YunoHost-Apps/domoticz_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/domoticz_ynh.git synced 2024-09-03 18:26:17 +02:00
Code Issues Activity Actions
domoticz_ynh/scripts/upgrade

194 lines
7.3 KiB
Bash
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
source _common.sh
source /usr/share/yunohost/helpers
ynh_script_progression "Checking version..."
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression "Stopping $app's systemd service..."
ynh_systemctl --service="$app" --action="stop"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression "Ensuring downward compatibility..."
#Store OS and machine (to be used in restore script)
if [ -z "${OS:+x}" ]; then
ynh_app_setting_-set --key=OS --value=`lowercase \`uname -s\``
fi
if [ -z "${mach:+x}" ]; then
mach=`uname -m`
ynh_app_setting_set --key=mach --value="$mach"
fi
#sudoer file for restarting is not required anymore (from 2023.1~ynh1) as upgrade is managed by the Yunohost Package
if [ -f /etc/sudoers.d/domoticz ]; then
rm /etc/sudoers.d/domoticz
fi
#Create a dedicated path for the api access
if [ -z "$api_path" ]; then
if [ "$path" == "/" ]; then
api_path=/api_/"$app"
else
api_path=/api_"$path"
fi
ynh_app_setting_set --key=api_path --value="$api_path"
fi
#Previous version did not have settings stored and
#variable may not be bound.
if [[ -z "${mqtt_domain+x}" ]]; then
mqtt_domain="$domain"
ynh_app_setting_set --key=mqtt_domain --value="$mqtt_domain"
fi
#remove unwanted log folder
if [ -d "/var/log/$app/$app" ]; then
ynh_safe_rm "/var/log/$app/$app"
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression "Checking dedicated user permissions..."
#allow user to access USB / serial port to communicate with tools (RFXtrx, Z-wave dongle, etc.) & i2c bus
if grep dialout -q < /etc/group; then
usermod -a -G dialout "$app"
fi
if grep i2c -q < /etc/group; then
usermod -a -G i2c "$app"
fi
if grep gpio -q < /etc/group; then
usermod -a -G gpio "$app"
fi
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed
if ynh_app_upstream_version_changed
then
ynh_script_progression "Upgrading source files..."
ynh_setup_source --dest_dir="$install_dir"
#Create the database file
if [ ! -f "$install_dir"/domoticz.db ]; then
touch "$install_dir"/domoticz.db
chmod 644 "$install_dir"/domoticz.db
fi
fi
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app":"$app" "$install_dir"
#=================================================
# SET MOSQUITTO SETTINGS
#=================================================
if [ "$domain" != "$mqtt_domain" ]; then
ynh_script_progression "Setting up mosquitto..."
#Setting up conf file for access
if [ ! -f "/etc/mosquitto/conf.d/${app}_mosquitto.conf" ]
then
ynh_config_add --template="domoticz_mosquitto.conf" --destination="/etc/mosquitto/conf.d/${app}_mosquitto.conf"
chmod 644 /etc/mosquitto/conf.d/"$app"_mosquitto.conf
#Setting up user&pwd for mqtt access
ynh_app_setting_set --key=mqtt_user --value=$(ynh_string_random --length=8)
ynh_app_setting_set --key=mqtt_pwd --value=$(ynh_string_random)
echo $(ynh_app_setting_get --key=mqtt_user):$(ynh_app_setting_get --key=mqtt_pwd) > "/etc/mosquitto/conf.d/${app}_credentials"
mosquitto_passwd -U "/etc/mosquitto/conf.d/${app}_credentials"
ynh_print_info "The credential to the mosquitto server has been saved in the settings of the app"
fi
else
#If no MQTT have been set, we delete the mqtt permission.
ynh_permission_delete --permission="mqtt"
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression "Upgrading NGINX web server configuration..."
[[ "$domain" != "$mqtt_domain" ]] && ynh_config_add --template="mqtt_nginx.conf" --destination="/etc/nginx/conf.d/${mqtt_domain}.d/mqtt_${app}.conf"
#Set Hook for nginx domain
cp -R ../sources/hooks/conf_regen/95-nginx_domoticz /usr/share/yunohost/hooks/conf_regen/
# Create a dedicated NGINX config
if [[ ! -f "/etc/nginx/conf.d/${domain}.d/api_${app}.conf" ]]
then
ynh_print_warn "The nginx conf file will now be splitted between standard and api related path"
ynh_print_warn "Report any manual changes on the new /etc/nginx/conf.d/$domain.d/api_$app.conf file for json command to keep working"
ynh_config_add --template="api_nginx.conf" --destination="/etc/nginx/conf.d/${domain}.d/api_${app}.conf"
fi
ynh_config_add_nginx
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression "Upgrading systemd configuration..."
# Create a dedicated systemd config
ynh_config_add_systemd
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression "Upgrading logrotate configuration..."
mkdir -p /var/log/"$app"
#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R domoticz: /var/log/"$app"
# Use logrotate to manage app-specific logfile(s)
ynh_config_add_logrotate "/var/log/$app"
[[ ! -z "$mqtt_domain" ]] && ynh_config_add_logrotate "/var/log/mosquitto"
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression "Configuring Fail2Ban..."
# Make sure a log file exists (mostly for CI tests)
log_file=/var/log/$app/$app.log
if [ ! -f "$log_file" ]; then
touch "$log_file"
chown $app: "$log_file"
fi
# Create a dedicated Fail2Ban config
ynh_config_add_fail2ban --logpath="$log_file" --failregex="^.*Error: Failed login attempt from <HOST>.*$"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression "Integrating service in YunoHost..."
yunohost service add "$app" --description="Domotique open sources" --log="/var/log/$app/$app.log"
[[ "$domain" != "$mqtt_domain" ]] && yunohost service add mosquitto --description="Serveur MQTT pour domoticz" --log="/var/log/mosquitto/mosquitto.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression "Starting $app's systemd service..."
ynh_systemctl --service="$app" --action="start"
#Restarting mosquitto to take changes from /etc/mosquitto/conf.d/*.conf into account
[[ "$domain" != "$mqtt_domain" ]] && ynh_systemctl --service=mosquitto --action="restart"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression "Upgrade of $app completed"
Reference in a new issue View git blame Copy permalink