diff --git a/conf/app.src b/conf/app.src index b2928bb..364a9f2 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,6 +1,6 @@ -SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.0.0-beta.4/peertube-v1.0.0-beta.4.zip -SOURCE_SUM=4d2b60e978c9b170c733b645440b1ea29ac8b69d85adc23c36fa58a9c9db20d6 +SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.0.0-beta.4/peertube-v1.0.0-beta.4.tar.xz +SOURCE_SUM=900e91a0585814d96982c10080644a4cdc0234de9730bf553c5a1e01f75b8e85 SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=zip +SOURCE_FORMAT=tar.xz SOURCE_IN_SUBDIR=true SOURCE_FILENAME= diff --git a/scripts/backup b/scripts/backup index c9f1208..864f5e6 100644 --- a/scripts/backup +++ b/scripts/backup @@ -30,9 +30,9 @@ ynh_abort_if_errors app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get $app final_path) -domain=$(ynh_app_setting_get $app domain) -db_name=$(ynh_app_setting_get $app psql_db) +final_path=$(ynh_app_setting_get "$app" final_path) +domain=$(ynh_app_setting_get "$app" domain) +db_name=$(ynh_app_setting_get "$app" psql_db) #================================================= # STANDARD BACKUP STEPS diff --git a/scripts/install b/scripts/install index c5ea928..6d49eae 100644 --- a/scripts/install +++ b/scripts/install @@ -91,7 +91,7 @@ mkdir -p "$datadir" ynh_install_nodejs 8 # install yarn -wget https://github.com/yarnpkg/yarn/releases/download/v1.6.0/yarn_1.6.0_all.deb +wget -nv https://github.com/yarnpkg/yarn/releases/download/v1.6.0/yarn_1.6.0_all.deb echo "96866d835da94a1f01a616f3d637c9100e826f65cb38a65e5d96ccf01ff6d692 yarn_1.6.0_all.deb" | sha256sum -c || ynh_die dpkg -i yarn_1.6.0_all.deb @@ -100,7 +100,7 @@ echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/a ynh_package_update # install postgresql, ffmpeg, redis -ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools mailutils +ynh_install_app_dependencies postgresql ffmpeg redis-server redis-tools mailutils #================================================= # DATABASE SETUP @@ -114,7 +114,7 @@ ynh_app_setting_set "$app" psqlpwd "$db_pwd" ynh_psql_test_if_first_run ynh_psql_create_user "$app" "$db_pwd" ynh_psql_execute_as_root \ -"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER "$app";" +"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;" #================================================= # CREATE DEDICATED USER @@ -130,9 +130,18 @@ ynh_system_user_create "$app" ynh_app_setting_set "$app" final_path "$final_path" # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source "$final_path" + +#================================================= +# BUILD YARN DEPENDENCIES +#================================================= + cp ../conf/production.yaml "$final_path/config/production.yaml" touch "$final_path/config/local-production.json" -(cd "$final_path" && yarn install --production --pure-lockfile) + +( + cd "$final_path" + yarn install --production --pure-lockfile --silent --cache-folder /var/cache/yarn/ +) #================================================= # NGINX CONFIGURATION @@ -144,7 +153,7 @@ ynh_add_nginx_config # Set right permissions for curl install -chown -R "$app":"app" "$datadir" +chown -R "$app":"$app" "$datadir" # Reload Nginx systemctl reload nginx @@ -153,12 +162,12 @@ systemctl reload nginx # MODIFY A CONFIG FILE #================================================= -ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml" -ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml" -ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml" -ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml" -ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml" -ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml" +ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml" +ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml" +ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml" +ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml" +ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml" +ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml" #================================================= @@ -206,7 +215,11 @@ systemctl start "$app" #================================================= # we need to wait for the service to init peertube's database -(cd "/var/www/$app" && sleep 15 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/$app/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root") +( + cd "$final_path" + sleep 15 + echo $admin_pass | NODE_CONFIG_DIR="$final_path/config" NODE_ENV=production PATH="/opt/node_n/bin:$PATH" npm run reset-password -- -u root +) # Give permisiion to the final_path chown -R "$app":"$app" "$final_path" "$datadir" @@ -223,9 +236,9 @@ systemctl reload nginx message="PeerTube was successfully installed :) -Please open "https://$domain$path_url" +Please open 'https://$domain$path_url' -Here is the admin password: "$admin_pass" +Here is the admin password: '$admin_pass' If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/peertube_ynh" diff --git a/scripts/psql.sh b/scripts/psql.sh index 0b15689..64fa8d9 100644 --- a/scripts/psql.sh +++ b/scripts/psql.sh @@ -7,6 +7,11 @@ # Point of contact : Jean-Baptiste Holcroft #================================================= +# Create a master password and set up global settings +# Please always call this script in install and restore scripts +# +# usage: ynh_psql_test_if_first_run + ynh_psql_test_if_first_run() { if [ -f /etc/yunohost/psql ]; then @@ -27,8 +32,12 @@ ynh_psql_test_if_first_run() { fi systemctl start postgresql - su --command="psql -c\"ALTER user postgres WITH PASSWORD '${pgsql}'\"" postgres - # we can't use peer since YunoHost create users with nologin + sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres + + # force all user to connect to local database using passwords + # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF + # Note: we can't use peer since YunoHost create users with nologin + # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user sed -i '/local\s*all\s*all\s*peer/i \ local all all password' "$pg_hba" systemctl enable postgresql @@ -49,7 +58,7 @@ ynh_psql_connect_as() { user="$1" pwd="$2" db="$3" - su --command="PGUSER=\"${user}\" PGPASSWORD=\"${pwd}\" psql \"${db}\"" postgres + sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db" } # # Execute a command as root user @@ -59,7 +68,7 @@ ynh_psql_connect_as() { # | arg: db - the database to connect to ynh_psql_execute_as_root () { sql="$1" - su --command="psql" postgres <<< "$sql" + sudo --login --user=postgres psql <<< "$sql" } # Execute a command from a file as root user @@ -70,7 +79,7 @@ ynh_psql_execute_as_root () { ynh_psql_execute_file_as_root() { file="$1" db="$2" - su -c "psql $db" postgres < "$file" + sudo --login --user=postgres psql "$db" < "$file" } # Create a database, an user and its password. Then store the password in the app's config @@ -84,7 +93,6 @@ ynh_psql_execute_file_as_root() { # | arg: pwd - Password of the database. If not given, a password will be generated ynh_psql_setup_db () { db_user="$1" - app="$1" db_name="$2" new_db_pwd=$(ynh_string_random) # Generate a random password # If $3 is not given, use new_db_pwd instead for db_pwd. @@ -93,7 +101,7 @@ ynh_psql_setup_db () { ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config } -# Create a database and grant optionnaly privilegies to a user +# Create a database and grant privilegies to a user # # usage: ynh_psql_create_db db [user [pwd]] # | arg: db - the database name to create @@ -104,7 +112,7 @@ ynh_psql_create_db() { user="$2" pwd="$3" ynh_psql_create_user "$user" "$pwd" - su --command="createdb --owner=\"${user}\" \"${db}\"" postgres + sudo --login --user=postgres createdb --owner="$user" "$db" } # Drop a database @@ -115,8 +123,8 @@ ynh_psql_create_db() { ynh_psql_remove_db() { db="$1" user="$2" - su --command="dropdb \"${db}\"" postgres - ynh_psql_drop_user "${user}" + sudo --login --user=postgres dropdb "$db" + ynh_psql_drop_user "$user" } # Dump a database @@ -128,7 +136,7 @@ ynh_psql_remove_db() { # | ret: the psqldump output ynh_psql_dump_db() { db="$1" - su --command="pg_dump \"${db}\"" postgres + sudo --login --user=postgres pg_dump "$db" } @@ -139,7 +147,7 @@ ynh_psql_dump_db() { ynh_psql_create_user() { user="$1" pwd="$2" - su --command="psql -c\"CREATE USER ${user} WITH PASSWORD '${pwd}'\"" postgres + sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd'" postgres } # Drop a user @@ -148,5 +156,5 @@ ynh_psql_create_user() { # | arg: user - the user name to drop ynh_psql_drop_user() { user="$1" - su --command="dropuser \"${user}\"" postgres -} + sudo --login --user=postgres dropuser "$user" +} \ No newline at end of file diff --git a/scripts/remove b/scripts/remove index 7224c83..b940a43 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,4 +1,3 @@ - #!/bin/bash #================================================= diff --git a/scripts/restore b/scripts/restore index 738c34a..999aebd 100644 --- a/scripts/restore +++ b/scripts/restore @@ -81,7 +81,7 @@ ynh_system_user_create "$app" # Set right permissions datadir="/home/yunohost.app/${app}/storage" -chown -R "$app":"app" "$datadir" +chown -R "$app":"$app" "$datadir" #================================================= # SPECIFIC RESTORATION @@ -94,16 +94,16 @@ chown -R "$app":"app" "$datadir" # install nodejs ynh_install_nodejs 8 -wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb -echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die -dpkg -i yarn_1.5.1_all.deb +wget -nv https://github.com/yarnpkg/yarn/releases/download/v1.6.0/yarn_1.6.0_all.deb +echo "96866d835da94a1f01a616f3d637c9100e826f65cb38a65e5d96ccf01ff6d692 yarn_1.6.0_all.deb" | sha256sum -c || ynh_die +dpkg -i yarn_1.6.0_all.deb # add backports (required to install ffmpeg) echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list ynh_package_update # Define and install dependencies -ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools mailutils +ynh_install_app_dependencies postgresql ffmpeg redis-server redis-tools mailutils #================================================= # RESTORE THE PostgreSQL DATABASE @@ -130,10 +130,13 @@ ynh_restore_file "/etc/logrotate.d/$app" # RESTORE THE LOGROTATE CONFIGURATION #================================================= -(cd "$final_path" && yarn install --production --pure-lockfile) +( + cd "$final_path" + yarn install --production --pure-lockfile --silent --cache-folder /var/cache/yarn/ +) # Set right permissions for curl install -chown -R "$app":"app" "$datadir" +chown -R "$app":"$app" "$datadir" #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index 96d5149..2e46b73 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,7 +20,6 @@ domain=$(ynh_app_setting_get "$app" domain) path_url="/" is_public=$(ynh_app_setting_get "$app" is_public) admin_email=$(ynh_app_setting_get "$app" admin_email) -admin_pass=$(ynh_app_setting_get "$app" admin_pass) final_path=$(ynh_app_setting_get "$app" final_path) port=$(ynh_app_setting_get "$app" port) db_name=$(ynh_app_setting_get "$app" psql_db) @@ -86,16 +85,16 @@ ynh_system_user_create "$app" ynh_install_nodejs 8 # install yarn -wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb -echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die -dpkg -i yarn_1.5.1_all.deb +wget -nv https://github.com/yarnpkg/yarn/releases/download/v1.6.0/yarn_1.6.0_all.deb +echo "96866d835da94a1f01a616f3d637c9100e826f65cb38a65e5d96ccf01ff6d692 yarn_1.6.0_all.deb" | sha256sum -c || ynh_die +dpkg -i yarn_1.6.0_all.deb # add backports (required to install ffmpeg) echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list ynh_package_update # install postgresql, ffmpeg, redis -ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools mailutils +ynh_install_app_dependencies postgresql ffmpeg redis-server redis-tools mailutils #================================================= # CHECK THE PATH @@ -104,6 +103,10 @@ ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools mail # Normalize the URL path syntax path_url=$(ynh_normalize_url_path "$path_url") +#================================================= +# DOWNLOAD, CHECK AND UNPACK PEERTUBE SOURCE +#================================================= + # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source "$final_path" cp ../conf/production.yaml "$final_path/config/production.yaml" @@ -113,7 +116,11 @@ cp -a "$tmpdir/local-production.json" "$final_path/config/local-production.json # Remove the tmp directory securely ynh_secure_remove "$tmpdir" -(cd "$final_path" && yarn install --production --pure-lockfile) + +( + cd "$final_path" + yarn install --production --pure-lockfile --silent --cache-folder /var/cache/yarn/ +) #================================================= @@ -133,12 +140,12 @@ systemctl reload nginx # MODIFY A CONFIG FILE #================================================= -ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml" -ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml" -ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml" -ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml" -ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml" -ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml" +ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml" +ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml" +ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml" +ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml" +ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml" +ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml" # Recalculate and store the config file checksum into the app settings @@ -167,12 +174,12 @@ chown -R "$app":"$app" "$final_path" "$datadir" # SETUP SSOWAT #================================================= -if [ $is_public -eq 0 ] +if [ "$is_public" -eq 0 ] then # Remove the public access ynh_app_setting_delete "$app" skipped_uris fi # Make app public if necessary -if [ $is_public -eq 1 ] +if [ "$is_public" -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway ynh_app_setting_set "$app" unprotected_uris "/" @@ -183,6 +190,3 @@ fi #================================================= systemctl reload nginx - - -