2020-10-05 23:05:58 +02:00
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
2020-11-07 22:10:44 +01:00
|
|
|
|
version_gt() {
|
|
|
|
|
test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1";
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-05 23:05:58 +02:00
|
|
|
|
#=================================================
|
|
|
|
|
# GENERIC START
|
|
|
|
|
#=================================================
|
|
|
|
|
# IMPORT GENERIC HELPERS
|
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
|
|
source _common.sh
|
|
|
|
|
source /usr/share/yunohost/helpers
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
# CHECK VERSION
|
|
|
|
|
#=================================================
|
2021-08-05 02:21:46 +02:00
|
|
|
|
ynh_script_progression --message="Checking version..."
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
|
|
|
|
upgrade_type=$(ynh_check_app_version_changed)
|
|
|
|
|
|
2021-08-05 02:21:46 +02:00
|
|
|
|
#=================================================
|
|
|
|
|
# STANDARD UPGRADE STEPS
|
|
|
|
|
#=================================================
|
|
|
|
|
# STOP SYSTEMD SERVICE
|
|
|
|
|
#=================================================
|
|
|
|
|
ynh_script_progression --message="Stopping a systemd service..." --weight=2
|
|
|
|
|
|
2022-05-26 09:30:42 +02:00
|
|
|
|
ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log"
|
2021-08-05 02:21:46 +02:00
|
|
|
|
|
2020-10-05 23:05:58 +02:00
|
|
|
|
#=================================================
|
|
|
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
|
|
|
#=================================================
|
2020-11-07 10:24:19 +01:00
|
|
|
|
ynh_script_progression --message="Ensuring downward compatibility..."
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
2020-11-08 15:24:23 +01:00
|
|
|
|
#Store OS and machine (to be used in restore script)
|
2023-05-27 11:37:44 +02:00
|
|
|
|
if [ -z "$OS" ]; then
|
2022-05-26 09:30:42 +02:00
|
|
|
|
ynh_app_setting_set --app="$app" --key=OS --value="$OS"
|
2020-11-08 15:24:23 +01:00
|
|
|
|
fi
|
2023-05-27 11:37:44 +02:00
|
|
|
|
if [ -z "$mach" ]; then
|
2022-05-26 09:30:42 +02:00
|
|
|
|
ynh_app_setting_set --app="$app" --key=mach --value="$MACH"
|
2020-11-08 15:24:23 +01:00
|
|
|
|
fi
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
2023-02-27 23:24:05 +01:00
|
|
|
|
#sudoer file for restarting is not required anymore (from 2023.1~ynh1) as upgrade is managed by the Yunohost Package
|
|
|
|
|
if [ -f /etc/sudoers.d/domoticz ]; then
|
|
|
|
|
rm /etc/sudoers.d/domoticz
|
2020-10-05 23:05:58 +02:00
|
|
|
|
fi
|
|
|
|
|
|
2020-12-05 23:08:32 +01:00
|
|
|
|
#Create a dedicated path for the api access
|
|
|
|
|
if [ -z "$api_path" ]; then
|
2023-02-20 22:22:42 +01:00
|
|
|
|
if [ "$path" == "/" ]; then
|
2022-05-26 09:30:42 +02:00
|
|
|
|
api_path=/api_/"$app"
|
2020-12-06 15:46:57 +01:00
|
|
|
|
else
|
2023-02-20 22:22:42 +01:00
|
|
|
|
api_path=/api_"$path"
|
2020-12-06 15:46:57 +01:00
|
|
|
|
fi
|
2023-02-27 23:24:05 +01:00
|
|
|
|
ynh_app_setting_set --app="$app" --key=api_path --value="$api_path"
|
2020-12-05 23:08:32 +01:00
|
|
|
|
fi
|
|
|
|
|
|
2023-05-27 18:13:49 +02:00
|
|
|
|
#Previous version did not have settings stored and
|
2023-05-27 11:37:44 +02:00
|
|
|
|
#variable may not be bound.
|
|
|
|
|
mqtt_domain=$(ynh_app_setting_get --app="$app" --key=mqtt_domain)
|
|
|
|
|
if [[ -z "$mqtt_domain" ]]; then
|
2023-05-27 18:13:49 +02:00
|
|
|
|
ynh_app_setting_set --app="$app" --key=mqtt_domain --value="$domain"
|
2023-05-27 11:37:44 +02:00
|
|
|
|
fi
|
|
|
|
|
|
2022-05-22 19:15:23 +02:00
|
|
|
|
#Port to listen for MQTT internal
|
2023-05-27 11:37:44 +02:00
|
|
|
|
#first we read from manifest to ensure variable is bound
|
2023-05-27 18:13:49 +02:00
|
|
|
|
#mqtt_port=$(ynh_app_setting_get --app="$app" --key=mqtt_port)
|
2023-05-27 11:37:44 +02:00
|
|
|
|
#then we store the setting in the manifest so it is automatically loaded for other scritps
|
2023-05-27 18:13:49 +02:00
|
|
|
|
#ynh_app_setting_set --app="$app" --key=mqtt_port --value="$mqtt_port"
|
2023-05-27 11:37:44 +02:00
|
|
|
|
#then if a domain has been provided (manually for example to install mosquitto afterward), we assign a port in case it is empty.
|
2023-05-27 18:13:49 +02:00
|
|
|
|
#if [[ -z "$mqtt_port" && ! -z "$mqtt_domain" ]]; then
|
|
|
|
|
# mqtt_port=$(ynh_find_port --port="$default_mqtt_port")
|
|
|
|
|
# ynh_app_setting_set --app="$app" --key=mqtt_port --value="$mqtt_port"
|
|
|
|
|
#fi
|
2022-05-22 19:15:23 +02:00
|
|
|
|
|
|
|
|
|
#Port to listen for MQTT websocket
|
2023-05-27 11:37:44 +02:00
|
|
|
|
#first we read from manifest to ensure variable is bound
|
2023-05-27 18:13:49 +02:00
|
|
|
|
#mqtt_websocket_port=$(ynh_app_setting_get --app="$app" --key=mqtt_websocket_port)
|
2023-05-27 11:37:44 +02:00
|
|
|
|
#then we store the setting in the manifest so it is automatically loaded for other scritps
|
2023-05-27 18:13:49 +02:00
|
|
|
|
#ynh_app_setting_set --app="$app" --key=mqtt_websocket_port --value="$mqtt_websocket_port"
|
2023-05-27 11:37:44 +02:00
|
|
|
|
#then if a domain has been provided (manually for example to install mosquitto afterward), we assign a port in case it is empty.
|
2023-05-27 18:13:49 +02:00
|
|
|
|
#if [[ -z "$mqtt_websocket_port" && ! -z "$mqtt_domain" ]]; then
|
|
|
|
|
# mqtt_websocket_port=$(ynh_find_port --port="$default_mqtt_websocket_port")
|
|
|
|
|
# ynh_app_setting_set --app="$app" --key=mqtt_websocket_port --value="$mqtt_websocket_port"
|
|
|
|
|
#fi
|
2020-12-05 23:08:32 +01:00
|
|
|
|
|
2020-11-29 12:00:20 +01:00
|
|
|
|
# Create the permission "domoticz_API" only if it doesn't exist.
|
2023-05-27 11:37:44 +02:00
|
|
|
|
#if ! ynh_permission_exists --permission="domoticz_API"
|
|
|
|
|
#then
|
2020-12-06 15:46:57 +01:00
|
|
|
|
# API Authorization with dedicated URL
|
2023-05-27 11:37:44 +02:00
|
|
|
|
# ynh_permission_create --permission="domoticz_API" --label="api" --url="$domain$api_path" --allowed="visitors" --show_tile="false" --protected="true"
|
|
|
|
|
#fi
|
2020-11-29 12:00:20 +01:00
|
|
|
|
|
2022-04-24 23:58:20 +02:00
|
|
|
|
# Create the permission "domoticz_MQTT" only if it doesn't exist.
|
2023-05-27 18:13:49 +02:00
|
|
|
|
if [ "$domain" != "$mqtt_domain" ]; then
|
2023-02-27 23:24:05 +01:00
|
|
|
|
if ! ynh_permission_exists --permission="domoticz_MQTT"
|
2022-05-22 19:15:23 +02:00
|
|
|
|
then
|
|
|
|
|
# API Authorization with dedicated URL
|
2023-02-27 23:24:05 +01:00
|
|
|
|
ynh_permission_create --permission="domoticz_MQTT" --label="MQTT" --url="$mqtt_domain" --allowed="visitors" --show_tile="false" --protected="true"
|
2022-05-22 19:15:23 +02:00
|
|
|
|
fi
|
2022-04-24 23:58:20 +02:00
|
|
|
|
fi
|
|
|
|
|
|
2022-11-27 22:56:18 +01:00
|
|
|
|
#remove unwanted log folder
|
2022-12-03 12:13:54 +01:00
|
|
|
|
if [ -d "/var/log/$app/$app" ]; then
|
2022-12-02 19:20:47 +01:00
|
|
|
|
ynh_secure_remove "/var/log/$app/$app"
|
2022-11-27 22:56:18 +01:00
|
|
|
|
fi
|
2022-04-24 23:58:20 +02:00
|
|
|
|
|
2020-10-05 23:05:58 +02:00
|
|
|
|
#=================================================
|
2021-08-05 02:21:46 +02:00
|
|
|
|
# CREATE DEDICATED USER
|
2020-10-05 23:05:58 +02:00
|
|
|
|
#=================================================
|
2023-05-27 09:34:43 +02:00
|
|
|
|
ynh_script_progression --message="Checking dedicated user permissions..."
|
2020-11-07 22:10:44 +01:00
|
|
|
|
|
2021-08-05 02:21:46 +02:00
|
|
|
|
#allow user to access USB / serial port to communicate with tools (RFXtrx, Z-wave dongle, etc.) & i2c bus
|
|
|
|
|
if grep dialout -q < /etc/group; then
|
2022-05-26 09:30:42 +02:00
|
|
|
|
usermod -a -G dialout "$app"
|
2021-08-05 02:21:46 +02:00
|
|
|
|
fi
|
|
|
|
|
if grep i2c -q < /etc/group; then
|
2022-05-26 09:30:42 +02:00
|
|
|
|
usermod -a -G i2c "$app"
|
2021-08-05 02:21:46 +02:00
|
|
|
|
fi
|
|
|
|
|
if grep gpio -q < /etc/group; then
|
2022-05-26 09:30:42 +02:00
|
|
|
|
usermod -a -G gpio "$app"
|
2020-11-07 22:10:44 +01:00
|
|
|
|
fi
|
|
|
|
|
|
2020-10-05 23:05:58 +02:00
|
|
|
|
#=================================================
|
|
|
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
|
|
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
|
|
|
|
then
|
2020-11-07 10:24:19 +01:00
|
|
|
|
ynh_script_progression --message="Upgrading source files..." --weight=15
|
2023-02-20 22:22:42 +01:00
|
|
|
|
ynh_setup_source --dest_dir="$install_dir"
|
2020-11-07 10:24:19 +01:00
|
|
|
|
#Create the database file
|
2023-02-20 22:22:42 +01:00
|
|
|
|
if [ ! -f "$install_dir"/domoticz.db ]; then
|
|
|
|
|
touch "$install_dir"/domoticz.db
|
|
|
|
|
chmod 644 "$install_dir"/domoticz.db
|
2020-11-07 10:24:19 +01:00
|
|
|
|
fi
|
2020-10-05 23:05:58 +02:00
|
|
|
|
fi
|
|
|
|
|
|
2023-02-20 22:22:42 +01:00
|
|
|
|
chmod 750 "$install_dir"
|
|
|
|
|
chmod -R o-rwx "$install_dir"
|
|
|
|
|
chown -R "$app":"$app" "$install_dir"
|
2021-08-05 02:21:46 +02:00
|
|
|
|
|
2022-04-24 23:58:20 +02:00
|
|
|
|
#=================================================
|
|
|
|
|
# SET MOSQUITTO SETTINGS
|
|
|
|
|
#=================================================
|
2023-05-27 18:13:49 +02:00
|
|
|
|
if [ "$domain" != "$mqtt_domain" ]; then
|
2022-05-22 19:15:23 +02:00
|
|
|
|
ynh_script_progression --message="Setting up mosquitto..." --weight=5
|
2022-04-24 23:58:20 +02:00
|
|
|
|
|
2022-05-22 19:15:23 +02:00
|
|
|
|
#Installing packages
|
2023-02-27 23:24:05 +01:00
|
|
|
|
ynh_install_extra_app_dependencies --repo="deb https://repo.mosquitto.org/debian buster main" --package="$extra_pkg_dependencies" --key="http://repo.mosquitto.org/debian/mosquitto-repo.gpg.key"
|
2022-04-24 23:58:20 +02:00
|
|
|
|
|
2022-05-22 19:15:23 +02:00
|
|
|
|
#Setting up conf file for access
|
|
|
|
|
if [ ! -f "/etc/mosquitto/conf.d/"$app"_mosquitto.conf" ]
|
|
|
|
|
then
|
|
|
|
|
ynh_add_config --template="../conf/domoticz_mosquitto.conf" --destination="/etc/mosquitto/conf.d/"$app"_mosquitto.conf"
|
2022-05-29 18:28:35 +02:00
|
|
|
|
chmod 644 /etc/mosquitto/conf.d/"$app"_mosquitto.conf
|
2022-04-24 23:58:20 +02:00
|
|
|
|
|
2022-05-22 19:15:23 +02:00
|
|
|
|
#Setting up user&pwd for mqtt access
|
2022-05-26 09:30:42 +02:00
|
|
|
|
ynh_app_setting_set --app="$app" --key=mqtt_user --value=$(ynh_string_random --length=8)
|
|
|
|
|
ynh_app_setting_set --app="$app" --key=mqtt_pwd --value=$(ynh_string_random)
|
2023-02-27 23:24:05 +01:00
|
|
|
|
echo $(ynh_app_setting_get --app="$app" --key=mqtt_user):$(ynh_app_setting_get --app="$app" --key=mqtt_pwd) > "/etc/mosquitto/conf.d/"$app"_credentials"
|
2022-05-22 19:15:23 +02:00
|
|
|
|
mosquitto_passwd -U "/etc/mosquitto/conf.d/"$app"_credentials"
|
2022-04-24 23:58:20 +02:00
|
|
|
|
|
2022-05-22 19:15:23 +02:00
|
|
|
|
ynh_print_info --message="The credential to the mosquitto server has been saved in the settings of the app"
|
|
|
|
|
fi
|
2022-04-24 23:58:20 +02:00
|
|
|
|
fi
|
|
|
|
|
|
2020-10-05 23:05:58 +02:00
|
|
|
|
#=================================================
|
|
|
|
|
# NGINX CONFIGURATION
|
|
|
|
|
#=================================================
|
2021-08-05 02:21:46 +02:00
|
|
|
|
ynh_script_progression --message="Upgrading NGINX web server configuration..."
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
2023-05-27 18:13:49 +02:00
|
|
|
|
[[ "$domain" != "$mqtt_domain" ]] && ynh_add_config --template="../conf/mqtt_nginx.conf" --destination="/etc/nginx/conf.d/"$mqtt_domain".d/mqtt_"$app".conf"
|
2022-05-26 09:30:42 +02:00
|
|
|
|
|
2022-06-17 19:09:19 +02:00
|
|
|
|
#Set Hook for nginx domain
|
|
|
|
|
cp -R ../sources/hooks/conf_regen/95-nginx_domoticz /usr/share/yunohost/hooks/conf_regen/
|
2022-05-22 19:15:23 +02:00
|
|
|
|
|
2021-08-05 02:21:46 +02:00
|
|
|
|
# Create a dedicated NGINX config
|
2022-12-13 22:55:38 +01:00
|
|
|
|
if [[ ! -f "/etc/nginx/conf.d/"$domain".d/api_"$app".conf" ]]
|
|
|
|
|
then
|
|
|
|
|
ynh_print_warn --message="The nginx conf file will now be splitted between standard and api related path"
|
|
|
|
|
ynh_print_warn --message="Report any manual changes on the new /etc/nginx/conf.d/$domain.d/api_$app.conf file for json command to keep working"
|
2022-12-13 22:58:38 +01:00
|
|
|
|
ynh_add_config --template="api_nginx.conf" --destination="/etc/nginx/conf.d/"$domain".d/api_"$app".conf"
|
2022-12-13 22:55:38 +01:00
|
|
|
|
fi
|
2021-08-05 02:21:46 +02:00
|
|
|
|
ynh_add_nginx_config
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
# SPECIFIC UPGRADE
|
|
|
|
|
#=================================================
|
|
|
|
|
# SETUP SYSTEMD
|
|
|
|
|
#=================================================
|
2021-08-05 02:21:46 +02:00
|
|
|
|
ynh_script_progression --message="Upgrading systemd configuration..."
|
2020-11-29 12:00:20 +01:00
|
|
|
|
|
2020-10-05 23:05:58 +02:00
|
|
|
|
# Create a dedicated systemd config
|
2021-08-05 02:21:46 +02:00
|
|
|
|
ynh_add_systemd_config
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
# GENERIC FINALIZATION
|
|
|
|
|
#=================================================
|
|
|
|
|
# SETUP LOGROTATE
|
|
|
|
|
#=================================================
|
2021-08-05 02:21:46 +02:00
|
|
|
|
ynh_script_progression --message="Upgrading logrotate configuration..."
|
|
|
|
|
|
2022-05-26 09:30:42 +02:00
|
|
|
|
mkdir -p /var/log/"$app"
|
|
|
|
|
chown -R domoticz: /var/log/"$app"
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
|
|
|
|
# Use logrotate to manage app-specific logfile(s)
|
2022-12-03 10:51:22 +01:00
|
|
|
|
ynh_use_logrotate --logfile="/var/log/$app" --non-append
|
2022-12-03 12:18:01 +01:00
|
|
|
|
[[ ! -z "$mqtt_domain" ]] && ynh_use_logrotate --logfile="/var/log/mosquitto"
|
2022-05-26 09:30:42 +02:00
|
|
|
|
|
2022-11-28 23:09:34 +01:00
|
|
|
|
#=================================================
|
|
|
|
|
# SETUP FAIL2BAN
|
|
|
|
|
#=================================================
|
|
|
|
|
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
|
|
|
|
|
|
|
|
|
|
# Make sure a log file exists (mostly for CI tests)
|
|
|
|
|
log_file=/var/log/$app/$app.log
|
|
|
|
|
if [ ! -f "$log_file" ]; then
|
|
|
|
|
touch "$log_file"
|
|
|
|
|
chown $app: "$log_file"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Create a dedicated Fail2Ban config
|
|
|
|
|
ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed login attempt from <HOST>.*$" --max_retry=5
|
2023-05-27 09:34:43 +02:00
|
|
|
|
#not required in 2023.1 anymore
|
|
|
|
|
#ynh_print_info --message="If you wish for Fail2ban to work, set up your local address in Setup/Settings/System/Local Networks as per documentation"
|
2023-02-27 23:24:05 +01:00
|
|
|
|
|
2020-10-05 23:05:58 +02:00
|
|
|
|
#=================================================
|
|
|
|
|
# INTEGRATE SERVICE IN YUNOHOST
|
|
|
|
|
#=================================================
|
2021-08-05 02:21:46 +02:00
|
|
|
|
ynh_script_progression --message="Integrating service in YunoHost..."
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
2022-05-26 09:30:42 +02:00
|
|
|
|
yunohost service add "$app" --description="Domotique open sources" --log="/var/log/$app/$app.log"
|
2023-05-27 18:13:49 +02:00
|
|
|
|
[[ "$domain" != "$mqtt_domain" ]] && yunohost service add mosquitto --description="Serveur MQTT pour domoticz" --log="/var/log/mosquitto/mosquitto.log"
|
2022-05-26 09:30:42 +02:00
|
|
|
|
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
# START SYSTEMD SERVICE
|
|
|
|
|
#=================================================
|
2020-11-07 10:24:19 +01:00
|
|
|
|
ynh_script_progression --message="Starting a systemd service..." --weight=3
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
2022-05-26 09:30:42 +02:00
|
|
|
|
ynh_systemd_action --service_name="$app" --action="start"
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
2022-05-22 19:15:23 +02:00
|
|
|
|
#Restarting mosquitto to take changes from /etc/mosquitto/conf.d/*.conf into account
|
2023-05-27 18:13:49 +02:00
|
|
|
|
[[ "$domain" != "$mqtt_domain" ]] && ynh_systemd_action --service_name=mosquitto --action="restart"
|
2020-10-05 23:05:58 +02:00
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
# END OF SCRIPT
|
|
|
|
|
#=================================================
|
|
|
|
|
|
2020-11-07 10:24:19 +01:00
|
|
|
|
ynh_script_progression --message="Upgrade of $app completed" --last
|