cleanup all scripts

2025-10-30 05:15:30 +01:00 · 2023-11-29 10:58:11 +01:00
parent d5f508aa85
commit e73acdd808
7 changed files with 122 additions and 130 deletions
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -1,31 +1,29 @@
-#!/bin/bash
+#=================================================
+# SET ALL CONSTANTS
+#=================================================
+
+systemd_match_start_line='Starting new Web server: tcp:127.0.0.1:'
+ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+")

 #=================================================
 # DEFINE ALL COMMON FONCTIONS
 #=================================================

-_gitea_mkdirs() {
-    mkdir -p "$install_dir/data"
-    mkdir -p "$install_dir/custom/conf"
-    _gitea_permissions_install_dir
-
-    mkdir -p "$data_dir/.ssh"
-    mkdir -p "$data_dir/repositories"
-    mkdir -p "$data_dir/data/avatars"
-    mkdir -p "$data_dir/data/attachments"
-    chown -R "$app:$app" "$data_dir"
-    chmod -R u=rwX,g=rX,o= "$data_dir"
-    chmod -R u=rwx,g=,o= "$data_dir/.ssh"
-
-    mkdir -p "/var/log/$app"
-    touch "/var/log/$app/gitea.log"
-    chown -R "$app:$app" "/var/log/$app"
-    chmod -R u=rwX,g=rX,o= "/var/log/$app"
-}
-
-_gitea_permissions_install_dir() {
+_set_permissions() {
    chown -R "$app:$app" "$install_dir"
    chmod -R u=rwX,g=rX,o= "$install_dir"
+    chmod +x "$install_dir/gitea"
+
+    chown -R "$app:$app" "$data_dir"
+    find $data_dir \(   \! -perm u=rwX,g=rX,-o= \
+                     -o \! -user $YNH_APP_ID \
+                     -o \! -group $YNH_APP_ID \) \
+                   -exec chown $YNH_APP_ID:$YNH_APP_ID {} \; \
+                   -exec chmod u=rwX,g=rX,o= {} \;
+    chmod -R u=rwX,g=,o= "$data_dir/.ssh"
+
+    chown -R "$app:$app" "/var/log/$app"
+    chmod -R u=rwX,g=rX,o= "/var/log/$app"
 }

 _gitea_set_secrets() {
@@ -39,13 +37,7 @@ _gitea_set_secrets() {
        ynh_app_setting_set --app "$app" --key secret_key --value="$secret_key"
    fi

-    if [[ -z "${jwt_secret:-}" ]]; then
-        jwt_secret=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret JWT_SECRET)
-        ynh_app_setting_set --app "$app" --key jwt_secret --value="$jwt_secret"
-    fi
-
    if [[ -n "${lfs_key:-}" ]]; then
-        # Migration
        lfs_jwt_secret="$lfs_key"
        ynh_app_setting_delete --app "$app" --key lfs_key
        ynh_app_setting_set --app "$app" --key lfs_jwt_secret --value="$lfs_jwt_secret"
@@ -56,8 +48,3 @@ _gitea_set_secrets() {
        ynh_app_setting_set --app "$app" --key lfs_jwt_secret --value="$lfs_jwt_secret"
    fi
 }
-
-_gitea_add_config() {
-    ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+")
-    ynh_add_config --template="app.ini" --destination="$install_dir/custom/conf/app.ini"
-}
--- a/scripts/backup
+++ b/scripts/backup
@@ -9,14 +9,14 @@ source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers


-if [[ ! "$(systemctl status $app.service)" =~ "Active: inactive (dead)" ]]; then
+if [[ ! "$(systemctl status $app.service)" =~ 'Active: inactive (dead)' ]]; then
    ynh_print_warn --message="It's hightly recommended to make your backup when the service is stopped. Please stop $app service and with this command before to run the backup 'systemctl stop $app.service'"
 fi

 #=================================================
 # DECLARE DATA AND CONF FILES TO BACKUP
 #=================================================
-ynh_print_info --message="Declaring files to be backed up..."
+ynh_print_info --message='Declaring files to be backed up...'

 # Copy the app source files
 ynh_backup --src_path "$install_dir"
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -16,7 +16,7 @@ source /usr/share/yunohost/helpers
 #=================================================
 ynh_script_progression --message="Stopping a systemd service..." --weight=1

-ynh_systemd_action --service_name="$app" --action="stop"
+ynh_systemd_action --service_name="$app" --action=stop

 #=================================================
 # MODIFY URL IN NGINX CONF
@@ -32,8 +32,8 @@ ynh_change_url_nginx_config
 #=================================================
 ynh_script_progression --message="Updating gitea configuration..."

-_gitea_add_config
-_gitea_permissions_install_dir
+ynh_add_config --template="app.ini" --destination="$install_dir/custom/conf/app.ini"
+_set_permissions

 #=================================================
 # GENERIC FINALISATION
@@ -42,7 +42,7 @@ _gitea_permissions_install_dir
 #=================================================
 ynh_script_progression --message="Starting gitea services..." --weight=3

-ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
+ynh_systemd_action --service_name="$app" --action=start --log_path="/var/log/$app/gitea.log" --line_match="$systemd_match_start_line"

 #=================================================
 # END OF SCRIPT
--- a/scripts/install
+++ b/scripts/install
@@ -14,20 +14,43 @@ source /usr/share/yunohost/helpers
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Installing sources files and data directories..." --weight=10

+ynh_script_progression --message='Creating base directory...'

+if [ -n "$(ls -A $data_dir)" ]; then
+    old_data_dir_path="${data_dir}_$(date '+%Y%m%d.%H%M%S')"
+    ynh_print_warn "Data directory was not empty. Data was moved to $old_data_dir_path"
+    mkdir -p $old_data_dir_path
+    mv -t "$old_data_dir_path" "$data_dir"/*
+fi
+
+# base directories
+mkdir -p "$install_dir/data"
+mkdir -p "$install_dir/custom/conf"
+mkdir -p "/var/log/$app"
+
+mkdir -p "$data_dir/.ssh"
+mkdir -p "$data_dir/repositories"
+mkdir -p "$data_dir/data/avatars"
+mkdir -p "$data_dir/data/attachments"
+
+ynh_script_progression --message='Installing sources files and data directories...' --weight=10
+
+# Setup source
 ynh_setup_source --dest_dir="$install_dir"
-chmod +x "$install_dir/gitea"
-
-# create needed directories
-_gitea_mkdirs
+_set_permissions

 ynh_script_progression --message="Configuring application, step 1/2..."

-_gitea_set_secrets
-_gitea_add_config
-_gitea_permissions_install_dir
+internal_token=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret INTERNAL_TOKEN)
+secret_key=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret SECRET_KEY)
+lfs_jwt_secret=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret JWT_SECRET)
+
+ynh_app_setting_set --app="$app" --key=internal_token --value="$internal_token"
+ynh_app_setting_set --app="$app" --key=secret_key --value="$secret_key"
+ynh_app_setting_set --app="$app" --key=lfs_jwt_secret --value="$lfs_jwt_secret"
+
+ynh_add_config --template='app.ini' --destination="$install_dir/custom/conf/app.ini"

 #=================================================
 # SYSTEM CONFIGURATION
@@ -47,7 +70,7 @@ yunohost service add "$app" --log="/var/log/$app/gitea.log"
 ynh_use_logrotate --logfile "/var/log/$app"

 # Create a dedicated Fail2Ban config
-ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from <HOST>" --max_retry 5
+ynh_add_fail2ban_config --logpath="/var/log/$app/gitea.log" --failregex='.*Failed authentication attempt for .* from <HOST>' --max_retry=5

 #=================================================
 # APP INITIAL CONFIGURATION
@@ -55,26 +78,27 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
 # ADD A CONFIGURATION
 #=================================================

-ynh_script_progression --message="Configuring application, step 2/2..."
+ynh_script_progression --message='Configuring application, step 2/2...'
+_set_permissions

 # Start gitea for building mysql tables
-ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
+ynh_systemd_action --service_name="$app" --action=start --log_path="/var/log/$app/gitea.log" --line_match="$systemd_match_start_line"

 # Add ldap config
-ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
+ynh_replace_string --match_string=__APP__ --replace_string="$app" --target_file=../conf/login_source.sql
 ynh_mysql_connect_as "$db_user" "$db_pwd" "$db_name" < ../conf/login_source.sql

 # Stop the service to restart it just afterwards
-ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/gitea.log"
+ynh_systemd_action --service_name="$app" --action='stop' --log_path="/var/log/$app/gitea.log"

 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting gitea services..." --weight=3
+ynh_script_progression --message='Starting gitea services...' --weight=3

-ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
+ynh_systemd_action --service_name="$app" --action=start --log_path="/var/log/$app/gitea.log" --line_match="$systemd_match_start_line"

 #=================================================
 # END OF SCRIPT
--- a/scripts/remove
+++ b/scripts/remove
@@ -26,7 +26,7 @@ ynh_remove_logrotate

 ynh_remove_fail2ban_config

-ynh_script_progression --message="Removing logs..."
+ynh_script_progression --message='Removing logs...'
 ynh_secure_remove --file="/var/log/$app"

 #=================================================
--- a/scripts/restore
+++ b/scripts/restore
@@ -13,9 +13,7 @@ source /usr/share/yunohost/helpers
 #=================================================
 ynh_script_progression --message="Restoring the app files..." --weight=1
 ynh_restore
-
-# Also sets the permissions
-_gitea_mkdirs
+_set_permissions

 #=================================================
 # RESTORE THE MYSQL DATABASE
@@ -46,7 +44,7 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
 ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1

 # Typically you only have either $app or php-fpm but not both at the same time...
-ynh_systemd_action -l "Starting new Web server: tcp:127.0.0.1:" -t 10
+ynh_systemd_action --service_name="$app" --action=start --log_path="/var/log/$app/gitea.log" --line_match="$systemd_match_start_line"

 ynh_systemd_action --service_name=nginx --action=reload

--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -16,25 +16,35 @@ upgrade_type=$(ynh_check_app_version_changed)
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
-ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
+ynh_script_progression --message='Ensuring downward compatibility...' --weight=1

-# If lfs_key doesn't exist, create it
-if [ -z "${lfs_key:-}" ]; then
-   lfs_key=$(ynh_string_random)
-   ynh_app_setting_set --app="$app" --key=lfs_key --value="$lfs_key"
+if ynh_compare_current_package_version --comparison lt --version "1.6.4~ynh1"; then
+    message="Upgrade from $YNH_APP_CURRENT_VERSION was dropped. You need to run this, then upgrade to the latest version:
+sudo yunohost app upgrade $app -u https://github.com/YunoHost-Apps/gitea_ynh/commit/a9ceb157032ae2290e944c1d0a255451ff2d133d"
+    ynh_print_info "$message"
+    ynh_die --message="$message" --ret_code 1
 fi

+#=================================================
+# STOP SYSTEMD SERVICE
+#=================================================
+ynh_script_progression --message='Stopping a systemd service...' --weight=1
+
+ynh_systemd_action --service_name="$app" --action=stop
+
+#=================================================
+# MIGRATION STEP 1 (migrate path from packagin v1)
+#=================================================
+
 # This is not handled by the core because the previous package did not define final_path...
 if [ -d "/opt/$app" ]; then
    # This is the package version of the manifestv2
-    rsync -a "/opt/$app/" "$install_dir"
-    ynh_secure_remove "/opt/$app"
+    mv "/opt/$app/" "$install_dir"
 fi

 # Move data directory
 if [ -d "/home/$app" ]; then
-    rsync -a "/home/$app/" "$data_dir"
-    ynh_secure_remove "/home/$app"
+    mv "/home/$app/" "$data_dir"
 fi

 # Ensure the user has the correct home dir
@@ -43,23 +53,45 @@ if [ ~"$app" != "$data_dir" ]; then
 fi

 # Ensure secrets are defined
-# Some workaround around `gitea secret generate` not available in old versions
-mv "$install_dir/gitea" "$install_dir/gitea_orig"
 ynh_setup_source --dest_dir="$install_dir" --source_id=main
-chmod +x "$install_dir/gitea"
-_gitea_set_secrets
-ynh_secure_remove "$install_dir/gitea"
-mv "$install_dir/gitea_orig" "$install_dir/gitea"
-
-# Ensure directories are created
-_gitea_mkdirs
+_set_permissions

 #=================================================
-# STOP SYSTEMD SERVICE
+# MIGRATION STEP 2 (Set undefined Vars)
 #=================================================
-ynh_script_progression --message="Stopping a systemd service..." --weight=1

-ynh_systemd_action --service_name="$app" --action="stop"
+if [[ -z "${internal_token:-}" ]]; then
+    internal_token=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret INTERNAL_TOKEN)
+    ynh_app_setting_set --app "$app" --key internal_token --value="$internal_token"
+fi
+
+if [[ -z "${secret_key:-}" ]]; then
+    secret_key=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret SECRET_KEY)
+    ynh_app_setting_set --app "$app" --key secret_key --value="$secret_key"
+fi
+
+if [[ -n "${lfs_key:-}" ]]; then
+    lfs_jwt_secret="$lfs_key"
+    ynh_app_setting_delete --app "$app" --key lfs_key
+    ynh_app_setting_set --app "$app" --key lfs_jwt_secret --value="$lfs_jwt_secret"
+fi
+
+if [[ -z "${lfs_jwt_secret:-}" ]]; then
+    lfs_jwt_secret=$(ynh_exec_as "$app" "$install_dir/gitea" generate secret JWT_SECRET)
+    ynh_app_setting_set --app "$app" --key lfs_jwt_secret --value="$lfs_jwt_secret"
+fi
+
+#=================================================
+# UPDATE A CONFIG FILE
+#=================================================
+ynh_script_progression --message='Updating configuration files...' --weight=1
+
+# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
+ynh_secure_remove --file="$install_dir/templates"
+
+# Configure gitea with app.ini file
+ynh_add_config --template=app.ini --destination="$install_dir/custom/conf/app.ini"
+_set_permissions

 #=================================================
 # REAPPLY SYSTEM CONFIGURATIONS
@@ -76,61 +108,12 @@ ynh_use_logrotate --non-append

 ynh_add_fail2ban_config --logpath="/var/log/$app/gitea.log" --failregex=".*Failed authentication attempt for .* from <HOST>" --max_retry 5

-#=================================================
-# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
-#=================================================
-# UPDATE A CONFIG FILE
-#=================================================
-ynh_script_progression --message="Updating configuration files..." --weight=1
-
-# Clean template to fix issue : https://github.com/gogits/gogs/issues/4585
-ynh_secure_remove --file="$install_dir/templates"
-
-# Configure gitea with app.ini file
-_gitea_add_config
-_gitea_permissions_install_dir
-
-#=================================================
-# DB migration
-#=================================================
-ynh_script_progression --message="Upgrading database and sources..." --weight=6
-
-if ynh_compare_current_package_version --comparison lt --version "1.6.4~ynh1"; then
-    message="Upgrade from $YNH_APP_CURRENT_VERSION was dropped. You need to run this, then upgrade to the latest version:
-sudo yunohost app upgrade $app -u https://github.com/YunoHost-Apps/gitea_ynh/commit/a9ceb157032ae2290e944c1d0a255451ff2d133d"
-    ynh_print_info "$message"
-    ynh_die --message="$message" --ret_code 1
-fi
-
-ynh_setup_source --dest_dir="$install_dir"
-chmod +x "$install_dir/gitea"
-_gitea_permissions_install_dir
-ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
-# FIXME: Leave the time to update the database schema
-sleep 5
-systemctl stop "$app"
-
-
-#=================================================
-# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
-#=================================================
-# UPDATE A CONFIG FILE
-#=================================================
-ynh_script_progression --message="Updating LDAP configuration..." --weight=1
-# Should be done after DB migration I guess
-if ! ynh_permission_exists --permission admin; then
-    # Update ldap config
-    ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/login_source.sql"
-    ynh_mysql_connect_as "$db_user" "$db_pwd" "$db_name" < ../conf/login_source.sql
-fi
-
-
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
+ynh_script_progression --message='Starting a systemd service...' --weight=1

-ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/gitea.log" --line_match="Starting new Web server: tcp:127.0.0.1:"
+ynh_systemd_action --service_name="$app" --action=start --log_path="/var/log/$app/gitea.log" --line_match="$systemd_match_start_line"

 #=================================================
 # END OF SCRIPT