Cleanup after auto patch

This commit is contained in:
Josué Tille 2024-08-31 09:56:13 +02:00
parent a9647ffbf1
commit 73da923b79
No known key found for this signature in database
GPG Key ID: 5F259226AD51F2F5
6 changed files with 19 additions and 49 deletions

View File

@ -89,7 +89,6 @@ ram.runtime = "100M"
allow_email = true
[resources.install_dir]
dir = "/opt/yunohost/__APP__"
[resources.data_dir]

View File

@ -10,8 +10,8 @@ ssh_port="$(yunohost settings get security.ssh.ssh_port)"
#=================================================
_set_permissions() {
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R u=rwX,g=rX,o= "$install_dir"
chown -R "$app:$app" "$install_dir"
chmod -R u=rwX,g=rX,o= "$install_dir"
chmod +x "$install_dir/gitea"
chown -R "$app:$app" "$data_dir"
@ -21,7 +21,11 @@ _set_permissions() {
-exec chown "$app:$app" {} \; \
-exec chmod u=rwX,g=rX,o= {} \;
chmod -R u=rwX,g=,o= "$data_dir/.ssh"
#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "/var/log/$app"
#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R u=rwX,g=rX,o= "/var/log/$app"
}
set_settings_default() {
ynh_app_setting_set_default --key=internal_token --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)"
ynh_app_setting_set_default --key=secret_key --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)"
ynh_app_setting_set_default --key=lfs_jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
ynh_app_setting_set_default --key=jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
}

View File

@ -26,8 +26,6 @@ ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup "/etc/fail2ban/jail.d/$app.conf"
ynh_backup "/etc/fail2ban/filter.d/$app.conf"
ynh_backup "/etc/logrotate.d/$app"
ynh_backup "/etc/systemd/system/$app.service"
# Backup logs

View File

@ -36,15 +36,7 @@ _set_permissions
ynh_script_progression "Configuring application, step 1/2..."
internal_token="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)"
secret_key="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)"
lfs_jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
ynh_app_setting_set --key=internal_token --value="$internal_token"
ynh_app_setting_set --key=secret_key --value="$secret_key"
ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret"
ynh_app_setting_set --key=jwt_secret --value="$jwt_secret"
set_settings_default
ynh_config_add --template='app.ini' --destination="$install_dir/custom/conf/app.ini"

View File

@ -36,6 +36,9 @@ yunohost service add "$app" --log="/var/log/$app/gitea.log"
ynh_script_progression "Configuring fail2ban..."
ynh_config_add_fail2ban --logpath="/var/log/$app/gitea.log" --failregex=".*Failed authentication attempt for .* from <HOST>"
mkdir -p /var/log/"$app"
ynh_config_add_logrotate
#=================================================
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#=================================================

View File

@ -18,7 +18,7 @@ fi
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression 'Stopping $app's systemd service...'
ynh_script_progression "Stopping $app's systemd service..."
ynh_systemctl --service="$app" --action=stop
@ -43,10 +43,7 @@ if [ ~"$app" != "$data_dir" ]; then
usermod --home "$data_dir" "$app"
fi
# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed
if ynh_app_upstream_version_changed; then
ynh_setup_source --dest_dir="$install_dir" --source_id=main --full_replace --keep=custom
fi
#=================================================
# MIGRATION STEP 2 (Set undefined Vars)
@ -55,40 +52,17 @@ fi
ynh_script_progression 'Migrating missing settings...'
# Must set permission before to call gitea command
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R u=rwX,g=rX,o= "$install_dir"
chown -R "$app:$app" "$install_dir"
chmod -R u=rwX,g=rX,o= "$install_dir"
chmod +x "$install_dir/gitea"
# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=internal_token --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)"
if [[ -z "${internal_token:-}" ]]; then
internal_token="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)"
ynh_app_setting_set --key=internal_token --value="$internal_token"
fi
# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=secret_key --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)"
if [[ -z "${secret_key:-}" ]]; then
secret_key="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)"
ynh_app_setting_set --key=secret_key --value="$secret_key"
fi
set_settings_default
if [[ -n "${lfs_key:-}" ]]; then
lfs_jwt_secret="$lfs_key"
ynh_app_setting_delete --key=lfs_key
ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret"
fi
# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=lfs_jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
if [[ -z "${lfs_jwt_secret:-}" ]]; then
lfs_jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret"
fi
# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
if [[ -z "${jwt_secret:-}" ]]; then
jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
ynh_app_setting_set --key=jwt_secret --value="$jwt_secret"
fi
#=================================================
# MIGRATION STEP Fix regression linked to 77c3678 and #76
#=================================================
@ -140,7 +114,7 @@ ynh_config_add_fail2ban --logpath="/var/log/$app/gitea.log" --failregex=".*Faile
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression 'Starting $app's systemd service...'
ynh_script_progression "Starting $app's systemd service..."
ynh_systemctl --service="$app" --action=start --log_path="/var/log/$app/gitea.log" --wait_until="$systemd_match_start_line"