diff options
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/_common.sh | 179 | ||||
| -rw-r--r-- | scripts/_future.sh | 127 | ||||
| -rw-r--r-- | scripts/backup | 62 | ||||
| -rw-r--r-- | scripts/change_url | 133 | ||||
| -rw-r--r-- | scripts/install | 276 | ||||
| -rw-r--r-- | scripts/remove | 86 | ||||
| -rw-r--r-- | scripts/restore | 89 | ||||
| -rw-r--r-- | scripts/upgrade | 297 | ||||
| -rw-r--r-- | scripts/ynh_add_secure_repos__3 | 294 | ||||
| -rw-r--r-- | scripts/ynh_install_ruby | 140 | ||||
| -rw-r--r-- | scripts/ynh_systemd_action | 89 |
11 files changed, 1127 insertions, 645 deletions
diff --git a/scripts/_common.sh b/scripts/_common.sh index 7def11e..79dc04c 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,177 +1,24 @@ #!/bin/bash - -# Execute a command as another user -# usage: exec_as USER COMMAND [ARG ...] -exec_as() { - local user=$1 - shift 1 - - if [[ $user = $(whoami) ]]; then - eval "$@" - else - sudo --login --user="$user" "$@" - fi -} - #================================================= -# -# POSTGRES HELPERS -# -# Point of contact : Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr> +# COMMON VARIABLES #================================================= -# Create a master password and set up global settings -# Please always call this script in install and restore scripts -# -# usage: ynh_psql_test_if_first_run - -ynh_psql_test_if_first_run() { - if [ -f /etc/yunohost/psql ]; - then - echo "PostgreSQL is already installed, no need to create master password" - else - pgsql=$(ynh_string_random) - pg_hba="" - echo "$pgsql" >> /etc/yunohost/psql - - if [ -e /etc/postgresql/9.4/ ] - then - pg_hba=/etc/postgresql/9.4/main/pg_hba.conf - elif [ -e /etc/postgresql/9.6/ ] - then - pg_hba=/etc/postgresql/9.6/main/pg_hba.conf - else - ynh_die "postgresql shoud be 9.4 or 9.6" - fi - - systemctl start postgresql - sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres - - # force all user to connect to local database using passwords - # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF - # Note: we can't use peer since YunoHost create users with nologin - # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user - sed -i '/local\s*all\s*all\s*peer/i \ - local all all password' "$pg_hba" - systemctl enable postgresql - systemctl reload postgresql - fi -} - -# Open a connection as a user -# -# example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;" -# example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql -# -# usage: ynh_psql_connect_as user pwd [db] -# | arg: user - the user name to connect as -# | arg: pwd - the user password -# | arg: db - the database to connect to -ynh_psql_connect_as() { - user="$1" - pwd="$2" - db="$3" - sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db" -} - -# # Execute a command as root user -# -# usage: ynh_psql_execute_as_root sql [db] -# | arg: sql - the SQL command to execute -# | arg: db - the database to connect to -ynh_psql_execute_as_root () { - sql="$1" - sudo --login --user=postgres psql <<< "$sql" -} - -# Execute a command from a file as root user -# -# usage: ynh_psql_execute_file_as_root file [db] -# | arg: file - the file containing SQL commands -# | arg: db - the database to connect to -ynh_psql_execute_file_as_root() { - file="$1" - db="$2" - sudo --login --user=postgres psql "$db" < "$file" -} - -# Create a database, an user and its password. Then store the password in the app's config -# -# After executing this helper, the password of the created database will be available in $db_pwd -# It will also be stored as "psqlpwd" into the app settings. -# -# usage: ynh_psql_setup_db user name [pwd] -# | arg: user - Owner of the database -# | arg: name - Name of the database -# | arg: pwd - Password of the database. If not given, a password will be generated -ynh_psql_setup_db () { - db_user="$1" - db_name="$2" - new_db_pwd=$(ynh_string_random) # Generate a random password - # If $3 is not given, use new_db_pwd instead for db_pwd. - db_pwd="${3:-$new_db_pwd}" - ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database - ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config -} - -# Create a database and grant privilegies to a user -# -# usage: ynh_psql_create_db db [user [pwd]] -# | arg: db - the database name to create -# | arg: user - the user to grant privilegies -# | arg: pwd - the user password -ynh_psql_create_db() { - db="$1" - user="$2" - pwd="$3" - ynh_psql_create_user "$user" "$pwd" - sudo --login --user=postgres createdb --owner="$user" "$db" -} - -# Drop a database -# -# usage: ynh_psql_drop_db db -# | arg: db - the database name to drop -# | arg: user - the user to drop -ynh_psql_remove_db() { - db="$1" - user="$2" - sudo --login --user=postgres dropdb "$db" - ynh_psql_drop_user "$user" -} - -# Dump a database -# -# example: ynh_psql_dump_db 'roundcube' > ./dump.sql -# -# usage: ynh_psql_dump_db db -# | arg: db - the database name to dump -# | ret: the psqldump output -ynh_psql_dump_db() { - db="$1" - sudo --login --user=postgres pg_dump "$db" -} +# dependencies used by the app +#pkg_dependencies="imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm5 libgdbm-dev nginx redis-server redis-tools postgresql postgresql-contrib certbot yarn libidn11-dev libicu-dev libjemalloc-dev" +pkg_dependencies="imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev redis-server redis-tools postgresql autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev ffmpeg yarn" +#================================================= +# PERSONAL HELPERS +#================================================= -# Create a user -# -# usage: ynh_psql_create_user user pwd [host] -# | arg: user - the user name to create -ynh_psql_create_user() { - user="$1" - pwd="$2" - sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd'" postgres -} +#================================================= +# EXPERIMENTAL HELPERS +#================================================= -# Drop a user -# -# usage: ynh_psql_drop_user user -# | arg: user - the user name to drop -ynh_psql_drop_user() { - user="$1" - sudo --login --user=postgres dropuser "$user" -} +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= # Send an email to inform the administrator # diff --git a/scripts/_future.sh b/scripts/_future.sh deleted file mode 100644 index 82f255c..0000000 --- a/scripts/_future.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash - -# needed to have "service_name" as an option -# https://github.com/YunoHost/yunohost/commit/9c4ddcca39d9d6d92bd5f9a23978337e48d0a4e1 -ynh_add_systemd_config () { - local service_name="${1:-$app}" - - finalsystemdconf="/etc/systemd/system/$service_name.service" - ynh_backup_if_checksum_is_different "$finalsystemdconf" - sudo cp ../conf/${2:-systemd.service} "$finalsystemdconf" - - # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. - # Substitute in a nginx config file only if the variable is not empty - if test -n "${final_path:-}"; then - ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf" - fi - if test -n "${app:-}"; then - ynh_replace_string "__APP__" "$app" "$finalsystemdconf" - fi - ynh_store_file_checksum "$finalsystemdconf" - - sudo chown root: "$finalsystemdconf" - sudo systemctl enable $service_name - sudo systemctl daemon-reload -} - -# needed to have "service_name" as an option -# https://github.com/YunoHost/yunohost/commit/9c4ddcca39d9d6d92bd5f9a23978337e48d0a4e1 -ynh_remove_systemd_config () { - local service_name="${1:-$app}" - - local finalsystemdconf="/etc/systemd/system/$service_name.service" - if [ -e "$finalsystemdconf" ]; then - sudo systemctl stop $service_name - sudo systemctl disable $service_name - ynh_secure_remove "$finalsystemdconf" - sudo systemctl daemon-reload - fi -} - - -# LOCAL ADDITION: -# save file locally if not in the cache -# -# Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source () { - local dest_dir=$1 - local src_id=${2:-app} # If the argument is not given, source_id equals "app" - - # Load value from configuration file (see above for a small doc about this file - # format) - local src_url=$(grep 'SOURCE_URL=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_sum=$(grep 'SOURCE_SUM=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_format=$(grep 'SOURCE_FORMAT=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - local src_filename=$(grep 'SOURCE_FILENAME=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-) - - # Default value - src_sumprg=${src_sumprg:-sha256sum} - src_in_subdir=${src_in_subdir:-true} - src_format=${src_format:-tar.gz} - src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]') - if [ "$src_filename" = "" ] ; then - src_filename="${src_id}.${src_format}" - fi - local local_src="/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}/${src_filename}" - - # if cache file exists and the checksum isn't good, download it again - # if not, just download the file - - if test -e "$local_src" - then - echo "${src_sum} ${local_src}" | ${src_sumprg} -c --status \ - || wget -nv -O $local_src $src_url - else - mkdir -p "/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}" - wget -nv -O $local_src $src_url - fi - cp $local_src $src_filename - - # Check the control sum - echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \ - || ynh_die "Corrupt source" - - # Extract source into the app dir - mkdir -p "$dest_dir" - if [ "$src_format" = "zip" ] - then - # Zip format - # Using of a temp directory, because unzip doesn't manage --strip-components - if $src_in_subdir ; then - local tmp_dir=$(mktemp -d) - unzip -quo $src_filename -d "$tmp_dir" - cp -a $tmp_dir/*/. "$dest_dir" - ynh_secure_remove "$tmp_dir" - else - unzip -quo $src_filename -d "$dest_dir" - fi - else - local strip="" - if $src_in_subdir ; then - strip="--strip-components 1" - fi - if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then - tar -xf $src_filename -C "$dest_dir" $strip - else - ynh_die "Archive format unrecognized." - fi - fi - - # Apply patches - if (( $(find $YNH_CWD/../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then - local old_dir=$(pwd) - (cd "$dest_dir" \ - && for p in $YNH_CWD/../sources/patches/${src_id}-*.patch; do \ - patch -p1 < $p; done) \ - || ynh_die "Unable to apply patches" - cd $old_dir - fi - - # Add supplementary files - if test -e "$YNH_CWD/../sources/extra_files/${src_id}"; then - cp -a $YNH_CWD/../sources/extra_files/$src_id/. "$dest_dir" - fi -} - diff --git a/scripts/backup b/scripts/backup index eeee720..58b29a7 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,94 +6,92 @@ # IMPORT GENERIC HELPERS #================================================= -if [ ! -e _common.sh ]; then - # Get the _common.sh file if it's not in the current directory - cp ../settings/scripts/_common.sh ./_common.sh - cp ../settings/scripts/_future.sh ./_future.sh - chmod a+rx _common.sh _future.sh -fi -source _common.sh +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source ../settings/scripts/ynh_systemd_action source /usr/share/yunohost/helpers -source _future.sh #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." -# Get multi-instances specific variables app=$YNH_APP_INSTANCE_NAME -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -final_path=$(ynh_app_setting_get "$app" final_path) -db_name=$(ynh_app_setting_get "$app" db_name) +final_path=$(ynh_app_setting_get $app final_path) +domain=$(ynh_app_setting_get $app domain) +db_name=$(ynh_app_setting_get $app db_name) -# Stop Mastodon Services -# Restart Mastodon -yunohost service stop "$app-web" -yunohost service stop "$app-sidekiq" -yunohost service stop "$app-streaming" +#================================================= +# STOP MASTODON SERVICES +#================================================= +ynh_print_info "Stopping Mastodon services..." +ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd #================================================= # STANDARD BACKUP STEPS #================================================= # BACKUP THE APP MAIN DIR #================================================= +ynh_print_info "Backing up the main app directory..." ynh_backup "$final_path" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= +ynh_print_info "Backing up nginx web server configuration..." ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# BACKUP THE MYSQL DATABASE +# BACKUP THE POSTGRESQL DATABASE #================================================= +ynh_print_info "Backing up the PostgreSQL database..." ynh_psql_dump_db "$db_name" > db.sql -ynh_backup "db.sql" #================================================= # SPECIFIC BACKUP #================================================= # BACKUP SYSTEMD #================================================= +ynh_print_info "Backing up systemd configuration..." ynh_backup "/etc/systemd/system/$app-web.service" ynh_backup "/etc/systemd/system/$app-sidekiq.service" ynh_backup "/etc/systemd/system/$app-streaming.service" #================================================= -# BACKUP THE CRON FILE +# BACKUP A CRON FILE #================================================= ynh_backup "/etc/cron.d/$app" #================================================= -# BACKUP THE sources.list FILES +# START MASTODON SERVICES #================================================= +ynh_print_info "Starting Mastodon services..." -ynh_backup "/etc/apt/sources.list.d/yarn.list" "apt_yarn.list" - -yunohost service start "$app-web" -yunohost service start "$app-sidekiq" -yunohost service start "$app-streaming" - -# Waiting start all services -sleep 30 +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd #================================================= -# RELOAD NGINX +# END OF SCRIPT #================================================= -systemctl reload nginx +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..525ecc9 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,133 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source ynh_systemd_action +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path="/" + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_print_info "Loading installation settings..." + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get $app final_path) + +# Add settings here as needed by your application +#db_name=$(ynh_app_setting_get "$app" db_name) +#db_pwd=$(ynh_app_setting_get $app db_pwd) +admin_mail=$(ynh_app_setting_get $app admin_mail) + +#================================================= +# CHECK THE SYNTAX OF THE PATHS +#================================================= + +test -n "$old_path" || old_path="/" +test -n "$new_path" || new_path="/" +new_path=$(ynh_normalize_url_path $new_path) +old_path=$(ynh_normalize_url_path $old_path) + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_print_info "Updating nginx web server configuration..." + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the nginx config file +if [ $change_path -eq 1 ] +then + # Make a backup of the original nginx config file if modified + ynh_backup_if_checksum_is_different "$nginx_conf_path" + # Set global variables for nginx helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated nginx config + ynh_add_nginx_config +fi + +# Change the domain for nginx +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum "$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= +# STOP MASTODON SERVICES +#================================================= +ynh_print_info "Stopping Mastodon services..." + +ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd + +#================================================= +# CHANGE CONFIGURATION +#================================================= + +ynh_replace_string "LOCAL_DOMAIN=.*" "LOCAL_DOMAIN=${domain}" "${final_path}/live/.env.production" + +#================================================= +# START MASTODON SERVICES +#================================================= +ynh_print_info "Starting Mastodon services..." + +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd + +#================================================= +# GENERIC FINALISATION +#================================================= +# RELOAD NGINX +#================================================= +ynh_print_info "Reloading nginx web server..." + +systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index 0cb4675..c05feee 100644 --- a/scripts/install +++ b/scripts/install @@ -7,46 +7,53 @@ #================================================= source _common.sh +source ynh_install_ruby +source ynh_add_secure_repos__3 +source ynh_systemd_action source /usr/share/yunohost/helpers -source _future.sh #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors - #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================ +#================================================= domain=$YNH_APP_ARG_DOMAIN -admin_mastodon=$YNH_APP_ARG_ADMIN -admin_mastodon_mail=$(ynh_user_get_info $admin_mastodon 'mail') +path_url="/" +admin=$YNH_APP_ARG_ADMIN +is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE -port_web=$(ynh_find_port 3000) -port_stream=$(ynh_find_port 4000) -path_url="/" +admin_mail=$(ynh_user_get_info $admin 'mail') app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= +ynh_print_info "Validating installation parameters..." final_path=/var/www/$app test ! -e "$final_path" || ynh_die "This path already contains a folder" -# TODO : to be factorized into a helper someday ? ;) -MEM=$(free | grep "^Mem" | awk '{print $2}') -SWAP=$(free | grep "^Swap" | awk '{print $2}') -TOTAL_MEM_AND_SWAP=$(( ( $MEM+$SWAP ) / 1024 )) # In MB +if [ "$admin" != "package_checker" ] +then + # TODO : to be factorized into a helper someday ? ;) + MEM=$(free | grep "^Mem" | awk '{print $2}') + SWAP=$(free | grep "^Swap" | awk '{print $2}') + TOTAL_MEM_AND_SWAP=$(( ( $MEM+$SWAP ) / 1024 )) # In MB -[[ $TOTAL_MEM_AND_SWAP -gt 2500 ]] || ynh_die "You need at least 2500 Mo of RAM+Swap to install Mastodon. Please consult the README to learn how to add swap." + [[ $TOTAL_MEM_AND_SWAP -gt 2500 ]] || ynh_die "You need at least 2500 Mo of RAM+Swap to install Mastodon. Please consult the README to learn how to add swap." +fi # Normalize the url path syntax path_url=$(ynh_normalize_url_path $path_url) @@ -58,24 +65,32 @@ ynh_webpath_register $app $domain $path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= +ynh_print_info "Storing installation settings..." ynh_app_setting_set $app domain $domain -ynh_app_setting_set $app admin $admin_mastodon +ynh_app_setting_set $app path $path_url +ynh_app_setting_set $app admin $admin +ynh_app_setting_set $app is_public $is_public ynh_app_setting_set $app language $language -ynh_app_setting_set $app port_web $port_web -ynh_app_setting_set $app port_stream $port_stream - #================================================= # STANDARD MODIFICATIONS #================================================= +# FIND AND OPEN A PORT +#================================================= +ynh_print_info "Configuring firewall..." +# Find a free port +port_web=$(ynh_find_port 3000) +port_stream=$(ynh_find_port 4000) +# Open this port +ynh_app_setting_set $app port_web $port_web +ynh_app_setting_set $app port_stream $port_stream #================================================= # INSTALL DEPENDENCIES #================================================= - -# TODO: add in a clean way backports and yarn +ynh_print_info "Installing dependencies..." # Import debian archive pubkey, need on ARM arch arch=$(uname -m) @@ -84,35 +99,21 @@ if [[ "$arch" = arm* ]]; then apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 fi -# Install source.list debian package backports & yarn +# Install extra_repo debian package backports & yarn if [ "$(lsb_release --codename --short)" == "jessie" ]; then - echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list + ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append fi -curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - -echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list -ynh_package_update +ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append # install nodejs ynh_install_nodejs 8 -# TODO: use the same mecanism with other files -ynh_install_app_dependencies \ - `# debian packages ` \ - imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \ - `# redis ` \ - redis-server redis-tools \ - `# postgresql ` \ - postgresql postgresql-contrib \ - `# Ruby ` \ - autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \ - `# ffmpeg from backports ` \ - ffmpeg \ - `# Yarn ` \ - yarn - +ynh_install_app_dependencies $pkg_dependencies + #================================================= -# DATABASE SETUP +# CREATE A POSTGRESQL DATABASE #================================================= +ynh_print_info "Creating a PostgreSQL database..." # Create postgresql database db_name="${app}_production" @@ -127,18 +128,17 @@ ynh_psql_execute_as_root \ #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_print_info "Setting up source files..." -# Creates the destination directory and stores its location. -ynh_app_setting_set "$app" final_path "$final_path" -# Download all sources rbenv, ruby and mastodon - -ynh_setup_source "$final_path/.rbenv" "app-rbenv" -ynh_setup_source "$final_path/.rbenv/plugins/ruby-build" "app-ruby-build" -ynh_setup_source "$final_path/live" "app-mastodon" +ynh_app_setting_set $app final_path $final_path +# Download, check integrity, uncompress and patch the source from app.src +mkdir $final_path +ynh_setup_source "$final_path/live" #================================================= # NGINX CONFIGURATION #================================================= +ynh_print_info "Configuring nginx web server..." # Create a dedicated nginx config ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/nginx.conf" @@ -148,143 +148,151 @@ ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= +ynh_print_info "Configuring system user..." # Create a system user -adduser $app --home $final_path --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password - -chown -R "$app": "$final_path" +ynh_system_user_create $app $final_path -# TODO: try to use ynh_install_ruby from https://github.com/YunoHost-Apps/Experimental_helpers -# Install de rbenv -( - cd $final_path/.rbenv - src/configure && make -C src - - echo "export PATH=\"$final_path/.rbenv/bin:$final_path/live/bin:\$PATH\" -eval \"\$(rbenv init -)\"" > $final_path/.profile - echo "export PATH=\"$final_path/.rbenv/bin:$final_path/live/bin:\$PATH\"" > $final_path/.bashrc -) - -# Install ruby-build -( - exec_as "$app" $final_path/.rbenv/bin/rbenv install 2.6.0 || true - exec_as "$app" $final_path/.rbenv/bin/rbenv global 2.6.0 || true - exec_as "$app" $final_path/.rbenv/versions/2.6.0/bin/ruby -v -) +#================================================= +# SPECIFIC SETUP +#================================================= +# INSTALLING RUBY AND BUNDLER +#================================================= -# Create symlink for ruby -rm /usr/bin/ruby || true -ln -s $final_path/.rbenv/versions/2.6.0/bin/ruby /usr/bin/ruby || true +ynh_install_ruby --ruby_version=2.6.0 +/opt/rbenv/versions/2.6.0/bin/gem update --system +#/opt/rbenv/versions/2.6.0/bin/gem install bundler --no-document -# Adjust Mastodon config +#================================================= +# MODIFY A CONFIG FILE +#================================================= -cp -a $final_path/live/.env.production.sample $final_path/live/.env.production -ynh_replace_string "REDIS_HOST=redis" "REDIS_HOST=127.0.0.1" "${final_path}/live/.env.production" -ynh_replace_string "DB_HOST=db" "DB_HOST=/var/run/postgresql" "${final_path}/live/.env.production" -ynh_replace_string "DB_USER=postgres" "DB_USER=${app}" "${final_path}/live/.env.production" -ynh_replace_string "DB_NAME=postgres" "DB_NAME=${db_name}" "${final_path}/live/.env.production" -ynh_replace_string "DB_PASS=" "DB_PASS=${db_pwd}" "${final_path}/live/.env.production" -ynh_replace_string "LOCAL_DOMAIN=example.com" "LOCAL_DOMAIN=${domain}" "${final_path}/live/.env.production" +cp -f ../conf/.env.production.sample "$final_path/live/.env.production" +ynh_replace_string "__DB_USER__" "$app" "$final_path/live/.env.production" +ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/live/.env.production" +ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/live/.env.production" +ynh_replace_string "__DOMAIN__" "$domain" "$final_path/live/.env.production" +ynh_replace_string "__SMTP_FROM_ADDRESS__" "$admin_mail" "${final_path}/live/.env.production" language="$(echo $language | head -c 2)" -ynh_replace_string "# DEFAULT_LOCALE=de" "DEFAULT_LOCALE=${language}" "${final_path}/live/.env.production" +ynh_replace_string "__LANGUAGE__" "$language" "$final_path/live/.env.production" paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) +ynh_replace_string "PAPERCLIP_SECRET=" "PAPERCLIP_SECRET=$paperclip_secret" "${final_path}/live/.env.production" +ynh_app_setting_set "$app" paperclip_secret "$paperclip_secret" + secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) +ynh_replace_string "__SECRET_KEY_BASE__" "$secret_key_base" "$final_path/live/.env.production" +ynh_app_setting_set "$app" secret_key_base "$secret_key_base" + otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) -ynh_replace_string "PAPERCLIP_SECRET=" "PAPERCLIP_SECRET=$paperclip_secret" "${final_path}/live/.env.production" -ynh_replace_string "SECRET_KEY_BASE=" "SECRET_KEY_BASE=$secret_key_base" "${final_path}/live/.env.production" -ynh_replace_string "OTP_SECRET=" "OTP_SECRET=$otp_secret" "${final_path}/live/.env.production" +ynh_replace_string "__OTP_SECRET__" "$otp_secret" "$final_path/live/.env.production" +ynh_app_setting_set "$app" otp_secret "$otp_secret" -ynh_replace_string "SMTP_LOGIN=" "#SMTP_LOGIN=" "${final_path}/live/.env.production" -ynh_replace_string "SMTP_PASSWORD=" "#SMTP_PASSWORD=" "${final_path}/live/.env.production" -ynh_replace_string "SMTP_SERVER=smtp.mailgun.org" "SMTP_SERVER=localhost" "${final_path}/live/.env.production" -ynh_replace_string "SMTP_PORT=587" "SMTP_PORT=25" "${final_path}/live/.env.production" -ynh_replace_string "SMTP_FROM_ADDRESS=notifications@example.com" "SMTP_FROM_ADDRESS=$admin_mastodon@$domain" "${final_path}/live/.env.production" -ynh_replace_string "#SMTP_AUTH_METHOD=plain" "SMTP_AUTH_METHOD=none" "${final_path}/live/.env.production" -ynh_replace_string "#SMTP_OPENSSL_VERIFY_MODE=peer" "SMTP_OPENSSL_VERIFY_MODE=none" "${final_path}/live/.env.production" +#================================================= +# INSTALLING MASTODON +#================================================= +ynh_print_info "Installing Mastodon..." -# Preconfig CSS & JS -# Install Mastodon -# Give right permission for the app chown -R "$app": "$final_path" -( - cd "$final_path/live" - su mastodon <<INSTALL - $final_path/.rbenv/versions/2.6.0/bin/gem install bundler:1.16.6 --no-ri --no-rdoc - $final_path/.rbenv/versions/2.6.0/bin/gem install bundler - $final_path/.rbenv/versions/2.6.0/bin/bundle install \ - -j$(getconf _NPROCESSORS_ONLN) \ - --deployment --without development test - yarn install --pure-lockfile - echo "SAFETY_ASSURED=1">> .env.production - RAILS_ENV=production $final_path/.rbenv/versions/2.6.0/bin/bundle exec rails db:migrate --quiet - RAILS_ENV=production $final_path/.rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile --quiet -INSTALL -) +pushd "$final_path/live" + ynh_use_nodejs + sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test + sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile + sudo -u "$app" echo "SAFETY_ASSURED=1">> .env.production + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails db:migrate --quiet + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile --quiet + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt + sudo -u "$app" env PATH=$PATH RAILS_ENV=production bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=admin > acc.txt +popd + +admin_pass=$( tail -1 $final_path/live/acc.txt | head -1 | cut -c 15- ) +ynh_secure_remove "$final_path/live/acc.txt" + +vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K\w+" "$final_path/live/key.txt") +vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K\w+" "$final_path/live/key.txt") + +ynh_replace_string "__VAPID_PRIVATE_KEY__" "$vapid_private_key" "${final_path}/live/.env.production" +ynh_replace_string "__VAPID_PUBLIC_KEY__" "$vapid_public_key" "${final_path}/live/.env.production" + +ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key" +ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key" + +ynh_secure_remove "$final_path/live/key.txt" + +#================================================= +# SETUP CRON JOB FOR REMOVING CACHE +#================================================= +ynh_print_info "Setuping a cron job for rem0ving cache..." + +ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron +ynh_replace_string "__USER__" "$app" ../conf/cron +sudo cp -f ../conf/cron /etc/cron.d/$app #================================================= # SETUP SYSTEMD #================================================= +ynh_print_info "Configuring a systemd service..." # Create a dedicated systemd config ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/mastodon-web.service" ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/mastodon-streaming.service" +ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/mastodon-streaming.service" ynh_add_systemd_config "$app-web" "mastodon-web.service" ynh_add_systemd_config "$app-sidekiq" "mastodon-sidekiq.service" ynh_add_systemd_config "$app-streaming" "mastodon-streaming.service" -systemctl start "$app-web.service" "$app-sidekiq.service" "$app-streaming.service" +#================================================= +# START MASTODON SERVICES +#================================================= +ynh_print_info "Starting Mastodon services..." + +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd + +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= -# Create user -( - cd "$final_path/live" - su mastodon <<SETADMIN -( RAILS_ENV=production bin/tootctl accounts create '$admin_mastodon' --email='$admin_mastodon_mail' > acc.txt ) -RAILS_ENV=production bin/tootctl accounts modify $admin_mastodon --confirm -RAILS_ENV=production bin/tootctl accounts modify $admin_mastodon --role admin -SETADMIN -) -admin_pass=$( cd $final_path/live && tail -1 acc.txt | head -1 | cut -c 15- ) +# Calculate and store the config file checksum into the app settings +ynh_store_file_checksum "${final_path}/live/.env.production" -(cd $final_path/live && rm -f acc.txt) #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= -# TODO:Set permissions to app files +# Set permissions to app files chown -R "$app": "$final_path" #================================================= # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -# Add service YunoHost yunohost service add "$app-web" yunohost service add "$app-sidekiq" yunohost service add "$app-streaming" -# SETUP CRON JOB FOR REMOVING CACHE -ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron -ynh_replace_string "__USER__" "$app" ../conf/cron -sudo cp -f ../conf/cron /etc/cron.d/$app - #================================================= # SETUP SSOWAT #================================================= +ynh_print_info "Configuring SSOwat..." -# TODO: all private install -# Unprotected url -ynh_app_setting_set "$app" unprotected_uris "/" +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set $app unprotected_uris "/" +fi #================================================= # RELOAD NGINX #================================================= +ynh_print_info "Reloading nginx web server..." -# Reload Nginx systemctl reload nginx #================================================= @@ -293,8 +301,14 @@ systemctl reload nginx message="Mastodon was successfully installed :) Please open 'https://$domain$path_url' -The admin username is: $admin_mastodon_mail +The admin email is: $admin_mail The admin password is: $admin_pass If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/mastodon_ynh" -ynh_send_readme_to_admin "$message" "$admin_mastodon" +ynh_send_readme_to_admin "$message" "$admin" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index 6d6679b..303ccf7 100644 --- a/scripts/remove +++ b/scripts/remove @@ -6,72 +6,83 @@ # IMPORT GENERIC HELPERS #================================================= -source _common.sh # Loads the generic functions usually used in the script -# Source app helpers +source _common.sh +source ynh_install_ruby +source ynh_add_secure_repos__3 source /usr/share/yunohost/helpers -source _future.sh - #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -db_name=$(ynh_app_setting_get "$app" db_name) -final_path=$(ynh_app_setting_get "$app" final_path) +domain=$(ynh_app_setting_get $app domain) +db_name=$(ynh_app_setting_get $app db_name) +final_path=$(ynh_app_setting_get $app final_path) #================================================= # STANDARD REMOVE #================================================= -# STOP AND REMOVE SERVICE -#================================================= - -ynh_remove_systemd_config "$app-web" -ynh_remove_systemd_config "$app-sidekiq" -ynh_remove_systemd_config "$app-streaming" - -#================================================= # REMOVE SERVICE FROM ADMIN PANEL -#============================================== +#================================================= -if yunohost service status | grep -q "$app-web" +# Remove a service from the admin panel, added by `yunohost service add` +if yunohost service status "$app-web" >/dev/null 2>&1 then - echo "Remove $app-web service" + ynh_print_info "Removing $app-web service" yunohost service remove "$app-web" fi -if yunohost service status | grep -q "$app-sidekiq" +if yunohost service status "$app-sidekiq" >/dev/null 2>&1 then - echo "Remove $app-sidekiq service" + ynh_print_info "Removing $app-sidekiq service" yunohost service remove "$app-sidekiq" fi -if yunohost service status | grep -q "$app-streaming" +if yunohost service status "$app-streaming" >/dev/null 2>&1 then - echo "Remove $app-streaming service" + ynh_print_info "Removing $app-streaming service" yunohost service remove "$app-streaming" fi #================================================= -# REMOVE DEPENDENCIES +# STOP AND REMOVE SERVICE #================================================= +ynh_print_info "Stopping and removing the systemd service" + +# Remove the dedicated systemd config +ynh_remove_systemd_config "$app-web" +ynh_remove_systemd_config "$app-sidekiq" +ynh_remove_systemd_config "$app-streaming" -# Remove metapackage and its dependencies -ynh_remove_app_dependencies -ynh_remove_nodejs #================================================= -# REMOVE THE PostgreSQL DATABASE +# REMOVE THE POSTGRESQL DATABASE #================================================= +ynh_print_info "Removing the PostgreSQL database" + +ynh_psql_execute_as_root "\connect $db_name +SELECT pg_terminate_backend (pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '$db_name';" # delete postgresql database & user -ynh_psql_remove_db "$db_name" "$app" +ynh_psql_remove_db --db_name="$db_name" --db_user="$app" + +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_print_info "Removing dependencies" + +# Remove metapackage and its dependencies +ynh_remove_ruby +ynh_remove_app_dependencies +ynh_remove_nodejs +ynh_remove_extra_repo #================================================= # REMOVE APP MAIN DIR #================================================= +ynh_print_info "Removing app main directory" # Remove the app directory securely ynh_secure_remove "$final_path" @@ -79,21 +90,32 @@ ynh_secure_remove "$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= +ynh_print_info "Removing nginx web server configuration" + +# Remove the dedicated nginx config ynh_remove_nginx_config #================================================= # SPECIFIC REMOVE #================================================= +# REMOVE THE CRON FILE +#================================================= # Remove a cron file ynh_secure_remove "/etc/cron.d/$app" -# Delete ruby exec -#ynh_secure_remove /usr/bin/ruby - #================================================= # GENERIC FINALIZATION #================================================= # REMOVE DEDICATED USER #================================================= +ynh_print_info "Removing the dedicated system user" + +# Delete a system user ynh_system_user_delete $app + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index 822f8fc..6e39fb5 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,38 +6,39 @@ # IMPORT GENERIC HELPERS #================================================= -if [ ! -e _common.sh ]; then - # Get the _common.sh file if it's not in the current directory - cp ../settings/scripts/_common.sh ./_common.sh - cp ../settings/scripts/_future.sh ./_future.sh - chmod a+rx _common.sh _future.sh -fi -source _common.sh +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source ../settings/scripts/ynh_install_ruby +source ../settings/scripts/ynh_add_secure_repos__3 +source ../settings/scripts/ynh_systemd_action source /usr/share/yunohost/helpers -source _future.sh #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading settings..." app=$YNH_APP_INSTANCE_NAME -# Get old parameter of the app domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) -is_public=$(ynh_app_setting_get $app is_public) -final_path=$(ynh_app_setting_get "$app" final_path) +final_path=$(ynh_app_setting_get $app final_path) +db_name=$(ynh_app_setting_get $app db_name) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= +ynh_print_info "Validating restoration parameters..." ynh_webpath_available $domain $path_url \ || ynh_die "Path not available: ${domain}${path_url}" @@ -55,14 +56,17 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= +ynh_print_info "Restoring the app main directory..." ynh_restore_file "$final_path" #================================================= # RECREATE THE DEDICATED USER #================================================= +ynh_print_info "Recreating the dedicated system user..." -adduser $app --home $final_path --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password +# Create the dedicated user (if not existing) +ynh_system_user_create $app $final_path #================================================= # RESTORE USER RIGHTS @@ -76,8 +80,7 @@ chown -R $app: $final_path #================================================= # REINSTALL DEPENDENCIES #================================================= - -# TODO: add in a clean way backports and yarn +ynh_print_info "Reinstalling dependencies..." # Import debian archive pubkey, need on ARM arch arch=$(uname -m) @@ -86,39 +89,29 @@ if [[ "$arch" = arm* ]]; then apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 fi -# Install source.list debian package backports & yarn +# Install extra_repo debian package backports & yarn if [ "$(lsb_release --codename --short)" == "jessie" ]; then - echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list + ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append fi -curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - -echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list -ynh_package_update +ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append # install nodejs ynh_install_nodejs 8 -# TODO: use the same mecanism with other files -ynh_install_app_dependencies \ - `# debian packages ` \ - imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \ - `# redis ` \ - redis-server redis-tools \ - `# postgresql ` \ - postgresql \ - `# Ruby ` \ - autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \ - `# ffmpeg from backports ` \ - ffmpeg \ - `# Yarn ` \ - yarn +ynh_install_app_dependencies $pkg_dependencies #================================================= -# RESTORE THE PostgreSQL DATABASE +# INSTALLING RUBY AND BUNDLER #================================================= -# Restore PostgreSQL database +ynh_install_ruby --ruby_version=2.6.0 +/opt/rbenv/versions/2.6.0/bin/gem update --system + +#================================================= +# RESTORE THE POSTGRESQL DATABASE +#================================================= +ynh_print_info "Restoring the PostgreSQL database..." -db_name=$(ynh_app_setting_get "$app" db_name) db_pwd=$(ynh_app_setting_get "$app" db_pwd) ynh_psql_test_if_first_run @@ -127,11 +120,10 @@ ynh_psql_execute_as_root \ "CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;" ynh_psql_execute_file_as_root ./db.sql "$db_name" - - #================================================= # RESTORE SYSTEMD #================================================= +ynh_print_info "Restoring the systemd configuration..." ynh_restore_file "/etc/systemd/system/$app-web.service" ynh_restore_file "/etc/systemd/system/$app-sidekiq.service" @@ -155,10 +147,23 @@ ynh_restore_file "/etc/cron.d/$app" #================================================= # GENERIC FINALIZATION #================================================= -# RELOAD NGINX AND services +# START MASTODON SERVICES #================================================= +ynh_print_info "Starting Mastodon services..." + +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd + +#================================================= +# RELOAD NGINX +#================================================= +ynh_print_info "Reloading nginx web server..." -systemctl restart "$app-web" "$app-sidekiq" "$app-streaming" -# Waiting start all services -sleep 30 systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index 85fb1f4..b90dddd 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,41 +7,52 @@ #================================================= source _common.sh +source ynh_install_ruby +source ynh_add_secure_repos__3 +source ynh_systemd_action source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." -# See comments in install script app=$YNH_APP_INSTANCE_NAME -db_name=$(ynh_app_setting_get "$app" db_name) -db_pwd=$(ynh_app_setting_get "$app" db_pwd) -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -path=$(ynh_app_setting_get "$app" path) -admin=$(ynh_app_setting_get "$app" admin) -language=$(ynh_app_setting_get "$app" language) -final_path=$(ynh_app_setting_get "$app" final_path) -path_url="/" +domain=$(ynh_app_setting_get $app domain) +path_url=$(ynh_app_setting_get $app path) +admin=$(ynh_app_setting_get $app admin) +is_public=$(ynh_app_setting_get $app is_public) +final_path=$(ynh_app_setting_get $app final_path) +language=$(ynh_app_setting_get $app language) +db_name=$(ynh_app_setting_get $app db_name) + +db_pwd=$(ynh_app_setting_get $app db_pwd) +admin_mail=$(ynh_user_get_info $admin 'mail') port_web=$(ynh_app_setting_get "$app" port_web) port_stream=$(ynh_app_setting_get "$app" port_stream) +paperclip_secret=$(ynh_app_setting_get "$app" paperclip_secret) +secret_key_base=$(ynh_app_setting_get "$app" secret_key_base) +otp_secret=$(ynh_app_setting_get "$app" otp_secret) +vapid_private_key=$(ynh_app_setting_get "$app" vapid_private_key) +vapid_public_key=$(ynh_app_setting_get "$app" vapid_public_key) + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= +ynh_print_info "Ensuring downward compatibility..." # If db_name doesn't exist, create it -if [ -z "$db_name" ]; then +if [ -z $db_name ]; then db_name="${app}_production" - ynh_app_setting_set "$app" db_name "$db_name" + ynh_app_setting_set $app db_name $db_name fi # If final_path doesn't exist, create it -if [ -z "$final_path" ]; then +if [ -z $final_path ]; then final_path=/var/www/$app - ynh_app_setting_set "$app" final_path "$final_path" + ynh_app_setting_set $app final_path $final_path fi # Check if admin is not null @@ -59,13 +70,42 @@ if [[ -z "$db_pwd" ]]; then ynh_replace_string "DB_PASS=" "DB_PASS=${db_pwd}" "${final_path}/live/.env.production" fi +# If paperclip_secret doesn't exist, retrieve it or create it +if [[ -z "$paperclip_secret" ]]; then + paperclip_secret=$(grep -oP "PAPERCLIP_SECRET=\K\w+" test) + if [[ -z "$paperclip_secret" ]]; then + paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) + fi + ynh_app_setting_set "$app" paperclip_secret "$paperclip_secret" +fi + +# If secret_key_base doesn't exist, retrieve it or create it +if [[ -z "$secret_key_base" ]]; then + secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" test) + if [[ -z "$secret_key_base" ]]; then + secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) + fi + ynh_app_setting_set "$app" secret_key_base "$secret_key_base" +fi + +# If otp_secret doesn't exist, retrieve it or create it +if [[ -z "$otp_secret" ]]; then + otp_secret=$(grep -oP "OTP_SECRET=\K\w+" test) + if [[ -z "$otp_secret" ]]; then + otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) + fi + ynh_app_setting_set "$app" otp_secret "$otp_secret" +fi + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= +ynh_print_info "Backing up the app before upgrading (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_clean_check_starting # restore it if the upgrade fails ynh_restore_upgradebackup } @@ -73,52 +113,31 @@ ynh_clean_setup () { ynh_abort_if_errors #================================================= -# Remove repo Files +# CHECK THE PATH #================================================= -if [ "$(lsb_release --codename --short)" == "jessie" ]; then - echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list - ynh_secure_remove /etc/apt/sources.list.d/backports.list -fi - -# Add yarn repo -echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list +# Normalize the URL path syntax +path_url=$(ynh_normalize_url_path $path_url) #================================================= -# INSTALL DEPENDENCIES +# STANDARD UPGRADE STEPS +#================================================= +# STOP MASTODON SERVICES #================================================= +ynh_print_info "Stopping Mastodon services..." -ynh_install_nodejs 8 - -# TODO: use the same mecanism with other files -ynh_install_app_dependencies \ - `# debian packages ` \ - imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \ - `# redis ` \ - redis-server redis-tools \ - `# postgresql ` \ - postgresql postgresql-contrib \ - `# Ruby ` \ - autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \ - `# ffmpeg from backports ` \ - ffmpeg \ - `# Yarn ` \ - yarn +ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd +ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd #================================================= -# STANDARD UPGRADE STEPS +# DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= - - -# Stop Mastodon Services -# Restart Mastodon -yunohost service stop "$app-web" -yunohost service stop "$app-sidekiq" -yunohost service stop "$app-streaming" +ynh_print_info "Upgrading source files..." # Download Mastodon mv "$final_path/live" "$final_path/live_back" -ynh_setup_source "$final_path/live" "app-mastodon" +ynh_setup_source "$final_path/live" if [ -z $final_path/live_back/public/system ]; then rsync -a "$final_path/live_back/public/system" "$final_path/live_back/public/." fi @@ -131,113 +150,161 @@ ynh_secure_remove $final_path/live/config/initializers/timeout.rb #================================================= # NGINX CONFIGURATION #================================================= +ynh_print_info "Upgrading nginx web server configuration..." + ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/nginx.conf" ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/nginx.conf" ynh_add_nginx_config +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_print_info "Upgrading dependencies..." -# Upgrade rbenv and ruby plugins -ynh_setup_source "$final_path/.rbenv" "app-rbenv" -ynh_setup_source "$final_path/.rbenv/plugins/ruby-build" "app-ruby-build" +# Install extra_repo debian package backports & yarn +if [ "$(lsb_release --codename --short)" == "jessie" ]; then + ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append +fi +ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append -chown -R "$app": "$final_path" +# Install nodejs +ynh_install_nodejs 8 -# Install ruby 2.6.0 -( - exec_as "$app" $final_path/.rbenv/bin/rbenv install -s 2.6.0 || true - exec_as "$app" $final_path/.rbenv/bin/rbenv global 2.6.0 || true - exec_as "$app" $final_path/.rbenv/versions/2.6.0/bin/ruby -v -) +# TODO: use the same mecanism with other files +ynh_install_app_dependencies $pkg_dependencies -# Create symlink for ruby -rm /usr/bin/ruby || true -ln -s $final_path/.rbenv/versions/2.6.0/bin/ruby /usr/bin/ruby || true +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_print_info "Making sure dedicated system user exists..." -# Preconfig CSS & JS -# Install Mastodon -( -sudo su - $app <<MCOMMANDS -pushd ~/live -$final_path/.rbenv/versions/2.6.0/bin/gem install bundler -if [ "$(lsb_release --codename --short)" == "jessie" ]; then - $final_path/.rbenv/versions/2.6.0/bin/bundle install --deployment --without development test -else - $final_path/.rbenv/versions/2.6.0/bin/bundle install --deployment --force --without development test -fi -yarn install --pure-lockfile -MCOMMANDS -) +# Create a dedicated user (if not existing) +ynh_system_user_create $app -# Install package with yarn and restart postgresql -pushd $final_path/live -yarn install --pure-lockfile -systemctl restart postgresql -popd +#================================================= +# SPECIFIC UPGRADE +#================================================= +# INSTALLING RUBY AND BUNDLER +#================================================= -# Apply Mastodon upgrade -( -pushd $final_path/live -RAILS_ENV=production $final_path/.rbenv/versions/2.6.0/bin/bundle exec rails assets:clean -RAILS_ENV=production $final_path/.rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile -popd +ynh_install_ruby --ruby_version=2.6.0 +/opt/rbenv/versions/2.6.0/bin/gem update --system +#/opt/rbenv/versions/2.6.0/bin/gem install bundler + +#================================================= +# MODIFY A CONFIG FILE +#================================================= + +cp -f ../conf/.env.production.sample "$final_path/live/.env.production" +ynh_replace_string "__DB_USER__" "$app" "$final_path/live/.env.production" +ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/live/.env.production" +ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/live/.env.production" +ynh_replace_string "__DOMAIN__" "$domain" "$final_path/live/.env.production" +ynh_replace_string "__SMTP_FROM_ADDRESS__" "$admin_mail" "${final_path}/live/.env.production" + +language="$(echo $language | head -c 2)" +ynh_replace_string "__LANGUAGE__" "$language" "$final_path/live/.env.production" + +ynh_replace_string "PAPERCLIP_SECRET=" "PAPERCLIP_SECRET=$paperclip_secret" "${final_path}/live/.env.production" + +ynh_replace_string "__SECRET_KEY_BASE__" "$secret_key_base" "$final_path/live/.env.production" -sudo su - $app <<COMMANDS -pushd ~/live -RAILS_ENV=production $final_path/.rbenv/versions/2.6.0/bin/bundle exec rails db:migrate -COMMANDS -) +ynh_replace_string "__OTP_SECRET__" "$otp_secret" "$final_path/live/.env.production" + +#================================================= +# UPGRADE MASTODON +#================================================= +ynh_print_info "Upgrading Mastodon..." -# permissions to app files chown -R "$app": "$final_path" +pushd "$final_path/live" + ynh_use_nodejs + if [ "$(lsb_release --codename --short)" == "jessie" ]; then + sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install --deployment --without development test + else + sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install --deployment --force --without development test + fi + sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:clean + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails db:migrate +popd + +# If vapid_private_key doesn't exist, retrieve it or create it +if [[ -z "$vapid_private_key" ]]; then + sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt + vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K\w+" "$final_path/live/key.txt") + vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K\w+" "$final_path/live/key.txt") + ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key" + ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key" + ynh_secure_remove "$final_path/live/key.txt" +fi + +# Recalculate and store the checksum of the file for the next upgrade. +ynh_store_file_checksum "${final_path}/live/.env.production" + +#================================================= +# SETUP CRON JOB FOR REMOVING CACHE +#================================================= +ynh_print_info "Setuping a cron job for removing cache..." + +ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron +ynh_replace_string "__USER__" "$app" ../conf/cron +sudo cp -f ../conf/cron /etc/cron.d/$app + #================================================= # SETUP SYSTEMD #================================================= +ynh_print_info "Upgrading systemd configuration..." # Create a dedicated systemd config ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/mastodon-web.service" ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/mastodon-streaming.service" +ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/mastodon-streaming.service" ynh_add_systemd_config "$app-web" "mastodon-web.service" ynh_add_systemd_config "$app-sidekiq" "mastodon-sidekiq.service" ynh_add_systemd_config "$app-streaming" "mastodon-streaming.service" #================================================= -# ADVERTISE SERVICE IN ADMIN PANEL +# START MASTODON SERVICES #================================================= +ynh_print_info "Starting Mastodon services..." -# Add service YunoHost -ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/mastodon-web.service" -ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/mastodon-streaming.service" -yunohost service add "$app-web" -yunohost service add "$app-sidekiq" -yunohost service add "$app-streaming" +ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd +ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd -yunohost service start "$app-web" -yunohost service start "$app-sidekiq" -yunohost service start "$app-streaming" +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= -# Waiting start all services -sleep 30 - -# SETUP CRON JOB FOR REMOVING CACHE -ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron -ynh_replace_string "__USER__" "$app" ../conf/cron -sudo cp -f ../conf/cron /etc/cron.d/$app +# Set permissions on app files +chown -R $app: $final_path #================================================= -# RELOAD NGINX +# SETUP SSOWAT #================================================= +ynh_print_info "Upgrading SSOwat configuration..." -systemctl reload nginx +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway + ynh_app_setting_set $app unprotected_uris "/" +fi #================================================= -# SETUP SSOWAT +# RELOAD NGINX #================================================= +ynh_print_info "Reloading nginx web server..." -ynh_app_setting_set "$app" unprotected_uris "/" +systemctl reload nginx #================================================= -# RELOAD ssowatconf +# END OF SCRIPT #================================================= -sudo yunohost app ssowatconf +ynh_print_info "Upgrade of $app completed" diff --git a/scripts/ynh_add_secure_repos__3 b/scripts/ynh_add_secure_repos__3 new file mode 100644 index 0000000..3276f00 --- /dev/null +++ b/scripts/ynh_add_secure_repos__3 @@ -0,0 +1,294 @@ +#!/bin/bash + +# Pin a repository. +# +# usage: ynh_pin_repo --package=packages --pin=pin_filter [--priority=priority_value] [--name=name] [--append] +# | arg: -p, --package - Packages concerned by the pin. Or all, *. +# | arg: -i, --pin - Filter for the pin. +# | arg: -p, --priority - Priority for the pin +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +# +# See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html for information about pinning. +# +ynh_pin_repo () { + # Declare an array to define the options of this helper. + local legacy_args=pirna + declare -Ar args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append ) + local package + local pin + local priority + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + package="${package:-*}" + priority=${priority:-50} + name="${name:-$app}" + append=${append:-0} + + if [ $append -eq 1 ] + then + append="tee -a" + else + append="tee" + fi + + mkdir -p "/etc/apt/preferences.d" + echo "Package: $package +Pin: $pin +Pin-Priority: $priority" \ + | $append "/etc/apt/preferences.d/$name" +} + +# Add a repository. +# +# usage: ynh_add_repo --uri=uri --suite=suite --component=component [--name=name] [--append] +# | arg: -u, --uri - Uri of the repository. +# | arg: -s, --suite - Suite of the repository. +# | arg: -c, --component - Component of the repository. +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +# +# Example for a repo like deb http://forge.yunohost.org/debian/ stretch stable +# uri suite component +# ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable +# +ynh_add_repo () { + # Declare an array to define the options of this helper. + local legacy_args=uscna + declare -Ar args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append ) + local uri + local suite + local component + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + append=${append:-0} + + if [ $append -eq 1 ] + then + append="tee -a" + else + append="tee" + fi + + mkdir -p "/etc/apt/sources.list.d" + # Add the new repo in sources.list.d + echo "deb $uri $suite $component" \ + | $append "/etc/apt/sources.list.d/$name.list" +} + +# Add an extra repository correctly, pin it and get the key. +# +# usage: ynh_install_extra_repo --repo="repo" [--key=key_url] [--priority=priority_value] [--name=name] [--append] +# | arg: -r, --repo - Complete url of the extra repository. +# | arg: -k, --key - url to get the public key. +# | arg: -p, --priority - Priority for the pin +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +ynh_install_extra_repo () { + # Declare an array to define the options of this helper. + local legacy_args=rkpna + declare -Ar args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append ) + local repo + local key + local priority + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + append=${append:-0} + key=${key:-0} + priority=${priority:-} + + if [ $append -eq 1 ] + then + append="--append" + wget_append="tee -a" + else + append="" + wget_append="tee" + fi + + # Split the repository into uri, suite and components. + # Remove "deb " at the beginning of the repo. + repo="${repo#deb }" + + # Get the uri + local uri="$(echo "$repo" | awk '{ print $1 }')" + + # Get the suite + local suite="$(echo "$repo" | awk '{ print $2 }')" + + # Get the components + local component="${repo##$uri $suite }" + + # Add the repository into sources.list.d + ynh_add_repo --uri="$uri" --suite="$suite" --component="$component" --name="$name" $append + + # Pin the new repo with the default priority, so it won't be used for upgrades. + # Build $pin from the uri without http and any sub path + local pin="${uri#*://}" + pin="${pin%%/*}" + # Set a priority only if asked + if [ -n "$priority" ] + then + priority="--priority=$priority" + fi + ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append + + # Get the public key for the repo + if [ -n "$key" ] + then + mkdir -p "/etc/apt/trusted.gpg.d" + wget -q "$key" -O - | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null + fi + + # Update the list of package with the new repo + ynh_package_update +} + +# Remove an extra repository and the assiociated configuration. +# +# usage: ynh_remove_extra_repo [--name=name] +# | arg: -n, --name - Name for the files for this repo, $app as default value. +ynh_remove_extra_repo () { + # Declare an array to define the options of this helper. + local legacy_args=n + declare -Ar args_array=( [n]=name= ) + local name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + + ynh_secure_remove "/etc/apt/sources.list.d/$name.list" + ynh_secure_remove "/etc/apt/preferences.d/$name" + ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.gpg" + ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.asc" + + # Update the list of package to exclude the old repo + ynh_package_update +} + +# Install packages from an extra repository properly. +# +# usage: ynh_install_extra_app_dependencies --repo="repo" --package="dep1 dep2" [--key=key_url] [--name=name] +# | arg: -r, --repo - Complete url of the extra repository. +# | arg: -p, --package - The packages to install from this extra repository +# | arg: -k, --key - url to get the public key. +# | arg: -n, --name - Name for the files for this repo, $app as default value. +ynh_install_extra_app_dependencies () { + # Declare an array to define the options of this helper. + local legacy_args=rpkn + declare -Ar args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= ) + local repo + local package + local key + local name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + key=${key:-0} + + # Set a key only if asked + if [ -n "$key" ] + then + key="--key=$key" + fi + # Add an extra repository for those packages + ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name + + # Install requested dependencies from this extra repository. + ynh_add_app_dependencies --package="$package" + + # Remove this extra repository after packages are installed + ynh_remove_extra_repo --name=$app +} + +#================================================= + +# patched version of ynh_install_app_dependencies to be used with ynh_add_app_dependencies + +# Define and install dependencies with a equivs control file +# This helper can/should only be called once per app +# +# usage: ynh_install_app_dependencies dep [dep [...]] +# | arg: dep - the package name to install in dependence +# You can give a choice between some package with this syntax : "dep1|dep2" +# Example : ynh_install_app_dependencies dep1 dep2 "dep3|dep4|dep5" +# This mean in the dependence tree : dep1 & dep2 & (dep3 | dep4 | dep5) +# +# Requires YunoHost version 2.6.4 or higher. +ynh_install_app_dependencies () { + local dependencies=$@ + dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')" + dependencies=${dependencies//|/ | } + local manifest_path="../manifest.json" + if [ ! -e "$manifest_path" ]; then + manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place + fi + + local version=$(grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file. + if [ ${#version} -eq 0 ]; then + version="1.0" + fi + local dep_app=${app//_/-} # Replace all '_' by '-' + + # Handle specific versions + if [[ "$dependencies" =~ [\<=\>] ]] + then + # Replace version specifications by relationships syntax + # https://www.debian.org/doc/debian-policy/ch-relationships.html + # Sed clarification + # [^(\<=\>] ignore if it begins by ( or < = >. To not apply twice. + # [\<=\>] matches < = or > + # \+ matches one or more occurence of the previous characters, for >= or >>. + # [^,]\+ matches all characters except ',' + # Ex: package>=1.0 will be replaced by package (>= 1.0) + dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')" + fi + + cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build +Section: misc +Priority: optional +Package: ${dep_app}-ynh-deps +Version: ${version} +Depends: ${dependencies} +Architecture: all +Description: Fake package for $app (YunoHost app) dependencies + This meta-package is only responsible of installing its dependencies. +EOF + ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \ + || ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies + rm /tmp/${dep_app}-ynh-deps.control + ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies" +} + +ynh_add_app_dependencies () { + # Declare an array to define the options of this helper. + local legacy_args=pr + declare -Ar args_array=( [p]=package= [r]=replace) + local package + local replace + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + replace=${replace:-0} + + local current_dependencies="" + if [ $replace -eq 0 ] + then + local dep_app=${app//_/-} # Replace all '_' by '-' + if ynh_package_is_installed --package="${dep_app}-ynh-deps" + then + current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) " + fi + + current_dependencies=${current_dependencies// | /|} + fi + + ynh_install_app_dependencies "${current_dependencies}${package}" +} diff --git a/scripts/ynh_install_ruby b/scripts/ynh_install_ruby new file mode 100644 index 0000000..9e53c06 --- /dev/null +++ b/scripts/ynh_install_ruby @@ -0,0 +1,140 @@ +#!/bin/bash + +# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args + +rbenv_install_dir="/opt/rbenv" +# RBENV_ROOT is the directory of rbenv, it needs to be loaded as a environment variable. +export RBENV_ROOT="$rbenv_install_dir" + +# Install ruby version management +# +# [internal] +# +# usage: ynh_install_rbenv +ynh_install_rbenv () { + echo "Installation of rbenv - ruby version management" >&2 + # Build an app.src for rbenv + mkdir -p "../conf" + echo "SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.1.tar.gz +SOURCE_SUM=41f1a60714c55eceb21d692a469aee1ec4f46bba351d0dfcb0c660ff9cf1a1c9" > "../conf/rbenv.src" + # Download and extract rbenv + ynh_setup_source "$rbenv_install_dir" rbenv + + # Build an app.src for ruby-build + mkdir -p "../conf" + echo "SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20190314.tar.gz +SOURCE_SUM=2cc0f9fdb232042e71edad93a5c3ae108bcd090ea0b6db4e5bb6325547e07968" > "../conf/ruby-build.src" + # Download and extract ruby-build + ynh_setup_source "$rbenv_install_dir/plugins/ruby-build" ruby-build + + (cd $rbenv_install_dir + ./src/configure && make -C src) + +# Create shims directory if needed +if [ ! -d $rbenv_install_dir/shims ] ; then + mkdir $rbenv_install_dir/shims +fi +} + +# Install a specific version of ruby +# +# ynh_install_ruby will install the version of ruby provided as argument by using rbenv. +# +# rbenv (ruby version management) stores the target ruby version in a .ruby_version file created in the target folder (using rbenv local <version>) +# It then uses that information for every ruby user that uses rbenv provided ruby command +# +# This helper creates a /etc/profile.d/rbenv.sh that configures PATH environment for rbenv +# for every LOGIN user, hence your user must have a defined shell (as opposed to /usr/sbin/nologin) +# +# Don't forget to execute ruby-dependent command in a login environment +# (e.g. sudo --login option) +# When not possible (e.g. in systemd service definition), please use direct path +# to rbenv shims (e.g. $RBENV_ROOT/shims/bundle) +# +# usage: ynh_install_ruby ruby_version user +# | arg: -v, --ruby_version= - Version of ruby to install. +# If possible, prefer to use major version number (e.g. 8 instead of 8.10.0). +# The crontab will handle the update of minor versions when needed. +ynh_install_ruby () { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [v]=ruby_version= ) + # Use rbenv, https://github.com/rbenv/rbenv to manage the ruby versions + local ruby_version + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + # Create $rbenv_install_dir + mkdir -p "$rbenv_install_dir/plugins/ruby-build" + + # Load rbenv path in PATH + CLEAR_PATH="$rbenv_install_dir/bin:$PATH" + + # Remove /usr/local/bin in PATH in case of ruby prior installation + PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@') + + # Move an existing ruby binary, to avoid to block rbenv + test -x /usr/bin/ruby && mv /usr/bin/ruby /usr/bin/ruby_rbenv + + # If rbenv is not previously setup, install it + if ! type rbenv > /dev/null 2>&1 + then + ynh_install_rbenv + fi + + # Restore /usr/local/bin in PATH (if needed) + PATH=$CLEAR_PATH + + # And replace the old ruby binary + test -x /usr/bin/ruby_rbenv && mv /usr/bin/ruby_rbenv /usr/bin/ruby + + # Install the requested version of ruby + CONFIGURE_OPTS="--disable-install-doc" MAKE_OPTS="-j2" rbenv install --skip-existing $ruby_version + + # Store the ID of this app and the version of ruby requested for it + echo "$YNH_APP_ID:$ruby_version" | tee --append "$rbenv_install_dir/ynh_app_version" + + # Store ruby_version into the config of this app + ynh_app_setting_set $app ruby_version $ruby_version + + # Set environment for ruby users + echo "#rbenv +export RBENV_ROOT=$rbenv_install_dir +export PATH=\"$rbenv_install_dir/bin:$PATH\" +eval \"\$(rbenv init -)\" +#rbenv" > /etc/profile.d/rbenv.sh + + # Load the right environment for the Installation + eval "$(rbenv init -)" + + (cd $final_path + rbenv local $ruby_version) +} + +# Remove the version of ruby used by the app. +# +# This helper will check if another app uses the same version of ruby, +# if not, this version of ruby will be removed. +# If no other app uses ruby, rbenv will be also removed. +# +# usage: ynh_remove_ruby +ynh_remove_ruby () { + ruby_version=$(ynh_app_setting_get $app ruby_version) + + # Remove the line for this app + sed --in-place "/$YNH_APP_ID:$ruby_version/d" "$rbenv_install_dir/ynh_app_version" + + # If no other app uses this version of ruby, remove it. + if ! grep --quiet "$ruby_version" "$rbenv_install_dir/ynh_app_version" + then + $rbenv_install_dir/bin/rbenv uninstall --force $ruby_version + fi + + # Remove rbenv environment configuration + rm /etc/profile.d/rbenv.sh + + # If no other app uses rbenv, remove rbenv and dedicated group + if [ ! -s "$rbenv_install_dir/ynh_app_version" ] + then + ynh_secure_remove "$rbenv_install_dir" + fi +} diff --git a/scripts/ynh_systemd_action b/scripts/ynh_systemd_action new file mode 100644 index 0000000..6bed6be --- /dev/null +++ b/scripts/ynh_systemd_action @@ -0,0 +1,89 @@ +#!/bin/bash + +# Start (or other actions) a service, print a log in case of failure and optionnaly wait until the service is completely started +# +# usage: ynh_systemd_action [-n service_name] [-a action] [ [-l "line to match"] [-p log_path] [-t timeout] [-e length] ] +# | arg: -n, --service_name= - Name of the service to reload. Default : $app +# | arg: -a, --action= - Action to perform with systemctl. Default: start +# | arg: -l, --line_match= - Line to match - The line to find in the log to attest the service have finished to boot. +# If not defined it don't wait until the service is completely started. +# | arg: -p, --log_path= - Log file - Path to the log file. Default : /var/log/$app/$app.log +# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Default : 300 seconds. +# | arg: -e, --length= - Length of the error log : Default : 20 +ynh_systemd_action() { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= ) + local service_name + local action + local line_match + local length + local log_path + local timeout + + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + local service_name="${service_name:-$app}" + local action=${action:-start} + local log_path="${log_path:-/var/log/$service_name/$service_name.log}" + local length=${length:-20} + local timeout=${timeout:-300} + + # Start to read the log + if [[ -n "${line_match:-}" ]] + then + local templog="$(mktemp)" + # Following the starting of the app in its log + if [ "$log_path" == "systemd" ] ; then + # Read the systemd journal + journalctl -u $service_name -f --since=-45 > "$templog" & + else + # Read the specified log file + tail -F -n0 "$log_path" > "$templog" & + fi + # Get the PID of the tail command + local pid_tail=$! + fi + + echo "${action^} the service $service_name" >&2 + systemctl $action $service_name \ + || ( journalctl --lines=$length -u $service_name >&2 \ + ; test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 \ + ; false ) + + # Start the timeout and try to find line_match + if [[ -n "${line_match:-}" ]] + then + local i=0 + for i in $(seq 1 $timeout) + do + # Read the log until the sentence is found, that means the app finished to start. Or run until the timeout + if grep --quiet "$line_match" "$templog" + then + echo "The service $service_name has correctly started." >&2 + break + fi + echo -n "." >&2 + sleep 1 + done + if [ $i -eq $timeout ] + then + echo "The service $service_name didn't fully started before the timeout." >&2 + journalctl --lines=$length -u $service_name >&2 + test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 + fi + + echo "" + ynh_clean_check_starting + fi +} + +# Clean temporary process and file used by ynh_check_starting +# (usually used in ynh_clean_setup scripts) +# +# usage: ynh_clean_check_starting +ynh_clean_check_starting () { + # Stop the execution of tail. + kill -s 15 $pid_tail 2>&1 + ynh_secure_remove "$templog" 2>&1 +} |