Add gogs code for CI

scripts/_common.sh

@@ -30,8 +30,7 @@ fi
 
 create_dir() {
     mkdir -p "$final_path/data"
-    mkdir -p "$final_path/custom/conf"
-    mkdir -p "$REPO_PATH"
+    mkdir -p "$final_path/custom/conf/auth.d"
     mkdir -p "$DATA_PATH/avatars"
     mkdir -p "$DATA_PATH/attachments"
     mkdir -p "/var/log/$app"
@@ -47,8 +46,10 @@ config_nginx() {
 
 config_gogs() {
     ynh_backup_if_checksum_is_different "$final_path/custom/conf/app.ini"
+    ynh_backup_if_checksum_is_different "$final_path/custom/conf/auth.d/ldap.conf"
 
     cp ../conf/app.ini "$final_path/custom/conf"
+    cp ../conf/ldap.conf "$final_path/custom/conf/auth.d/ldap.conf"
 
     if [ "$path_url" = "/" ]
     then
@@ -66,7 +67,17 @@ config_gogs() {
     ynh_replace_string "__PORT__" $port "$final_path/custom/conf/app.ini"
     ynh_replace_string "__APP__" $app "$final_path/custom/conf/app.ini"
 
+    if [[ "$is_public" = '1' ]]
+    then
+        ynh_replace_string "__PRIVATE_MODE__" "false" "$final_path/custom/conf/app.ini"
+    else
+        ynh_replace_string "__PRIVATE_MODE__" "true" "$final_path/custom/conf/app.ini"
+    fi
+
+    ynh_replace_string "__ADMIN__" "$admin" "$final_path/custom/conf/auth.d/ldap.conf"
+
     ynh_store_file_checksum "$final_path/custom/conf/app.ini"
+    ynh_store_file_checksum "$final_path/custom/conf/auth.d/ldap.conf"
 }
 
 set_permission() {
@@ -77,3 +88,21 @@ set_permission() {
     chmod u=rwX,g=rX,o= "/home/$app"
     chmod u=rwX,g=rX,o= "/var/log/$app"
 }
+
+set_access_settings() {
+    if [ "$is_public" = '1' ]
+    then
+        ynh_app_setting_set $app unprotected_uris "/"
+    else
+        # For an access to the git server by https in private mode we need to allow the access to theses URL :
+        #  - "DOMAIN/PATH/USER/REPOSITORY/info/refs"
+        #  - "DOMAIN/PATH/USER/REPOSITORY/git-upload-pack"
+        #  - "DOMAIN/PATH/USER/REPOSITORY/git-receive-pack"
+
+        excaped_domain=${domain//'.'/'%.'}
+        excaped_domain=${excaped_domain//'-'/'%-'}
+        excaped_path=${path_url//'.'/'%.'}
+        excaped_path=${excaped_path//'-'/'%-'}
+        ynh_app_setting_set $app skipped_regex "$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-receive%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-upload%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/info/refs"
+    fi
+}

scripts/change_url

@@ -14,57 +14,32 @@ ynh_abort_if_errors
 source ./experimental_helper.sh
 source ./_common.sh
 
-cp -r  /etc/yunohost/apps/${app}/conf ../ # Quick hack for https://github.com/YunoHost/yunohost/pull/427
-
 # RETRIEVE ARGUMENTS
 old_domain=$YNH_APP_OLD_DOMAIN
-old_path=$YNH_APP_OLD_PATH
-new_domain=$YNH_APP_NEW_DOMAIN
-new_path=$YNH_APP_NEW_PATH
+domain=$YNH_APP_NEW_DOMAIN
+path_url=$(ynh_normalize_url_path ${YNH_APP_NEW_PATH:-'/'})
 app=$YNH_APP_INSTANCE_NAME
 
 dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
 admin=$(ynh_app_setting_get "$app" adminusername)
 key=$(ynh_app_setting_get "$app" secret_key)
 port=$(ynh_app_setting_get "$app" web_port)
-
-# CHECK THE SYNTAX OF THE PATHS
-test -n "$old_path" || old_path="/"
-test -n "$new_path" || new_path="/"
-new_path=$(ynh_normalize_url_path $new_path)
-old_path=$(ynh_normalize_url_path $old_path)
-
-domain="$new_domain"
-path_url="$new_path"
-
-# CHECK WHICH PARTS SHOULD BE CHANGED
-change_domain=0
-if [ "$old_domain" != "$new_domain" ]
-then
-    change_domain=1
-fi
-
-change_path=0
-if [ "$old_path" != "$new_path" ]
-then
-    change_path=1
-fi
+is_public=$(ynh_app_setting_get "$app" is_public)
 
 #=================================================
 # STANDARD MODIFICATIONS
 #=================================================
 
-# MODIFY URL IN NGINX CONF
-nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
-
 # Change the domain for nginx
-if [ $change_domain -eq 1 ]
+if [ "$old_domain" != "$domain" ]
 then
     # Delete file checksum for the old conf file location
-    ynh_delete_file_checksum "$nginx_conf_path"
-    mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
+    ynh_delete_file_checksum "/etc/nginx/conf.d/$old_domain.d/$app.conf"
+
+    mv "/etc/nginx/conf.d/$old_domain.d/$app.conf" "/etc/nginx/conf.d/$domain.d/$app.conf"
+
     # Store file checksum for the new config file location
-    ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
+    ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
 fi
 
 config_nginx

scripts/install

@@ -16,7 +16,7 @@ source ./_common.sh
 
 # Retrieve arguments
 domain=$YNH_APP_ARG_DOMAIN
-path_url=$YNH_APP_ARG_PATH
+path_url=$(ynh_normalize_url_path $YNH_APP_ARG_PATH)
 admin=$YNH_APP_ARG_ADMIN
 is_public=$YNH_APP_ARG_IS_PUBLIC
 
@@ -53,7 +53,10 @@ ynh_app_setting_set $app web_port $port
 ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
 
 # Add users
-ynh_system_user_create $app
+# We can't use the official helper because we need to set the shell for the login
+test getent passwd "$app" &>/dev/null || \
+    useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
+        ynh_die "Unable to create $app system account"
 
 # create needed directories
 create_dir
@@ -70,32 +73,15 @@ ynh_add_systemd_config
 # Modify Nginx configuration file and copy it to Nginx conf directory
 config_nginx
 
-# Start gogs for building mysql tables
-systemctl start "$app".service
-
-# Set permissions
-set_permission
-
-# Wait till login_source mysql table is created
-while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname"  <<< "SELECT * FROM login_source;" &>/dev/null)
-do
-    sleep 2
-done
-
-# Add ldap config
-ynh_replace_string "__ADMIN__" "$admin" ../conf/login_source.sql
-ynh_replace_string "__APP__" "$app" ../conf/login_source.sql
-ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
-
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 
+# Set permissions
+set_permission
+
 # Unprotect root from SSO if public
-if [ "$is_public" = '1' ]
-then
-    ynh_app_setting_set $app unprotected_uris "/"
-fi
+set_access_settings
 
 # Add Gogs to YunoHost's monitored services
 yunohost service add "$app" --log "/var/log/$app/$app.log"

scripts/restore

@@ -35,7 +35,10 @@ test ! -e "$final_path" || ynh_die "This path already contains a folder"
 #=================================================
 
 # Add users
-ynh_system_user_create $app
+# We can't use the official helper because we need to set the shell for the login
+test getent passwd "$app" &>/dev/null || \
+    useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
+        ynh_die "Unable to create $app system account"
 
 # Restore all files
 ynh_restore

scripts/upgrade

@@ -80,6 +80,13 @@ then
     usermod -p '*' "$app"
 fi
 
+# Remove old authentification mecanisme, actually the registry in the database has been replaced by a config file
+if [[ ! -e "$final_path/custom/conf/auth.d/ldap.conf" ]]
+then
+    ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname"  <<< "DELETE FROM login_source WHERE name = 'Yunohost LDAP';"
+    mkdir -p "$final_path/custom/conf/auth.d"
+fi
+
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
@@ -103,6 +110,9 @@ config_nginx
 # GENERIC FINALIZATION
 #=================================================
 
+# Unprotect root from SSO if public
+set_access_settings
+
 # Set permissions
 set_permission