From feba478177fdb78c9e55fc1e9b6d646e5532f977 Mon Sep 17 00:00:00 2001 From: Gofannon Date: Fri, 15 Jun 2018 15:16:42 +0200 Subject: [PATCH] [enh] refactor 'backup' and 'upgrade' scripts --- scripts/backup | 89 ++++++++++--- scripts/upgrade | 337 ++++++++++++++++++++++++++++++------------------ 2 files changed, 282 insertions(+), 144 deletions(-) diff --git a/scripts/backup b/scripts/backup index fe7ddd8..873cbb0 100755 --- a/scripts/backup +++ b/scripts/backup @@ -1,23 +1,80 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Get multi-instances specific variables -app=$YNH_APP_INSTANCE_NAME - -# Source app helpers +if [ ! -e _common.sh ]; then + # Get the _common.sh file if it's not in the current directory + cp ../settings/scripts/_common.sh ./_common.sh + chmod a+rx _common.sh +fi +source _common.sh source /usr/share/yunohost/helpers -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= -# Copy the app files -final_path="/var/www/${app}" -ynh_backup "$final_path" "sources" 1 +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors -# Copy the nginx conf files -ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf" -# Copy the php-fpm conf files -ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf" -ynh_backup "/etc/php5/fpm/conf.d/20-${app}.ini" "php-fpm.ini" \ No newline at end of file +#================================================= +# LOAD SETTINGS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +final_path=$(ynh_app_setting_get $app final_path) +domain=$(ynh_app_setting_get $app domain) + +#================================================= +# STANDARD BACKUP STEPS +#================================================= +# BACKUP THE APP MAIN DIR +#================================================= + +# TODO taken from old "backup" script +#ynh_backup "$final_path" "sources" 1 +ynh_backup "$final_path" + +#================================================= +# BACKUP THE NGINX CONFIGURATION +#================================================= + +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# BACKUP THE PHP-FPM CONFIGURATION +#================================================= + +ynh_backup "/etc/php5/fpm/pool.d/$app.conf" +ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini" + +#================================================= +# BACKUP THE MYSQL DATABASE +#================================================= + +ynh_mysql_dump_db "$db_name" > db.sql + +#================================================= +# SPECIFIC BACKUP +#================================================= +# BACKUP LOGROTATE +#================================================= + +ynh_backup "/etc/logrotate.d/$app" + +#================================================= +# BACKUP SYSTEMD +#================================================= + +ynh_backup "/etc/systemd/system/$app.service" + +#================================================= +# BACKUP THE CRON FILE +#================================================= + +ynh_backup "/etc/cron.d/$app" diff --git a/scripts/upgrade b/scripts/upgrade index 4f66a04..bc2bd54 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,128 +1,209 @@ -#!/bin/bash - -# Exit on command errors and treat unset variables as an error -set -eu - -if [ ! -e .fonctions ]; then - # Get file fonction if not been to the current directory - sudo cp ../settings/scripts/.fonctions ./.fonctions - sudo chmod a+rx .fonctions -fi -# Loads the generic functions usually used in the script -source .fonctions -# Source app helpers -source /usr/share/yunohost/helpers - -# This is a multi-instance app, meaning it can be installed several times independently -# The id of the app as stated in the manifest is available as $YNH_APP_ID -# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) -# The app instance name is available as $YNH_APP_INSTANCE_NAME -# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -# - ynhexample__{N} for the subsequent installations, with N=3,4, ... -# The app instance name is probably what you are interested the most, since this is -# guaranteed to be unique. This is a good unique identifier to define installation path, -# db names, ... -app=$YNH_APP_INSTANCE_NAME - -# Retrieve app settings -domain=$(ynh_app_setting_get $app domain) -path=$(ynh_app_setting_get $app path) -admin=$(ynh_app_setting_get $app admin) -is_public=$(ynh_app_setting_get $app is_public) -multisite=$(ynh_app_setting_get $app multisite) - -# Remove trailing slash to path -path=${path%/} -#force location to be / or /foo -location=${path:-/} - -# admin default value, if not set -if [ -z "$admin" ]; -then - admin=$(sudo yunohost user list | grep 'username' -m1 | awk '{print $2}') - sudo ynh_app_setting_set $app is_public -v "$is_public" -fi - -# Create system user dedicace for this app -ynh_system_user_create $app - -# Modify dokuwiki conf -sed -i "s@YNH_ADMIN_USER@$admin@g" ../conf/dokuwiki.php - -# Copy files to the right place -final_path=/var/www/$app -sudo mkdir -p $final_path - -# Get source -SETUP_SOURCE - -sudo cp ../conf/dokuwiki.php $final_path/conf - -# Do not override ACL configuration file -if [ ! -f "$final_path/conf/acl.auth.php" ]; then - sudo cp ../conf/acl.auth.php $final_path/conf -fi - -# Remove upgrade notification -# See https://www.dokuwiki.org/update_check -sudo touch $final_path/doku.php - -# Remove deleted files -# See https://www.dokuwiki.org/install:unused_files -if [ -f "../sources/data/deleted.files" ]; then - grep -Ev '^($|#)' ../sources/data/deleted.files | xargs -I {} sudo rm -vrf $final_path/{} -fi - -# Change owner for all plugins -sudo chmod -R 755 $final_path/lib/plugins - -# Update all plugins -for name_plugin in $(sudo -s cat $final_path/lib/plugins/*/plugin.info.txt | grep url | awk -F':' '{print $3}'); -do - # Get a official plugin for dokuwiki, not update a no-official - sudo wget -nv --quiet "https://github.com/splitbrain/dokuwiki-plugin-${name_plugin}/zipball/master" -O "${name_plugin}.zip" -o /dev/null || true - if [ -s "${name_plugin}.zip" ]; then - sudo unzip ${name_plugin}.zip - sudo cp -a splitbrain-dokuwiki-plugin-${name_plugin}*/. "${final_path}/lib/plugins/${name_plugin}/" - fi -done - -# Files owned by www-data can just read -sudo chown -R root: $final_path - -# except for conf, data, some data subfolders, and lib/plugin, where dokuwiki must have write permissions -if [ -d "${final_path}/data/media" ]; then - sudo chown -R $app:root $final_path/{data/attic,data/cache,data/index,data/locks,data/media*,data/meta,data/pages,data/tmp} -fi -sudo chown -R $app:root $final_path/{conf,data,lib/plugins,lib/tpl} -sudo chmod -R 700 $final_path/conf -sudo chmod -R 700 $final_path/data -sudo chmod -R 755 $final_path/lib/plugins -sudo chmod 755 $final_path/lib/tpl/{dokuwiki,dokuwiki/images} - -# Modify Nginx configuration file and copy it to Nginx conf directory -sudo sed -i "s@__PATHTOCHANGE__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf -sudo sed -i "s@__FINALPATH__@$final_path@g" /etc/nginx/conf.d/$domain.d/$app.conf -# sudo sed -i "s@__NAMETOCHANGE__@$app@g" /etc/nginx/conf.d/$domain.d/$app.conf -sudo sed -i "s@fastcgi_pass unix:/var/run/php5-fpm.sock;@fastcgi_pass unix:/var/run/php5-fpm-${app}.sock;@g" /etc/nginx/conf.d/$domain.d/$app.conf - -if [ "$is_public" = "Yes" ]; -then - sudo sed -i "s@#--PRIVATE--@@g" /etc/nginx/conf.d/$domain.d/$app.conf -fi - -# Create the php-fpm pool config -POOL_FPM - -# Set ssowat config -if [ "$is_public" = "Yes" ]; then - ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen - is_public=1 -else - ynh_app_setting_set $app is_public 0 - is_public=0 -fi - -sudo systemctl reload nginx -sudo yunohost app ssowatconf \ No newline at end of file +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get $app domain) +path_url=$(ynh_app_setting_get $app path) +admin=$(ynh_app_setting_get $app admin) +is_public=$(ynh_app_setting_get $app is_public) +final_path=$(ynh_app_setting_get $app final_path) + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= + +# Fix is_public as a boolean value +if [ "$is_public" = "Yes" ]; then + ynh_app_setting_set $app is_public 1 + is_public=1 +elif [ "$is_public" = "No" ]; then + ynh_app_setting_set $app is_public 0 + is_public=0 +fi + +# If final_path doesn't exist, create it +if [ -z $final_path ]; then + final_path=/var/www/$app + ynh_app_setting_set $app final_path $final_path +fi + +# TODO Not sure if still needed ?? +# admin default value, if not set +if [ -z "$admin" ]; then + admin=$(sudo yunohost user list | grep 'username' -m1 | awk '{print $2}') + sudo ynh_app_setting_set $app is_public -v "$is_public" +fi + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK THE PATH +#================================================= + +# Normalize the URL path syntax +path_url=$(ynh_normalize_url_path $path_url) + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Create a dedicated nginx config +ynh_add_nginx_config + +#================================================= +# CREATE DEDICATED USER +#================================================= + +# Create a system user +ynh_system_user_create $app + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= + +# Create a dedicated php-fpm config +ynh_add_fpm_config + +#================================================= +# SPECIFIC UPGRADE +#================================================= + +# TODO Taken from old "upgrade" script. Should check if it is needed and what it does +if [ -d "${final_path}/data/media" ]; then + sudo chown -R $app:root $final_path/{data/attic,data/cache,data/index,data/locks,data/media*,data/meta,data/pages,data/tmp} +fi + +# Modify dokuwiki conf +#sed -i "s@YNH_ADMIN_USER@$admin@g" ../conf/dokuwiki.php +ynh_replace_string "YNH_ADMIN_USER" "$admin" "../conf/dokuwiki.php" +sudo cp ../conf/dokuwiki.php $final_path/conf + +# Do not override ACL configuration file +if [ ! -f "$final_path/conf/acl.auth.php" ]; then + sudo cp ../conf/acl.auth.php $final_path/conf +fi + +# Remove upgrade notification +# See https://www.dokuwiki.org/update_check +sudo touch $final_path/doku.php + +# Remove deleted files +# See https://www.dokuwiki.org/install:unused_files +if [ -f "../sources/data/deleted.files" ]; then + grep -Ev '^($|#)' ../sources/data/deleted.files | xargs -I {} sudo rm -vrf $final_path/{} +fi + +# Update all plugins +for name_plugin in $(sudo -s cat $final_path/lib/plugins/*/plugin.info.txt | grep url | awk -F':' '{print $3}'); +do + # Get a official plugin for dokuwiki, not update a no-official + sudo wget -nv --quiet "https://github.com/splitbrain/dokuwiki-plugin-${name_plugin}/zipball/master" -O "${name_plugin}.zip" -o /dev/null || true + if [ -s "${name_plugin}.zip" ]; then + sudo unzip ${name_plugin}.zip + sudo cp -a splitbrain-dokuwiki-plugin-${name_plugin}*/. "${final_path}/lib/plugins/${name_plugin}/" + fi +done + +#================================================= + +# Verify the checksum and backup the file if it's different +ynh_backup_if_checksum_is_different "$final_path/CONFIG_FILE" +# Recalculate and store the config file checksum into the app settings +ynh_store_file_checksum "$final_path/CONFIG_FILE" + +#================================================= +# SETUP LOGROTATE +#================================================= + +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append + +#================================================= +# SETUP SYSTEMD +#================================================= + +# Create a dedicated systemd config +ynh_add_systemd_config + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Files owned by dokuwiki can just read +chown -R root: $final_path + +# except for conf, data, some data subfolders, and lib/plugin, where dokuwiki must have write permissions +#TODO compare rights with install script !!! +# Install script : +#sudo chown -R $app:root $final_path/{conf,data,data/attic,data/cache,data/index,data/locks,data/media*,data/meta,data/pages,data/tmp,lib/plugins,lib/tpl} + +sudo chown -R $app:root $final_path/{conf,data,lib/plugins,lib/tpl} +sudo chmod -R 700 $final_path/conf +sudo chmod -R 700 $final_path/data +sudo chmod -R 755 $final_path/lib/plugins +sudo chmod 755 $final_path/lib/tpl/{dokuwiki,dokuwiki/images} + + +#================================================= +# SETUP SSOWAT +#================================================= + +if [ $is_public -eq 0 ] +then # Remove the public access + ynh_app_setting_delete $app skipped_uris +fi +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway + ynh_app_setting_set $app unprotected_uris "/" +fi + +# TODO: Still needed ?? +#if [ "$is_public" = "Yes" ]; +#then +# sudo sed -i "s@#--PRIVATE--@@g" /etc/nginx/conf.d/$domain.d/$app.conf +#fi + +#================================================= +# RELOAD NGINX +#================================================= + +systemctl reload nginx +# TODO +#sudo yunohost app ssowatconf