mirror of
https://github.com/YunoHost-Apps/cesium_ynh.git
synced 2024-09-03 18:06:25 +02:00
132 lines
4.2 KiB
Bash
132 lines
4.2 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# LOAD SETTINGS
|
|
#=================================================
|
|
ynh_script_progression --message="Loading installation settings..."
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
|
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
|
|
|
#=================================================
|
|
# CHECK VERSION
|
|
#=================================================
|
|
|
|
upgrade_type=$(ynh_check_app_version_changed)
|
|
|
|
#=================================================
|
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
#=================================================
|
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
|
|
|
|
# Backup the current version of the app
|
|
ynh_backup_before_upgrade
|
|
ynh_clean_setup () {
|
|
# restore it if the upgrade fails
|
|
ynh_restore_upgradebackup
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
#=================================================
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
#=================================================
|
|
ynh_script_progression --message="Ensuring downward compatibility..."
|
|
|
|
# If final_path doesn't exist, create it
|
|
if [ -z "$final_path" ]; then
|
|
final_path=/var/www/$app
|
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
|
fi
|
|
|
|
# Cleaning legacy permissions
|
|
if ynh_legacy_permissions_exists; then
|
|
ynh_legacy_permissions_delete_all
|
|
|
|
ynh_app_setting_delete --app=$app --key=is_public
|
|
fi
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
ynh_script_progression --message="Making sure dedicated system user exists..."
|
|
|
|
# Create a dedicated user (if not existing)
|
|
ynh_system_user_create --username=$app --home_dir="$final_path"
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
|
|
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
|
then
|
|
ynh_script_progression --message="Upgrading source files..."
|
|
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source --dest_dir="$final_path"
|
|
fi
|
|
|
|
chmod 750 "$final_path"
|
|
chmod -R o-rwx "$final_path"
|
|
chown -R $app:www-data "$final_path"
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading NGINX web server configuration..."
|
|
|
|
# Create a dedicated nginx config
|
|
ynh_add_nginx_config
|
|
|
|
if [ "$path_url" != "/" ]
|
|
then
|
|
ynh_replace_string "^#sub_path_only" "" "/etc/nginx/conf.d/$domain.d/$app.conf"
|
|
fi
|
|
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
ynh_script_progression --message="Securing files and directories..."
|
|
|
|
# Set permissions on app files
|
|
chown -R www-data: $final_path
|
|
|
|
#=================================================
|
|
# SETUP SSOWAT
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading configuring permissions..."
|
|
|
|
# If app is public, add url to SSOWat conf as skipped_uris and read-only mode
|
|
if [[ $is_public -eq 1 ]]; then
|
|
# unprotected_uris allows SSO credentials to be passed anyway.
|
|
ynh_permission_update --permission="main" --add="visitors"
|
|
# activate read-only
|
|
ynh_replace_string --match_string='"readonly": false,' --replace_string='"readonly": true,' --target_file="$final_path/config.js"
|
|
fi
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
ynh_script_progression --message="Reloading NGINX web server..."
|
|
|
|
ynh_systemd_action --service_name=nginx --action=reload
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression --message="Upgrade of $app completed"
|