Cleanup after auto patch

manifest.toml

@@ -89,7 +89,6 @@ ram.runtime = "100M"
     allow_email = true
 
     [resources.install_dir]
-    dir = "/opt/yunohost/__APP__"
 
     [resources.data_dir]
 

scripts/_common.sh

@@ -10,8 +10,8 @@ ssh_port="$(yunohost settings get security.ssh.ssh_port)"
 #=================================================
 
 _set_permissions() {
-    #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir"
-    #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R u=rwX,g=rX,o= "$install_dir"
+    chown -R "$app:$app" "$install_dir"
+    chmod -R u=rwX,g=rX,o= "$install_dir"
     chmod +x "$install_dir/gitea"
 
     chown -R "$app:$app" "$data_dir"
@@ -21,7 +21,11 @@ _set_permissions() {
                    -exec chown "$app:$app" {} \; \
                    -exec chmod u=rwX,g=rX,o= {} \;
     chmod -R u=rwX,g=,o= "$data_dir/.ssh"
-
-    #REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "/var/log/$app"
-    #REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R u=rwX,g=rX,o= "/var/log/$app"
+}
+
+set_settings_default() {
+    ynh_app_setting_set_default --key=internal_token --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)"
+    ynh_app_setting_set_default --key=secret_key --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)"
+    ynh_app_setting_set_default --key=lfs_jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
+    ynh_app_setting_set_default --key=jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
 }

scripts/backup

@@ -26,8 +26,6 @@ ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
 ynh_backup "/etc/fail2ban/jail.d/$app.conf"
 ynh_backup "/etc/fail2ban/filter.d/$app.conf"
 
-ynh_backup "/etc/logrotate.d/$app"
-
 ynh_backup "/etc/systemd/system/$app.service"
 
 # Backup logs

scripts/install

@@ -36,15 +36,7 @@ _set_permissions
 
 ynh_script_progression "Configuring application, step 1/2..."
 
-internal_token="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)"
-secret_key="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)"
-lfs_jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
-jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
-
-ynh_app_setting_set --key=internal_token --value="$internal_token"
-ynh_app_setting_set --key=secret_key --value="$secret_key"
-ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret"
-ynh_app_setting_set --key=jwt_secret --value="$jwt_secret"
+set_settings_default
 
 ynh_config_add --template='app.ini' --destination="$install_dir/custom/conf/app.ini"
 

scripts/restore

@@ -36,6 +36,9 @@ yunohost service add "$app" --log="/var/log/$app/gitea.log"
 ynh_script_progression "Configuring fail2ban..."
 ynh_config_add_fail2ban --logpath="/var/log/$app/gitea.log" --failregex=".*Failed authentication attempt for .* from <HOST>"
 
+mkdir -p /var/log/"$app"
+ynh_config_add_logrotate
+
 #=================================================
 # RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
 #=================================================

scripts/upgrade

@@ -18,7 +18,7 @@ fi
 #=================================================
 # STOP SYSTEMD SERVICE
 #=================================================
-ynh_script_progression 'Stopping $app's systemd service...'
+ynh_script_progression "Stopping $app's systemd service..."
 
 ynh_systemctl --service="$app" --action=stop
 
@@ -43,10 +43,7 @@ if [ ~"$app" != "$data_dir" ]; then
     usermod --home "$data_dir" "$app"
 fi
 
-# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed
-if ynh_app_upstream_version_changed; then
-    ynh_setup_source --dest_dir="$install_dir" --source_id=main --full_replace --keep=custom
-fi
+ynh_setup_source --dest_dir="$install_dir" --source_id=main --full_replace --keep=custom
 
 #=================================================
 # MIGRATION STEP 2 (Set undefined Vars)
@@ -55,40 +52,17 @@ fi
 ynh_script_progression 'Migrating missing settings...'
 
 # Must set permission before to call gitea command
-#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir"
-#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R u=rwX,g=rX,o= "$install_dir"
+chown -R "$app:$app" "$install_dir"
+chmod -R u=rwX,g=rX,o= "$install_dir"
 chmod +x "$install_dir/gitea"
 
-# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=internal_token --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)"
-if [[ -z "${internal_token:-}" ]]; then
-    internal_token="$(ynh_exec_as_app "$install_dir/gitea" generate secret INTERNAL_TOKEN)"
-    ynh_app_setting_set --key=internal_token --value="$internal_token"
-fi
-
-# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=secret_key --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)"
-if [[ -z "${secret_key:-}" ]]; then
-    secret_key="$(ynh_exec_as_app "$install_dir/gitea" generate secret SECRET_KEY)"
-    ynh_app_setting_set --key=secret_key --value="$secret_key"
-fi
-
+set_settings_default
 if [[ -n "${lfs_key:-}" ]]; then
     lfs_jwt_secret="$lfs_key"
     ynh_app_setting_delete --key=lfs_key
     ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret"
 fi
 
-# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=lfs_jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
-if [[ -z "${lfs_jwt_secret:-}" ]]; then
-    lfs_jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
-    ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret"
-fi
-
-# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=jwt_secret --value="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
-if [[ -z "${jwt_secret:-}" ]]; then
-    jwt_secret="$(ynh_exec_as_app "$install_dir/gitea" generate secret JWT_SECRET)"
-    ynh_app_setting_set --key=jwt_secret --value="$jwt_secret"
-fi
-
 #=================================================
 # MIGRATION STEP Fix regression linked to 77c3678 and #76
 #=================================================
@@ -140,7 +114,7 @@ ynh_config_add_fail2ban --logpath="/var/log/$app/gitea.log" --failregex=".*Faile
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression 'Starting $app's systemd service...'
+ynh_script_progression "Starting $app's systemd service..."
 
 ynh_systemctl --service="$app" --action=start --log_path="/var/log/$app/gitea.log" --wait_until="$systemd_match_start_line"