#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) #================================================= # STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 # If fpm_footprint doesn't exist, create it if [ -z "${fpm_footprint:-}" ]; then fpm_footprint=low ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint fi # If fpm_free_footprint doesn't exist, create it if [ -z "${fpm_free_footprint:-}" ]; then fpm_free_footprint=0 ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint fi # If fpm_usage doesn't exist, create it if [ -z "${fpm_usage:-}" ]; then fpm_usage=low ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage fi # Yunohost specific configuration, if it isn't exist already # Previously, these settings were store in an unique "dokuwiki.php" # Now, they are split in multiple files to ease upgrading process (separate YunoHost config from user config) # Loading order of configuration files # # By default DokuWiki loads its configuration files in the following order: # # 1. conf/dokuwiki.php # 2. conf/local.php # 3. conf/local.protected.php # # See https://www.dokuwiki.org/plugin:config#protecting_settings # Configuration dedicated to Yunohost (LDAP and admin mainly) # Create an empty configuration file if it does not exist # This file will be overwritten anyway later in the part "# LDAP Configuration" # The file is created here to prevent a failure of the helper `ynh_backup_if_checksum_is_different` if [ ! -f "$install_dir/conf/local.protected.php" ]; then touch $install_dir/conf/local.protected.php fi # Do not overwrite existing dokuwiki configuration as it could have user customization's and settings. # Create file if it does not exist if [ ! -f "$install_dir/conf/local.php" ]; then # Set the default "language" ynh_add_config --template="../conf/local.php" --destination="$install_dir/conf/local.php" fi # Do not overwrite existing ACL configuration file as it could have user customization's and settings. # Create file if it does not exist # See https://www.dokuwiki.org/acl#background_info if [ ! -f "$install_dir/conf/acl.auth.php" ]; then ynh_add_config --template="../conf/acl.auth.php" --destination="$install_dir/conf/acl.auth.php" fi # For securing DokuWiki installation, create default files that will be writable in the "conf" folder. # Other files will be read ony and owned by root. # See https://www.dokuwiki.org/install:permissions # If file does not exists if [ ! -f "$install_dir/conf/local.php.bak" ]; then # if template exists if [ -f "$install_dir/conf/local.php.dist" ]; then # Copy template to create default file cp --archive "$install_dir/conf/local.php.dist" "$install_dir/conf/local.php.bak" fi fi if [ ! -f "$install_dir/conf/users.auth.php" ]; then if [ -f "$install_dir/conf/users.auth.php.dist" ]; then cp --archive $install_dir/conf/users.auth.php.dist $install_dir/conf/users.auth.php fi fi if [ ! -f "$install_dir/conf/plugins.local.php" ]; then cp --archive ../conf/plugins.local.php $install_dir/conf fi if [ ! -f "$install_dir/conf/plugins.local.php.bak" ]; then cp --archive ../conf/plugins.local.php $install_dir/conf/plugins.local.php.bak fi if [ ! -f "$install_dir/inc/preload.php" ]; then # if template exists if [ -f "$install_dir/inc/preload.php.dist" ]; then # Copy template to create default file cp --archive "$install_dir/inc/preload.php.dist" "$install_dir/inc/preload.php" fi fi # purge "LOGAUTHERROR PLUGIN" as not compatible and not maintained anymore # See https://www.dokuwiki.org/plugin:logautherror if [ -d "$install_dir/lib/plugins/logautherror" ]; then ynh_script_progression --message="Purge "LOGAUTHERROR PLUGIN" as not maintained anymore" --weight=1 ynh_secure_remove --file "$install_dir/lib/plugins/logautherror" fi #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." --weight=2 # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" fi chmod -R o-rwx "$install_dir" chown -R $app:www-data "$install_dir" #================================================= # REAPPLY SYSTEM CONFIGURATIONS #================================================= ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 # Create a dedicated PHP-FPM config ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # SPECIFIC UPGRADE #================================================= # UPGRADE DOKUWIKI #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading DokuWiki..." --weight=7 # Remove upgrade notification inside Dokuwiki's admin panel # See https://www.dokuwiki.org/update_check touch $install_dir/doku.php # Remove files not used anymore after upgrade # See https://www.dokuwiki.org/install:unused_files if [ -f "$install_dir/data/deleted.files" ]; then # Feed output of grep[...] line by line to 'ynh_secure_remove' # 'ynh_secure_remove' can only work file by file. Cannot work with a list # This is a (complicated) workaround this limitation while IFS= read -r line; do # Added this test to reduce the spam printed by helper to the user in the webadmin. # Should be less 'scary' to them I think # # number of messages = number of lines *2 (673 lines while writing this) ### grep --extended-regexp --invert-match '^($|#)' data/deleted.files | wc -l ### 673 # # Spam sample: #Attention : /!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time. #Info : 'inc/parser/spamcheck.php' wasn't deleted because it doesn't exist. #Attention : /!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time. #Attention : /!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time. #Info : 'lib/images/favicon.ico' wasn't deleted because it doesn't exist. #Info : 'lib/images/thumbup.gif' wasn't deleted because it doesn't exist. #Attention : /!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time. #Info : 'lib/images/toolbar/code.png' wasn't deleted because it doesn't exist. #Attention : /!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time. #Info : 'lib/images/toolbar/empty.png' wasn't deleted because it doesn't exist. if [ -f "$line" ]; then ynh_secure_remove --file "$line" fi done < <(grep --null --extended-regexp --invert-match '^($|#)' "$install_dir/data/deleted.files" | xargs --null --max-args=1 || true) # ^ ^ First < is redirection, second is process substitution. # Source: https://tldp.org/LDP/abs/html/process-sub.html # Previous attemps if someone reads this one day ###grep --extended-regexp --invert-match '^($|#)' data/deleted.files | xargs --max-args=1 rm --verbose --force --dir 2>&1 || true ###grep --extended-regexp --invert-match '^($|#)' data/deleted.files | xargs --max-args=1 ynh_secure_remove --file 2>&1 ###grep --null --extended-regexp --invert-match '^($|#)' data/deleted.files > toto.list ###xargs --null --verbose --max-args=1 --arg-file=toto.list ynh_secure_remove 2>&1 fi # TODO Taken from old "upgrade" script. Should check if it is needed and what it does # Update all plugins ###for name_plugin in $(sudo -s cat $install_dir/lib/plugins/*/plugin.info.txt | grep url | awk -F ':' '{print $3}'); ###do ### # Get a official plugin for dokuwiki, not update a no-official ### wget -nv --quiet "https://github.com/splitbrain/dokuwiki-plugin-$name_plugin/zipball/master" -O "${name_plugin}.zip" -o /dev/null || true ### if [ -s "${name_plugin}.zip" ]; then ### unzip ${name_plugin}.zip ### cp -a splitbrain-dokuwiki-plugin-${name_plugin}*/. "$install_dir/lib/plugins/$name_plugin/" ### fi ###done # if "file" exists and is executable # Stolen from https://github.com/YunoHost-Apps/grav_ynh/blob/testing/scripts/upgrade#L189 if [ -x "$install_dir/bin/plugin.php" ]; then pushd "$install_dir" ynh_exec_warn_less ynh_exec_as $app php$phpversion bin/plugin.php --no-colors extension upgrade || ynh_print_warn --message="Automatic plugin upgrade has failed, you can upgrade them from your DokuWiki admin panel." popd else ynh_print_warn --message="Automatic plugin cannot be done, you have to upgrade them from your DokuWiki admin panel." fi fi #================================================= # UPDATE A CONFIG FILE #================================================= ynh_script_progression --message="Adding a configuration file..." --weight=2 # Customize admin group in case of multiple wiki install managed by different admins # dokuwiki.admin; dokuwiki__1.admin; etc ynh_add_config --template="../conf/local.protected.php" --destination="$install_dir/conf/local.protected.php" #================================================= # GENERIC FINALIZATION #================================================= # UPGRADE FAIL2BAN #================================================= ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=7 # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path.*$" --max_retry=5 #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed" --last