deblan/peertube_ynh
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge branch 'testing' into patch-1

Browse source
This commit is contained in:
anmol26s 2018-05-21 10:50:31 +05:30 committed by GitHub
parent 2ada66ede6 a84c733f89
commit 76a06f63d1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 726 additions and 152 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
README.md
View file

@ -1,6 +1,9 @@
# PeerTube app for YunoHost
[![Install Peertube with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=Peertube)<br><br>
=======
**Version 1.0.0-beta.4**
<h4 align="center">
PeerTube is a decentralized video streaming platform using P2P (BitTorrent) directly in the web browser, using <a href="https://github.com/feross/webtorrent">WebTorrent</a>.
@ -22,7 +25,6 @@ Want to see in action?
1. Require dedicated domain like **peertube.domain.tld**.
1. No LDAP support (blocked until upstream implements it)
1. URL can not be changed once selected.
1. Peertube is under beta stage, **don't use it for production**
1. Take notice that this YunoHost package *claims* the following features:
- [x] Install
- [x] Remove
@ -33,26 +35,22 @@ Want to see in action?
1. **Install the app by following command:**
$ sudo yunohost app install https://github.com/YunoHost-Apps/peertube_ynh
1. Use **root** as the admin username and the password given while installation of the Peertube for the login.
1. Don't forget to change the **port** if using a multi-instance for Peertube.
1. **root** is the admin username.
1. **Password** will be sent through the email to the admin email account given at the time of installation of the app.
## Why
We can't build a FOSS video streaming alternatives to YouTube, Dailymotion, Vimeo... with a centralized software. One organization alone cannot have enough money to pay bandwidth and video storage of its server.
So we need to have a decentralized network (as [Hubzilla](https://project.hubzilla.org/page/hubzilla/hubzilla-project) ([Hubzilla YunoHost](https://github.com/YunoHost-Apps/hubzilla_ynh)), [Friendica](http://friendi.ca/) ([Friendica YunoHost](https://github.com/YunoHost-Apps/friendica_ynh)), [Mastodon](https://github.com/tootsuite/mastodon) ([Mastodon YunoHost](https://github.com/YunoHost-Apps/mastodon_ynh)), [Diaspora](https://github.com/diaspora/diaspora) ([Diaspora YunoHost](https://github.com/YunoHost-Apps/diaspora_ynh))).
So we need to have a decentralized network (as [Hubzilla](https://project.hubzilla.org/page/hubzilla/hubzilla-project) ([Hubzilla YunoHost](https://github.com/YunoHost-Apps/hubzilla_ynh)), [Friendica](http://friendi.ca/) ([Friendica YunoHost](https://github.com/YunoHost-Apps/friendica_ynh)), [Mastodon](https://github.com/tootsuite/mastodon) ([Mastodon YunoHost](https://github.com/YunoHost-Apps/mastodon_ynh)), [Diaspora](https://github.com/diaspora/diaspora) ([Diaspora YunoHost](https://github.com/YunoHost-Apps/diaspora_ynh)),[Funkwhale](https://funkwhale.audio) ([Funkwhale YunoHost](https://github.com/YunoHost-Apps/funkwhale_ynh))).
But it's not enough because one video could become famous and overload the server.
It's the reason why we need to use a P2P protocol to limit the server load.
Thanks to [WebTorrent](https://github.com/feross/webtorrent), we can make P2P (thus bittorrent) inside the web browser right now.
### Dependencies
* **NodeJS >= 6.x**
* **npm >= 3.x**
* yarn
* OpenSSL (cli)
* PostgreSQL
* FFmpeg
* NodeJS, PostgreSQL
* It adds jessie-backports for ffmpeg
## LICENSE

14
check_process
View file

@ -16,9 +16,9 @@
setup_nourl=0
setup_private=1
setup_public=1
upgrade=0
backup_restore=0
multi_instance=0
upgrade=1
backup_restore=1
multi_instance=1
incorrect_path=0
port_already_use=1
change_url=0
@ -26,8 +26,8 @@
Level 1=auto
Level 2=auto
Level 3=auto
# Level 4:
Level 4=0
# Level 4: not supported by upstream
Level 4=1
# Level 5:
Level 5=auto
Level 6=auto
@ -36,5 +36,5 @@
Level 9=0
Level 10=0
;;; Options
Email=
Notification=none
Email=anmol@datamol.org
Notification=yes

4
conf/app.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.0.0-beta.1/peertube-v1.0.0-beta.1.zip
SOURCE_SUM=8e80aaa503de0d28be209375b48dd9242abec16a3bde473b684286c67e19af13
SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.0.0-beta.4/peertube-v1.0.0-beta.4.zip
SOURCE_SUM=4d2b60e978c9b170c733b645440b1ea29ac8b69d85adc23c36fa58a9c9db20d6
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true

36
conf/nginx.conf
View file

@ -1,18 +1,37 @@
location / {
location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ {
add_header Cache-Control "public, max-age=31536000, immutable";
alias __FINALPATH__/client/dist/$1;
}
location ~ ^/static/(thumbnails|avatars)/(.*)$ {
add_header Cache-Control "public, max-age=31536000, immutable";
alias /home/yunohost.app/__NAME__/storage/$1/$2;
}
location / {
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
proxy_pass http://localhost:9000;
proxy_pass http://localhost:__PORT__;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# For the video upload
# Hard limit, PeerTube does not support videos > 4GB
client_max_body_size 4G;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
}
# Bypass PeerTube webseed route for better performances
location /static/webseed {
# Bypass PeerTube webseed route for better performances
location /static/webseed {
# Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
limit_rate 800k;
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
@ -27,9 +46,12 @@ location / {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
# Don't spam access log file with byte range requests
access_log off;
}
alias __FINALPATH__/videos;
alias /home/yunohost.app/__NAME__/storage/videos;
}
# Websocket tracker
@ -42,5 +64,5 @@ location / {
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://localhost:9000;
proxy_pass http://localhost:__PORT__;
}

73
conf/production.yaml
View file

@ -1,18 +1,26 @@
listen:
port: 9000
hostname: 'localhost'
port: __PORT__
# Correspond to your reverse proxy "listen" configuration
webserver:
https: true
hostname: '__domain__'
port: 443
# Proxies to trust to get real client IP
# If you run PeerTube just behind a local proxy (nginx), keep 'loopback'
# If you run PeerTube behind a remote proxy, add the proxy IP address (or subnet)
trust_proxy:
- 'loopback'
# Your database name will be "peertube"+database.suffix
database:
hostname: 'localhost'
port: 5432
suffix: '_prod'
username: 'peertube'
suffix: '___db_name__'
username: '__db_name__'
password: '__db_pwd__'
# Your object store
@ -21,22 +29,45 @@ redis:
port: 6379
auth: null
# SMTP server to send emails
smtp:
hostname: null
port: 465
username: null
password: null
tls: true
disable_starttls: false
ca_file: null # Used for self signed certificates
from_address: 'admin@__domain__'
# From the project root directory
storage:
avatars: 'avatars/'
videos: 'videos/'
logs: 'logs/'
previews: 'previews/'
thumbnails: 'thumbnails/'
torrents: 'torrents/'
cache: 'cache/'
avatars: '/home/yunohost.app/__app__/storage/avatars/'
videos: '/home/yunohost.app/__app__/storage/videos/'
logs: '/home/yunohost.app/__app__/storage/logs/'
previews: '/home/yunohost.app/__app__/storage/previews/'
thumbnails: '/home/yunohost.app/__app__/storage/thumbnails/'
torrents: '/home/yunohost.app/__app__/storage/torrents/'
cache: '/home/yunohost.app/__app__/storage/cache/'
log:
level: 'info' # debug/info/warning/error
###############################################################################
#
# From this point, all the following keys can be overriden by the web interface
# (local-production.json file). If you need to change some values, prefer to
# use the web interface because the configuration will be automatically
# reloaded without any need to restart PeerTube.
#
# /!\ If you already have a local-production.json file, the modification of the
# following keys will have no effect /!\.
#
###############################################################################
cache:
previews:
size: 1 # Max number of previews you want to cache
size: 100 # Max number of previews you want to cache
admin:
email: '__email__'
@ -56,16 +87,22 @@ transcoding:
enabled: false
threads: 2
resolutions: # Only created if the original video has a higher resolution
240p: true
360p: true
480p: true
720p: true
1080p: true
240p: false
360p: false
480p: false
720p: false
1080p: false
# Instance settings
instance:
name: 'PeerTube'
description: 'Welcome to this PeerTube instance!' # Support markdown
terms: 'No terms for now.' # Support markdown
short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.'
description: '' # Support markdown
terms: '' # Support markdown
default_client_route: '/videos/trending'
# By default, "do_not_list" or "blur" or "display" NSFW videos
# Could be overridden per user with a setting
default_nsfw_policy: 'do_not_list'
customizations:
javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime
css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime

3
conf/systemd.service
View file

@ -4,13 +4,14 @@ Description=PeerTube daemon
[Service]
Type=simple
Environment=NODE_ENV=production
Environment=NODE_CONFIG_DIR=__FINALPATH__/config
User=__APP__
Group=__APP__
ExecStart=/bin/sh -c 'PATH=/opt/node_n/bin:$PATH exec npm start'
WorkingDirectory=__FINALPATH__/
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=peertube
SyslogIdentifier=__APP__
Restart=always
[Install]

19
manifest.json
View file

@ -5,17 +5,17 @@
"description": {
"en": "Video streaming platform using P2P directly in the web browser, connected to a federated network"
},
"version": "1.1",
"version": "1.0.0-beta.4",
"url": "https://github.com/Chocobozzz/PeerTube",
"license": "free",
"license": "AGPL-3.0-only",
"maintainer": {
"name": "Anmol Sharma",
"email": "anmol@datamol.org"
},
"requirements": {
"yunohost": ">= 2.7.2"
"yunohost": ">= 2.7.9"
},
"multi_instance": false,
"multi_instance": true,
"services": [
"nginx"
],
@ -32,19 +32,10 @@
{
"name": "email",
"ask": {
"en": "Choose an admin(root) email(Can be other then LDAP emails and can't be changed after installation)"
"en": "Choose an admin email (can be changed after installation)"
},
"example": "johndoe@example.com"
},
{
"name": "pass",
"type": "password",
"ask": {
"en": "Enter password of this administrator ≥ 6 character",
"fr": "Ajouter le mot de passe pour cette administrateur ≥ 6 charactères"
},
"example": "battery horse staple nenuphar"
},
{
"name": "is_public",
"type": "boolean",

49
scripts/_common.sh
View file

@ -11,3 +11,52 @@ ynh_delete_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: app_message - The message to send to the administrator.
# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
ynh_send_readme_to_admin() {
local app_message="${1:-...No specific information...}"
local recipients="${2:-root}"
# Retrieve the email of users
find_mails () {
local list_mails="$1"
local mail
local recipients=" "
# Read each mail in argument
for mail in $list_mails
do
# Keep root or a real email address as it is
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
then
recipients="$recipients $mail"
else
# But replace an user name without a domain after by its email
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
then
recipients="$recipients $mail"
fi
fi
done
echo "$recipients"
}
recipients=$(find_mails "$recipients")
local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
local mail_message="This is an automated message from your beloved YunoHost server.
Specific information for the application $app.
$app_message
---
Automatic diagnosis data from YunoHost
$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
# Send the email to the recipients
echo "$mail_message" | mail -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
}

75
scripts/backup Normal file
View file

@ -0,0 +1,75 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
if [ ! -e _common.sh ]; then
# Get the _common.sh file if it's not in the current directory
cp ../settings/scripts/_common.sh ./_common.sh
cp ../settings/scripts/psql.sh ./psql.sh
chmod a+rx _common.sh psql.sh
fi
source _common.sh
source /usr/share/yunohost/helpers
source psql.sh
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get $app domain)
db_name=$(ynh_app_setting_get $app psql_db)
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup "$final_path"
# Copy the data directory
datadir="/home/yunohost.app/${app}/storage"
ynh_backup "$datadir"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PostgreSQL DATABASE
#=================================================
ynh_psql_dump_db "$db_name" > db.sql
ynh_backup "db.sql"
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_backup "/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_backup "/etc/systemd/system/$app.service"

111
scripts/install
View file

@ -7,9 +7,8 @@
#=================================================
source _common.sh
source psql.sh
source nodejs.sh
source /usr/share/yunohost/helpers
source psql.sh
#=================================================
# MANAGE SCRIPT FAILURE
@ -17,9 +16,6 @@ source /usr/share/yunohost/helpers
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#ynh_clean_setup () {
#
#}
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
@ -28,9 +24,10 @@ ynh_abort_if_errors
domain=$YNH_APP_ARG_DOMAIN
path_url="/"
admin_email=$YNH_APP_ARG_EMAIL
admin_pass=$YNH_APP_ARG_PASS
admin_pass=$(ynh_string_random 24)
is_public=$YNH_APP_ARG_IS_PUBLIC
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
@ -51,18 +48,18 @@ final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Check web path availability
ynh_webpath_available $domain $path_url
ynh_webpath_available "$domain" "$path_url"
# Register (book) web path
ynh_webpath_register $app $domain $path_url
ynh_webpath_register "$app" "$domain" "$path_url"
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app admin_email $admin_email
ynh_app_setting_set $app admin_pass $admin_pass
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set "$app" domain "$domain"
ynh_app_setting_set "$app" admin_email "$admin_email"
ynh_app_setting_set "$app" admin_pass "$admin_pass"
ynh_app_setting_set "$app" is_public "$is_public"
#=================================================
# STANDARD MODIFICATIONS
@ -72,74 +69,82 @@ ynh_app_setting_set $app is_public $is_public
# Find a free port
port=$(ynh_find_port 9000)
# Open this port
yunohost firewall allow Both $port 2>&1
ynh_app_setting_set $app port $port
yunohost firewall allow Both "$port" 2>&1
ynh_app_setting_set "$app" port "$port"
#=================================================
# CREATE THE DATA DIRECTORY
#=================================================
# Define app's data directory
datadir="/home/yunohost.app/${app}/storage"
# Create app folders
mkdir -p "$datadir"
#=================================================
# INSTALL DEPENDENCIES
#=================================================
# install nodejs
ynh_install_nodejs 8
# install yarn
wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb
echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die
sudo dpkg -i yarn_1.5.1_all.deb
wget https://github.com/yarnpkg/yarn/releases/download/v1.6.0/yarn_1.6.0_all.deb
echo "96866d835da94a1f01a616f3d637c9100e826f65cb38a65e5d96ccf01ff6d692 yarn_1.6.0_all.deb" | sha256sum -c || ynh_die
dpkg -i yarn_1.6.0_all.deb
# add backports (required to install ffmpeg)
echo "deb http://httpredir.debian.org/debian jessie-backports main" | sudo tee /etc/apt/sources.list.d/jessie-backports.list
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
ynh_package_update
# install postgresql, ffmpeg, redis
ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools
# install nodejs
ynh_install_nodejs 8
ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools mailutils
#=================================================
# DATABASE SETUP
#=================================================
# Create postgresql database
db_name="peertube_prod"
db_name="peertube_${app}"
db_pwd=$(ynh_string_random 30)
ynh_app_setting_set $app psql_db $db_name
ynh_app_setting_set $app psqlpwd $db_pwd
ynh_app_setting_set "$app" psql_db "$db_name"
ynh_app_setting_set "$app" psqlpwd "$db_pwd"
ynh_psql_test_if_first_run
ynh_psql_create_user $app $db_pwd
ynh_psql_create_user "$app" "$db_pwd"
ynh_psql_execute_as_root \
"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;"
"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER "$app";"
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a system user
ynh_system_user_create $app
ynh_system_user_create "$app"
#=================================================
# DOWNLOAD, CHECK AND UNPACK PEERTUBE SOURCE
#=================================================
ynh_app_setting_set $app final_path $final_path
ynh_app_setting_set "$app" final_path "$final_path"
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
cp ../conf/production.yaml $final_path/config/production.yaml
(cd $final_path && yarn install --production --pure-lockfile)
cp ../conf/production.yaml "$final_path/config/production.yaml"
touch "$final_path/config/local-production.json"
(cd "$final_path" && yarn install --production --pure-lockfile)
#=================================================
# NGINX CONFIGURATION
#=================================================
# Create a dedicated nginx config
sudo mkdir -p "/etc/nginx/conf.d/${domain}.d"
mkdir -p "/etc/nginx/conf.d/${domain}.d"
ynh_add_nginx_config
#=================================================
# SETUP APPLICATION WITH CURL
#=================================================
# Set right permissions for curl install
chown -R $app:$app $final_path
chown -R "$app":"app" "$datadir"
# Reload Nginx
systemctl reload nginx
@ -150,8 +155,11 @@ systemctl reload nginx
ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml"
ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml"
ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml"
ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml"
ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml"
ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml"
#=================================================
# STORE THE CHECKSUM OF THE CONFIG FILE
@ -168,21 +176,21 @@ ynh_store_file_checksum "$final_path/config/production.yaml"
#=================================================
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
ynh_use_logrotate "/home/yunohost.app/${app}/storage/logs/peertube.log"
#=================================================
# SETUP SSOWAT
#=================================================
if [ $is_public -eq 0 ]
if [ "$is_public" -eq 0 ]
then # Remove the public access
ynh_app_setting_delete $app skipped_uris
ynh_app_setting_delete "$app" skipped_uris
fi
# Make app public if necessary
if [ $is_public -eq 1 ]
if [ "$is_public" -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set $app unprotected_uris "/"
ynh_app_setting_set "$app" unprotected_uris "/"
fi
#=================================================
@ -191,17 +199,34 @@ fi
# Create a dedicated systemd config
ynh_add_systemd_config
sudo systemctl start peertube
systemctl start "$app"
#=================================================
# CHANGE PEERTUBE ADMIN PASSWORD AFTER INITIAL GEN
#=================================================
# we need to wait for the service to init peertube's database
(cd /var/www/peertube && sleep 5 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/peertube/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root")
(cd "/var/www/$app" && sleep 15 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/$app/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root")
# Give permisiion to the final_path
chown -R "$app":"$app" "$final_path" "$datadir"
#=================================================
# RELOAD NGINX
#=================================================
systemctl reload nginx
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="PeerTube was successfully installed :)
Please open "https://$domain$path_url"
Here is the admin password: "$admin_pass"
If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/peertube_ynh"
ynh_send_readme_to_admin "$message"

118
scripts/psql.sh
View file

@ -1,9 +1,41 @@
#!/bin/bash
#=================================================
#
# POSTGRES HELPERS
#
# Point of contact : Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr>
#=================================================
ynh_psql_test_if_first_run() {
if [ -f /etc/yunohost/psql ];
then
echo "PostgreSQL is already installed, no need to create master password"
else
pgsql=$(ynh_string_random)
pg_hba=""
echo "$pgsql" >> /etc/yunohost/psql
if [ -e /etc/postgresql/9.4/ ]
then
pg_hba=/etc/postgresql/9.4/main/pg_hba.conf
elif [ -e /etc/postgresql/9.6/ ]
then
pg_hba=/etc/postgresql/9.6/main/pg_hba.conf
else
ynh_die "postgresql shoud be 9.4 or 9.6"
fi
systemctl start postgresql
su --command="psql -c\"ALTER user postgres WITH PASSWORD '${pgsql}'\"" postgres
# we can't use peer since YunoHost create users with nologin
sed -i '/local\s*all\s*all\s*peer/i \
local all all password' "$pg_hba"
systemctl enable postgresql
systemctl reload postgresql
fi
}
# Open a connection as a user
#
# example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;"
@ -14,7 +46,10 @@
# | arg: pwd - the user password
# | arg: db - the database to connect to
ynh_psql_connect_as() {
ynh_die "ynh_psql_connect_as is not yet implemented"
user="$1"
pwd="$2"
db="$3"
su --command="PGUSER=\"${user}\" PGPASSWORD=\"${pwd}\" psql \"${db}\"" postgres
}
# # Execute a command as root user
@ -23,8 +58,8 @@ ynh_psql_connect_as() {
# | arg: sql - the SQL command to execute
# | arg: db - the database to connect to
ynh_psql_execute_as_root () {
sudo su -c "psql" - postgres <<< ${1}
#TODO support db argument ?
sql="$1"
su --command="psql" postgres <<< "$sql"
}
# Execute a command from a file as root user
@ -33,7 +68,29 @@ ynh_psql_execute_as_root () {
# | arg: file - the file containing SQL commands
# | arg: db - the database to connect to
ynh_psql_execute_file_as_root() {
ynh_die "ynh_psql_execute_file_as_root is not yet implemented"
file="$1"
db="$2"
su -c "psql $db" postgres < "$file"
}
# Create a database, an user and its password. Then store the password in the app's config
#
# After executing this helper, the password of the created database will be available in $db_pwd
# It will also be stored as "psqlpwd" into the app settings.
#
# usage: ynh_psql_setup_db user name [pwd]
# | arg: user - Owner of the database
# | arg: name - Name of the database
# | arg: pwd - Password of the database. If not given, a password will be generated
ynh_psql_setup_db () {
db_user="$1"
app="$1"
db_name="$2"
new_db_pwd=$(ynh_string_random) # Generate a random password
# If $3 is not given, use new_db_pwd instead for db_pwd.
db_pwd="${3:-$new_db_pwd}"
ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database
ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config
}
# Create a database and grant optionnaly privilegies to a user
@ -41,25 +98,25 @@ ynh_psql_execute_file_as_root() {
# usage: ynh_psql_create_db db [user [pwd]]
# | arg: db - the database name to create
# | arg: user - the user to grant privilegies
# | arg: pwd - the password to identify user by
# | arg: pwd - the user password
ynh_psql_create_db() {
db=$1
# grant all privilegies to user
if [[ $# -gt 1 ]]; then
ynh_psql_create_user ${2} "${3}"
sudo su -c "createdb -O ${2} $db" - postgres
else
sudo su -c "createdb $db" - postgres
fi
db="$1"
user="$2"
pwd="$3"
ynh_psql_create_user "$user" "$pwd"
su --command="createdb --owner=\"${user}\" \"${db}\"" postgres
}
# Drop a database
#
# usage: ynh_psql_drop_db db
# | arg: db - the database name to drop
ynh_psql_drop_db() {
sudo su -c "dropdb ${1}" - postgres
# | arg: user - the user to drop
ynh_psql_remove_db() {
db="$1"
user="$2"
su --command="dropdb \"${db}\"" postgres
ynh_psql_drop_user "${user}"
}
# Dump a database
@ -70,7 +127,8 @@ ynh_psql_drop_db() {
# | arg: db - the database name to dump
# | ret: the psqldump output
ynh_psql_dump_db() {
ynh_die "ynh_psql_dump_db is not yet implemented"
db="$1"
su --command="pg_dump \"${db}\"" postgres
}
@ -78,10 +136,10 @@ ynh_psql_dump_db() {
#
# usage: ynh_psql_create_user user pwd [host]
# | arg: user - the user name to create
# | arg: pwd - the password to identify user by
ynh_psql_create_user() {
ynh_psql_execute_as_root \
"CREATE USER ${1} WITH PASSWORD '${2}';"
user="$1"
pwd="$2"
su --command="psql -c\"CREATE USER ${user} WITH PASSWORD '${pwd}'\"" postgres
}
# Drop a user
@ -89,22 +147,6 @@ ynh_psql_create_user() {
# usage: ynh_psql_drop_user user
# | arg: user - the user name to drop
ynh_psql_drop_user() {
sudo su -c "dropuser ${1}" - postgres
}
ynh_psql_test_if_first_run() {
if [ -f /etc/yunohost/psql ];
then
echo "PostgreSQL is already installed, no need to create master password"
else
local pgsql=$(ynh_string_random)
echo "$pgsql" >> /etc/yunohost/psql
systemctl start postgresql
sudo -u postgres psql -c"ALTER user postgres WITH PASSWORD '${pgsql}'"
# we can't use peer since YunoHost create users with nologin
sed -i '/local\s*all\s*all\s*peer/i \
local all all password' /etc/postgresql/9.4/main/pg_hba.conf
systemctl enable postgresql
systemctl reload postgresql
fi
user="$1"
su --command="dropuser \"${user}\"" postgres
}

25
scripts/remove
View file

@ -1,3 +1,4 @@
#!/bin/bash
#=================================================
@ -7,9 +8,8 @@
#=================================================
source _common.sh
source psql.sh
source nodejs.sh
source /usr/share/yunohost/helpers
source psql.sh
#=================================================
# LOAD SETTINGS
@ -17,10 +17,10 @@ source /usr/share/yunohost/helpers
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
port=$(ynh_app_setting_get $app port)
db_name=$(ynh_app_setting_get $app psql_db)
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get "$app" domain)
port=$(ynh_app_setting_get "$app" port)
db_name=$(ynh_app_setting_get "$app" psql_db)
final_path=$(ynh_app_setting_get "$app" final_path)
#=================================================
# STANDARD REMOVE
@ -35,10 +35,10 @@ ynh_remove_systemd_config
# REMOVE SERVICE FROM ADMIN PANEL
#=================================================
if yunohost service status | grep -q $app
if yunohost service status | grep -q "$app"
then
echo "Remove $app service"
yunohost service remove $app
yunohost service remove "$app"
fi
#=================================================
@ -54,14 +54,14 @@ ynh_remove_nodejs
#=================================================
# Remove a database if it exists, along with the associated user
ynh_psql_drop_db $db_name
ynh_psql_drop_user $app
ynh_psql_remove_db "$db_name" "$app"
#=================================================
# REMOVE APP MAIN DIR
#=================================================
# Remove the app directory securely
ynh_secure_remove "$final_path"
ynh_secure_remove /home/yunohost.app/"$app"
#=================================================
# REMOVE NGINX CONFIGURATION
@ -77,6 +77,7 @@ ynh_remove_nginx_config
# Remove the app-specific logrotate config
ynh_remove_logrotate
ynh_secure_remove /var/log/"$app"
#=================================================
# CLOSE A PORT
#=================================================
@ -84,7 +85,7 @@ ynh_secure_remove /var/log/"$app"
if yunohost firewall list | grep -q "\- $port$"
then
echo "Close port $port"
yunohost firewall disallow TCP $port 2>&1
yunohost firewall disallow Both "$port" 2>&1
fi
#=================================================
@ -98,4 +99,4 @@ fi
#=================================================
# Delete a system user
ynh_system_user_delete $app
ynh_system_user_delete "$app"

145
scripts/restore Normal file
View file

@ -0,0 +1,145 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
if [ ! -e _common.sh ]; then
# Get the _common.sh file if it's not in the current directory
cp ../settings/scripts/_common.sh ./_common.sh
cp ../settings/scripts/psql.sh ./psql.sh
chmod a+rx _common.sh psql.sh
fi
source _common.sh
source /usr/share/yunohost/helpers
source psql.sh
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get "$app" domain)
path_url="/"
final_path=$(ynh_app_setting_get "$app" final_path)
port=$(ynh_app_setting_get "$app" port)
db_name=$(ynh_app_setting_get "$app" psql_db)
db_pwd=$(ynh_app_setting_get "$app" psqlpwd)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_webpath_available "$domain" "$path_url" \
|| ynh_die "Path not available: ${domain}${path_url}"
test ! -d "$final_path" \
|| ynh_die "There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_restore_file "$final_path"
datadir="/home/yunohost.app/${app}/storage"
ynh_restore_file "$datadir"
# Open this port
yunohost firewall allow Both "$port" 2>&1
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
# Create the dedicated user (if not existing)
ynh_system_user_create "$app"
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Set right permissions
datadir="/home/yunohost.app/${app}/storage"
chown -R "$app":"app" "$datadir"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
# install yarn
# install nodejs
ynh_install_nodejs 8
wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb
echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die
dpkg -i yarn_1.5.1_all.deb
# add backports (required to install ffmpeg)
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
ynh_package_update
# Define and install dependencies
ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools mailutils
#=================================================
# RESTORE THE PostgreSQL DATABASE
#=================================================
ynh_psql_test_if_first_run
ynh_psql_setup_db "$app" "$db_name" "$db_pwd"
ynh_psql_execute_file_as_root ./db.sql "$db_name"
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_restore_file "/etc/systemd/system/$app.service"
systemctl enable "$app.service"
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_restore_file "/etc/logrotate.d/$app"
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
(cd "$final_path" && yarn install --production --pure-lockfile)
# Set right permissions for curl install
chown -R "$app":"app" "$datadir"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PeerTube
#=================================================
systemctl reload nginx
service "$app" restart

188
scripts/upgrade Normal file
View file

@ -0,0 +1,188 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
source psql.sh
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get "$app" domain)
path_url="/"
is_public=$(ynh_app_setting_get "$app" is_public)
admin_email=$(ynh_app_setting_get "$app" admin_email)
admin_pass=$(ynh_app_setting_get "$app" admin_pass)
final_path=$(ynh_app_setting_get "$app" final_path)
port=$(ynh_app_setting_get "$app" port)
db_name=$(ynh_app_setting_get "$app" psql_db)
db_pwd=$(ynh_app_setting_get "$app" psqlpwd)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set "$app" is_public 1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set "$app" is_public 0
is_public=0
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# REMOVE APP MAIN DIR
#=================================================
# Create a temporary directory
tmpdir="$(mktemp -d)"
# Backup the config file in the temp dir
cp -a "$final_path/config/local-production.json" "$tmpdir/local-production.json"
# Remove the app directory securely
ynh_secure_remove "$final_path"
# Define app's data directory
datadir="/home/yunohost.app/${app}/storage"
# Create app folders
mkdir -p "$datadir"
# Open this port
yunohost firewall allow Both "$port" 2>&1
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a system user
ynh_system_user_create "$app"
#=================================================
# INSTALL DEPENDENCIES
#=================================================
# install nodejs
ynh_install_nodejs 8
# install yarn
wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb
echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die
dpkg -i yarn_1.5.1_all.deb
# add backports (required to install ffmpeg)
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
ynh_package_update
# install postgresql, ffmpeg, redis
ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools mailutils
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path "$path_url")
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
cp ../conf/production.yaml "$final_path/config/production.yaml"
#Copy the admin saved settings from tmp directory to final path
cp -a "$tmpdir/local-production.json" "$final_path/config/local-production.json"
# Remove the tmp directory securely
ynh_secure_remove "$tmpdir"
(cd "$final_path" && yarn install --production --pure-lockfile)
#=================================================
# NGINX CONFIGURATION
#=================================================
# Create a dedicated nginx config
ynh_add_nginx_config
chown -R root:root "$final_path"
chown -R "$app" "$datadir"
# Reload Nginx
systemctl reload nginx
#=================================================
# MODIFY A CONFIG FILE
#=================================================
ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml"
ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml"
ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml"
ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml"
ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml"
ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml"
# Recalculate and store the config file checksum into the app settings
ynh_store_file_checksum "$final_path/config/production.yaml"
#=================================================
# SETUP LOGROTATE
#=================================================
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append
#=================================================
# SETUP SYSTEMD
#=================================================
# Create a dedicated systemd config
ynh_add_systemd_config
# Set right permissions
chown -R "$app":"$app" "$final_path" "$datadir"
#=================================================
# SETUP SSOWAT
#=================================================
if [ $is_public -eq 0 ]
then # Remove the public access
ynh_app_setting_delete "$app" skipped_uris
fi
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set "$app" unprotected_uris "/"
fi
#=================================================
# RELOAD NGINX
#=================================================
systemctl reload nginx