Merge branch 'testing' into v1.9

This commit is contained in:
Josué Tille 2019-10-31 20:39:02 +01:00
commit 6947543587
No known key found for this signature in database
GPG Key ID: 716A6C99B04194EF
13 changed files with 284 additions and 199 deletions

View File

@ -1,27 +1,54 @@
# Gitea package for YunoHost
Gitea package for YunoHost
==========================
[![Integration level](https://dash.yunohost.org/integration/gitea.svg)](https://ci-apps.yunohost.org/ci/apps/gitea%20%28Community%29/lastBuild/consoleFull)
[![Install gitea with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=gitea)
> *This package allow you to install gitea quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
Overview
--------
Gitea is a fork of Gogs a self-hosted Git service written in Go. Alternative to Github.
- [Gitea website](http://gitea.io)
[![Integration level](https://dash.yunohost.org/integration/gitea.svg)](https://ci-apps.yunohost.org/jenkins/job/gitea%20%28Community%29/lastBuild/consoleFull)
**Shipped version:** 1.9.4
[![Install Gitea with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=gitea)
Screenshots
-----------
![](https://gitea.io/images/screenshot.png)
## Requirements
A functional instance of [YunoHost](https://yunohost.org)
## Installation
From the command-line:
Documentation
-------------
`sudo yunohost app install https://framagit.org/YunoHost-Apps/gitea_ynh`
* Official documentation: https://docs.gitea.io/
* YunoHost documentation: There no other documentations, feel free to contribute.
## Upgrade
From the command-line:
YunoHost specific features
--------------------------
`sudo yunohost app upgrade gitea -u https://framagit.org/YunoHost-Apps/gitea_ynh`
### Multi-users support
LDAP and HTTP auth are supported.
### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/gitea%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/gitea/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/gitea%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/gitea/)
<!--Limitations
------------
* Any known limitations.
-->
Additional informations
-----------------------
### Notes on SSH usage
## Notes on SSH usage
If you want to use Gitea with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gitea:
```bash
@ -44,12 +71,40 @@ Host domain.tld
Architecture: this package is compatible with amd64, i386 and arm. The package will try to detect it with the command uname -m and fail if it can't detect the architecture. If that happens please open an issue describing your hardware and the result of the command `uname -m`.
## Issue
### Git command access with HTTPS
Any issue is welcome here : https://framagit.org/YunoHost-Apps/gitea_ynh/issues
If you want to use the git command (like `git clone`, `git pull`, `git push`), you need to set this app as **public**.
Links
-----
* Report a bug: https://framagit.org/YunoHost-Apps/gitea_ynh/issues
* App website: http://gitea.io
* YunoHost website: https://yunohost.org/
---
Install
-------
From command line:
`sudo yunohost app install -l gitea https://github.com/YunoHost-Apps/gitea_ynh`
Upgrade
-------
From command line:
`sudo yunohost app upgrade gitea -u https://github.com/YunoHost-Apps/gitea_ynh`
License
-------
## License
Gitea is published under the MIT License:
https://github.com/go-gitea/gitea/blob/master/LICENSE
This package is published under the MIT License.
This package is published under the MIT License.
Todo
----

View File

@ -22,7 +22,7 @@ DOMAIN = __DOMAIN__
HTTP_PORT = __PORT__
ROOT_URL = https://__URL__/
DISABLE_SSH = false
SSH_PORT = __SSH_PORT_
SSH_PORT = __SSH_PORT__
OFFLINE_MODE = false
APP_DATA_PATH = __DATA_PATH__
LANDING_PAGE = explore

View File

@ -22,7 +22,7 @@ script_name="$0"
# DELETE OLD APP'S SETTINGS
#=================================================
ynh_secure_remove "/etc/yunohost/apps/$old_app"
ynh_secure_remove --file="/etc/yunohost/apps/$old_app"
yunohost app ssowatconf
#=================================================

View File

@ -5,6 +5,7 @@ location __PATH__/ {
proxy_buffering off;
fastcgi_param REMOTE_USER $remote_user;
client_max_body_size 200M;
proxy_set_header X-Real-IP $remote_addr;
# Force https
if ($scheme = http) {

View File

@ -20,7 +20,7 @@
"mysql"
],
"requirements": {
"yunohost": ">= 2.7.9"
"yunohost": ">= 3.6.4"
},
"arguments": {
"install" : [
@ -56,9 +56,13 @@
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Is it a public site ?",
"en": "Is it a public site ? ",
"fr": "Est-ce un site public ?"
},
"help": {
"en": "A public server means that everybody is able to access to the pain page of the forge, on the public profile of the user and on the public repository. But you still can limit the access to each repository if you set it as private. Note that to be able to use the remote git command (clone, pull, push) with http and to use the API by (by example with a smartphone), you need to set this application as public.",
"fr": "Un serveur publique signifie que n'importe qui peut accéder à la page principale de la forge, au profil publique des utilisateur et au dépots publiques Mais vous pouvez définir les dépot en tant que privé. Notez que pour pouvoir utiliser les commandes git distante (clone, pull, push) avec http et pour pouvoir utiliser l'API (par exemple avec un smartphone), vous devez mettre cette application en tant que publique."
},
"default": true
}
]

View File

@ -22,7 +22,7 @@ elif [ -n "$(uname -m | grep armv7)" ]; then
elif [ -n "$(uname -m | grep arm)" ]; then
architecture="arm"
else
ynh_die "Unable to detect your achitecture, please open a bug describing \
ynh_die --message "Unable to detect your achitecture, please open a bug describing \
your hardware and the result of the command \"uname -m\"." 1
fi
@ -42,36 +42,36 @@ create_dir() {
config_nginx() {
if [ "$path_url" != "/" ]
then
ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
ynh_replace_string --match_string "^#sub_path_only" --replace_string "" --target_file "../conf/nginx.conf"
fi
ynh_add_nginx_config
}
config_gitea() {
ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+")
ynh_backup_if_checksum_is_different "$final_path/custom/conf/app.ini"
ynh_backup_if_checksum_is_different --file "$final_path/custom/conf/app.ini"
cp ../conf/app.ini "$final_path/custom/conf"
usermod -s /bin/bash $app
if [ "$path_url" = "/" ]
then
ynh_replace_string "__URL__" "$domain" "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __URL__ --replace_string "$domain" --target_file "$final_path/custom/conf/app.ini"
else
ynh_replace_string "__URL__" "$domain${path_url%/}" "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __URL__ --replace_string "$domain${path_url%/}" --target_file "$final_path/custom/conf/app.ini"
fi
ynh_replace_string "__REPOS_PATH__" "$REPO_PATH" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DB_PASSWORD__" "$dbpass" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DB_USER__" "$dbuser" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DOMAIN__" "$domain" "$final_path/custom/conf/app.ini"
ynh_replace_string "__KEY__" "$key" "$final_path/custom/conf/app.ini"
ynh_replace_string "__DATA_PATH__" "$DATA_PATH" "$final_path/custom/conf/app.ini"
ynh_replace_string "__PORT__" $port "$final_path/custom/conf/app.ini"
ynh_replace_string "__APP__" $app "$final_path/custom/conf/app.ini"
ynh_replace_string "__SSH_PORT_" $ssh_port "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __REPOS_PATH__ --replace_string "$REPO_PATH" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DB_PASSWORD__ --replace_string "$dbpass" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DB_USER__ --replace_string "$dbuser" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DOMAIN__ --replace_string "$domain" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __KEY__ --replace_string "$key" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DATA_PATH__ --replace_string "$DATA_PATH" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __PORT__ --replace_string $port --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __APP__ --replace_string $app --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __SSH_PORT__ --replace_string $ssh_port --target_file "$final_path/custom/conf/app.ini"
ynh_store_file_checksum "$final_path/custom/conf/app.ini"
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"
}
set_permission() {
@ -89,17 +89,8 @@ set_permission() {
set_access_settings() {
if [ "$is_public" = '1' ]
then
ynh_app_setting_set $app unprotected_uris "/"
ynh_app_setting_set --app $app --key unprotected_uris --value "/"
else
# For an access to the git server by https in private mode we need to allow the access to theses URL :
# - "DOMAIN/PATH/USER/REPOSITORY/info/refs"
# - "DOMAIN/PATH/USER/REPOSITORY/git-upload-pack"
# - "DOMAIN/PATH/USER/REPOSITORY/git-receive-pack"
excaped_domain=${domain//'.'/'%.'}
excaped_domain=${excaped_domain//'-'/'%-'}
excaped_path=${path_url//'.'/'%.'}
excaped_path=${excaped_path//'-'/'%-'}
ynh_app_setting_set $app skipped_regex "$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-receive%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-upload%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/info/refs"
ynh_app_setting_delete --app $app --key skipped_regex
fi
}

View File

@ -15,24 +15,31 @@ source ../settings/scripts/experimental_helper.sh
source ../settings/scripts/_common.sh
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
ynh_script_progression --message="Loading installation settings..."
domain=$(ynh_app_setting_get --app $app --key domain)
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# Copy the app source files
ynh_backup "$final_path"
ynh_script_progression --message="Backing up code..." --weight=3
ynh_backup --src_path "$final_path"
# Copy the data files
ynh_backup "$DATADIR"
ynh_script_progression --message="Backing up user data..." --weight=10
ynh_backup --src_path "$DATADIR"
ynh_script_progression --message="Backing up configuration..."
# Copy the conf files
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf"
ynh_backup "/etc/systemd/system/${app}.service"
ynh_backup --src_path "/etc/nginx/conf.d/${domain}.d/${app}.conf"
ynh_backup --src_path "/etc/systemd/system/${app}.service"
# Backup logs
ynh_backup "/var/log/$app"
ynh_script_progression --message="Backing up logs..."
ynh_backup --src_path "/var/log/$app"
# Dump the database
ynh_mysql_dump_db "$dbname" > ./db.sql
ynh_script_progression --message="Backing up database"
ynh_mysql_dump_db "$dbname" > ./db.sql

View File

@ -14,24 +14,26 @@ ynh_abort_if_errors
source ./experimental_helper.sh
source ./_common.sh
cp -r /etc/yunohost/apps/${app}/conf ../ # Quick hack for https://github.com/YunoHost/yunohost/pull/427
ynh_script_progression --message="Loading installation settings..."
# RETRIEVE ARGUMENTS
old_domain=$YNH_APP_OLD_DOMAIN
domain=$YNH_APP_NEW_DOMAIN
path_url=$(ynh_normalize_url_path ${YNH_APP_NEW_PATH:-'/'})
path_url=$(ynh_normalize_url_path --path_url ${YNH_APP_NEW_PATH:-'/'})
app=$YNH_APP_INSTANCE_NAME
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
admin=$(ynh_app_setting_get "$app" adminusername)
key=$(ynh_app_setting_get "$app" secret_key)
port=$(ynh_app_setting_get "$app" web_port)
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
key=$(ynh_app_setting_get --app $app --key secret_key)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get $app upstream_version)
#=================================================
# STANDARD MODIFICATIONS
#=================================================
ynh_script_progression --message="Updating nginx configuration..."
# MODIFY URL IN NGINX CONF
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
@ -39,21 +41,23 @@ nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the domain for nginx
if [[ "$old_domain" != "$domain" ]]; then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum "$nginx_conf_path"
ynh_delete_file_checksum --file "$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_store_file_checksum --file "/etc/nginx/conf.d/$domain.d/$app.conf"
fi
config_nginx
# Update gitea config
ynh_script_progression --message="Updating gitea configuration..."
config_gitea
# RELOAD services
ynh_script_progression --message="Starting services..."
ynh_systemd_action -l "Serving \[::\]:$port with pid" -p "/var/log/$app/gitea.log" -a restart -t 10
sleep 1
# Store the checksum with the 'INTERNAL_TOKEN' value.
# Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed
ynh_store_file_checksum "$final_path/custom/conf/app.ini"
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"

View File

@ -1,14 +1,3 @@
# Delete a file checksum from the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_remove_file_checksum file
# | arg: file - The file for which the checksum will be deleted
ynh_delete_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}
# Start (or other actions) a service, print a log in case of failure and optionnaly wait until the service is completely started
#
# usage: ynh_systemd_action [-n service_name] [-a action] [ [-l "line to match"] [-p log_path] [-t timeout] [-e length] ]
@ -88,56 +77,6 @@ ynh_systemd_action() {
fi
}
# Clean temporary process and file used by ynh_check_starting
# (usually used in ynh_clean_setup scripts)
#
# usage: ynh_clean_check_starting
ynh_clean_check_starting () {
# Stop the execution of tail.
kill -s 15 $pid_tail 2>&1
ynh_secure_remove "$templog" 2>&1
}
# Read the value of a key in a ynh manifest file
#
# usage: ynh_read_manifest manifest key
# | arg: -m, --manifest= - Path of the manifest to read
# | arg: -k, --key= - Name of the key to find
ynh_read_manifest () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [m]=manifest= [k]=manifest_key= )
local manifest
local manifest_key
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
if [ ! -e "$manifest" ]; then
# If the manifest isn't found, try the common place for backup and restore script.
manifest="../settings/manifest.json"
fi
jq ".$manifest_key" "$manifest" --raw-output
}
# Read the upstream version from the manifest
# The version number in the manifest is defined by <upstreamversion>~ynh<packageversion>
# For example : 4.3-2~ynh3
# This include the number before ~ynh
# In the last example it return 4.3-2
#
# usage: ynh_app_upstream_version [-m manifest]
# | arg: -m, --manifest= - Path of the manifest to read
ynh_app_upstream_version () {
declare -Ar args_array=( [m]=manifest= )
local manifest
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
manifest="${manifest:-../manifest.json}"
version_key=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version")
echo "${version_key/~ynh*/}"
}
# Execute a command as another user
# usage: exec_as USER COMMAND [ARG ...]
exec_as() {
@ -242,7 +181,7 @@ ynh_handle_app_migration () {
if [ "$old_app_id" != "$migration_id" ]
then
# If the new app is not the authorized id, fail.
ynh_die "Incompatible application for migration from $old_app_id to $new_app_id"
ynh_die --message "Incompatible application for migration from $old_app_id to $new_app_id"
fi
echo "Migrate from $old_app_id to $new_app_id" >&2
@ -352,7 +291,7 @@ ynh_handle_app_migration () {
# Remove the old database
ynh_mysql_remove_db $db_name $db_name
# And the dump
ynh_secure_remove "$sql_dump"
ynh_secure_remove --file="$sql_dump"
# Update the value of $db_name
db_name=$new_db_name
@ -393,3 +332,39 @@ ynh_handle_app_migration () {
migration_process=1
fi
}
# Verify the checksum and backup the file if it's different
# This helper is primarily meant to allow to easily backup personalised/manually
# modified config files.
#
# $app should be defined when calling this helper
#
# usage: ynh_backup_if_checksum_is_different --file=file
# | arg: -f, --file - The file on which the checksum test will be perfomed.
# | ret: the name of a backup file, or nothing
#
# Requires YunoHost version 2.6.4 or higher.
ynh_backup_if_checksum_is_different () {
# Declare an array to define the options of this helper.
local legacy_args=f
declare -Ar args_array=( [f]=file= )
local file
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name)
# backup_file_checksum isn't declare as local, so it can be reuse by ynh_store_file_checksum
backup_file_checksum=""
if [ -n "$checksum_value" ]
then # Proceed only if a value was stored into the app settings
if [ -e $file ] && ! echo "$checksum_value $file" | sudo md5sum -c --status
then # If the checksum is now different
backup_file_checksum="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')"
sudo mkdir -p "$(dirname "$backup_file_checksum")"
sudo cp -a "$file" "$backup_file_checksum" # Backup the current file
ynh_print_warn "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file_checksum"
echo "$backup_file_checksum" # Return the name of the backup file
fi
fi
}

View File

@ -14,78 +14,79 @@ ynh_abort_if_errors
source ./experimental_helper.sh
source ./_common.sh
ynh_script_progression --message="Validating installation parameters..."
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path_url=$(ynh_normalize_url_path $YNH_APP_ARG_PATH)
path_url=$(ynh_normalize_url_path --path_url $YNH_APP_ARG_PATH)
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
upstream_version=$(ynh_app_upstream_version)
# Check domain/path availability
ynh_webpath_available $domain $path_url || ynh_die "$domain is not available as domain, please use an other domain."
ynh_webpath_register $app $domain $path_url
# Register (book) web path
ynh_webpath_register --app $app --domain $domain --path_url $path_url
# Check user parameter
ynh_user_exists "$admin" \
|| ynh_die "The chosen admin user does not exist."
|| ynh_die --message "The chosen admin user does not exist."
# Check Final Path availability
test ! -e "$final_path" || ynh_die "This path already contains a folder"
test ! -e "$final_path" || ynh_die --message "This path already contains a folder"
# Generate random password and key
ynh_script_progression --message="Defining db password and key..."
dbpass=$(ynh_string_random)
key=$(ynh_string_random)
# Find available ports
port=$(ynh_find_port 6000)
port=$(ynh_find_port --port 6000)
# Store Settings
ynh_app_setting_set $app mysqlpwd $dbpass
ynh_app_setting_set $app adminusername $admin
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app secret_key $key
ynh_app_setting_set $app web_port $port
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app $app --key mysqlpwd --value $dbpass
ynh_app_setting_set --app $app --key adminusername --value $admin
ynh_app_setting_set --app $app --key is_public --value $is_public
ynh_app_setting_set --app $app --key secret_key --value $key
ynh_app_setting_set --app $app --key web_port --value $port
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# Configure init script
ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory
config_nginx
# Initialize database and store mysql password for upgrade
ynh_script_progression --message="Configuring MySQL database..."
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
# Add users
# We can't use the official helper (for now) because we need to set the shell for the login
test getent passwd "$app" &>/dev/null || \
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
ynh_die "Unable to create $app system account"
# Should be replaced by this when getops is available in the helper ynh_system_user_create (probably in Yunohost 3.5)
# ynh_system_user_create --username= $app --home_dir=/opt/yunohost/$app --use_shell
ynh_script_progression --message="Configuring system user..."
ynh_system_user_create --username= $app --home_dir=/opt/yunohost/$app --use_shell
# create needed directories
create_dir
# Configure init script
ynh_script_progression --message="Configuring a systemd service..." --weight=2
ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory
ynh_script_progression --message="Configuring nginx..." --weight=1
config_nginx
# Configure gitea with app.ini file
ynh_script_progression --message="Configuring application, step 1/2..."
config_gitea
ynh_script_progression --message="Installing sources files..." --weight=10
# Install gitea
ynh_setup_source $final_path source/$architecture
# Set permissions
ynh_script_progression --message="Protecting directory"
set_permission
ynh_script_progression --message="Configuring application, step 2/2..."
# Start gitea for building mysql tables
systemctl start "$app".service
@ -96,30 +97,38 @@ do
done
# Add ldap config
ynh_replace_string "__ADMIN__" "$admin" ../conf/login_source.sql
ynh_replace_string "__APP__" "$app" ../conf/login_source.sql
ynh_replace_string --match_string "__ADMIN__" --replace_string "$admin" --target_file ../conf/login_source.sql
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring fail2ban..."
ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from <HOST>" --max_retry 5
#=================================================
# GENERIC FINALIZATION
#=================================================
# Unprotect root from SSO if public
ynh_script_progression --message="Protecting directory"
set_access_settings
# Add gitea to YunoHost's monitored services
ynh_script_progression --message="Register gitea service..."
yunohost service add "$app" --log "/var/log/$app/gitea.log"
# Configure logrotate
ynh_use_logrotate "/var/log/$app"
ynh_script_progression --message="Configuring log rotation..."
ynh_use_logrotate --logfile "/var/log/$app"
# Save Version
ynh_app_setting_set $app upstream_version $upstream_version
ynh_app_setting_set --app $app --key upstream_version --value $(ynh_app_upstream_version)
# Reload services
ynh_script_progression --message="Starting gitea services..." --weight=3
ynh_systemd_action -l "Serving \[::\]:$port with pid" -p "/var/log/$app/gitea.log" -t 10
sleep 1
# Store the checksum with the 'INTERNAL_TOKEN' value.
# Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed
ynh_store_file_checksum "$final_path/custom/conf/app.ini"
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"

View File

@ -11,38 +11,53 @@ source /usr/share/yunohost/helpers
source ./experimental_helper.sh
source ./_common.sh
ynh_script_progression --message="Loading installation settings..."
# Retrieve domain from app settings
domain=$(ynh_app_setting_get --app $app --key domain)
#=================================================
# STANDARD REMOVE
#=================================================
# Stop gitea
ynh_script_progression --message="Stoping services..."
systemctl stop "$app".service
# Drop MySQL database and user
ynh_script_progression --message="Removing databases..."
ynh_mysql_drop_db "$dbname" 2>/dev/null
ynh_mysql_drop_user "$dbuser" 2>/dev/null
# Retrieve domain from app settings
domain=$(ynh_app_setting_get "$app" domain)
# Delete app directory and configurations
ynh_secure_remove "$final_path"
ynh_secure_remove "$DATADIR"
ynh_secure_remove "/var/log/$app"
ynh_script_progression --message="Removing code..."
ynh_secure_remove --file="$final_path"
ynh_script_progression --message="Removing user data..."
ynh_secure_remove --file="$DATADIR"
ynh_script_progression --message="Removing logs..."
ynh_secure_remove --file="/var/log/$app"
# Remove the app-specific logrotate config
ynh_remove_logrotate
# Remove nginx config
ynh_script_progression --message="Removing nginx configuration..."
ynh_remove_nginx_config
# Remove gitea user and data
ynh_script_progression --message="Removing the dedicated system user..."
ynh_system_user_delete $app
# Remove init script
ynh_script_progression --message="Removing systemd units..."
ynh_remove_systemd_config
# Remove monitor
ynh_script_progression --message="Removing gitea service..."
yunohost service remove "$app"
# Remove fail2ban config
ynh_script_progression --message="Removing fail2ban configuration..."
ynh_remove_fail2ban_config
true # Do not fail if remove after install error

View File

@ -14,40 +14,40 @@ ynh_abort_if_errors
source ../settings/scripts/experimental_helper.sh
source ../settings/scripts/_common.sh
ynh_script_progression --message="Loading settings..."
# Retrieve old app settings
domain=$(ynh_app_setting_get "$app" domain)
path_url=$(ynh_app_setting_get "$app" path)
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
admin=$(ynh_app_setting_get "$app" adminusername)
port=$(ynh_app_setting_get "$app" web_port)
domain=$(ynh_app_setting_get --app $app --key domain)
path_url=$(ynh_app_setting_get --app $app --key path)
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get $app upstream_version)
# Check domain/path availability with app helper
ynh_webpath_available $domain $path_url || ynh_die "$domain is not available as domain, please use an other domain."
ynh_webpath_available --domain $domain --path_url $path_url || ynh_die --message "$domain is not available as domain, please use an other domain."
# Check user parameter
ynh_user_exists "$admin" \
|| ynh_die "The chosen admin user does not exist."
|| ynh_die --message "The chosen admin user does not exist."
# Check Final Path availability
test ! -e "$final_path" || ynh_die "This path already contains a folder"
test ! -e "$final_path" || ynh_die --message "This path already contains a folder"
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# Add users
# We can't use the official helper (for now) because we need to set the shell for the login
test getent passwd "$app" &>/dev/null || \
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
ynh_die "Unable to create $app system account"
# Should be replaced by this when getops is available in the helper ynh_system_user_create (probably in Yunohost 3.5)
# ynh_system_user_create --username= $app --home_dir=/opt/yunohost/$app --use_shell
ynh_script_progression --message="Configuring system user..."
ynh_system_user_create --username= $app --home_dir=/opt/yunohost/$app --use_shell
# Restore all files
ynh_script_progression --message="Restoring files..." --weight=10
ynh_restore
# Create and restore the database
ynh_script_progression --message="Restoring database..." --weight=3
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql
@ -55,20 +55,28 @@ ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql
systemctl daemon-reload
systemctl enable "$app".service
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring fail2ban..."
ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from <HOST>" --max_retry 5
#=================================================
# GENERIC FINALIZATION
#=================================================
# Set permissions
ynh_script_progression --message="Protecting directory..."
set_permission
# Configure logrotate
ynh_use_logrotate "/var/log/$app"
ynh_script_progression --message="Configuring log rotation..."
ynh_use_logrotate --logfile "/var/log/$app"
# Add gitea to YunoHost's monitored services
ynh_script_progression --message="Register gitea service..."
yunohost service add "$app" --log /var/log/"$app"/gitea.log
# Reload services
ynh_script_progression --message="Reloading services..."
systemctl reload nginx.service
ynh_systemd_action -l "Serving \[::\]:$port with pid" -p "/var/log/$app/gitea.log" -t 10
sleep 1

View File

@ -15,22 +15,25 @@ source ./experimental_helper.sh
source ./_common.sh
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
path_url=$(ynh_normalize_url_path $(ynh_app_setting_get "$app" path))
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
admin=$(ynh_app_setting_get "$app" adminusername)
key=$(ynh_app_setting_get "$app" secret_key)
is_public=$(ynh_app_setting_get "$app" is_public)
port=$(ynh_app_setting_get "$app" web_port)
upstream_version=$(ynh_app_setting_get $app upstream_version)
ynh_script_progression --message="Loading installation settings..."
domain=$(ynh_app_setting_get --app $app --key domain)
path_url=$(ynh_normalize_url_path --path_url $(ynh_app_setting_get --app $app --key path))
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
key=$(ynh_app_setting_get --app $app --key secret_key)
is_public=$(ynh_app_setting_get --app $app --key is_public)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get --app $app --key upstream_version)
# Backup the current version of the app
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=10
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_restore_upgradebackup
}
# Stop service
ynh_script_progression --message="Stoping services..."
systemctl stop "$app".service
#=================================================
@ -39,7 +42,7 @@ systemctl stop "$app".service
[[ $YNH_APP_ID == "gogs" ]] \
&& [[ "$(cat "/opt/$app/templates/.VERSION")" != 0.11.79.1211 ]] \
&& ynh_die "It look like that you have an old gogs install. You need first upgrade gogs instance (id : $gogs_migrate_id) and after migrate to gitea."
&& ynh_die --message "It look like that you have an old gogs install. You need first upgrade gogs instance (id : $gogs_migrate_id) and after migrate to gitea."
ynh_handle_app_migration gogs gogs_migrations
if [[ $migration_process -eq 1 ]]; then
@ -55,24 +58,24 @@ if [[ $migration_process -eq 1 ]]; then
ynh_system_user_delete $old_app
test getent passwd "$app" &>/dev/null || \
useradd -d "$DATADIR" --system --user-group "$app" --shell /bin/bash || \
ynh_die "Unable to create $app system account"
ynh_die --message "Unable to create $app system account"
# Clean old binary
ynh_secure_remove $final_path/gogs
ynh_secure_remove $final_path/custom/conf/auth.d
ynh_secure_remove --file=$final_path/gogs
ynh_secure_remove --file=$final_path/custom/conf/auth.d
# Restore authentication from SQL database
ynh_replace_string "__ADMIN__" "$admin" ../conf/login_source.sql
ynh_replace_string "__APP__" "$app" ../conf/login_source.sql
ynh_replace_string --match_string __ADMIN__ --replace_string "$admin" --target_file ../conf/login_source.sql
ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
# Fix hooks
if [[ -e $REPO_PATH ]];then
ls $REPO_PATH/*/*.git/hooks/pre-receive | while read p; do
ynh_secure_remove $p
ynh_secure_remove --file=$p
done
ls $REPO_PATH/*/*.git/hooks/post-receive | while read p; do
ynh_secure_remove $p
ynh_secure_remove --file=$p
done
fi
@ -83,22 +86,28 @@ fi
# STANDARD UPGRADE STEPS
#=================================================
ynh_script_progression --message="Configuring application..."
# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
ynh_secure_remove "/opt/$app/templates"
ynh_secure_remove --file="/opt/$app/templates"
# Configure gitea with app.ini file
config_gitea
# Configure init script
ynh_script_progression --message="Updating systemd units..."
ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory
ynh_script_progression --message="Configuring nginx..." --weight=1
config_nginx
#=================================================
# DB migration
#=================================================
ynh_script_progression --message="Upgrading database and sources..." --weight=6
# Before the version 1.7 the upstream version was not stored
# The way to find the version for the install < 1.7 is to parse the binary file to find which version is installed
if [ -z ${upstream_version:-} ]; then
@ -161,29 +170,36 @@ case $upstream_version in
;&
esac
# Install gitea
# Install gitea source
ynh_setup_source $final_path source/$architecture
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring fail2ban..."
ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from <HOST>" --max_retry 5
#=================================================
# GENERIC FINALIZATION
#=================================================
# Set permissions
ynh_script_progression --message="Protecting directory"
set_permission
# Save Version
ynh_app_setting_set $app upstream_version $(ynh_app_upstream_version)
ynh_app_setting_set --app $app --key upstream_version --value $(ynh_app_upstream_version)
# Unprotect root from SSO if public
ynh_script_progression --message="Configuring permissions..."
set_access_settings
# Reload services
ynh_script_progression --message="Starting gitea services..." --weight=3
ynh_systemd_action -l "Serving \[::\]:$port with pid" -p "/var/log/$app/gitea.log" -t 10
sleep 1
# Store the checksum with the 'INTERNAL_TOKEN' value.
# Should be removed when the issue https://github.com/go-gitea/gitea/issues/3246 is fixed
ynh_store_file_checksum "$final_path/custom/conf/app.ini"
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"
#=================================================
# FINISH MIGRATION PROCESS
@ -198,8 +214,8 @@ you don't see Gogs as installed." >&2
# Execute a post migration script after the end of this upgrade.
# Mainly for some cleaning
script_post_migration=gogs_post_migration.sh
ynh_replace_string "__OLD_APP__" "$old_app" ../conf/$script_post_migration
ynh_replace_string "__NEW_APP__" "$app" ../conf/$script_post_migration
ynh_replace_string --match_string __OLD_APP__ --replace_string "$old_app" --target_file ../conf/$script_post_migration
ynh_replace_string --match_string __NEW_APP__ --replace_string "$app" --target_file ../conf/$script_post_migration
cp ../conf/$script_post_migration /tmp
chmod +x /tmp/$script_post_migration
(cd /tmp; echo "/tmp/$script_post_migration > /tmp/$script_post_migration.log 2>&1" | at now + 2 minutes)