gabriel
/
huginn_ynh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

update

master
Gabriel Cossette 5 years ago
parent
95eee12a93
commit
aba025d283
4 changed files with 58 additions and 224 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      manifest.json
  2. 88
      scripts/_common.sh
  3. 178
      scripts/install
  4. 2
      scripts/remove

14
manifest.json
View File

@ -18,7 +18,8 @@
"ask": { "ask": {
"en": "Choose a domain for huginn" "en": "Choose a domain for huginn"
}, },
"example": "example.com"
"example": "example.com",
"default": "huginn.wotest.weblibre.ca"
}, },
{ {
"name": "path", "name": "path",
@ -34,21 +35,24 @@
"ask": { "ask": {
"en": "Choose an admin user" "en": "Choose an admin user"
}, },
"example": "johndoe"
"example": "johndoe",
"default": "gab"
}, },
{ {
"name": "password", "name": "password",
"ask": { "ask": {
"en": "Choose an admin password" "en": "Choose an admin password"
}, },
"example": "supersecretpassword"
"example": "supersecretpassword",
"default": "gabgabgabgab"
}, },
{ {
"name": "invitation", "name": "invitation",
"ask": { "ask": {
"en": "Choose an invitation code for new users" "en": "Choose an invitation code for new users"
}, },
"example": "invitationcode"
"example": "invitationcode",
"default": "1234567890"
}, },
{ {
"name": "is_public", "name": "is_public",
@ -56,7 +60,7 @@
"en": "Is it a public application ?" "en": "Is it a public application ?"
}, },
"choices": ["Yes", "No"], "choices": ["Yes", "No"],
"default": "No"
"default": "Yes"
} }
] ]
} }

88
scripts/_common.sh
View File

@ -3,90 +3,4 @@
# COMMON VARIABLES # COMMON VARIABLES
#================================================= #=================================================
pkg_dependencies="zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev libxml2-dev libxslt1-dev libcurl4-openssl-dev libicu-dev python-docutils pkg-config cmake nodejs graphviz ruby2.5 bundler default-libmysqlclient-dev runit"
----------------
YNH_PHP_VERSION="7.3"
extra_php_dependencies="php${YNH_PHP_VERSION}-bz2 php${YNH_PHP_VERSION}-imap php${YNH_PHP_VERSION}-smbclient php${YNH_PHP_VERSION}-gmp php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-apcu php${YNH_PHP_VERSION}-redis php${YNH_PHP_VERSION}-ldap php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-igbinary php${YNH_PHP_VERSION}-bcmath"
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
# Check if an URL is already handled
# usage: is_url_handled --domain=DOMAIN --path=PATH_URI
is_url_handled() {
# Declare an array to define the options of this helper.
local legacy_args=dp
declare -Ar args_array=( [d]=domain= [p]=path= )
local domain
local path
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
# Try to get the url with curl, and keep the http code and an eventual redirection url.
local curl_output="$(curl --insecure --silent --output /dev/null \
--write-out '%{http_code};%{redirect_url}' https://127.0.0.1$path --header "Host: $domain" --resolve $domain:443:127.0.0.1)"
# Cut the output and keep only the first part to keep the http code
local http_code="${curl_output%%;*}"
# Do the same thing but keep the second part, the redirection url
local redirection="${curl_output#*;}"
# Return 1 if the url isn't handled.
# Which means either curl got a 404 (or the admin) or the sso.
# A handled url should redirect to a publicly accessible url.
# Return 1 if the url has returned 404
if [ "$http_code" = "404" ] || [[ $redirection =~ "/yunohost/admin" ]]; then
return 1
# Return 1 if the url is redirected to the SSO
elif [[ $redirection =~ "/yunohost/sso" ]]; then
return 1
fi
}
#=================================================
# Check available space before creating a temp directory.
#
# usage: ynh_smart_mktemp --min_size="Min size"
#
# | arg: -s, --min_size= - Minimal size needed for the temporary directory, in Mb
ynh_smart_mktemp () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [s]=min_size= )
local min_size
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
min_size="${min_size:-300}"
# Transform the minimum size from megabytes to kilobytes
min_size=$(( $min_size * 1024 ))
# Check if there's enough free space in a directory
is_there_enough_space () {
local free_space=$(df --output=avail "$1" | sed 1d)
test $free_space -ge $min_size
}
if is_there_enough_space /tmp; then
local tmpdir=/tmp
elif is_there_enough_space /var; then
local tmpdir=/var
elif is_there_enough_space /; then
local tmpdir=/
elif is_there_enough_space /home; then
local tmpdir=/home
else
ynh_die "Insufficient free space to continue..."
fi
echo "$(mktemp --directory --tmpdir="$tmpdir")"
}
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================
pkg_dependencies="zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev libxml2-dev libxslt1-dev libcurl4-openssl-dev libicu-dev python-docutils pkg-config cmake nodejs graphviz ruby2.5 bundler default-libmysqlclient-dev runit-systemd"

178
scripts/install
View File

@ -37,10 +37,10 @@ app=$YNH_APP_INSTANCE_NAME
ynh_script_progression --message="Validating installation parameters..." ynh_script_progression --message="Validating installation parameters..."
final_path=/home/huginn final_path=/home/huginn
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
#test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path # Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
ynh_webpath_register --app=$app --domain=$domain --path_url=$path
#================================================= #=================================================
# STORE SETTINGS FROM MANIFEST # STORE SETTINGS FROM MANIFEST
@ -64,6 +64,9 @@ ynh_script_progression --message="Installing dependencies..." --weight=10
ynh_install_app_dependencies $pkg_dependencies ynh_install_app_dependencies $pkg_dependencies
systemctl enable runit
systemctl start runit
#Install foreman gem #Install foreman gem
gem install foreman gem install foreman
@ -75,6 +78,9 @@ ynh_script_progression --message="Configuring system user..." --weight=3
# Create a system user # Create a system user
ynh_system_user_create --username=$app --home_dir=/home/huginn ynh_system_user_create --username=$app --home_dir=/home/huginn
mkdir /home/huginn
chown huginn: /home/huginn
#================================================= #=================================================
# CREATE A MYSQL DATABASE # CREATE A MYSQL DATABASE
#================================================= #=================================================
@ -92,194 +98,98 @@ ynh_script_progression --message="Setting up source files..."
cd /home/huginn cd /home/huginn
# Clone Huginn repository # Clone Huginn repository
sudo sudo -u huginn -H git clone https://github.com/cantino/huginn.git -b master huginn
sudo -u huginn -H git clone https://github.com/cantino/huginn.git -b master huginn
# Go to Huginn installation folder # Go to Huginn installation folder
cd /home/huginn/huginn cd /home/huginn/huginn
# Copy the example Huginn config # Copy the example Huginn config
sudo sudo -u huginn -H cp .env.example .env
sudo -u huginn -H cp .env.example .env
# Create the log/, tmp/pids/ and tmp/sockets/ directories # Create the log/, tmp/pids/ and tmp/sockets/ directories
sudo sudo -u huginn mkdir -p log tmp/pids tmp/sockets
sudo -u huginn mkdir -p log tmp/pids tmp/sockets
# Make sure Huginn can write to the log/ and tmp/ directories # Make sure Huginn can write to the log/ and tmp/ directories
sudo chown -R huginn log/ tmp/ sudo chown -R huginn log/ tmp/
sudo chmod -R u+rwX,go-w log/ tmp/
chmod -R u+rwX,go-w log/ tmp/
# Make sure permissions are set correctly # Make sure permissions are set correctly
sudo chmod -R u+rwX,go-w log/
sudo chmod -R u+rwX tmp/
sudo sudo -u huginn -H chmod o-rwx .env
chmod -R u+rwX,go-w log/
chmod -R u+rwX tmp/
sudo -u huginn -H chmod o-rwx .env
# Copy the example Unicorn config # Copy the example Unicorn config
sudo sudo -u huginn -H cp config/unicorn.rb.example config/unicorn.rb
sudo -u huginn -H cp config/unicorn.rb.example config/unicorn.rb
#Install Gems #Install Gems
#sudo sudo -u huginn -H bundle install --deployment --without development test
#sudo -u huginn -H bundle install --deployment --without development test
#RUN bundle install --path vendor/bundle --deployment --without development test #RUN bundle install --path vendor/bundle --deployment --without development test
sudo -u huginn -H bundle lock --update rails sudo -u huginn -H bundle lock --update rails
sudo -u huginn -H bundle install --path vendor/bundle sudo -u huginn -H bundle install --path vendor/bundle
#rake secret #rake secret
RAKE_SECRET=$(sudo sudo -u huginn -H rake secret)
RAKE_SECRET=$(sudo -u huginn -H rake secret)
#Edit .env #Edit .env
sudo sudo -u huginn -H sed -i "s/\(DATABASE_PASSWORD *= *\).*/\1\"$db_pwd\"/" .env
sudo sudo -u huginn -H sed -i "s/\(DATABASE_USERNAME *= *\).*/\1\"huginn\"/" .env
sudo sudo -u huginn -H sed -i "s/\(DATABASE_NAME *= *\).*/\1huginn/" .env
sudo sudo -u huginn -H sed -i "s/\(APP_SECRET_TOKEN *= *\).*/\1$RAKE_SECRET/" .env
sudo sudo -u huginn -H sed -i "s/\(INVITATION_CODE *= *\).*/\1$invitation/" .env
sudo -u huginn -H sed -i "s/\(DATABASE_PASSWORD *= *\).*/\1\"$db_pwd\"/" .env
sudo -u huginn -H sed -i "s/\(DATABASE_USERNAME *= *\).*/\1\"huginn\"/" .env
sudo -u huginn -H sed -i "s/\(DATABASE_NAME *= *\).*/\1huginn/" .env
sudo -u huginn -H sed -i "s/\(APP_SECRET_TOKEN *= *\).*/\1$RAKE_SECRET/" .env
sudo -u huginn -H sed -i "s/\(INVITATION_CODE *= *\).*/\1$invitation/" .env
#uncomment RAILS_ENV #uncomment RAILS_ENV
sudo sudo -u huginn -H sed -i '/# RAILS_ENV=production/s/^# //' .env
sudo -u huginn -H sed -i '/# RAILS_ENV=production/s/^# //' .env
# Create the database # Create the database
sudo sudo -u huginn -H bundle exec rake db:create RAILS_ENV=production
sudo -u huginn -H bundle exec rake db:create RAILS_ENV=production
# Migrate to the latest version # Migrate to the latest version
sudo sudo -u huginn -H bundle exec rake db:migrate RAILS_ENV=production
sudo -u huginn -H bundle exec rake db:migrate RAILS_ENV=production
# Create admin user and example agents # Create admin user and example agents
sudo sudo -u huginn -H bundle exec rake db:seed RAILS_ENV=production SEED_USERNAME=$admin SEED_PASSWORD=$admin_pwd
sudo -u huginn -H bundle exec rake db:seed RAILS_ENV=production SEED_USERNAME=$admin SEED_PASSWORD=$admin_pwd
# Compile Assets # Compile Assets
sudo sudo -u huginn -H bundle exec rake assets:precompile RAILS_ENV=production
sudo -u huginn -H bundle exec rake assets:precompile RAILS_ENV=production
#Edit the `Procfile` #Edit the `Procfile`
cd $old_pwd cd $old_pwd
sudo cp ../conf/Procfile /home/huginn/huginn/
cp ../conf/Procfile /home/huginn/huginn/
cd /home/huginn/huginn/ cd /home/huginn/huginn/
#Export the init scripts: #Export the init scripts:
sudo rake production:export sudo rake production:export
#USER root
CMD ["bundle", "exec", "foreman", "start"]
#================================================= #=================================================
# SETUP LOGROTATE
# NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring log rotation..."
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile="$datadir/huginn.log"
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Modify Nginx configuration file and copy it to Nginx conf directory # Modify Nginx configuration file and copy it to Nginx conf directory
cd $old_pwd cd $old_pwd
sed -i "s@YNH_WWW_PATH@$path@g" ../conf/nginx.conf sed -i "s@YNH_WWW_PATH@$path@g" ../conf/nginx.conf
sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/nginx.conf sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/nginx.conf
sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$APP.conf
cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
#=================================================
# SETUP LOGROTATE
#=================================================
#ynh_script_progression --message="Configuring log rotation..."
# Use logrotate to manage application logfile(s)
#ynh_use_logrotate --logfile="$datadir/huginn.log"
# If APP is public, add url to SSOWat conf as skipped_uris # If APP is public, add url to SSOWat conf as skipped_uris
if [ "$is_public" = "Yes" ]; if [ "$is_public" = "Yes" ];
then then
# unprotected_uris allows SSO credentials to be passed anyway. # unprotected_uris allows SSO credentials to be passed anyway.
sudo yunohost app setting $APP unprotected_uris -v "/"
yunohost app setting $app unprotected_uris -v "/"
fi fi
#don't know where to desactivate the default in nginx, so i just delete it
sudo rm /usr/share/nginx/html/index.html
# Restart services # Restart services
sudo service nginx reload
sudo yunohost app ssowatconf
---------------
# Enable YunoHost patches on Nextcloud sources
cp -a ../sources/patches_last_version/* ../sources/patches
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=50
# Create a dedicated php-fpm config
ynh_add_fpm_config --usage=medium --footprint=high --phpversion=$YNH_PHP_VERSION --package="$extra_php_dependencies"
# Used by ynh_add_nginx_config
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Fix app ownerships & permissions
chown -R $app: "$final_path" "$datadir"
find $final_path/ -type f -print0 | xargs -0 chmod 0644
find $final_path/ -type d -print0 | xargs -0 chmod 0755
find $datadir/ -type f -print0 | xargs -0 chmod 0640
find $datadir/ -type d -print0 | xargs -0 chmod 0750
chmod 640 "$final_path/config/config.php"
chmod 755 /home/yunohost.app
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring SSOwat..."
ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true"
yunohost app ssowatconf
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
@ -293,3 +203,9 @@ ynh_systemd_action --service_name=nginx --action=reload
#================================================= #=================================================
ynh_script_progression --message="Installation of $app completed" --last ynh_script_progression --message="Installation of $app completed" --last
# SSOWat?
# Fail2ban?
# sudo rm /usr/share/nginx/html/index.html

2
scripts/remove
View File

@ -16,7 +16,7 @@ sudo rake production:stop
sudo rm -rf /home/$app sudo rm -rf /home/$app
root_pwd=$(sudo cat /etc/yunohost/mysql) root_pwd=$(sudo cat /etc/yunohost/mysql)
mysql -u root -p$root_pwd -e "DROP DATABASE huginn_production ; DROP USER $APP@localhost ;"
mysql -u root -p$root_pwd -e "DROP DATABASE huginn ; DROP USER $APP@localhost ;"
sudo userdel huginn sudo userdel huginn

Write Preview
Loading…
Cancel
Save