Merge pull request #1063 from YunoHost/folder-init-in-regenconf

Initialize folders during .deb install instead of regen conf
2024-09-03 20:06:10 +02:00 · 2021-01-31 16:19:22 +01:00 · 2021-01-31 16:19:22 +01:00 · f73c642795
commit f73c642795
parent 68e24c986a 3c0649f1e3
2 changed files with 28 additions and 30 deletions
--- a/data/hooks/conf_regen/01-yunohost
+++ b/data/hooks/conf_regen/01-yunohost
@ -27,6 +27,29 @@ do_init_regen() {
  # allow users to access /media directory
  [[ -d /etc/skel/media ]] \
    || (mkdir -p /media && ln -s /media /etc/skel/media)
+
+  # Cert folders
+  mkdir -p /etc/yunohost/certs
+  chown -R root:ssl-cert /etc/yunohost/certs
+  chmod 750 /etc/yunohost/certs
+
+  # App folders
+  mkdir -p /etc/yunohost/apps
+  chmod 700 /etc/yunohost/apps
+  mkdir -p /home/yunohost.app
+  chmod 755 /home/yunohost.app
+
+  # Backup folders
+  mkdir -p /home/yunohost.backup/archives
+  chmod 750 /home/yunohost.backup/archives
+  chown root:root /home/yunohost.backup/archives # This is later changed to admin:root once admin user exists
+
+  # Empty ssowat json persistent conf
+  echo "{}" > '/etc/ssowat/conf.json.persistent'
+  chmod 644 /etc/ssowat/conf.json.persistent
+  chown root:root /etc/ssowat/conf.json.persistent
+
+  mkdir -p /var/cache/yunohost/repo
 }

 do_pre_regen() {
@ -67,7 +90,7 @@ EOF
  # (this make sure that the hash is null / file is flagged as to-delete)
  mkdir -p $pending_dir/etc/etckeeper
  touch $pending_dir/etc/etckeeper/etckeeper.conf
-  
+
  # Skip ntp if inside a container (inspired from the conf of systemd-timesyncd)
  mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/
  echo "
@ -75,7 +98,7 @@ EOF
 ConditionCapability=CAP_SYS_TIME
 ConditionVirtualization=!container
 " > ${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf
-  
+
  # Make nftable conflict with yunohost-firewall
  mkdir -p ${pending_dir}/etc/systemd/system/nftables.service.d/
  cat > ${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf << EOF
@ -94,6 +117,8 @@ do_post_regen() {
  # Enfore permissions #
  ######################

+  chown admin:root /home/yunohost.backup/archives
+
  # Certs
  # We do this with find because there could be a lot of them...
  chown -R root:ssl-cert /etc/yunohost/certs
--- a/src/yunohost/tools.py
+++ b/src/yunohost/tools.py
@ -33,7 +33,7 @@ from importlib import import_module
 from moulinette import msignals, m18n
 from moulinette.utils.log import getActionLogger
 from moulinette.utils.process import check_output, call_async_output
-from moulinette.utils.filesystem import write_to_json, read_yaml, write_to_yaml
+from moulinette.utils.filesystem import read_yaml, write_to_yaml

 from yunohost.app import _update_apps_catalog, app_info, app_upgrade, _initialize_apps_catalog_system
 from yunohost.domain import domain_add
@ -306,27 +306,6 @@ def tools_postinstall(operation_logger, domain, password, ignore_dyndns=False,
    # TODO: Improve this part by integrate ldapinit into conf_regen hook
    tools_ldapinit()

-    # Create required folders
-    folders_to_create = [
-        '/etc/yunohost/apps',
-        '/etc/yunohost/certs',
-        '/var/cache/yunohost/repo',
-        '/home/yunohost.backup',
-        '/home/yunohost.app'
-    ]
-
-    for folder in [x for x in folders_to_create if not os.path.exists(x)]:
-        os.makedirs(folder)
-
-    # Change folders permissions
-    os.system('chmod 755 /home/yunohost.app')
-
-    # Init ssowat's conf.json.persistent
-    if not os.path.exists('/etc/ssowat/conf.json.persistent'):
-        write_to_json('/etc/ssowat/conf.json.persistent', {})
-
-    os.system('chmod 644 /etc/ssowat/conf.json.persistent')
-
    # New domain config
    domain_add(domain, dyndns)
    domain_main_domain(domain)
@ -348,12 +327,6 @@ def tools_postinstall(operation_logger, domain, password, ignore_dyndns=False,
    except Exception as e:
        logger.warning(str(e))

-    # Create the archive directory (makes it easier for people to upload backup
-    # archives, otherwise it's only created after running `yunohost backup
-    # create` once.
-    from yunohost.backup import _create_archive_dir
-    _create_archive_dir()
-
    # Init migrations (skip them, no need to run them on a fresh system)
    _skip_all_migrations()