From 27f423a59a522c6edcd32ae9510f79d30be63058 Mon Sep 17 00:00:00 2001
From: Krakinou <misterl56@hotmail.com>
Date: Sun, 8 Nov 2020 15:24:23 +0100
Subject: [PATCH] Allow internal upgrade

---
 README.md       |  2 +-
 README_fr.md    |  2 +-
 check_process   |  4 ++--
 conf/nginx.conf | 11 ++++++++++-
 conf/sudoer     | 14 ++++++++++++++
 scripts/backup  |  1 +
 scripts/install |  7 ++++++-
 scripts/remove  |  4 ++++
 scripts/restore |  7 +++++++
 scripts/upgrade | 21 ++++++++++++++++++---
 10 files changed, 64 insertions(+), 9 deletions(-)
 create mode 100644 conf/sudoer

diff --git a/README.md b/README.md
index 46d5691..7ef9594 100644
--- a/README.md
+++ b/README.md
@@ -32,7 +32,7 @@ For example this system can be used with:
 
 
 **Shipped version:** Always the last stable one. The last compiled version is retrieved from [this directory](https://releases.domoticz.com/releases/?dir=./beta)
-Once installed, updates from the uptream app are managed from within the app.
+Once installed, **updates from the uptream app are managed from within the app.**. Yunohost upgrade script will only upgrade the Yunohost package. 
 
 
 ## Configuration
diff --git a/README_fr.md b/README_fr.md
index 3dbff61..1bfe91f 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -31,7 +31,7 @@ Il peut par exemple être utilisé avec :
 -Et bien d'autres
 
 **Version incluse :** Toujours la dernière version stable. La dernière version compilée est récupérée dans [ce répertoire](https://releases.domoticz.com/releases/?dir=./beta)
-
+Une fois installée, **les mises à jour de l'application sont gérées depuis les menus de l'application elle même.**. Le script de mise à jour Yunohost mettra uniquement à jour de nouvelles version du package.
 
 ## Configuration
 
diff --git a/check_process b/check_process
index 6906375..3ab463d 100644
--- a/check_process
+++ b/check_process
@@ -13,11 +13,11 @@
 		pkg_linter=1
 		setup_sub_dir=1
 		setup_root=1
-		setup_nourl=1
+		setup_nourl=0
 		setup_private=1
 		setup_public=1
 		upgrade=1
-#		upgrade=1	from_commit=CommitHash
+#		upgrade=1	from_commit=
 		backup_restore=1
 		multi_instance=0
 		port_already_use=1
diff --git a/conf/nginx.conf b/conf/nginx.conf
index 280fee7..d86660b 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -3,9 +3,18 @@ location __PATH__/ {
 
   # Path to source
   #alias __FINALPATH__/ ;
+  proxy_http_version            1.1;
+  proxy_read_timeout            90;
+  proxy_set_header        X-Real-IP $remote_addr;
+  proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+  proxy_set_header        X-Forwarded_Proto $scheme;
+  proxy_set_header              X-Scheme $scheme;
+  proxy_set_header              Upgrade $http_upgrade;
+  proxy_set_header              Connection $connection_upgrade;
+  add_header                            X-Frame-Options SAMEORIGIN;
   proxy_pass http://localhost:__PORT__/;
   proxy_set_header Host $host;
-  proxy_buffering off;
+  #proxy_buffering off;
   
 
   # Force usage of https
diff --git a/conf/sudoer b/conf/sudoer
new file mode 100644
index 0000000..09e5800
--- /dev/null
+++ b/conf/sudoer
@@ -0,0 +1,14 @@
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# Use 'visudo -f /etc/sudoers.d/domoticz' to do so.
+#
+# See the man page for details on how to write a sudoers file.
+
+#This file allow domoticz user to restart the service while upgrading the application with the upstream internal updater
+
+#alias for command to restart service (will be used during upgrade)
+Cmnd_Alias RESTART_CMD = /sbin/service __APP__.sh restart
+
+#authorized app user to run restart command
+__APP__ ALL=(ALL) NOPASSWD: RESTART_CMD
\ No newline at end of file
diff --git a/scripts/backup b/scripts/backup
index d742a42..2a8c212 100755
--- a/scripts/backup
+++ b/scripts/backup
@@ -60,6 +60,7 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 
 ynh_backup --src_path="/etc/logrotate.d/$app"
+ynh_backup --src_path="/etc/sudoers.d/$app"
 
 #=================================================
 # BACKUP SYSTEMD
diff --git a/scripts/install b/scripts/install
index 4f01c0d..03a45a3 100755
--- a/scripts/install
+++ b/scripts/install
@@ -111,6 +111,12 @@ ynh_script_progression --message="Configuring system user..." --weight=1
 # Create a system user
 ynh_system_user_create --username=$app
 
+#allow app user to restart service on startup
+cp ../conf/sudoer ../conf/$app.conf
+ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/$app.conf"
+mv ../conf/$app.conf /etc/sudoers.d/$app
+chmod 440 /etc/sudoers.d/$app
+
 #=================================================
 # SPECIFIC SETUP
 #=================================================
@@ -120,7 +126,6 @@ ynh_system_user_create --username=$app
 mkdir -p /var/log/$app
 chown -R domoticz: /var/log/$app
 
-
 #=================================================
 # SETUP SYSTEMD
 #=================================================
diff --git a/scripts/remove b/scripts/remove
index 4cc4d8e..942dcff 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -92,9 +92,13 @@ ynh_secure_remove --file="/var/log/$app/"
 #=================================================
 ynh_script_progression --message="Removing the dedicated system user..." --weight=1
 
+#Delete the sudoer file
+ynh_secure_remove --file="/etc/sudoers.d/$app"
+
 # Delete a system user
 ynh_system_user_delete --username=$app
 
+
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/restore b/scripts/restore
index bc8cfdc..19f875b 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -43,6 +43,9 @@ ynh_webpath_available --domain=$domain --path_url=$path_url \
 	|| ynh_die --message="Path not available: ${domain}${path_url}"
 test ! -d $final_path \
 	|| ynh_die --message="There is already a directory: $final_path "
+#As we are downloading compiled binaries for each system, we have to check if the restore occurs
+#on the same system type. If we are restoring on another system type it won't work and in that
+#case we must go through a reinstall process.
 test "$backup_OS" = "$OS" \
 	|| ynh_die --message="Cannot restore : previous OS is $backup_OS, current OS is $OS, please reinstall"
 test "$backup_mach" = "$MACH" \
@@ -71,6 +74,10 @@ ynh_script_progression --message="Recreating the dedicated system user..." --wei
 # Create the dedicated user (if not existing)
 ynh_system_user_create --username=$app
 
+#Restore user authorization to restart server
+ynh_restore_file --origin_path="/etc/sudoers.d/$app"
+
+
 #=================================================
 # RESTORE USER RIGHTS
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 6c6a227..2442389 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -25,7 +25,8 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
 is_public=$(ynh_app_setting_get --app=$app --key=is_public)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 port=$(ynh_app_setting_get --app=$app --key=port)
-#language=$(ynh_app_setting_get --app=$app --key=language)
+current_OS=$(ynh_app_setting_get --app=$app --key=OS)
+current_mach=$(ynh_app_setting_get --app=$app --key=mach)
 
 #=================================================
 # CHECK VERSION
@@ -53,12 +54,20 @@ elif [ "$is_public" = "No" ]; then
 	ynh_app_setting_set --app=$app --key=is_public --value=0
 	is_public=0
 #Previous domoticz version did not have public/private settings 
-elif [ -z "is_public" ]; then
+elif [ -z "$is_public" ]; then
 	ynh_app_setting_set --app=$app --key=is_public --value=1
 	is_public=1
-	ynh_print_warn --message="Application is set as public, if you require to set it as private, please use the authorization config panel in Users/Manage Groups and permissions"
+	ynh_print_warn --message="Application was set as public in the previous version,meaning it's available without authentifaction."
+	ynh_print_warn --message="if you require to set it as private, please use the authorization config panel in Users/Manage Groups and permissions"
 fi
 
+#Store OS and machine (to be used in restore script)
+if [ -z "$current_OS" ]; then
+	ynh_app_setting_set --app=$app --key=OS --value=$OS
+fi
+if [ -z "$current_mach" ]; then
+	ynh_app_setting_set --app=$app --key=mach --value=$MACH
+fi
 
 # If final_path doesn't exist, create it
 if [ -z "$final_path" ]; then
@@ -159,6 +168,12 @@ ynh_script_progression --message="Making sure dedicated system user exists..."
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app
 
+#allow app user to restart service on startup
+cp ../conf/sudoer ../conf/$app.conf
+ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/$app.conf"
+mv ../conf/$app.conf /etc/sudoers.d/$app
+chmod 440 /etc/sudoers.d/$app
+
 #=================================================
 # SPECIFIC UPGRADE
 #=================================================