#!/bin/bash version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) is_public=$(ynh_app_setting_get --app=$app --key=is_public) final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) current_OS=$(ynh_app_setting_get --app=$app --key=OS) current_mach=$(ynh_app_setting_get --app=$app --key=mach) api_path=$(ynh_app_setting_get --app=$app --key=api_path) #================================================= # CHECK VERSION #================================================= ### This helper will compare the version of the currently installed app and the version of the upstream package. ### $upgrade_type can have 2 different values ### - UPGRADE_APP if the upstream app version has changed ### - UPGRADE_PACKAGE if only the YunoHost package has changed ### ynh_check_app_version_changed will stop the upgrade if the app is up to date. ### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. upgrade_type=$(ynh_check_app_version_changed) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then ynh_app_setting_set --app=$app --key=is_public --value=1 is_public=1 elif [ "$is_public" = "No" ]; then ynh_app_setting_set --app=$app --key=is_public --value=0 is_public=0 #Previous domoticz version did not have public/private settings elif [ -z "$is_public" ]; then ynh_app_setting_set --app=$app --key=is_public --value=1 is_public=1 ynh_print_warn --message="Application was set as public in the previous version,meaning it's available without authentication." ynh_print_warn --message="if you require to set it as private, please use the authorization config panel in Users/Manage Groups and permissions" fi #Store OS and machine (to be used in restore script) if [ -z "$current_OS" ]; then ynh_app_setting_set --app=$app --key=OS --value=$OS fi if [ -z "$current_mach" ]; then ynh_app_setting_set --app=$app --key=mach --value=$MACH fi # If final_path doesn't exist, create it if [ -z "$final_path" ]; then final_path=/var/www/$app ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi #Create a dedicated path for the api access if [ -z "$api_path" ]; then if [ "$path_url" == "/" ]; then api_path=/api_/$app else api_path=/api_$path_url fi ynh_app_setting_set --app=$app --key=api_path --value=$api_path fi # Create the permission "domoticz_API" only if it doesn't exist. if ! ynh_permission_exists --permission="domoticz_API" then # API Authorization with dedicated URL ynh_permission_create --permission="domoticz_API" ---url="$domain$api_path" --allowed="visitors" fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=10 #ugly hack so that existing backup for previous version work current_upstream_version=$(ynh_app_upstream_version --manifest="/etc/yunohost/apps/$app/manifest.json") current_package_version=$(ynh_app_package_version --manifest="/etc/yunohost/apps/$app/manifest.json") if version_gt "4.9701" "$current_upstream_version" && version_gt "2" $current_package_version ; then touch /etc/cron.d/$app fi # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_restore_upgradebackup } #remove ugly hack if [ -f /etc/cron.d/$app ]; then rm /etc/cron.d/$app fi # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS #================================================= # STOP SYSTEMD SERVICE #================================================= ynh_script_progression --message="Stopping a systemd service..." --weight=2 ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." --weight=15 # Download, check integrity, uncompress and patch the source from app.src cp ../conf/app.src.default ../conf/app.src ynh_replace_string --match_string="__OS__" --replace_string="$OS" --target_file="../conf/app.src" ynh_replace_string --match_string="__MACH__" --replace_string="$MACH" --target_file="../conf/app.src" ynh_replace_string --match_string="__SHA256_SUM__" --replace_string="$SHA256" --target_file="../conf/app.src" ynh_setup_source --dest_dir="$final_path" #Create the database file if [ ! -f $final_path/domoticz.db ]; then touch $final_path/domoticz.db chmod 644 $final_path/domoticz.db fi fi #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=1 # Create a dedicated nginx config ynh_add_nginx_config "api_path" #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." --weight=5 ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create --username=$app #allow app user to restart service on startup cp ../conf/sudoer ../conf/$app.conf ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/$app.conf" mv ../conf/$app.conf /etc/sudoers.d/$app chmod 440 /etc/sudoers.d/$app #================================================= # SPECIFIC UPGRADE #================================================= # ... #================================================= mkdir -p /var/log/$app chown -R domoticz: /var/log/$app #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 # Create a dedicated systemd config ynh_add_systemd_config --others_var="port" #================================================= # MODIFY A CONFIG FILE #================================================= ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. #ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE" #ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE" # Recalculate and store the checksum of the file for the next upgrade. #ynh_store_file_checksum --file="$final_path/CONFIG_FILE" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions to app files #chown -R root: $final_path #Both folder and database file must be own by app user for domoticz to work and allow internal upgrade chown -R $app: $final_path #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 yunohost service add $app --description "Domotique open sources" --log "/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=3 ynh_systemd_action --service_name=$app --action="start" #================================================= # UPGRADE FAIL2BAN #================================================= #ynh_script_progression --message="Reconfiguring fail2ban..." --time --weight=1 # Create a dedicated fail2ban config #ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Upgrading SSOwat configuration..." --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway ynh_permission_update --permission "main" --add visitors fi #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading nginx web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed" --last