diff options
Diffstat (limited to 'www-apps/tt-rss/files')
| -rw-r--r-- | www-apps/tt-rss/files/permissions-r1 | 24 | ||||
| -rw-r--r-- | www-apps/tt-rss/files/postinstall-en-with-daemon-r1.txt | 3 | ||||
| -rw-r--r-- | www-apps/tt-rss/files/postinstall-en.txt | 3 | ||||
| -rw-r--r-- | www-apps/tt-rss/files/tt-rss-no-chmod.patch | 26 | ||||
| -rw-r--r-- | www-apps/tt-rss/files/ttrssd.initd-r4 | 119 |
5 files changed, 173 insertions, 2 deletions
diff --git a/www-apps/tt-rss/files/permissions-r1 b/www-apps/tt-rss/files/permissions-r1 new file mode 100644 index 000000000000..e50b4406646d --- /dev/null +++ b/www-apps/tt-rss/files/permissions-r1 @@ -0,0 +1,24 @@ +#!/bin/bash -e + +cd "${MY_INSTALLDIR}" + +if [[ $1 = install ]]; then + # We need to lock down cache/ for the operations below to be + # safe. The permissions match the webapp-config defaults but these + # can be changed and existing installations may also differ. + chown root:root cache/ + chmod 00755 cache/ + + chgrp --no-dereference ttrssd feed-icons/ lock/ cache/*/ + chmod g+ws feed-icons/ lock/ cache/*/ + + # Files within lock/ are exclusively written by the update daemon. + # feed-icons/ and cache/ holds files that are modified in place by both + # processes and therefore ACLs are required to ensure that the files + # themselves are created as group writable. + if ! setfacl --modify d:g::rwX feed-icons/ cache/*/; then + echo "WARNING: ACLs are not available on this filesystem. Either enable them or set TTRSSD_USER to your PHP user in /etc/conf.d/ttrssd to avoid permission issues." + elif [[ -n $(find feed-icons/ cache/ -type f ! -name ".*" ! -name index.html ! \( -group ttrssd -perm -020 \) -print -quit) ]]; then + echo "WARNING: Files that are not writable by the ttrssd group found within the cache or feed-icons directories. Either delete them or correct their permissions." + fi +fi diff --git a/www-apps/tt-rss/files/postinstall-en-with-daemon-r1.txt b/www-apps/tt-rss/files/postinstall-en-with-daemon-r1.txt index 8c72406d76d2..92d1fa315c72 100644 --- a/www-apps/tt-rss/files/postinstall-en-with-daemon-r1.txt +++ b/www-apps/tt-rss/files/postinstall-en-with-daemon-r1.txt @@ -1,4 +1,5 @@ -Please read https://tt-rss.org/wiki/InstallationNotes. +Please read https://tt-rss.org/wiki/GlobalConfig. Note that the configuration +syntax changed in 2021. Once you have configured TT-RSS, tweak /etc/conf.d/ttrssd to your needs if you have not already done so. If ACLs are unavailable on the diff --git a/www-apps/tt-rss/files/postinstall-en.txt b/www-apps/tt-rss/files/postinstall-en.txt index 67a16111f3d5..f28a19d991bf 100644 --- a/www-apps/tt-rss/files/postinstall-en.txt +++ b/www-apps/tt-rss/files/postinstall-en.txt @@ -1 +1,2 @@ -Please read https://tt-rss.org/wiki/InstallationNotes. +Please read https://tt-rss.org/wiki/GlobalConfig. Note that the configuration +syntax changed in 2021. diff --git a/www-apps/tt-rss/files/tt-rss-no-chmod.patch b/www-apps/tt-rss/files/tt-rss-no-chmod.patch new file mode 100644 index 000000000000..e51e66eaed22 --- /dev/null +++ b/www-apps/tt-rss/files/tt-rss-no-chmod.patch @@ -0,0 +1,26 @@ +These files may be written and then updated by the web interface user or the +update daemon user, so they need to be group writeable. We enforce this with +ACLs rather than chmod though. + +diff --color -Naur a/classes/pref/feeds.php b/classes/pref/feeds.php +--- a/classes/pref/feeds.php 2022-02-18 13:44:03.000000000 +0000 ++++ b/classes/pref/feeds.php 2022-02-19 15:37:55.000723992 +0000 +@@ -490,7 +490,6 @@ + + if (file_exists($new_filename)) unlink($new_filename); + if (rename($tmp_file, $new_filename)) { +- chmod($new_filename, 0644); + + $feed->set([ + 'favicon_avg_color' => null, +diff --color -Naur a/classes/rssutils.php b/classes/rssutils.php +--- a/classes/rssutils.php 2022-02-18 13:44:03.000000000 +0000 ++++ b/classes/rssutils.php 2022-02-19 15:37:40.393312123 +0000 +@@ -1728,7 +1728,6 @@ + + fwrite($fp, $contents); + fclose($fp); +- chmod($icon_file, 0644); + clearstatcache(); + + return $icon_file; diff --git a/www-apps/tt-rss/files/ttrssd.initd-r4 b/www-apps/tt-rss/files/ttrssd.initd-r4 new file mode 100644 index 000000000000..9dbfa157ce43 --- /dev/null +++ b/www-apps/tt-rss/files/ttrssd.initd-r4 @@ -0,0 +1,119 @@ +#!/sbin/openrc-run +# Copyright 1999-2022 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +command="/usr/bin/php" + +depend() { + need net + after postgresql mysql +} + +PID_DIR="/run/ttrssd" +LOG_DIR=${LOG_DIR:-"/var/log/ttrssd"} +TTRSSD_USER=${TTRSSD_USER:-"ttrssd"} + +list_instance_dirs() { + if [ -z "${INSTANCE_DIRS}" ]; then + cut -d" " -f4 /var/db/webapps/tt-rss/*/installs 2>/dev/null + else + printf "%s\n" ${INSTANCE_DIRS} + fi +} + +instance_dir_to_name() { + local name + + name=${1#/} + printf %s "${name}" | awk '{ + gsub("/", "--"); + print $0; + }' +} + +start_pre() { + mkdir -p "${PID_DIR}" "${LOG_DIR}" || return 1 + chown "${TTRSSD_USER}":ttrssd "${LOG_DIR}" || return 1 +} + +start() { + local instance_dir instance_name ret=1 + + IFS=" +" + for instance_dir in $(list_instance_dirs); do + if [ -d "${instance_dir}" ]; then + if [ ! -f "${instance_dir}"/update_daemon2.php ]; then + ewarn "TT-RSS instance in ${instance_dir} has no update_daemon2.php script" + elif [ ! -f "${instance_dir}"/config.php ]; then + eerror "TT-RSS instance in ${instance_dir} is not configured" + else + instance_name=$(instance_dir_to_name "${instance_dir}") + ebegin "Starting TT-RSS update daemon in ${instance_dir}" + start-stop-daemon --start --user "${TTRSSD_USER}":ttrssd \ + --background --wait 2000 \ + --stdout "${LOG_DIR}/${instance_name}.log" \ + --stderr "${LOG_DIR}/${instance_name}.log" \ + --make-pidfile --pidfile "${PID_DIR}/${instance_name}.pid" \ + --exec /usr/bin/php -- -f "${instance_dir}"/update_daemon2.php \ + -- ${TTRSSD_OPTS} + eend $? && ret=0 + fi + else + eerror "TT-RSS instance in ${instance_dir} is missing" + fi + done + unset IFS + + # Succeed if at least one started. + return ${ret} +} + +stop() { + local instance_dir instance_name + + IFS=" +" + for instance_dir in $(list_instance_dirs); do + instance_name=$(instance_dir_to_name "${instance_dir}") + + [ -f "${PID_DIR}/${instance_name}.pid" ] || + [ -f "${instance_dir}"/update_daemon2.php ] || + continue + + ebegin "Stopping TT-RSS update daemon in ${instance_dir}" + start-stop-daemon --stop --retry 5 --pidfile "${PID_DIR}/${instance_name}.pid" \ + --exec /usr/bin/php -- -f "${instance_dir}"/update_daemon2.php \ + -- ${TTRSSD_OPTS} + eend $? + + rm -f "${instance_dir}"/lock/*.lock + done + unset IFS + + # Always succeed. + return 0 +} + +status() { + local instance_dir instance_name pid + + IFS=" +" + for instance_dir in $(list_instance_dirs); do + instance_name=$(instance_dir_to_name "${instance_dir}") + + [ -f "${PID_DIR}/${instance_name}.pid" ] || + [ -f "${instance_dir}"/update_daemon2.php ] || + continue + + if start-stop-daemon --signal 0 --pidfile "${PID_DIR}/${instance_name}.pid"; then + # At least one instance is running + return 0 + fi + done + unset IFS + + # No instances are running + return 3 +} |