From 4c0f81b03507e95d22245d0e66df608b60cd08ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Sat, 23 Apr 2022 19:40:27 +0200 Subject: [PATCH] Fix install and fix linter --- README.md | 8 ++++---- README_fr.md | 8 ++++---- conf/systemd.service | 4 ++-- doc/DISCLAIMER.md | 6 +++--- scripts/_common.sh | 20 ++++++++++---------- scripts/backup | 2 +- scripts/change_url | 4 ++-- scripts/install | 22 +++++++++++----------- scripts/remove | 2 +- scripts/restore | 10 +++++----- scripts/upgrade | 31 ++++++++++++++++--------------- 11 files changed, 59 insertions(+), 58 deletions(-) diff --git a/README.md b/README.md index d767b85..26c64d7 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ If you want to use Gitea with ssh and be able to pull/push with you ssh key, you ```bash PubkeyAuthentication yes -AuthorizedKeysFile /home/%u/.ssh/authorized_keys +AuthorizedKeysFile /home/yunohost.app/%u/.ssh/authorized_keys ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no @@ -78,14 +78,14 @@ This app use now the core-only feature of the backup. To keep the integrity of t `yunohost backup create --app gitea` -- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/gitea`. +- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/gitea`. - Restart the gitea service with theses command: `systemctl start gitea.service` ### Remove -Due of the backup core only feature the data directory in `/home/gitea` **is not removed**. It need to be removed manually to purge app user data. +Due of the backup core only feature the data directory in `/home/yunohost.app/gitea` **is not removed**. It need to be removed manually to purge app user data. ### LFS setup To use a repository with an `LFS` setup, you need to activate-it on `/opt/gitea/custom/conf/app.ini` @@ -125,4 +125,4 @@ or sudo yunohost app upgrade gitea -u https://github.com/YunoHost-Apps/gitea_ynh/tree/testing --debug ``` -**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file +**More info regarding app packaging:** https://yunohost.org/packaging_apps diff --git a/README_fr.md b/README_fr.md index f6e966f..4bf6086 100644 --- a/README_fr.md +++ b/README_fr.md @@ -33,7 +33,7 @@ If you want to use Gitea with ssh and be able to pull/push with you ssh key, you ```bash PubkeyAuthentication yes -AuthorizedKeysFile /home/%u/.ssh/authorized_keys +AuthorizedKeysFile /home/yunohost.app/%u/.ssh/authorized_keys ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no @@ -74,14 +74,14 @@ This app use now the core-only feature of the backup. To keep the integrity of t `yunohost backup create --app gitea` -- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/gitea`. +- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/gitea`. - Restart the gitea service with theses command: `systemctl start gitea.service` ### Remove -Due of the backup core only feature the data directory in `/home/gitea` **is not removed**. It need to be removed manually to purge app user data. +Due of the backup core only feature the data directory in `/home/yunohost.app/gitea` **is not removed**. It need to be removed manually to purge app user data. ### LFS setup To use a repository with an `LFS` setup, you need to activate-it on `/opt/gitea/custom/conf/app.ini` @@ -121,4 +121,4 @@ ou sudo yunohost app upgrade gitea -u https://github.com/YunoHost-Apps/gitea_ynh/tree/testing --debug ``` -**Plus d'infos sur le packaging d'applicationsĀ :** https://yunohost.org/packaging_apps \ No newline at end of file +**Plus d'infos sur le packaging d'applicationsĀ :** https://yunohost.org/packaging_apps diff --git a/conf/systemd.service b/conf/systemd.service index 31f9fe0..3dcae38 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -15,10 +15,10 @@ After=slapd.service Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=/home/__APP__ +WorkingDirectory=/home/yunohost.app/__APP__ ExecStart=/opt/__APP__/gitea web Restart=always -Environment=USER=__APP__ HOME=/home/__APP__ +Environment=USER=__APP__ HOME=/home/yunohost.app/__APP__ # Sandboxing options to harden security # Depending on specificities of your service/app, you may need to tweak these diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index 4969e45..f18f681 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -7,7 +7,7 @@ If you want to use Gitea with ssh and be able to pull/push with you ssh key, you ```bash PubkeyAuthentication yes -AuthorizedKeysFile /home/%u/.ssh/authorized_keys +AuthorizedKeysFile /home/yunohost.app/%u/.ssh/authorized_keys ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no @@ -48,14 +48,14 @@ This app use now the core-only feature of the backup. To keep the integrity of t `yunohost backup create --app gitea` -- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/gitea`. +- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/gitea`. - Restart the gitea service with theses command: `systemctl start gitea.service` ### Remove -Due of the backup core only feature the data directory in `/home/gitea` **is not removed**. It need to be removed manually to purge app user data. +Due of the backup core only feature the data directory in `/home/yunohost.app/gitea` **is not removed**. It need to be removed manually to purge app user data. ### LFS setup To use a repository with an `LFS` setup, you need to activate-it on `/opt/gitea/custom/conf/app.ini` diff --git a/scripts/_common.sh b/scripts/_common.sh index 9bfae74..26483bc 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -6,10 +6,10 @@ app=$YNH_APP_INSTANCE_NAME dbname=$app db_user=$app final_path="/opt/$app" -DATADIR="/home/$app" -REPO_PATH="$DATADIR/repositories" -DATA_PATH="$DATADIR/data" -SSH_PATH="$DATADIR/.ssh" +datadir="/home/yunohost.app/$app" +repos_path="$datadir/repositories" +data_path="$datadir/data" +ssh_path="$datadir/.ssh" # Detect the system architecture to download the right tarball # NOTE: `uname -m` is more accurate and universal than `arch` @@ -36,10 +36,10 @@ fi create_dir() { mkdir -p "$final_path/data" mkdir -p "$final_path/custom/conf" - mkdir -p "$SSH_PATH" - mkdir -p "$REPO_PATH" - mkdir -p "$DATA_PATH/avatars" - mkdir -p "$DATA_PATH/attachments" + mkdir -p "$ssh_path" + mkdir -p "$repos_path" + mkdir -p "$data_path/avatars" + mkdir -p "$data_path/attachments" mkdir -p "/var/log/$app" } @@ -58,12 +58,12 @@ config_gitea() { set_permission() { chown -R $app:$app "$final_path" - chown -R $app:$app "/home/$app" + chown -R $app:$app "$datadir" chown -R $app:$app "/var/log/$app" chmod u=rwX,g=rX,o= "$final_path" chmod u=rwx,g=rx,o= "$final_path/gitea" chmod u=rwx,g=rx,o= "$final_path/custom/conf/app.ini" - chmod u=rwX,g=rX,o= "/home/$app" + chmod u=rwX,g=rX,o= "$datadir" chmod u=rwX,g=rX,o= "/var/log/$app" } diff --git a/scripts/backup b/scripts/backup index e78d87f..a311d22 100644 --- a/scripts/backup +++ b/scripts/backup @@ -32,7 +32,7 @@ ynh_backup --src_path "$final_path" # Copy the data files ynh_print_info --message="Backing up user data..." -ynh_backup --src_path "$DATADIR" --is_big=1 +ynh_backup --src_path "$datadir" --is_big=1 ynh_print_info --message="Backing up configuration..." diff --git a/scripts/change_url b/scripts/change_url index 76661b3..ed4dfc4 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -22,7 +22,7 @@ domain=$YNH_APP_NEW_DOMAIN path_url=$(ynh_normalize_url_path --path_url ${YNH_APP_NEW_PATH:-'/'}) app=$YNH_APP_INSTANCE_NAME -DB_PASSWORD=$(ynh_app_setting_get --app $app --key mysqlpwd) +db_password=$(ynh_app_setting_get --app $app --key mysqlpwd) admin=$(ynh_app_setting_get --app $app --key adminusername) key=$(ynh_app_setting_get --app $app --key secret_key) port=$(ynh_app_setting_get --app $app --key web_port) @@ -55,7 +55,7 @@ config_gitea # RELOAD services ynh_script_progression --message="Starting services..." -ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 -a restart +ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 -a restart sleep 1 # Store the checksum with the 'INTERNAL_TOKEN' value. diff --git a/scripts/install b/scripts/install index bc09736..fe5f017 100644 --- a/scripts/install +++ b/scripts/install @@ -33,15 +33,15 @@ ynh_user_exists "$admin" \ # Check Final Path availability test ! -e "$final_path" || ynh_die --message "This path already contains a folder" -if [ -e "$DATADIR" ]; then - old_data_dir_path="$DATADIR$(date '+%Y%m%d.%H%M%S')" +if [ -e "$datadir" ]; then + old_data_dir_path="$datadir$(date '+%Y%m%d.%H%M%S')" ynh_print_warn "A data directory already exist. Data was renamed to $old_data_dir_path" - mv "$DATADIR" "$old_data_dir_path" + mv "$datadir" "$old_data_dir_path" fi # Generate random password and key ynh_script_progression --message="Defining db password and key..." -DB_PASSWORD=$(ynh_string_random) +db_password=$(ynh_string_random) key=$(ynh_string_random) # Find available ports @@ -49,7 +49,7 @@ port=$(ynh_find_port --port 6000) # Store Settings ynh_script_progression --message="Storing installation settings..." -ynh_app_setting_set --app $app --key mysqlpwd --value $DB_PASSWORD +ynh_app_setting_set --app $app --key mysqlpwd --value $db_password ynh_app_setting_set --app $app --key adminusername --value $admin ynh_app_setting_set --app $app --key secret_key --value $key ynh_app_setting_set --app $app --key web_port --value $port @@ -60,11 +60,11 @@ ynh_app_setting_set --app $app --key web_port --value $port # Initialize database and store mysql password for upgrade ynh_script_progression --message="Configuring MySQL database..." -ynh_mysql_create_db "$dbname" "$db_user" "$DB_PASSWORD" +ynh_mysql_create_db "$dbname" "$db_user" "$db_password" # Add users ynh_script_progression --message="Configuring system user..." -ynh_system_user_create --username=$app --home_dir=/home/$app --use_shell +ynh_system_user_create --username=$app --home_dir=$datadir --use_shell # Add ssh permission for gitea user adduser $app ssh.app @@ -98,14 +98,14 @@ ynh_script_progression --message="Configuring application, step 2/2..." systemctl start "$app".service # Wait untill login_source mysql table is created -while ! $(ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null) +while ! $(ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null) do sleep 2 done # Add ldap config ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql -ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ../conf/login_source.sql +ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql # SETUP FAIL2BAN ynh_script_progression --message="Configuring fail2ban..." @@ -116,7 +116,7 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile #================================================= # Unprotect root from SSO if public -ynh_script_progression --message="Protecting directory" +ynh_script_progression --message="Configuring permissions..." if [ "$is_public" == '1' ]; then ynh_permission_update --permission "main" --add "visitors" @@ -139,7 +139,7 @@ ynh_app_setting_set --app $app --key upstream_version --value $(ynh_app_upstream # Reload services ynh_script_progression --message="Starting gitea services..." --weight=3 -ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 +ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 sleep 1 # Store the checksum with the 'INTERNAL_TOKEN' value. diff --git a/scripts/remove b/scripts/remove index df98a6b..ebfab83 100644 --- a/scripts/remove +++ b/scripts/remove @@ -58,7 +58,7 @@ yunohost service remove "$app" ynh_script_progression --message="Removing fail2ban configuration..." ynh_remove_fail2ban_config -ynh_print_info --message="Due of the backup core only feature the data directory in '$DATADIR' was not removed. It need to be removed manually to purge app user data." +ynh_print_info --message="Due of the backup core only feature the data directory in '$datadir' was not removed. It need to be removed manually to purge app user data." ynh_script_progression --message="Removal of $app completed" --last sleep 1 diff --git a/scripts/restore b/scripts/restore index 524a04c..7ecb82e 100644 --- a/scripts/restore +++ b/scripts/restore @@ -19,7 +19,7 @@ ynh_script_progression --message="Loading settings..." # Retrieve old app settings domain=$(ynh_app_setting_get --app $app --key domain) path_url=$(ynh_app_setting_get --app $app --key path) -DB_PASSWORD=$(ynh_app_setting_get --app $app --key mysqlpwd) +db_password=$(ynh_app_setting_get --app $app --key mysqlpwd) admin=$(ynh_app_setting_get --app $app --key adminusername) port=$(ynh_app_setting_get --app $app --key web_port) upstream_version=$(ynh_app_setting_get $app upstream_version) @@ -37,7 +37,7 @@ test ! -e "$final_path" || ynh_die --message "This path already contains a folde # Add users ynh_script_progression --message="Configuring system user..." -ynh_system_user_create --username=$app --home_dir=/home/$app --use_shell +ynh_system_user_create --username=$app --home_dir=$datadir --use_shell # Restore all files ynh_script_progression --message="Restoring files..." --weight=10 @@ -45,8 +45,8 @@ ynh_restore # Create and restore the database ynh_script_progression --message="Restoring database..." --weight=3 -ynh_mysql_create_db "$dbname" "$db_user" "$DB_PASSWORD" -ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ./db.sql +ynh_mysql_create_db "$dbname" "$db_user" "$db_password" +ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ./db.sql # Restore systemd files systemctl daemon-reload @@ -75,7 +75,7 @@ yunohost service add "$app" --log /var/log/"$app"/gitea.log # Reload services ynh_script_progression --message="Reloading services..." systemctl reload nginx.service -ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 +ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 sleep 1 ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 8d9465f..330bbcc 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,7 +18,7 @@ ynh_abort_if_errors ynh_script_progression --message="Loading installation settings..." domain=$(ynh_app_setting_get --app $app --key domain) path_url=$(ynh_normalize_url_path --path_url $(ynh_app_setting_get --app $app --key path)) -DB_PASSWORD=$(ynh_app_setting_get --app $app --key mysqlpwd) +db_password=$(ynh_app_setting_get --app $app --key mysqlpwd) admin=$(ynh_app_setting_get --app $app --key adminusername) key=$(ynh_app_setting_get --app $app --key secret_key) port=$(ynh_app_setting_get --app $app --key web_port) @@ -57,14 +57,14 @@ if [[ $migration_process -eq 1 ]]; then dbname=$app db_user=$app final_path="/opt/$app" - DATADIR="/home/$app" - REPO_PATH="$DATADIR/repositories" - DATA_PATH="$DATADIR/data" + datadir="/home/""$app" + repos_path="$datadir/repositories" + data_path="$datadir/data" # Replace the user ynh_system_user_delete $old_app test getent passwd "$app" &>/dev/null || \ - useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \ + useradd -d "$datadir" --system --user-group "$app" --shell /bin/bash || \ ynh_die --message "Unable to create $app system account" # Clean old binary @@ -73,14 +73,14 @@ if [[ $migration_process -eq 1 ]]; then # Restore authentication from SQL database ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql - ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ../conf/login_source.sql + ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql # Fix hooks - if [[ -e $REPO_PATH ]];then - ls $REPO_PATH/*/*.git/hooks/pre-receive | while read p; do + if [[ -e $repos_path ]];then + ls $repos_path/*/*.git/hooks/pre-receive | while read p; do ynh_secure_remove --file=$p done - ls $REPO_PATH/*/*.git/hooks/post-receive | while read p; do + ls $repos_path/*/*.git/hooks/post-receive | while read p; do ynh_secure_remove --file=$p done fi @@ -88,6 +88,11 @@ if [[ $migration_process -eq 1 ]]; then upstream_version="0.0.1" fi +# Move data directory +if [ -e "/home/""$app" ] && [ ! -e $datadir ]; then + mv "/home/""$app" "$datadir" +fi + #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -223,7 +228,7 @@ if ! ynh_permission_exists --permission admin; then ynh_permission_create --permission 'admin' --allowed "$admin" # Update ldap config ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql - ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ../conf/login_source.sql + ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql fi # Add gitea to YunoHost's monitored services @@ -240,13 +245,9 @@ set_permission # Save Version ynh_app_setting_set --app $app --key upstream_version --value $(ynh_app_upstream_version) -# Unprotect root from SSO if public -ynh_script_progression --message="Configuring permissions..." -set_access_settings - # Reload services ynh_script_progression --message="Starting gitea services..." --weight=3 -ynh_systemd_action -l "Starting new server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 +ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 sleep 1 # Store the checksum with the 'INTERNAL_TOKEN' value.