#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) password=$(ynh_app_setting_get --app=$app --key=password) master_key=$(ynh_app_setting_get --app=$app --key=master_key) #================================================= # CHECK VERSION #================================================= ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." # If db_name doesn't exist, create it if [ -z "$db_name" ]; then db_name=$(ynh_sanitize_dbid --db_name=$app) ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi # If final_path doesn't exist, create it if [ -z "$final_path" ]; then final_path=/var/www/$app ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi is_public=$(ynh_app_setting_get --app=$app --key=is_public) if [ -n "$is_public" ]; then ynh_app_setting_delete --app=$app --key=protected_uris # Removing skipped/unprotected_uris under certain conditions, remove the visitors group added during the migration process of 3.7 # Remove unprotected_uris. If the app was public, add visitors again to the main permission if ynh_permission_has_user --permission=main --user=visitors then ynh_app_setting_delete --app=$app --key=unprotected_uris ynh_permission_update --permission "main" --add "visitors" else ynh_app_setting_delete --app=$app --key=unprotected_uris fi ynh_app_setting_delete --app=$app --key=is_public fi if ! ynh_permission_exists --permission="admin"; then # Create the required permissions ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin fi #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create --username=$app --home_dir=$final_path #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" fi chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 # Create a dedicated PHP-FPM config ynh_add_fpm_config #================================================= # SPECIFIC UPGRADE #================================================= # UPDATE A CONFIG FILE #================================================= ynh_script_progression --message="Updating a configuration file..." php_config=$final_path/inc/config.php ynh_backup_if_checksum_is_different --file=$php_config cp $php_config.in $php_config admin_url="${path_url%/}/admin/index.php" email=$(ynh_user_get_info --username=$admin --key=mail) # Config as if we called in admin/install/wizard.php ynh_replace_string --match_string="'DC_DBDRIVER', ''" --replace_string="'DC_DBDRIVER', 'mysqli'" --target_file=$php_config ynh_replace_string --match_string="'DC_DBHOST', ''" --replace_string="'DC_DBHOST', 'localhost'" --target_file=$php_config ynh_replace_string --match_string="'DC_DBUSER', ''" --replace_string="'DC_DBUSER', '$db_user'" --target_file=$php_config ynh_replace_string --match_string="'DC_DBPASSWORD', ''" --replace_string="'DC_DBPASSWORD', '$db_pwd'" --target_file=$php_config ynh_replace_string --match_string="'DC_DBNAME', ''" --replace_string="'DC_DBNAME', '$db_name'" --target_file=$php_config ynh_replace_string --match_string="'DC_MASTER_KEY', ''" --replace_string="'DC_MASTER_KEY', '$master_key'" --target_file=$php_config ynh_replace_string --match_string="'DC_ADMIN_URL', ''" --replace_string="'DC_ADMIN_URL', 'https://$domain$admin_url'" --target_file=$php_config ynh_replace_string --match_string="'DC_ADMIN_MAILFROM', ''" --replace_string="'DC_ADMIN_MAILFROM', '$email'" --target_file=$php_config # Adding LDAP login cp ../conf/class.auth.ldap.php $final_path/inc/class.auth.ldap.php ynh_replace_string "__APP__" "$app" $final_path/inc/class.auth.ldap.php cat << EOF >> $php_config \$__autoload['ldapDcAuth'] = dirname(__FILE__).'/class.auth.ldap.php'; define('DC_AUTH_CLASS','ldapDcAuth'); EOF # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum --file=$php_config chmod 400 "$php_config" chown $app:$app "$php_config" #================================================= # UPDATING DATABASE #================================================= ynh_permission_update --permission "admin" --add "visitors" # Navigate to the admin panel to upgrade the database: https://dotclear.org/documentation/2.0/admin/upgrades adminUrl="/admin/auth.php" ynh_local_curl $adminUrl ynh_permission_update --permission "admin" --remove "visitors" #================================================= # GENERIC FINALIZATION #================================================= # UPGRADE FAIL2BAN #================================================= ynh_script_progression --message="Reconfiguring Fail2Ban..." # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: , .*https://$domain${path_url%/}/admin/auth.php" #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed" --last