diff --git a/check_process b/check_process new file mode 100644 index 0000000..355618a --- /dev/null +++ b/check_process @@ -0,0 +1,27 @@ +;; Test complet + auto_remove=1 + ; Manifest + domain="domain.tld" (DOMAIN) + path="/path" (PATH) + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_nourl=0 + setup_private=1 + setup_public=0 + upgrade=1 + backup_restore=1 + multi_instance=1 + port_already_use=0 +;;; Levels + Level 1=auto + Level 2=auto + Level 3=auto + Level 4=1 + Level 5=auto + Level 6=auto + Level 7=auto + Level 8=0 + Level 9=0 + Level 10=0 diff --git a/conf/app.src b/conf/app.src new file mode 100644 index 0000000..a9713ff --- /dev/null +++ b/conf/app.src @@ -0,0 +1,4 @@ +SOURCE_URL=https://github.com/mozilla-services/syncserver/archive/1.5.2.zip +SOURCE_SUM=2ce201626b720589d1916972cac0cfdec27db42992924b7fb7fef5ae92a148d8 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=zip diff --git a/conf/ffsync b/conf/ffsync deleted file mode 100755 index e2fb135..0000000 --- a/conf/ffsync +++ /dev/null @@ -1,75 +0,0 @@ -#!/bin/bash -# /etc/init.d/sync -# version 0.1 2013-03-12 (YYYY-MM-DD) - -### BEGIN INIT INFO -# Provides: sync -# Required-Start: $local_fs $remote_fs -# Required-Stop: $local_fs $remote_fs -# Should-Start: $network -# Should-Stop: $network -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Mozilla Sync server -# Description: Starts the mozilla sync server -### END INIT INFO - -# Source function library. -#. /etc/rc.d/init.d/functions - -prog=sync -SYNC_USER=ffsync -SYNC_HOME=/opt/yunohost/ffsync -CPU_COUNT=2 -pidfile=/tmp/sync.pid -lockfile=/var/run/sync.lock -conffile=${SYNC_HOME}/syncserver.ini -GUNICORN=${SYNC_HOME}/local/bin/gunicorn -GUNICORN_ARGS="--paste $conffile --access-logfile /var/log/ffsync.log --daemon -p $pidfile" - -start () { - echo -n "Starting $prog" - start-stop-daemon --start -c ${SYNC_USER} --exec $GUNICORN -- $GUNICORN_ARGS - RETVAL=$? - echo - [ $RETVAL = 0 ] && touch ${lockfile} - return $RETVAL -} - -stop() { - echo "Stopping $prog" - start-stop-daemon --stop --quiet --oknodo --pidfile ${pidfile} - #log_end_msg $? - rm -f ${pidfile} -} - -status(){ - if [[ -f ${pidfile} ]]; then - echo "Status: running." - exit 0; - else - echo "Status: not running." - exit 1; - fi -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - status - ;; - restart) - stop - start - ;; - *) - echo $"Usage: $prog {start|stop|restart|help}" - RETVAL=2 -esac - -exit $RETVAL diff --git a/conf/ffsync.logrotate b/conf/ffsync.logrotate deleted file mode 100644 index c5f42b7..0000000 --- a/conf/ffsync.logrotate +++ /dev/null @@ -1,9 +0,0 @@ -"/var/log/ffsync.log" { - copytruncate - daily - rotate 7 - compress - delaycompress - missingok - notifempty -} diff --git a/conf/nginx.conf b/conf/nginx.conf index ab6e584..8ed3aa8 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,15 +1,15 @@ -location PATHTOCHANGE { - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_redirect off; - proxy_read_timeout 120; - proxy_connect_timeout 10; - proxy_pass http://127.0.0.1:5000/; +location __PATH__ { + # Path to source + alias __FINALPATH__/ ; - include conf.d/yunohost_panel.conf.inc; + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } + + include uwsgi_params; + # Needed for long running operations in admin interface + uwsgi_read_timeout 3600; + uwsgi_param SCRIPT_NAME __PATH__; + uwsgi_modifier1 30; + uwsgi_pass unix://__FINALPATH__/socket; } diff --git a/conf/syncserver.ini b/conf/syncserver.ini index fd5ffa3..97336fd 100644 --- a/conf/syncserver.ini +++ b/conf/syncserver.ini @@ -1,9 +1,14 @@ -[server:main] -use = egg:gunicorn -host = 0.0.0.0 -port = 5000 -workers = 1 -timeout = 30 +[uwsgi] +plugins = python +master = true +protocol = uwsgi +socket = __FINALPATH__/socket +virtualenv = __FINALPATH__/local +wsgi-file = __FINALPATH__/syncserver.wsgi +python-path = __FINALPATH__/local +enable-threads = true +close-on-exec = true +umask = 0660 [app:main] use = egg:syncserver @@ -11,10 +16,10 @@ use = egg:syncserver [syncserver] # This must be edited to point to the public URL of your server, # i.e. the URL as seen by Firefox. -public_url = https://ynhbaseurl/ +public_url = https://__DOMAIN____PATH__ # This defines the database in which to store all server data. -sqluri = pymysql://yunouser:yunopass@localhost/yunobase +sqluri = pymysql://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__ # This is a secret key used for signing authentication tokens. # It should be long and randomly-generated. @@ -23,7 +28,7 @@ sqluri = pymysql://yunouser:yunopass@localhost/yunobase # head -c 20 /dev/urandom | sha1sum # # If not specified then the server will generate a temporary one at startup. -secret = changesecret +secret = __SECRET__ # Set this to "false" to disable new-user signups on the server. # Only request by existing accounts will be honoured. @@ -35,11 +40,10 @@ allow_new_users = true # details from public_url. This could have security implications if e.g. # you tell the app that it's on HTTPS but it's really on HTTP, so it should # only be used as a last resort and after careful checking of server config. -force_wsgi_environ = true +force_wsgi_environ = false # Uncomment and edit the following to use a local BrowserID verifier # rather than posting assertions to the mozilla-hosted verifier. # Audiences should be set to your public_url without a trailing slash. #[browserid] #backend = tokenserver.verifiers.LocalVerifier -#audiences = https://localhost:5000 diff --git a/conf/systemd.service b/conf/systemd.service new file mode 100644 index 0000000..ac2754b --- /dev/null +++ b/conf/systemd.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI instance for __APP__ +Requires=network.target +After=network.target + +[Service] +User=__APP__ +Group=__APP__ +RemainAfterExit=yes +WorkingDirectory=__FINALPATH__ +ExecStart=/usr/bin/uwsgi \ + --ini __FINALPATH__/syncserver.ini \ + --socket __FINALPATH__/socket +Restart=always +StandardError=syslog + +[Install] +WantedBy=multi-user.target diff --git a/manifest.json b/manifest.json index 32a2bef..592e2b6 100644 --- a/manifest.json +++ b/manifest.json @@ -1,7 +1,8 @@ { "name": "Firefox Sync Server", "id": "ffsync", - "url": "https://github.com/abeudin/ffsync_ynh", + "version": "1.5.2", + "url": "https://github.com/mozilla-services/syncserver", "packaging_format": 1, "description": { "en": "Mozilla’s Sync-Server to host your Firefox account data", @@ -13,13 +14,13 @@ "url": "https://github.com/balu-/FSyncMS" }, "requirements": { - "yunohost": ">> 2.4.0" + "yunohost": ">=2.7.0" }, - "license": "free", + "license": "MPL-2.0", "services": [ "nginx" ], - "multi_instance": false, + "multi_instance": true, "arguments": { "install" : [ { diff --git a/scripts/_common.sh b/scripts/_common.sh new file mode 100644 index 0000000..7a693aa --- /dev/null +++ b/scripts/_common.sh @@ -0,0 +1,3 @@ +#!/bin/bash + + diff --git a/scripts/backup b/scripts/backup new file mode 100644 index 0000000..645fec4 --- /dev/null +++ b/scripts/backup @@ -0,0 +1,66 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +if [ ! -e _common.sh ]; then + # Get the _common.sh file if it's not in the current directory + cp ../settings/scripts/_common.sh ./_common.sh + chmod a+rx _common.sh +fi +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +final_path=$(ynh_app_setting_get "$app" final_path) +domain=$(ynh_app_setting_get "$app" domain) +db_name=$(ynh_app_setting_get "$app" db_name) + +#================================================= +# STANDARD BACKUP STEPS +#================================================= +# BACKUP THE APP MAIN DIR +#================================================= + +ynh_backup "$final_path" + +#================================================= +# BACKUP THE NGINX CONFIGURATION +#================================================= + +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# BACKUP THE MYSQL DATABASE +#================================================= + +ynh_mysql_dump_db "$db_name" > db.sql + +#================================================= +# SPECIFIC BACKUP +#================================================= +# BACKUP LOGROTATE +#================================================= + +ynh_backup "/etc/logrotate.d/$app" + +#================================================= +# BACKUP SYSTEMD +#================================================= + +ynh_backup "/etc/systemd/system/$app.service" diff --git a/scripts/install b/scripts/install index 3132dd4..8643d2b 100644 --- a/scripts/install +++ b/scripts/install @@ -1,105 +1,192 @@ #!/bin/bash -# Source app helpers -. /usr/share/yunohost/helpers +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= # Retrieve arguments -domain=$1 -path=$2 +domain=$YNH_APP_ARG_DOMAIN +path_url=$YNH_APP_ARG_PATH -# Check domain/path availability -sudo yunohost app checkurl $domain$path -a ffsync -if [[ ! $? -eq 0 ]]; then - ynh_die -fi +app=$YNH_APP_INSTANCE_NAME -# Generate random password -db_pwd=$(head -c 8 /dev/urandom | sha1sum | cut -d " " -f1) +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= -# Use 'FSyncMS' as database name and user -db_user=ffsync +# Check destination directory +final_path="/var/www/$app" +test ! -e "$final_path" || ynh_die "This path already contains a folder" -# Initialize database and store mysql password for upgrade -sudo yunohost app initdb $db_user -p $db_pwd -ynh_app_setting_set ffsync mysqlpwd $db_pwd +# Normalize the url path syntax +path_url=$(ynh_normalize_url_path "$path_url") + +# Check web path availability +ynh_webpath_available "$domain" "$path_url" +# Register (book) web path +ynh_webpath_register "$app" "$domain" "$path_url" + +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= + +ynh_app_setting_set "$app" domain "$domain" +ynh_app_setting_set "$app" path_url "$path_url" +ynh_app_setting_set "$app" final_path "$final_path" + +#================================================= +# STANDARD MODIFICATIONS +#================================================= -# Generate random password and save -secret=$(head -c 20 /dev/urandom | sha1sum | cut -d " " -f1) -ynh_app_setting_set ffsync secret $secret + +#================================================= +# INSTALL DEPENDENCIES +#================================================= # Check depends installation -sudo apt-get install make python-dev python-virtualenv -y +ynh_install_app_dependencies make python-dev python-virtualenv \ + uwsgi uwsgi-plugin-python + +#================================================= +# CREATE A MYSQL DATABASE +#================================================= + +# Use 'FSyncMS' as database name and user +db_user=$app +db_name=$(ynh_sanitize_dbid $app) +db_pwd=$(ynh_string_random) + +ynh_app_setting_set "$app" db_name "$db_name" +ynh_app_setting_set "$app" db_pwd "$db_name" +ynh_mysql_setup_db "$db_user" "$db_name" + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= -# Check Swap -if [ $(sudo swapon -s | wc -l) = 1 ]; +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$final_path" + +# Modify assets to take path into account +# TODO: try to include this as a patch if still needed +# find ../sources/syncserver/page/sync_files/ -type f -exec sed -i -e "s@media\/img@$path_url\/media\/img@g" {} \; + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Modify Nginx configuration file and copy it to Nginx conf directory +ynh_add_nginx_config + +if [ "$path_url" == "/" ] then - # It is NOT possible to setup a swap file on a tmpfs filesystem - mount | grep /tmp | grep tmpfs > /dev/null 2>&1 - if [ $? = 1 ]; - then - tmp_swap_file=/tmp/ffsync_swapfile - else - tmp_swap_file=/var/cache/ffsync_swapfile - fi - sudo dd if=/dev/zero of=$tmp_swap_file bs=1M count=256 - sudo chmod 600 $tmp_swap_file - sudo mkswap $tmp_swap_file - sudo swapon $tmp_swap_file + # $finalnginxconf comes from ynh_add_nginx_config + # uwsgi_param is only needed for non-root installation + ynh_replace_string "uwsgi_param " "#uwsgi_param " "$finalnginxconf" + ynh_replace_string "uwsgi_modifier1 " "#uwsgi_modifier1 " "$finalnginxconf" + + ynh_store_file_checksum "$finalnginxconf" fi +#================================================= +# CREATE DEDICATED USER +#================================================= -# Modify assets to take path into account -sudo find ../sources/syncserver/page/sync_files/ -type f -exec sed -i -e "s@media\/img@$path\/media\/img@g" {} \; +ynh_system_user_create "$app" "$final_path" -# Copy files to the right place -final_path=/opt/yunohost/ffsync -sudo mkdir -p $final_path -sudo cp -a ../sources/* $final_path -sudo cp ../conf/ffsync /etc/init.d/ -sudo cp ../conf/ffsync.logrotate /etc/logrotate.d/ffsync -sudo touch /var/log/ffsync.log +#================================================= +# SPECIFIC SETUP +#================================================= +# SETUP SYSTEMD +#================================================= -# Set permissions to ffsync directory -sudo useradd ffsync -d $final_path -sudo chown ffsync:ffsync -R $final_path -sudo chown ffsync /var/log/ffsync.log +ynh_add_systemd_config -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf -sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/ffsync.conf -sudo cp ../conf/syncserver.ini $final_path/syncserver.ini -sudo sed -i -e "s@ynhbaseurl@$domain$path@g" $final_path/syncserver.ini -sudo sed -i -e "s@changesecret@$secret@g" $final_path/syncserver.ini -sudo sed -i "s/yunouser/$db_user/g" $final_path/syncserver.ini -sudo sed -i "s/yunopass/$db_pwd/g" $final_path/syncserver.ini -sudo sed -i "s/yunobase/$db_user/g" $final_path/syncserver.ini -sudo sed -i -e "s@media\/img@$path\/media\/img@g" $final_path/syncserver/page/sync_files/firefox_sync-bundle.css -sudo sed -i -e "s@media\/img@$path\/media\/img@g" $final_path/syncserver/page/sync_files/responsive-bundle.css +#================================================= +# create config file syncserver.ini +#================================================= + +# Generate random password and save +secret=$(ynh_string_random) +ynh_app_setting_set "$app" secret "$secret" + +# Copy Files +cp ../conf/syncserver.ini "$final_path/syncserver.ini" +ynh_replace_string "__DOMAIN__" "$domain" "$final_path/syncserver.ini" +ynh_replace_string "__PATH__" "$path_url" "$final_path/syncserver.ini" +ynh_replace_string "__NAME__" "$app" "$final_path/syncserver.ini" +ynh_replace_string "__FINALPATH__" "$final_path" "$final_path/syncserver.ini" +ynh_replace_string "__SECRET__" "$secret" "$final_path/syncserver.ini" + +ynh_replace_string "__DB_USER__" "$db_user" "$final_path/syncserver.ini" +ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/syncserver.ini" +ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/syncserver.ini" + +#================================================= +# MODIFY A CONFIG FILE +#================================================= + +# TODO: fix this css patch +# ynh_replace_string "media\/img@$path_url\/media\/img@g" $final_path/syncserver/page/sync_files/firefox_sync-bundle.css +# ynh_replace_string "media\/img@$path_url\/media\/img@g" $final_path/syncserver/page/sync_files/responsive-bundle.css + +#================================================= +# make +#================================================= # Init virtualenv -cd $final_path && sudo make build && sudo ./local/bin/easy_install gunicorn +( + cd "$final_path" + make build +) -# Disable swapfile -if [ -z ${tmp_swap_file+x} ]; -then - sudo swapoff $tmp_swap_file - sudo rm -f $tmp_swap_file -fi +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +chown "$app":"$app" -R "$final_path" +find "$final_path"/ -type d -exec chmod 2755 {} \; +find "$final_path"/ -type f -exec chmod g+r,o+r {} \; + +#================================================= +# SETUP LOGROTATE +#================================================= + +ynh_use_logrotate + +#================================================= +# ADVERTISE SERVICE IN ADMIN PANEL +#================================================= + +yunohost service add "$app" -l /var/log/$app/$app.log + +#================================================= +# SETUP SSOWAT +#================================================= + +ynh_app_setting_set "$app" skipped_uris "/" + +#================================================= +# RELOAD NGINX +#================================================= -# Fix permission -sudo find $final_path/ -type d -exec chmod 2755 {} \; -sudo find $final_path/ -type f -exec chmod g+r,o+r {} \; - -#enable services -sudo chmod +x /etc/init.d/ffsync -sudo update-rc.d ffsync defaults -sudo service ffsync restart -sudo service ffsync restart -sudo service ffsync restart - -# Reload Nginx and regenerate SSOwat conf -sudo yunohost app ssowatconf -sudo service nginx restart -sudo yunohost service add ffsync -l /var/log/ffsync.log -ynh_app_setting_set ffsync skipped_uris "/" +systemctl start "$app.service" +systemctl reload nginx diff --git a/scripts/remove b/scripts/remove index 984aad9..95d5a4f 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,22 +1,80 @@ #!/bin/bash -# Source app helpers -. /usr/share/yunohost/helpers - -db_user=ffsync -db_name=ffsync -root_pwd=$(sudo cat /etc/yunohost/mysql) -domain=$(ynh_app_setting_get ffsync domain) - -mysql -u root -p$root_pwd -e "DROP DATABASE $db_name ; DROP USER $db_user@localhost ;" -sudo rm -rf /opt/yunohost/ffsync -sudo rm -f /etc/nginx/conf.d/$domain.d/ffsync.conf -sudo service ffsync stop -sudo update-rc.d ffsync remove -sudo rm /etc/init.d/ffsync -sudo rm /etc/logrotate.d/ffsync -sudo yunohost service remove ffsync - -sudo service nginx reload -sudo userdel ffsync -sudo delgroup ffsync + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get "$app" domain) +final_path=$(ynh_app_setting_get "$app" final_path) +db_user=$app +db_name=$app + +#================================================= +# STANDARD REMOVE +#================================================= +# STOP AND REMOVE SERVICE +#================================================= + +ynh_remove_systemd_config + +#================================================= +# REMOVE SERVICE FROM ADMIN PANEL +#================================================= + +if yunohost service status | grep -q "$app" +then + echo "Remove $app service" + yunohost service remove "$app" +fi + +#================================================= +# REMOVE DEPENDENCIES +#================================================= + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies + +#================================================= +# REMOVE THE MYSQL DATABASE +#================================================= + +ynh_mysql_remove_db "$db_user" "$db_name" + +#================================================= +# REMOVE APP MAIN DIR +#================================================= + +ynh_secure_remove "$final_path" + +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= + +ynh_remove_nginx_config + +#================================================= +# REMOVE LOGROTATE CONFIGURATION +#================================================= + +ynh_remove_logrotate + +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= + +# Delete a system user +ynh_system_user_delete "$app" diff --git a/scripts/restore b/scripts/restore new file mode 100644 index 0000000..b0b39d0 --- /dev/null +++ b/scripts/restore @@ -0,0 +1,116 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +if [ ! -e _common.sh ]; then + # Get the _common.sh file if it's not in the current directory + cp ../settings/scripts/_common.sh ./_common.sh + chmod a+rx _common.sh +fi +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get "$app" domain) +path_url=$(ynh_app_setting_get "$app" path) +final_path=$(ynh_app_setting_get "$app" final_path) +db_name=$(ynh_app_setting_get "$app" db_name) + +#================================================= +# CHECK IF THE APP CAN BE RESTORED +#================================================= + +ynh_webpath_available "$domain" "$path_url" \ + || ynh_die "Path not available: ${domain}${path_url}" +test ! -d "$final_path" \ + || ynh_die "There is already a directory: $final_path " + +#================================================= +# STANDARD RESTORATION STEPS +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= + +ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= + +ynh_restore_file "$final_path" + +#================================================= +# RESTORE THE MYSQL DATABASE +#================================================= + +db_pwd=$(ynh_app_setting_get "$app" db_pwd) +ynh_mysql_setup_db "$db_name" "$db_name" "$db_pwd" +ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" < ./db.sql + +#================================================= +# RECREATE THE DEDICATED USER +#================================================= + +# Create the dedicated user (if not existing) +ynh_system_user_create "$app" + +#================================================= +# RESTORE USER RIGHTS +#================================================= + +chown "$app":"$app" -R "$final_path" +find "$final_path"/ -type d -exec chmod 2755 {} \; +find "$final_path"/ -type f -exec chmod g+r,o+r {} \; + +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= + +ynh_install_app_dependencies make python-dev python-virtualenv \ + uwsgi uwsgi-plugin-python + +#================================================= +# ADVERTISE SERVICE IN ADMIN PANEL +#================================================= + +yunohost service add "$app" --log "/var/log/$app/$app.log" + +#================================================= +# RESTORE SYSTEMD +#================================================= + +ynh_restore_file "/etc/systemd/system/$app.service" +systemctl enable "$app.service" + +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= + +ynh_restore_file "/etc/logrotate.d/$app" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= + +systemctl start "$app.service" +systemctl reload nginx diff --git a/scripts/upgrade b/scripts/upgrade index 3a39026..e5c00ed 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,91 +1,161 @@ #!/bin/bash -# Source app helpers -. /usr/share/yunohost/helpers +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= + +app=$YNH_APP_INSTANCE_NAME # Retrieve arguments -domain=$(ynh_app_setting_get ffsync domain) -path=$(ynh_app_setting_get ffsync path) -db_pwd=$(ynh_app_setting_get ffsync mysqlpwd) -db_user=ffsync -final_path=/opt/yunohost/ffsync - -# Get secret variable -secret=$(ynh_app_setting_get ffsync secret) -# Get from conf file if not defined -if [[ -z $secret ]] -then - secret=$(sudo grep "secret =" $final_path/syncserver.ini | cut -d" " -f3) - ynh_app_setting_set ffsync secret $secret +domain=$(ynh_app_setting_get "$app" domain) +path_url=$(ynh_app_setting_get "$app" path_url) +db_name=$(ynh_app_setting_get "$app" db_name) +db_pwd=$(ynh_app_setting_get "$app" db_pwd) +db_user=$app +final_path=$(ynh_app_setting_get "$app" final_path) +secret=$(ynh_app_setting_get "$app" secret) + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= + +# If db_name doesn't exist, create it +if [ -z "$db_name" ]; then + db_name=$(ynh_sanitize_dbid "$app") + ynh_app_setting_set $app db_name "$db_name" fi -# Check Swap -if [ $(sudo swapon -s | wc -l) = 1 ]; -then - # It is NOT possible to setup a swap file on a tmpfs filesystem - mount | grep /tmp | grep tmpfs > /dev/null 2>&1 - if [ $? = 1 ]; - then - tmp_swap_file=/tmp/ffsync_swapfile - else - tmp_swap_file=/var/cache/ffsync_swapfile - fi - sudo dd if=/dev/zero of=$tmp_swap_file bs=1M count=256 - sudo chmod 600 $tmp_swap_file - sudo mkswap $tmp_swap_file - sudo swapon $tmp_swap_file +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set "$app" final_path "$final_path" fi -# Copy files to the right place -sudo mkdir -p $final_path -sudo cp -a ../sources/* $final_path -sudo cp ../conf/ffsync /etc/init.d/ -sudo cp ../conf/ffsync.logrotate /etc/logrotate.d/ffsync - - -# Set permissions to ffsync directory -sudo useradd ffsync -d $final_path -sudo chown ffsync:ffsync -R $final_path - -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf -sed -i "s@ALIASTOCHANGE@$final_path@g" ../conf/nginx.conf -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/ffsync.conf -sudo cp ../conf/syncserver.ini $final_path/syncserver.ini -sudo sed -i -e "s@ynhbaseurl@$domain$path@g" $final_path/syncserver.ini -sudo sed -i -e "s@changesecret@$secret@g" $final_path/syncserver.ini -sudo sed -i "s/yunouser/$db_user/g" $final_path/syncserver.ini -sudo sed -i "s/yunopass/$db_pwd/g" $final_path/syncserver.ini -sudo sed -i "s/yunobase/$db_user/g" $final_path/syncserver.ini -sudo sed -i -e "s@media\/img@$path\/media\/img@g" $final_path/syncserver/page/sync_files/firefox_sync-bundle.css -sudo sed -i -e "s@media\/img@$path\/media\/img@g" $final_path/syncserver/page/sync_files/responsive-bundle.css - -# stop service before upgrade -sudo service ffsync stop - -# Init virtualenv -cd $final_path && sudo make build && sudo ./local/bin/easy_install gunicorn - -# Disable swapfile -if [ -z ${tmp_swap_file+x} ]; +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK THE PATH +#================================================= + +# Normalize the URL path syntax +path_url=$(ynh_normalize_url_path "$path_url") + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# INSTALL DEPENDENCIES +#================================================= + +# Check depends installation +ynh_install_app_dependencies make python-dev python-virtualenv \ + uwsgi uwsgi-plugin-python + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Create a dedicated nginx config +ynh_add_nginx_config + +if [ "$path_url" == "/" ] then - sudo swapoff $tmp_swap_file - sudo rm -f $tmp_swap_file + # $finalnginxconf comes from ynh_add_nginx_config + # uwsgi_param is only needed for non-root installation + ynh_replace_string "uwsgi_param " "#uwsgi_param " "$finalnginxconf" + ynh_replace_string "uwsgi_modifier1 " "#uwsgi_modifier1 " "$finalnginxconf" + + ynh_store_file_checksum "$finalnginxconf" fi -# Fix permission -sudo find $final_path/ -type d -exec chmod 2755 {} \; -sudo find $final_path/ -type f -exec chmod g+r,o+r {} \; -sudo usermod -a -G ffsync www-data - -#enable services -sudo chmod +x /etc/init.d/ffsync -sudo update-rc.d ffsync defaults -sudo service ffsync restart -sudo service ffsync restart -sudo service ffsync restart - -# Reload Nginx and regenerate SSOwat conf -sudo service nginx reload -ynh_app_setting_set ffsync skipped_uris "/" -sudo yunohost app ssowatconf + +#================================================= +# CREATE DEDICATED USER +#================================================= + +# Create a system user +ynh_system_user_create "$app" + +#================================================= +# SPECIFIC UPGRADE +#================================================= + +# Copy Files +cp ../conf/syncserver.ini "$final_path/syncserver.ini" +ynh_replace_string "__DOMAIN__" "$domain" "$final_path/syncserver.ini" +ynh_replace_string "__PATH__" "$path_url" "$final_path/syncserver.ini" +ynh_replace_string "__NAME__" "$app" "$final_path/syncserver.ini" +ynh_replace_string "__FINALPATH__" "$final_path" "$final_path/syncserver.ini" +ynh_replace_string "__SECRET__" "$secret" "$final_path/syncserver.ini" + +ynh_replace_string "__DB_USER__" "$db_user" "$final_path/syncserver.ini" +ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/syncserver.ini" +ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/syncserver.ini" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +chown "$app":"$app" -R "$final_path" +find "$final_path"/ -type d -exec chmod 2755 {} \; +find "$final_path"/ -type f -exec chmod g+r,o+r {} \; + +#================================================= +# SETUP LOGROTATE +#================================================= + +ynh_use_logrotate + +#================================================= +# ADVERTISE SERVICE IN ADMIN PANEL +#================================================= + +yunohost service add "$app" -l /var/log/$app/$app.log + +#================================================= +# SETUP SSOWAT +#================================================= + +ynh_app_setting_set "$app" skipped_uris "/" + +#================================================= +# RELOAD NGINX +#================================================= + +systemctl start "$app.service" +systemctl reload nginx