diff options
| -rw-r--r-- | README.md | 100 | ||||
| -rw-r--r-- | README_fr.md | 96 | ||||
| -rw-r--r-- | check_process | 15 | ||||
| -rw-r--r-- | conf/.env.production.sample | 232 | ||||
| -rw-r--r-- | conf/app-mastodon.src | 6 | ||||
| -rw-r--r-- | conf/app-rbenv.src | 6 | ||||
| -rw-r--r-- | conf/app-ruby-build.src | 6 | ||||
| -rw-r--r-- | conf/app.src | 6 | ||||
| -rw-r--r-- | conf/cron | 2 | ||||
| -rw-r--r-- | conf/mastodon-sidekiq.service | 5 | ||||
| -rw-r--r-- | conf/mastodon-streaming.service | 6 | ||||
| -rw-r--r-- | conf/mastodon-web.service | 5 | ||||
| -rw-r--r-- | conf/nginx.conf | 53 | ||||
| -rw-r--r-- | manifest.json | 29 | ||||
| -rw-r--r-- | scripts/_common.sh | 223 | ||||
| -rw-r--r-- | scripts/_future.sh | 127 | ||||
| -rw-r--r-- | scripts/backup | 61 | ||||
| -rw-r--r-- | scripts/change_url | 133 | ||||
| -rw-r--r-- | scripts/install | 335 | ||||
| -rw-r--r-- | scripts/remove | 102 | ||||
| -rw-r--r-- | scripts/restore | 121 | ||||
| -rw-r--r-- | scripts/upgrade | 315 | ||||
| -rw-r--r-- | scripts/ynh_add_secure_repos__3 | 294 | ||||
| -rw-r--r-- | scripts/ynh_install_ruby | 140 | ||||
| -rw-r--r-- | scripts/ynh_systemd_action | 89 |
25 files changed, 1713 insertions, 794 deletions
@@ -1,72 +1,30 @@ # Mastodon for YunoHost -[](https://github.com/YunoHost-Apps/mastodon_ynh/releases) -[](https://github.com/YunoHost-Apps/mastodon_ynh/milestones) -[](https://github.com/YunoHost-Apps/mastodon_ynh#dependencies) -[](https://raw.githubusercontent.com/YunoHost-Apps/mastodon_ynh/master/LICENSE) -[](https://github.com/YunoHost/yunohost) -[](https://github.com/YunoHost-Apps/mastodon_ynh/issues) +[](https://dash.yunohost.org/appci/app/mastodon) +[](https://install-app.yunohost.org/?app=mastodon) -[](https://install-app.yunohost.org/?app=mastodon) +*[Lire ce readme en français.](./README_fr.md)* -:warning: MAJ 05/06/17 :Cette application peut maintenant fonctionner sur ARM, mais l'installation prend plusieurs heures et il faut ajouter un swapfile de 1Go. - -:warning: Cette application utilise les packages backports de Debian, nous vous recommendons de ne pas installer cette application directement en production +> *This package allow you to install mastodon quickly and simply on a YunoHost server. +If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* :warning: UPDATE 05/06/17 :This app can work now on ARM, but installation takes several hours and you must add a swapfile of 1GB. :warning: This application uses the Debian backports packages, do not install this application directly in production -## Mastodon c'est quoi ? - -Mastodon est un réseau social gratuit et open source. Une alternative décentralisée aux plates-formes commerciales, elle évite les risques d'une seule société qui monopolise votre communication. Choisissez un serveur sur lequel vous faites confiance - selon votre choix, vous pouvez interagir avec tous les autres. N'importe qui peut exécuter sa propre instance de Mastodon et participer au réseau social de façon transparente. - -[Source code](https://github.com/tootsuite/mastodon) - -#### Ajout d'un "swapfile" si vous avez moins de 2Go de RAM -``` -sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000 -sudo chmod 600 /swapfile -sudo mkswap /swapfile -sudo swapon /swapfile -``` -ajouter cette ligne dans /etc/fstab -``` -/swapfile none swap sw 0 0 -``` - -### Installation - -#### Utilisation de __screen__ en cas de déconnection -``` -$ sudo apt-get install screen -$ screen -$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git -``` -Récuperer l'installation après une deconnection: -``` -$ screen -d -$ screen -r -``` -L'utilisateur admin est crée automatiquement comme: user@domain.tld - -### Mise à jour -#### Utilisation de __screen__ fortement recommandé - -`$ sudo yunohost app upgrade --verbose mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh.git` - -## Recommandations - -Vous ne pouvez pas installer Mastodon en subdirectory, vous devez obligatoirement utiliser un domaine ou un sous-domaine pour cette application. +## Overview +Mastodon is a free, open-source social network. A decentralized alternative to commercial platforms, it avoids the risks of a single company monopolizing your communication. Pick a server that you trust — whichever you choose, you can interact with everyone else. Anyone can run their own Mastodon instance and participate in the social network seamlessly. -Il semble important de fermer les inscriptions pour votre Mastodon, pour que ça reste une instance privé. Nous vous invitons à bloquer les instances distantes malfaisantes depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration. +**Shipped version:** 2.7.4 -## What is Mastodon? +## Screenshots -Mastodon is a free, open-source social network. A decentralized alternative to commercial platforms, it avoids the risks of a single company monopolizing your communication. Pick a server that you trust — whichever you choose, you can interact with everyone else. Anyone can run their own Mastodon instance and participate in the social network seamlessly. + [Source code](https://github.com/tootsuite/mastodon) +## Configuration + #### Adding "swapfile" If you have less than 2Go of RAM ``` sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000 @@ -103,3 +61,37 @@ The admin user is automatically created as: user@domain.tld You can't install Mastodon in subdirectory, you must use a domain or subdomain for this application. It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page. + +## Documentation + + * Official documentation: https://docs.joinmastodon.org/ + +## YunoHost specific features + +#### Supported architectures + +* x86-64b - [](https://ci-apps.yunohost.org/ci/apps/mastodon/) +* ARMv8-A - [](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/) +* Jessie x86-64b - [](https://ci-stretch.nohost.me/ci/apps/mastodon/) + +## Links + + * Report a bug: https://github.com/YunoHost-Apps/mastodon_ynh/issues + * App website: https://joinmastodon.org/ + * Github App website: https://github.com/tootsuite/mastodon + * YunoHost website: https://yunohost.org/ + +--- + +Developers info +---------------- + +**Only if you want to use a testing branch for coding, instead of merging directly into master.** +Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing). + +To try the testing branch, please proceed like that. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug +or +sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug +``` diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..6ee9aba --- /dev/null +++ b/README_fr.md @@ -0,0 +1,96 @@ +# Mastodon pour YunoHost + +[](https://dash.yunohost.org/appci/app/mastodon) +[](https://install-app.yunohost.org/?app=mastodon) + +*[Read this readme in english.](./README.md)* + +> *Ce package vous permet d'installer mastodon rapidement et simplement sur un serveur Yunohost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +:warning: MAJ 05/06/17 :Cette application peut maintenant fonctionner sur ARM, mais l'installation prend plusieurs heures et il faut ajouter un swapfile de 1Go. + +:warning: Cette application utilise les packages backports de Debian, nous vous recommendons de ne pas installer cette application directement en production + +## Vue d'ensemble +Mastodon est un réseau social gratuit et open source. Une alternative décentralisée aux plates-formes commerciales, elle évite les risques d'une seule société qui monopolise votre communication. Choisissez un serveur sur lequel vous faites confiance - selon votre choix, vous pouvez interagir avec tous les autres. N'importe qui peut exécuter sa propre instance de Mastodon et participer au réseau social de façon transparente. + +**Version incluse:** 2.7.4 + +## Captures d'écran + + + +## Configuration + +#### Ajout d'un "swapfile" si vous avez moins de 2Go de RAM +``` +sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000 +sudo chmod 600 /swapfile +sudo mkswap /swapfile +sudo swapon /swapfile +``` +ajouter cette ligne dans /etc/fstab +``` +/swapfile none swap sw 0 0 +``` + +### Installation + +#### Utilisation de __screen__ en cas de déconnection +``` +$ sudo apt-get install screen +$ screen +$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git +``` +Récuperer l'installation après une deconnection: +``` +$ screen -d +$ screen -r +``` +L'utilisateur admin est crée automatiquement comme: user@domain.tld + +### Mise àjour +#### Utilisation de __screen__ fortement recommandé + +`$ sudo yunohost app upgrade --verbose mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh.git` + +## Recommandations + +Vous ne pouvez pas installer Mastodon en subdirectory, vous devez obligatoirement utiliser un domaine ou un sous-domaine pour cette application. + +Il semble important de fermer les inscriptions pour votre Mastodon, pour que ça reste une instance privé. Nous vous invitons àbloquer les instances distantes malfaisantes depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration. + +## Documentation + + * Documentation officielle: https://docs.joinmastodon.org/ + +## Caractéristiques spécifiques YunoHost + +#### Supported architectures + +* x86-64b - [](https://ci-apps.yunohost.org/ci/apps/mastodon/) +* ARMv8-A - [](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/) +* Jessie x86-64b - [](https://ci-stretch.nohost.me/ci/apps/mastodon/) + +## Links + + * Signaler un bug: https://github.com/YunoHost-Apps/mastodon_ynh/issues + * Site de l'application: https://joinmastodon.org/ + * Site Github de l'application: https://github.com/tootsuite/mastodon + * Site web YunoHost: https://yunohost.org/ + +--- + +Informations pour les développeurs +---------------- + +**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.** +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug +ou +sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug +``` diff --git a/check_process b/check_process index 5045355..e44d632 100644 --- a/check_process +++ b/check_process @@ -3,25 +3,20 @@ ; Manifest domain="domain.tld" (DOMAIN) admin="john" (USER) - path="/path" (PATH) - passwd="12345678" + language="fr_FR" ; Checks pkg_linter=1 setup_sub_dir=0 setup_root=1 setup_nourl=0 setup_private=0 - setup_public=0 + setup_public=1 upgrade=1 backup_restore=1 - multi_instance=0 - wrong_user=0 - wrong_path=0 - incorrect_path=0 - corrupt_source=0 - fail_download_source=0 + multi_instance=1 + incorrect_path=1 port_already_use=0 - final_path_already_use=0 + change_url=0 ;;; Levels Level 1=auto Level 2=auto diff --git a/conf/.env.production.sample b/conf/.env.production.sample new file mode 100644 index 0000000..d6bd0c6 --- /dev/null +++ b/conf/.env.production.sample @@ -0,0 +1,232 @@ +# Service dependencies +# You may set REDIS_URL instead for more advanced options +# You may also set REDIS_NAMESPACE to share Redis between multiple Mastodon servers +REDIS_HOST=localhost +REDIS_PORT=6379 +# You may set DATABASE_URL instead for more advanced options +DB_HOST=localhost +DB_USER=__DB_USER__ +DB_NAME=__DB_NAME__ +DB_PASS=__DB_PWD__ +DB_PORT=5432 +# Optional ElasticSearch configuration +# ES_ENABLED=true +# ES_HOST=es +# ES_PORT=9200 + +# Federation +# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation. +# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com. +LOCAL_DOMAIN=__DOMAIN__ + +# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links) + +# Use this only if you need to run mastodon on a different domain than the one used for federation. +# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md +# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING. +# WEB_DOMAIN=mastodon.example.com + +# Use this if you want to have several aliases handler@example1.com +# handler@example2.com etc. for the same user. LOCAL_DOMAIN should not +# be added. Comma separated values +# ALTERNATE_DOMAINS=example1.com,example2.com + +# Application secrets +# Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose) +SECRET_KEY_BASE=__SECRET_KEY_BASE__ +OTP_SECRET=__OTP_SECRET__ + +# VAPID keys (used for push notifications +# You can generate the keys using the following command (first is the private key, second is the public one) +# You should only generate this once per instance. If you later decide to change it, all push subscription will +# be invalidated, requiring the users to access the website again to resubscribe. +# +# Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose) +# +# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html +VAPID_PRIVATE_KEY=__VAPID_PRIVATE_KEY__ +VAPID_PUBLIC_KEY=__VAPID_PUBLIC_KEY__ + +# Registrations +# Single user mode will disable registrations and redirect frontpage to the first profile +# SINGLE_USER_MODE=true +# Prevent registrations with following e-mail domains +# EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc +# Only allow registrations with the following e-mail domains +# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc + +# Optionally change default language +DEFAULT_LOCALE=__LANGUAGE__ + +# E-mail configuration +# Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers +# If you want to use an SMTP server without authentication (e.g local Postfix relay) +# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and +# *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough). +SMTP_SERVER=localhost +SMTP_PORT=25 +#SMTP_LOGIN= +#SMTP_PASSWORD= +SMTP_FROM_ADDRESS=__SMTP_FROM_ADDRESS__ +#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN +#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail +SMTP_AUTH_METHOD=none +#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt +SMTP_OPENSSL_VERIFY_MODE=none +#SMTP_ENABLE_STARTTLS_AUTO=true +#SMTP_TLS=true + +# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files. +# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system +# PAPERCLIP_ROOT_URL=/system + +# Optional asset host for multi-server setups +# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN +# if WEB_DOMAIN is not set. For example, the server may have the +# following header field: +# Access-Control-Allow-Origin: https://example.com/ +# CDN_HOST=https://assets.example.com + +# S3 (optional) +# The attachment host must allow cross origin request from WEB_DOMAIN or +# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the +# following header field: +# Access-Control-Allow-Origin: https://192.168.1.123:9000/ +# S3_ENABLED=true +# S3_BUCKET= +# AWS_ACCESS_KEY_ID= +# AWS_SECRET_ACCESS_KEY= +# S3_REGION= +# S3_PROTOCOL=http +# S3_HOSTNAME=192.168.1.123:9000 + +# S3 (Minio Config (optional) Please check Minio instance for details) +# The attachment host must allow cross origin request - see the description +# above. +# S3_ENABLED=true +# S3_BUCKET= +# AWS_ACCESS_KEY_ID= +# AWS_SECRET_ACCESS_KEY= +# S3_REGION= +# S3_PROTOCOL=https +# S3_HOSTNAME= +# S3_ENDPOINT= +# S3_SIGNATURE_VERSION= + +# Swift (optional) +# The attachment host must allow cross origin request - see the description +# above. +# SWIFT_ENABLED=true +# SWIFT_USERNAME= +# For Keystone V3, the value for SWIFT_TENANT should be the project name +# SWIFT_TENANT= +# SWIFT_PASSWORD= +# Some OpenStack V3 providers require PROJECT_ID (optional) +# SWIFT_PROJECT_ID= +# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid +# issues with token rate-limiting during high load. +# SWIFT_AUTH_URL= +# SWIFT_CONTAINER= +# SWIFT_OBJECT_URL= +# SWIFT_REGION= +# Defaults to 'default' +# SWIFT_DOMAIN_NAME= +# Defaults to 60 seconds. Set to 0 to disable +# SWIFT_CACHE_TTL= + +# Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare) +# S3_ALIAS_HOST= + +# Streaming API integration +# STREAMING_API_BASE_URL= + +# Advanced settings +# If you need to use pgBouncer, you need to disable prepared statements: +# PREPARED_STATEMENTS=false + +# Cluster number setting for streaming API server. +# If you comment out following line, cluster number will be `numOfCpuCores - 1`. +STREAMING_CLUSTER_NUM=1 + +# Docker mastodon user +# If you use Docker, you may want to assign UID/GID manually. +# UID=1000 +# GID=1000 + +# LDAP authentication (optional) +# LDAP_ENABLED=true +# LDAP_HOST=localhost +# LDAP_PORT=389 +# LDAP_METHOD=simple_tls +# LDAP_BASE=ou=users,dc=yunohost,dc=org +# LDAP_BIND_DN=uid=__LDAP_USER__,ou=users,dc=yunohost,dc=org +# LDAP_PASSWORD=__LDAP_PASSWORD__ +# LDAP_UID=uid +# LDAP_SEARCH_FILTER="%{uid}=%{email}" + +# PAM authentication (optional) +# PAM authentication uses for the email generation the "email" pam variable +# and optional as fallback PAM_DEFAULT_SUFFIX +# The pam environment variable "email" is provided by: +# https://github.com/devkral/pam_email_extractor +# PAM_ENABLED=true +# Fallback email domain for email address generation (LOCAL_DOMAIN by default) +# PAM_EMAIL_DOMAIN=example.com +# Name of the pam service (pam "auth" section is evaluated) +# PAM_DEFAULT_SERVICE=rpam +# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default) +# PAM_CONTROLLED_SERVICE=rpam + +# Global OAuth settings (optional) : +# If you have only one strategy, you may want to enable this +# OAUTH_REDIRECT_AT_SIGN_IN=true + +# Optional CAS authentication (cf. omniauth-cas) : +# CAS_ENABLED=true +# CAS_URL=https://sso.myserver.com/ +# CAS_HOST=sso.myserver.com/ +# CAS_PORT=443 +# CAS_SSL=true +# CAS_VALIDATE_URL= +# CAS_CALLBACK_URL= +# CAS_LOGOUT_URL= +# CAS_LOGIN_URL= +# CAS_UID_FIELD='user' +# CAS_CA_PATH= +# CAS_DISABLE_SSL_VERIFICATION=false +# CAS_UID_KEY='user' +# CAS_NAME_KEY='name' +# CAS_EMAIL_KEY='email' +# CAS_NICKNAME_KEY='nickname' +# CAS_FIRST_NAME_KEY='firstname' +# CAS_LAST_NAME_KEY='lastname' +# CAS_LOCATION_KEY='location' +# CAS_IMAGE_KEY='image' +# CAS_PHONE_KEY='phone' + +# Optional SAML authentication (cf. omniauth-saml) +# SAML_ENABLED=true +# SAML_ACS_URL= +# SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback +# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO +# SAML_IDP_CERT= +# SAML_IDP_CERT_FINGERPRINT= +# SAML_NAME_IDENTIFIER_FORMAT= +# SAML_CERT= +# SAML_PRIVATE_KEY= +# SAML_SECURITY_WANT_ASSERTION_SIGNED=true +# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true +# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true +# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1" +# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" +# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241" +# SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42" +# SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4" +# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1" +# SAML_ATTRIBUTES_STATEMENTS_VERIFIED= +# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL= + +# Use HTTP proxy for outgoing request (optional) +# http_proxy=http://gateway.local:8118 +# Access control for hidden service. +# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true diff --git a/conf/app-mastodon.src b/conf/app-mastodon.src deleted file mode 100644 index 60a8c14..0000000 --- a/conf/app-mastodon.src +++ /dev/null @@ -1,6 +0,0 @@ -SOURCE_URL=https://github.com/tootsuite/mastodon/archive/v2.5.2.tar.gz -SOURCE_SUM=d25e432f1fcf223270414dd55be4d2878f1af86c21b1f2d7874fa1c57d75ebfb -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= diff --git a/conf/app-rbenv.src b/conf/app-rbenv.src deleted file mode 100644 index d60155b..0000000 --- a/conf/app-rbenv.src +++ /dev/null @@ -1,6 +0,0 @@ -SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.1.tar.gz -SOURCE_SUM=41f1a60714c55eceb21d692a469aee1ec4f46bba351d0dfcb0c660ff9cf1a1c9 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= diff --git a/conf/app-ruby-build.src b/conf/app-ruby-build.src deleted file mode 100644 index 3041556..0000000 --- a/conf/app-ruby-build.src +++ /dev/null @@ -1,6 +0,0 @@ -SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20180424.tar.gz -SOURCE_SUM=71dbaf87081369c1f5d27b6a94a927c1eeeb1f36bdffe7851f0a9c1ec87b9373 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= diff --git a/conf/app.src b/conf/app.src new file mode 100644 index 0000000..9d7227b --- /dev/null +++ b/conf/app.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/tootsuite/mastodon/archive/v2.7.4.tar.gz +SOURCE_SUM=0e542c57228d482a068b05f639d8fe53dd9d413f7e7ce93cd1a088bd4d8d8366 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/conf/cron b/conf/cron new file mode 100644 index 0000000..2c319fa --- /dev/null +++ b/conf/cron @@ -0,0 +1,2 @@ +RAILS_ENV=production +@daily cd __FINAL__PATH__/live && /opt/rbenv/versions/2.6.0/bin/bundle exec rake __USER__:media:remove_remote diff --git a/conf/mastodon-sidekiq.service b/conf/mastodon-sidekiq.service index f788332..920fcf4 100644 --- a/conf/mastodon-sidekiq.service +++ b/conf/mastodon-sidekiq.service @@ -7,8 +7,9 @@ User=__APP__ WorkingDirectory=__FINALPATH__/live Environment="RAILS_ENV=production" - Environment="DB_POOL=20" - ExecStart=__FINALPATH__/live/bin/bundle exec sidekiq -c 20 -q default -q mailers -q pull -q push + Environment="DB_POOL=25" + Environment="MALLOC_ARENA_MAX=2" + ExecStart=/opt/rbenv/versions/2.6.0/bin/bundle exec sidekiq -c 25 TimeoutSec=15 Restart=always StandardError=syslog diff --git a/conf/mastodon-streaming.service b/conf/mastodon-streaming.service index 443cac0..2e130d5 100644 --- a/conf/mastodon-streaming.service +++ b/conf/mastodon-streaming.service @@ -7,8 +7,10 @@ User=__APP__ WorkingDirectory=__FINALPATH__/live Environment="NODE_ENV=production" - Environment="PORT=4000" - ExecStart=/usr/bin/npm run start + Environment="PORT=__PORT_STREAM__" + Environment="STREAMING_CLUSTER_NUM=1" + Environment=PATH=__NODEJS_PATH__ + ExecStart=__NODEJS_PATH__/node ./streaming TimeoutSec=15 Restart=always StandardError=syslog diff --git a/conf/mastodon-web.service b/conf/mastodon-web.service index 06069f1..c95ba7f 100644 --- a/conf/mastodon-web.service +++ b/conf/mastodon-web.service @@ -7,8 +7,9 @@ User=__APP__ WorkingDirectory=__FINALPATH__/live Environment="RAILS_ENV=production" - Environment="PORT=3000" - ExecStart=__FINALPATH__/live/bin/bundle exec puma -C config/puma.rb + Environment="PORT=__PORT_WEB__" + ExecStart=/opt/rbenv/versions/2.6.0/bin/bundle exec puma -C config/puma.rb + ExecReload=/bin/kill -SIGUSR1 $MAINPID TimeoutSec=15 Restart=always StandardError=syslog diff --git a/conf/nginx.conf b/conf/nginx.conf index 585109e..190c650 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -10,31 +10,48 @@ location / { rewrite ^ https://$server_name$request_uri? permanent; } + proxy_set_header Accept-Encoding ""; try_files $uri @proxy; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; } -# add to v1.4 assets -location ~ ^/(assets|system/media_attachments/files|system/accounts/avatars) { +location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) { add_header Cache-Control "public, max-age=31536000, immutable"; + add_header Strict-Transport-Security "max-age=31536000"; try_files $uri @proxy; - } +} + +location /sw.js { + add_header Cache-Control "public, max-age=0"; + add_header Strict-Transport-Security "max-age=31536000"; + try_files $uri @proxy; +} location @proxy { - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - proxy_pass_header Server; - proxy_pass http://127.0.0.1:3000; - proxy_buffering off; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - tcp_nodelay on; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header Proxy ""; + proxy_pass_header Server; + + proxy_pass http://127.0.0.1:3000; + proxy_buffering on; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + #proxy_cache CACHE; + proxy_cache_valid 200 7d; + proxy_cache_valid 410 24h; + proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; + add_header X-Cached $upstream_cache_status; + add_header Strict-Transport-Security "max-age=31536000"; + + tcp_nodelay on; } location /api/v1/streaming { @@ -42,11 +59,17 @@ location /api/v1/streaming { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; + proxy_set_header Proxy ""; + proxy_pass http://127.0.0.1:4000; proxy_buffering off; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; + tcp_nodelay on; } + + +error_page 500 501 502 503 504 /500.html;
\ No newline at end of file diff --git a/manifest.json b/manifest.json index 440e0fd..fd70341 100644 --- a/manifest.json +++ b/manifest.json @@ -2,21 +2,21 @@ "name": "Mastodon", "id": "mastodon", "packaging_format": 1, - "requirements": { - "yunohost": ">= 2.7.9" - }, "description": { "en": "Mastodon is a free, open-source social network.", "fr": "Mastodon est un réseau social gratuit et open source." }, - "version": "2.5.2", + "version": "2.7.4~ynh1", "url": "https://github.com/tootsuite/mastodon", "license": "AGPL-3.0-or-later", "maintainer": { "name": "cyp, nemsia", "email": "cyp@rouquin.me, nemsia@nemsia.org" }, - "multi_instance": false, + "requirements": { + "yunohost": ">= 3.4" + }, + "multi_instance": true, "services": [ "nginx" ], @@ -29,28 +29,29 @@ "en": "Choose a domain for Mastodon", "fr": "Choisissez un domaine pour Mastodon" }, - "example": "domain.org" + "example": "example.com" }, { "name": "admin", "type": "user", "ask": { - "en": "Choose the Mastodon administrator (must be an existing YunoHost user)", - "fr": "Choisissez un administrateur Mastodon (doit être un utilisateur YunoHost)" + "en": "Choose an admin user", + "fr": "Choisissez l'administrateur" }, - "example": "john" + "example": "johndoe" }, { - "name": "passwd", - "type": "password", + "name": "is_public", + "type": "boolean", "ask": { - "en": "Enter password of this administrator ≥ 8 character", - "fr": "Ajouter le mot de passe pour cette administrateur ≥ 8 charactères" + "en": "Is it a public application?", + "fr": "Est-ce une application publique ?" }, - "example": "adminpassword" + "default": true }, { "name": "language", + "type": "string", "ask": { "en": "Choose the application language", "fr": "Choisissez la langue de l'application" diff --git a/scripts/_common.sh b/scripts/_common.sh index df631ad..79dc04c 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,175 +1,78 @@ #!/bin/bash - -# Execute a command as another user -# usage: exec_as USER COMMAND [ARG ...] -exec_as() { - local user=$1 - shift 1 - - if [[ $user = $(whoami) ]]; then - eval "$@" - else - sudo --login --user="$user" "$@" - fi -} - #================================================= -# -# POSTGRES HELPERS -# -# Point of contact : Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr> +# COMMON VARIABLES #================================================= -# Create a master password and set up global settings -# Please always call this script in install and restore scripts -# -# usage: ynh_psql_test_if_first_run - -ynh_psql_test_if_first_run() { - if [ -f /etc/yunohost/psql ]; - then - echo "PostgreSQL is already installed, no need to create master password" - else - pgsql=$(ynh_string_random) - pg_hba="" - echo "$pgsql" >> /etc/yunohost/psql - - if [ -e /etc/postgresql/9.4/ ] - then - pg_hba=/etc/postgresql/9.4/main/pg_hba.conf - elif [ -e /etc/postgresql/9.6/ ] - then - pg_hba=/etc/postgresql/9.6/main/pg_hba.conf - else - ynh_die "postgresql shoud be 9.4 or 9.6" - fi - - systemctl start postgresql - sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres - - # force all user to connect to local database using passwords - # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF - # Note: we can't use peer since YunoHost create users with nologin - # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user - sed -i '/local\s*all\s*all\s*peer/i \ - local all all password' "$pg_hba" - systemctl enable postgresql - systemctl reload postgresql - fi -} - -# Open a connection as a user -# -# example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;" -# example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql -# -# usage: ynh_psql_connect_as user pwd [db] -# | arg: user - the user name to connect as -# | arg: pwd - the user password -# | arg: db - the database to connect to -ynh_psql_connect_as() { - user="$1" - pwd="$2" - db="$3" - sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db" -} - -# # Execute a command as root user -# -# usage: ynh_psql_execute_as_root sql [db] -# | arg: sql - the SQL command to execute -# | arg: db - the database to connect to -ynh_psql_execute_as_root () { - sql="$1" - sudo --login --user=postgres psql <<< "$sql" -} +# dependencies used by the app +#pkg_dependencies="imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm5 libgdbm-dev nginx redis-server redis-tools postgresql postgresql-contrib certbot yarn libidn11-dev libicu-dev libjemalloc-dev" +pkg_dependencies="imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev redis-server redis-tools postgresql autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev ffmpeg yarn" -# Execute a command from a file as root user -# -# usage: ynh_psql_execute_file_as_root file [db] -# | arg: file - the file containing SQL commands -# | arg: db - the database to connect to -ynh_psql_execute_file_as_root() { - file="$1" - db="$2" - sudo --login --user=postgres psql "$db" < "$file" -} +#================================================= +# PERSONAL HELPERS +#================================================= -# Create a database, an user and its password. Then store the password in the app's config -# -# After executing this helper, the password of the created database will be available in $db_pwd -# It will also be stored as "psqlpwd" into the app settings. -# -# usage: ynh_psql_setup_db user name [pwd] -# | arg: user - Owner of the database -# | arg: name - Name of the database -# | arg: pwd - Password of the database. If not given, a password will be generated -ynh_psql_setup_db () { - db_user="$1" - app="$1" - db_name="$2" - new_db_pwd=$(ynh_string_random) # Generate a random password - # If $3 is not given, use new_db_pwd instead for db_pwd. - db_pwd="${3:-$new_db_pwd}" - ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database - ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config -} +#================================================= +# EXPERIMENTAL HELPERS +#================================================= -# Create a database and grant privilegies to a user -# -# usage: ynh_psql_create_db db [user [pwd]] -# | arg: db - the database name to create -# | arg: user - the user to grant privilegies -# | arg: pwd - the user password -ynh_psql_create_db() { - db="$1" - user="$2" - pwd="$3" - ynh_psql_create_user "$user" "$pwd" - sudo --login --user=postgres createdb --owner="$user" "$db" -} +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= -# Drop a database +# Send an email to inform the administrator # -# usage: ynh_psql_drop_db db -# | arg: db - the database name to drop -# | arg: user - the user to drop -ynh_psql_remove_db() { - db="$1" - user="$2" - sudo --login --user=postgres dropdb "$db" - ynh_psql_drop_user "$user" -} +# usage: ynh_send_readme_to_admin app_message [recipients] +# | arg: app_message - The message to send to the administrator. +# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root +# example: "root admin@domain" +# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you +# example: "root admin@domain user1 user2" +ynh_send_readme_to_admin() { + local app_message="${1:-...No specific information...}" + local recipients="${2:-root}" -# Dump a database -# -# example: ynh_psql_dump_db 'roundcube' > ./dump.sql -# -# usage: ynh_psql_dump_db db -# | arg: db - the database name to dump -# | ret: the psqldump output -ynh_psql_dump_db() { - db="$1" - sudo --login --user=postgres pg_dump "$db" -} + # Retrieve the email of users + find_mails () { + local list_mails="$1" + local mail + local recipients=" " + # Read each mail in argument + for mail in $list_mails + do + # Keep root or a real email address as it is + if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@" + then + recipients="$recipients $mail" + else + # But replace an user name without a domain after by its email + if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null) + then + recipients="$recipients $mail" + fi + fi + done + echo "$recipients" + } + recipients=$(find_mails "$recipients") + local mail_subject="â˜ï¸ðŸ†ˆðŸ…½ðŸ…·â˜ï¸: \`$app\` was just installed!" -# Create a user -# -# usage: ynh_psql_create_user user pwd [host] -# | arg: user - the user name to create -ynh_psql_create_user() { - user="$1" - pwd="$2" - sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd' CREATEDB;" postgres -} + local mail_message="This is an automated message from your beloved YunoHost server. +Specific information for the application $app. +$app_message +--- +Automatic diagnosis data from YunoHost +$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')" + + # Define binary to use for mail command + if [ -e /usr/bin/bsd-mailx ] + then + local mail_bin=/usr/bin/bsd-mailx + else + local mail_bin=/usr/bin/mail.mailutils + fi -# Drop a user -# -# usage: ynh_psql_drop_user user -# | arg: user - the user name to drop -ynh_psql_drop_user() { - user="$1" - sudo --login --user=postgres dropuser "$user" + # Send the email to the recipients + echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients" } diff --git a/scripts/_future.sh b/scripts/_future.sh deleted file mode 100644 index 82f255c..0000000 --- a/scripts/_future.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash - -# needed to have "service_name" as an option -# https://github.com/YunoHost/yunohost/commit/9c4ddcca39d9d6d92bd5f9a23978337e48d0a4e1 -ynh_add_systemd_config () { - local service_name="${1:-$app}" - - finalsystemdconf="/etc/systemd/system/$service_name.service" - ynh_backup_if_checksum_is_different "$finalsystemdconf" - sudo cp ../conf/${2:-systemd.service} "$finalsystemdconf" - - # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. - # Substitute in a nginx config file only if the variable is not empty - if test -n "${final_path:-}"; then - ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf" - fi - if test -n "${app:-}"; then - ynh_replace_string "__APP__" "$app" "$finalsystemdconf" - fi - ynh_store_file_checksum "$finalsystemdconf" - - sudo chown root: "$finalsystemdconf" - sudo systemctl enable $service_name - sudo systemctl daemon-reload -} - -# needed to have "service_name" as an option -# https://github.com/YunoHost/yunohost/commit/9c4ddcca39d9d6d92bd5f9a23978337e48d0a4e1 -ynh_remove_systemd_config () { - local service_name="${1:-$app}" - - local finalsystemdconf="/etc/systemd/system/$service_name.service" - if [ -e "$finalsystemdconf" ]; then - sudo systemctl stop $service_name - sudo systemctl disable $service_name - ynh_secure_remove "$finalsystemdconf" - sudo systemctl daemon-reload - fi -} - - -# LOCAL ADDITION: -# save file locally if not in the cache -# -# Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source () { - local dest_dir=$1 - local src_id=${2:-app} # If the argument is not given, source_id equals "app" - - # Load value from configuration file (see above for a small doc about this file - # format) - local src_url=$(grep 'SOURCE_URL=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_sum=$(grep 'SOURCE_SUM=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_format=$(grep 'SOURCE_FORMAT=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_filename=$(grep 'SOURCE_FILENAME=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - - # Default value - src_sumprg=${src_sumprg:-sha256sum} - src_in_subdir=${src_in_subdir:-true} - src_format=${src_format:-tar.gz} - src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]') - if [ "$src_filename" = "" ] ; then - src_filename="${src_id}.${src_format}" - fi - local local_src="/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}/${src_filename}" - - # if cache file exists and the checksum isn't good, download it again - # if not, just download the file - - if test -e "$local_src" - then - echo "${src_sum} ${local_src}" | ${src_sumprg} -c --status \ - || wget -nv -O $local_src $src_url - else - mkdir -p "/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}" - wget -nv -O $local_src $src_url - fi - cp $local_src $src_filename - - # Check the control sum - echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \ - || ynh_die "Corrupt source" - - # Extract source into the app dir - mkdir -p "$dest_dir" - if [ "$src_format" = "zip" ] - then - # Zip format - # Using of a temp directory, because unzip doesn't manage --strip-components - if $src_in_subdir ; then - local tmp_dir=$(mktemp -d) - unzip -quo $src_filename -d "$tmp_dir" - cp -a $tmp_dir/*/. "$dest_dir" - ynh_secure_remove "$tmp_dir" - else - unzip -quo $src_filename -d "$dest_dir" - fi - else - local strip="" - if $src_in_subdir ; then - strip="--strip-components 1" - fi - if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then - tar -xf $src_filename -C "$dest_dir" $strip - else - ynh_die "Archive format unrecognized." - fi - fi - - # Apply patches - if (( $(find $YNH_CWD/../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then - local old_dir=$(pwd) - (cd "$dest_dir" \ - && for p in $YNH_CWD/../sources/patches/${src_id}-*.patch; do \ - patch -p1 < $p; done) \ - || ynh_die "Unable to apply patches" - cd $old_dir - fi - - # Add supplementary files - if test -e "$YNH_CWD/../sources/extra_files/${src_id}"; then - cp -a $YNH_CWD/../sources/extra_files/$src_id/. "$dest_dir" - fi -} - diff --git a/scripts/backup b/scripts/backup index be3b0a4..58b29a7 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,56 +6,61 @@ # IMPORT GENERIC HELPERS #================================================= -if [ ! -e _common.sh ]; then - # Get the _common.sh file if it's not in the current directory - cp ../settings/scripts/_common.sh ./_common.sh - cp ../settings/scripts/_future.sh ./_future.sh - chmod a+rx _common.sh _future.sh -fi -source _common.sh +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source ../settings/scripts/ynh_systemd_action source /usr/share/yunohost/helpers -source _future.sh #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." -# Get multi-instances specific variables app=$YNH_APP_INSTANCE_NAME -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -final_path=$(ynh_app_setting_get "$app" final_path) -db_name=$(ynh_app_setting_get "$app" db_name) -if [ -z "$db_name" ]; then - db_name="${app}_production" - ynh_app_setting_set "$app" db_name "$db_name" -fi +final_path=$(ynh_app_setting_get $app final_path) +domain=$(ynh_app_setting_get $app domain) +db_name=$(ynh_app_setting_get $app db_name) + +#================================================= +# STOP MASTODON SERVICES +#================================================= +ynh_print_info "Stopping Mastodon services..." + +ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd #================================================= # STANDARD BACKUP STEPS #================================================= # BACKUP THE APP MAIN DIR #================================================= +ynh_print_info "Backing up the main app directory..." ynh_backup "$final_path" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= +ynh_print_info "Backing up nginx web server configuration..." ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# BACKUP THE MYSQL DATABASE +# BACKUP THE POSTGRESQL DATABASE #================================================= +ynh_print_info "Backing up the PostgreSQL database..." ynh_psql_dump_db "$db_name" > db.sql @@ -64,13 +69,29 @@ ynh_psql_dump_db "$db_name" > db.sql #================================================= # BACKUP SYSTEMD #================================================= +ynh_print_info "Backing up systemd configuration..." ynh_backup "/etc/systemd/system/$app-web.service" ynh_backup "/etc/systemd/system/$app-sidekiq.service" ynh_backup "/etc/systemd/system/$app-streaming.service" #================================================= -# BACKUP THE sources.list FILES +# BACKUP A CRON FILE +#================================================= + +ynh_backup "/etc/cron.d/$app" + +#================================================= +# START MASTODON SERVICES +#================================================= +ynh_print_info "Starting Mastodon services..." + +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd + +#================================================= +# END OF SCRIPT #================================================= -ynh_backup "/etc/apt/sources.list.d/yarn.list" "apt_yarn.list" +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..525ecc9 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,133 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source ynh_systemd_action +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path="/" + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_print_info "Loading installation settings..." + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get $app final_path) + +# Add settings here as needed by your application +#db_name=$(ynh_app_setting_get "$app" db_name) +#db_pwd=$(ynh_app_setting_get $app db_pwd) +admin_mail=$(ynh_app_setting_get $app admin_mail) + +#================================================= +# CHECK THE SYNTAX OF THE PATHS +#================================================= + +test -n "$old_path" || old_path="/" +test -n "$new_path" || new_path="/" +new_path=$(ynh_normalize_url_path $new_path) +old_path=$(ynh_normalize_url_path $old_path) + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_print_info "Updating nginx web server configuration..." + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the nginx config file +if [ $change_path -eq 1 ] +then + # Make a backup of the original nginx config file if modified + ynh_backup_if_checksum_is_different "$nginx_conf_path" + # Set global variables for nginx helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated nginx config + ynh_add_nginx_config +fi + +# Change the domain for nginx +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum "$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= +# STOP MASTODON SERVICES +#================================================= +ynh_print_info "Stopping Mastodon services..." + +ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd + +#================================================= +# CHANGE CONFIGURATION +#================================================= + +ynh_replace_string "LOCAL_DOMAIN=.*" "LOCAL_DOMAIN=${domain}" "${final_path}/live/.env.production" + +#================================================= +# START MASTODON SERVICES +#================================================= +ynh_print_info "Starting Mastodon services..." + +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd + +#================================================= +# GENERIC FINALISATION +#================================================= +# RELOAD NGINX +#================================================= +ynh_print_info "Reloading nginx web server..." + +systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index 0959371..337f7be 100644 --- a/scripts/install +++ b/scripts/install @@ -7,41 +7,53 @@ #================================================= source _common.sh +source ynh_install_ruby +source ynh_add_secure_repos__3 +source ynh_systemd_action source /usr/share/yunohost/helpers -source _future.sh #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors - #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================ +#================================================= domain=$YNH_APP_ARG_DOMAIN -admin_mastodon=$YNH_APP_ARG_ADMIN -admin_mastodon_mail=$(ynh_user_get_info $admin_mastodon 'mail') -admin_pass=$YNH_APP_ARG_PASSWD +path_url="/" +admin=$YNH_APP_ARG_ADMIN +is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE -path_url="/" +admin_mail=$(ynh_user_get_info $admin 'mail') app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= +ynh_print_info "Validating installation parameters..." final_path=/var/www/$app test ! -e "$final_path" || ynh_die "This path already contains a folder" -# TODO: remove this test, don't as password anymore, generate it and send it by email to admin with: https://github.com/YunoHost-Apps/Experimental_helpers/tree/master/send_readme_to_admin -[[ ${#admin_pass} -gt 7 ]] || ynh_die "Password is too weak, must be longer than 7 characters" +if [ "$admin" != "package_checker" ] +then + # TODO : to be factorized into a helper someday ? ;) + MEM=$(free | grep "^Mem" | awk '{print $2}') + SWAP=$(free | grep "^Swap" | awk '{print $2}') + TOTAL_MEM_AND_SWAP=$(( ( $MEM+$SWAP ) / 1024 )) # In MB + [[ $TOTAL_MEM_AND_SWAP -gt 2500 ]] || ynh_die "You need at least 2500 Mo of RAM+Swap to install Mastodon. Please consult the README to learn how to add swap." + +fi # Normalize the url path syntax path_url=$(ynh_normalize_url_path $path_url) @@ -53,24 +65,32 @@ ynh_webpath_register $app $domain $path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= +ynh_print_info "Storing installation settings..." -ynh_app_setting_set $app domain $domain -ynh_app_setting_set $app admin $admin_mastodon -ynh_app_setting_set $app pass $admin_pass -ynh_app_setting_set $app language $language +ynh_app_setting_set $app domain $domain ynh_app_setting_set $app path $path_url - +ynh_app_setting_set $app admin $admin +ynh_app_setting_set $app is_public $is_public +ynh_app_setting_set $app language $language #================================================= # STANDARD MODIFICATIONS #================================================= +# FIND AND OPEN A PORT +#================================================= +ynh_print_info "Configuring firewall..." +# Find a free port +port_web=$(ynh_find_port 3000) +port_stream=$(ynh_find_port 4000) +# Open this port +ynh_app_setting_set $app port_web $port_web +ynh_app_setting_set $app port_stream $port_stream #================================================= # INSTALL DEPENDENCIES #================================================= - -# TODO: add in a clean way backports and yarn +ynh_print_info "Installing dependencies..." # Import debian archive pubkey, need on ARM arch arch=$(uname -m) @@ -79,180 +99,166 @@ if [[ "$arch" = arm* ]]; then apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 fi -# Install source.list debian package backports & yarn +# Install extra_repo debian package backports & yarn if [ "$(lsb_release --codename --short)" == "jessie" ]; then - echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list + ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append fi -curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - -echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list -ynh_package_update -# Creates the destination directory and stores its location. -ynh_app_setting_set "$app" final_path "$final_path" +ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append -# Install de Node.js -# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs -( - cd /opt - curl -sL https://deb.nodesource.com/setup_8.x | bash - - apt-get -y install nodejs -) +# install nodejs +ynh_install_nodejs 8 -# TODO: use the same mecanism with other files -ynh_install_app_dependencies \ - `# debian packages ` \ - imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \ - `# redis ` \ - redis-server redis-tools \ - `# postgresql ` \ - postgresql \ - `# Ruby ` \ - autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \ - `# ffmpeg from backports ` \ - ffmpeg \ - `# Yarn ` \ - yarn +ynh_install_app_dependencies $pkg_dependencies #================================================= -# CREATE A DATABASE +# CREATE A POSTGRESQL DATABASE #================================================= +ynh_print_info "Creating a PostgreSQL database..." -# TODO: use non-official https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/postgres/postgres -# TODO: this commands doesn't looks like a requirement, you may fully remove it -# Set UTF8 encoding by default - -ynh_psql_test_if_first_run - -db_user=$(ynh_sanitize_dbid "$app") +# Create postgresql database db_name="${app}_production" -db_name=$(ynh_sanitize_dbid "$db_name") -db_pwd=$(ynh_string_random) -ynh_app_setting_set $app db_name $db_name -ynh_app_setting_set $app db_pwd $db_pwd -ynh_psql_setup_db "$db_user" "$db_name" "$db_pwd" +db_pwd=$(ynh_string_random 30) +ynh_app_setting_set "$app" db_name "$db_name" +ynh_app_setting_set "$app" db_pwd "$db_pwd" +ynh_psql_test_if_first_run +ynh_psql_create_user "$app" "$db_pwd" +ynh_psql_execute_as_root \ +"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_print_info "Setting up source files..." -# Download all sources rbenv, ruby and mastodon - -ynh_setup_source "$final_path/.rbenv" "app-rbenv" -ynh_setup_source "$final_path/.rbenv/plugins/ruby-build" "app-ruby-build" -ynh_setup_source "$final_path/live" "app-mastodon" +ynh_app_setting_set $app final_path $final_path +# Download, check integrity, uncompress and patch the source from app.src +mkdir $final_path +ynh_setup_source "$final_path/live" #================================================= # NGINX CONFIGURATION #================================================= +ynh_print_info "Configuring nginx web server..." -# TODO: use official helper ynh_add_nginx_config -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@__PATH__@$app@g" ../conf/nginx.conf* -sed -i "s@__FINALPATH__@$final_path@g" ../conf/nginx.conf* -cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf +# Create a dedicated nginx config +ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/nginx.conf" +ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/nginx.conf" +ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= +ynh_print_info "Configuring system user..." -# TODO: use official helper ynh_system_user_create -# Create user unix -adduser $app --home $final_path --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password - -chown -R "$app" "$final_path" +# Create a system user +ynh_system_user_create $app $final_path -# TODO: try to use ynh_install_ruby from https://github.com/YunoHost-Apps/Experimental_helpers -# Install de rbenv -( - cd $final_path/.rbenv - src/configure && make -C src - - echo "export PATH=\"$final_path/.rbenv/bin:$final_path/live/bin:\$PATH\" -eval \"\$(rbenv init -)\"" > $final_path/.profile - echo "export PATH=\"$final_path/.rbenv/bin:$final_path/live/bin:\$PATH\"" > $final_path/.bashrc -) - -# Install ruby-build -( - exec_as "$app" $final_path/.rbenv/bin/rbenv install 2.5.1 - exec_as "$app" $final_path/.rbenv/bin/rbenv global 2.5.1 - exec_as "$app" $final_path/.rbenv/versions/2.5.1/bin/ruby -v -) +#================================================= +# SPECIFIC SETUP +#================================================= +# INSTALLING RUBY AND BUNDLER +#================================================= -# Create symlink for ruby -rm /usr/bin/ruby || true -ln -s $final_path/.rbenv/versions/2.5.1/bin/ruby /usr/bin/ruby || true +ynh_install_ruby --ruby_version=2.6.0 +/opt/rbenv/versions/2.6.0/bin/gem update --system +#/opt/rbenv/versions/2.6.0/bin/gem install bundler --no-document -# Yarn install on root -pushd $final_path/live -yarn install --pure-lockfile -popd +#================================================= +# MODIFY A CONFIG FILE +#================================================= -# Adjust Mastodon config -# TODO: use official helper ynh_replace_string -# TODO: save the config file in conf folder, to make replacement easier to read -# TODO: use ynh_string_random -cp -a $final_path/live/.env.production.sample $final_path/live/.env.production -sed -i "s@REDIS_HOST=redis@REDIS_HOST=127.0.0.1@g" "${final_path}/live/.env.production" -sed -i "s@DB_HOST=db@DB_HOST=/var/run/postgresql@g" "${final_path}/live/.env.production" -sed -i "s@DB_USER=postgres@DB_USER=${db_user}@g" "${final_path}/live/.env.production" -sed -i "s@DB_NAME=postgres@DB_NAME=${db_name}@g" "${final_path}/live/.env.production" -sed -i "s@DB_PASS=@DB_PASS=${db_pwd}@g" "${final_path}/live/.env.production" -sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path}/live/.env.production" +cp -f ../conf/.env.production.sample "$final_path/live/.env.production" +ynh_replace_string "__DB_USER__" "$app" "$final_path/live/.env.production" +ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/live/.env.production" +ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/live/.env.production" +ynh_replace_string "__DOMAIN__" "$domain" "$final_path/live/.env.production" +ynh_replace_string "__SMTP_FROM_ADDRESS__" "$admin_mail" "${final_path}/live/.env.production" language="$(echo $language | head -c 2)" -sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production" +ynh_replace_string "__LANGUAGE__" "$language" "$final_path/live/.env.production" paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) +ynh_replace_string "PAPERCLIP_SECRET=" "PAPERCLIP_SECRET=$paperclip_secret" "${final_path}/live/.env.production" +ynh_app_setting_set "$app" paperclip_secret "$paperclip_secret" + secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) +ynh_replace_string "__SECRET_KEY_BASE__" "$secret_key_base" "$final_path/live/.env.production" +ynh_app_setting_set "$app" secret_key_base "$secret_key_base" + otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) -sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=${paperclip_secret}@g" "${final_path}/live/.env.production" -sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=${secret_key_base}@g" "${final_path}/live/.env.production" -sed -i "s@OTP_SECRET=@OTP_SECRET=${otp_secret}@g" "${final_path}/live/.env.production" +ynh_replace_string "__OTP_SECRET__" "$otp_secret" "$final_path/live/.env.production" +ynh_app_setting_set "$app" otp_secret "$otp_secret" -sed -i "s@SMTP_LOGIN=@#SMTP_LOGIN=@g" "${final_path}/live/.env.production" -sed -i "s@SMTP_PASSWORD=@#SMTP_PASSWORD=@g" "${final_path}/live/.env.production" -sed -i "s@SMTP_SERVER=smtp.mailgun.org@SMTP_SERVER=localhost@g" "${final_path}/live/.env.production" -sed -i "s@SMTP_PORT=587@SMTP_PORT=25@g" "${final_path}/live/.env.production" -sed -i 's,SMTP_FROM_ADDRESS=notifications@example.com,SMTP_FROM_ADDRESS='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production" -sed -i "s@#SMTP_AUTH_METHOD=plain@SMTP_AUTH_METHOD=none@g" "${final_path}/live/.env.production" -sed -i "s@#SMTP_OPENSSL_VERIFY_MODE=peer@SMTP_OPENSSL_VERIFY_MODE=none@g" "${final_path}/live/.env.production" +#================================================= +# INSTALLING MASTODON +#================================================= +ynh_print_info "Installing Mastodon..." + +chown -R "$app": "$final_path" -# Preconfig CSS & JS -# Install Mastodon -( - cd "$final_path/live" - su mastodon <<INSTALL - $final_path/.rbenv/versions/2.5.1/bin/gem install bundler - $final_path/live/bin/bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test --quiet - yarn install --production --no-progress --non-interactive --silent - echo "SAFETY_ASSURED=1">> .env.production - RAILS_ENV=production $final_path/live/bin/bundle exec rails db:migrate --quiet - RAILS_ENV=production $final_path/live/bin/bundle exec rails assets:precompile --quiet -INSTALL -) +pushd "$final_path/live" + ynh_use_nodejs + sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test + sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile + sudo -u "$app" echo "SAFETY_ASSURED=1">> .env.production + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails db:migrate --quiet + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile --quiet + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt + sudo -u "$app" env PATH=$PATH RAILS_ENV=production bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=admin > acc.txt +popd -# TODO: use ynh_find_port to have generic port selection for RAILS +admin_pass=$( tail -1 $final_path/live/acc.txt | head -1 | cut -c 15- ) +ynh_secure_remove "$final_path/live/acc.txt" + +vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K\w+" "$final_path/live/key.txt") +vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K\w+" "$final_path/live/key.txt") + +ynh_replace_string "__VAPID_PRIVATE_KEY__" "$vapid_private_key" "${final_path}/live/.env.production" +ynh_replace_string "__VAPID_PUBLIC_KEY__" "$vapid_public_key" "${final_path}/live/.env.production" + +ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key" +ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key" + +ynh_secure_remove "$final_path/live/key.txt" + +#================================================= +# SETUP CRON JOB FOR REMOVING CACHE +#================================================= +ynh_print_info "Setuping a cron job for rem0ving cache..." + +ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron +ynh_replace_string "__USER__" "$app" ../conf/cron +sudo cp -f ../conf/cron /etc/cron.d/$app + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_print_info "Configuring a systemd service..." + +# Create a dedicated systemd config +ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/mastodon-web.service" +ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/mastodon-streaming.service" +ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/mastodon-streaming.service" ynh_add_systemd_config "$app-web" "mastodon-web.service" -# TODO: use ynh_find_port to have generic port selection for NODES ynh_add_systemd_config "$app-sidekiq" "mastodon-sidekiq.service" ynh_add_systemd_config "$app-streaming" "mastodon-streaming.service" -systemctl start "$app-web.service" "$app-sidekiq.service" "$app-streaming.service" +#================================================= +# START MASTODON SERVICES +#================================================= +ynh_print_info "Starting Mastodon services..." + +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd + +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= -# Create user -( - cd "$final_path/live" - su mastodon <<CREATEUSER -RAILS_ENV=production bin/bundle exec rails c -account = Account.create!(username: '$admin_mastodon') -user = User.create!(email: '$admin_mastodon_mail', password: '$admin_pass', account: account) -CREATEUSER - su mastodon <<SETADMIN -RAILS_ENV=production bin/bundle exec rails mastodon:make_admin USERNAME=$admin_mastodon -RAILS_ENV=production bin/bundle exec rails mastodon:confirm_email USER_EMAIL=$admin_mastodon_mail -SETADMIN -) +# Calculate and store the config file checksum into the app settings +ynh_store_file_checksum "${final_path}/live/.env.production" #================================================= # GENERIC FINALIZATION @@ -260,14 +266,13 @@ SETADMIN # SECURE FILES AND DIRECTORIES #================================================= -# TODO:Set permissions to app files -chown -R "$app" "$final_path" +# Set permissions to app files +chown -R "$app": "$final_path" #================================================= # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -# Add service YunoHost yunohost service add "$app-web" yunohost service add "$app-sidekiq" yunohost service add "$app-streaming" @@ -275,14 +280,36 @@ yunohost service add "$app-streaming" #================================================= # SETUP SSOWAT #================================================= +ynh_print_info "Configuring SSOwat..." -# TODO: all private install -# Unprotected url -ynh_app_setting_set "$app" unprotected_uris "/" +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set $app unprotected_uris "/" +fi #================================================= # RELOAD NGINX #================================================= +ynh_print_info "Reloading nginx web server..." -# Reload Nginx systemctl reload nginx + +#================================================= +# SEND A README FOR THE ADMIN +#================================================= + +message="Mastodon was successfully installed :) +Please open 'https://$domain$path_url' +The admin email is: $admin_mail +The admin password is: $admin_pass +If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/mastodon_ynh" + +ynh_send_readme_to_admin "$message" "$admin" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index 0ea12df..303ccf7 100644 --- a/scripts/remove +++ b/scripts/remove @@ -6,78 +6,83 @@ # IMPORT GENERIC HELPERS #================================================= -source _common.sh # Loads the generic functions usually used in the script -# Source app helpers +source _common.sh +source ynh_install_ruby +source ynh_add_secure_repos__3 source /usr/share/yunohost/helpers -source _future.sh - - #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -db_name=$(ynh_app_setting_get "$app" db_name) -if [ -z "$db_name" ]; then - db_name="${app}_production" - ynh_app_setting_set "$app" db_name "$db_name" -fi -db_user=$(ynh_sanitize_dbid "$app") -final_path=$(ynh_app_setting_get "$app" final_path) +domain=$(ynh_app_setting_get $app domain) +db_name=$(ynh_app_setting_get $app db_name) +final_path=$(ynh_app_setting_get $app final_path) #================================================= # STANDARD REMOVE #================================================= -# STOP AND REMOVE SERVICE -#================================================= - -ynh_remove_systemd_config "$app-web" -ynh_remove_systemd_config "$app-sidekiq" -ynh_remove_systemd_config "$app-streaming" - -#================================================= # REMOVE SERVICE FROM ADMIN PANEL -#============================================== +#================================================= -if yunohost service status | grep -q "$app-web" +# Remove a service from the admin panel, added by `yunohost service add` +if yunohost service status "$app-web" >/dev/null 2>&1 then - echo "Remove $app-web service" + ynh_print_info "Removing $app-web service" yunohost service remove "$app-web" fi -if yunohost service status | grep -q "$app-sidekiq" +if yunohost service status "$app-sidekiq" >/dev/null 2>&1 then - echo "Remove $app-sidekiq service" + ynh_print_info "Removing $app-sidekiq service" yunohost service remove "$app-sidekiq" fi -if yunohost service status | grep -q "$app-streaming" +if yunohost service status "$app-streaming" >/dev/null 2>&1 then - echo "Remove $app-streaming service" + ynh_print_info "Removing $app-streaming service" yunohost service remove "$app-streaming" fi #================================================= -# REMOVE DEPENDENCIES +# STOP AND REMOVE SERVICE #================================================= +ynh_print_info "Stopping and removing the systemd service" -# Remove metapackage and its dependencies -ynh_remove_app_dependencies +# Remove the dedicated systemd config +ynh_remove_systemd_config "$app-web" +ynh_remove_systemd_config "$app-sidekiq" +ynh_remove_systemd_config "$app-streaming" #================================================= -# REMOVE THE PostgreSQL DATABASE +# REMOVE THE POSTGRESQL DATABASE #================================================= +ynh_print_info "Removing the PostgreSQL database" + +ynh_psql_execute_as_root "\connect $db_name +SELECT pg_terminate_backend (pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '$db_name';" # delete postgresql database & user -ynh_psql_remove_db "$db_name" "$db_user" +ynh_psql_remove_db --db_name="$db_name" --db_user="$app" + +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_print_info "Removing dependencies" + +# Remove metapackage and its dependencies +ynh_remove_ruby +ynh_remove_app_dependencies +ynh_remove_nodejs +ynh_remove_extra_repo #================================================= # REMOVE APP MAIN DIR #================================================= +ynh_print_info "Removing app main directory" # Remove the app directory securely ynh_secure_remove "$final_path" @@ -85,9 +90,10 @@ ynh_secure_remove "$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= +ynh_print_info "Removing nginx web server configuration" -ynh_secure_remove "/etc/nginx/conf.d/${domain}.d/${app}.conf" -systemctl reload nginx +# Remove the dedicated nginx config +ynh_remove_nginx_config #================================================= # SPECIFIC REMOVE @@ -95,25 +101,21 @@ systemctl reload nginx # REMOVE THE CRON FILE #================================================= -# Delete cronlog -ynh_secure_remove /etc/cron.d/$app +# Remove a cron file +ynh_secure_remove "/etc/cron.d/$app" #================================================= -# REMOVE source.list +# GENERIC FINALIZATION #================================================= -if [ "$(lsb_release --codename --short)" == "jessie" ]; then - ynh_secure_remove /etc/apt/sources.list.d/backports.list - ynh_secure_remove /etc/apt/sources.list.d/jessie-backports.list -fi -ynh_secure_remove /etc/apt/sources.list.d/yarn.list +# REMOVE DEDICATED USER +#================================================= +ynh_print_info "Removing the dedicated system user" -# Delete ruby exec -#ynh_secure_remove /usr/bin/ruby +# Delete a system user +ynh_system_user_delete $app #================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER +# END OF SCRIPT #================================================= -userdel -f $app +ynh_print_info "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index 1682d23..6e39fb5 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,38 +6,39 @@ # IMPORT GENERIC HELPERS #================================================= -if [ ! -e _common.sh ]; then - # Get the _common.sh file if it's not in the current directory - cp ../settings/scripts/_common.sh ./_common.sh - cp ../settings/scripts/_future.sh ./_future.sh - chmod a+rx _common.sh _future.sh -fi -source _common.sh +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source ../settings/scripts/ynh_install_ruby +source ../settings/scripts/ynh_add_secure_repos__3 +source ../settings/scripts/ynh_systemd_action source /usr/share/yunohost/helpers -source _future.sh #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading settings..." app=$YNH_APP_INSTANCE_NAME -# Get old parameter of the app domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) -is_public=$(ynh_app_setting_get $app is_public) -final_path=$(ynh_app_setting_get "$app" final_path) +final_path=$(ynh_app_setting_get $app final_path) +db_name=$(ynh_app_setting_get $app db_name) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= +ynh_print_info "Validating restoration parameters..." ynh_webpath_available $domain $path_url \ || ynh_die "Path not available: ${domain}${path_url}" @@ -55,15 +56,17 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= +ynh_print_info "Restoring the app main directory..." ynh_restore_file "$final_path" #================================================= # RECREATE THE DEDICATED USER #================================================= +ynh_print_info "Recreating the dedicated system user..." -# Create user unix -adduser $app --home $final_path --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password +# Create the dedicated user (if not existing) +ynh_system_user_create $app $final_path #================================================= # RESTORE USER RIGHTS @@ -77,8 +80,7 @@ chown -R $app: $final_path #================================================= # REINSTALL DEPENDENCIES #================================================= - -# TODO: add in a clean way backports and yarn +ynh_print_info "Reinstalling dependencies..." # Import debian archive pubkey, need on ARM arch arch=$(uname -m) @@ -87,55 +89,48 @@ if [[ "$arch" = arm* ]]; then apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 fi -# Install source.list debian package backports & yarn +# Install extra_repo debian package backports & yarn if [ "$(lsb_release --codename --short)" == "jessie" ]; then - echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list + ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append fi -curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - -echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list -ynh_package_update +ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append -# Install de Node.js -# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs -( - cd /opt - curl -sL https://deb.nodesource.com/setup_8.x | bash - - apt-get -y install nodejs -) +# install nodejs +ynh_install_nodejs 8 -# TODO: use the same mecanism with other files -ynh_install_app_dependencies \ - `# debian packages ` \ - imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \ - `# redis ` \ - redis-server redis-tools \ - `# postgresql ` \ - postgresql \ - `# Ruby ` \ - autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \ - `# ffmpeg from backports ` \ - ffmpeg \ - `# Yarn ` \ - yarn +ynh_install_app_dependencies $pkg_dependencies #================================================= -# RESTORE THE PostgreSQL DATABASE +# INSTALLING RUBY AND BUNDLER #================================================= -# Restore PostgreSQL database -db_user=$(ynh_sanitize_dbid "$app") -db_name=$(ynh_app_setting_get "$app" db_name) -if [ -z "$db_name" ]; then - db_name="${app}_production" - ynh_app_setting_set "$app" db_name "$db_name" -fi +ynh_install_ruby --ruby_version=2.6.0 +/opt/rbenv/versions/2.6.0/bin/gem update --system + +#================================================= +# RESTORE THE POSTGRESQL DATABASE +#================================================= +ynh_print_info "Restoring the PostgreSQL database..." + db_pwd=$(ynh_app_setting_get "$app" db_pwd) ynh_psql_test_if_first_run -ynh_psql_setup_db "$db_user" "$db_name" "$db_pwd" +ynh_psql_create_user "$app" "$db_pwd" +ynh_psql_execute_as_root \ +"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;" ynh_psql_execute_file_as_root ./db.sql "$db_name" #================================================= +# RESTORE SYSTEMD +#================================================= +ynh_print_info "Restoring the systemd configuration..." + +ynh_restore_file "/etc/systemd/system/$app-web.service" +ynh_restore_file "/etc/systemd/system/$app-sidekiq.service" +ynh_restore_file "/etc/systemd/system/$app-streaming.service" +systemctl enable "$app-web" "$app-sidekiq" "$app-streaming" + +#================================================= # ADVERTISE SERVICE IN ADMIN PANEL #================================================= @@ -144,19 +139,31 @@ yunohost service add $app-sidekiq yunohost service add $app-streaming #================================================= -# RESTORE SYSTEMD +# RESTORE THE CRON FILE #================================================= -ynh_restore_file "/etc/systemd/system/$app-web.service" -ynh_restore_file "/etc/systemd/system/$app-sidekiq.service" -ynh_restore_file "/etc/systemd/system/$app-streaming.service" -systemctl enable "$app-web" "$app-sidekiq" "$app-streaming" +ynh_restore_file "/etc/cron.d/$app" #================================================= # GENERIC FINALIZATION #================================================= -# RELOAD NGINX AND PHP-FPM +# START MASTODON SERVICES +#================================================= +ynh_print_info "Starting Mastodon services..." + +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd + #================================================= +# RELOAD NGINX +#================================================= +ynh_print_info "Reloading nginx web server..." -systemctl restart "$app-web" "$app-sidekiq" "$app-streaming" systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index 9bd8864..b90dddd 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,39 +7,52 @@ #================================================= source _common.sh +source ynh_install_ruby +source ynh_add_secure_repos__3 +source ynh_systemd_action source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." -# See comments in install script app=$YNH_APP_INSTANCE_NAME -db_name=$(ynh_app_setting_get "$app" db_name) -db_pwd=$(ynh_app_setting_get "$app" db_pwd) -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -path=$(ynh_app_setting_get "$app" path) -admin=$(ynh_app_setting_get "$app" admin) -language=$(ynh_app_setting_get "$app" language) -final_path=$(ynh_app_setting_get "$app" final_path) -path_url="/" +domain=$(ynh_app_setting_get $app domain) +path_url=$(ynh_app_setting_get $app path) +admin=$(ynh_app_setting_get $app admin) +is_public=$(ynh_app_setting_get $app is_public) +final_path=$(ynh_app_setting_get $app final_path) +language=$(ynh_app_setting_get $app language) +db_name=$(ynh_app_setting_get $app db_name) + +db_pwd=$(ynh_app_setting_get $app db_pwd) +admin_mail=$(ynh_user_get_info $admin 'mail') +port_web=$(ynh_app_setting_get "$app" port_web) +port_stream=$(ynh_app_setting_get "$app" port_stream) + +paperclip_secret=$(ynh_app_setting_get "$app" paperclip_secret) +secret_key_base=$(ynh_app_setting_get "$app" secret_key_base) +otp_secret=$(ynh_app_setting_get "$app" otp_secret) +vapid_private_key=$(ynh_app_setting_get "$app" vapid_private_key) +vapid_public_key=$(ynh_app_setting_get "$app" vapid_public_key) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= +ynh_print_info "Ensuring downward compatibility..." # If db_name doesn't exist, create it -if [ -z "$db_name" ]; then +if [ -z $db_name ]; then db_name="${app}_production" - ynh_app_setting_set "$app" db_name "$db_name" + ynh_app_setting_set $app db_name $db_name fi # If final_path doesn't exist, create it -if [ -z "$final_path" ]; then +if [ -z $final_path ]; then final_path=/var/www/$app - ynh_app_setting_set "$app" final_path "$final_path" + ynh_app_setting_set $app final_path $final_path fi # Check if admin is not null @@ -48,22 +61,51 @@ if [[ "$admin" = "" || "$language" = "" ]]; then ynh_die fi -# If db_pwd doesn't exist, create it +# If db_pwd doesn't exist, create it, need for old install if [[ -z "$db_pwd" ]]; then db_pwd=$(ynh_string_random) ynh_app_setting_set $app db_pwd $db_pwd ynh_psql_test_if_first_run sudo --login --user=postgres psql -c"ALTER user $app WITH PASSWORD '$db_pwd'" postgres - sed -i "s@DB_PASS=@DB_PASS=${db_pwd}@g" "${final_path}/live/.env.production" + ynh_replace_string "DB_PASS=" "DB_PASS=${db_pwd}" "${final_path}/live/.env.production" +fi + +# If paperclip_secret doesn't exist, retrieve it or create it +if [[ -z "$paperclip_secret" ]]; then + paperclip_secret=$(grep -oP "PAPERCLIP_SECRET=\K\w+" test) + if [[ -z "$paperclip_secret" ]]; then + paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) + fi + ynh_app_setting_set "$app" paperclip_secret "$paperclip_secret" +fi + +# If secret_key_base doesn't exist, retrieve it or create it +if [[ -z "$secret_key_base" ]]; then + secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" test) + if [[ -z "$secret_key_base" ]]; then + secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) + fi + ynh_app_setting_set "$app" secret_key_base "$secret_key_base" +fi + +# If otp_secret doesn't exist, retrieve it or create it +if [[ -z "$otp_secret" ]]; then + otp_secret=$(grep -oP "OTP_SECRET=\K\w+" test) + if [[ -z "$otp_secret" ]]; then + otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) + fi + ynh_app_setting_set "$app" otp_secret "$otp_secret" fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= +ynh_print_info "Backing up the app before upgrading (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_clean_check_starting # restore it if the upgrade fails ynh_restore_upgradebackup } @@ -71,143 +113,198 @@ ynh_clean_setup () { ynh_abort_if_errors #================================================= -# Remove repo Files +# CHECK THE PATH #================================================= -if [ "$(lsb_release --codename --short)" == "jessie" ]; then - echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list - ynh_secure_remove /etc/apt/sources.list.d/backports.list -fi +# Normalize the URL path syntax +path_url=$(ynh_normalize_url_path $path_url) + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP MASTODON SERVICES +#================================================= +ynh_print_info "Stopping Mastodon services..." -# Add yarn repo -echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list +ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd #================================================= -# INSTALL DEPENDENCIES +# DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_print_info "Upgrading source files..." -# upgrade Node.js to v8 -# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs -pushd /opt -curl -sL https://deb.nodesource.com/setup_8.x | sudo bash - -sudo apt-get -y install nodejs -popd +# Download Mastodon +mv "$final_path/live" "$final_path/live_back" +ynh_setup_source "$final_path/live" +if [ -z $final_path/live_back/public/system ]; then + rsync -a "$final_path/live_back/public/system" "$final_path/live_back/public/." +fi +rsync -a "$final_path/live_back/.env.production" "$final_path/live/." +rm -Rf "$final_path/live_back" -# add additional package for upgrade -ynh_package_install pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev postgresql-server-dev-all +# Clean files which are not needed anymore +ynh_secure_remove $final_path/live/config/initializers/timeout.rb #================================================= -# STANDARD UPGRADE STEPS +# NGINX CONFIGURATION #================================================= +ynh_print_info "Upgrading nginx web server configuration..." -# Change owner of live folder -chown -R $app: $final_path/live +ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/nginx.conf" +ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/nginx.conf" +ynh_add_nginx_config -# Stop Mastodon Services -#yunohost service stop "$app-web" -#yunohost service stop "$app-sidekiq" -#yunohost service stop "$app-streaming" +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_print_info "Upgrading dependencies..." -# Download Mastodon -ynh_setup_source "$final_path/live" "app-mastodon" +# Install extra_repo debian package backports & yarn +if [ "$(lsb_release --codename --short)" == "jessie" ]; then + ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append +fi +ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append -# Clean un-need Files -ynh_secure_remove $final_path/live/config/initializers/timeout.rb +# Install nodejs +ynh_install_nodejs 8 + +# TODO: use the same mecanism with other files +ynh_install_app_dependencies $pkg_dependencies #================================================= -# NGINX CONFIGURATION +# CREATE DEDICATED USER #================================================= +ynh_print_info "Making sure dedicated system user exists..." -# TODO: use official helper ynh_add_nginx_config -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@__PATH__@$app@g" ../conf/nginx.conf* -sed -i "s@__FINALPATH__@$final_path@g" ../conf/nginx.conf* -cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf +# Create a dedicated user (if not existing) +ynh_system_user_create $app -# Upgrade rbenv and ruby plugins -ynh_setup_source "$final_path/.rbenv" "app-rbenv" -ynh_setup_source "$final_path/.rbenv/plugins/ruby-build" "app-ruby-build" +#================================================= +# SPECIFIC UPGRADE +#================================================= +# INSTALLING RUBY AND BUNDLER +#================================================= -# Install ruby 2.5.1 -( - exec_as "$app" $final_path/.rbenv/bin/rbenv install -s 2.5.1 || true - exec_as "$app" $final_path/.rbenv/bin/rbenv global 2.5.1 || true - exec_as "$app" $final_path/.rbenv/versions/2.5.1/bin/ruby -v -) +ynh_install_ruby --ruby_version=2.6.0 +/opt/rbenv/versions/2.6.0/bin/gem update --system +#/opt/rbenv/versions/2.6.0/bin/gem install bundler -# Create symlink for ruby -rm /usr/bin/ruby || true -ln -s $final_path/.rbenv/versions/2.5.1/bin/ruby /usr/bin/ruby || true +#================================================= +# MODIFY A CONFIG FILE +#================================================= -# Preconfig CSS & JS -# Install Mastodon -( -sudo su - $app <<MCOMMANDS -pushd ~/live -$final_path/.rbenv/versions/2.5.1/bin/gem install bundler -if [ "$(lsb_release --codename --short)" == "jessie" ]; then - $final_path/.rbenv/versions/2.5.1/bin/bundle install --deployment --without development test -else - $final_path/.rbenv/versions/2.5.1/bin/bundle install --deployment --force --without development test -fi -yarn install --pure-lockfile -MCOMMANDS -) +cp -f ../conf/.env.production.sample "$final_path/live/.env.production" +ynh_replace_string "__DB_USER__" "$app" "$final_path/live/.env.production" +ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/live/.env.production" +ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/live/.env.production" +ynh_replace_string "__DOMAIN__" "$domain" "$final_path/live/.env.production" +ynh_replace_string "__SMTP_FROM_ADDRESS__" "$admin_mail" "${final_path}/live/.env.production" -# Install package with yarn and restart postgresql -pushd $final_path/live -yarn install --pure-lockfile -systemctl restart postgresql -popd +language="$(echo $language | head -c 2)" +ynh_replace_string "__LANGUAGE__" "$language" "$final_path/live/.env.production" + +ynh_replace_string "PAPERCLIP_SECRET=" "PAPERCLIP_SECRET=$paperclip_secret" "${final_path}/live/.env.production" + +ynh_replace_string "__SECRET_KEY_BASE__" "$secret_key_base" "$final_path/live/.env.production" -# Apply Mastodon upgrade -( -pushd $final_path/live -RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails assets:clean -RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails assets:precompile +ynh_replace_string "__OTP_SECRET__" "$otp_secret" "$final_path/live/.env.production" + +#================================================= +# UPGRADE MASTODON +#================================================= +ynh_print_info "Upgrading Mastodon..." + +chown -R "$app": "$final_path" + +pushd "$final_path/live" + ynh_use_nodejs + if [ "$(lsb_release --codename --short)" == "jessie" ]; then + sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install --deployment --without development test + else + sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install --deployment --force --without development test + fi + sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:clean + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails db:migrate popd -sudo su - $app <<COMMANDS -pushd ~/live -SKIP_POST_DEPLOYMENT_MIGRATIONS=true RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails db:migrate -COMMANDS -) +# If vapid_private_key doesn't exist, retrieve it or create it +if [[ -z "$vapid_private_key" ]]; then + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt + vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K\w+" "$final_path/live/key.txt") + vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K\w+" "$final_path/live/key.txt") + ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key" + ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key" + ynh_secure_remove "$final_path/live/key.txt" +fi + +# Recalculate and store the checksum of the file for the next upgrade. +ynh_store_file_checksum "${final_path}/live/.env.production" + #================================================= -# RESTART MASTODON +# SETUP CRON JOB FOR REMOVING CACHE #================================================= +ynh_print_info "Setuping a cron job for removing cache..." -yunohost service stop "$app-web" -yunohost service stop "$app-sidekiq" -yunohost service stop "$app-streaming" -yunohost service start "$app-web" -yunohost service start "$app-sidekiq" -yunohost service start "$app-streaming" +ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron +ynh_replace_string "__USER__" "$app" ../conf/cron +sudo cp -f ../conf/cron /etc/cron.d/$app -# Waiting start all services -sleep 30 #================================================= -# DB:Migrate after restart 2.5.0 +# SETUP SYSTEMD #================================================= +ynh_print_info "Upgrading systemd configuration..." -sudo su - $app <<COMMANDS -pushd ~/live -RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails db:migrate -COMMANDS +# Create a dedicated systemd config +ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/mastodon-web.service" +ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/mastodon-streaming.service" +ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/mastodon-streaming.service" +ynh_add_systemd_config "$app-web" "mastodon-web.service" +ynh_add_systemd_config "$app-sidekiq" "mastodon-sidekiq.service" +ynh_add_systemd_config "$app-streaming" "mastodon-streaming.service" #================================================= -# RELOAD NGINX +# START MASTODON SERVICES #================================================= +ynh_print_info "Starting Mastodon services..." -systemctl reload nginx +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Set permissions on app files +chown -R $app: $final_path #================================================= # SETUP SSOWAT #================================================= +ynh_print_info "Upgrading SSOwat configuration..." -ynh_app_setting_set "$app" unprotected_uris "/" +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway + ynh_app_setting_set $app unprotected_uris "/" +fi + +#================================================= +# RELOAD NGINX +#================================================= +ynh_print_info "Reloading nginx web server..." + +systemctl reload nginx #================================================= -# RELOAD ssowatconf +# END OF SCRIPT #================================================= -sudo yunohost app ssowatconf +ynh_print_info "Upgrade of $app completed" diff --git a/scripts/ynh_add_secure_repos__3 b/scripts/ynh_add_secure_repos__3 new file mode 100644 index 0000000..3276f00 --- /dev/null +++ b/scripts/ynh_add_secure_repos__3 @@ -0,0 +1,294 @@ +#!/bin/bash + +# Pin a repository. +# +# usage: ynh_pin_repo --package=packages --pin=pin_filter [--priority=priority_value] [--name=name] [--append] +# | arg: -p, --package - Packages concerned by the pin. Or all, *. +# | arg: -i, --pin - Filter for the pin. +# | arg: -p, --priority - Priority for the pin +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +# +# See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html for information about pinning. +# +ynh_pin_repo () { + # Declare an array to define the options of this helper. + local legacy_args=pirna + declare -Ar args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append ) + local package + local pin + local priority + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + package="${package:-*}" + priority=${priority:-50} + name="${name:-$app}" + append=${append:-0} + + if [ $append -eq 1 ] + then + append="tee -a" + else + append="tee" + fi + + mkdir -p "/etc/apt/preferences.d" + echo "Package: $package +Pin: $pin +Pin-Priority: $priority" \ + | $append "/etc/apt/preferences.d/$name" +} + +# Add a repository. +# +# usage: ynh_add_repo --uri=uri --suite=suite --component=component [--name=name] [--append] +# | arg: -u, --uri - Uri of the repository. +# | arg: -s, --suite - Suite of the repository. +# | arg: -c, --component - Component of the repository. +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +# +# Example for a repo like deb http://forge.yunohost.org/debian/ stretch stable +# uri suite component +# ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable +# +ynh_add_repo () { + # Declare an array to define the options of this helper. + local legacy_args=uscna + declare -Ar args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append ) + local uri + local suite + local component + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + append=${append:-0} + + if [ $append -eq 1 ] + then + append="tee -a" + else + append="tee" + fi + + mkdir -p "/etc/apt/sources.list.d" + # Add the new repo in sources.list.d + echo "deb $uri $suite $component" \ + | $append "/etc/apt/sources.list.d/$name.list" +} + +# Add an extra repository correctly, pin it and get the key. +# +# usage: ynh_install_extra_repo --repo="repo" [--key=key_url] [--priority=priority_value] [--name=name] [--append] +# | arg: -r, --repo - Complete url of the extra repository. +# | arg: -k, --key - url to get the public key. +# | arg: -p, --priority - Priority for the pin +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +ynh_install_extra_repo () { + # Declare an array to define the options of this helper. + local legacy_args=rkpna + declare -Ar args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append ) + local repo + local key + local priority + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + append=${append:-0} + key=${key:-0} + priority=${priority:-} + + if [ $append -eq 1 ] + then + append="--append" + wget_append="tee -a" + else + append="" + wget_append="tee" + fi + + # Split the repository into uri, suite and components. + # Remove "deb " at the beginning of the repo. + repo="${repo#deb }" + + # Get the uri + local uri="$(echo "$repo" | awk '{ print $1 }')" + + # Get the suite + local suite="$(echo "$repo" | awk '{ print $2 }')" + + # Get the components + local component="${repo##$uri $suite }" + + # Add the repository into sources.list.d + ynh_add_repo --uri="$uri" --suite="$suite" --component="$component" --name="$name" $append + + # Pin the new repo with the default priority, so it won't be used for upgrades. + # Build $pin from the uri without http and any sub path + local pin="${uri#*://}" + pin="${pin%%/*}" + # Set a priority only if asked + if [ -n "$priority" ] + then + priority="--priority=$priority" + fi + ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append + + # Get the public key for the repo + if [ -n "$key" ] + then + mkdir -p "/etc/apt/trusted.gpg.d" + wget -q "$key" -O - | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null + fi + + # Update the list of package with the new repo + ynh_package_update +} + +# Remove an extra repository and the assiociated configuration. +# +# usage: ynh_remove_extra_repo [--name=name] +# | arg: -n, --name - Name for the files for this repo, $app as default value. +ynh_remove_extra_repo () { + # Declare an array to define the options of this helper. + local legacy_args=n + declare -Ar args_array=( [n]=name= ) + local name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + + ynh_secure_remove "/etc/apt/sources.list.d/$name.list" + ynh_secure_remove "/etc/apt/preferences.d/$name" + ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.gpg" + ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.asc" + + # Update the list of package to exclude the old repo + ynh_package_update +} + +# Install packages from an extra repository properly. +# +# usage: ynh_install_extra_app_dependencies --repo="repo" --package="dep1 dep2" [--key=key_url] [--name=name] +# | arg: -r, --repo - Complete url of the extra repository. +# | arg: -p, --package - The packages to install from this extra repository +# | arg: -k, --key - url to get the public key. +# | arg: -n, --name - Name for the files for this repo, $app as default value. +ynh_install_extra_app_dependencies () { + # Declare an array to define the options of this helper. + local legacy_args=rpkn + declare -Ar args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= ) + local repo + local package + local key + local name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + key=${key:-0} + + # Set a key only if asked + if [ -n "$key" ] + then + key="--key=$key" + fi + # Add an extra repository for those packages + ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name + + # Install requested dependencies from this extra repository. + ynh_add_app_dependencies --package="$package" + + # Remove this extra repository after packages are installed + ynh_remove_extra_repo --name=$app +} + +#================================================= + +# patched version of ynh_install_app_dependencies to be used with ynh_add_app_dependencies + +# Define and install dependencies with a equivs control file +# This helper can/should only be called once per app +# +# usage: ynh_install_app_dependencies dep [dep [...]] +# | arg: dep - the package name to install in dependence +# You can give a choice between some package with this syntax : "dep1|dep2" +# Example : ynh_install_app_dependencies dep1 dep2 "dep3|dep4|dep5" +# This mean in the dependence tree : dep1 & dep2 & (dep3 | dep4 | dep5) +# +# Requires YunoHost version 2.6.4 or higher. +ynh_install_app_dependencies () { + local dependencies=$@ + dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')" + dependencies=${dependencies//|/ | } + local manifest_path="../manifest.json" + if [ ! -e "$manifest_path" ]; then + manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place + fi + + local version=$(grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file. + if [ ${#version} -eq 0 ]; then + version="1.0" + fi + local dep_app=${app//_/-} # Replace all '_' by '-' + + # Handle specific versions + if [[ "$dependencies" =~ [\<=\>] ]] + then + # Replace version specifications by relationships syntax + # https://www.debian.org/doc/debian-policy/ch-relationships.html + # Sed clarification + # [^(\<=\>] ignore if it begins by ( or < = >. To not apply twice. + # [\<=\>] matches < = or > + # \+ matches one or more occurence of the previous characters, for >= or >>. + # [^,]\+ matches all characters except ',' + # Ex: package>=1.0 will be replaced by package (>= 1.0) + dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')" + fi + + cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build +Section: misc +Priority: optional +Package: ${dep_app}-ynh-deps +Version: ${version} +Depends: ${dependencies} +Architecture: all +Description: Fake package for $app (YunoHost app) dependencies + This meta-package is only responsible of installing its dependencies. +EOF + ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \ + || ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies + rm /tmp/${dep_app}-ynh-deps.control + ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies" +} + +ynh_add_app_dependencies () { + # Declare an array to define the options of this helper. + local legacy_args=pr + declare -Ar args_array=( [p]=package= [r]=replace) + local package + local replace + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + replace=${replace:-0} + + local current_dependencies="" + if [ $replace -eq 0 ] + then + local dep_app=${app//_/-} # Replace all '_' by '-' + if ynh_package_is_installed --package="${dep_app}-ynh-deps" + then + current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) " + fi + + current_dependencies=${current_dependencies// | /|} + fi + + ynh_install_app_dependencies "${current_dependencies}${package}" +} diff --git a/scripts/ynh_install_ruby b/scripts/ynh_install_ruby new file mode 100644 index 0000000..9e53c06 --- /dev/null +++ b/scripts/ynh_install_ruby @@ -0,0 +1,140 @@ +#!/bin/bash + +# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args + +rbenv_install_dir="/opt/rbenv" +# RBENV_ROOT is the directory of rbenv, it needs to be loaded as a environment variable. +export RBENV_ROOT="$rbenv_install_dir" + +# Install ruby version management +# +# [internal] +# +# usage: ynh_install_rbenv +ynh_install_rbenv () { + echo "Installation of rbenv - ruby version management" >&2 + # Build an app.src for rbenv + mkdir -p "../conf" + echo "SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.1.tar.gz +SOURCE_SUM=41f1a60714c55eceb21d692a469aee1ec4f46bba351d0dfcb0c660ff9cf1a1c9" > "../conf/rbenv.src" + # Download and extract rbenv + ynh_setup_source "$rbenv_install_dir" rbenv + + # Build an app.src for ruby-build + mkdir -p "../conf" + echo "SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20190314.tar.gz +SOURCE_SUM=2cc0f9fdb232042e71edad93a5c3ae108bcd090ea0b6db4e5bb6325547e07968" > "../conf/ruby-build.src" + # Download and extract ruby-build + ynh_setup_source "$rbenv_install_dir/plugins/ruby-build" ruby-build + + (cd $rbenv_install_dir + ./src/configure && make -C src) + +# Create shims directory if needed +if [ ! -d $rbenv_install_dir/shims ] ; then + mkdir $rbenv_install_dir/shims +fi +} + +# Install a specific version of ruby +# +# ynh_install_ruby will install the version of ruby provided as argument by using rbenv. +# +# rbenv (ruby version management) stores the target ruby version in a .ruby_version file created in the target folder (using rbenv local <version>) +# It then uses that information for every ruby user that uses rbenv provided ruby command +# +# This helper creates a /etc/profile.d/rbenv.sh that configures PATH environment for rbenv +# for every LOGIN user, hence your user must have a defined shell (as opposed to /usr/sbin/nologin) +# +# Don't forget to execute ruby-dependent command in a login environment +# (e.g. sudo --login option) +# When not possible (e.g. in systemd service definition), please use direct path +# to rbenv shims (e.g. $RBENV_ROOT/shims/bundle) +# +# usage: ynh_install_ruby ruby_version user +# | arg: -v, --ruby_version= - Version of ruby to install. +# If possible, prefer to use major version number (e.g. 8 instead of 8.10.0). +# The crontab will handle the update of minor versions when needed. +ynh_install_ruby () { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [v]=ruby_version= ) + # Use rbenv, https://github.com/rbenv/rbenv to manage the ruby versions + local ruby_version + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + # Create $rbenv_install_dir + mkdir -p "$rbenv_install_dir/plugins/ruby-build" + + # Load rbenv path in PATH + CLEAR_PATH="$rbenv_install_dir/bin:$PATH" + + # Remove /usr/local/bin in PATH in case of ruby prior installation + PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@') + + # Move an existing ruby binary, to avoid to block rbenv + test -x /usr/bin/ruby && mv /usr/bin/ruby /usr/bin/ruby_rbenv + + # If rbenv is not previously setup, install it + if ! type rbenv > /dev/null 2>&1 + then + ynh_install_rbenv + fi + + # Restore /usr/local/bin in PATH (if needed) + PATH=$CLEAR_PATH + + # And replace the old ruby binary + test -x /usr/bin/ruby_rbenv && mv /usr/bin/ruby_rbenv /usr/bin/ruby + + # Install the requested version of ruby + CONFIGURE_OPTS="--disable-install-doc" MAKE_OPTS="-j2" rbenv install --skip-existing $ruby_version + + # Store the ID of this app and the version of ruby requested for it + echo "$YNH_APP_ID:$ruby_version" | tee --append "$rbenv_install_dir/ynh_app_version" + + # Store ruby_version into the config of this app + ynh_app_setting_set $app ruby_version $ruby_version + + # Set environment for ruby users + echo "#rbenv +export RBENV_ROOT=$rbenv_install_dir +export PATH=\"$rbenv_install_dir/bin:$PATH\" +eval \"\$(rbenv init -)\" +#rbenv" > /etc/profile.d/rbenv.sh + + # Load the right environment for the Installation + eval "$(rbenv init -)" + + (cd $final_path + rbenv local $ruby_version) +} + +# Remove the version of ruby used by the app. +# +# This helper will check if another app uses the same version of ruby, +# if not, this version of ruby will be removed. +# If no other app uses ruby, rbenv will be also removed. +# +# usage: ynh_remove_ruby +ynh_remove_ruby () { + ruby_version=$(ynh_app_setting_get $app ruby_version) + + # Remove the line for this app + sed --in-place "/$YNH_APP_ID:$ruby_version/d" "$rbenv_install_dir/ynh_app_version" + + # If no other app uses this version of ruby, remove it. + if ! grep --quiet "$ruby_version" "$rbenv_install_dir/ynh_app_version" + then + $rbenv_install_dir/bin/rbenv uninstall --force $ruby_version + fi + + # Remove rbenv environment configuration + rm /etc/profile.d/rbenv.sh + + # If no other app uses rbenv, remove rbenv and dedicated group + if [ ! -s "$rbenv_install_dir/ynh_app_version" ] + then + ynh_secure_remove "$rbenv_install_dir" + fi +} diff --git a/scripts/ynh_systemd_action b/scripts/ynh_systemd_action new file mode 100644 index 0000000..6bed6be --- /dev/null +++ b/scripts/ynh_systemd_action @@ -0,0 +1,89 @@ +#!/bin/bash + +# Start (or other actions) a service, print a log in case of failure and optionnaly wait until the service is completely started +# +# usage: ynh_systemd_action [-n service_name] [-a action] [ [-l "line to match"] [-p log_path] [-t timeout] [-e length] ] +# | arg: -n, --service_name= - Name of the service to reload. Default : $app +# | arg: -a, --action= - Action to perform with systemctl. Default: start +# | arg: -l, --line_match= - Line to match - The line to find in the log to attest the service have finished to boot. +# If not defined it don't wait until the service is completely started. +# | arg: -p, --log_path= - Log file - Path to the log file. Default : /var/log/$app/$app.log +# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Default : 300 seconds. +# | arg: -e, --length= - Length of the error log : Default : 20 +ynh_systemd_action() { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= ) + local service_name + local action + local line_match + local length + local log_path + local timeout + + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + local service_name="${service_name:-$app}" + local action=${action:-start} + local log_path="${log_path:-/var/log/$service_name/$service_name.log}" + local length=${length:-20} + local timeout=${timeout:-300} + + # Start to read the log + if [[ -n "${line_match:-}" ]] + then + local templog="$(mktemp)" + # Following the starting of the app in its log + if [ "$log_path" == "systemd" ] ; then + # Read the systemd journal + journalctl -u $service_name -f --since=-45 > "$templog" & + else + # Read the specified log file + tail -F -n0 "$log_path" > "$templog" & + fi + # Get the PID of the tail command + local pid_tail=$! + fi + + echo "${action^} the service $service_name" >&2 + systemctl $action $service_name \ + || ( journalctl --lines=$length -u $service_name >&2 \ + ; test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 \ + ; false ) + + # Start the timeout and try to find line_match + if [[ -n "${line_match:-}" ]] + then + local i=0 + for i in $(seq 1 $timeout) + do + # Read the log until the sentence is found, that means the app finished to start. Or run until the timeout + if grep --quiet "$line_match" "$templog" + then + echo "The service $service_name has correctly started." >&2 + break + fi + echo -n "." >&2 + sleep 1 + done + if [ $i -eq $timeout ] + then + echo "The service $service_name didn't fully started before the timeout." >&2 + journalctl --lines=$length -u $service_name >&2 + test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 + fi + + echo "" + ynh_clean_check_starting + fi +} + +# Clean temporary process and file used by ynh_check_starting +# (usually used in ynh_clean_setup scripts) +# +# usage: ynh_clean_check_starting +ynh_clean_check_starting () { + # Stop the execution of tail. + kill -s 15 $pid_tail 2>&1 + ynh_secure_remove "$templog" 2>&1 +} |