Git/yunohost-gitea_ynh
1
0
Fork 0
mirror of https://framagit.org/YunoHost-Apps/gitea_ynh.git synced 2025-09-02 10:08:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Migrate to manifestv2 and other changes:

Browse Source 
* Move app install dir from /opt to /var/www
* Revamp the way binaries are downloaded thanks to manifestv2 (no need to check for arch, etc)
* Remove custom helpers (exec_as, ynh_handle_app_migration)
* Rename LFS_KEY as LFS_JWT_SECRET and KEY as SECRET_KEY as named in app.ini
* Add JWT_SECRET for oauth and INTERNAL_TOKEN in app.ini
* update upstream sample app.ini URL
* Disable actions for now.
* Automatically add ssh permissions to the system user
* Remove support for upgrade before 1.6.4. Edit test_upgrade_from accordingly.
This commit is contained in:
Félix Piédallu
2023-09-09 11:17:52 +02:00
committed by Félix Piédallu
parent b51febc0f9
commit 60cb5e5ae4
128 changed files with 474 additions and 1648 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
scripts/_common.sh
View File

@ -1,70 +1,63 @@
#=================================================
# SET ALL CONSTANTS
#=================================================
app=$YNH_APP_INSTANCE_NAME
dbname=$app
db_user=$app
final_path="/opt/$app"
datadir="/home/yunohost.app/$app"
repos_path="$datadir/repositories"
data_path="$datadir/data"
ssh_path="$datadir/.ssh"
# Detect the system architecture to download the right tarball
# NOTE: `uname -m` is more accurate and universal than `arch`
# See https://en.wikipedia.org/wiki/Uname
if [ -n "$(uname -m | grep arm64)" ] || [ -n "$(uname -m | grep aarch64)" ]; then
architecture="arm64"
elif [ -n "$(uname -m | grep 64)" ]; then
architecture="x86-64"
elif [ -n "$(uname -m | grep 86)" ]; then
architecture="i386"
elif [ -n "$(uname -m | grep armv7)" ]; then
architecture="armv7"
elif [ -n "$(uname -m | grep arm)" ]; then
architecture="arm"
else
ynh_die --message "Unable to detect your achitecture, please open a bug describing \
your hardware and the result of the command \"uname -m\"." 1
fi
#!/bin/bash
#=================================================
# DEFINE ALL COMMON FONCTIONS
#=================================================
create_dir() {
mkdir -p "$final_path/data"
mkdir -p "$final_path/custom/conf"
mkdir -p "$ssh_path"
mkdir -p "$repos_path"
mkdir -p "$data_path/avatars"
mkdir -p "$data_path/attachments"
_gitea_mkdirs() {
mkdir -p "$install_dir/data"
mkdir -p "$install_dir/custom/conf"
_gitea_permissions_install_dir
mkdir -p "$data_dir/.ssh"
mkdir -p "$data_dir/repositories"
mkdir -p "$data_dir/data/avatars"
mkdir -p "$data_dir/data/attachments"
chown -R "$app:$app" "$data_dir"
chmod -R u=rwX,g=rX,o= "$data_dir"
chmod -R u=rwx,g=,o= "$data_dir/.ssh"
mkdir -p "/var/log/$app"
touch "/var/log/$app/gitea.log"
chown -R "$app:$app" "/var/log/$app"
chmod -R u=rwX,g=rX,o= "/var/log/$app"
}
config_nginx() {
if [ "$path_url" != "/" ]
then
ynh_replace_string --match_string "^#sub_path_only" --replace_string "" --target_file "../conf/nginx.conf"
_gitea_permissions_install_dir() {
chown -R "$app:$app" "$install_dir"
chmod -R u=rwX,g=rX,o= "$install_dir"
}
_gitea_set_secrets() {
if [[ -z "${internal_token:-}" ]]; then
internal_token=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret INTERNAL_TOKEN)
ynh_app_setting_set --app "$app" --key internal_token --value="$internal_token"
fi
if [[ -z "${secret_key:-}" ]]; then
secret_key=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret SECRET_KEY)
ynh_app_setting_set --app "$app" --key secret_key --value="$secret_key"
fi
if [[ -z "${jwt_secret:-}" ]]; then
jwt_secret=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret JWT_SECRET)
ynh_app_setting_set --app "$app" --key jwt_secret --value="$jwt_secret"
fi
if [[ -n "${lfs_key:-}" ]]; then
# Migration
lfs_jwt_secret="$lfs_key"
ynh_app_setting_delete --app "$app" --key lfs_key
ynh_app_setting_set --app "$app" --key lfs_jwt_secret --value="$lfs_jwt_secret"
fi
if [[ -z "${lfs_jwt_secret:-}" ]]; then
lfs_jwt_secret=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret JWT_SECRET)
ynh_app_setting_set --app "$app" --key lfs_jwt_secret --value="$lfs_jwt_secret"
fi
ynh_add_nginx_config
}
config_gitea() {
_gitea_add_config() {
ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+")
ynh_add_config --template="app.ini" --destination="$final_path/custom/conf/app.ini"
}
set_permission() {
chown -R $app:$app "$final_path"
chown -R $app:$app "$datadir"
chown -R $app:$app "/var/log/$app"
chmod u=rwX,g=rX,o= "$final_path"
chmod u=rwx,g=rx,o= "$final_path/gitea"
chmod u=rwx,g=rx,o= "$final_path/custom/conf/app.ini"
chmod u=rwX,g=rX,o= "$datadir"
chmod u=rwX,g=rX,o= "/var/log/$app"
chmod u=rwx,g=,o= "$ssh_path"
ynh_add_config --template="app.ini" --destination="$install_dir/custom/conf/app.ini"
}

39
scripts/backup
View File

@ -5,47 +5,44 @@
#=================================================
# Load common variables and helpers
source ../settings/scripts/experimental_helper.sh
source ../settings/scripts/_common.sh
# IMPORT GENERIC HELPERS
source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Retrieve app settings
ynh_print_info --message="Loading installation settings..."
domain=$(ynh_app_setting_get --app $app --key domain)
if [[ ! "$(systemctl status $app.service)" =~ "Active: inactive (dead)" ]]; then
ynh_print_warn --message="It's hightly recommended to make your backup when the service is stopped. Please stop $app service and with this command before to run the backup 'systemctl stop $app.service'"
fi
#=================================================
# STANDARD BACKUP STEPS
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
# Copy the app source files
ynh_print_info --message="Backing up code..."
ynh_backup --src_path "$final_path"
ynh_backup --src_path "$install_dir"
# Copy the data files
ynh_print_info --message="Backing up user data..."
ynh_backup --src_path "$datadir" --is_big=1
ynh_print_info --message="Backing up configuration..."
ynh_backup --src_path "$data_dir" --is_big=1
# Copy the conf files
ynh_backup --src_path "/etc/nginx/conf.d/${domain}.d/${app}.conf"
ynh_backup --src_path "/etc/systemd/system/${app}.service"
ynh_backup --src_path "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
ynh_backup --src_path="/etc/logrotate.d/$app"
ynh_backup --src_path "/etc/systemd/system/$app.service"
# Backup logs
ynh_print_info --message="Backing up logs..."
ynh_backup --src_path "/var/log/$app"
# Dump the database
ynh_print_info --message="Backing up database"
ynh_mysql_dump_db "$dbname" > ./db.sql
ynh_print_info --message="Backing up the MySQL database"
ynh_mysql_dump_db "$db_name" > ./db.sql
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

77
scripts/change_url
View File

@ -1,66 +1,51 @@
#!/bin/bash
#=================================================
# GENERIC START
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Import common cmd
source ./experimental_helper.sh
source ./_common.sh
# IMPORT GENERIC HELPERS
source _common.sh
source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
ynh_script_progression --message="Loading installation settings..."
# RETRIEVE ARGUMENTS
old_domain=$YNH_APP_OLD_DOMAIN
domain=$YNH_APP_NEW_DOMAIN
path_url=$(ynh_normalize_url_path --path_url ${YNH_APP_NEW_PATH:-'/'})
app=$YNH_APP_INSTANCE_NAME
db_password=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
key=$(ynh_app_setting_get --app $app --key secret_key)
lfs_key=$(ynh_app_setting_get --app $app --key lfs_key)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get $app upstream_version)
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_script_progression --message="Updating nginx configuration..."
ynh_systemd_action --service_name="$app" --action="stop"
#=================================================
# MODIFY URL IN NGINX CONF
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
# Change the domain for nginx
# Change the domain for nginx
if [[ "$old_domain" != "$domain" ]]; then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum --file "$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum --file "/etc/nginx/conf.d/$domain.d/$app.conf"
fi
ynh_change_url_nginx_config
config_nginx
# Update gitea config
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# Setup gitea.ini
#=================================================
ynh_script_progression --message="Updating gitea configuration..."
config_gitea
# RELOAD services
ynh_script_progression --message="Starting services..."
ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10 -a restart
sleep 1
_gitea_add_config
_gitea_permissions_install_dir
# Store the checksum with the 'INTERNAL_TOKEN' value.
# Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"
#=================================================
# GENERIC FINALISATION
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting gitea services..." --weight=3
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last

257
scripts/experimental_helper.sh
View File

@ -1,257 +0,0 @@
# Execute a command as another user
# usage: exec_as USER COMMAND [ARG ...]
exec_as() {
local USER=$1
shift 1
if [[ $USER = $(whoami) ]]; then
eval "$@"
else
sudo -u "$USER" "$@"
fi
}
# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args
# Make the main steps to migrate an app to its fork.
#
# This helper has to be used for an app which needs to migrate to a new name or a new fork
# (like owncloud to nextcloud or zerobin to privatebin).
#
# This helper will move the files of an app to its new name
# or recreate the things it can't move.
#
# To specify which files it has to move, you have to create a "migration file", stored in ../conf
# This file is a simple list of each file it has to move,
# except that file names must reference the $app variable instead of the real name of the app,
# and every instance-specific variables (like $domain).
# $app is especially important because it's this variable which will be used to identify the old place and the new one for each file.
#
# If a database exists for this app, it will be dumped and then imported in a newly created database, with a new name and new user.
# Don't forget you have to then apply these changes to application-specific settings (depends on the packaged application)
#
# Same things for an existing user, a new one will be created.
# But the old one can't be removed unless it's not used. See below.
#
# If you have some dependencies for your app, it's possible to change the fake debian package which manages them.
# You have to fill the $pkg_dependencies variable, and then a new fake package will be created and installed,
# and the old one will be removed.
# If you don't have a $pkg_dependencies variable, the helper can't know what the app dependencies are.
#
# The app settings.yml will be modified as follows:
# - finalpath will be changed according to the new name (but only if the existing $final_path contains the old app name)
# - The checksums of php-fpm and nginx config files will be updated too.
# - If there is a $db_name value, it will be changed.
# - And, of course, the ID will be changed to the new name too.
#
# Finally, the $app variable will take the value of the new name.
# The helper will set the $migration_process variable to 1 if a migration has been successfully handled.
#
# You have to handle by yourself all the migrations not done by this helper, like configuration or special values in settings.yml
# Also, at the end of the upgrade script, you have to add a post_migration script to handle all the things the helper can't do during YunoHost upgrade (mostly for permission reasons),
# especially remove the old user, move some hooks and remove the old configuration directory
# To launch this script, you have to move it elsewhere and start it after the upgrade script.
# `cp ../conf/$script_post_migration /tmp`
# `(cd /tmp; echo "/tmp/$script_post_migration" | at now + 2 minutes)`
#
# usage: ynh_handle_app_migration migration_id migration_list
# | arg: -i, --migration_id= - ID from which to migrate
# | arg: -l, --migration_list= - File specifying every file to move (one file per line)
ynh_handle_app_migration () {
# Need for end of install
ynh_package_install at
#=================================================
# LOAD SETTINGS
#=================================================
old_app=$YNH_APP_INSTANCE_NAME
local old_app_id=$YNH_APP_ID
local old_app_number=$YNH_APP_INSTANCE_NUMBER
# Declare an array to define the options of this helper.
declare -Ar args_array=( [i]=migration_id= [l]=migration_list= )
# Get the id from which to migrate
local migration_id
# And the file with the paths to move
local migration_list
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
# Get the new app id in the manifest
local new_app_id=$(grep \"id\": ../manifest.json | cut -d\" -f4)
if [ $old_app_number -eq 1 ]; then
local new_app=$new_app_id
else
local new_app=${new_app_id}__${old_app_number}
fi
#=================================================
# CHECK IF IT HAS TO MIGRATE
#=================================================
migration_process=0
if [ "$old_app_id" == "$new_app_id" ]
then
# If the 2 id are the same
# No migration to do.
echo 0
return 0
else
if [ "$old_app_id" != "$migration_id" ]
then
# If the new app is not the authorized id, fail.
ynh_die --message "Incompatible application for migration from $old_app_id to $new_app_id"
fi
echo "Migrate from $old_app_id to $new_app_id" >&2
#=================================================
# CHECK IF THE MIGRATION CAN BE DONE
#=================================================
# TODO Handle multi instance apps...
# Check that there is not already an app installed for this id.
(yunohost app list --installed -f "$new_app" | grep -q id) \
&& ynh_die "$new_app is already installed"
#=================================================
# CHECK THE LIST OF FILES TO MOVE
#=================================================
local temp_migration_list="$(tempfile)"
# Build the list by removing blank lines and comment lines
sed '/^#.*\|^$/d' "../conf/$migration_list" > "$temp_migration_list"
# Check if there is no file in the destination
local file_to_move=""
while read file_to_move
do
# Replace all occurences of $app by $new_app in each file to move.
local move_to_destination="${file_to_move//\$app/$new_app}"
test -e "$move_to_destination" && ynh_die "A file named $move_to_destination already exists."
done < "$temp_migration_list"
#=================================================
# COPY YUNOHOST SETTINGS FOR THIS APP
#=================================================
local settings_dir="/etc/yunohost/apps"
cp -a "$settings_dir/$old_app" "$settings_dir/$new_app"
cp -a ../{scripts,conf} "$settings_dir/$new_app"
# Replace the old id by the new one
ynh_replace_string "\(^id: .*\)$old_app" "\1$new_app" "$settings_dir/$new_app/settings.yml"
# INFO: There a special behavior with yunohost app setting:
# if the id given in argument does not match with the id
# stored in the config file, the config file will be purged.
# That's why we use sed instead of app setting here.
# https://github.com/YunoHost/yunohost/blob/c6b5284be8da39cf2da4e1036a730eb5e0515096/src/yunohost/app.py#L1316-L1321
# Change the label if it's simply the name of the app
old_label=$(ynh_app_setting_get $new_app label)
if [ "${old_label,,}" == "$old_app_id" ]
then
# Build the new label from the id of the app. With the first character as upper case
new_label=$(echo $new_app_id | cut -c1 | tr [:lower:] [:upper:])$(echo $new_app_id | cut -c2-)
ynh_app_setting_set $new_app label $new_label
fi
yunohost tools shell -c "from yunohost.permission import permission_delete; permission_delete('$old_app.main', force=True, sync_perm=False)"
yunohost tools shell -c "from yunohost.permission import permission_create; permission_create('$new_app.main', url='/' , sync_perm=True)"
#=================================================
# MOVE FILES TO THE NEW DESTINATION
#=================================================
while read file_to_move
do
# Replace all occurence of $app by $new_app in each file to move.
move_to_destination="$(eval echo "${file_to_move//\$app/$new_app}")"
local real_file_to_move="$(eval echo "${file_to_move//\$app/$old_app}")"
echo "Move file $real_file_to_move to $move_to_destination" >&2
mv "$real_file_to_move" "$move_to_destination"
done < "$temp_migration_list"
#=================================================
# UPDATE SETTINGS KNOWN ENTRIES
#=================================================
# Replace nginx checksum
ynh_replace_string "\(^checksum__etc_nginx.*\)_$old_app" "\1_$new_app/" "$settings_dir/$new_app/settings.yml"
# Replace php5-fpm checksums
ynh_replace_string "\(^checksum__etc_php5.*[-_]\)$old_app" "\1$new_app/" "$settings_dir/$new_app/settings.yml"
# Replace final_path
ynh_replace_string "\(^final_path: .*\)$old_app" "\1$new_app" "$settings_dir/$new_app/settings.yml"
#=================================================
# MOVE THE DATABASE
#=================================================
db_pwd=$(ynh_app_setting_get $old_app mysqlpwd)
db_name=$dbname
# Check if a database exists before trying to move it
local mysql_root_password=$(cat $MYSQL_ROOT_PWD_FILE)
if [ -n "$db_name" ] && mysqlshow -u root -p$mysql_root_password | grep -q "^| $db_name"
then
new_db_name=$(ynh_sanitize_dbid $new_app)
echo "Rename the database $db_name to $new_db_name" >&2
local sql_dump="/tmp/${db_name}-$(date '+%s').sql"
# Dump the old database
ynh_mysql_dump_db "$db_name" > "$sql_dump"
# Create a new database
ynh_mysql_setup_db $new_db_name $new_db_name $db_pwd
# Then restore the old one into the new one
ynh_mysql_connect_as $new_db_name $db_pwd $new_db_name < "$sql_dump"
# Remove the old database
ynh_mysql_remove_db $db_name $db_name
# And the dump
ynh_secure_remove --file="$sql_dump"
# Update the value of $db_name
db_name=$new_db_name
ynh_app_setting_set $new_app db_name $db_name
fi
#=================================================
# CHANGE THE FAKE DEPENDENCIES PACKAGE
#=================================================
# Check if a variable $pkg_dependencies exists
# If this variable doesn't exist, this part shall be managed in the upgrade script.
if [ -n "${pkg_dependencies:-}" ]
then
# Define the name of the package
local old_package_name="${old_app//_/-}-ynh-deps"
local new_package_name="${new_app//_/-}-ynh-deps"
if ynh_package_is_installed "$old_package_name"
then
# Install a new fake package
app=$new_app
ynh_install_app_dependencies $pkg_dependencies
# Then remove the old one
app=$old_app
ynh_remove_app_dependencies
fi
fi
#=================================================
# UPDATE THE ID OF THE APP
#=================================================
app=$new_app
# Set migration_process to 1 to inform that an upgrade has been made
migration_process=1
fi
}

161
scripts/install
View File

@ -3,149 +3,80 @@
#=================================================
# GENERIC START
#=================================================
# Load common variables and helpers
source ./experimental_helper.sh
source ./_common.sh
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
ynh_script_progression --message="Validating installation parameters..."
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
upstream_version=$(ynh_app_upstream_version)
# Register (book) web path
ynh_webpath_register --app $app --domain $domain --path_url $path_url
# Check user parameter
ynh_user_exists "$admin" \
|| ynh_die --message "The chosen admin user does not exist."
# Check Final Path availability
test ! -e "$final_path" || ynh_die --message "This path already contains a folder"
if [ -e "$datadir" ]; then
old_data_dir_path="$datadir$(date '+%Y%m%d.%H%M%S')"
ynh_print_warn "A data directory already exist. Data was renamed to $old_data_dir_path"
mv "$datadir" "$old_data_dir_path"
fi
# Generate random password and key
ynh_script_progression --message="Defining db password and key..."
db_password=$(ynh_string_random)
key=$(ynh_string_random)
lfs_key=$(ynh_string_random)
# Find available ports
port=$(ynh_find_port --port 6000)
# Store Settings
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app $app --key mysqlpwd --value $db_password
ynh_app_setting_set --app $app --key adminusername --value $admin
ynh_app_setting_set --app $app --key secret_key --value $key
ynh_app_setting_set --app $app --key lfs_key --value $lfs_key
ynh_app_setting_set --app $app --key web_port --value $port
#=================================================
# STANDARD MODIFICATIONS
# APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC)
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Installing sources files and data directories..." --weight=10
# Initialize database and store mysql password for upgrade
ynh_script_progression --message="Configuring MySQL database..."
ynh_mysql_create_db "$dbname" "$db_user" "$db_password"
# Add users
ynh_script_progression --message="Configuring system user..."
ynh_system_user_create --username=$app --home_dir=$datadir --use_shell
# Add ssh permission for gitea user
adduser $app ssh.app
ynh_setup_source --dest_dir="$install_dir"
chmod +x "$install_dir/gitea"
# create needed directories
create_dir
_gitea_mkdirs
# Configure init script
ynh_script_progression --message="Configuring a systemd service..." --weight=2
ynh_script_progression --message="Configuring application, step 1/2..."
_gitea_set_secrets
_gitea_add_config
_gitea_permissions_install_dir
#=================================================
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
# Create a dedicated NGINX config using the conf/nginx.conf template
ynh_add_nginx_config
# Create a dedicated systemd config
ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory
ynh_script_progression --message="Configuring nginx..." --weight=1
config_nginx
# Add gitea to YunoHost's monitored services
yunohost service add "$app" --log="/var/log/$app/gitea.log"
# Configure gitea with app.ini file
ynh_script_progression --message="Configuring application, step 1/2..."
config_gitea
# Configure logrotate
ynh_use_logrotate --logfile "/var/log/$app"
ynh_script_progression --message="Installing sources files..." --weight=10
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from <HOST>" --max_retry 5
# Install gitea
ynh_setup_source $final_path source/$architecture
# Set permissions
ynh_script_progression --message="Protecting directory"
set_permission
#=================================================
# APP INITIAL CONFIGURATION
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring application, step 2/2..."
# Start gitea for building mysql tables
systemctl start "$app".service
# Wait untill login_source mysql table is created
while ! $(ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
do
sleep 2
done
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
# Add ldap config
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql
ynh_mysql_connect_as "$db_user" "$db_pwd" "$db_name" < ../conf/login_source.sql
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring fail2ban..."
ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from <HOST>" --max_retry 5
# Stop the service to restart it just afterwards
ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/gitea.log"
#=================================================
# GENERIC FINALIZATION
#=================================================
# Unprotect root from SSO if public
ynh_script_progression --message="Configuring permissions..."
if [ "$is_public" == '1' ];
then
ynh_permission_update --permission "main" --add "visitors"
fi
# Create permission
ynh_script_progression --message="Configuring permissions"
ynh_permission_create --permission="admin" --allowed=$admin
# Add gitea to YunoHost's monitored services
ynh_script_progression --message="Register Gitea service..."
yunohost service add "$app" --log="/var/log/$app/gitea.log"
# Configure logrotate
ynh_script_progression --message="Configuring log rotation..."
ynh_use_logrotate --logfile "/var/log/$app"
# Save Version
ynh_app_setting_set --app $app --key upstream_version --value $(ynh_app_upstream_version)
# Reload services
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting gitea services..." --weight=3
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
# Store the checksum with the 'INTERNAL_TOKEN' value.
# Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last

64
scripts/remove
View File

@ -4,61 +4,33 @@
# GENERIC START
#=================================================
# Load common variables and helpers
source ./experimental_helper.sh
source ./_common.sh
# IMPORT GENERIC HELPERS
source _common.sh
source /usr/share/yunohost/helpers
ynh_script_progression --message="Loading installation settings..."
# Retrieve domain from app settings
domain=$(ynh_app_setting_get --app $app --key domain)
#=================================================
# STANDARD REMOVE
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
# Stop gitea
ynh_script_progression --message="Stoping services..."
systemctl stop "$app".service
if ynh_exec_warn_less yunohost service status "$app" >/dev/null
then
ynh_script_progression --message="Removing $app service integration..." --weight=1
yunohost service remove "$app"
fi
# Drop MySQL database and user
ynh_script_progression --message="Removing databases..."
ynh_mysql_drop_db "$dbname" 2>/dev/null
ynh_mysql_drop_user "$db_user" 2>/dev/null
ynh_remove_systemd_config
ynh_remove_nginx_config
ynh_remove_logrotate
ynh_remove_fail2ban_config
# Delete app directory and configurations
ynh_script_progression --message="Removing code..."
ynh_secure_remove --file="$final_path"
ynh_script_progression --message="Removing logs..."
ynh_secure_remove --file="/var/log/$app"
# Remove the app-specific logrotate config
ynh_remove_logrotate
# Remove nginx config
ynh_script_progression --message="Removing nginx configuration..."
ynh_remove_nginx_config
# Remove gitea user and data
ynh_script_progression --message="Removing the dedicated system user..."
ynh_system_user_delete $app
# Remove init script
ynh_script_progression --message="Removing systemd units..."
ynh_remove_systemd_config
# Remove monitor
ynh_script_progression --message="Removing gitea service..."
yunohost service remove "$app"
# Remove fail2ban config
ynh_script_progression --message="Removing fail2ban configuration..."
ynh_remove_fail2ban_config
ynh_print_info --message="Due of the backup core only feature the data directory in '$datadir' was not removed. It need to be removed manually to purge app user data."
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last
sleep 1

78
scripts/restore
View File

@ -5,53 +5,35 @@
#=================================================
# Load common variables and helpers
source ../settings/scripts/experimental_helper.sh
source ../settings/scripts/_common.sh
# IMPORT GENERIC HELPERS
source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
ynh_script_progression --message="Loading settings..."
# Retrieve old app settings
domain=$(ynh_app_setting_get --app $app --key domain)
path_url=$(ynh_app_setting_get --app $app --key path)
db_password=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get $app upstream_version)
# Check user parameter
ynh_user_exists "$admin" \
|| ynh_die --message "The chosen admin user does not exist."
# Check Final Path availability
test ! -e "$final_path" || ynh_die --message "This path already contains a folder"
#=================================================
# STANDARD RESTORATION STEPS
# RESTORE THE APP MAIN DIR
#=================================================
# Add users
ynh_script_progression --message="Configuring system user..."
ynh_system_user_create --username=$app --home_dir=$datadir --use_shell
# Restore all files
ynh_script_progression --message="Restoring files..." --weight=10
ynh_script_progression --message="Restoring the app files..." --weight=1
ynh_restore
# Create and restore the database
ynh_script_progression --message="Restoring database..." --weight=3
ynh_mysql_create_db "$dbname" "$db_user" "$db_password"
ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ./db.sql
# Also sets the permissions
_gitea_mkdirs
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=1
ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql
#=================================================
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
# Restore systemd files
systemctl daemon-reload
systemctl enable "$app".service --quiet
yunohost service add "$app" --log="/var/log/$app/gitea.log"
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring fail2ban..."
ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from <HOST>" --max_retry 5
@ -59,23 +41,17 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#=================================================
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
# Set permissions
ynh_script_progression --message="Protecting directory..."
set_permission
# Typically you only have either $app or php-fpm but not both at the same time...
ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -t 10
# Configure logrotate
ynh_script_progression --message="Configuring log rotation..."
ynh_use_logrotate --logfile "/var/log/$app"
ynh_systemd_action --service_name=nginx --action=reload
# Add gitea to YunoHost's monitored services
ynh_script_progression --message="Register Gitea service..."
yunohost service add "$app" --log=/var/log/$app/gitea.log
# Reload services
ynh_script_progression --message="Reloading services..."
systemctl reload nginx.service
ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10
sleep 1
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --last

345
scripts/upgrade
View File

@ -3,318 +3,137 @@
#=================================================
# GENERIC START
#=================================================
# Load common variables and helpers
source ./experimental_helper.sh
source ./_common.sh
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_normalize_url_path --path_url $(ynh_app_setting_get --app $app --key path))
db_password=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
admin=$(ynh_app_setting_get --app=$app --key=adminusername)
key=$(ynh_app_setting_get --app=$app --key=secret_key)
lfs_key=$(ynh_app_setting_get --app=$app --key=lfs_key)
port=$(ynh_app_setting_get --app=$app --key=web_port)
upstream_version=$(ynh_app_setting_get --app=$app --key=upstream_version)
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1
# We stop the service before to set ynh_clean_setup
ynh_systemd_action --service_name=$app --action="stop"
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
if [ "0$(ynh_app_setting_get --app=$app --key=disable_backup_before_upgrade)" -ne 1 ]
then
ynh_backup_before_upgrade
ynh_clean_setup () {
# Clean installation remainings that are not handled by the remove script.
ynh_clean_check_starting
ynh_restore_upgradebackup
}
fi
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# STANDARD UPGRADE STEPS
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# If lfs_key doesn't exist, create it
if [ -z "$lfs_key" ]; then
if [ -z "${lfs_key:-}" ]; then
lfs_key=$(ynh_string_random)
ynh_app_setting_set --app=$app --key=lfs_key --value=$lfs_key
ynh_app_setting_set --app="$app" --key=lfs_key --value="$lfs_key"
fi
#=================================================
# MIGRATION FROM GOGS
#=================================================
[[ $YNH_APP_ID == "gogs" ]] \
&& [[ "$(cat "/opt/$app/templates/.VERSION")" != 0.11.79.1211 ]] \
&& ynh_die --message "It look like that you have an old Gogs install. You need first upgrade Gogs instance (id: $gogs_migrate_id) and after migrate to Gitea."
ynh_handle_app_migration --migration_id=gogs --migration_list=gogs_migrations
if [[ $migration_process -eq 1 ]]; then
# Reload variables
dbname=$app
db_user=$app
final_path="/opt/$app"
datadir="/home/""$app"
repos_path="$datadir/repositories"
data_path="$datadir/data"
# Replace the user
ynh_system_user_delete $old_app
test getent passwd "$app" &>/dev/null || \
useradd -d "$datadir" --system --user-group "$app" --shell /bin/bash || \
ynh_die --message "Unable to create $app system account"
# Clean old binary
ynh_secure_remove --file=$final_path/gogs
ynh_secure_remove --file=$final_path/custom/conf/auth.d
# Restore authentication from SQL database
ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql
# Fix hooks
if [[ -e $repos_path ]];then
ls $repos_path/*/*.git/hooks/pre-receive | while read p; do
ynh_secure_remove --file=$p
done
ls $repos_path/*/*.git/hooks/post-receive | while read p; do
ynh_secure_remove --file=$p
done
fi
upstream_version="0.0.1"
# This is not handled by the core because the previous package did not define final_path...
if [ -d "/opt/$app" ]; then
# This is the package version of the manifestv2
rsync -a "/opt/$app/" "$install_dir"
ynh_secure_remove "/opt/$app"
fi
# Move data directory
if [ -e "/home/""$app" ] && [ ! -e $datadir ]; then
mv "/home/""$app" "$datadir"
if [ -d "/home/$app" ]; then
rsync -a "/home/$app/" "$data_dir"
ynh_secure_remove "/home/$app"
fi
# Ensuring the user has the right home dir
if [ ~$app != "$datadir" ]; then
usermod -d "$datadir" $app
# Ensure the user has the correct home dir
if [ ~"$app" != "$data_dir" ]; then
usermod --home "$data_dir" "$app"
fi
# Ensure secrets are defined
# Some workaround around `gitea secret generate` not available in old versions
mv "$install_dir/gitea" "$install_dir/gitea_orig"
ynh_setup_source --dest_dir="$install_dir" --source_id=main
chmod +x "$install_dir/gitea"
_gitea_set_secrets
ynh_secure_remove "$install_dir/gitea"
mv "$install_dir/gitea_orig" "$install_dir/gitea"
# Ensure directories are created
_gitea_mkdirs
#=================================================
# STANDARD UPGRADE STEPS
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Configuring application..."
ynh_script_progression --message="Stopping a systemd service..." --weight=1
# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
ynh_secure_remove --file="/opt/$app/templates"
ynh_systemd_action --service_name="$app" --action="stop"
# Configure gitea with app.ini file
config_gitea
#=================================================
# REAPPLY SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
ynh_add_nginx_config
# Configure init script
ynh_script_progression --message="Updating systemd units..."
ynh_add_systemd_config
# Modify Nginx configuration file and copy it to NGINX conf directory
ynh_script_progression --message="Configuring NGINX..." --weight=1
config_nginx
yunohost service add "$app" --log="/var/log/$app/gitea.log"
ynh_use_logrotate --non-append
ynh_add_fail2ban_config --logpath="/var/log/$app/gitea.log" --failregex=".*Failed authentication attempt for .* from <HOST>" --max_retry 5
#=================================================
# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
#=================================================
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating configuration files..." --weight=1
# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
ynh_secure_remove --file="$install_dir/templates"
# Configure gitea with app.ini file
_gitea_add_config
_gitea_permissions_install_dir
#=================================================
# DB migration
#=================================================
ynh_script_progression --message="Upgrading database and sources..." --weight=6
# Before the version 1.7 the upstream version was not stored
# The way to find the version for the install < 1.7 is to parse the binary file to find which version is installed
if [ -z ${upstream_version:-} ]; then
for version in "0.0." "1.0." "1.1." "1.2." "1.3." "1.4." "1.5." "1.6." "1.7."; do
if strings $final_path/gitea | grep -P "^${version//./\\.}\d"; then
upstream_version="${version}0"
break
fi
done
if ynh_compare_current_package_version --comparison lt --version "1.6.4~ynh1"; then
message="Upgrade from $YNH_APP_CURRENT_VERSION was dropped. You need to run this, then upgrade to the latest version:
sudo yunohost app upgrade $app -u https://github.com/YunoHost-Apps/gitea_ynh/commit/a9ceb157032ae2290e944c1d0a255451ff2d133d"
ynh_print_info "$message"
ynh_die --message="$message" --ret_code 1
fi
restart_gitea() {
# Set permissions
set_permission
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
# Leave the time to update the database schema
sleep 5
systemctl stop $app
}
ynh_setup_source --dest_dir="$install_dir"
chmod +x "$install_dir/gitea"
_gitea_permissions_install_dir
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
# FIXME: Leave the time to update the database schema
sleep 5
systemctl stop "$app"
case $upstream_version in
"0.0."* )
ynh_setup_source $final_path source/${architecture}_1.0
set_permission
systemctl start $app
sleep 20
systemctl stop $app
;&
"1.0."* )
ynh_setup_source $final_path source/${architecture}_1.1
restart_gitea
;&
"1.1."* )
ynh_setup_source $final_path source/${architecture}_1.2
restart_gitea
;&
"1.2."* )
ynh_setup_source $final_path source/${architecture}_1.3
restart_gitea
;&
"1.3."* )
ynh_setup_source $final_path source/${architecture}_1.4
restart_gitea
;&
"1.4."* )
ynh_setup_source $final_path source/${architecture}_1.5
restart_gitea
;&
"1.5."* )
ynh_setup_source $final_path source/${architecture}_1.6
restart_gitea
;&
"1.6."* )
ynh_setup_source $final_path source/${architecture}_1.7
restart_gitea
;&
"1.7."* )
ynh_setup_source $final_path source/${architecture}_1.8
restart_gitea
;&
"1.8."* )
ynh_setup_source $final_path source/${architecture}_1.9
restart_gitea
;&
"1.9."* )
ynh_setup_source $final_path source/${architecture}_1.10
restart_gitea
;&
"1.10."* )
ynh_setup_source $final_path source/${architecture}_1.11
restart_gitea
;&
"1.11."* )
ynh_setup_source $final_path source/${architecture}_1.12
restart_gitea
;&
"1.12."* )
ynh_setup_source $final_path source/${architecture}_1.13
restart_gitea
;&
"1.13."* )
ynh_setup_source $final_path source/${architecture}_1.14
restart_gitea
;&
"1.14."* )
ynh_setup_source $final_path source/${architecture}_1.15
restart_gitea
;&
"1.15."* )
ynh_setup_source $final_path source/${architecture}_1.16
restart_gitea
;&
"1.16."* )
ynh_setup_source $final_path source/${architecture}_1.17
restart_gitea
;&
"1.17."* )
ynh_setup_source $final_path source/${architecture}_1.18
restart_gitea
;&
"1.18."* )
ynh_setup_source $final_path source/${architecture}_1.19
restart_gitea
;&
"1.19."* )
ynh_setup_source $final_path source/${architecture}_1.20
restart_gitea
;&
esac
# Install gitea source
ynh_setup_source $final_path source/$architecture
restart_gitea
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring Fail2Ban..."
ynh_add_fail2ban_config --logpath="/var/log/$app/gitea.log" --failregex=".*Failed authentication attempt for .* from <HOST>" --max_retry 5
#=================================================
# GENERIC FINALIZATION
# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
#=================================================
# Set all permissions
ynh_script_progression --message="Update permission..."
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating LDAP configuration..." --weight=1
# Should be done after DB migration I guess
if ! ynh_permission_exists --permission admin; then
ynh_app_setting_delete --app $app --key unprotected_uris
ynh_permission_create --permission="admin" --allowed="$admin"
# Update ldap config
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/login_source.sql"
ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql
ynh_mysql_connect_as "$db_user" "$db_pwd" "$db_name" < ../conf/login_source.sql
fi
# Add gitea to YunoHost's monitored services
ynh_script_progression --message="Register Gitea service..."
yunohost service add "$app" --log="/var/log/$app/gitea.log"
# Add ssh permission for gitea user
adduser $app ssh.app
# Set permissions
ynh_script_progression --message="Protecting directory"
set_permission
# Save Version
ynh_app_setting_set --app=$app --key=upstream_version --value=$(ynh_app_upstream_version)
# Reload services
ynh_script_progression --message="Starting Gitea services..." --weight=3
#ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -p "/var/log/$app/gitea.log" -t 10
#sleep 1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
# Store the checksum with the 'INTERNAL_TOKEN' value.
# Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed
ynh_store_file_checksum --file="$final_path/custom/conf/app.ini"
#=================================================
# FINISH MIGRATION PROCESS
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
if [[ $migration_process -eq 1 ]]; then
echo "Gogs has been successfully migrated to Gitea! \
A last scheduled operation will run in a couple of minutes to finish the \
migration in YunoHost side. Do not proceed any application operation while \
you don't see Gogs as installed." >&2
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
# Execute a post migration script after the end of this upgrade.
# Mainly for some cleaning
script_post_migration=gogs_post_migration.sh
ynh_replace_string --match_string __OLD_APP__ --replace_string "$old_app" --target_file ../conf/$script_post_migration
ynh_replace_string --match_string __NEW_APP__ --replace_string "$app" --target_file ../conf/$script_post_migration
cp ../conf/$script_post_migration /tmp
chmod +x /tmp/$script_post_migration
(cd /tmp; echo "/tmp/$script_post_migration > /tmp/$script_post_migration.log 2>&1" | at now + 2 minutes)
fi
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last