1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dotclear2_ynh.git synced 2024-09-03 18:26:29 +02:00
dotclear2_ynh/scripts/upgrade
2020-04-18 01:25:53 +02:00

224 lines
8.4 KiB
Bash

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
password=$(ynh_app_setting_get --app=$app --key=password)
master_key=$(ynh_app_setting_get --app=$app --key=master_key)
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
db_name=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
if [ -n "$is_public" ]; then
ynh_app_setting_delete --app=$app --key=protected_uris
# Removing skipped/unprotected_uris under certain conditions, remove the visitors group added during the migration process of 3.7
# Remove unprotected_uris. If the app was public, add visitors again to the main permission
if ynh_permission_has_user --permission=main --user=visitors
then
ynh_app_setting_delete --app=$app --key=unprotected_uris
ynh_permission_update --permission "main" --add "visitors"
else
ynh_app_setting_delete --app=$app --key=unprotected_uris
fi
ynh_app_setting_delete --app=$app --key=is_public
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path --path_url=$path_url)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Upgrading source files..." --weight=4
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
# Download, check integrity, uncompress and patch the source from app.src
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
ynh_replace_string "latest" "attic" ../conf/app.src
fi
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading nginx web server configuration..."
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# MODIFY A CONFIG FILE
#=================================================
php_config=$final_path/inc/config.php
ynh_backup_if_checksum_is_different --file=$php_config
cp $php_config.in $php_config
admin_url="${path_url%/}/admin/index.php"
email=$(ynh_user_get_info --username=$admin --key=mail)
# Config as if we called in admin/install/wizard.php
ynh_replace_string --match_string="'DC_DBDRIVER', ''" --replace_string="'DC_DBDRIVER', 'mysqli'" --target_file=$php_config
ynh_replace_string --match_string="'DC_DBHOST', ''" --replace_string="'DC_DBHOST', 'localhost'" --target_file=$php_config
ynh_replace_string --match_string="'DC_DBUSER', ''" --replace_string="'DC_DBUSER', '$db_user'" --target_file=$php_config
ynh_replace_string --match_string="'DC_DBPASSWORD', ''" --replace_string="'DC_DBPASSWORD', '$db_pwd'" --target_file=$php_config
ynh_replace_string --match_string="'DC_DBNAME', ''" --replace_string="'DC_DBNAME', '$db_name'" --target_file=$php_config
ynh_replace_string --match_string="'DC_MASTER_KEY', ''" --replace_string="'DC_MASTER_KEY', '$master_key'" --target_file=$php_config
ynh_replace_string --match_string="'DC_ADMIN_URL', ''" --replace_string="'DC_ADMIN_URL', 'https://$domain$admin_url'" --target_file=$php_config
ynh_replace_string --match_string="'DC_ADMIN_MAILFROM', ''" --replace_string="'DC_ADMIN_MAILFROM', '$email'" --target_file=$php_config
# Adding LDAP login
cp ../conf/class.auth.ldap.php $final_path/inc/class.auth.ldap.php
ynh_replace_string "__APP__" "$app" $final_path/inc/class.auth.ldap.php
cat << EOF >> $php_config
\$__autoload['ldapDcAuth'] = dirname(__FILE__).'/class.auth.ldap.php';
define('DC_AUTH_CLASS','ldapDcAuth');
EOF
# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum --file=$php_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions on app files
chown -R root: $final_path
chown -R $app $final_path/{public,cache,themes,plugins}
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring fail2ban..."
# Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Upgrading permissions configuration..." --weight=2
# Create the admin permission if needed
if ! ynh_permission_exists --permission "admin"; then
ynh_permission_create --permission "admin" --url "/admin" --allowed $admin
fi
#=================================================
# UPDATING DATABASE
#=================================================
ynh_permission_update --permission "admin" --add "visitors"
# Navigate to the admin panel to upgrade the database: https://dotclear.org/documentation/2.0/admin/upgrades
adminUrl="/admin/auth.php"
ynh_local_curl $adminUrl
ynh_permission_update --permission "admin" --remove "visitors"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last