From 73da923b79a660fd0f7fa0ea7620e291008b10f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Sat, 31 Aug 2024 09:56:13 +0200 Subject: [PATCH] Cleanup after auto patch --- manifest.toml | 1 - scripts/_common.sh | 14 +++++++++----- scripts/backup | 2 -- scripts/install | 10 +--------- scripts/restore | 3 +++ scripts/upgrade | 38 ++++++-------------------------------- 6 files changed, 19 insertions(+), 49 deletions(-) diff --git a/manifest.toml b/manifest.toml index 7ff93b3..c3395f6 100644 --- a/manifest.toml +++ b/manifest.toml @@ -89,7 +89,6 @@ ram.runtime = "100M" allow_email = true [resources.install_dir] - dir = "/opt/yunohost/__APP__" [resources.data_dir] diff --git a/scripts/_common.sh b/scripts/_common.sh index 01c734a..2e37883 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -10,8 +10,8 @@ ssh_port="$(yunohost settings get security.ssh.ssh_port)" #================================================= _set_permissions() { - #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir" - #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R u=rwX,g=rX,o= "$install_dir" + chown -R "$app:$app" "$install_dir" + chmod -R u=rwX,g=rX,o= "$install_dir" chmod +x "$install_dir/gitea" chown -R "$app:$app" "$data_dir" @@ -21,7 +21,11 @@ _set_permissions() { -exec chown "$app:$app" {} \; \ -exec chmod u=rwX,g=rX,o= {} \; chmod -R u=rwX,g=,o= "$data_dir/.ssh" - - #REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "/var/log/$app" - #REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R u=rwX,g=rX,o= "/var/log/$app" +} + +set_settings_default() { + ynh_app_setting_set_default --key=internal_token --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)" + ynh_app_setting_set_default --key=secret_key --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)" + ynh_app_setting_set_default --key=lfs_jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)" + ynh_app_setting_set_default --key=jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)" } diff --git a/scripts/backup b/scripts/backup index 076f7b9..4037275 100644 --- a/scripts/backup +++ b/scripts/backup @@ -26,8 +26,6 @@ ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup "/etc/fail2ban/jail.d/$app.conf" ynh_backup "/etc/fail2ban/filter.d/$app.conf" -ynh_backup "/etc/logrotate.d/$app" - ynh_backup "/etc/systemd/system/$app.service" # Backup logs diff --git a/scripts/install b/scripts/install index 701d7c1..a4de46a 100644 --- a/scripts/install +++ b/scripts/install @@ -36,15 +36,7 @@ _set_permissions ynh_script_progression "Configuring application, step 1/2..." -internal_token="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)" -secret_key="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)" -lfs_jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)" -jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)" - -ynh_app_setting_set --key=internal_token --value="$internal_token" -ynh_app_setting_set --key=secret_key --value="$secret_key" -ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret" -ynh_app_setting_set --key=jwt_secret --value="$jwt_secret" +set_settings_default ynh_config_add --template='app.ini' --destination="$install_dir/custom/conf/app.ini" diff --git a/scripts/restore b/scripts/restore index d17e01b..4bed372 100644 --- a/scripts/restore +++ b/scripts/restore @@ -36,6 +36,9 @@ yunohost service add "$app" --log="/var/log/$app/gitea.log" ynh_script_progression "Configuring fail2ban..." ynh_config_add_fail2ban --logpath="/var/log/$app/gitea.log" --failregex=".*Failed authentication attempt for .* from " +mkdir -p /var/log/"$app" +ynh_config_add_logrotate + #================================================= # RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index c70aaf0..eb0989c 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,7 +18,7 @@ fi #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression 'Stopping $app's systemd service...' +ynh_script_progression "Stopping $app's systemd service..." ynh_systemctl --service="$app" --action=stop @@ -43,10 +43,7 @@ if [ ~"$app" != "$data_dir" ]; then usermod --home "$data_dir" "$app" fi -# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed -if ynh_app_upstream_version_changed; then - ynh_setup_source --dest_dir="$install_dir" --source_id=main --full_replace --keep=custom -fi +ynh_setup_source --dest_dir="$install_dir" --source_id=main --full_replace --keep=custom #================================================= # MIGRATION STEP 2 (Set undefined Vars) @@ -55,40 +52,17 @@ fi ynh_script_progression 'Migrating missing settings...' # Must set permission before to call gitea command -#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir" -#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R u=rwX,g=rX,o= "$install_dir" +chown -R "$app:$app" "$install_dir" +chmod -R u=rwX,g=rX,o= "$install_dir" chmod +x "$install_dir/gitea" -# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=internal_token --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)" -if [[ -z "${internal_token:-}" ]]; then - internal_token="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)" - ynh_app_setting_set --key=internal_token --value="$internal_token" -fi - -# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=secret_key --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)" -if [[ -z "${secret_key:-}" ]]; then - secret_key="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)" - ynh_app_setting_set --key=secret_key --value="$secret_key" -fi - +set_settings_default if [[ -n "${lfs_key:-}" ]]; then lfs_jwt_secret="$lfs_key" ynh_app_setting_delete --key=lfs_key ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret" fi -# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=lfs_jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)" -if [[ -z "${lfs_jwt_secret:-}" ]]; then - lfs_jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)" - ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret" -fi - -# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)" -if [[ -z "${jwt_secret:-}" ]]; then - jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)" - ynh_app_setting_set --key=jwt_secret --value="$jwt_secret" -fi - #================================================= # MIGRATION STEP Fix regression linked to 77c3678 and #76 #================================================= @@ -140,7 +114,7 @@ ynh_config_add_fail2ban --logpath="/var/log/$app/gitea.log" --failregex=".*Faile #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression 'Starting $app's systemd service...' +ynh_script_progression "Starting $app's systemd service..." ynh_systemctl --service="$app" --action=start --log_path="/var/log/$app/gitea.log" --wait_until="$systemd_match_start_line"