1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/domoticz_ynh.git synced 2024-09-03 18:26:17 +02:00
domoticz_ynh/scripts/upgrade
2023-08-07 22:25:26 +02:00

324 lines
12 KiB
Bash
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
version_gt() {
test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1";
}
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app="$YNH_APP_INSTANCE_NAME"
domain=$(ynh_app_setting_get --app="$app" --key=domain)
path_url=$(ynh_app_setting_get --app="$app" --key=path)
final_path=$(ynh_app_setting_get --app="$app" --key=final_path)
port=$(ynh_app_setting_get --app="$app" --key=port)
current_OS=$(ynh_app_setting_get --app="$app" --key=OS)
current_mach=$(ynh_app_setting_get --app="$app" --key=mach)
api_path=$(ynh_app_setting_get --app="$app" --key=api_path)
mqtt_domain=$(ynh_app_setting_get --app="$app" --key=mqtt_domain)
mqtt_port=$(ynh_app_setting_get --app="$app" --key=mqtt_port)
mqtt_websocket_port=$(ynh_app_setting_get --app="$app" --key=mqtt_websocket_port)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Ugly hack so that previous version backup script from "https://github.com/anubister/domoticz_ynh" works :
# It creates a dummy file in /etc/cron.d so that the backup do not fail.
current_upstream_version=$(ynh_app_upstream_version --manifest="/etc/yunohost/apps/$app/manifest.json")
current_package_version=$(ynh_app_package_version --manifest="/etc/yunohost/apps/$app/manifest.json")
if version_gt "4.9701" "$current_upstream_version" && version_gt "2" "$current_package_version" ; then
touch /etc/cron.d/"$app"
fi
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
#remove ugly hack
if [ -f /etc/cron.d/"$app" ]; then
rm /etc/cron.d/"$app"
fi
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=2
ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
#Store OS and machine (to be used in restore script)
if [ -z "$current_OS" ]; then
ynh_app_setting_set --app="$app" --key=OS --value="$OS"
fi
if [ -z "$current_mach" ]; then
ynh_app_setting_set --app="$app" --key=mach --value="$MACH"
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/"$app"
ynh_app_setting_set --app="$app" --key=final_path --value="$final_path"
fi
#Create a dedicated path for the api access
if [ -z "$api_path" ]; then
if [ "$path_url" == "/" ]; then
api_path=/api_/"$app"
else
api_path=/api_"$path_url"
fi
ynh_app_setting_set --app="$app" --key=api_path --value="$api_path"
fi
#Create a dedicated path for the mqtt access
if [ -z "$mqtt_domain" ]; then
ynh_print_info --message="Mosquitto, a mqtt server, can now be installed during upgrade, pleaser refer to package documentation to activate it"
fi
#Port to listen for MQTT internal
if [[ -z "$mqtt_port" && ! -z "$mqtt_domain" ]]; then
mqtt_port=$(ynh_find_port --port="$default_mqtt_port")
ynh_app_setting_set --app="$app" --key=mqtt_port --value="$mqtt_port"
fi
#Port to listen for MQTT websocket
if [[ -z "$mqtt_websocket_port" && ! -z "$mqtt_domain" ]]; then
mqtt_websocket_port=$(ynh_find_port --port="$default_mqtt_websocket_port")
ynh_app_setting_set --app="$app" --key=mqtt_websocket_port --value="$mqtt_websocket_port"
fi
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app="$app" --key=is_public
fi
# Create the permission "domoticz_API" only if it doesn't exist.
if ! ynh_permission_exists --permission="domoticz_API"
then
# API Authorization with dedicated URL
ynh_permission_create --permission="domoticz_API" --label="api" --url="$domain$api_path" --allowed="visitors" --show_tile="false" --protected="true"
fi
# Create the permission "domoticz_MQTT" only if it doesn't exist.
if [ ! -z "$mqtt_domain" ]; then
if ! ynh_permission_exists --permission="domoticz_MQTT"
then
# API Authorization with dedicated URL
ynh_permission_create --permission="domoticz_MQTT" --label="MQTT" --url="$mqtt_domain" --allowed="visitors" --show_tile="false" --protected="true"
fi
fi
#remove unwanted log folder
if [ -d "/var/log/$app/$app" ]; then
ynh_secure_remove "/var/log/$app/$app"
fi
#remove the authentication header preventing login from 2023.2 and 11.2.3 onward
ynh_permission_url --permission="main" --auth_header=false
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username="$app" --home_dir="$final_path"
#allow user to access USB / serial port to communicate with tools (RFXtrx, Z-wave dongle, etc.) & i2c bus
if grep dialout -q < /etc/group; then
usermod -a -G dialout "$app"
fi
if grep i2c -q < /etc/group; then
usermod -a -G i2c "$app"
fi
if grep gpio -q < /etc/group; then
usermod -a -G gpio "$app"
fi
#allow app user to restart service on startup
ynh_add_config --template="../conf/sudoer" --destination="/etc/sudoers.d/$app"
chmod 440 /etc/sudoers.d/"$app"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=15
# Download, check integrity, uncompress and patch the source from app.src
ynh_add_config --template="../conf/app.src.default" --destination="../conf/app.src"
ynh_setup_source --dest_dir="$final_path"
#Create the database file
if [ ! -f "$final_path"/domoticz.db ]; then
touch "$final_path"/domoticz.db
chmod 644 "$final_path"/domoticz.db
fi
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R "$app":"$app" "$final_path"
#=================================================
# SET MOSQUITTO SETTINGS
#=================================================
if [ ! -z "$mqtt_domain" ]; then
ynh_script_progression --message="Setting up mosquitto..." --weight=5
#Installing packages
ynh_install_extra_app_dependencies --repo="deb https://repo.mosquitto.org/debian buster main" --package="$extra_pkg_dependencies" --key="http://repo.mosquitto.org/debian/mosquitto-repo.gpg.key"
#Setting up conf file for access
if [ ! -f "/etc/mosquitto/conf.d/"$app"_mosquitto.conf" ]
then
ynh_add_config --template="../conf/domoticz_mosquitto.conf" --destination="/etc/mosquitto/conf.d/"$app"_mosquitto.conf"
chmod 644 /etc/mosquitto/conf.d/"$app"_mosquitto.conf
#Setting up user&pwd for mqtt access
ynh_app_setting_set --app="$app" --key=mqtt_user --value=$(ynh_string_random --length=8)
ynh_app_setting_set --app="$app" --key=mqtt_pwd --value=$(ynh_string_random)
echo $(ynh_app_setting_get --app="$app" --key=mqtt_user):$(ynh_app_setting_get --app="$app" --key=mqtt_pwd) > "/etc/mosquitto/conf.d/"$app"_credentials"
mosquitto_passwd -U "/etc/mosquitto/conf.d/"$app"_credentials"
ynh_print_info --message="The credential to the mosquitto server has been saved in the settings of the app"
fi
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..."
[[ ! -z "$mqtt_domain" ]] && ynh_add_config --template="../conf/mqtt_nginx.conf" --destination="/etc/nginx/conf.d/"$mqtt_domain".d/mqtt_"$app".conf"
#Set Hook for nginx domain
cp -R ../sources/hooks/conf_regen/95-nginx_domoticz /usr/share/yunohost/hooks/conf_regen/
yunohost tools regen-conf nginx
# Create a dedicated NGINX config
if [[ ! -f "/etc/nginx/conf.d/"$domain".d/api_"$app".conf" ]]
then
ynh_print_warn --message="The nginx conf file will now be splitted between standard and api related path"
ynh_print_warn --message="Report any manual changes on the new /etc/nginx/conf.d/$domain.d/api_$app.conf file for json command to keep working"
ynh_add_config --template="api_nginx.conf" --destination="/etc/nginx/conf.d/"$domain".d/api_"$app".conf"
fi
ynh_add_nginx_config
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=5
ynh_install_app_dependencies "$pkg_dependencies"
#=================================================
# SPECIFIC UPGRADE
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..."
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..."
mkdir -p /var/log/"$app"
chown -R domoticz: /var/log/"$app"
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --logfile="/var/log/$app" --non-append
[[ ! -z "$mqtt_domain" ]] && ynh_use_logrotate --logfile="/var/log/mosquitto"
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
# Make sure a log file exists (mostly for CI tests)
log_file=/var/log/$app/$app.log
if [ ! -f "$log_file" ]; then
touch "$log_file"
chown $app: "$log_file"
fi
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed login attempt from <HOST>.*$" --max_retry=5
ynh_print_info --message="If you wish for Fail2ban to work, set up your local address in Setup/Settings/System/Local Networks as per documentation"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add "$app" --description="Domotique open sources" --log="/var/log/$app/$app.log"
[[ ! -z "$mqtt_domain" ]] && yunohost service add mosquitto --description="Serveur MQTT pour domoticz" --log="/var/log/mosquitto/mosquitto.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name="$app" --action="start"
#Restarting mosquitto to take changes from /etc/mosquitto/conf.d/*.conf into account
[[ ! -z "$mqtt_domain" ]] && ynh_systemd_action --service_name=mosquitto --action="restart"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last