From c4c7e9479de690e35a43d12477d07ebd08233a4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 2 Oct 2023 23:00:47 +0200 Subject: [PATCH 01/23] cleaning --- manifest.toml | 2 +- scripts/restore | 16 +++++++--------- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/manifest.toml b/manifest.toml index fadc015..a22013c 100644 --- a/manifest.toml +++ b/manifest.toml @@ -17,7 +17,7 @@ admindoc = "https://fr.scratch-wiki.info/wiki/Scratch_3.0" code = "https://github.com/LLK/scratch-gui" [integration] -yunohost = ">= 11.1.21" +yunohost = ">= 11.2" architectures = "all" multi_instance = true ldap = false diff --git a/scripts/restore b/scripts/restore index 16f767b..a5c61fd 100644 --- a/scripts/restore +++ b/scripts/restore @@ -10,15 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -29,6 +20,13 @@ ynh_restore_file --origin_path="$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + #================================================= # GENERIC FINALIZATION #================================================= From 75a94fc97deb94e280d38da8d24335f4ac413cf1 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Date: Mon, 18 Dec 2023 21:33:27 +0100 Subject: [PATCH 02/23] Update to 3.2.37 --- manifest.toml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/manifest.toml b/manifest.toml index a22013c..28c4d8f 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,16 +5,16 @@ name = "Scratch" description.en = "Programming language to create your own interactive stories, games, and animations" description.fr = "Langage de programmation pour créer vos propres histoires, jeux et animations interactifs" -version = "3.0~ynh4" +version = "3.2.37~ynh1" maintainers = [] [upstream] license = "BSD-3-Clause" website = "https://scratch.mit.edu/" -demo = "https://llk.github.io/scratch-gui/develop/" -admindoc = "https://fr.scratch-wiki.info/wiki/Scratch_3.0" -code = "https://github.com/LLK/scratch-gui" +demo = "https://scratch.mit.edu/projects/editor/?tutorial=getStarted" +admindoc = "https://scratch-wiki.info/wiki/Scratch_3.0" +code = "https://github.com/scratchfoundation/scratch-gui" [integration] yunohost = ">= 11.2" @@ -40,8 +40,9 @@ ram.runtime = "50M" [resources] [resources.sources.main] - url = "https://github.com/YunoHost-Apps/scratch_ynh/releases/download/3.0-beta/scratch.zip" - sha256 = "61aedce5a9f02534ca57e08b24eaedd9c5bb8077c1541211ca7688e277f3979f" + url = "https://github.com/scratchfoundation/scratch-gui/releases/download/v3.2.37/scratch-gui-3.2.37.tgz" + sha256 = "be21b9ad93e64ec5fda21cf212efab81dbd76d87f9ce10cada9a9219ba0c558a" + autoupdate.strategy = "latest_github_release" [resources.system_user] From 147a2be4d2d1a1678b59d1905183a11695dcdc2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 11:29:16 +0200 Subject: [PATCH 03/23] build the app with node --- conf/nginx.conf | 18 +++++++++++------- conf/systemd.service | 45 ++++++++++++++++++++++++++++++++++++++++++++ manifest.toml | 6 ++++++ scripts/backup | 6 +++++- scripts/install | 34 +++++++++++++++++++++++++++++++-- scripts/remove | 15 ++++++++++++--- scripts/restore | 16 ++++++++++++---- scripts/upgrade | 30 ++++++++++++++++++----------- 8 files changed, 142 insertions(+), 28 deletions(-) create mode 100644 conf/systemd.service diff --git a/conf/nginx.conf b/conf/nginx.conf index 9c7977a..af69dcd 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,11 +1,15 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - # Path to source - alias __INSTALL_DIR__/ ; - - index index.html; + proxy_pass http://127.0.0.1:__PORT__/; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; -} \ No newline at end of file + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; +} diff --git a/conf/systemd.service b/conf/systemd.service new file mode 100644 index 0000000..83c3c9e --- /dev/null +++ b/conf/systemd.service @@ -0,0 +1,45 @@ +[Unit] +Description=Scratch +After=syslog.target network.target + +[Service] +Type=simple +User=__APP__ +Group=__APP__ +WorkingDirectory=__INSTALL_DIR__/ +Environment="__YNH_NODE_LOAD_PATH__" +ExecStart=__YNH_NPM__ start + + +# Sandboxing options to harden security +# Depending on specificities of your service/app, you may need to tweak these +# .. but this should be a good baseline +# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +DevicePolicy=closed +ProtectSystem=full +ProtectControlGroups=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +LockPersonality=yes +SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap + +# Denying access to capabilities that should not be relevant for webapps +# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html +CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD +CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE +CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT +CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK +CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM +CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG +CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE +CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW +CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG + +[Install] +WantedBy=multi-user.target diff --git a/manifest.toml b/manifest.toml index 28c4d8f..6867f90 100644 --- a/manifest.toml +++ b/manifest.toml @@ -20,8 +20,11 @@ code = "https://github.com/scratchfoundation/scratch-gui" yunohost = ">= 11.2" architectures = "all" multi_instance = true + ldap = false + sso = false + disk = "50M" ram.build = "50M" ram.runtime = "50M" @@ -50,3 +53,6 @@ ram.runtime = "50M" [resources.permissions] main.url = "/" + + [resources.ports] + diff --git a/scripts/backup b/scripts/backup index 52eea5b..f31d78a 100644 --- a/scripts/backup +++ b/scripts/backup @@ -22,11 +22,15 @@ ynh_print_info --message="Declaring files to be backed up..." ynh_backup --src_path="$install_dir" #================================================= -# BACKUP THE NGINX CONFIGURATION +# SYSTEM CONFIGURATION #================================================= +# Backup the nginx configuration ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" +# Backup the systemd service unit +ynh_backup --src_path="/etc/systemd/system/$app.service" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 2bc5d1f..f5b7d6a 100644 --- a/scripts/install +++ b/scripts/install @@ -9,6 +9,13 @@ source _common.sh source /usr/share/yunohost/helpers +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing nodejs..." --weight=50 + +ynh_install_nodejs --nodejs_version=$nodejs_version + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -21,13 +28,36 @@ chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" #================================================= -# NGINX CONFIGURATION +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=2 +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 # Create a dedicated nginx config ynh_add_nginx_config +# Create a dedicated systemd config +ynh_add_systemd_config + +yunohost service add "$app" --description="Language to create your own interactive stories" --log="/var/log/$app/$app.log" + +#================================================= +# INSTALL ETHERPAD +#================================================= +ynh_script_progression --message="Installing $app..." --weight=40 + +pushd "$install_dir" + ynh_use_nodejs + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH $ynh_npm install +popd + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting $app's systemd service..." --weight=1 + +# Start a systemd service +ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index e7f44d8..d5f8f6c 100644 --- a/scripts/remove +++ b/scripts/remove @@ -10,13 +10,22 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# REMOVE NGINX CONFIGURATION +# REMOVE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 + +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status "$app" >/dev/null; then + ynh_script_progression --message="Removing $app service integration..." --weight=1 + yunohost service remove "$app" +fi + +ynh_remove_systemd_config -# Remove the dedicated NGINX config ynh_remove_nginx_config +ynh_remove_nodejs + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index a5c61fd..d40859c 100644 --- a/scripts/restore +++ b/scripts/restore @@ -25,14 +25,22 @@ chown -R $app:www-data "$install_dir" #================================================= ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 +ynh_install_nodejs --nodejs_version=$nodejs_version + ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +systemctl enable "$app.service" --quiet + +yunohost service add "$app" --description="Language to create your own interactive stories" --log="/var/log/$app/$app.log" + #================================================= -# GENERIC FINALIZATION +# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= -# RELOAD NGINX AND PHP-FPM -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 + +### Typically you only have either $app or php-fpm but not both at the same time... +ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index f905c2f..2ffa286 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -10,34 +10,42 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# CHECK VERSION +# STOP SYSTEMD SERVICE #================================================= +ynh_script_progression --message="Stopping $app's systemd service..." --weight=1 -upgrade_type=$(ynh_check_app_version_changed) +ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_script_progression --message="Upgrading source files..." --weight=5 -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." --weight=5 - - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$install_dir" -fi +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" #================================================= -# NGINX CONFIGURATION +# UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_script_progression --message="Updating $app's configuration files..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config +ynh_add_systemd_config + +yunohost service add "$app" --description="Language to create your own interactive stories" --log="/var/log/$app/$app.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting $app's systemd service..." --weight=1 + +ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" + #================================================= # END OF SCRIPT #================================================= From 5228d7c185c9cbb230d3b3810edd6ac7d419ba5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 12:04:38 +0200 Subject: [PATCH 04/23] Update _common.sh --- scripts/_common.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/_common.sh b/scripts/_common.sh index 944a65e..d1bb498 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,6 +4,9 @@ # COMMON VARIABLES #================================================= +# NodeJS version +nodejs_version=20 + #================================================= # PERSONAL HELPERS #================================================= From ec39bec493662d277447fa4330c6277226fb06a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 12:18:24 +0200 Subject: [PATCH 05/23] Update install --- scripts/install | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/install b/scripts/install index f5b7d6a..6d41b1e 100644 --- a/scripts/install +++ b/scripts/install @@ -48,6 +48,7 @@ ynh_script_progression --message="Installing $app..." --weight=40 pushd "$install_dir" ynh_use_nodejs ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH $ynh_npm install + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm run build popd #================================================= From fa248eb3537edc0d3d9ca2308619e3ca4e5be88c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 12:32:36 +0200 Subject: [PATCH 06/23] fix --- scripts/_common.sh | 2 +- scripts/install | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index d1bb498..8bf600d 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # NodeJS version -nodejs_version=20 +nodejs_version=18 #================================================= # PERSONAL HELPERS diff --git a/scripts/install b/scripts/install index 6d41b1e..dcefb36 100644 --- a/scripts/install +++ b/scripts/install @@ -49,6 +49,7 @@ pushd "$install_dir" ynh_use_nodejs ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH $ynh_npm install ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm run build + ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm link popd #================================================= From af6fc6ad40bc63108d41cd1d3661ed06e0bede58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 12:39:52 +0200 Subject: [PATCH 07/23] Update _common.sh --- scripts/_common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 8bf600d..cc5c349 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # NodeJS version -nodejs_version=18 +nodejs_version=16 #================================================= # PERSONAL HELPERS From 4a12bdf3a4791ce55fbb0029593455f98d51e452 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 13:17:39 +0200 Subject: [PATCH 08/23] Update _common.sh --- scripts/_common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index cc5c349..1a6a327 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # NodeJS version -nodejs_version=16 +nodejs_version=14 #================================================= # PERSONAL HELPERS From 6aff50e305798494132ec880dcaedc6bce59bf88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 13:27:09 +0200 Subject: [PATCH 09/23] fix --- scripts/_common.sh | 2 +- scripts/install | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 1a6a327..8bf600d 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # NodeJS version -nodejs_version=14 +nodejs_version=18 #================================================= # PERSONAL HELPERS diff --git a/scripts/install b/scripts/install index dcefb36..30db3b7 100644 --- a/scripts/install +++ b/scripts/install @@ -49,7 +49,7 @@ pushd "$install_dir" ynh_use_nodejs ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH $ynh_npm install ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm run build - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm link + #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm link popd #================================================= From ec297f74ba6e7aec27e0319e67f650b4ef5b18a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 16:24:23 +0200 Subject: [PATCH 10/23] Update install --- scripts/install | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/scripts/install b/scripts/install index 30db3b7..dfe7269 100644 --- a/scripts/install +++ b/scripts/install @@ -47,8 +47,11 @@ ynh_script_progression --message="Installing $app..." --weight=40 pushd "$install_dir" ynh_use_nodejs - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH $ynh_npm install - ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm run build + npm ci + npm install + npm link + #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH $ynh_npm install + #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm run build #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm link popd From ca397ec256e8bd61d73d0ece1ec0050d6490f65f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 16:27:39 +0200 Subject: [PATCH 11/23] Update install --- scripts/install | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/install b/scripts/install index dfe7269..ea12dcf 100644 --- a/scripts/install +++ b/scripts/install @@ -49,6 +49,7 @@ pushd "$install_dir" ynh_use_nodejs npm ci npm install + BUILD_MODE=dist npm run build npm link #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH $ynh_npm install #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm run build From 4472d8b01ecade2b171345dfee6cbbee9afcc731 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 16:29:13 +0200 Subject: [PATCH 12/23] Update manifest.toml --- manifest.toml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifest.toml b/manifest.toml index 6867f90..6f78dff 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Scratch" description.en = "Programming language to create your own interactive stories, games, and animations" description.fr = "Langage de programmation pour créer vos propres histoires, jeux et animations interactifs" -version = "3.2.37~ynh1" +version = "4.0.1~ynh1" maintainers = [] @@ -43,8 +43,8 @@ ram.runtime = "50M" [resources] [resources.sources.main] - url = "https://github.com/scratchfoundation/scratch-gui/releases/download/v3.2.37/scratch-gui-3.2.37.tgz" - sha256 = "be21b9ad93e64ec5fda21cf212efab81dbd76d87f9ce10cada9a9219ba0c558a" + url = "https://github.com/scratchfoundation/scratch-gui/releases/download/v4.0.1/scratch-gui-4.0.1.tgz" + sha256 = "ad9a25110bc981d5aacb0bbb7816b822ec752ba9abc8a45c90a229c99c7a5913" autoupdate.strategy = "latest_github_release" [resources.system_user] From 84cff78a7cf7efae526d0adffd0a114ccb9882e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 13 May 2024 16:30:08 +0200 Subject: [PATCH 13/23] Update install --- scripts/install | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/install b/scripts/install index ea12dcf..d5fa6b9 100644 --- a/scripts/install +++ b/scripts/install @@ -47,7 +47,6 @@ ynh_script_progression --message="Installing $app..." --weight=40 pushd "$install_dir" ynh_use_nodejs - npm ci npm install BUILD_MODE=dist npm run build npm link From acb0d5d2f66a9f50d7cf8fc348828dad5159cdfc Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Thu, 20 Jun 2024 18:24:07 +0000 Subject: [PATCH 14/23] Auto-update READMEs --- ALL_README.md | 1 + README.md | 8 ++++---- README_es.md | 49 +++++++++++++++++++++++++++++++++++++++++++++++ README_eu.md | 8 ++++---- README_fr.md | 8 ++++---- README_gl.md | 8 ++++---- README_zh_Hans.md | 10 +++++----- 7 files changed, 71 insertions(+), 21 deletions(-) create mode 100644 README_es.md diff --git a/ALL_README.md b/ALL_README.md index a01b345..152f2e7 100644 --- a/ALL_README.md +++ b/ALL_README.md @@ -1,6 +1,7 @@ # All available README files by language - [Read the README in English](README.md) +- [Lea el README en español](README_es.md) - [Irakurri README euskaraz](README_eu.md) - [Lire le README en français](README_fr.md) - [Le o README en galego](README_gl.md) diff --git a/README.md b/README.md index cc276ab..669a7dc 100644 --- a/README.md +++ b/README.md @@ -18,9 +18,9 @@ It shall NOT be edited by hand. Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. -**Shipped version:** 3.0~ynh4 +**Shipped version:** 4.0.1~ynh1 -**Demo:** +**Demo:** ## Screenshots @@ -29,8 +29,8 @@ Scratch is a free programming language and online community where you can create ## Documentation and resources - Official app website: -- Official admin documentation: -- Upstream app code repository: +- Official admin documentation: +- Upstream app code repository: - YunoHost Store: - Report a bug: diff --git a/README_es.md b/README_es.md new file mode 100644 index 0000000..4d572a4 --- /dev/null +++ b/README_es.md @@ -0,0 +1,49 @@ + + +# Scratch para Yunohost + +[![Nivel de integración](https://dash.yunohost.org/integration/scratch.svg)](https://dash.yunohost.org/appci/app/scratch) ![Estado funcional](https://ci-apps.yunohost.org/ci/badges/scratch.status.svg) ![Estado En Mantención](https://ci-apps.yunohost.org/ci/badges/scratch.maintain.svg) + +[![Instalar Scratch con Yunhost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=scratch) + +*[Leer este README en otros idiomas.](./ALL_README.md)* + +> *Este paquete le permite instalarScratch rapidamente y simplement en un servidor YunoHost.* +> *Si no tiene YunoHost, visita [the guide](https://yunohost.org/install) para aprender como instalarla.* + +## Descripción general + +Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. + +**Versión actual:** 4.0.1~ynh1 + +**Demo:** + +## Capturas + +![Captura de Scratch](./doc/screenshots/800px-Scratch_3.0_Éditeur.png) + +## Documentaciones y recursos + +- Sitio web oficial: +- Documentación administrador oficial: +- Repositorio del código fuente oficial de la aplicación : +- Catálogo YunoHost: +- Reportar un error: + +## Información para desarrolladores + +Por favor enviar sus correcciones a la [`branch testing`](https://github.com/YunoHost-Apps/scratch_ynh/tree/testing + +Para probar la rama `testing`, sigue asÍ: + +```bash +sudo yunohost app install https://github.com/YunoHost-Apps/scratch_ynh/tree/testing --debug +o +sudo yunohost app upgrade scratch -u https://github.com/YunoHost-Apps/scratch_ynh/tree/testing --debug +``` + +**Mas informaciones sobre el empaquetado de aplicaciones:** diff --git a/README_eu.md b/README_eu.md index 4afbbe2..6d2b274 100644 --- a/README_eu.md +++ b/README_eu.md @@ -18,9 +18,9 @@ EZ editatu eskuz. Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. -**Paketatutako bertsioa:** 3.0~ynh4 +**Paketatutako bertsioa:** 4.0.1~ynh1 -**Demoa:** +**Demoa:** ## Pantaila-argazkiak @@ -29,8 +29,8 @@ Scratch is a free programming language and online community where you can create ## Dokumentazioa eta baliabideak - Aplikazioaren webgune ofiziala: -- Administratzaileen dokumentazio ofiziala: -- Jatorrizko aplikazioaren kode-gordailua: +- Administratzaileen dokumentazio ofiziala: +- Jatorrizko aplikazioaren kode-gordailua: - YunoHost Denda: - Eman errore baten berri: diff --git a/README_fr.md b/README_fr.md index b70ce9e..f6bf723 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,9 +18,9 @@ Il NE doit PAS être modifié à la main. Scratch est un langage de programmation graphique manipulable et exécutable par le logiciel de même nom à vocation éducative. Ainsi, Scratch est à la fois un environnement de développement et un moteur d’exécution du langage Scratch mais aussi un site web. -**Version incluse :** 3.0~ynh4 +**Version incluse :** 4.0.1~ynh1 -**Démo :** +**Démo :** ## Captures d’écran @@ -29,8 +29,8 @@ Scratch est un langage de programmation graphique manipulable et exécutable par ## Documentations et ressources - Site officiel de l’app : -- Documentation officielle de l’admin : -- Dépôt de code officiel de l’app : +- Documentation officielle de l’admin : +- Dépôt de code officiel de l’app : - YunoHost Store : - Signaler un bug : diff --git a/README_gl.md b/README_gl.md index d3ee565..5c4c5f9 100644 --- a/README_gl.md +++ b/README_gl.md @@ -18,9 +18,9 @@ NON debe editarse manualmente. Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. -**Versión proporcionada:** 3.0~ynh4 +**Versión proporcionada:** 4.0.1~ynh1 -**Demo:** +**Demo:** ## Capturas de pantalla @@ -29,8 +29,8 @@ Scratch is a free programming language and online community where you can create ## Documentación e recursos - Web oficial da app: -- Documentación oficial para admin: -- Repositorio de orixe do código: +- Documentación oficial para admin: +- Repositorio de orixe do código: - Tenda YunoHost: - Informar dun problema: diff --git a/README_zh_Hans.md b/README_zh_Hans.md index 5549f37..5e9768a 100644 --- a/README_zh_Hans.md +++ b/README_zh_Hans.md @@ -3,7 +3,7 @@ 请勿手动编辑。 --> -# YunoHost 的 Scratch +# YunoHost 上的 Scratch [![集成程度](https://dash.yunohost.org/integration/scratch.svg)](https://dash.yunohost.org/appci/app/scratch) ![工作状态](https://ci-apps.yunohost.org/ci/badges/scratch.status.svg) ![维护状态](https://ci-apps.yunohost.org/ci/badges/scratch.maintain.svg) @@ -18,9 +18,9 @@ Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. -**分发版本:** 3.0~ynh4 +**分发版本:** 4.0.1~ynh1 -**演示:** +**演示:** ## 截图 @@ -29,8 +29,8 @@ Scratch is a free programming language and online community where you can create ## 文档与资源 - 官方应用网站: -- 官方管理文档: -- 上游应用代码库: +- 官方管理文档: +- 上游应用代码库: - YunoHost 商店: - 报告 bug: From c6106eda50da7e598e683ac797d66026e75ba7e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 20 Jun 2024 20:33:03 +0200 Subject: [PATCH 15/23] downgrade nodejs --- scripts/_common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 8bf600d..1a6a327 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # NodeJS version -nodejs_version=18 +nodejs_version=14 #================================================= # PERSONAL HELPERS From a8f419564b920de46db3398c2b8e2865a72fd263 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 20 Jun 2024 20:50:26 +0200 Subject: [PATCH 16/23] Bump to v4.0.4, fix scripts --- manifest.toml | 13 +++++++------ scripts/_common.sh | 2 +- scripts/backup | 2 -- scripts/change_url | 2 -- scripts/install | 30 +++++++++++++----------------- scripts/remove | 1 - scripts/restore | 6 +----- scripts/upgrade | 21 +++++++++++++++------ 8 files changed, 37 insertions(+), 40 deletions(-) diff --git a/manifest.toml b/manifest.toml index 6f78dff..ce58804 100644 --- a/manifest.toml +++ b/manifest.toml @@ -1,3 +1,5 @@ +#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json + packaging_format = 2 id = "scratch" @@ -5,7 +7,7 @@ name = "Scratch" description.en = "Programming language to create your own interactive stories, games, and animations" description.fr = "Langage de programmation pour créer vos propres histoires, jeux et animations interactifs" -version = "4.0.1~ynh1" +version = "4.0.4~ynh1" maintainers = [] @@ -42,10 +44,10 @@ ram.runtime = "50M" default = "visitors" [resources] - [resources.sources.main] - url = "https://github.com/scratchfoundation/scratch-gui/releases/download/v4.0.1/scratch-gui-4.0.1.tgz" - sha256 = "ad9a25110bc981d5aacb0bbb7816b822ec752ba9abc8a45c90a229c99c7a5913" - autoupdate.strategy = "latest_github_release" + [resources.sources.main] + url = "https://github.com/scratchfoundation/scratch-gui/archive/refs/tags/v4.0.4.tar.gz" + sha256 = "04910a021c104ac2cedf71b224ea13253ea582a829d20fc7fab75eae0e7cbb2e" + autoupdate.strategy = "latest_github_tag" [resources.system_user] @@ -55,4 +57,3 @@ ram.runtime = "50M" main.url = "/" [resources.ports] - diff --git a/scripts/_common.sh b/scripts/_common.sh index 1a6a327..8bf600d 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # NodeJS version -nodejs_version=14 +nodejs_version=18 #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index f31d78a..e73d3fc 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= diff --git a/scripts/change_url b/scripts/change_url index 4ba8cf7..cfcb0d6 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC STARTING #================================================= # IMPORT GENERIC HELPERS #================================================= diff --git a/scripts/install b/scripts/install index d5fa6b9..f6076fa 100644 --- a/scripts/install +++ b/scripts/install @@ -25,7 +25,19 @@ ynh_script_progression --message="Setting up source files..." --weight=5 ynh_setup_source --dest_dir="$install_dir" chmod -R o-rwx "$install_dir" -chown -R $app:www-data "$install_dir" +chown -R "$app:www-data" "$install_dir" + +#================================================= +# Build +#================================================= +ynh_script_progression --message="Installing $app..." --weight=40 + +pushd "$install_dir" + ynh_use_nodejs + ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" "$ynh_npm" install + ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" run build + ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" link +popd #================================================= # SYSTEM CONFIGURATION @@ -37,24 +49,8 @@ ynh_add_nginx_config # Create a dedicated systemd config ynh_add_systemd_config - yunohost service add "$app" --description="Language to create your own interactive stories" --log="/var/log/$app/$app.log" -#================================================= -# INSTALL ETHERPAD -#================================================= -ynh_script_progression --message="Installing $app..." --weight=40 - -pushd "$install_dir" - ynh_use_nodejs - npm install - BUILD_MODE=dist npm run build - npm link - #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH $ynh_npm install - #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm run build - #ynh_exec_warn_less ynh_exec_as $app env $ynh_node_load_PATH BUILD_MODE=dist $ynh_npm link -popd - #================================================= # START SYSTEMD SERVICE #================================================= diff --git a/scripts/remove b/scripts/remove index d5f8f6c..4298270 100644 --- a/scripts/remove +++ b/scripts/remove @@ -16,7 +16,6 @@ ynh_script_progression --message="Removing system configurations related to $app # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status "$app" >/dev/null; then - ynh_script_progression --message="Removing $app service integration..." --weight=1 yunohost service remove "$app" fi diff --git a/scripts/restore b/scripts/restore index d40859c..3ccca72 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -18,7 +16,7 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$install_dir" chmod -R o-rwx "$install_dir" -chown -R $app:www-data "$install_dir" +chown -R "$app:www-data" "$install_dir" #================================================= # RESTORE THE NGINX CONFIGURATION @@ -31,7 +29,6 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable "$app.service" --quiet - yunohost service add "$app" --description="Language to create your own interactive stories" --log="/var/log/$app/$app.log" #================================================= @@ -39,7 +36,6 @@ yunohost service add "$app" --description="Language to create your own interacti #================================================= ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 -### Typically you only have either $app or php-fpm but not both at the same time... ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index 2ffa286..ae07409 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -25,18 +23,29 @@ ynh_script_progression --message="Upgrading source files..." --weight=5 ynh_setup_source --dest_dir="$install_dir" chmod -R o-rwx "$install_dir" -chown -R $app:www-data "$install_dir" +chown -R "$app:www-data" "$install_dir" #================================================= -# UPDATE A CONFIG FILE +# Build #================================================= -ynh_script_progression --message="Updating $app's configuration files..." --weight=1 +ynh_script_progression --message="Installing $app..." --weight=40 + +pushd "$install_dir" + ynh_use_nodejs + ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" "$ynh_npm" install + ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" run build + ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" link +popd + +#================================================= +# REAPPLY SYSTEM CONFIGURATIONS +#================================================= +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config ynh_add_systemd_config - yunohost service add "$app" --description="Language to create your own interactive stories" --log="/var/log/$app/$app.log" #================================================= From 7292f41b1c20b9cccfd8a93a1fd5885f668632a6 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Thu, 20 Jun 2024 18:50:31 +0000 Subject: [PATCH 17/23] Auto-update READMEs --- README.md | 2 +- README_es.md | 2 +- README_eu.md | 2 +- README_fr.md | 2 +- README_gl.md | 2 +- README_zh_Hans.md | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 669a7dc..e4fd245 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ It shall NOT be edited by hand. Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. -**Shipped version:** 4.0.1~ynh1 +**Shipped version:** 4.0.4~ynh1 **Demo:** diff --git a/README_es.md b/README_es.md index 4d572a4..6846a49 100644 --- a/README_es.md +++ b/README_es.md @@ -18,7 +18,7 @@ No se debe editar a mano. Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. -**Versión actual:** 4.0.1~ynh1 +**Versión actual:** 4.0.4~ynh1 **Demo:** diff --git a/README_eu.md b/README_eu.md index 6d2b274..1e78c39 100644 --- a/README_eu.md +++ b/README_eu.md @@ -18,7 +18,7 @@ EZ editatu eskuz. Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. -**Paketatutako bertsioa:** 4.0.1~ynh1 +**Paketatutako bertsioa:** 4.0.4~ynh1 **Demoa:** diff --git a/README_fr.md b/README_fr.md index f6bf723..8b29c25 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,7 @@ Il NE doit PAS être modifié à la main. Scratch est un langage de programmation graphique manipulable et exécutable par le logiciel de même nom à vocation éducative. Ainsi, Scratch est à la fois un environnement de développement et un moteur d’exécution du langage Scratch mais aussi un site web. -**Version incluse :** 4.0.1~ynh1 +**Version incluse :** 4.0.4~ynh1 **Démo :** diff --git a/README_gl.md b/README_gl.md index 5c4c5f9..a527520 100644 --- a/README_gl.md +++ b/README_gl.md @@ -18,7 +18,7 @@ NON debe editarse manualmente. Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. -**Versión proporcionada:** 4.0.1~ynh1 +**Versión proporcionada:** 4.0.4~ynh1 **Demo:** diff --git a/README_zh_Hans.md b/README_zh_Hans.md index 5e9768a..d2dc653 100644 --- a/README_zh_Hans.md +++ b/README_zh_Hans.md @@ -18,7 +18,7 @@ Scratch is a free programming language and online community where you can create your own interactive stories, games, and animations. -**分发版本:** 4.0.1~ynh1 +**分发版本:** 4.0.4~ynh1 **演示:** From 408f17d2bd981bbd3188dc00af7b14cbd40cbe6a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 20 Jun 2024 21:33:40 +0200 Subject: [PATCH 18/23] do not npm link --- scripts/install | 2 +- scripts/upgrade | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/install b/scripts/install index f6076fa..2f9a787 100644 --- a/scripts/install +++ b/scripts/install @@ -36,7 +36,7 @@ pushd "$install_dir" ynh_use_nodejs ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" "$ynh_npm" install ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" run build - ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" link + # ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" link popd #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index ae07409..a8f1f98 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -34,7 +34,7 @@ pushd "$install_dir" ynh_use_nodejs ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" "$ynh_npm" install ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" run build - ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" link + # ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" link popd #================================================= From e68d171e317648c06c303bea4fd79571ec84909d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 20 Jun 2024 22:07:27 +0200 Subject: [PATCH 19/23] Use built artifacts statically --- conf/nginx.conf | 12 +----------- conf/systemd.service | 45 -------------------------------------------- scripts/backup | 3 --- scripts/install | 19 +++++-------------- scripts/remove | 9 --------- scripts/restore | 10 ++-------- scripts/upgrade | 22 ++++------------------ 7 files changed, 12 insertions(+), 108 deletions(-) delete mode 100644 conf/systemd.service diff --git a/conf/nginx.conf b/conf/nginx.conf index af69dcd..9dac991 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,15 +1,5 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - proxy_pass http://127.0.0.1:__PORT__/; - proxy_redirect off; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Host $server_name; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; + alias __INSTALL_DIR/www/; } diff --git a/conf/systemd.service b/conf/systemd.service deleted file mode 100644 index 83c3c9e..0000000 --- a/conf/systemd.service +++ /dev/null @@ -1,45 +0,0 @@ -[Unit] -Description=Scratch -After=syslog.target network.target - -[Service] -Type=simple -User=__APP__ -Group=__APP__ -WorkingDirectory=__INSTALL_DIR__/ -Environment="__YNH_NODE_LOAD_PATH__" -ExecStart=__YNH_NPM__ start - - -# Sandboxing options to harden security -# Depending on specificities of your service/app, you may need to tweak these -# .. but this should be a good baseline -# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html -NoNewPrivileges=yes -PrivateTmp=yes -PrivateDevices=yes -RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 -RestrictNamespaces=yes -RestrictRealtime=yes -DevicePolicy=closed -ProtectSystem=full -ProtectControlGroups=yes -ProtectKernelModules=yes -ProtectKernelTunables=yes -LockPersonality=yes -SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap - -# Denying access to capabilities that should not be relevant for webapps -# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html -CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD -CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE -CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT -CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK -CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM -CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG -CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE -CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW -CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG - -[Install] -WantedBy=multi-user.target diff --git a/scripts/backup b/scripts/backup index e73d3fc..98fca87 100644 --- a/scripts/backup +++ b/scripts/backup @@ -26,9 +26,6 @@ ynh_backup --src_path="$install_dir" # Backup the nginx configuration ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -# Backup the systemd service unit -ynh_backup --src_path="/etc/systemd/system/$app.service" - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 2f9a787..f84b9bb 100644 --- a/scripts/install +++ b/scripts/install @@ -22,7 +22,7 @@ ynh_install_nodejs --nodejs_version=$nodejs_version ynh_script_progression --message="Setting up source files..." --weight=5 # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$install_dir" +ynh_setup_source --dest_dir="$install_dir/sources" chmod -R o-rwx "$install_dir" chown -R "$app:www-data" "$install_dir" @@ -36,9 +36,12 @@ pushd "$install_dir" ynh_use_nodejs ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" "$ynh_npm" install ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" run build - # ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" link popd +mv "$install_dir/sources/build" "$install_dir/www" + +chown -R "$app:www-data" "$install_dir" + #================================================= # SYSTEM CONFIGURATION #================================================= @@ -47,18 +50,6 @@ ynh_script_progression --message="Adding system configurations related to $app.. # Create a dedicated nginx config ynh_add_nginx_config -# Create a dedicated systemd config -ynh_add_systemd_config -yunohost service add "$app" --description="Language to create your own interactive stories" --log="/var/log/$app/$app.log" - -#================================================= -# START SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting $app's systemd service..." --weight=1 - -# Start a systemd service -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index 4298270..74aeff0 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -14,13 +12,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 -# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status "$app" >/dev/null; then - yunohost service remove "$app" -fi - -ynh_remove_systemd_config - ynh_remove_nginx_config ynh_remove_nodejs diff --git a/scripts/restore b/scripts/restore index 3ccca72..19e60b4 100644 --- a/scripts/restore +++ b/scripts/restore @@ -23,20 +23,14 @@ chown -R "$app:www-data" "$install_dir" #================================================= ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 -ynh_install_nodejs --nodejs_version=$nodejs_version +ynh_install_nodejs --nodejs_version="$nodejs_version" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" -systemctl enable "$app.service" --quiet -yunohost service add "$app" --description="Language to create your own interactive stories" --log="/var/log/$app/$app.log" - #================================================= # RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= -ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 - -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index a8f1f98..c493d86 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,13 +7,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# STOP SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Stopping $app's systemd service..." --weight=1 - -ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -34,9 +27,12 @@ pushd "$install_dir" ynh_use_nodejs ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" "$ynh_npm" install ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" run build - # ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" link popd +mv "$install_dir/sources/build" "$install_dir/www" + +chown -R "$app:www-data" "$install_dir" + #================================================= # REAPPLY SYSTEM CONFIGURATIONS #================================================= @@ -45,16 +41,6 @@ ynh_script_progression --message="Upgrading system configurations related to $ap # Create a dedicated NGINX config ynh_add_nginx_config -ynh_add_systemd_config -yunohost service add "$app" --description="Language to create your own interactive stories" --log="/var/log/$app/$app.log" - -#================================================= -# START SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting $app's systemd service..." --weight=1 - -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" - #================================================= # END OF SCRIPT #================================================= From 15175b68e8d68a4ffcc6e7c382e0a166b87db638 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 20 Jun 2024 22:09:47 +0200 Subject: [PATCH 20/23] Fix path to sources, full_replace=1 --- scripts/install | 2 +- scripts/upgrade | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/install b/scripts/install index f84b9bb..901659f 100644 --- a/scripts/install +++ b/scripts/install @@ -32,7 +32,7 @@ chown -R "$app:www-data" "$install_dir" #================================================= ynh_script_progression --message="Installing $app..." --weight=40 -pushd "$install_dir" +pushd "$install_dir/sources" ynh_use_nodejs ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" "$ynh_npm" install ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" run build diff --git a/scripts/upgrade b/scripts/upgrade index c493d86..e68dfa7 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -13,7 +13,7 @@ source /usr/share/yunohost/helpers ynh_script_progression --message="Upgrading source files..." --weight=5 # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$install_dir" +ynh_setup_source --dest_dir="$install_dir/sources" --full_replace=1 chmod -R o-rwx "$install_dir" chown -R "$app:www-data" "$install_dir" @@ -23,7 +23,7 @@ chown -R "$app:www-data" "$install_dir" #================================================= ynh_script_progression --message="Installing $app..." --weight=40 -pushd "$install_dir" +pushd "$install_dir/sources" ynh_use_nodejs ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" "$ynh_npm" install ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" run build From 0c1312f949fa345bc80cc1c08faf6e83f38b8f36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 20 Jun 2024 22:13:30 +0200 Subject: [PATCH 21/23] Fix nginx file --- conf/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 9dac991..1aab834 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,5 +1,5 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - alias __INSTALL_DIR/www/; + alias __INSTALL_DIR__/www/; } From 6ed8daec24876088d0743140623308b044741f53 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 20 Jun 2024 22:20:06 +0200 Subject: [PATCH 22/23] Cleanup sources after build --- scripts/install | 1 + scripts/upgrade | 1 + 2 files changed, 2 insertions(+) diff --git a/scripts/install b/scripts/install index 901659f..5e93dee 100644 --- a/scripts/install +++ b/scripts/install @@ -39,6 +39,7 @@ pushd "$install_dir/sources" popd mv "$install_dir/sources/build" "$install_dir/www" +ynh_secure_remove --file="$install_dir/sources" chown -R "$app:www-data" "$install_dir" diff --git a/scripts/upgrade b/scripts/upgrade index e68dfa7..26b6b46 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -30,6 +30,7 @@ pushd "$install_dir/sources" popd mv "$install_dir/sources/build" "$install_dir/www" +ynh_secure_remove --file="$install_dir/sources" chown -R "$app:www-data" "$install_dir" From c8af38df6a2c77fb7676fd58e8873c7cbfe0af0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Thu, 20 Jun 2024 22:20:20 +0200 Subject: [PATCH 23/23] Cleanup www before installation on upgrade --- scripts/upgrade | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/upgrade b/scripts/upgrade index 26b6b46..f6d6e51 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -29,6 +29,7 @@ pushd "$install_dir/sources" ynh_exec_warn_less ynh_exec_as "$app" env "$ynh_node_load_PATH" BUILD_MODE=dist "$ynh_npm" run build popd +ynh_secure_remove --file="$install_dir/www" mv "$install_dir/sources/build" "$install_dir/www" ynh_secure_remove --file="$install_dir/sources"