From 2dc4e5a8a4da98343ace1ea2b649cbceb60f75f7 Mon Sep 17 00:00:00 2001 From: oiseauroch Date: Sat, 19 Nov 2022 17:51:03 +0100 Subject: [PATCH] working app --- LICENSE | 14 +++- conf/app.src | 4 +- conf/config.yml | 18 +++++ conf/nginx.conf | 27 +------ conf/systemd.service | 2 +- manifest.json | 59 ++++------------ scripts/_common.sh | 20 +----- scripts/backup | 40 ----------- scripts/change_url | 11 --- scripts/install | 164 +++++++++---------------------------------- scripts/remove | 57 --------------- scripts/restore | 62 +--------------- scripts/upgrade | 107 ++++++---------------------- 13 files changed, 108 insertions(+), 477 deletions(-) create mode 100644 conf/config.yml diff --git a/LICENSE b/LICENSE index 7d1e40b..c7c2d04 100644 --- a/LICENSE +++ b/LICENSE @@ -1,4 +1,12 @@ -File containing the license of your package. +--2022-11-19 15:22:08-- https://spdx.org/licenses/BSD-2-Clause.html +Certificat de l’autorité de certification « /etc/ssl/certs/ca-certificates.crt » chargé +Résolution de spdx.org (spdx.org)… 13.249.9.37, 13.249.9.76, 13.249.9.73, ... +Connexion à spdx.org (spdx.org)|13.249.9.37|:443… connecté. +requête HTTP transmise, en attente de la réponse… 200 OK +Taille : 9815 (9,6K) [text/html] +Sauvegarde en : « BSD-2-Clause.html » + + 0K ......... 100% 107M=0s + +2022-11-19 15:22:09 (107 MB/s) — « BSD-2-Clause.html » sauvegardé [9815/9815] -More information here: -https://yunohost.org/packaging_apps_guidelines#yep-1-3 diff --git a/conf/app.src b/conf/app.src index 17489bf..84dccd7 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=url of app's source -SOURCE_SUM=sha256 checksum +SOURCE_URL=https://github.com/de-vri-es/webhook-httpd/archive/refs/tags/v0.1.4.tar.gz +SOURCE_SUM=cbdd0b6bb697b06950b2055703a75bacd3799d850c75eec64a895014a127e317 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/config.yml b/conf/config.yml new file mode 100644 index 0000000..5ba955f --- /dev/null +++ b/conf/config.yml @@ -0,0 +1,18 @@ +# By default, the server accepts connections on all addresses. +# You can limit this by setting `bind-address` to a specific IP address. +bind-address: "::" + +# Choose a port number to listen on. +port: __PORT__ + +# The log level of the server. +# You can choose from: error, warn, info, debug and trace. +log-level: info + +# The hooks. +hooks: + # A hook that prints the script environment, useful for debugging. + # Output is sent to the server log, not as HTTP response body. + - url: "/print-env" + commands: + - cmd: ["env"] diff --git a/conf/nginx.conf b/conf/nginx.conf index 6b738ce..8c0a010 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,28 +1,7 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { + proxy_set_header Host $host; + proxy_buffering off; - # Path to source - alias __FINALPATH__/; - -### Example PHP configuration (remove it if not used) - index index.php; - - # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file - #client_max_body_size 50M; - - try_files $uri $uri/ index.php; - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; - - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $request_filename; - } -### End of PHP configuration part - - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; + proxy_pass http://localhost:__PORT__/; } diff --git a/conf/systemd.service b/conf/systemd.service index 7bb448e..a2267fe 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -7,7 +7,7 @@ Type=simple User=__APP__ Group=__APP__ WorkingDirectory=__FINALPATH__/ -ExecStart=__FINALPATH__/script +ExecStart=__FINALPATH__/webhook-httpd --config config.yml StandardOutput=append:/var/log/__APP__/__APP__.log StandardError=inherit diff --git a/manifest.json b/manifest.json index 1272ce4..edf859c 100644 --- a/manifest.json +++ b/manifest.json @@ -1,34 +1,30 @@ { - "name": "Example app", - "id": "example", + "name": "rust webhook server", + "id": "webhook-httpd", "packaging_format": 1, "description": { - "en": "Explain in *a few (10~15) words* the purpose of the app or what it actually does (it is meant to give a rough idea to users browsing a catalog of 100+ apps)", - "fr": "Expliquez en *quelques* (10~15) mots l'utilité de l'app ou ce qu'elle fait (l'objectif est de donner une idée grossière pour des utilisateurs qui naviguent dans un catalogue de 100+ apps)" + "en": "a small webhook server that execute local command ", + "fr": "executer des commandes locales déclenchées par une url" }, - "version": "1.0~ynh1", - "url": "https://example.com", + "version": "0.1.4~ynh1", + "url": "https://github.com/de-vri-es/webhook-httpd", "upstream": { - "license": "free", - "website": "https://example.com", - "demo": "https://demo.example.com", - "admindoc": "https://yunohost.org/packaging_apps", - "userdoc": "https://yunohost.org/apps", - "code": "https://some.forge.com/example/example" + "license": "BSD-2-Clause", + "website": "https://github.com/de-vri-es/webhook-httpd", + "admindoc": "https://github.com/de-vri-es/webhook-httpd", + "userdoc": "https://github.com/de-vri-es/webhook-httpd", + "code": "https://github.com/de-vri-es/webhook-httpd" }, - "license": "free", + "license": "BSD-2-Clause", "maintainer": { - "name": "John doe", - "email": "john.doe@example.com" + "name": "Tobias Ollive", + "email": "tobias@ollive.oiseauroch.fr" }, "requirements": { "yunohost": ">= 11.0.0" }, "multi_instance": true, "services": [ - "nginx", - "php7.4-fpm", - "mysql" ], "arguments": { "install": [ @@ -41,33 +37,6 @@ "type": "path", "example": "/example", "default": "/example" - }, - { - "name": "is_public", - "type": "boolean", - "default": true - }, - { - "name": "language", - "type": "string", - "ask": { - "en": "Choose the application language", - "fr": "Choisissez la langue de l'application" - }, - "choices": ["fr", "en"], - "default": "fr" - }, - { - "name": "admin", - "type": "user" - }, - { - "name": "password", - "type": "password", - "help": { - "en": "Use the help field to add an information for the admin about this question.", - "fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question." - } } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index 04b61bb..2a7cba0 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,26 +3,8 @@ #================================================= # COMMON VARIABLES #================================================= -# PHP APP SPECIFIC -#================================================= -# Depending on its version, YunoHost uses different default PHP version: -## YunoHost version "11.X" => PHP 7.4 -## YunoHost version "4.X" => PHP 7.3 -# -# This behaviour can be overridden by setting the YNH_PHP_VERSION variable -#YNH_PHP_VERSION=7.3 -#YNH_PHP_VERSION=7.4 -#YNH_PHP_VERSION=8.0 -# For more information, see the PHP application helper: https://github.com/YunoHost/yunohost/blob/dev/helpers/php#L3-L6 -# Or this app package depending on PHP: https://github.com/YunoHost-Apps/grav_ynh/blob/master/scripts/_common.sh -# PHP dependencies used by the app (must be on a single line) -#php_dependencies="php$YNH_PHP_VERSION-deb1 php$YNH_PHP_VERSION-deb2" -# or, if you do not need a custom YNH_PHP_VERSION: -php_dependencies="php$YNH_DEFAULT_PHP_VERSION-deb1 php$YNH_DEFAULT_PHP_VERSION-deb2" - # dependencies used by the app (must be on a single line) -pkg_dependencies="deb1 deb2 $php_dependencies" - +pkg_dependencies="pkg-config libssl-dev" #================================================= # PERSONAL HELPERS #================================================= diff --git a/scripts/backup b/scripts/backup index f99225d..0670178 100755 --- a/scripts/backup +++ b/scripts/backup @@ -30,9 +30,6 @@ app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -50,31 +47,12 @@ ynh_print_info --message="Declaring files to be backed up..." ynh_backup --src_path="$final_path" -#================================================= -# BACKUP THE DATA DIR -#================================================= - -ynh_backup --src_path="$datadir" --is_big - #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP THE PHP-FPM CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -#================================================= -# BACKUP FAIL2BAN CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" - #================================================= # SPECIFIC BACKUP #================================================= @@ -89,24 +67,6 @@ ynh_backup --src_path="/etc/logrotate.d/$app" ynh_backup --src_path="/etc/systemd/system/$app.service" -#================================================= -# BACKUP VARIOUS FILES -#================================================= - -ynh_backup --src_path="/etc/cron.d/$app" - -ynh_backup --src_path="/etc/$app/" - -#================================================= -# BACKUP THE MYSQL DATABASE -#================================================= -ynh_print_info --message="Backing up the MySQL database..." - -### (However, things like MySQL dumps *do* take some time to run, though the -### copy of the generated dump to the archive still happens later) - -ynh_mysql_dump_db --database="$db_name" > db.sql - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/change_url b/scripts/change_url index 322641b..b286df6 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -29,11 +29,6 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) -# Add settings here as needed by your application -#db_name=$(ynh_app_setting_get --app=$app --key=db_name) -#db_user=$db_name -#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) - #================================================= # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= @@ -105,12 +100,6 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi -#================================================= -# SPECIFIC MODIFICATIONS -#================================================= -# ... -#================================================= - #================================================= # GENERIC FINALISATION #================================================= diff --git a/scripts/install b/scripts/install index 1fc28de..916476b 100755 --- a/scripts/install +++ b/scripts/install @@ -26,10 +26,6 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH -is_public=$YNH_APP_ARG_IS_PUBLIC -language=$YNH_APP_ARG_LANGUAGE -admin=$YNH_APP_ARG_ADMIN -password=$YNH_APP_ARG_PASSWORD ### If it's a multi-instance app, meaning it can be installed several times independently ### The id of the app as stated in the manifest is available as $YNH_APP_ID @@ -71,8 +67,6 @@ ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=language --value=$language -ynh_app_setting_set --app=$app --key=admin --value=$admin #================================================= # STANDARD MODIFICATIONS @@ -90,13 +84,13 @@ ynh_script_progression --message="Finding an available port..." --weight=1 port=$(ynh_find_port --port=8095) ynh_app_setting_set --app=$app --key=port --value=$port -# Optional: Expose this port publicly -# (N.B.: you only need to do this if the app actually needs to expose the port publicly. -# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 -# Open the port -# ynh_script_progression --message="Configuring firewall..." --weight=1 -# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # INSTALL DEPENDENCIES @@ -113,37 +107,10 @@ ynh_script_progression --message="Installing dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" - -#================================================= -# CREATE A MYSQL DATABASE -#================================================= -ynh_script_progression --message="Creating a MySQL database..." --weight=1 - -### Use these lines if you need a database for the application. -### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. -### The password will be stored as 'mysqlpwd' into the app settings, -### and will be available as $db_pwd -### If you're not using these lines: -### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script -### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script -### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script - -db_name=$(ynh_sanitize_dbid --db_name=$app) -db_user=$db_name -ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --weight=1 +ynh_script_progression --message="Setting up source files..." --weight=5 ### `ynh_setup_source` is used to install an app from a zip or tar.gz file, ### downloaded from an upstream source, like a git repository. @@ -151,7 +118,9 @@ ynh_script_progression --message="Setting up source files..." --weight=1 ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +mkdir -p "$final_path/build" +ynh_setup_source --dest_dir="$final_path/build" + # FIXME: this should be managed by the core in the future # Here, as a packager, you may have to tweak the ownerhsip/permissions @@ -163,24 +132,25 @@ chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=1 +pushd "$final_path" + ynh_exec_warn_less ynh_exec_as $app RUSTUP_HOME="$final_path"/.rustup CARGO_HOME="$final_path"/.cargo bash -c 'curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -q -y' +popd -### `ynh_add_fpm_config` is used to set up a PHP config. -### You can remove it if your app doesn't use PHP. -### `ynh_add_fpm_config` will use the files conf/php-fpm.conf -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script -### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script -### with the reload at the end of the script. -### - And the section "PHP-FPM CONFIGURATION" in the upgrade script +export PATH="$PATH:$final_path/.cargo/bin:$final_path/.local/bin:/usr/local/sbin" -# Create a dedicated PHP-FPM config -ynh_add_fpm_config +# Compile webhook-httpd +pushd "$final_path"/build + ynh_exec_warn_less ynh_exec_as $app env PATH="$PATH" cargo build --release +popd + +# Install webhook-httpd +cp -af "$final_path/build/target/release/webhook-httpd" "$final_path/webhook-httpd" +chmod +x "$final_path/webhook-httpd" + +# Remove build files and rustup +ynh_secure_remove --file="$final_path/build" +ynh_secure_remove --file="$final_path/.cargo" +ynh_secure_remove --file="$final_path/.rustup" #================================================= # NGINX CONFIGURATION @@ -198,34 +168,6 @@ ynh_add_nginx_config # ... #================================================= -#================================================= -# CREATE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Creating a data directory..." --weight=1 - -### Use these lines if you need to create a directory to store "persistent files" for the application. -### Usually this directory is used to store uploaded files or any file that won't be updated during -### an upgrade and that won't be deleted during app removal unless "--purge" option is used. -### If you're not using these lines: -### - Remove the section "BACKUP THE DATA DIR" in the backup script -### - Remove the section "RESTORE THE DATA DIRECTORY" in the restore script -### - As well as the section "REMOVE DATA DIR" in the remove script - -datadir=/home/yunohost.app/$app -ynh_app_setting_set --app=$app --key=datadir --value=$datadir - -mkdir -p $datadir - -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" - #================================================= # ADD A CONFIGURATION #================================================= @@ -243,13 +185,13 @@ ynh_script_progression --message="Adding a configuration file..." --weight=1 ### ### Check the documentation of `ynh_add_config` for more info. -ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file" +ynh_add_config --template="config.yml" --destination="$final_path/config.yml" # FIXME: this should be handled by the core in the future # You may need to use chmod 600 instead of 400, # for example if the app is expected to be able to modify its own config -chmod 400 "$final_path/some_config_file" -chown $app:$app "$final_path/some_config_file" +chmod 400 "$final_path/config.yml" +chown $app:$app "$final_path/config.yml" ### For more complex cases where you want to replace stuff using regexes, ### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) @@ -277,27 +219,6 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1 # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# SETUP APPLICATION WITH CURL -#================================================= - -### Use these lines only if the app installation needs to be finalized through -### web forms. We generally don't want to ask the final user, -### so we're going to use curl to automatically fill the fields and submit the -### forms. - -# Set the app as temporarily public for curl call -ynh_script_progression --message="Configuring SSOwat..." --weight=1 -# Making the app public for curl -ynh_permission_update --permission="main" --add="visitors" - -# Installation with curl -ynh_script_progression --message="Finalizing installation..." --weight=1 -ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" - -# Remove the public access -ynh_permission_update --permission="main" --remove="visitors" - #================================================= # GENERIC FINALIZATION #================================================= @@ -330,7 +251,7 @@ ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 ### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script ### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --description="webook server" --log="/var/log/$app/$app.log" ### Additional options starting with 3.8: ### @@ -364,37 +285,16 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Configuring Fail2Ban..." --weight=1 - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring permissions..." --weight=1 -# Make app public if necessary -if [ $is_public -eq 1 ] -then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" -fi -### N.B. : the following extra permissions only make sense if your app -### does have for example an admin interface or an API. +ynh_permission_update --permission="main" --add="visitors" -# Only the admin can access the admin panel of the app (if the app has an admin panel) -ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin -# Everyone can access the API part -# We don't want to display the tile in the SSO so we put --show_tile="false" -# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true" -ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" #================================================= # RELOAD NGINX diff --git a/scripts/remove b/scripts/remove index ca31e5a..f95e45b 100755 --- a/scripts/remove +++ b/scripts/remove @@ -18,10 +18,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) port=$(ynh_app_setting_get --app=$app --key=port) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= # STANDARD REMOVE @@ -52,13 +49,6 @@ ynh_script_progression --message="Removing logrotate configuration..." --weight= # Remove the app-specific logrotate config ynh_remove_logrotate -#================================================= -# REMOVE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Removing the MySQL database..." --weight=1 - -# Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE APP MAIN DIR @@ -68,16 +58,6 @@ ynh_script_progression --message="Removing app main directory..." --weight=1 # Remove the app directory securely ynh_secure_remove --file="$final_path" -#================================================= -# REMOVE DATA DIR -#================================================= - -# Remove the data directory if --purge option is used -if [ "${YNH_APP_PURGE:-0}" -eq 1 ] -then - ynh_script_progression --message="Removing app data directory..." --weight=1 - ynh_secure_remove --file="$datadir" -fi #================================================= # REMOVE NGINX CONFIGURATION @@ -87,22 +67,6 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1 - -# Remove the dedicated PHP-FPM config -ynh_remove_fpm_config - -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=1 - -# Remove metapackage and its dependencies -ynh_remove_app_dependencies - #================================================= # CLOSE A PORT #================================================= @@ -113,27 +77,6 @@ then ynh_exec_warn_less yunohost firewall disallow TCP $port fi -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1 - -# Remove the dedicated Fail2Ban config -ynh_remove_fail2ban_config - -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= -ynh_script_progression --message="Removing various files..." --weight=1 - -# Remove a cron file -ynh_secure_remove --file="/etc/cron.d/$app" - -# Remove a directory securely -ynh_secure_remove --file="/etc/$app" - # Remove the log files ynh_secure_remove --file="/var/log/$app" diff --git a/scripts/restore b/scripts/restore index 1be949b..932c374 100755 --- a/scripts/restore +++ b/scripts/restore @@ -31,10 +31,6 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -71,75 +67,24 @@ chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" -#================================================= -# RESTORE THE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Restoring the data directory..." --weight=1 - -ynh_restore_file --origin_path="$datadir" --not_mandatory - -mkdir -p $datadir - -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:www-data "$datadir" - -#================================================= -# RESTORE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban - -#================================================= -# SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= + ynh_script_progression --message="Reinstalling dependencies..." --weight=1 # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies -#================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the PHP-FPM configuration..." --time --weight=1 -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." --time --weight=1 +ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=1 - -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql - -#================================================= -# RESTORE VARIOUS FILES -#================================================= -ynh_script_progression --message="Restoring various files..." --weight=1 - -ynh_restore_file --origin_path="/etc/cron.d/$app" - -ynh_restore_file --origin_path="/etc/$app/" #================================================= # RESTORE SYSTEMD @@ -161,7 +106,7 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --description="webook server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE @@ -177,7 +122,6 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$ap #================================================= ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 -ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index f38c139..c1fa4ff 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,10 +18,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -language=$(ynh_app_setting_get --app=$app --key=language) -admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) #================================================= # CHECK VERSION @@ -68,39 +65,6 @@ ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 # of what you may want to do in some cases (e.g. a setting was not defined on # some legacy installs and you therefore want to initiaze stuff during upgrade) # - -# If db_name doesn't exist, create it -#if [ -z "$db_name" ]; then -# db_name=$(ynh_sanitize_dbid --db_name=$app) -# ynh_app_setting_set --app=$app --key=db_name --value=$db_name -#fi - -# If final_path doesn't exist, create it -#if [ -z "$final_path" ]; then -# final_path=/var/www/$app -# ynh_app_setting_set --app=$app --key=final_path --value=$final_path -#fi - -### If nobody installed your app before 4.1, -### then you may safely remove these lines - -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -if ! ynh_permission_exists --permission="admin"; then - # Create the required permissions - ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin -fi - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" -fi - #================================================= # CREATE DEDICATED USER #================================================= @@ -121,6 +85,26 @@ then ynh_setup_source --dest_dir="$final_path" fi +pushd "$final_path" + ynh_exec_warn_less ynh_exec_as $app RUSTUP_HOME="$final_path"/.rustup CARGO_HOME="$final_path"/.cargo bash -c 'curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -q -y' +popd + +export PATH="$PATH:$final_path/.cargo/bin:$final_path/.local/bin:/usr/local/sbin" + +# Compile Gemserv +pushd "$final_path"/build + ynh_exec_warn_less ynh_exec_as $app env PATH="$PATH" cargo build --release +popd + +# Install Gemserv +cp -af "$final_path/build/target/release/webhook-httpd" "$final_path/webook-httpd" +chmod +x "$final_path/webook-httpd" + +# Remove build files and rustup +ynh_secure_remove --file="$final_path/build" +ynh_secure_remove --file="$final_path/.cargo" +ynh_secure_remove --file="$final_path/.rustup" + # FIXME: this should be managed by the core in the future # Here, as a packager, you may have to tweak the ownerhsip/permissions # such that the appropriate users (e.g. maybe www-data) can access @@ -131,6 +115,7 @@ chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" + #================================================= # UPGRADE DEPENDENCIES #================================================= @@ -138,53 +123,15 @@ ynh_script_progression --message="Upgrading dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1 +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# SPECIFIC UPGRADE -#================================================= -# ... -#================================================= - -#================================================= -# UPDATE A CONFIG FILE -#================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 - -### Same as during install -### -### The file will automatically be backed-up if it's found to be manually modified (because -### ynh_add_config keeps track of the file's checksum) - -ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file" - -# FIXME: this should be handled by the core in the future -# You may need to use chmod 600 instead of 400, -# for example if the app is expected to be able to modify its own config -chmod 400 "$final_path/some_config_file" -chown $app:$app "$final_path/some_config_file" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file" -### ynh_store_file_checksum --file="$final_path/some_config_file" - #================================================= # SETUP SYSTEMD #================================================= @@ -208,7 +155,7 @@ ynh_use_logrotate --non-append #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --description="webook server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE @@ -217,14 +164,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1 - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - #================================================= # RELOAD NGINX #=================================================