1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/adguardhome_ynh.git synced 2024-09-03 18:06:23 +02:00
adguardhome_ynh/scripts/install
2020-01-17 13:59:48 +01:00

194 lines
6.7 KiB
Bash

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
ad_user=$YNH_APP_ARG_AD_USER
ad_password=$YNH_APP_ARG_AD_PASSWORD
### If it's a multi-instance app, meaning it can be installed several times independently
### The id of the app as stated in the manifest is available as $YNH_APP_ID
### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
### The app instance name is available as $YNH_APP_INSTANCE_NAME
### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
### - ynhexample__{N} for the subsequent installations, with N=3,4, ...
### The app instance name is probably what interests you most, since this is
### guaranteed to be unique. This is a good unique identifier to define installation path,
### db names, ...
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app"
final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Normalize the url path syntax
path_url=$(ynh_normalize_url_path "$path_url")
# Check web path availability
ynh_webpath_available "$domain" "$path_url"
# Register (book) web path
ynh_webpath_register "$app" "$domain" "$path_url"
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set "$app" domain "$domain"
ynh_app_setting_set "$app" path "$path_url"
ynh_app_setting_set "$app" is_public "$is_public"
#==============================================
# INSTALL DEPS
#==============================================
ynh_install_app_dependencies libcap2-bin libaprutil1
#=================================================
# FIND AND OPEN A PORT
#=================================================
### Use these lines if you have to open a port for the application
### `ynh_find_port` will find the first available port starting from the given port.
### If you're not using these lines:
### - Remove the section "CLOSE A PORT" in the remove script
# Find a free port
port=$(ynh_find_port 53)
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app-[arch].src
case `uname -m` in
x86_64) ynh_setup_source "$final_path" "app-amd64" ;;
aarch64) ynh_setup_source "$final_path" "app-arm64" ;;
*) ynh_die "Unknown arch" ;;
esac
#=================================================
# GENERATE PASSWORD
#=================================================
case `uname -m` in
x86_64) htpasswd_arch=htpasswd-amd64 ;;
aarch64) htpasswd_arch=htpasswd-arm64 ;;
*) ynh_die "Unknown arch" ;;
esac
chmod +x ../conf/$htpasswd_arch
password_gen=$(../conf/$htpasswd_arch -B -n -b "$ad_user" "$ad_password" | sed "s/"$ad_user"://")
#=================================================
# MODIFY A CONFIG FILE
#=================================================
ynh_replace_string "__FINALPATH__" "$final_path" "../conf/systemd.service"
ynh_replace_string "__USER__" "$ad_user" "../conf/AdGuardHome.yaml"
ynh_replace_string "__PWD__" "$password_gen" "../conf/AdGuardHome.yaml"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_add_systemd_config
systemctl enable "$app".service
#==============================================
# INSTALL ADGUARD
#==============================================
#setcap CAP_NET_BIND_SERVICE=+eip .$final_path/AdGuardHome
#=================================================
# NGINX CONFIGURATION
#=================================================
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a system user
#ynh_system_user_create $app
#=================================================
# MODIFY A CONFIG FILE
#=================================================
cp -a ../conf/AdGuardHome.yaml "$final_path"/AdGuardHome.yaml
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
### `ynh_store_file_checksum` is used to store the checksum of a file.
### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`,
### you can make a backup of this file before modifying it again if the admin had modified it.
# Calculate and store the config file checksum into the app settings
#ynh_store_file_checksum "$final_path/AdGuardHome.yaml"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
### For security reason, any app should set the permissions to root: before anything else.
### Then, if write authorization is needed, any access should be given only to directories
### that really need such authorization.
# Set permissions to app files
chown -R root: "$final_path"
#=================================================
# SETUP SSOWAT
#=================================================
# If app is public, add url to SSOWat conf as skipped_uris
if [ "$is_public" -eq 1 ]; then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
fi
# Reload services
systemctl reload nginx
systemctl stop dnsmasq.service
systemctl disable dnsmasq.service
systemctl start "$app".service