#!/bin/bash
version_gt() {
test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1";
}
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app="$YNH_APP_INSTANCE_NAME"
domain=$(ynh_app_setting_get --app="$app" --key=domain)
path_url=$(ynh_app_setting_get --app="$app" --key=path)
final_path=$(ynh_app_setting_get --app="$app" --key=final_path)
port=$(ynh_app_setting_get --app="$app" --key=port)
current_OS=$(ynh_app_setting_get --app="$app" --key=OS)
current_mach=$(ynh_app_setting_get --app="$app" --key=mach)
api_path=$(ynh_app_setting_get --app="$app" --key=api_path)
mqtt_domain=$(ynh_app_setting_get --app="$app" --key=mqtt_domain)
mqtt_port=$(ynh_app_setting_get --app="$app" --key=mqtt_port)
mqtt_websocket_port=$(ynh_app_setting_get --app="$app" --key=mqtt_websocket_port)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Ugly hack so that previous version backup script from "https://github.com/anubister/domoticz_ynh" works :
# It creates a dummy file in /etc/cron.d so that the backup do not fail.
current_upstream_version=$(ynh_app_upstream_version --manifest="/etc/yunohost/apps/$app/manifest.json")
current_package_version=$(ynh_app_package_version --manifest="/etc/yunohost/apps/$app/manifest.json")
if version_gt "4.9701" "$current_upstream_version" && version_gt "2" "$current_package_version" ; then
touch /etc/cron.d/"$app"
fi
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
#remove ugly hack
if [ -f /etc/cron.d/"$app" ]; then
rm /etc/cron.d/"$app"
fi
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=2
ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
#Store OS and machine (to be used in restore script)
if [ -z "$current_OS" ]; then
ynh_app_setting_set --app="$app" --key=OS --value="$OS"
fi
if [ -z "$current_mach" ]; then
ynh_app_setting_set --app="$app" --key=mach --value="$MACH"
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/"$app"
ynh_app_setting_set --app="$app" --key=final_path --value="$final_path"
fi
#Create a dedicated path for the api access
if [ -z "$api_path" ]; then
if [ "$path_url" == "/" ]; then
api_path=/api_/"$app"
else
api_path=/api_"$path_url"
fi
ynh_app_setting_set --app="$app" --key=api_path --value="$api_path"
fi
#Create a dedicated path for the mqtt access
if [ -z "$mqtt_domain" ]; then
ynh_print_info --message="Mosquitto, a mqtt server, can now be installed during upgrade, pleaser refer to package documentation to activate it"
fi
#Port to listen for MQTT internal
if [[ -z "$mqtt_port" && ! -z "$mqtt_domain" ]]; then
mqtt_port=$(ynh_find_port --port="$default_mqtt_port")
ynh_app_setting_set --app="$app" --key=mqtt_port --value="$mqtt_port"
fi
#Port to listen for MQTT websocket
if [[ -z "$mqtt_websocket_port" && ! -z "$mqtt_domain" ]]; then
mqtt_websocket_port=$(ynh_find_port --port="$default_mqtt_websocket_port")
ynh_app_setting_set --app="$app" --key=mqtt_websocket_port --value="$mqtt_websocket_port"
fi
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app="$app" --key=is_public
fi
# Create the permission "domoticz_API" only if it doesn't exist.
if ! ynh_permission_exists --permission="domoticz_API"
then
# API Authorization with dedicated URL
ynh_permission_create --permission="domoticz_API" --label="api" --url="$domain$api_path" --allowed="visitors" --show_tile="false" --protected="true"
fi
# Create the permission "domoticz_MQTT" only if it doesn't exist.
if [ ! -z "$mqtt_domain" ]; then
if ! ynh_permission_exists --permission="domoticz_MQTT"
then
# API Authorization with dedicated URL
ynh_permission_create --permission="domoticz_MQTT" --label="MQTT" --url="$mqtt_domain" --allowed="visitors" --show_tile="false" --protected="true"
fi
fi
#remove unwanted log folder
if [ -d "/var/log/$app/$app" ]; then
ynh_secure_remove "/var/log/$app/$app"
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username="$app" --home_dir="$final_path"
#allow user to access USB / serial port to communicate with tools (RFXtrx, Z-wave dongle, etc.) & i2c bus
if grep dialout -q < /etc/group; then
usermod -a -G dialout "$app"
fi
if grep i2c -q < /etc/group; then
usermod -a -G i2c "$app"
fi
if grep gpio -q < /etc/group; then
usermod -a -G gpio "$app"
fi
#allow app user to restart service on startup
ynh_add_config --template="../conf/sudoer" --destination="/etc/sudoers.d/$app"
chmod 440 /etc/sudoers.d/"$app"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=15
# Download, check integrity, uncompress and patch the source from app.src
ynh_add_config --template="../conf/app.src.default" --destination="../conf/app.src"
ynh_setup_source --dest_dir="$final_path"
#Create the database file
if [ ! -f "$final_path"/domoticz.db ]; then
touch "$final_path"/domoticz.db
chmod 644 "$final_path"/domoticz.db
fi
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R "$app":"$app" "$final_path"
#=================================================
# SET MOSQUITTO SETTINGS
#=================================================
if [ ! -z "$mqtt_domain" ]; then
ynh_script_progression --message="Setting up mosquitto..." --weight=5
#Installing packages
ynh_install_extra_app_dependencies --repo="deb https://repo.mosquitto.org/debian buster main" --package="$extra_pkg_dependencies" --key="http://repo.mosquitto.org/debian/mosquitto-repo.gpg.key"
#Setting up conf file for access
if [ ! -f "/etc/mosquitto/conf.d/"$app"_mosquitto.conf" ]
then
ynh_add_config --template="../conf/domoticz_mosquitto.conf" --destination="/etc/mosquitto/conf.d/"$app"_mosquitto.conf"
chmod 644 /etc/mosquitto/conf.d/"$app"_mosquitto.conf
#Setting up user&pwd for mqtt access
ynh_app_setting_set --app="$app" --key=mqtt_user --value=$(ynh_string_random --length=8)
ynh_app_setting_set --app="$app" --key=mqtt_pwd --value=$(ynh_string_random)
echo $(ynh_app_setting_get --app="$app" --key=mqtt_user):$(ynh_app_setting_get --app="$app" --key=mqtt_pwd) > "/etc/mosquitto/conf.d/"$app"_credentials"
mosquitto_passwd -U "/etc/mosquitto/conf.d/"$app"_credentials"
ynh_print_info --message="The credential to the mosquitto server has been saved in the settings of the app"
fi
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..."
[[ ! -z "$mqtt_domain" ]] && ynh_add_config --template="../conf/mqtt_nginx.conf" --destination="/etc/nginx/conf.d/"$mqtt_domain".d/mqtt_"$app".conf"
#Set Hook for nginx domain
cp -R ../sources/hooks/conf_regen/95-nginx_domoticz /usr/share/yunohost/hooks/conf_regen/
yunohost tools regen-conf nginx
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=5
ynh_install_app_dependencies "$pkg_dependencies"
#=================================================
# SPECIFIC UPGRADE
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..."
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..."
mkdir -p /var/log/"$app"
chown -R domoticz: /var/log/"$app"
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --logfile="/var/log/$app" --non-append
[[ ! -z "$mqtt_domain" ]] && ynh_use_logrotate --logfile="/var/log/mosquitto/"
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
# Make sure a log file exists (mostly for CI tests)
log_file=/var/log/$app/$app.log
if [ ! -f "$log_file" ]; then
touch "$log_file"
chown $app: "$log_file"
fi
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed login attempt from <HOST>.*$" --max_retry=5
ynh_print_info --message="If you wish for Fail2ban to work, set up your local address in Setup/Settings/System/Local Networks as per documentation"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add "$app" --description="Domotique open sources" --log="/var/log/$app/$app.log"
[[ ! -z "$mqtt_domain" ]] && yunohost service add mosquitto --description="Serveur MQTT pour domoticz" --log="/var/log/mosquitto/mosquitto.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name="$app" --action="start"
#Restarting mosquitto to take changes from /etc/mosquitto/conf.d/*.conf into account
[[ ! -z "$mqtt_domain" ]] && ynh_systemd_action --service_name=mosquitto --action="restart"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last