first

scripts/_common.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+#=================================================
+# COMMON VARIABLES AND CUSTOM HELPERS
+#=================================================

scripts/backup

@@ -0,0 +1,80 @@
+#!/bin/bash
+
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
+source ../settings/scripts/_common.sh
+source /usr/share/yunohost/helpers
+
+ynh_print_info "Declaring files to be backed up..."
+
+### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs
+### to be backuped and not an actual copy of any file. The actual backup that
+### creates and fills the archive with the files happens in the core after this
+### script is called. Hence ynh_backups calls take basically 0 seconds to run.
+
+#=================================================
+# BACKUP THE APP MAIN DIR
+#=================================================
+
+ynh_backup "$install_dir"
+
+#=================================================
+# BACKUP THE DATA DIR
+#=================================================
+
+# Only relevant if there is a "data_dir" resource for this app
+# NB: $data_dir is not backuped during safety-backup-before-upgrades,
+# because the data dir may be huge and we don't want to just yolo-create a 10+ GB archive just for upgrades.
+# On the other hand, $data_dir is also *not* removed by default in the "app remove" step unless --purge is used
+# This means that even if the upgrade fails and the backup is restored, the data are still there.
+ynh_backup "$data_dir"
+
+#=================================================
+# BACKUP SYSTEM CONFIGURATION
+#=================================================
+
+# Backup the PHP-FPM configuration
+ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf"
+
+# Backup the NGINX configuration
+ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
+
+# Backup the systemd service unit
+ynh_backup "/etc/systemd/system/$app.service"
+
+# Backup the logrotate configuration
+ynh_backup "/etc/logrotate.d/$app"
+
+# Backup the Fail2Ban config
+ynh_backup "/etc/fail2ban/jail.d/$app.conf"
+ynh_backup "/etc/fail2ban/filter.d/$app.conf"
+
+#=================================================
+# BACKUP VARIOUS FILES
+#=================================================
+
+ynh_backup "/etc/cron.d/$app"
+
+ynh_backup "/etc/$app/"
+
+# NB: /var/log is not backuped during safety-backup-before-upgrades, same as $data_dir
+ynh_backup "/var/log/$app/"
+
+#=================================================
+# BACKUP THE MYSQL DATABASE
+#=================================================
+ynh_print_info "Backing up the MySQL database..."
+
+### (However, things like MySQL dumps *do* take some time to run, though the
+### copy of the generated dump to the archive still happens later)
+
+ynh_mysql_dump_db > db.sql
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

scripts/change_url

@@ -0,0 +1,46 @@
+#!/bin/bash
+
+## this script is only run if actual change to domain/path is detected, if you're here either $domain or $path changed
+## new location is available via $domain and $path (or $new_domain and $new_path variables if you want to be explicit)
+## old values are available via, you guessed it, $old_domain and $old_path
+
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# STOP SYSTEMD SERVICE
+#=================================================
+ynh_script_progression "Stopping $app's systemd service..."
+
+ynh_systemctl --service="$app" --action="stop"
+
+#=================================================
+# MODIFY URL IN NGINX CONF
+#=================================================
+ynh_script_progression "Updating NGINX web server configuration..."
+
+# this will most likely adjust NGINX config correctly
+ynh_config_change_url_nginx
+
+#=================================================
+# SPECIFIC MODIFICATIONS
+#=================================================
+
+## do any changes to files that reference specific installation domain/path, i.e. regenerate configs etc
+
+#=================================================
+# START SYSTEMD SERVICE
+#=================================================
+ynh_script_progression "Starting $app's systemd service..."
+
+ynh_systemctl --service="$app" --action="start"
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression "Change of URL completed for $app"

scripts/config

@@ -0,0 +1,96 @@
+#!/bin/bash
+# In simple cases, you don't need a config script.
+
+# With a simple config_panel.toml, you can write in the app settings, in the
+# upstream config file or replace complete files (logo ...) and restart services.
+
+# The config scripts allows you to go further, to handle specific cases
+# (validation of several interdependent fields, specific getter/setter for a value,
+# display dynamic informations or choices, pre-loading of config type .cube... ).
+
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source /usr/share/yunohost/helpers
+
+ynh_abort_if_errors
+
+#=================================================
+# RETRIEVE ARGUMENTS
+#=================================================
+
+install_dir=$(ynh_app_setting_get --key=install_dir)
+
+#=================================================
+# SPECIFIC GETTERS FOR TOML SHORT KEY
+#=================================================
+
+get__amount() {
+    # Here we can imagine to have an API call to stripe to know the amount of donation during a month
+    local amount=200
+
+    # It's possible to change some properties of the question by overriding it:
+    if [ "$amount" -gt 100 ]; then
+    cat << EOF
+style: success
+value: $amount
+ask:
+  en: A lot of donation this month: **$amount €**
+EOF
+    else
+    cat << EOF
+style: danger
+value: $amount
+ask:
+  en: Not so much donation this month: $amount €
+EOF
+    fi
+}
+
+get__prices() {
+    local prices
+    prices="$(grep "DONATION\['" "$install_dir/settings.py" | sed -r "s@^DONATION\['([^']*)'\]\['([^']*)'\] = '([^']*)'@\1/\2/\3@g" | sed -z 's/\n/,/g;s/,$/\n/')"
+    if [ "$prices" == "," ]; then
+        # Return YNH_NULL if you prefer to not return a value at all.
+        echo YNH_NULL
+    else
+        echo "$prices"
+    fi
+}
+
+#=================================================
+# SPECIFIC VALIDATORS FOR TOML SHORT KEYS
+#=================================================
+validate__publishable_key() {
+
+    # We can imagine here we test if the key is really a publishable key
+    (is_secret_key "$publishable_key") &&
+        echo 'This key seems to be a secret key'
+}
+
+#=================================================
+# SPECIFIC SETTERS FOR TOML SHORT KEYS
+#=================================================
+set__prices() {
+
+    #---------------------------------------------
+    # IMPORTANT: setters are triggered only if a change is detected
+    #---------------------------------------------
+    for price in $(echo "$prices" | sed "s/,/ /"); do
+        frequency=$(echo "$price" | cut -d/ -f1)
+        currency=$(echo "$price" | cut -d/ -f2)
+        price_id=$(echo "$price" | cut -d/ -f3)
+        sed "d/DONATION\['$frequency'\]\['$currency'\]" "$install_dir/settings.py"
+
+        echo "DONATION['$frequency']['$currency'] = '$price_id'" >> "$install_dir/settings.py"
+    done
+
+    #---------------------------------------------
+    # IMPORTANT: to be able to upgrade properly, you have to save the value in settings too
+    #---------------------------------------------
+    ynh_app_setting_set --key=prices --value="$prices"
+}
+
+#=================================================
+ynh_app_config_run "$1"

scripts/install

@@ -0,0 +1,200 @@
+#!/bin/bash
+
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
+source /usr/share/yunohost/helpers
+
+### Install parameters are automatically saved as settings
+###
+### Settings are automatically loaded as bash variables
+### in every app script context, therefore typically these will exist:
+### - $domain
+### - $path
+### - $language
+### ... etc
+###
+### Resources defined in the manifest are provisioned prior to this script
+### and corresponding settings are also available, such as:
+### - $install_dir
+### - $port
+### - $db_name
+### ...
+###
+### $app is the app id (i.e. 'example' for first install,
+### or 'example__2', '__3'... for multi-instance installs)
+
+#=================================================
+# INITIALIZE AND STORE SETTINGS
+#=================================================
+
+# If you need to, you can define custom settings
+# (or remove this section entirely if not relevant for you)
+# foo="bar"
+# ynh_app_setting_set --key=foo --value=$foo
+
+# ynh_app_setting_set --key=php_upload_max_filesize --value=50M
+# ynh_app_setting_set --key=php_post_max_size --value=50M
+
+#=================================================
+# DOWNLOAD, CHECK AND UNPACK SOURCE
+#=================================================
+ynh_script_progression "Setting up source files..."
+
+### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
+### downloaded from an upstream source, like a git repository.
+### `ynh_setup_source` use the file manifest.toml
+
+# Download, check integrity, uncompress and patch the source from manifest.toml
+ynh_setup_source --dest_dir="$install_dir"
+
+### $install_dir will automatically be initialized with some decent
+### permission by default... however, you may need to recursively reapply
+### ownership to all files such as after the ynh_setup_source step
+chown -R "$app:www-data" "$install_dir"
+
+#=================================================
+# APP INITIAL CONFIGURATION
+#=================================================
+ynh_script_progression "Adding $app's configuration files..."
+
+### You can add specific configuration files.
+###
+### Typically, put your template conf file in ../conf/your_config_file
+### The template may contain strings such as __FOO__ or __FOO_BAR__,
+### which will automatically be replaced by the values of $foo and $foo_bar
+###
+### ynh_config_add will also keep track of the config file's checksum,
+### which later during upgrade may allow to automatically backup the config file
+### if it's found that the file was manually modified
+###
+### Check the documentation of `ynh_config_add` for more info.
+
+# ynh_config_add --template="some_config_file" --destination="$install_dir/some_config_file"
+
+# FIXME: this should be handled by the core in the future
+### You may need to use chmod 600 instead of 400,
+### for example if the app is expected to be able to modify its own config
+chmod 400 "$install_dir/src/models/config.js"
+chown "$app:$app" "$install_dir/src/models/config.js"
+
+### For more complex cases where you want to replace stuff using regexes,
+### you shoud rely on ynh_replace (which is basically a wrapper for sed)
+### When doing so, you also need to manually call ynh_store_file_checksum
+###
+ynh_replace --match="localhost:1234" --replace="localhost:__PORT__" --file="$install_dir/src/models/config.js"
+ynh_replace --match="localhost:8080" --replace="localhost:__PORT_API__" --file="$install_dir/src/models/config.js"
+ynh_store_file_checksum "$install_dir/src/models/config.js"
+
+#=================================================
+# SYSTEM CONFIGURATION
+#=================================================
+ynh_script_progression "Adding system configurations related to $app..."
+
+### `ynh_config_add_phpfpm` is used to set up a PHP config.
+### You can remove it if your app doesn't use PHP.
+### `ynh_config_add_phpfpm` will use the files conf/extra_php-fpm.conf
+### If you're not using these lines:
+###   - You can remove these files in conf/.
+###   - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script
+###   - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script
+###   - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script
+###     with the reload at the end of the script.
+###   - And the section "PHP-FPM CONFIGURATION" in the upgrade script
+
+# Create a PHP-FPM config (with conf/extra_php-fpm.conf being appended to it)
+# ynh_config_add_phpfpm
+
+# Create a dedicated NGINX config using the conf/nginx.conf template
+ynh_config_add_nginx
+
+### `ynh_config_add_systemd` is used to configure a systemd script for an app.
+### It can be used for apps that use sysvinit (with adaptation) or systemd.
+### Have a look at the app to be sure this app needs a systemd script.
+### `ynh_config_add_systemd` will use the file conf/systemd.service
+### If you're not using these lines:
+###   - You can remove those files in conf/.
+###   - Remove the section "BACKUP SYSTEMD" in the backup script
+###   - Remove also the section "STOP AND REMOVE SERVICE" in the remove script
+###   - As well as the section "RESTORE SYSTEMD" in the restore script
+###   - And the section "SETUP SYSTEMD" in the upgrade script
+
+# Create a dedicated systemd config
+ynh_config_add_systemd
+
+### `yunohost service add` integrates a service in YunoHost. It then gets
+### displayed in the admin interface and through the others `yunohost service` commands.
+### (N.B.: this line only makes sense if the app adds a service to the system!)
+### If you're not using these lines:
+###   - You can remove these files in conf/.
+###   - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script
+###   - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script
+###   - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script
+
+### Additional options starting with 3.8:
+###
+### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed
+###                               which will then be checked by YunoHost's diagnosis system
+###                               (N.B. DO NOT USE THIS if the port is only internal!!!)
+###
+### --test_status "some command"  a custom command to check the status of the service
+###                               (only relevant if 'systemctl status' doesn't do a good job)
+###
+### --test_conf "some command"    some command similar to "nginx -t" that validates the conf of the service
+###
+### Re-calling 'yunohost service add' during the upgrade script is the right way
+### to proceed if you later realize that you need to enable some flags that
+### weren't enabled on old installs (be careful it'll override the existing
+### service though so you should re-provide all relevant flags when doing so)
+yunohost service add "$app" --description="A short description of the app" --log="/var/log/$app/$app.log"
+
+### `ynh_config_add_logrotate` is used to configure a logrotate configuration for the logs of this app.
+### Use this helper only if there is effectively a log file for this app.
+### If you're not using this helper:
+###   - Remove the section "BACKUP LOGROTATE" in the backup script
+###   - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script
+###   - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script
+###   - And the section "SETUP LOGROTATE" in the upgrade script
+
+# Use logrotate to manage application logfile(s)
+ynh_config_add_logrotate
+
+# Create a dedicated Fail2Ban config
+ynh_config_add_fail2ban --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
+
+#=================================================
+# SETUP APPLICATION WITH CURL
+#=================================================
+
+### Use these lines only if the app installation needs to be finalized through
+### web forms. We generally don't want to ask the final user,
+### so we're going to use curl to automatically fill the fields and submit the
+### forms.
+
+# Installation with curl
+ynh_script_progression "Finalizing installation..."
+ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
+
+#=================================================
+# START SYSTEMD SERVICE
+#=================================================
+ynh_script_progression "Starting $app's systemd service..."
+
+### `ynh_systemctl` is used to start a systemd service for an app.
+### Only needed if you have configure a systemd service
+### If you're not using these lines:
+###   - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script
+###   - As well as the section "START SYSTEMD SERVICE" in the restore script
+###   - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script
+###   - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script
+
+# Start a systemd service
+ynh_systemctl --service="$app" --action="start"
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression "Installation of $app completed"

scripts/remove

@@ -0,0 +1,52 @@
+#!/bin/bash
+
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
+source /usr/share/yunohost/helpers
+
+### Settings are automatically loaded as bash variables
+### in every app script context, therefore typically these will exist:
+### - $domain
+### - $path
+### - $language
+### - $install_dir
+### - $port
+### ...
+
+### For remove operations:
+### - the core will deprovision every resource defined in the manifest **after** this script is ran
+### this includes removing the install directory, and data directory (if --purge was used)
+
+#=================================================
+# REMOVE SYSTEM CONFIGURATIONS
+#=================================================
+ynh_script_progression "Removing system configurations related to $app..."
+
+### This should be a symetric version of what happens in the install script
+
+ynh_config_remove_fail2ban
+
+ynh_config_remove_logrotate
+
+# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
+if ynh_hide_warnings yunohost service status "$app" >/dev/null; then
+    yunohost service remove "$app"
+fi
+ynh_config_remove_systemd
+
+ynh_config_remove_nginx
+
+# Remove other various files specific to the app... such as:
+
+ynh_safe_rm "/etc/cron.d/$app"
+
+ynh_safe_rm "/etc/$app"
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression "Removal of $app completed"

scripts/restore

@@ -0,0 +1,80 @@
+#!/bin/bash
+
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
+source ../settings/scripts/_common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# RESTORE THE APP MAIN DIR
+#=================================================
+ynh_script_progression "Restoring the app main directory..."
+
+ynh_restore "$install_dir"
+
+### $install_dir will automatically be initialized with some decent
+### permissions by default... however, you may need to recursively reapply
+### ownership to all files such as after the ynh_setup_source step
+chown -R "$app:www-data" "$install_dir"
+
+#=================================================
+# RESTORE THE DATA DIRECTORY
+#=================================================
+ynh_script_progression "Restoring the data directory..."
+
+ynh_restore "$data_dir"
+
+### (Same as for install dir)
+chown -R "$app:www-data" "$data_dir"
+
+#=================================================
+# RESTORE THE MYSQL DATABASE
+#=================================================
+ynh_script_progression "Restoring the MySQL database..."
+
+ynh_mysql_db_shell < ./db.sql
+
+#=================================================
+# RESTORE SYSTEM CONFIGURATIONS
+#=================================================
+ynh_script_progression "Restoring system configurations related to $app..."
+
+### This should be a symetric version of what happens in the install script
+
+ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf"
+
+ynh_restore "/etc/systemd/system/$app.service"
+systemctl enable "$app.service" --quiet
+
+yunohost service add "$app" --description="A short description of the app" --log="/var/log/$app/$app.log"
+
+ynh_restore "/etc/logrotate.d/$app"
+
+ynh_restore "/etc/fail2ban/jail.d/$app.conf"
+ynh_restore "/etc/fail2ban/filter.d/$app.conf"
+ynh_systemctl --action=restart --service=fail2ban
+
+#=================================================
+# RESTORE VARIOUS FILES
+#=================================================
+
+ynh_restore "/etc/cron.d/$app"
+ynh_restore "/etc/$app/"
+
+### For apps with huge logs, you might want to not backup logs every time:
+### The mkdir call is just here in case the log directory was not backed up.
+### mkdir -p "/var/log/$app"
+### chown $app:www-data "/var/log/$app"
+### ynh_restore "/var/log/$app/" || true
+###
+### For other apps, the simple way is better:
+ynh_restore "/var/log/$app/"
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression "Restoration completed for $app"

scripts/upgrade

@@ -0,0 +1,116 @@
+#!/bin/bash
+
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
+source /usr/share/yunohost/helpers
+
+### Settings are automatically loaded as bash variables
+### in every app script context, therefore typically these will exist:
+### - $domain
+### - $path
+### - $language
+### - $install_dir
+### - $port
+### ...
+
+### In the context of upgrade,
+### - resources are automatically provisioned / updated / deleted (depending on existing resources)
+### - a safety backup is automatically created by the core and will be restored if the upgrade fails
+
+#=================================================
+# STOP SYSTEMD SERVICE
+#=================================================
+ynh_script_progression "Stopping $app's systemd service..."
+
+ynh_systemctl --service="$app" --action="stop"
+
+#=================================================
+# ENSURE DOWNWARD COMPATIBILITY
+#=================================================
+ynh_script_progression "Ensuring downward compatibility..."
+
+### N.B. : the following setting migration snippets are provided as *EXAMPLES*
+### of what you may want to do in some cases (e.g. a setting was not defined on
+### some legacy installs and you therefore want to initiaze stuff during upgrade)
+
+# If db_name doesn't exist, create it
+# ynh_app_setting_set_default --key=db_name --value="$(ynh_sanitize_dbid --db_name=$app)"
+
+# If install_dir doesn't exist, create it
+# ynh_app_setting_set_default --key=install_dir --value="/var/www/$app"
+
+#=================================================
+# DOWNLOAD, CHECK AND UNPACK SOURCE
+#=================================================
+ynh_script_progression "Upgrading source files..."
+
+### ynh_setup_source can wipe the destination dir if called with --full_replace.
+### On upgrade, that is certainly what you want, to remove any old source file that
+### does not exist in the new version of the software.
+### You can list with --keep every file/directory to *not* wipe or overwrite,
+### useful for configuration files, data directories, or plugins.
+# Download, check integrity, uncompress and patch the source from manifest.toml
+ynh_setup_source --dest_dir="$install_dir" --full_replace --keep=".env data"
+
+### $install_dir will automatically be initialized with some decent
+### permissions by default... however, you may need to recursively reapply
+### ownership to all files such as after the ynh_setup_source step
+chown -R "$app:www-data" "$install_dir"
+
+#=================================================
+# UPDATE A CONFIG FILE
+#=================================================
+ynh_script_progression "Updating $app's configuration files..."
+
+### Same as during install
+###
+### The file will automatically be backed-up if it's found to be manually modified (because
+### ynh_config_add keeps track of the file's checksum)
+
+ynh_config_add --template="some_config_file" --destination="$install_dir/some_config_file"
+
+# FIXME: this should be handled by the core in the future
+### You may need to use chmod 600 instead of 400,
+### for example if the app is expected to be able to modify its own config
+chmod 400 "$install_dir/some_config_file"
+chown "$app:$app" "$install_dir/some_config_file"
+
+### For more complex cases where you want to replace stuff using regexes,
+### you shoud rely on ynh_replace (which is basically a wrapper for sed)
+### When doing so, you also need to manually call ynh_store_file_checksum
+###
+### ynh_replace --match="match_string" --replace="replace_string" --file="$install_dir/some_config_file"
+### ynh_store_file_checksum "$install_dir/some_config_file"
+
+#=================================================
+# REAPPLY SYSTEM CONFIGURATIONS
+#=================================================
+ynh_script_progression "Upgrading system configurations related to $app..."
+
+### This should be a literal copypaste of what happened in the install's "System configuration" section
+
+ynh_config_add_nginx
+
+ynh_config_add_systemd
+
+yunohost service add "$app" --description="A short description of the app" --log="/var/log/$app/$app.log"
+
+ynh_config_add_logrotate
+
+ynh_config_add_fail2ban --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
+
+#=================================================
+# START SYSTEMD SERVICE
+#=================================================
+ynh_script_progression "Starting $app's systemd service..."
+
+ynh_systemctl --service="$app" --action="start"
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression "Upgrade of $app completed"