"backup_deleted": "O backup foi suprimido",
"backup_extracting_archive": "Extraindo arquivo de backup...",
"backup_hook_unknown": "Gancho de backup '{hook:s}' desconhecido",
"backup_nothings_done": "Não há nada para guardar",
"backup_output_directory_forbidden": "Diretório de saída proibido. Os backups não podem ser criados em /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var ou /home/yunohost.backup/archives subpastas",
"app_already_installed_cant_change_url": "Este aplicativo já está instalado. A URL não pode ser alterada apenas por esta função. Olhe para o `app changeurl` se estiver disponível.",
"app_already_up_to_date": "{app:s} já está atualizado",
"app_argument_choice_invalid": "Escolha inválida para o argumento '{name:s}', deve ser um dos {choices:s}",
"app_argument_invalid": "Valor inválido de argumento '{name:s}': {error:s}",
"app_argument_required": "O argumento '{name:s}' é obrigatório",
"app_change_url_failed_nginx_reload": "Falha ao reiniciar o nginx. Aqui está o retorno de 'nginx -t':\n{nginx_errors:s}",
"app_change_no_change_url_script": "A aplicação {app_name:s} ainda não permite mudança da URL, talvez seja necessário atualiza-la.",
"app_location_unavailable": "Esta url não está disponível ou está em conflito com outra aplicação já instalada",
"app_package_need_update": "O pacote da aplicação {app} precisa ser atualizado para aderir as mudanças do YunoHost",
"app_requirements_failed": "Não foi possível atender aos requisitos da aplicação {app}: {error}",
"app_upgrade_app_name": "Atualizando aplicação {app}…",
"app_upgrade_some_app_failed": "Não foi possível atualizar algumas aplicações",
"appslist_corrupted_json": "Falha ao carregar a lista de aplicações. O arquivo {filename:s} aparenta estar corrompido.",
"appslist_migrating": "Migando lista de aplicações {appslist:s}…",
"appslist_name_already_tracked": "Já existe uma lista de aplicações registrada com o nome {name:s}.",
"appslist_retrieve_bad_format": "O arquivo recuperado para a lista de aplicações {appslist:s} é invalido",
"appslist_url_already_tracked": "Já existe uma lista de aplicações registrada com a url {url:s}.",
"ask_path": "Caminho",
"backup_abstract_method": "Este metodo de backup ainda não foi implementado",
"backup_action_required": "Deve-se especificar algo a salvar",
"backup_app_failed": "Não foi possível fazer o backup dos aplicativos '{app:s}'",
"backup_applying_method_custom": "Chamando o metodo personalizado de backup '{method:s}'…",
"backup_applying_method_tar": "Criando o arquivo tar de backup…",
"backup_archive_mount_failed": "Falha ao montar o arquivo de backup",
"backup_archive_name_unknown": "Desconhece-se o arquivo local de backup de nome '{name:s}'",
"backup_archive_system_part_not_available": "A seção do sistema '{part:s}' está indisponivel neste backup",
"backup_ask_for_copying_if_needed": "Alguns arquivos não consiguiram ser preparados para backup utilizando o metodo que não gasta espaço de disco temporariamente. Para realizar o backup {size:s}MB precisam ser usados temporariamente. Você concorda?",
"backup_borg_not_implemented": "O método de backup Borg ainda não foi implementado.",
"backup_cant_mount_uncompress_archive": "Não foi possível montar em modo leitura o diretorio de arquivos não comprimido",
"backup_copying_to_organize_the_archive": "Copiando {size:s}MB para organizar o arquivo"
}

10
locales/ru.json Normal file
View file

@ -0,0 +1,10 @@
{
"action_invalid": "Неверное действие '{action:s}'",
"admin_password": "Пароль администратора",
"admin_password_change_failed": "Невозможно изменить пароль",
"admin_password_changed": "Пароль администратора был изменен",
"app_already_installed": "{app:s} уже установлено",
"app_already_installed_cant_change_url": "Это приложение уже установлено. URL не может быть изменен только с помощью этой функции. Изучите `app changeurl`, если это доступно.",
"app_argument_choice_invalid": "Неверный выбор для аргумента '{name:s}', Это должно быть '{choices:s}'",
"app_argument_invalid": "Недопустимое значение аргумента '{name:s}': {error:s}'"
}

69
sbin/yunohost-reset-ldap-password Executable file
View file

@ -0,0 +1,69 @@
#!/bin/bash
################################
# Set a temporary password #
################################
# Generate a random temporary password (won't be valid after this script ends !)
# and hash it
TMP_LDAPROOT_PASSWORD=`slappasswd -g`
TMP_LDAPROOT_PASSWORD_HASH=`slappasswd -h {SSHA} -s ${TMP_LDAPROOT_PASSWORD}`
# Stop slapd service...
service slapd stop
# Backup slapd.conf (to be restored at the end of script)
cp /etc/ldap/slapd.conf /root/slapd.conf.bkp
# Append lines to slapd.conf to manually define root password hash
echo 'rootdn "cn=admin,dc=yunohost,dc=org"' >> /etc/ldap/slapd.conf
echo "rootpw $TMP_LDAPROOT_PASSWORD_HASH" >> /etc/ldap/slapd.conf
# Test conf (might not be entirely necessary though :P)
slaptest -Q -u -f /etc/ldap/slapd.conf
# Regenerate slapd.d directory
rm -Rf /etc/ldap/slapd.d
mkdir /etc/ldap/slapd.d
slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1
# Set permissions to slapd.d
chown -R openldap:openldap /etc/ldap/slapd.d/
# Restore slapd.conf
mv /root/slapd.conf.bkp /etc/ldap/slapd.conf
# Restart slapd service
service slapd start
#######################################
# Properly set new admin password #
#######################################
# Display tmp password to user
# NB : we do NOT pass it as a command line argument for "yunohost tools adminpw"
# as a malicious user could run a script in background waiting for this command
# to pop in ps -ef and automatically do nasty stuff in the ldap database
# meanwhile.
echo "Use this temporary password when asked for the administration password : $TMP_LDAPROOT_PASSWORD"
# Call yunohost tools adminpw for user to set new password
yunohost tools adminpw
###########################
# Forget tmp password #
###########################
# Stop slapd service
service slapd stop
# Regenerate slapd.d directory
rm -Rf /etc/ldap/slapd.d
mkdir /etc/ldap/slapd.d
slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1
# Set permissions to slapd.d
chown -R openldap:openldap /etc/ldap/slapd.d/
# Restart slapd service
service slapd start

1684
src/yunohost/app.py
View file

File diff suppressed because it is too large Load diff

2588
src/yunohost/backup.py
View file

File diff suppressed because it is too large Load diff

978
src/yunohost/certificate.py Normal file
View file

@ -0,0 +1,978 @@
# -*- coding: utf-8 -*-
""" License
Copyright (C) 2016 YUNOHOST.ORG
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program; if not, see http://www.gnu.org/licenses
yunohost_certificate.py
Manage certificates, in particular Let's encrypt
"""
import os
import sys
import errno
import shutil
import pwd
import grp
import smtplib
import subprocess
import dns.resolver
import glob
from datetime import datetime
from yunohost.vendor.acme_tiny.acme_tiny import get_crt as sign_certificate
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger
from yunohost.utils.network import get_public_ip
from moulinette import m18n
from yunohost.app import app_ssowatconf
from yunohost.service import _run_service_command, service_regen_conf
from yunohost.log import OperationLogger
logger = getActionLogger('yunohost.certmanager')
CERT_FOLDER = "/etc/yunohost/certs/"
TMP_FOLDER = "/tmp/acme-challenge-private/"
WEBROOT_FOLDER = "/tmp/acme-challenge-public/"
SELF_CA_FILE = "/etc/ssl/certs/ca-yunohost_crt.pem"
ACCOUNT_KEY_FILE = "/etc/yunohost/letsencrypt_account.pem"
SSL_DIR = '/usr/share/yunohost/yunohost-config/ssl/yunoCA'
KEY_SIZE = 3072
VALIDITY_LIMIT = 15 # days
# For tests
STAGING_CERTIFICATION_AUTHORITY = "https://acme-staging.api.letsencrypt.org"
# For prod
PRODUCTION_CERTIFICATION_AUTHORITY = "https://acme-v01.api.letsencrypt.org"
INTERMEDIATE_CERTIFICATE_URL = "https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem"
DNS_RESOLVERS = [
# FFDN DNS resolvers
# See https://www.ffdn.org/wiki/doku.php?id=formations:dns
"80.67.169.12", # FDN
"80.67.169.40", #
"89.234.141.66", # ARN
"141.255.128.100", # Aquilenet
"141.255.128.101",
"89.234.186.18", # Grifon
"80.67.188.188" # LDN
]
###############################################################################
# Front-end stuff #
###############################################################################
def certificate_status(auth, domain_list, full=False):
"""
Print the status of certificate for given domains (all by default)
Keyword argument:
domain_list -- Domains to be checked
full -- Display more info about the certificates
"""
import yunohost.domain
# Check if old letsencrypt_ynh is installed
# TODO / FIXME - Remove this in the future once the letsencrypt app is
# not used anymore
_check_old_letsencrypt_app()
# If no domains given, consider all yunohost domains
if domain_list == []:
domain_list = yunohost.domain.domain_list(auth)['domains']
# Else, validate that yunohost knows the domains given
else:
yunohost_domains_list = yunohost.domain.domain_list(auth)['domains']
for domain in domain_list:
# Is it in Yunohost domain list?
if domain not in yunohost_domains_list:
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_domain_unknown', domain=domain))
certificates = {}
for domain in domain_list:
status = _get_status(domain)
if not full:
del status["subject"]
del status["CA_name"]
del status["ACME_eligible"]
status["CA_type"] = status["CA_type"]["verbose"]
status["summary"] = status["summary"]["verbose"]
del status["domain"]
certificates[domain] = status
return {"certificates": certificates}
def certificate_install(auth, domain_list, force=False, no_checks=False, self_signed=False, staging=False):
"""
Install a Let's Encrypt certificate for given domains (all by default)
Keyword argument:
domain_list -- Domains on which to install certificates
force -- Install even if current certificate is not self-signed
no-check -- Disable some checks about the reachability of web server
before attempting the install
self-signed -- Instal self-signed certificates instead of Let's Encrypt
"""
# Check if old letsencrypt_ynh is installed
# TODO / FIXME - Remove this in the future once the letsencrypt app is
# not used anymore
_check_old_letsencrypt_app()
if self_signed:
_certificate_install_selfsigned(domain_list, force)
else:
_certificate_install_letsencrypt(
auth, domain_list, force, no_checks, staging)
def _certificate_install_selfsigned(domain_list, force=False):
for domain in domain_list:
operation_logger = OperationLogger('selfsigned_cert_install', [('domain', domain)],
args={'force': force})
# Paths of files and folder we'll need
date_tag = datetime.now().strftime("%Y%m%d.%H%M%S")
new_cert_folder = "%s/%s-history/%s-selfsigned" % (
CERT_FOLDER, domain, date_tag)
conf_template = os.path.join(SSL_DIR, "openssl.cnf")
csr_file = os.path.join(SSL_DIR, "certs", "yunohost_csr.pem")
conf_file = os.path.join(new_cert_folder, "openssl.cnf")
key_file = os.path.join(new_cert_folder, "key.pem")
crt_file = os.path.join(new_cert_folder, "crt.pem")
ca_file = os.path.join(new_cert_folder, "ca.pem")
# Check we ain't trying to overwrite a good cert !
current_cert_file = os.path.join(CERT_FOLDER, domain, "crt.pem")
if not force and os.path.isfile(current_cert_file):
status = _get_status(domain)
if status["summary"]["code"] in ('good', 'great'):
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_attempt_to_replace_valid_cert', domain=domain))
operation_logger.start()
# Create output folder for new certificate stuff
os.makedirs(new_cert_folder)
# Create our conf file, based on template, replacing the occurences of
# "yunohost.org" with the given domain
with open(conf_file, "w") as f, open(conf_template, "r") as template:
for line in template:
f.write(line.replace("yunohost.org", domain))
# Use OpenSSL command line to create a certificate signing request,
# and self-sign the cert
commands = [
"openssl req -new -config %s -days 3650 -out %s -keyout %s -nodes -batch"
% (conf_file, csr_file, key_file),
"openssl ca -config %s -days 3650 -in %s -out %s -batch"
% (conf_file, csr_file, crt_file),
]
for command in commands:
p = subprocess.Popen(
command.split(), stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
out, _ = p.communicate()
if p.returncode != 0:
logger.warning(out)
raise MoulinetteError(
errno.EIO, m18n.n('domain_cert_gen_failed'))
else:
logger.debug(out)
# Link the CA cert (not sure it's actually needed in practice though,
# since we append it at the end of crt.pem. For instance for Let's
# Encrypt certs, we only need the crt.pem and key.pem)
os.symlink(SELF_CA_FILE, ca_file)
# Append ca.pem at the end of crt.pem
with open(ca_file, "r") as ca_pem, open(crt_file, "a") as crt_pem:
crt_pem.write("\n")
crt_pem.write(ca_pem.read())
# Set appropriate permissions
_set_permissions(new_cert_folder, "root", "root", 0755)
_set_permissions(key_file, "root", "ssl-cert", 0640)
_set_permissions(crt_file, "root", "ssl-cert", 0640)
_set_permissions(conf_file, "root", "root", 0600)
# Actually enable the certificate we created
_enable_certificate(domain, new_cert_folder)
# Check new status indicate a recently created self-signed certificate
status = _get_status(domain)
if status and status["CA_type"]["code"] == "self-signed" and status["validity"] > 3648:
logger.success(
m18n.n("certmanager_cert_install_success_selfsigned", domain=domain))
operation_logger.success()
else:
msg = "Installation of self-signed certificate installation for %s failed !" % (domain)
logger.error(msg)
operation_logger.error(msg)
def _certificate_install_letsencrypt(auth, domain_list, force=False, no_checks=False, staging=False):
import yunohost.domain
if not os.path.exists(ACCOUNT_KEY_FILE):
_generate_account_key()
# If no domains given, consider all yunohost domains with self-signed
# certificates
if domain_list == []:
for domain in yunohost.domain.domain_list(auth)['domains']:
status = _get_status(domain)
if status["CA_type"]["code"] != "self-signed":
continue
domain_list.append(domain)
# Else, validate that yunohost knows the domains given
else:
for domain in domain_list:
yunohost_domains_list = yunohost.domain.domain_list(auth)['domains']
if domain not in yunohost_domains_list:
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_domain_unknown', domain=domain))
# Is it self-signed?
status = _get_status(domain)
if not force and status["CA_type"]["code"] != "self-signed":
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_domain_cert_not_selfsigned', domain=domain))
if staging:
logger.warning(
"Please note that you used the --staging option, and that no new certificate will actually be enabled !")
# Actual install steps
for domain in domain_list:
operation_logger = OperationLogger('letsencrypt_cert_install', [('domain', domain)],
args={'force': force, 'no_checks': no_checks,
'staging': staging})
logger.info(
"Now attempting install of certificate for domain %s!", domain)
try:
if not no_checks:
_check_domain_is_ready_for_ACME(domain)
operation_logger.start()
_configure_for_acme_challenge(auth, domain)
_fetch_and_enable_new_certificate(domain, staging, no_checks=no_checks)
_install_cron()
logger.success(
m18n.n("certmanager_cert_install_success", domain=domain))
operation_logger.success()
except Exception as e:
_display_debug_information(domain)
msg = "Certificate installation for %s failed !\nException: %s" % (domain, e)
logger.error(msg)
operation_logger.error(msg)
def certificate_renew(auth, domain_list, force=False, no_checks=False, email=False, staging=False):
"""
Renew Let's Encrypt certificate for given domains (all by default)
Keyword argument:
domain_list -- Domains for which to renew the certificates
force -- Ignore the validity threshold (15 days)
no-check -- Disable some checks about the reachability of web server
before attempting the renewing
email -- Emails root if some renewing failed
"""
import yunohost.domain
# Check if old letsencrypt_ynh is installed
# TODO / FIXME - Remove this in the future once the letsencrypt app is
# not used anymore
_check_old_letsencrypt_app()
# If no domains given, consider all yunohost domains with Let's Encrypt
# certificates
if domain_list == []:
for domain in yunohost.domain.domain_list(auth)['domains']:
# Does it have a Let's Encrypt cert?
status = _get_status(domain)
if status["CA_type"]["code"] != "lets-encrypt":
continue
# Does it expire soon?
if status["validity"] > VALIDITY_LIMIT and not force:
continue
# Check ACME challenge configured for given domain
if not _check_acme_challenge_configuration(domain):
logger.warning(m18n.n(
'certmanager_acme_not_configured_for_domain', domain=domain))
continue
domain_list.append(domain)
if len(domain_list) == 0:
logger.info("No certificate needs to be renewed.")
# Else, validate the domain list given
else:
for domain in domain_list:
# Is it in Yunohost dmomain list?
if domain not in yunohost.domain.domain_list(auth)['domains']:
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_domain_unknown', domain=domain))
status = _get_status(domain)
# Does it expire soon?
if status["validity"] > VALIDITY_LIMIT and not force:
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_attempt_to_renew_valid_cert', domain=domain))
# Does it have a Let's Encrypt cert?
if status["CA_type"]["code"] != "lets-encrypt":
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_attempt_to_renew_nonLE_cert', domain=domain))
# Check ACME challenge configured for given domain
if not _check_acme_challenge_configuration(domain):
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_acme_not_configured_for_domain', domain=domain))
if staging:
logger.warning(
"Please note that you used the --staging option, and that no new certificate will actually be enabled !")
# Actual renew steps
for domain in domain_list:
operation_logger = OperationLogger('letsencrypt_cert_renew', [('domain', domain)],
args={'force': force, 'no_checks': no_checks,
'staging': staging, 'email': email})
logger.info(
"Now attempting renewing of certificate for domain %s !", domain)
try:
if not no_checks:
_check_domain_is_ready_for_ACME(domain)
operation_logger.start()
_fetch_and_enable_new_certificate(domain, staging, no_checks=no_checks)
logger.success(
m18n.n("certmanager_cert_renew_success", domain=domain))
operation_logger.success()
except Exception as e:
import traceback
from StringIO import StringIO
stack = StringIO()
traceback.print_exc(file=stack)
msg = "Certificate renewing for %s failed !" % (domain)
logger.error(msg)
operation_logger.error(msg)
logger.error(stack.getvalue())
logger.error(str(e))
if email:
logger.error("Sending email with details to root ...")
_email_renewing_failed(domain, e, stack.getvalue())
###############################################################################
# Back-end stuff #
###############################################################################
def _check_old_letsencrypt_app():
import yunohost.domain
installedAppIds = [app["id"] for app in yunohost.app.app_list(installed=True)["apps"]]
if "letsencrypt" not in installedAppIds:
return
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_old_letsencrypt_app_detected'))
def _install_cron():
cron_job_file = "/etc/cron.daily/yunohost-certificate-renew"
with open(cron_job_file, "w") as f:
f.write("#!/bin/bash\n")
f.write("yunohost domain cert-renew --email\n")
_set_permissions(cron_job_file, "root", "root", 0755)
def _email_renewing_failed(domain, exception_message, stack):
from_ = "certmanager@%s (Certificate Manager)" % domain
to_ = "root"
subject_ = "Certificate renewing attempt for %s failed!" % domain
logs = _tail(50, "/var/log/yunohost/yunohost-cli.log")
text = """
An attempt for renewing the certificate for domain %s failed with the following
error :
%s
%s
Here's the tail of /var/log/yunohost/yunohost-cli.log, which might help to
investigate :
%s
-- Certificate Manager
""" % (domain, exception_message, stack, logs)
message = """\
From: %s
To: %s
Subject: %s
%s
""" % (from_, to_, subject_, text)
smtp = smtplib.SMTP("localhost")
smtp.sendmail(from_, [to_], message)
smtp.quit()
def _configure_for_acme_challenge(auth, domain):
nginx_conf_folder = "/etc/nginx/conf.d/%s.d" % domain
nginx_conf_file = "%s/000-acmechallenge.conf" % nginx_conf_folder
nginx_configuration = '''
location ^~ '/.well-known/acme-challenge'
{
default_type "text/plain";
alias %s;
}
''' % WEBROOT_FOLDER
# Check there isn't a conflicting file for the acme-challenge well-known
# uri
for path in glob.glob('%s/*.conf' % nginx_conf_folder):
if path == nginx_conf_file:
continue
with open(path) as f:
contents = f.read()
if '/.well-known/acme-challenge' in contents:
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_conflicting_nginx_file', filepath=path))
# Write the conf
if os.path.exists(nginx_conf_file):
logger.debug(
"Nginx configuration file for ACME challenge already exists for domain, skipping.")
return
logger.debug(
"Adding Nginx configuration file for Acme challenge for domain %s.", domain)
with open(nginx_conf_file, "w") as f:
f.write(nginx_configuration)
# Assume nginx conf is okay, and reload it
# (FIXME : maybe add a check that it is, using nginx -t, haven't found
# any clean function already implemented in yunohost to do this though)
_run_service_command("reload", "nginx")
app_ssowatconf(auth)
def _check_acme_challenge_configuration(domain):
# Check nginx conf file exists
nginx_conf_folder = "/etc/nginx/conf.d/%s.d" % domain
nginx_conf_file = "%s/000-acmechallenge.conf" % nginx_conf_folder
if not os.path.exists(nginx_conf_file):
return False
else:
return True
def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False):
# Make sure tmp folder exists
logger.debug("Making sure tmp folders exists...")
if not os.path.exists(WEBROOT_FOLDER):
os.makedirs(WEBROOT_FOLDER)
if not os.path.exists(TMP_FOLDER):
os.makedirs(TMP_FOLDER)
_set_permissions(WEBROOT_FOLDER, "root", "www-data", 0650)
_set_permissions(TMP_FOLDER, "root", "root", 0640)
# Regen conf for dnsmasq if needed
_regen_dnsmasq_if_needed()
# Prepare certificate signing request
logger.debug(
"Prepare key and certificate signing request (CSR) for %s...", domain)
domain_key_file = "%s/%s.pem" % (TMP_FOLDER, domain)
_generate_key(domain_key_file)
_set_permissions(domain_key_file, "root", "ssl-cert", 0640)
_prepare_certificate_signing_request(domain, domain_key_file, TMP_FOLDER)
# Sign the certificate
logger.debug("Now using ACME Tiny to sign the certificate...")
domain_csr_file = "%s/%s.csr" % (TMP_FOLDER, domain)
if staging:
certification_authority = STAGING_CERTIFICATION_AUTHORITY
else:
certification_authority = PRODUCTION_CERTIFICATION_AUTHORITY
try:
signed_certificate = sign_certificate(ACCOUNT_KEY_FILE,
domain_csr_file,
WEBROOT_FOLDER,
log=logger,
no_checks=no_checks,
CA=certification_authority)
except ValueError as e:
if "urn:acme:error:rateLimited" in str(e):
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_hit_rate_limit', domain=domain))
else:
logger.error(str(e))
_display_debug_information(domain)
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_cert_signing_failed'))
except Exception as e:
logger.error(str(e))
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_cert_signing_failed'))
import requests # lazy loading this module for performance reasons
try:
intermediate_certificate = requests.get(INTERMEDIATE_CERTIFICATE_URL, timeout=30).text
except requests.exceptions.Timeout as e:
raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_couldnt_fetch_intermediate_cert'))
# Now save the key and signed certificate
logger.debug("Saving the key and signed certificate...")
# Create corresponding directory
date_tag = datetime.now().strftime("%Y%m%d.%H%M%S")
if staging:
folder_flag = "staging"
else:
folder_flag = "letsencrypt"
new_cert_folder = "%s/%s-history/%s-%s" % (
CERT_FOLDER, domain, date_tag, folder_flag)
os.makedirs(new_cert_folder)
_set_permissions(new_cert_folder, "root", "root", 0655)
# Move the private key
domain_key_file_finaldest = os.path.join(new_cert_folder, "key.pem")
shutil.move(domain_key_file, domain_key_file_finaldest)
_set_permissions(domain_key_file_finaldest, "root", "ssl-cert", 0640)
# Write the cert
domain_cert_file = os.path.join(new_cert_folder, "crt.pem")
with open(domain_cert_file, "w") as f:
f.write(signed_certificate)
f.write(intermediate_certificate)
_set_permissions(domain_cert_file, "root", "ssl-cert", 0640)
if staging:
return
_enable_certificate(domain, new_cert_folder)
# Check the status of the certificate is now good
status_summary = _get_status(domain)["summary"]
if status_summary["code"] != "great":
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_certificate_fetching_or_enabling_failed', domain=domain))
def _prepare_certificate_signing_request(domain, key_file, output_folder):
from OpenSSL import crypto # lazy loading this module for performance reasons
# Init a request
csr = crypto.X509Req()
# Set the domain
csr.get_subject().CN = domain
# Set the key
with open(key_file, 'rt') as f:
key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read())
csr.set_pubkey(key)
# Sign the request
csr.sign(key, "sha256")
# Save the request in tmp folder
csr_file = output_folder + domain + ".csr"
logger.debug("Saving to %s.", csr_file)
with open(csr_file, "w") as f:
f.write(crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr))
def _get_status(domain):
cert_file = os.path.join(CERT_FOLDER, domain, "crt.pem")
if not os.path.isfile(cert_file):
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_no_cert_file', domain=domain, file=cert_file))
from OpenSSL import crypto # lazy loading this module for performance reasons
try:
cert = crypto.load_certificate(
crypto.FILETYPE_PEM, open(cert_file).read())
except Exception as exception:
import traceback
traceback.print_exc(file=sys.stdout)
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_cannot_read_cert', domain=domain, file=cert_file, reason=exception))
cert_subject = cert.get_subject().CN
cert_issuer = cert.get_issuer().CN
valid_up_to = datetime.strptime(cert.get_notAfter(), "%Y%m%d%H%M%SZ")
days_remaining = (valid_up_to - datetime.now()).days
if cert_issuer == _name_self_CA():
CA_type = {
"code": "self-signed",
"verbose": "Self-signed",
}
elif cert_issuer.startswith("Let's Encrypt"):
CA_type = {
"code": "lets-encrypt",
"verbose": "Let's Encrypt",
}
elif cert_issuer.startswith("Fake LE"):
CA_type = {
"code": "fake-lets-encrypt",
"verbose": "Fake Let's Encrypt",
}
else:
CA_type = {
"code": "other-unknown",
"verbose": "Other / Unknown",
}
if days_remaining <= 0:
status_summary = {
"code": "critical",
"verbose": "CRITICAL",
}
elif CA_type["code"] in ("self-signed", "fake-lets-encrypt"):
status_summary = {
"code": "warning",
"verbose": "WARNING",
}
elif days_remaining < VALIDITY_LIMIT:
status_summary = {
"code": "attention",
"verbose": "About to expire",
}
elif CA_type["code"] == "other-unknown":
status_summary = {
"code": "good",
"verbose": "Good",
}
elif CA_type["code"] == "lets-encrypt":
status_summary = {
"code": "great",
"verbose": "Great!",
}
else:
status_summary = {
"code": "unknown",
"verbose": "Unknown?",
}
try:
_check_domain_is_ready_for_ACME(domain)
ACME_eligible = True
except:
ACME_eligible = False
return {
"domain": domain,
"subject": cert_subject,
"CA_name": cert_issuer,
"CA_type": CA_type,
"validity": days_remaining,
"summary": status_summary,
"ACME_eligible": ACME_eligible
}
###############################################################################
# Misc small stuff ... #
###############################################################################
def _generate_account_key():
logger.debug("Generating account key ...")
_generate_key(ACCOUNT_KEY_FILE)
_set_permissions(ACCOUNT_KEY_FILE, "root", "root", 0400)
def _generate_key(destination_path):
from OpenSSL import crypto # lazy loading this module for performance reasons
k = crypto.PKey()
k.generate_key(crypto.TYPE_RSA, KEY_SIZE)
with open(destination_path, "w") as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k))
def _set_permissions(path, user, group, permissions):
uid = pwd.getpwnam(user).pw_uid
gid = grp.getgrnam(group).gr_gid
os.chown(path, uid, gid)
os.chmod(path, permissions)
def _enable_certificate(domain, new_cert_folder):
logger.debug("Enabling the certificate for domain %s ...", domain)
live_link = os.path.join(CERT_FOLDER, domain)
# If a live link (or folder) already exists
if os.path.exists(live_link):
# If it's not a link ... expect if to be a folder
if not os.path.islink(live_link):
# Backup it and remove it
_backup_current_cert(domain)
shutil.rmtree(live_link)
# Else if it's a link, simply delete it
elif os.path.lexists(live_link):
os.remove(live_link)
os.symlink(new_cert_folder, live_link)
logger.debug("Restarting services...")
for service in ("postfix", "dovecot", "metronome"):
_run_service_command("restart", service)
_run_service_command("reload", "nginx")
def _backup_current_cert(domain):
logger.debug("Backuping existing certificate for domain %s", domain)
cert_folder_domain = os.path.join(CERT_FOLDER, domain)
date_tag = datetime.now().strftime("%Y%m%d.%H%M%S")
backup_folder = "%s-backups/%s" % (cert_folder_domain, date_tag)
shutil.copytree(cert_folder_domain, backup_folder)
def _check_domain_is_ready_for_ACME(domain):
public_ip = get_public_ip()
# Check if IP from DNS matches public IP
if not _dns_ip_match_public_ip(public_ip, domain):
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_domain_dns_ip_differs_from_public_ip', domain=domain))
# Check if domain seems to be accessible through HTTP?
if not _domain_is_accessible_through_HTTP(public_ip, domain):
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_domain_http_not_working', domain=domain))
def _get_dns_ip(domain):
try:
resolver = dns.resolver.Resolver()
resolver.nameservers = DNS_RESOLVERS
answers = resolver.query(domain, "A")
except (dns.resolver.NoAnswer, dns.resolver.NXDOMAIN):
raise MoulinetteError(errno.EINVAL, m18n.n(
'certmanager_error_no_A_record', domain=domain))
return str(answers[0])
def _dns_ip_match_public_ip(public_ip, domain):
return _get_dns_ip(domain) == public_ip
def _domain_is_accessible_through_HTTP(ip, domain):
import requests # lazy loading this module for performance reasons
try:
requests.head("http://" + ip, headers={"Host": domain}, timeout=10)
except requests.exceptions.Timeout as e:
logger.warning(m18n.n('certmanager_http_check_timeout', domain=domain, ip=ip))
return False
except Exception as e:
logger.debug("Couldn't reach domain '%s' by requesting this ip '%s' because: %s" % (domain, ip, e))
return False
return True
def _get_local_dns_ip(domain):
try:
resolver = dns.resolver.Resolver()
answers = resolver.query(domain, "A")
except (dns.resolver.NoAnswer, dns.resolver.NXDOMAIN):
logger.warning("Failed to resolved domain '%s' locally", domain)
return None
return str(answers[0])
def _display_debug_information(domain):
dns_ip = _get_dns_ip(domain)
public_ip = get_public_ip()
local_dns_ip = _get_local_dns_ip(domain)
logger.warning("""\
Debug information:
- domain ip from DNS %s
- domain ip from local DNS %s
- public ip of the server %s
""", dns_ip, local_dns_ip, public_ip)
# FIXME / TODO : ideally this should not be needed. There should be a proper
# mechanism to regularly check the value of the public IP and trigger
# corresponding hooks (e.g. dyndns update and dnsmasq regen-conf)
def _regen_dnsmasq_if_needed():
"""
Update the dnsmasq conf if some IPs are not up to date...
"""
ipv4 = get_public_ip()
ipv6 = get_public_ip(6)
do_regen = False
# For all domain files in DNSmasq conf...
domainsconf = glob.glob("/etc/dnsmasq.d/*.*")
for domainconf in domainsconf:
# Look for the IP, it's in the lines with this format :
# address=/the.domain.tld/11.22.33.44
for line in open(domainconf).readlines():
if not line.startswith("address"):
continue
ip = line.strip().split("/")[2]
# Compared found IP to current IPv4 / IPv6
# IPv6 IPv4
if (":" in ip and ip != ipv6) or (ip != ipv4):
do_regen = True
break
if do_regen:
break
if do_regen:
service_regen_conf(["dnsmasq"])
def _name_self_CA():
ca_conf = os.path.join(SSL_DIR, "openssl.ca.cnf")
if not os.path.exists(ca_conf):
logger.warning(m18n.n('certmanager_self_ca_conf_file_not_found', file=ca_conf))
return ""
with open(ca_conf) as f:
lines = f.readlines()
for line in lines:
if line.startswith("commonName_default"):
return line.split()[2]
logger.warning(m18n.n('certmanager_unable_to_parse_self_CA_name', file=ca_conf))
return ""
def _tail(n, file_path):
stdin, stdout = os.popen2("tail -n %s '%s'" % (n, file_path))
stdin.close()
lines = stdout.readlines()
stdout.close()
return "".join(lines)

17
src/yunohost/data_migrations/0001_change_cert_group_to_sslcert.py Normal file
View file

@ -0,0 +1,17 @@
import subprocess
import glob
from yunohost.tools import Migration
from moulinette.utils.filesystem import chown
class MyMigration(Migration):
"Change certificates group permissions from 'metronome' to 'ssl-cert'"
all_certificate_files = glob.glob("/etc/yunohost/certs/*/*.pem")
def forward(self):
for filename in self.all_certificate_files:
chown(filename, uid="root", gid="ssl-cert")
def backward(self):
for filename in self.all_certificate_files:
chown(filename, uid="root", gid="metronome")

91
src/yunohost/data_migrations/0002_migrate_to_tsig_sha256.py Normal file
View file

@ -0,0 +1,91 @@
import glob
import os
import requests
import base64
import time
import json
import errno
from moulinette import m18n
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger
from yunohost.tools import Migration
from yunohost.dyndns import _guess_current_dyndns_domain
logger = getActionLogger('yunohost.migration')
class MyMigration(Migration):
"Migrate Dyndns stuff from MD5 TSIG to SHA512 TSIG"
def backward(self):
# Not possible because that's a non-reversible operation ?
pass
def migrate(self, dyn_host="dyndns.yunohost.org", domain=None, private_key_path=None):
if domain is None or private_key_path is None:
try:
(domain, private_key_path) = _guess_current_dyndns_domain(dyn_host)
assert "+157" in private_key_path
except (MoulinetteError, AssertionError):
logger.info(m18n.n("migrate_tsig_not_needed"))
return
logger.info(m18n.n('migrate_tsig_start', domain=domain))
public_key_path = private_key_path.rsplit(".private", 1)[0] + ".key"
public_key_md5 = open(public_key_path).read().strip().split(' ')[-1]
os.system('cd /etc/yunohost/dyndns && '
'dnssec-keygen -a hmac-sha512 -b 512 -r /dev/urandom -n USER %s' % domain)
os.system('chmod 600 /etc/yunohost/dyndns/*.key /etc/yunohost/dyndns/*.private')
# +165 means that this file store a hmac-sha512 key
new_key_path = glob.glob('/etc/yunohost/dyndns/*+165*.key')[0]
public_key_sha512 = open(new_key_path).read().strip().split(' ', 6)[-1]
try:
r = requests.put('https://%s/migrate_key_to_sha512/' % (dyn_host),
data={
'public_key_md5': base64.b64encode(public_key_md5),
'public_key_sha512': base64.b64encode(public_key_sha512),
}, timeout=30)
except requests.ConnectionError:
raise MoulinetteError(errno.ENETUNREACH, m18n.n('no_internet_connection'))
if r.status_code != 201:
try:
error = json.loads(r.text)['error']
except Exception:
# failed to decode json
error = r.text
import traceback
from StringIO import StringIO
stack = StringIO()
traceback.print_stack(file=stack)
logger.error(stack.getvalue())
# Migration didn't succeed, so we rollback and raise an exception
os.system("mv /etc/yunohost/dyndns/*+165* /tmp")
raise MoulinetteError(m18n.n('migrate_tsig_failed', domain=domain,
error_code=str(r.status_code), error=error))
# remove old certificates
os.system("mv /etc/yunohost/dyndns/*+157* /tmp")
# sleep to wait for dyndns cache invalidation
logger.info(m18n.n('migrate_tsig_wait'))
time.sleep(60)
logger.info(m18n.n('migrate_tsig_wait_2'))
time.sleep(60)
logger.info(m18n.n('migrate_tsig_wait_3'))
time.sleep(30)
logger.info(m18n.n('migrate_tsig_wait_4'))
time.sleep(30)
logger.info(m18n.n('migrate_tsig_end'))
return

382
src/yunohost/data_migrations/0003_migrate_to_stretch.py Normal file
View file

@ -0,0 +1,382 @@
import glob
import os
from shutil import copy2
from moulinette import m18n, msettings
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger
from moulinette.utils.process import check_output, call_async_output
from moulinette.utils.filesystem import read_file
from yunohost.tools import Migration
from yunohost.app import unstable_apps
from yunohost.service import (_run_service_command,
manually_modified_files,
manually_modified_files_compared_to_debian_default)
from yunohost.utils.filesystem import free_space_in_directory
from yunohost.utils.packages import get_installed_version
from yunohost.utils.network import get_network_interfaces
from yunohost.firewall import firewall_allow, firewall_disallow
logger = getActionLogger('yunohost.migration')
YUNOHOST_PACKAGES = ["yunohost", "yunohost-admin", "moulinette", "ssowat"]
class MyMigration(Migration):
"Upgrade the system to Debian Stretch and Yunohost 3.0"
mode = "manual"
def backward(self):
raise MoulinetteError(m18n.n("migration_0003_backward_impossible"))
def migrate(self):
self.logfile = "/tmp/{}.log".format(self.name)
self.check_assertions()
logger.info(m18n.n("migration_0003_start", logfile=self.logfile))
# Preparing the upgrade
self.restore_original_nginx_conf_if_needed()
logger.info(m18n.n("migration_0003_patching_sources_list"))
self.patch_apt_sources_list()
self.backup_files_to_keep()
self.apt_update()
apps_packages = self.get_apps_equivs_packages()
self.unhold(["metronome"])
self.hold(YUNOHOST_PACKAGES + apps_packages + ["fail2ban"])
# Main dist-upgrade
logger.info(m18n.n("migration_0003_main_upgrade"))
_run_service_command("stop", "mysql")
self.apt_dist_upgrade(conf_flags=["old", "miss", "def"])
_run_service_command("start", "mysql")
if self.debian_major_version() == 8:
raise MoulinetteError(m18n.n("migration_0003_still_on_jessie_after_main_upgrade", log=self.logfile))
# Specific upgrade for fail2ban...
logger.info(m18n.n("migration_0003_fail2ban_upgrade"))
self.unhold(["fail2ban"])
# Don't move this if folder already exists. If it does, we probably are
# running this script a 2nd, 3rd, ... time but /etc/fail2ban will
# be re-created only for the first dist-upgrade of fail2ban
if not os.path.exists("/etc/fail2ban.old"):
os.system("mv /etc/fail2ban /etc/fail2ban.old")
self.apt_dist_upgrade(conf_flags=["new", "miss", "def"])
_run_service_command("restart", "fail2ban")
self.disable_predicable_interface_names()
# Clean the mess
os.system("apt autoremove --assume-yes")
os.system("apt clean --assume-yes")
# We moved to port 587 for SMTP
# https://busylog.net/smtp-tls-ssl-25-465-587/
firewall_allow("Both", 587)
firewall_disallow("Both", 465)
# Upgrade yunohost packages
logger.info(m18n.n("migration_0003_yunohost_upgrade"))
self.restore_files_to_keep()
self.unhold(YUNOHOST_PACKAGES + apps_packages)
self.upgrade_yunohost_packages()
def debian_major_version(self):
# The python module "platform" and lsb_release are not reliable because
# on some setup, they still return Release=8 even after upgrading to
# stretch ... (Apparently this is related to OVH overriding some stuff
# with /etc/lsb-release for instance -_-)
# Instead, we rely on /etc/os-release which should be the raw info from
# the distribution...
return int(check_output("grep VERSION_ID /etc/os-release | tr '\"' ' ' | cut -d ' ' -f2"))
def yunohost_major_version(self):
return int(get_installed_version("yunohost").split('.')[0])
def check_assertions(self):
# Be on jessie (8.x) and yunohost 2.x
# NB : we do both check to cover situations where the upgrade crashed
# in the middle and debian version could be >= 9.x but yunohost package
# would still be in 2.x...
if not self.debian_major_version() == 8 \
and not self.yunohost_major_version() == 2:
raise MoulinetteError(m18n.n("migration_0003_not_jessie"))
# Have > 1 Go free space on /var/ ?
if free_space_in_directory("/var/") / (1024**3) < 1.0:
raise MoulinetteError(m18n.n("migration_0003_not_enough_free_space"))
# Check system is up to date
# (but we don't if 'stretch' is already in the sources.list ...
# which means maybe a previous upgrade crashed and we're re-running it)
if " stretch " not in read_file("/etc/apt/sources.list"):
self.apt_update()
apt_list_upgradable = check_output("apt list --upgradable -a")
if "upgradable" in apt_list_upgradable:
raise MoulinetteError(m18n.n("migration_0003_system_not_fully_up_to_date"))
@property
def disclaimer(self):
# Avoid having a super long disclaimer + uncessary check if we ain't
# on jessie / yunohost 2.x anymore
# NB : we do both check to cover situations where the upgrade crashed
# in the middle and debian version could be >= 9.x but yunohost package
# would still be in 2.x...
if not self.debian_major_version() == 8 \
and not self.yunohost_major_version() == 2:
return None
# Get list of problematic apps ? I.e. not official or community+working
problematic_apps = unstable_apps()
problematic_apps = "".join(["\n - " + app for app in problematic_apps])
# Manually modified files ? (c.f. yunohost service regen-conf)
modified_files = manually_modified_files()
# We also have a specific check for nginx.conf which some people
# modified and needs to be upgraded...
if "/etc/nginx/nginx.conf" in manually_modified_files_compared_to_debian_default():
modified_files.append("/etc/nginx/nginx.conf")
modified_files = "".join(["\n - " + f for f in modified_files])
message = m18n.n("migration_0003_general_warning")
if problematic_apps:
message += "\n\n" + m18n.n("migration_0003_problematic_apps_warning", problematic_apps=problematic_apps)
if modified_files:
message += "\n\n" + m18n.n("migration_0003_modified_files", manually_modified_files=modified_files)
return message
def patch_apt_sources_list(self):
sources_list = glob.glob("/etc/apt/sources.list.d/*.list")
sources_list.append("/etc/apt/sources.list")
# This :
# - replace single 'jessie' occurence by 'stretch'
# - comments lines containing "backports"
# - replace 'jessie/updates' by 'strech/updates' (or same with a -)
# - switch yunohost's repo to forge
for f in sources_list:
command = "sed -i -e 's@ jessie @ stretch @g' " \
"-e '/backports/ s@^#*@#@' " \
"-e 's@ jessie/updates @ stretch/updates @g' " \
"-e 's@ jessie-updates @ stretch-updates @g' " \
"-e 's@repo.yunohost@forge.yunohost@g' " \
"{}".format(f)
os.system(command)
def get_apps_equivs_packages(self):
command = "dpkg --get-selections" \
" | grep -v deinstall" \
" | awk '{print $1}'" \
" | { grep 'ynh-deps$' || true; }"
output = check_output(command).strip()
return output.split('\n') if output else []
def hold(self, packages):
for package in packages:
os.system("apt-mark hold {}".format(package))
def unhold(self, packages):
for package in packages:
os.system("apt-mark unhold {}".format(package))
def apt_update(self):
command = "apt-get update"
logger.debug("Running apt command :\n{}".format(command))
command += " 2>&1 | tee -a {}".format(self.logfile)
os.system(command)
def upgrade_yunohost_packages(self):
#
# Here we use a dirty hack to run a command after the current
# "yunohost tools migrations migrate", because the upgrade of
# yunohost will also trigger another "yunohost tools migrations migrate"
# (also the upgrade of the package, if executed from the webadmin, is
# likely to kill/restart the api which is in turn likely to kill this
# command before it ends...)
#
MOULINETTE_LOCK = "/var/run/moulinette_yunohost.lock"
upgrade_command = ""
upgrade_command += " DEBIAN_FRONTEND=noninteractive"
upgrade_command += " APT_LISTCHANGES_FRONTEND=none"
upgrade_command += " apt-get install"
upgrade_command += " --assume-yes "
upgrade_command += " ".join(YUNOHOST_PACKAGES)
# We also install php-zip and php7.0-acpu to fix an issue with
# nextcloud and kanboard that need it when on stretch.
upgrade_command += " php-zip php7.0-apcu"
upgrade_command += " 2>&1 | tee -a {}".format(self.logfile)
wait_until_end_of_yunohost_command = "(while [ -f {} ]; do sleep 2; done)".format(MOULINETTE_LOCK)
command = "({} && {}; echo 'Migration complete!') &".format(wait_until_end_of_yunohost_command,
upgrade_command)
logger.debug("Running command :\n{}".format(command))
os.system(command)
def apt_dist_upgrade(self, conf_flags):
# Make apt-get happy
os.system("echo 'libc6 libraries/restart-without-asking boolean true' | debconf-set-selections")
# Don't send an email to root about the postgresql migration. It should be handled automatically after.
os.system("echo 'postgresql-common postgresql-common/obsolete-major seen true' | debconf-set-selections")
command = ""
command += " DEBIAN_FRONTEND=noninteractive"
command += " APT_LISTCHANGES_FRONTEND=none"
command += " apt-get"
command += " --fix-broken --show-upgraded --assume-yes"
for conf_flag in conf_flags:
command += ' -o Dpkg::Options::="--force-conf{}"'.format(conf_flag)
command += " dist-upgrade"
logger.debug("Running apt command :\n{}".format(command))
command += " 2>&1 | tee -a {}".format(self.logfile)
is_api = msettings.get('interface') == 'api'
if is_api:
callbacks = (
lambda l: logger.info(l.rstrip()),
lambda l: logger.warning(l.rstrip()),
)
call_async_output(command, callbacks, shell=True)
else:
# We do this when running from the cli to have the output of the
# command showing in the terminal, since 'info' channel is only
# enabled if the user explicitly add --verbose ...
os.system(command)
# Those are files that should be kept and restored before the final switch
# to yunohost 3.x... They end up being modified by the various dist-upgrades
# (or need to be taken out momentarily), which then blocks the regen-conf
# as they are flagged as "manually modified"...
files_to_keep = [
"/etc/mysql/my.cnf",
"/etc/nslcd.conf",
"/etc/postfix/master.cf",
"/etc/fail2ban/filter.d/yunohost.conf"
]
def backup_files_to_keep(self):
logger.debug("Backuping specific files to keep ...")
# Create tmp directory if it does not exists
tmp_dir = os.path.join("/tmp/", self.name)
if not os.path.exists(tmp_dir):
os.mkdir(tmp_dir, 0700)
for f in self.files_to_keep:
dest_file = f.strip('/').replace("/", "_")
# If the file is already there, we might be re-running the migration
# because it previously crashed. Hence we keep the existing file.
if os.path.exists(os.path.join(tmp_dir, dest_file)):
continue
copy2(f, os.path.join(tmp_dir, dest_file))
def restore_files_to_keep(self):
logger.debug("Restoring specific files to keep ...")
tmp_dir = os.path.join("/tmp/", self.name)
for f in self.files_to_keep:
dest_file = f.strip('/').replace("/", "_")
copy2(os.path.join(tmp_dir, dest_file), f)
# On some setups, /etc/nginx/nginx.conf got edited. But this file needs
# to be upgraded because of the way the new module system works for nginx.
# (in particular, having the line that include the modules at the top)
#
# So here, if it got edited, we force the restore of the original conf
# *before* starting the actual upgrade...
#
# An alternative strategy that was attempted was to hold the nginx-common
# package and have a specific upgrade for it like for fail2ban, but that
# leads to apt complaining about not being able to upgrade for shitty
# reasons >.>
def restore_original_nginx_conf_if_needed(self):
if "/etc/nginx/nginx.conf" not in manually_modified_files_compared_to_debian_default():
return
if not os.path.exists("/etc/nginx/nginx.conf"):
return
# If stretch is in the sources.list, we already started migrating on
# stretch so we don't re-do this
if " stretch " in read_file("/etc/apt/sources.list"):
return
backup_dest = "/home/yunohost.conf/backup/nginx.conf.bkp_before_stretch"
logger.warning(m18n.n("migration_0003_restoring_origin_nginx_conf",
backup_dest=backup_dest))
os.system("mv /etc/nginx/nginx.conf %s" % backup_dest)
command = ""
command += " DEBIAN_FRONTEND=noninteractive"
command += " APT_LISTCHANGES_FRONTEND=none"
command += " apt-get"
command += " --fix-broken --show-upgraded --assume-yes"
command += ' -o Dpkg::Options::="--force-confmiss"'
command += " install --reinstall"
command += " nginx-common"
logger.debug("Running apt command :\n{}".format(command))
command += " 2>&1 | tee -a {}".format(self.logfile)
is_api = msettings.get('interface') == 'api'
if is_api:
callbacks = (
lambda l: logger.info(l.rstrip()),
lambda l: logger.warning(l.rstrip()),
)
call_async_output(command, callbacks, shell=True)
else:
# We do this when running from the cli to have the output of the
# command showing in the terminal, since 'info' channel is only
# enabled if the user explicitly add --verbose ...
os.system(command)
def disable_predicable_interface_names(self):
# Try to see if currently used interface names are predictable ones or not...
# If we ain't using "eth0" or "wlan0", assume we are using predictable interface
# names and therefore they shouldnt be disabled
network_interfaces = get_network_interfaces().keys()
if "eth0" not in network_interfaces and "wlan0" not in network_interfaces:
return
interfaces_config = read_file("/etc/network/interfaces")
if "eth0" not in interfaces_config and "wlan0" not in interfaces_config:
return
# Disable predictive interface names
# c.f. https://unix.stackexchange.com/a/338730
os.system("ln -s /dev/null /etc/systemd/network/99-default.link")

97
src/yunohost/data_migrations/0004_php5_to_php7_pools.py Normal file
View file

@ -0,0 +1,97 @@
import os
import glob
from shutil import copy2
from moulinette.utils.log import getActionLogger
from yunohost.tools import Migration
from yunohost.service import _run_service_command
logger = getActionLogger('yunohost.migration')
PHP5_POOLS = "/etc/php5/fpm/pool.d"
PHP7_POOLS = "/etc/php/7.0/fpm/pool.d"
PHP5_SOCKETS_PREFIX = "/var/run/php5-fpm"
PHP7_SOCKETS_PREFIX = "/run/php/php7.0-fpm"
MIGRATION_COMMENT = "; YunoHost note : this file was automatically moved from {}".format(PHP5_POOLS)
class MyMigration(Migration):
"Migrate php5-fpm 'pool' conf files to php7 stuff"
def migrate(self):
# Get list of php5 pool files
php5_pool_files = glob.glob("{}/*.conf".format(PHP5_POOLS))
# Keep only basenames
php5_pool_files = [os.path.basename(f) for f in php5_pool_files]
# Ignore the "www.conf" (default stuff, probably don't want to touch it ?)
php5_pool_files = [f for f in php5_pool_files if f != "www.conf"]
for f in php5_pool_files:
# Copy the files to the php7 pool
src = "{}/{}".format(PHP5_POOLS, f)
dest = "{}/{}".format(PHP7_POOLS, f)
copy2(src, dest)
# Replace the socket prefix if it's found
c = "sed -i -e 's@{}@{}@g' {}".format(PHP5_SOCKETS_PREFIX, PHP7_SOCKETS_PREFIX, dest)
os.system(c)
# Also add a comment that it was automatically moved from php5
# (for human traceability and backward migration)
c = "sed -i '1i {}' {}".format(MIGRATION_COMMENT, dest)
os.system(c)
# Some old comments starting with '#' instead of ';' are not
# compatible in php7
c = "sed -i 's/^#/;#/g' {}".format(dest)
os.system(c)
# Reload/restart the php pools
_run_service_command("restart", "php7.0-fpm")
_run_service_command("enable", "php7.0-fpm")
os.system("systemctl stop php5-fpm")
os.system("systemctl disable php5-fpm")
os.system("rm /etc/logrotate.d/php5-fpm") # We remove this otherwise the logrotate cron will be unhappy
# Get list of nginx conf file
nginx_conf_files = glob.glob("/etc/nginx/conf.d/*.d/*.conf")
for f in nginx_conf_files:
# Replace the socket prefix if it's found
c = "sed -i -e 's@{}@{}@g' {}".format(PHP5_SOCKETS_PREFIX, PHP7_SOCKETS_PREFIX, f)
os.system(c)
# Reload nginx
_run_service_command("reload", "nginx")
def backward(self):
# Get list of php7 pool files
php7_pool_files = glob.glob("{}/*.conf".format(PHP7_POOLS))
# Keep only files which have the migration comment
php7_pool_files = [f for f in php7_pool_files if open(f).readline().strip() == MIGRATION_COMMENT]
# Delete those files
for f in php7_pool_files:
os.remove(f)
# Reload/restart the php pools
_run_service_command("stop", "php7.0-fpm")
os.system("systemctl start php5-fpm")
# Get list of nginx conf file
nginx_conf_files = glob.glob("/etc/nginx/conf.d/*.d/*.conf")
for f in nginx_conf_files:
# Replace the socket prefix if it's found
c = "sed -i -e 's@{}@{}@g' {}".format(PHP7_SOCKETS_PREFIX, PHP5_SOCKETS_PREFIX, f)
os.system(c)
# Reload nginx
_run_service_command("reload", "nginx")

42
src/yunohost/data_migrations/0005_postgresql_9p4_to_9p6.py Normal file
View file

@ -0,0 +1,42 @@
import subprocess
from moulinette import m18n
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger
from yunohost.tools import Migration
from yunohost.utils.filesystem import free_space_in_directory, space_used_by_directory
logger = getActionLogger('yunohost.migration')
class MyMigration(Migration):
"Migrate DBs from Postgresql 9.4 to 9.6 after migrating to Stretch"
def migrate(self):
if not self.package_is_installed("postgresql-9.4"):
logger.warning(m18n.n("migration_0005_postgresql_94_not_installed"))
return
if not self.package_is_installed("postgresql-9.6"):
raise MoulinetteError(m18n.n("migration_0005_postgresql_96_not_installed"))
if not space_used_by_directory("/var/lib/postgresql/9.4") > free_space_in_directory("/var/lib/postgresql"):
raise MoulinetteError(m18n.n("migration_0005_not_enough_space", path="/var/lib/postgresql/"))
subprocess.check_call("service postgresql stop", shell=True)
subprocess.check_call("pg_dropcluster --stop 9.6 main", shell=True)
subprocess.check_call("pg_upgradecluster -m upgrade 9.4 main", shell=True)
subprocess.check_call("pg_dropcluster --stop 9.4 main", shell=True)
subprocess.check_call("service postgresql start", shell=True)
def backward(self):
pass
def package_is_installed(self, package_name):
p = subprocess.Popen("dpkg --list | grep -q -w {}".format(package_name), shell=True)
p.communicate()
return p.returncode == 0

0
src/yunohost/data_migrations/__init__.py Normal file
View file

481
src/yunohost/domain.py
View file

@ -24,25 +24,25 @@
Manage domains
"""
import os
import sys
import datetime
import re
import shutil
import json
import yaml
import errno
import requests
from urllib import urlopen
from moulinette import m18n, msettings
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger
import yunohost.certificate
from yunohost.service import service_regen_conf
from yunohost.utils.network import get_public_ip
from yunohost.log import is_unit_operation
logger = getActionLogger('yunohost.domain')
def domain_list(auth, filter=None, limit=None, offset=None):
def domain_list(auth):
"""
List domains
@ -54,24 +54,16 @@ def domain_list(auth, filter=None, limit=None, offset=None):
"""
result_list = []
# Set default arguments values
if offset is None:
offset = 0
if limit is None:
limit = 1000
if filter is None:
filter = 'virtualdomain=*'
result = auth.search('ou=domains,dc=yunohost,dc=org', 'virtualdomain=*', ['virtualdomain'])
result = auth.search('ou=domains,dc=yunohost,dc=org', filter, ['virtualdomain'])
for domain in result:
result_list.append(domain['virtualdomain'][0])
if len(result) > offset and limit > 0:
for domain in result[offset:offset+limit]:
result_list.append(domain['virtualdomain'][0])
return { 'domains': result_list }
return {'domains': result_list}
def domain_add(auth, domain, dyndns=False):
@is_unit_operation()
def domain_add(operation_logger, auth, domain, dyndns=False):
"""
Create a custom domain
@ -81,99 +73,68 @@ def domain_add(auth, domain, dyndns=False):
"""
from yunohost.hook import hook_callback
from yunohost.app import app_ssowatconf
attr_dict = { 'objectClass' : ['mailDomain', 'top'] }
now = datetime.datetime.now()
timestamp = str(now.year) + str(now.month) + str(now.day)
if domain in domain_list(auth)['domains']:
try:
auth.validate_uniqueness({'virtualdomain': domain})
except MoulinetteError:
raise MoulinetteError(errno.EEXIST, m18n.n('domain_exists'))
operation_logger.start()
# DynDNS domain
if dyndns:
if len(domain.split('.')) < 3:
raise MoulinetteError(errno.EINVAL, m18n.n('domain_dyndns_invalid'))
from yunohost.dyndns import dyndns_subscribe
try:
r = requests.get('https://dyndns.yunohost.org/domains')
except requests.ConnectionError:
pass
else:
dyndomains = json.loads(r.text)
dyndomain = '.'.join(domain.split('.')[1:])
if dyndomain in dyndomains:
if os.path.exists('/etc/cron.d/yunohost-dyndns'):
raise MoulinetteError(errno.EPERM,
m18n.n('domain_dyndns_already_subscribed'))
dyndns_subscribe(domain=domain)
else:
raise MoulinetteError(errno.EINVAL,
m18n.n('domain_dyndns_root_unknown'))
# Do not allow to subscribe to multiple dyndns domains...
if os.path.exists('/etc/cron.d/yunohost-dyndns'):
raise MoulinetteError(errno.EPERM,
m18n.n('domain_dyndns_already_subscribed'))
from yunohost.dyndns import dyndns_subscribe, _dyndns_provides
# Check that this domain can effectively be provided by
# dyndns.yunohost.org. (i.e. is it a nohost.me / noho.st)
if not _dyndns_provides("dyndns.yunohost.org", domain):
raise MoulinetteError(errno.EINVAL,
m18n.n('domain_dyndns_root_unknown'))
# Actually subscribe
dyndns_subscribe(domain=domain)
try:
# Commands
ssl_dir = '/usr/share/yunohost/yunohost-config/ssl/yunoCA'
ssl_domain_path = '/etc/yunohost/certs/%s' % domain
with open('%s/serial' % ssl_dir, 'r') as f:
serial = f.readline().rstrip()
try: os.listdir(ssl_domain_path)
except OSError: os.makedirs(ssl_domain_path)
yunohost.certificate._certificate_install_selfsigned([domain], False)
command_list = [
'cp %s/openssl.cnf %s' % (ssl_dir, ssl_domain_path),
'sed -i "s/yunohost.org/%s/g" %s/openssl.cnf' % (domain, ssl_domain_path),
'openssl req -new -config %s/openssl.cnf -days 3650 -out %s/certs/yunohost_csr.pem -keyout %s/certs/yunohost_key.pem -nodes -batch'
% (ssl_domain_path, ssl_dir, ssl_dir),
'openssl ca -config %s/openssl.cnf -days 3650 -in %s/certs/yunohost_csr.pem -out %s/certs/yunohost_crt.pem -batch'
% (ssl_domain_path, ssl_dir, ssl_dir),
'ln -s /etc/ssl/certs/ca-yunohost_crt.pem %s/ca.pem' % ssl_domain_path,
'cp %s/certs/yunohost_key.pem %s/key.pem' % (ssl_dir, ssl_domain_path),
'cp %s/newcerts/%s.pem %s/crt.pem' % (ssl_dir, serial, ssl_domain_path),
'chmod 755 %s' % ssl_domain_path,
'chmod 640 %s/key.pem' % ssl_domain_path,
'chmod 640 %s/crt.pem' % ssl_domain_path,
'chmod 600 %s/openssl.cnf' % ssl_domain_path,
'chown root:metronome %s/key.pem' % ssl_domain_path,
'chown root:metronome %s/crt.pem' % ssl_domain_path,
'cat %s/ca.pem >> %s/crt.pem' % (ssl_domain_path, ssl_domain_path)
]
for command in command_list:
if os.system(command) != 0:
raise MoulinetteError(errno.EIO,
m18n.n('domain_cert_gen_failed'))
try:
auth.validate_uniqueness({ 'virtualdomain': domain })
except MoulinetteError:
raise MoulinetteError(errno.EEXIST, m18n.n('domain_exists'))
attr_dict['virtualdomain'] = domain
attr_dict = {
'objectClass': ['mailDomain', 'top'],
'virtualdomain': domain,
}
if not auth.add('virtualdomain=%s,ou=domains' % domain, attr_dict):
raise MoulinetteError(errno.EIO, m18n.n('domain_creation_failed'))
try:
with open('/etc/yunohost/installed', 'r') as f:
service_regen_conf(names=[
'nginx', 'metronome', 'dnsmasq', 'rmilter'])
os.system('yunohost app ssowatconf > /dev/null 2>&1')
except IOError: pass
except:
# Don't regen these conf if we're still in postinstall
if os.path.exists('/etc/yunohost/installed'):
service_regen_conf(names=['nginx', 'metronome', 'dnsmasq', 'postfix'])
app_ssowatconf(auth)
except Exception, e:
from sys import exc_info;
t, v, tb = exc_info()
# Force domain removal silently
try: domain_remove(auth, domain, True)
except: pass
raise
try:
domain_remove(auth, domain, True)
except:
pass
raise t, v, tb
hook_callback('post_domain_add', args=[domain])
logger.success(m18n.n('domain_created'))
def domain_remove(auth, domain, force=False):
@is_unit_operation()
def domain_remove(operation_logger, auth, domain, force=False):
"""
Delete domains
@ -183,13 +144,18 @@ def domain_remove(auth, domain, force=False):
"""
from yunohost.hook import hook_callback
from yunohost.app import app_ssowatconf
if not force and domain not in domain_list(auth)['domains']:
raise MoulinetteError(errno.EINVAL, m18n.n('domain_unknown'))
# Check domain is not the main domain
if domain == _get_maindomain():
raise MoulinetteError(errno.EINVAL, m18n.n('domain_cannot_remove_main'))
# Check if apps are installed on the domain
for app in os.listdir('/etc/yunohost/apps/'):
with open('/etc/yunohost/apps/' + app +'/settings.yml') as f:
with open('/etc/yunohost/apps/' + app + '/settings.yml') as f:
try:
app_domain = yaml.load(f)['domain']
except:
@ -199,13 +165,14 @@ def domain_remove(auth, domain, force=False):
raise MoulinetteError(errno.EPERM,
m18n.n('domain_uninstall_app_first'))
operation_logger.start()
if auth.remove('virtualdomain=' + domain + ',ou=domains') or force:
os.system('rm -rf /etc/yunohost/certs/%s' % domain)
else:
raise MoulinetteError(errno.EIO, m18n.n('domain_deletion_failed'))
service_regen_conf(names=['nginx', 'metronome', 'dnsmasq'])
os.system('yunohost app ssowatconf > /dev/null 2>&1')
service_regen_conf(names=['nginx', 'metronome', 'dnsmasq', 'postfix'])
app_ssowatconf(auth)
hook_callback('post_domain_remove', args=[domain])
@ -221,83 +188,269 @@ def domain_dns_conf(domain, ttl=None):
ttl -- Time to live
"""
ttl = 3600 if ttl is None else ttl
ip4 = ip6 = None
# A/AAAA records
ip4 = get_public_ip()
result = (
"@ {ttl} IN A {ip4}\n"
"* {ttl} IN A {ip4}\n"
).format(ttl=ttl, ip4=ip4)
dns_conf = _build_dns_conf(domain, ttl)
try:
ip6 = get_public_ip(6)
except:
pass
else:
result += (
"@ {ttl} IN AAAA {ip6}\n"
"* {ttl} IN AAAA {ip6}\n"
).format(ttl=ttl, ip6=ip6)
result = ""
# Jabber/XMPP
result += ("\n"
"_xmpp-client._tcp {ttl} IN SRV 0 5 5222 {domain}.\n"
"_xmpp-server._tcp {ttl} IN SRV 0 5 5269 {domain}.\n"
"muc {ttl} IN CNAME @\n"
"pubsub {ttl} IN CNAME @\n"
"vjud {ttl} IN CNAME @\n"
).format(ttl=ttl, domain=domain)
result += "; Basic ipv4/ipv6 records"
for record in dns_conf["basic"]:
result += "\n{name} {ttl} IN {type} {value}".format(**record)
# Email
result += ('\n'
'@ {ttl} IN MX 10 {domain}.\n'
'@ {ttl} IN TXT "v=spf1 a mx ip4:{ip4}'
).format(ttl=ttl, domain=domain, ip4=ip4)
if ip6 is not None:
result += ' ip6:{ip6}'.format(ip6=ip6)
result += ' -all"'
result += "\n\n"
result += "; XMPP"
for record in dns_conf["xmpp"]:
result += "\n{name} {ttl} IN {type} {value}".format(**record)
# DKIM
try:
with open('/etc/dkim/{domain}.mail.txt'.format(domain=domain)) as f:
dkim_content = f.read()
except IOError:
pass
else:
dkim = re.match((
r'^(?P<host>[a-z_\-\.]+)[\s]+([0-9]+[\s]+)?IN[\s]+TXT[\s]+[^"]*'
'(?=.*(;[\s]*|")v=(?P<v>[^";]+))'
'(?=.*(;[\s]*|")k=(?P<k>[^";]+))'
'(?=.*(;[\s]*|")p=(?P<p>[^";]+))'), dkim_content, re.M|re.S
)
if dkim:
result += '\n{host}. {ttl} IN TXT "v={v}; k={k}; p={p}"'.format(
host='{0}.{1}'.format(dkim.group('host'), domain), ttl=ttl,
v=dkim.group('v'), k=dkim.group('k'), p=dkim.group('p')
)
result += "\n\n"
result += "; Mail"
for record in dns_conf["mail"]:
result += "\n{name} {ttl} IN {type} {value}".format(**record)
# If DKIM is set, add dummy DMARC support
result += '\n_dmarc {ttl} IN TXT "v=DMARC1; p=none"'.format(
ttl=ttl
)
is_cli = True if msettings.get('interface') == 'cli' else False
if is_cli:
logger.info(m18n.n("domain_dns_conf_is_just_a_recommendation"))
return result
def get_public_ip(protocol=4):
"""Retrieve the public IP address from ip.yunohost.org"""
if protocol == 4:
url = 'https://ip.yunohost.org'
elif protocol == 6:
# FIXME: Let's Encrypt does not support IPv6-only hosts yet
url = 'http://ip6.yunohost.org'
def domain_cert_status(auth, domain_list, full=False):
return yunohost.certificate.certificate_status(auth, domain_list, full)
def domain_cert_install(auth, domain_list, force=False, no_checks=False, self_signed=False, staging=False):
return yunohost.certificate.certificate_install(auth, domain_list, force, no_checks, self_signed, staging)
def domain_cert_renew(auth, domain_list, force=False, no_checks=False, email=False, staging=False):
return yunohost.certificate.certificate_renew(auth, domain_list, force, no_checks, email, staging)
def _get_conflicting_apps(auth, domain, path):
"""
Return a list of all conflicting apps with a domain/path (it can be empty)
Keyword argument:
domain -- The domain for the web path (e.g. your.domain.tld)
path -- The path to check (e.g. /coffee)
"""
domain, path = _normalize_domain_path(domain, path)
# Abort if domain is unknown
if domain not in domain_list(auth)['domains']:
raise MoulinetteError(errno.EINVAL, m18n.n('domain_unknown'))
# This import cannot be put on top of file because it would create a
# recursive import...
from yunohost.app import app_map
# Fetch apps map
apps_map = app_map(raw=True)
# Loop through all apps to check if path is taken by one of them
conflicts = []
if domain in apps_map:
# Loop through apps
for p, a in apps_map[domain].items():
if path == p:
conflicts.append((p, a["id"], a["label"]))
# We also don't want conflicts with other apps starting with
# same name
elif path.startswith(p) or p.startswith(path):
conflicts.append((p, a["id"], a["label"]))
return conflicts
def domain_url_available(auth, domain, path):
"""
Check availability of a web path
Keyword argument:
domain -- The domain for the web path (e.g. your.domain.tld)
path -- The path to check (e.g. /coffee)
"""
return len(_get_conflicting_apps(auth, domain, path)) == 0
def _get_maindomain():
with open('/etc/yunohost/current_host', 'r') as f:
maindomain = f.readline().rstrip()
return maindomain
def _set_maindomain(domain):
with open('/etc/yunohost/current_host', 'w') as f:
f.write(domain)
def _normalize_domain_path(domain, path):
# We want url to be of the format :
# some.domain.tld/foo
# Remove http/https prefix if it's there
if domain.startswith("https://"):
domain = domain[len("https://"):]
elif domain.startswith("http://"):
domain = domain[len("http://"):]
# Remove trailing slashes
domain = domain.rstrip("/")
path = "/" + path.strip("/")
return domain, path
def _build_dns_conf(domain, ttl=3600):
"""
Internal function that will returns a data structure containing the needed
information to generate/adapt the dns configuration
The returned datastructure will have the following form:
{
"basic": [
# if ipv4 available
{"type": "A", "name": "@", "value": "123.123.123.123", "ttl": 3600},
{"type": "A", "name": "*", "value": "123.123.123.123", "ttl": 3600},
# if ipv6 available
{"type": "AAAA", "name": "@", "value": "valid-ipv6", "ttl": 3600},
{"type": "AAAA", "name": "*", "value": "valid-ipv6", "ttl": 3600},
],
"xmpp": [
{"type": "SRV", "name": "_xmpp-client._tcp", "value": "0 5 5222 domain.tld.", "ttl": 3600},
{"type": "SRV", "name": "_xmpp-server._tcp", "value": "0 5 5269 domain.tld.", "ttl": 3600},
{"type": "CNAME", "name": "muc", "value": "@", "ttl": 3600},
{"type": "CNAME", "name": "pubsub", "value": "@", "ttl": 3600},
{"type": "CNAME", "name": "vjud", "value": "@", "ttl": 3600}
],
"mail": [
{"type": "MX", "name": "@", "value": "10 domain.tld.", "ttl": 3600},
{"type": "TXT", "name": "@", "value": "\"v=spf1 a mx ip4:123.123.123.123 ipv6:valid-ipv6 -all\"", "ttl": 3600 },
{"type": "TXT", "name": "mail._domainkey", "value": "\"v=DKIM1; k=rsa; p=some-super-long-key\"", "ttl": 3600},
{"type": "TXT", "name": "_dmarc", "value": "\"v=DMARC1; p=none\"", "ttl": 3600}
],
}
"""
ipv4 = get_public_ip()
ipv6 = get_public_ip(6)
basic = []
# Basic ipv4/ipv6 records
if ipv4:
basic += [
["@", ttl, "A", ipv4],
["*", ttl, "A", ipv4],
]
if ipv6:
basic += [
["@", ttl, "AAAA", ipv6],
["*", ttl, "AAAA", ipv6],
]
# XMPP
xmpp = [
["_xmpp-client._tcp", ttl, "SRV", "0 5 5222 %s." % domain],
["_xmpp-server._tcp", ttl, "SRV", "0 5 5269 %s." % domain],
["muc", ttl, "CNAME", "@"],
["pubsub", ttl, "CNAME", "@"],
["vjud", ttl, "CNAME", "@"],
]
# SPF record
spf_record = '"v=spf1 a mx'
if ipv4:
spf_record += ' ip4:{ip4}'.format(ip4=ipv4)
if ipv6:
spf_record += ' ip6:{ip6}'.format(ip6=ipv6)
spf_record += ' -all"'
# Email
mail = [
["@", ttl, "MX", "10 %s." % domain],
["@", ttl, "TXT", spf_record],
]
# DKIM/DMARC record
dkim_host, dkim_publickey = _get_DKIM(domain)
if dkim_host:
mail += [
[dkim_host, ttl, "TXT", dkim_publickey],
["_dmarc", ttl, "TXT", '"v=DMARC1; p=none"'],
]
return {
"basic": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in basic],
"xmpp": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in xmpp],
"mail": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in mail],
}
def _get_DKIM(domain):
DKIM_file = '/etc/dkim/{domain}.mail.txt'.format(domain=domain)
if not os.path.isfile(DKIM_file):
return (None, None)
with open(DKIM_file) as f:
dkim_content = f.read()
# Gotta manage two formats :
#
# Legacy
# -----
#
# mail._domainkey IN TXT ( "v=DKIM1; k=rsa; "
# "p=<theDKIMpublicKey>" )
#
# New
# ------
#
# mail._domainkey IN TXT ( "v=DKIM1; h=sha256; k=rsa; "
# "p=<theDKIMpublicKey>" )
is_legacy_format = " h=sha256; " not in dkim_content
# Legacy DKIM format
if is_legacy_format:
dkim = re.match((
r'^(?P<host>[a-z_\-\.]+)[\s]+([0-9]+[\s]+)?IN[\s]+TXT[\s]+'
'[^"]*"v=(?P<v>[^";]+);'
'[\s"]*k=(?P<k>[^";]+);'
'[\s"]*p=(?P<p>[^";]+)'), dkim_content, re.M | re.S
)
else:
raise ValueError("invalid protocol version")
try:
return urlopen(url).read().strip()
except IOError:
logger.debug('cannot retrieve public IPv%d' % protocol, exc_info=1)
raise MoulinetteError(errno.ENETUNREACH,
m18n.n('no_internet_connection'))
dkim = re.match((
r'^(?P<host>[a-z_\-\.]+)[\s]+([0-9]+[\s]+)?IN[\s]+TXT[\s]+'
'[^"]*"v=(?P<v>[^";]+);'
'[\s"]*h=(?P<h>[^";]+);'
'[\s"]*k=(?P<k>[^";]+);'
'[\s"]*p=(?P<p>[^";]+)'), dkim_content, re.M | re.S
)
if not dkim:
return (None, None)
if is_legacy_format:
return (
dkim.group('host'),
'"v={v}; k={k}; p={p}"'.format(v=dkim.group('v'),
k=dkim.group('k'),
p=dkim.group('p'))
)
else:
return (
dkim.group('host'),
'"v={v}; h={h}; k={k}; p={p}"'.format(v=dkim.group('v'),
h=dkim.group('h'),
k=dkim.group('k'),
p=dkim.group('p'))
)

396
src/yunohost/dyndns.py
View file

@ -27,47 +27,94 @@ import os
import re
import json
import glob
import time
import base64
import errno
import requests
import subprocess
from moulinette import m18n
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger
from moulinette.utils.filesystem import read_file, write_to_file, rm
from moulinette.utils.network import download_json
from yunohost.domain import get_public_ip
from yunohost.domain import _get_maindomain, _build_dns_conf
from yunohost.utils.network import get_public_ip
from yunohost.log import is_unit_operation
logger = getActionLogger('yunohost.dyndns')
OLD_IPV4_FILE = '/etc/yunohost/dyndns/old_ip'
OLD_IPV6_FILE = '/etc/yunohost/dyndns/old_ipv6'
DYNDNS_ZONE = '/etc/yunohost/dyndns/zone'
class IPRouteLine(object):
""" Utility class to parse an ip route output line
The output of ip ro is variable and hard to parse completly, it would
require a real parser, not just a regexp, so do minimal parsing here...
>>> a = IPRouteLine('2001:: from :: via fe80::c23f:fe:1e:cafe dev eth0 src 2000:de:beef:ca:0:fe:1e:cafe metric 0')
>>> a.src_addr
"2000:de:beef:ca:0:fe:1e:cafe"
"""
regexp = re.compile(
r'(?P<unreachable>unreachable)?.*src\s+(?P<src_addr>[0-9a-f:]+).*')
def __init__(self, line):
self.m = self.regexp.match(line)
if not self.m:
raise ValueError("Not a valid ip route get line")
# make regexp group available as object attributes
for k, v in self.m.groupdict().items():
setattr(self, k, v)
re_dyndns_private_key = re.compile(
RE_DYNDNS_PRIVATE_KEY_MD5 = re.compile(
r'.*/K(?P<domain>[^\s\+]+)\.\+157.+\.private$'
)
RE_DYNDNS_PRIVATE_KEY_SHA512 = re.compile(
r'.*/K(?P<domain>[^\s\+]+)\.\+165.+\.private$'
)
def dyndns_subscribe(subscribe_host="dyndns.yunohost.org", domain=None, key=None):
def _dyndns_provides(provider, domain):
"""
Checks if a provider provide/manage a given domain.
Keyword arguments:
provider -- The url of the provider, e.g. "dyndns.yunohost.org"
domain -- The full domain that you'd like.. e.g. "foo.nohost.me"
Returns:
True if the provider provide/manages the domain. False otherwise.
"""
logger.debug("Checking if %s is managed by %s ..." % (domain, provider))
try:
# Dyndomains will be a list of domains supported by the provider
# e.g. [ "nohost.me", "noho.st" ]
dyndomains = download_json('https://%s/domains' % provider, timeout=30)
except MoulinetteError as e:
logger.error(str(e))
raise MoulinetteError(errno.EIO,
m18n.n('dyndns_could_not_check_provide',
domain=domain, provider=provider))
# Extract 'dyndomain' from 'domain', e.g. 'nohost.me' from 'foo.nohost.me'
dyndomain = '.'.join(domain.split('.')[1:])
return dyndomain in dyndomains
def _dyndns_available(provider, domain):
"""
Checks if a domain is available from a given provider.
Keyword arguments:
provider -- The url of the provider, e.g. "dyndns.yunohost.org"
domain -- The full domain that you'd like.. e.g. "foo.nohost.me"
Returns:
True if the domain is avaible, False otherwise.
"""
logger.debug("Checking if domain %s is available on %s ..."
% (domain, provider))
try:
r = download_json('https://%s/test/%s' % (provider, domain),
expected_status_code=None)
except MoulinetteError as e:
logger.error(str(e))
raise MoulinetteError(errno.EIO,
m18n.n('dyndns_could_not_check_available',
domain=domain, provider=provider))
return r == u"Domain %s is available" % domain
@is_unit_operation()
def dyndns_subscribe(operation_logger, subscribe_host="dyndns.yunohost.org", domain=None, key=None):
"""
Subscribe to a DynDNS service
@ -78,38 +125,48 @@ def dyndns_subscribe(subscribe_host="dyndns.yunohost.org", domain=None, key=None
"""
if domain is None:
with open('/etc/yunohost/current_host', 'r') as f:
domain = f.readline().rstrip()
domain = _get_maindomain()
operation_logger.related_to.append(('domain', domain))
# Verify if domain is provided by subscribe_host
if not _dyndns_provides(subscribe_host, domain):
raise MoulinetteError(errno.ENOENT,
m18n.n('dyndns_domain_not_provided',
domain=domain, provider=subscribe_host))
# Verify if domain is available
try:
if requests.get('https://%s/test/%s' % (subscribe_host, domain)).status_code != 200:
raise MoulinetteError(errno.EEXIST, m18n.n('dyndns_unavailable'))
except requests.ConnectionError:
raise MoulinetteError(errno.ENETUNREACH, m18n.n('no_internet_connection'))
if not _dyndns_available(subscribe_host, domain):
raise MoulinetteError(errno.ENOENT,
m18n.n('dyndns_unavailable', domain=domain))
operation_logger.start()
if key is None:
if len(glob.glob('/etc/yunohost/dyndns/*.key')) == 0:
os.makedirs('/etc/yunohost/dyndns')
if not os.path.exists('/etc/yunohost/dyndns'):
os.makedirs('/etc/yunohost/dyndns')
logger.info(m18n.n('dyndns_key_generating'))
logger.debug(m18n.n('dyndns_key_generating'))
os.system('cd /etc/yunohost/dyndns && ' \
'dnssec-keygen -a hmac-md5 -b 128 -n USER %s' % domain)
os.system('cd /etc/yunohost/dyndns && '
'dnssec-keygen -a hmac-sha512 -b 512 -r /dev/urandom -n USER %s' % domain)
os.system('chmod 600 /etc/yunohost/dyndns/*.key /etc/yunohost/dyndns/*.private')
key_file = glob.glob('/etc/yunohost/dyndns/*.key')[0]
with open(key_file) as f:
key = f.readline().strip().split(' ')[-1]
key = f.readline().strip().split(' ', 6)[-1]
import requests # lazy loading this module for performance reasons
# Send subscription
try:
r = requests.post('https://%s/key/%s' % (subscribe_host, base64.b64encode(key)), data={ 'subdomain': domain })
r = requests.post('https://%s/key/%s?key_algo=hmac-sha512' % (subscribe_host, base64.b64encode(key)), data={'subdomain': domain}, timeout=30)
except requests.ConnectionError:
raise MoulinetteError(errno.ENETUNREACH, m18n.n('no_internet_connection'))
if r.status_code != 201:
try: error = json.loads(r.text)['error']
except: error = "Server error"
try:
error = json.loads(r.text)['error']
except:
error = "Server error, code: %s. (Message: \"%s\")" % (r.status_code, r.text)
raise MoulinetteError(errno.EPERM,
m18n.n('dyndns_registration_failed', error=error))
@ -118,7 +175,8 @@ def dyndns_subscribe(subscribe_host="dyndns.yunohost.org", domain=None, key=None
dyndns_installcron()
def dyndns_update(dyn_host="dyndns.yunohost.org", domain=None, key=None,
@is_unit_operation()
def dyndns_update(operation_logger, dyn_host="dyndns.yunohost.org", domain=None, key=None,
ipv4=None, ipv6=None):
"""
Update IP on DynDNS platform
@ -131,127 +189,132 @@ def dyndns_update(dyn_host="dyndns.yunohost.org", domain=None, key=None,
ipv6 -- IPv6 address to send
"""
# IPv4
# Get old ipv4/v6
old_ipv4, old_ipv6 = (None, None) # (default values)
if os.path.isfile(OLD_IPV4_FILE):
old_ipv4 = read_file(OLD_IPV4_FILE).rstrip()
if os.path.isfile(OLD_IPV6_FILE):
old_ipv6 = read_file(OLD_IPV6_FILE).rstrip()
# Get current IPv4 and IPv6
ipv4_ = get_public_ip()
ipv6_ = get_public_ip(6)
if ipv4 is None:
ipv4 = get_public_ip()
ipv4 = ipv4_
try:
with open('/etc/yunohost/dyndns/old_ip', 'r') as f:
old_ip = f.readline().rstrip()
except IOError:
old_ip = '0.0.0.0'
# IPv6
if ipv6 is None:
ipv6 = ipv6_
logger.debug("Old IPv4/v6 are (%s, %s)" % (old_ipv4, old_ipv6))
logger.debug("Requested IPv4/v6 are (%s, %s)" % (ipv4, ipv6))
# no need to update
if old_ipv4 == ipv4 and old_ipv6 == ipv6:
logger.info("No updated needed.")
return
else:
logger.info("Updated needed, going on...")
# If domain is not given, try to guess it from keys available...
if domain is None:
(domain, key) = _guess_current_dyndns_domain(dyn_host)
# If key is not given, pick the first file we find with the domain given
else:
if key is None:
keys = glob.glob('/etc/yunohost/dyndns/K{0}.+*.private'.format(domain))
if not keys:
raise MoulinetteError(errno.EIO, m18n.n('dyndns_key_not_found'))
key = keys[0]
operation_logger.related_to.append(('domain', domain))
operation_logger.start()
# This mean that hmac-md5 is used
# (Re?)Trigger the migration to sha256 and return immediately.
# The actual update will be done in next run.
if "+157" in key:
from yunohost.tools import _get_migration_by_name
migration = _get_migration_by_name("migrate_to_tsig_sha256")
try:
ip_route_out = subprocess.check_output(
['ip', 'route', 'get', '2000::']).split('\n')
migration.migrate(dyn_host, domain, key)
except Exception as e:
logger.error(m18n.n('migrations_migration_has_failed',
exception=e,
number=migration.number,
name=migration.name),
exc_info=1)
return
if len(ip_route_out) > 0:
route = IPRouteLine(ip_route_out[0])
if not route.unreachable:
ipv6 = route.src_addr
# Extract 'host', e.g. 'nohost.me' from 'foo.nohost.me'
host = domain.split('.')[1:]
host = '.'.join(host)
except (OSError, ValueError) as e:
# Unlikely case "ip route" does not return status 0
# or produces unexpected output
raise MoulinetteError(errno.EBADMSG,
"ip route cmd error : {}".format(e))
logger.debug("Building zone update file ...")
if ipv6 is None:
logger.info(m18n.n('no_ipv6_connectivity'))
lines = [
'server %s' % dyn_host,
'zone %s' % host,
]
dns_conf = _build_dns_conf(domain)
# Delete the old records for all domain/subdomains
# every dns_conf.values() is a list of :
# [{"name": "...", "ttl": "...", "type": "...", "value": "..."}]
for records in dns_conf.values():
for record in records:
action = "update delete {name}.{domain}.".format(domain=domain, **record)
action = action.replace(" @.", " ")
lines.append(action)
# Add the new records for all domain/subdomains
for records in dns_conf.values():
for record in records:
# (For some reason) here we want the format with everytime the
# entire, full domain shown explicitly, not just "muc" or "@", it
# should be muc.the.domain.tld. or the.domain.tld
if record["value"] == "@":
record["value"] = domain
record["value"] = record["value"].replace(";","\;")
action = "update add {name}.{domain}. {ttl} {type} {value}".format(domain=domain, **record)
action = action.replace(" @.", " ")
lines.append(action)
lines += [
'show',
'send'
]
# Write the actions to do to update to a file, to be able to pass it
# to nsupdate as argument
write_to_file(DYNDNS_ZONE, '\n'.join(lines))
logger.debug("Now pushing new conf to DynDNS host...")
try:
with open('/etc/yunohost/dyndns/old_ipv6', 'r') as f:
old_ipv6 = f.readline().rstrip()
except IOError:
old_ipv6 = '0000:0000:0000:0000:0000:0000:0000:0000'
command = ["/usr/bin/nsupdate", "-k", key, DYNDNS_ZONE]
subprocess.check_call(command)
except subprocess.CalledProcessError:
rm(OLD_IPV4_FILE, force=True) # Remove file (ignore if non-existent)
rm(OLD_IPV6_FILE, force=True) # Remove file (ignore if non-existent)
raise MoulinetteError(errno.EPERM,
m18n.n('dyndns_ip_update_failed'))
if old_ip != ipv4 or old_ipv6 != ipv6:
if domain is None:
# Retrieve the first registered domain
for path in glob.iglob('/etc/yunohost/dyndns/K*.private'):
match = re_dyndns_private_key.match(path)
if not match:
continue
_domain = match.group('domain')
try:
# Check if domain is registered
if requests.get('https://{0}/test/{1}'.format(
dyn_host, _domain)).status_code == 200:
continue
except requests.ConnectionError:
raise MoulinetteError(errno.ENETUNREACH,
m18n.n('no_internet_connection'))
domain = _domain
key = path
break
if not domain:
raise MoulinetteError(errno.EINVAL,
m18n.n('dyndns_no_domain_registered'))
logger.success(m18n.n('dyndns_ip_updated'))
if key is None:
keys = glob.glob(
'/etc/yunohost/dyndns/K{0}.+*.private'.format(domain))
if len(keys) > 0:
key = keys[0]
if not key:
raise MoulinetteError(errno.EIO,
m18n.n('dyndns_key_not_found'))
host = domain.split('.')[1:]
host = '.'.join(host)
lines = [
'server %s' % dyn_host,
'zone %s' % host,
'update delete %s. A' % domain,
'update delete %s. AAAA' % domain,
'update delete %s. MX' % domain,
'update delete %s. TXT' % domain,
'update delete pubsub.%s. A' % domain,
'update delete pubsub.%s. AAAA' % domain,
'update delete muc.%s. A' % domain,
'update delete muc.%s. AAAA' % domain,
'update delete vjud.%s. A' % domain,
'update delete vjud.%s. AAAA' % domain,
'update delete _xmpp-client._tcp.%s. SRV' % domain,
'update delete _xmpp-server._tcp.%s. SRV' % domain,
'update add %s. 1800 A %s' % (domain, ipv4),
'update add %s. 14400 MX 5 %s.' % (domain, domain),
'update add %s. 14400 TXT "v=spf1 a mx -all"' % domain,
'update add pubsub.%s. 1800 A %s' % (domain, ipv4),
'update add muc.%s. 1800 A %s' % (domain, ipv4),
'update add vjud.%s. 1800 A %s' % (domain, ipv4),
'update add _xmpp-client._tcp.%s. 14400 SRV 0 5 5222 %s.' % (domain, domain),
'update add _xmpp-server._tcp.%s. 14400 SRV 0 5 5269 %s.' % (domain, domain)
]
if ipv6 is not None:
lines += [
'update add %s. 1800 AAAA %s' % (domain, ipv6),
'update add pubsub.%s. 1800 AAAA %s' % (domain, ipv6),
'update add muc.%s. 1800 AAAA %s' % (domain, ipv6),
'update add vjud.%s. 1800 AAAA %s' % (domain, ipv6),
]
lines += [
'show',
'send'
]
with open('/etc/yunohost/dyndns/zone', 'w') as zone:
for line in lines:
zone.write(line + '\n')
if os.system('/usr/bin/nsupdate -k %s /etc/yunohost/dyndns/zone' % key) == 0:
logger.success(m18n.n('dyndns_ip_updated'))
with open('/etc/yunohost/dyndns/old_ip', 'w') as f:
f.write(ipv4)
if ipv6 is not None:
with open('/etc/yunohost/dyndns/old_ipv6', 'w') as f:
f.write(ipv6)
else:
os.system('rm -f /etc/yunohost/dyndns/old_ip')
os.system('rm -f /etc/yunohost/dyndns/old_ipv6')
raise MoulinetteError(errno.EPERM,
m18n.n('dyndns_ip_update_failed'))
if ipv4 is not None:
write_to_file(OLD_IPV4_FILE, ipv4)
if ipv6 is not None:
write_to_file(OLD_IPV6_FILE, ipv6)
def dyndns_installcron():
@ -278,3 +341,32 @@ def dyndns_removecron():
raise MoulinetteError(errno.EIO, m18n.n('dyndns_cron_remove_failed'))
logger.success(m18n.n('dyndns_cron_removed'))
def _guess_current_dyndns_domain(dyn_host):
"""
This function tries to guess which domain should be updated by
"dyndns_update()" because there's not proper management of the current
dyndns domain :/ (and at the moment the code doesn't support having several
dyndns domain, which is sort of a feature so that people don't abuse the
dynette...)
"""
# Retrieve the first registered domain
for path in glob.iglob('/etc/yunohost/dyndns/K*.private'):
match = RE_DYNDNS_PRIVATE_KEY_MD5.match(path)
if not match:
match = RE_DYNDNS_PRIVATE_KEY_SHA512.match(path)
if not match:
continue
_domain = match.group('domain')
# Verify if domain is registered (i.e., if it's available, skip
# current domain beause that's not the one we want to update..)
if _dyndns_available(dyn_host, _domain):
continue
else:
return (_domain, path)
raise MoulinetteError(errno.EINVAL,
m18n.n('dyndns_no_domain_registered'))

74
src/yunohost/firewall.py
View file

@ -33,13 +33,14 @@ except ImportError:
sys.stderr.write('Error: Yunohost CLI Require miniupnpc lib\n')
sys.exit(1)
from moulinette import m18n
from moulinette.core import MoulinetteError
from moulinette.utils import process
from moulinette.utils.log import getActionLogger
from moulinette.utils.text import prependlines
firewall_file = '/etc/yunohost/firewall.yml'
upnp_cron_job = '/etc/cron.d/yunohost-firewall-upnp'
FIREWALL_FILE = '/etc/yunohost/firewall.yml'
UPNP_CRON_JOB = '/etc/cron.d/yunohost-firewall-upnp'
logger = getActionLogger('yunohost.firewall')
@ -67,14 +68,14 @@ def firewall_allow(protocol, port, ipv4_only=False, ipv6_only=False,
# Validate protocols
protocols = ['TCP', 'UDP']
if protocol != 'Both' and protocol in protocols:
protocols = [protocol,]
protocols = [protocol, ]
# Validate IP versions
ipvs = ['ipv4', 'ipv6']
if ipv4_only and not ipv6_only:
ipvs = ['ipv4',]
ipvs = ['ipv4', ]
elif ipv6_only and not ipv4_only:
ipvs = ['ipv6',]
ipvs = ['ipv6', ]
for p in protocols:
# Iterate over IP versions to add port
@ -117,18 +118,18 @@ def firewall_disallow(protocol, port, ipv4_only=False, ipv6_only=False,
# Validate protocols
protocols = ['TCP', 'UDP']
if protocol != 'Both' and protocol in protocols:
protocols = [protocol,]
protocols = [protocol, ]
# Validate IP versions and UPnP
ipvs = ['ipv4', 'ipv6']
upnp = True
if ipv4_only and ipv6_only:
upnp = True # automatically disallow UPnP
upnp = True # automatically disallow UPnP
elif ipv4_only:
ipvs = ['ipv4',]
ipvs = ['ipv4', ]
upnp = upnp_only
elif ipv6_only:
ipvs = ['ipv6',]
ipvs = ['ipv6', ]
upnp = upnp_only
elif upnp_only:
ipvs = []
@ -161,7 +162,7 @@ def firewall_list(raw=False, by_ip_version=False, list_forwarded=False):
list_forwarded -- List forwarded ports with UPnP
"""
with open(firewall_file) as f:
with open(FIREWALL_FILE) as f:
firewall = yaml.load(f)
if raw:
return firewall
@ -178,7 +179,7 @@ def firewall_list(raw=False, by_ip_version=False, list_forwarded=False):
ports = sorted(set(ports['ipv4']) | set(ports['ipv6']))
# Format returned dict
ret = { "opened_ports": ports }
ret = {"opened_ports": ports}
if list_forwarded:
# Combine TCP and UDP forwarded ports
ret['forwarded_ports'] = sorted(
@ -224,8 +225,8 @@ def firewall_reload(skip_upnp=False):
# Iterate over ports and add rule
for protocol in ['TCP', 'UDP']:
for port in firewall['ipv4'][protocol]:
rules.append("iptables -w -A INPUT -p %s --dport %s -j ACCEPT" \
% (protocol, process.quote(str(port))))
rules.append("iptables -w -A INPUT -p %s --dport %s -j ACCEPT"
% (protocol, process.quote(str(port))))
rules += [
"iptables -w -A INPUT -i lo -j ACCEPT",
"iptables -w -A INPUT -p icmp -j ACCEPT",
@ -233,7 +234,7 @@ def firewall_reload(skip_upnp=False):
]
# Execute each rule
if process.check_commands(rules, callback=_on_rule_command_error):
if process.run_commands(rules, callback=_on_rule_command_error):
errors = True
reloaded = True
@ -253,8 +254,8 @@ def firewall_reload(skip_upnp=False):
# Iterate over ports and add rule
for protocol in ['TCP', 'UDP']:
for port in firewall['ipv6'][protocol]:
rules.append("ip6tables -w -A INPUT -p %s --dport %s -j ACCEPT" \
% (protocol, process.quote(str(port))))
rules.append("ip6tables -w -A INPUT -p %s --dport %s -j ACCEPT"
% (protocol, process.quote(str(port))))
rules += [
"ip6tables -w -A INPUT -i lo -j ACCEPT",
"ip6tables -w -A INPUT -p icmpv6 -j ACCEPT",
@ -262,7 +263,7 @@ def firewall_reload(skip_upnp=False):
]
# Execute each rule
if process.check_commands(rules, callback=_on_rule_command_error):
if process.run_commands(rules, callback=_on_rule_command_error):
errors = True
reloaded = True
@ -304,20 +305,21 @@ def firewall_upnp(action='status', no_refresh=False):
# Compatibility with previous version
if action == 'reload':
logger.info("'reload' action is deprecated and will be removed")
logger.debug("'reload' action is deprecated and will be removed")
try:
# Remove old cron job
os.remove('/etc/cron.d/yunohost-firewall')
except: pass
except:
pass
action = 'status'
no_refresh = False
if action == 'status' and no_refresh:
# Only return current state
return { 'enabled': enabled }
return {'enabled': enabled}
elif action == 'enable' or (enabled and action == 'status'):
# Add cron job
with open(upnp_cron_job, 'w+') as f:
with open(UPNP_CRON_JOB, 'w+') as f:
f.write('*/50 * * * * root '
'/usr/bin/yunohost firewall upnp status >>/dev/null\n')
# Open port 1900 to receive discovery message
@ -329,8 +331,9 @@ def firewall_upnp(action='status', no_refresh=False):
elif action == 'disable' or (not enabled and action == 'status'):
try:
# Remove cron job
os.remove(upnp_cron_job)
except: pass
os.remove(UPNP_CRON_JOB)
except:
pass
enabled = False
if action == 'status':
no_refresh = True
@ -354,7 +357,7 @@ def firewall_upnp(action='status', no_refresh=False):
# Select UPnP device
upnpc.selectigd()
except:
logger.info('unable to select UPnP device', exc_info=1)
logger.debug('unable to select UPnP device', exc_info=1)
enabled = False
else:
# Iterate over ports
@ -364,7 +367,8 @@ def firewall_upnp(action='status', no_refresh=False):
if upnpc.getspecificportmapping(port, protocol):
try:
upnpc.deleteportmapping(port, protocol)
except: pass
except:
pass
if not enabled:
continue
try:
@ -372,7 +376,7 @@ def firewall_upnp(action='status', no_refresh=False):
upnpc.addportmapping(port, protocol, upnpc.lanaddr,
port, 'yunohost firewall: port %d' % port, '')
except:
logger.info('unable to add port %d using UPnP',
logger.debug('unable to add port %d using UPnP',
port, exc_info=1)
enabled = False
@ -381,8 +385,8 @@ def firewall_upnp(action='status', no_refresh=False):
firewall['uPnP']['enabled'] = enabled
# Make a backup and update firewall file
os.system("cp {0} {0}.old".format(firewall_file))
with open(firewall_file, 'w') as f:
os.system("cp {0} {0}.old".format(FIREWALL_FILE))
with open(FIREWALL_FILE, 'w') as f:
yaml.safe_dump(firewall, f, default_flow_style=False)
if not no_refresh:
@ -403,7 +407,7 @@ def firewall_upnp(action='status', no_refresh=False):
if action == 'enable' and not enabled:
raise MoulinetteError(errno.ENXIO, m18n.n('upnp_port_open_failed'))
return { 'enabled': enabled }
return {'enabled': enabled}
def firewall_stop():
@ -424,7 +428,7 @@ def firewall_stop():
os.system("ip6tables -F")
os.system("ip6tables -X")
if os.path.exists(upnp_cron_job):
if os.path.exists(UPNP_CRON_JOB):
firewall_upnp('disable')
@ -444,15 +448,17 @@ def _get_ssh_port(default=22):
pass
return default
def _update_firewall_file(rules):
"""Make a backup and write new rules to firewall file"""
os.system("cp {0} {0}.old".format(firewall_file))
with open(firewall_file, 'w') as f:
os.system("cp {0} {0}.old".format(FIREWALL_FILE))
with open(FIREWALL_FILE, 'w') as f:
yaml.safe_dump(rules, f, default_flow_style=False)
def _on_rule_command_error(returncode, cmd, output):
"""Callback for rules commands error"""
# Log error and continue commands execution
logger.info('"%s" returned non-zero exit status %d:\n%s',
cmd, returncode, prependlines(output.rstrip(), '> '))
logger.debug('"%s" returned non-zero exit status %d:\n%s',
cmd, returncode, prependlines(output.rstrip(), '> '))
return True

111
src/yunohost/hook.py
View file

@ -24,18 +24,17 @@
Manage hooks
"""
import os
import sys
import re
import json
import errno
import subprocess
import tempfile
from glob import iglob
from moulinette import m18n
from moulinette.core import MoulinetteError
from moulinette.utils import log
hook_folder = '/usr/share/yunohost/hooks/'
custom_hook_folder = '/etc/yunohost/hooks.d/'
HOOK_FOLDER = '/usr/share/yunohost/hooks/'
CUSTOM_HOOK_FOLDER = '/etc/yunohost/hooks.d/'
logger = log.getActionLogger('yunohost.hook')
@ -52,14 +51,16 @@ def hook_add(app, file):
path, filename = os.path.split(file)
priority, action = _extract_filename_parts(filename)
try: os.listdir(custom_hook_folder + action)
except OSError: os.makedirs(custom_hook_folder + action)
try:
os.listdir(CUSTOM_HOOK_FOLDER + action)
except OSError:
os.makedirs(CUSTOM_HOOK_FOLDER + action)
finalpath = custom_hook_folder + action +'/'+ priority +'-'+ app
finalpath = CUSTOM_HOOK_FOLDER + action + '/' + priority + '-' + app
os.system('cp %s %s' % (file, finalpath))
os.system('chown -hR admin: %s' % hook_folder)
os.system('chown -hR admin: %s' % HOOK_FOLDER)
return { 'hook': finalpath }
return {'hook': finalpath}
def hook_remove(app):
@ -71,11 +72,12 @@ def hook_remove(app):
"""
try:
for action in os.listdir(custom_hook_folder):
for script in os.listdir(custom_hook_folder + action):
for action in os.listdir(CUSTOM_HOOK_FOLDER):
for script in os.listdir(CUSTOM_HOOK_FOLDER + action):
if script.endswith(app):
os.remove(custom_hook_folder + action +'/'+ script)
except OSError: pass
os.remove(CUSTOM_HOOK_FOLDER + action + '/' + script)
except OSError:
pass
def hook_info(action, name):
@ -92,7 +94,7 @@ def hook_info(action, name):
# Search in custom folder first
for h in iglob('{:s}{:s}/*-{:s}'.format(
custom_hook_folder, action, name)):
CUSTOM_HOOK_FOLDER, action, name)):
priority, _ = _extract_filename_parts(os.path.basename(h))
priorities.add(priority)
hooks.append({
@ -101,7 +103,7 @@ def hook_info(action, name):
})
# Append non-overwritten system hooks
for h in iglob('{:s}{:s}/*-{:s}'.format(
hook_folder, action, name)):
HOOK_FOLDER, action, name)):
priority, _ = _extract_filename_parts(os.path.basename(h))
if priority not in priorities:
hooks.append({
@ -136,11 +138,11 @@ def hook_list(action, list_by='name', show_info=False):
def _append_hook(d, priority, name, path):
# Use the priority as key and a dict of hooks names
# with their info as value
value = { 'path': path }
value = {'path': path}
try:
d[priority][name] = value
except KeyError:
d[priority] = { name: value }
d[priority] = {name: value}
else:
def _append_hook(d, priority, name, path):
# Use the priority as key and the name as value
@ -162,11 +164,12 @@ def hook_list(action, list_by='name', show_info=False):
if h['path'] != path:
h['path'] = path
return
l.append({ 'priority': priority, 'path': path })
l.append({'priority': priority, 'path': path})
d[name] = l
else:
if list_by == 'name':
result = set()
def _append_hook(d, priority, name, path):
# Add only the name
d.add(name)
@ -186,25 +189,25 @@ def hook_list(action, list_by='name', show_info=False):
# Append system hooks first
if list_by == 'folder':
result['system'] = dict() if show_info else set()
_append_folder(result['system'], hook_folder)
_append_folder(result['system'], HOOK_FOLDER)
else:
_append_folder(result, hook_folder)
_append_folder(result, HOOK_FOLDER)
except OSError:
logger.debug("system hook folder not found for action '%s' in %s",
action, hook_folder)
action, HOOK_FOLDER)
try:
# Append custom hooks
if list_by == 'folder':
result['custom'] = dict() if show_info else set()
_append_folder(result['custom'], custom_hook_folder)
_append_folder(result['custom'], CUSTOM_HOOK_FOLDER)
else:
_append_folder(result, custom_hook_folder)
_append_folder(result, CUSTOM_HOOK_FOLDER)
except OSError:
logger.debug("custom hook folder not found for action '%s' in %s",
action, custom_hook_folder)
action, CUSTOM_HOOK_FOLDER)
return { 'hooks': result }
return {'hooks': result}
def hook_callback(action, hooks=[], args=None, no_trace=False, chdir=None,
@ -226,7 +229,7 @@ def hook_callback(action, hooks=[], args=None, no_trace=False, chdir=None,
(name, priority, path, succeed) as arguments
"""
result = { 'succeed': {}, 'failed': {} }
result = {'succeed': {}, 'failed': {}}
hooks_dict = {}
# Retrieve hooks
@ -244,7 +247,7 @@ def hook_callback(action, hooks=[], args=None, no_trace=False, chdir=None,
for n in hooks:
for key in hooks_names.keys():
if key == n or key.startswith("%s_" % n) \
and key not in all_hooks:
and key not in all_hooks:
all_hooks.append(key)
# Iterate over given hooks names list
@ -258,7 +261,7 @@ def hook_callback(action, hooks=[], args=None, no_trace=False, chdir=None,
for h in hl:
# Update hooks dict
d = hooks_dict.get(h['priority'], dict())
d.update({ n: { 'path': h['path'] }})
d.update({n: {'path': h['path']}})
hooks_dict[h['priority']] = d
if not hooks_dict:
return result
@ -278,7 +281,7 @@ def hook_callback(action, hooks=[], args=None, no_trace=False, chdir=None,
hook_args = pre_callback(name=name, priority=priority,
path=path, args=args)
hook_exec(path, args=hook_args, chdir=chdir, env=env,
no_trace=no_trace, raise_on_error=True)
no_trace=no_trace, raise_on_error=True, user="root")
except MoulinetteError as e:
state = 'failed'
logger.error(e.strerror, exc_info=1)
@ -295,7 +298,8 @@ def hook_callback(action, hooks=[], args=None, no_trace=False, chdir=None,
def hook_exec(path, args=None, raise_on_error=False, no_trace=False,
chdir=None, env=None):
chdir=None, env=None, user="admin", stdout_callback=None,
stderr_callback=None):
"""
Execute hook from a file with arguments
@ -306,10 +310,10 @@ def hook_exec(path, args=None, raise_on_error=False, no_trace=False,
no_trace -- Do not print each command that will be executed
chdir -- The directory from where the script will be executed
env -- Dictionnary of environment variables to export
user -- User with which to run the command
"""
from moulinette.utils.process import call_async_output
from yunohost.app import _value_for_locale
# Validate hook path
if path[0] != '/':
@ -329,32 +333,52 @@ def hook_exec(path, args=None, raise_on_error=False, no_trace=False,
else:
cmd_script = path
# Add Execution dir to environment var
if env is None:
env = {}
env['YNH_CWD'] = chdir
stdinfo = os.path.join(tempfile.mkdtemp(), "stdinfo")
env['YNH_STDINFO'] = stdinfo
# Construct command to execute
command = ['sudo', '-n', '-u', 'admin', '-H', 'sh', '-c']
if user == "root":
command = ['sh', '-c']
else:
command = ['sudo', '-n', '-u', user, '-H', 'sh', '-c']
if no_trace:
cmd = '/bin/bash "{script}" {args}'
else:
# use xtrace on fd 7 which is redirected to stdout
cmd = 'BASH_XTRACEFD=7 /bin/bash -x "{script}" {args} 7>&1'
if env:
# prepend environment variables
cmd = '{0} {1}'.format(
' '.join(['{0}={1}'.format(k, shell_quote(v)) \
for k, v in env.items()]), cmd)
# prepend environment variables
cmd = '{0} {1}'.format(
' '.join(['{0}={1}'.format(k, shell_quote(v))
for k, v in env.items()]), cmd)
command.append(cmd.format(script=cmd_script, args=cmd_args))
if logger.isEnabledFor(log.DEBUG):
logger.info(m18n.n('executing_command', command=' '.join(command)))
logger.debug(m18n.n('executing_command', command=' '.join(command)))
else:
logger.info(m18n.n('executing_script', script=path))
logger.debug(m18n.n('executing_script', script=path))
# Define output callbacks and call command
callbacks = (
lambda l: logger.info(l.rstrip()),
lambda l: logger.warning(l.rstrip()),
stdout_callback if stdout_callback else lambda l: logger.debug(l.rstrip()),
stderr_callback if stderr_callback else lambda l: logger.warning(l.rstrip()),
)
if stdinfo:
callbacks = ( callbacks[0], callbacks[1],
lambda l: logger.info(l.rstrip()))
logger.debug("About to run the command '%s'" % command)
returncode = call_async_output(
command, callbacks, shell=False, cwd=chdir
command, callbacks, shell=False, cwd=chdir,
stdinfo=stdinfo
)
# Check and return process' return code
@ -385,6 +409,7 @@ def _extract_filename_parts(filename):
_find_unsafe = re.compile(r'[^\w@%+=:,./-]', re.UNICODE).search
def shell_quote(s):
"""Return a shell-escaped version of the string *s*."""
s = str(s)

462
src/yunohost/log.py Normal file
View file

@ -0,0 +1,462 @@
# -*- coding: utf-8 -*-
""" License
Copyright (C) 2018 YunoHost
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program; if not, see http://www.gnu.org/licenses
"""
""" yunohost_log.py
Manage debug logs
"""
import os
import yaml
import errno
import collections
from datetime import datetime
from logging import FileHandler, getLogger, Formatter
from sys import exc_info
from moulinette import m18n, msettings
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger
from moulinette.utils.filesystem import read_file
CATEGORIES_PATH = '/var/log/yunohost/categories/'
OPERATIONS_PATH = '/var/log/yunohost/categories/operation/'
CATEGORIES = ['operation', 'history', 'package', 'system', 'access', 'service',
'app']
METADATA_FILE_EXT = '.yml'
LOG_FILE_EXT = '.log'
RELATED_CATEGORIES = ['app', 'domain', 'service', 'user']
logger = getActionLogger('yunohost.log')
def log_list(category=[], limit=None):
"""
List available logs
Keyword argument:
limit -- Maximum number of logs
"""
categories = category
is_api = msettings.get('interface') == 'api'
# In cli we just display `operation` logs by default
if not categories:
categories = ["operation"] if not is_api else CATEGORIES
result = collections.OrderedDict()
for category in categories:
result[category] = []
category_path = os.path.join(CATEGORIES_PATH, category)
if not os.path.exists(category_path):
logger.debug(m18n.n('log_category_404', category=category))
continue
logs = filter(lambda x: x.endswith(METADATA_FILE_EXT),
os.listdir(category_path))
logs = reversed(sorted(logs))
if limit is not None:
logs = logs[:limit]
for log in logs:
base_filename = log[:-len(METADATA_FILE_EXT)]
md_filename = log
md_path = os.path.join(category_path, md_filename)
log = base_filename.split("-")
entry = {
"name": base_filename,
"path": md_path,
}
entry["description"] = _get_description_from_name(base_filename)
try:
log_datetime = datetime.strptime(" ".join(log[:2]),
"%Y%m%d %H%M%S")
except ValueError:
pass
else:
entry["started_at"] = log_datetime
result[category].append(entry)
# Reverse the order of log when in cli, more comfortable to read (avoid
# unecessary scrolling)
if not is_api:
for category in result:
result[category] = list(reversed(result[category]))
return result
def log_display(path, number=50, share=False):
"""
Display a log file enriched with metadata if any.
If the file_name is not an absolute path, it will try to search the file in
the unit operations log path (see OPERATIONS_PATH).
Argument:
file_name
number
share
"""
# Normalize log/metadata paths and filenames
abs_path = path
log_path = None
if not path.startswith('/'):
for category in CATEGORIES:
abs_path = os.path.join(CATEGORIES_PATH, category, path)
if os.path.exists(abs_path) or os.path.exists(abs_path + METADATA_FILE_EXT):
break
if os.path.exists(abs_path) and not path.endswith(METADATA_FILE_EXT):
log_path = abs_path
if abs_path.endswith(METADATA_FILE_EXT) or abs_path.endswith(LOG_FILE_EXT):
base_path = ''.join(os.path.splitext(abs_path)[:-1])
else:
base_path = abs_path
base_filename = os.path.basename(base_path)
md_path = base_path + METADATA_FILE_EXT
if log_path is None:
log_path = base_path + LOG_FILE_EXT
if not os.path.exists(md_path) and not os.path.exists(log_path):
raise MoulinetteError(errno.EINVAL,
m18n.n('log_does_exists', log=path))
infos = {}
# If it's a unit operation, display the name and the description
if base_path.startswith(CATEGORIES_PATH):
infos["description"] = _get_description_from_name(base_filename)
infos['name'] = base_filename
if share:
from yunohost.utils.yunopaste import yunopaste
content = ""
if os.path.exists(md_path):
content += read_file(md_path)
content += "\n============\n\n"
if os.path.exists(log_path):
content += read_file(log_path)
url = yunopaste(content)
logger.info(m18n.n("log_available_on_yunopaste", url=url))
if msettings.get('interface') == 'api':
return {"url": url}
else:
return
# Display metadata if exist
if os.path.exists(md_path):
with open(md_path, "r") as md_file:
try:
metadata = yaml.safe_load(md_file)
infos['metadata_path'] = md_path
infos['metadata'] = metadata
if 'log_path' in metadata:
log_path = metadata['log_path']
except yaml.YAMLError:
error = m18n.n('log_corrupted_md_file', file=md_path)
if os.path.exists(log_path):
logger.warning(error)
else:
raise MoulinetteError(errno.EINVAL, error)
# Display logs if exist
if os.path.exists(log_path):
from yunohost.service import _tail
logs = _tail(log_path, int(number))
infos['log_path'] = log_path
infos['logs'] = logs
return infos
def is_unit_operation(entities=['app', 'domain', 'service', 'user'],
exclude=['auth', 'password'], operation_key=None):
"""
Configure quickly a unit operation
This decorator help you to configure the record of a unit operations.
Argument:
entities A list of entity types related to the unit operation. The entity
type is searched inside argument's names of the decorated function. If
something match, the argument value is added as related entity. If the
argument name is different you can specify it with a tuple
(argname, entity_type) instead of just put the entity type.
exclude Remove some arguments from the context. By default, arguments
called 'password' and 'auth' are removed. If an argument is an object, you
need to exclude it or create manually the unit operation without this
decorator.
operation_key A key to describe the unit operation log used to create the
filename and search a translation. Please ensure that this key prefixed by
'log_' is present in locales/en.json otherwise it won't be translatable.
"""
def decorate(func):
def func_wrapper(*args, **kwargs):
op_key = operation_key
if op_key is None:
op_key = func.__name__
# If the function is called directly from an other part of the code
# and not by the moulinette framework, we need to complete kwargs
# dictionnary with the args list.
# Indeed, we use convention naming in this decorator and we need to
# know name of each args (so we need to use kwargs instead of args)
if len(args) > 0:
from inspect import getargspec
keys = getargspec(func).args
if 'operation_logger' in keys:
keys.remove('operation_logger')
for k, arg in enumerate(args):
kwargs[keys[k]] = arg
args = ()
# Search related entity in arguments of the decorated function
related_to = []
for entity in entities:
if isinstance(entity, tuple):
entity_type = entity[1]
entity = entity[0]
else:
entity_type = entity
if entity in kwargs and kwargs[entity] is not None:
if isinstance(kwargs[entity], basestring):
related_to.append((entity_type, kwargs[entity]))
else:
for x in kwargs[entity]:
related_to.append((entity_type, x))
context = kwargs.copy()
# Exclude unappropriate data from the context
for field in exclude:
if field in context:
context.pop(field, None)
operation_logger = OperationLogger(op_key, related_to, args=context)
try:
# Start the actual function, and give the unit operation
# in argument to let the developper start the record itself
args = (operation_logger,) + args
result = func(*args, **kwargs)
except Exception as e:
operation_logger.error(e)
raise
else:
operation_logger.success()
return result
return func_wrapper
return decorate
class OperationLogger(object):
"""
Instances of this class represents unit operation done on the ynh instance.
Each time an action of the yunohost cli/api change the system, one or
several unit operations should be registered.
This class record logs and metadata like context or start time/end time.
"""
def __init__(self, operation, related_to=None, **kwargs):
# TODO add a way to not save password on app installation
self.operation = operation
self.related_to = related_to
self.extra = kwargs
self.started_at = None
self.ended_at = None
self.logger = None
self._name = None
self.path = OPERATIONS_PATH
if not os.path.exists(self.path):
os.makedirs(self.path)
def start(self):
"""
Start to record logs that change the system
Until this start method is run, no unit operation will be registered.
"""
if self.started_at is None:
self.started_at = datetime.now()
self.flush()
self._register_log()
def _register_log(self):
"""
Register log with a handler connected on log system
"""
# TODO add a way to not save password on app installation
filename = os.path.join(self.path, self.name + LOG_FILE_EXT)
self.file_handler = FileHandler(filename)
self.file_handler.formatter = Formatter('%(asctime)s: %(levelname)s - %(message)s')
# Listen to the root logger
self.logger = getLogger('yunohost')
self.logger.addHandler(self.file_handler)
def flush(self):
"""
Write or rewrite the metadata file with all metadata known
"""
filename = os.path.join(self.path, self.name + METADATA_FILE_EXT)
with open(filename, 'w') as outfile:
yaml.safe_dump(self.metadata, outfile, default_flow_style=False)
@property
def name(self):
"""
Name of the operation
This name is used as filename, so don't use space
"""
if self._name is not None:
return self._name
name = [self.started_at.strftime("%Y%m%d-%H%M%S")]
name += [self.operation]
if hasattr(self, "name_parameter_override"):
# This is for special cases where the operation is not really
# unitary. For instance, the regen conf cannot be logged "per
# service" because of the way it's built
name.append(self.name_parameter_override)
elif self.related_to:
# We use the name of the first related thing
name.append(self.related_to[0][1])
self._name = '-'.join(name)
return self._name
@property
def metadata(self):
"""
Dictionnary of all metadata collected
"""
data = {
'started_at': self.started_at,
'operation': self.operation,
}
if self.related_to is not None:
data['related_to'] = self.related_to
if self.ended_at is not None:
data['ended_at'] = self.ended_at
data['success'] = self._success
if self.error is not None:
data['error'] = self._error
# TODO: detect if 'extra' erase some key of 'data'
data.update(self.extra)
return data
def success(self):
"""
Declare the success end of the unit operation
"""
self.close()
def error(self, error):
"""
Declare the failure of the unit operation
"""
return self.close(error)
def close(self, error=None):
"""
Close properly the unit operation
"""
if self.ended_at is not None or self.started_at is None:
return
if error is not None and not isinstance(error, basestring):
error = str(error)
self.ended_at = datetime.now()
self._error = error
self._success = error is None
if self.logger is not None:
self.logger.removeHandler(self.file_handler)
is_api = msettings.get('interface') == 'api'
desc = _get_description_from_name(self.name)
if error is None:
if is_api:
msg = m18n.n('log_link_to_log', name=self.name, desc=desc)
else:
msg = m18n.n('log_help_to_get_log', name=self.name, desc=desc)
logger.debug(msg)
else:
if is_api:
msg = "<strong>" + m18n.n('log_link_to_failed_log',
name=self.name, desc=desc) + "</strong>"
else:
msg = m18n.n('log_help_to_get_failed_log', name=self.name,
desc=desc)
logger.info(msg)
self.flush()
return msg
def __del__(self):
"""
Try to close the unit operation, if it's missing.
The missing of the message below could help to see an electrical
shortage.
"""
self.error(m18n.n('log_operation_unit_unclosed_properly'))
def _get_description_from_name(name):
"""
Return the translated description from the filename
"""
parts = name.split("-", 3)
try:
try:
datetime.strptime(" ".join(parts[:2]), "%Y%m%d %H%M%S")
except ValueError:
key = "log_" + parts[0]
args = parts[1:]
else:
key = "log_" + parts[2]
args = parts[3:]
return m18n.n(key, *args)
except IndexError:
return name

66
src/yunohost/monitor.py
View file

@ -35,18 +35,20 @@ import errno
import os
import dns.resolver
import cPickle as pickle
from datetime import datetime, timedelta
from datetime import datetime
from moulinette import m18n
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger
from yunohost.domain import get_public_ip
from yunohost.utils.network import get_public_ip
from yunohost.domain import _get_maindomain
logger = getActionLogger('yunohost.monitor')
glances_uri = 'http://127.0.0.1:61209'
stats_path = '/var/lib/yunohost/stats'
crontab_path = '/etc/cron.d/yunohost-monitor'
GLANCES_URI = 'http://127.0.0.1:61209'
STATS_PATH = '/var/lib/yunohost/stats'
CRONTAB_PATH = '/etc/cron.d/yunohost-monitor'
def monitor_disk(units=None, mountpoint=None, human_readable=False):
@ -87,13 +89,13 @@ def monitor_disk(units=None, mountpoint=None, human_readable=False):
# Retrieve monitoring for unit(s)
for u in units:
if u == 'io':
## Define setter
# Define setter
if len(units) > 1:
def _set(dn, dvalue):
try:
result[dn][u] = dvalue
except KeyError:
result[dn] = { u: dvalue }
result[dn] = {u: dvalue}
else:
def _set(dn, dvalue):
result[dn] = dvalue
@ -111,13 +113,13 @@ def monitor_disk(units=None, mountpoint=None, human_readable=False):
for dname in devices_names:
_set(dname, 'not-available')
elif u == 'filesystem':
## Define setter
# Define setter
if len(units) > 1:
def _set(dn, dvalue):
try:
result[dn][u] = dvalue
except KeyError:
result[dn] = { u: dvalue }
result[dn] = {u: dvalue}
else:
def _set(dn, dvalue):
result[dn] = dvalue
@ -162,6 +164,7 @@ def monitor_network(units=None, human_readable=False):
units = ['check', 'usage', 'infos']
# Get network devices and their addresses
# TODO / FIXME : use functions in utils/network.py to manage this
devices = {}
output = subprocess.check_output('ip addr show'.split())
for d in re.split('^(?:[0-9]+: )', output, flags=re.MULTILINE):
@ -174,8 +177,7 @@ def monitor_network(units=None, human_readable=False):
for u in units:
if u == 'check':
result[u] = {}
with open('/etc/yunohost/current_host', 'r') as f:
domain = f.readline().rstrip()
domain = _get_maindomain()
cmd_check_smtp = os.system('/bin/nc -z -w1 yunohost.org 25')
if cmd_check_smtp == 0:
smtp_check = m18n.n('network_check_smtp_ok')
@ -183,11 +185,11 @@ def monitor_network(units=None, human_readable=False):
smtp_check = m18n.n('network_check_smtp_ko')
try:
answers = dns.resolver.query(domain,'MX')
answers = dns.resolver.query(domain, 'MX')
mx_check = {}
i = 0
for server in answers:
mx_id = 'mx%s' %i
mx_id = 'mx%s' % i
mx_check[mx_id] = server
i = i + 1
except:
@ -210,11 +212,9 @@ def monitor_network(units=None, human_readable=False):
else:
logger.debug('interface name %s was not found', iname)
elif u == 'infos':
try:
p_ipv4 = get_public_ip()
except:
p_ipv4 = 'unknown'
p_ipv4 = get_public_ip() or 'unknown'
# TODO / FIXME : use functions in utils/network.py to manage this
l_ip = 'unknown'
for name, addrs in devices.items():
if name == 'lo':
@ -307,7 +307,7 @@ def monitor_update_stats(period):
stats = _retrieve_stats(period)
if not stats:
stats = { 'disk': {}, 'network': {}, 'system': {}, 'timestamp': [] }
stats = {'disk': {}, 'network': {}, 'system': {}, 'timestamp': []}
monitor = None
# Get monitoring stats
@ -357,7 +357,7 @@ def monitor_update_stats(period):
if 'usage' in stats['network'] and iname in stats['network']['usage']:
curr = stats['network']['usage'][iname]
net_usage[iname] = _append_to_stats(curr, values, 'time_since_update')
stats['network'] = { 'usage': net_usage, 'infos': monitor['network']['infos'] }
stats['network'] = {'usage': net_usage, 'infos': monitor['network']['infos']}
# Append system stats
for unit, values in monitor['system'].items():
@ -421,8 +421,8 @@ def monitor_enable(with_stats=False):
rules = ('*/5 * * * * root {cmd} day >> /dev/null\n'
'3 * * * * root {cmd} week >> /dev/null\n'
'6 */4 * * * root {cmd} month >> /dev/null').format(
cmd='/usr/bin/yunohost --quiet monitor update-stats')
with open(crontab_path, 'w') as f:
cmd='/usr/bin/yunohost --quiet monitor update-stats')
with open(CRONTAB_PATH, 'w') as f:
f.write(rules)
logger.success(m18n.n('monitor_enabled'))
@ -447,7 +447,7 @@ def monitor_disable():
# Remove crontab
try:
os.remove(crontab_path)
os.remove(CRONTAB_PATH)
except:
pass
@ -460,7 +460,7 @@ def _get_glances_api():
"""
try:
p = xmlrpclib.ServerProxy(glances_uri)
p = xmlrpclib.ServerProxy(GLANCES_URI)
p.system.methodHelp('getAll')
except (xmlrpclib.ProtocolError, IOError):
pass
@ -530,7 +530,7 @@ def binary_to_human(n, customary=False):
symbols = ('K', 'M', 'G', 'T', 'P', 'E', 'Z', 'Y')
prefix = {}
for i, s in enumerate(symbols):
prefix[s] = 1 << (i+1)*10
prefix[s] = 1 << (i + 1) * 10
for s in reversed(symbols):
if n >= prefix[s]:
value = float(n) / prefix[s]
@ -552,9 +552,9 @@ def _retrieve_stats(period, date=None):
# Retrieve pickle file
if date is not None:
timestamp = calendar.timegm(date)
pkl_file = '%s/%d_%s.pkl' % (stats_path, timestamp, period)
pkl_file = '%s/%d_%s.pkl' % (STATS_PATH, timestamp, period)
else:
pkl_file = '%s/%s.pkl' % (stats_path, period)
pkl_file = '%s/%s.pkl' % (STATS_PATH, period)
if not os.path.isfile(pkl_file):
return False
@ -581,16 +581,16 @@ def _save_stats(stats, period, date=None):
# Set pickle file name
if date is not None:
timestamp = calendar.timegm(date)
pkl_file = '%s/%d_%s.pkl' % (stats_path, timestamp, period)
pkl_file = '%s/%d_%s.pkl' % (STATS_PATH, timestamp, period)
else:
pkl_file = '%s/%s.pkl' % (stats_path, period)
if not os.path.isdir(stats_path):
os.makedirs(stats_path)
pkl_file = '%s/%s.pkl' % (STATS_PATH, period)
if not os.path.isdir(STATS_PATH):
os.makedirs(STATS_PATH)
# Limit stats
if date is None:
t = stats['timestamp']
limit = { 'day': 86400, 'week': 604800, 'month': 2419200 }
limit = {'day': 86400, 'week': 604800, 'month': 2419200}
if (t[len(t) - 1] - t[0]) > limit[period]:
begin = t[len(t) - 1] - limit[period]
stats = _filter_stats(stats, begin)
@ -612,7 +612,7 @@ def _monitor_all(period=None, since=None):
since -- Timestamp of the stats beginning
"""
result = { 'disk': {}, 'network': {}, 'system': {} }
result = {'disk': {}, 'network': {}, 'system': {}}
# Real-time stats
if period == 'day' and since is None:
@ -697,7 +697,7 @@ def _calculate_stats_mean(stats):
s[k] = _mean(v, t, ts)
elif isinstance(v, list):
try:
nums = [ float(x * t[i]) for i, x in enumerate(v) ]
nums = [float(x * t[i]) for i, x in enumerate(v)]
except:
pass
else:

Some files were not shown because too many files have changed in this diff Show more