YunoHost-Apps/calibreweb_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/calibreweb_ynh.git synced 2024-09-03 18:16:20 +02:00
Code Issues Activity Actions
calibreweb_ynh/scripts/upgrade

259 lines
No EOL
11 KiB
Bash
Executable file
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
admin_mail=$(ynh_user_get_info --username="$admin" --key=mail)
#Get settings from database in case it has been changed in the app and save it in settings so that it can be used back afterward
calibre_dir=$(sqlite3 $install_dir/app.db "SELECT config_calibre_dir FROM settings WHERE ID=1")
calibre_dir=${calibre_dir%/}
ynh_app_setting_set $app calibre_dir $calibre_dir
upload=$(sqlite3 $install_dir/app.db "SELECT config_uploading FROM settings WHERE ID=1")
ynh_app_setting_set $app upload $upload
language=$(sqlite3 $install_dir/app.db "SELECT config_default_locale FROM settings WHERE ID=1")
ynh_app_setting_set $app language $language
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
if [ -f /etc/yunohost/apps/$app/manifest.toml ]; then
current_upstream_package_version=$(ynh_app_upstream_version --manifest="/etc/yunohost/apps/$app/manifest.toml") #0.96.0
else
current_upstream_package_version=$(ynh_app_upstream_version --manifest="/etc/yunohost/apps/$app/manifest.json") #0.96.0
fi
current_upstream_package_version="${current_upstream_package_version/".96"/".6"}" #0.6.0
current_upstream_package_version="${current_upstream_package_version/".97"/".7"}"
current_upstream_package_version="${current_upstream_package_version/".98"/".8"}"
current_upstream_package_version="${current_upstream_package_version/".99"/".9"}"
new_upstream_package_version=$(ynh_app_upstream_version)
new_upstream_package_version="${new_upstream_package_version/".96"/".6"}" #0.6.0
new_upstream_package_version="${new_upstream_package_version/".97"/".7"}"
new_upstream_package_version="${new_upstream_package_version/".98"/".8"}"
new_upstream_package_version="${new_upstream_package_version/".99"/".9"}"
current_upstream_app_version=$(cat $install_dir/cps/constants.py | grep STABLE_VERSION)
current_upstream_app_version="${current_upstream_app_version/STABLE_VERSION = \{\'version\': \'/""}"
current_upstream_app_version="${current_upstream_app_version/\'\}/""}"
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_clean_check_starting
#Stop the app in case database is updated
ynh_script_progression --message="Stopping a systemd service..." --weight=2
ynh_systemd_action --service_name=$app --action="stop"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Downward Compatibility checks..." --weight=1
#Close unwanted open port in firewall
if yunohost firewall list | grep -q "\- $port$"
then
ynh_script_progression --message="Closing port $port as it shouldn't be open..."
yunohost firewall disallow TCP $port 2>&1
fi
#LDAP settings were wrongly set in version prior to 0.6.13 and we could not retrieve LDAP users. This will change the settings to correct values
if sqlite3 $install_dir/app.db "SELECT config_ldap_group_object_filter FROM settings" \
| grep -xq "(&(objectClass=posixGroup)(permission=cn=%s.main,ou=permission,dc=yunohost,dc=org))" ; then
eval sqlite3 $install_dir/app.db "\"UPDATE settings SET config_ldap_group_object_filter='(&(objectClass=posixGroup)(cn=%s.main))' WHERE ID=1\""
fi
#Adding kepubify converter
if [ -z $(sqlite3 $install_dir/app.db "SELECT config_kepubifypath FROM settings") ]; then
eval sqlite3 $install_dir/app.db "\"UPDATE settings SET config_kepubifypath='/opt/kepubify/$app/kepubify' WHERE ID=1\""
fi
if [ ! -d /opt/kepubify/$app ]; then
ynh_setup_source --dest_dir="/opt/kepubify/$app" --source_id="kepubify" --full_replace=1
chmod 770 /opt/kepubify/$app/kepubify
fi
#Change kepubify to new path (for multiinstance
if [ -f /opt/kepubify/kepubify ]; then
rm /opt/kepubify/kepubify
fi
if sqlite3 $install_dir/app.db "SELECT config_kepubifypath FROM settings" | grep -xq "/opt/kepubify/kepubify" ; then
eval sqlite3 $install_dir/app.db "\"UPDATE settings SET config_kepubifypath='/opt/kepubify/$app/kepubify' WHERE ID=1\""
fi
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files from $current_upstream_app_version to $new_upstream_package_version..." --weight=10
#Set settings constant initializer of the app
ynh_add_config --template="../sources/patches/main-config_sql.py.patch.src" --destination="../sources/patches/main-config_sql.py.patch"
ynh_add_config --template="../sources/patches/main-ub.py.patch.src" --destination="../sources/patches/main-ub.py.patch"
ynh_add_config --template="../sources/patches/main-constants.py.patch.src" --destination="../sources/patches/main-constants.py.patch"
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir" --full_replace=1
chown -R $app: $install_dir
# Remove the patch for web.py in case visitor are allowed
if $(ynh_permission_has_user --permission=main --user=visitors); then
patch -u /$install_dir/cps/web.py -i ../conf/web.py.revert.patch
fi
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=5
#Cannot use empty string for X-script-name, causes an issue in the python prg
#https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy#nginx
if [ $path = "/" ] ; then
ynh_replace_string " proxy_set_header X-Script-Name" "# proxy_set_header X-Script-Name" ../conf/nginx.conf
fi
#Setting the proxy authentication in case calibre is not open to visitor.
#https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy#login-via-header-from-upstream-authentication-source
if $(ynh_permission_has_user --permission=main --user=visitors); then
sqlite3 $install_dir/app.db "UPDATE settings SET config_reverse_proxy_login_header_name='', config_allow_reverse_proxy_header_login=0 WHERE ID=1;"
ynh_replace_string --match_string=" proxy_set_header X-Remote-User" \
--replace_string="# proxy_set_header X-Remote-User" \
--target_file="../conf/nginx.conf"
else
sqlite3 $install_dir/app.db "UPDATE settings SET config_reverse_proxy_login_header_name='X-Remote-User', config_allow_reverse_proxy_header_login=1 WHERE ID=1;"
fi
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
#Use venv to install pip requirements - Inspired from https://github.com/YunoHost-Apps/pyinventory_ynh/blob/master/scripts/install
ynh_script_progression --message="Installing pip requirements..." --weight=70
# Always recreate everything fresh with current python version
if [ -d "${install_dir}/venv" ] ; then
ynh_secure_remove "${install_dir}/venv"
fi
# Skip pip because of: https://github.com/YunoHost/issues/issues/1960
python3 -m venv --without-pip "${install_dir}/venv"
chown -R "$app:" "$install_dir"
#run source in a 'sub shell'
(
set +o nounset
source "${install_dir}/venv/bin/activate"
set -o nounset
ynh_exec_as $app $install_dir/venv/bin/python3 -m ensurepip
ynh_exec_as $app $install_dir/venv/bin/pip3 install --upgrade wheel pip setuptools
ynh_exec_as $app $install_dir/venv/bin/pip3 install --no-cache-dir --upgrade -r "$install_dir/requirements.txt"
ynh_exec_as $app $install_dir/venv/bin/pip3 install --no-cache-dir --upgrade -r "$install_dir/optional-requirements.txt"
)
fi
#=================================================
# SPECIFIC UPGRADE
#=================================================
#build multimedia directory
#=================================================
ynh_script_progression --message="Create Multimedia dir..." --weight=1
#Create multimedia directory but we do not change the calibre_dir : It's the user to make this choice.
ynh_multimedia_build_main_dir
ynh_multimedia_addaccess $app
#Update Imagick policy as per https://github.com/janeczku/calibre-web/wiki/FAQ#what-to-do-if-cover-pictures-are-not-extracted-from-pdf-files
ynh_script_progression --message="Update Imagick policy..." --weight=1
ynh_replace_string --match_string="<policy domain="coder" rights="none" pattern="PDF" />" \
--replace_string="<policy domain="coder" rights="read" pattern="PDF" />" \
--target_file="/etc/ImageMagick-6/policy.xml"
#=================================================
# SETUP LOGROTATE
#=================================================
# Use logrotate to manage app-specific logfile(s)
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
ynh_use_logrotate --logfile="$log_file" --nonappend
ynh_use_logrotate --logfile="$access_log_file" --nonappend
#=================================================
# SETUP SYSTEMD
#=================================================
# Create a dedicated systemd config
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions on app files
chown -R $app: $install_dir
chown -R $app: /opt/kepubify/$app
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
yunohost service add $app --description="Browse eBook in the web" --log="$log_file"
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
# Make sure a log file exists (mostly for CI tests)
if [ ! -f "$log_file" ]; then
touch "$log_file"
chown $app: "$log_file"
fi
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*LDAP Login failed for user .* IP-address: <HOST>.*$" --max_retry=5
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=2
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting Gevent server on" -t 30
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last
Reference in a new issue View git blame Copy permalink