etherpad_mypads_ynh/scripts/upgrade

#!/bin/bash

#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers
# Load common variables for all scripts.
source _variables

#=================================================
# LOAD SETTINGS
#=================================================

app=$YNH_APP_INSTANCE_NAME

domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
admin=$(ynh_app_setting_get $app admin)
language=$(ynh_app_setting_get $app language)
is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path)
port=$(ynh_app_setting_get $app port)
export=$(ynh_app_setting_get $app export)
db_name=$(ynh_app_setting_get $app db_name)
mypads=$(ynh_app_setting_get $app mypads)
useldap=$(ynh_app_setting_get $app useldap)

#=================================================
# CHECK VERSION
#=================================================

# Wait for etherpad to be fully started
ynh_systemd_action --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120"

upgrade_type=$(ynh_check_app_version_changed)

#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================

# Convert is_public as a boolean
if [ "$is_public" = "Yes" ]; then
	ynh_app_setting_set $app is_public 1
	is_public=1
elif [ "$is_public" = "No" ]; then
	ynh_app_setting_set $app is_public 0
	is_public=0
fi

# If db_name setting doesn't exist
if [ -z $db_name ]; then
	db_name=$(ynh_sanitize_dbid $app)
	ynh_app_setting_set $app db_name $db_name
fi

# If abiword setting doesn't exist
if [ -z $abiword ]; then
	abiword=0
	ynh_app_setting_set $app abiword $abiword
fi

# If abiword setting exists
if [ -n $abiword ]; then
	if [ $abiword -eq 1 ]; then
		export=abiword
	fi
	ynh_app_setting_set $app export $export
	ynh_app_setting_delete $app abiword
fi

# If export setting doesn't exist
if [ -z $export ]; then
	export=none
	ynh_app_setting_set $app export $export
fi

# If mypads setting doesn't exist
if [ -z $mypads ]; then
	mypads=1
	ynh_app_setting_set $app mypads $mypads
fi

# If useldap setting doesn't exist
if [ -z $useldap ]; then
	useldap=0
	ynh_app_setting_set $app useldap $useldap
fi

# If path_url setting doesn't exist
if [ -z $path_url ]; then
	path_url="/"
	ynh_app_setting_set $app path $path_url
fi

#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================

# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Clean installation remaining that are not handle by the remove script.
	ynh_clean_check_starting

	# Restore it if the upgrade fails
	ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# ACTIVATE MAINTENANCE MODE
#=================================================

ynh_maintenance_mode_ON

#=================================================
# STOP ETHERPAD
#=================================================

ynh_systemd_action --action=stop

#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================

if [ "$upgrade_type" == "UPGRADE_APP" ]
then
	# Download, check integrity, uncompress and patch the source from app.src
	ynh_setup_source "$final_path"
fi

#=================================================
# UPGRADE DEPENDENCIES
#=================================================

if [ "$export" = "abiword" ]; then
	ynh_install_app_dependencies $abiword_app_depencencies
elif [ "$export" = "libreoffice" ]; then
	ynh_install_app_dependencies $libreoffice_app_dependencies
fi

#=================================================
# NGINX CONFIGURATION
#=================================================

# Create a dedicated nginx config
ynh_add_nginx_config

#=================================================
# UPGRADE NODEJS
#=================================================

# Remove the old nvm helper.
if [ -d /opt/nvm ]
then
	ynh_secure_remove "/opt/nvm"
	sed --in-place "/NVM_DIR/d" /root/.bashrc
fi

ynh_install_nodejs $nodejs_version

#=================================================
# UPGRADE NPM MODULES
#=================================================

# Update the main modules of etherpad
(cd "$final_path/src"
npm cache clean
ynh_exec_warn_less npm update)

# Then update the additionnal modules
(cd "$final_path"
npm cache clean
while read node_module
do
	echo "Update $node_module"
        ynh_exec_warn_less npm install --upgrade $node_module || true
done <<< "$(ls -1 "$final_path/node_modules" | grep "^ep_")")

#=================================================
# SPECIFIC UPGRADE
#=================================================
# CONFIGURE ETHERPAD
#=================================================

if [ "$upgrade_type" == "UPGRADE_APP" ]
then
	# Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
	ynh_backup_if_checksum_is_different "$final_path/settings.json"
	# Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
	ynh_backup_if_checksum_is_different "$final_path/credentials.json"
	cp ../conf/settings.json "$final_path/settings.json"
	cp ../conf/credentials.json "$final_path/credentials.json"
	ynh_replace_string "__PORT__" "$port" "$final_path/settings.json"
	ynh_replace_string "__DB_USER__" "$app" "$final_path/credentials.json"
	db_pwd=$(ynh_app_setting_get $app mysqlpwd)
	ynh_print_OFF; password=$(ynh_app_setting_get $app password); ynh_print_ON
	ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/credentials.json"
	ynh_replace_string "__ADMIN__" "$admin" "$final_path/credentials.json"
	ynh_print_OFF; ynh_replace_special_string "__PASSWD__" "$password" "$final_path/credentials.json"; ynh_print_ON
	if [ "$export" = "abiword" ]
	then
		# Get abiword binary path
		abiword_path=`which abiword`
		# Set the path of abiword into etherpad config
		ynh_replace_string "\"abiword\" : null" "\"abiword\" : \"$abiword_path\"" "$final_path/settings.json"
	elif [ "$export" = "libreoffice" ]
	then
		# Get soffice binary path
		soffice_path=`which soffice`
		# Set the path of soffice into etherpad config
		ynh_replace_string "\"soffice\" : null" "\"soffice\" : \"$soffice_path\"" "$final_path/settings.json"
	fi
	if test -z $language; then
		# If upgrading from a version which doesn't support translations, set language to English by default
		language=en
		ynh_app_setting_set $app language $language
	fi
	ynh_replace_string "__LANGUAGE__" "$language" "$final_path/settings.json"

	# Use ldap for mypads
	if [ $mypads -eq 1 ] && [ $useldap -eq 1 ]
	then
		ynh_replace_string "//noldap" "" "$final_path/settings.json"
	fi

	# Recalculate and store the checksum of the file for the next upgrade.
	ynh_store_file_checksum "$final_path/settings.json"
	# Recalculate and store the checksum of the file for the next upgrade.
	ynh_store_file_checksum "$final_path/credentials.json"
fi

#=================================================
# CREATE DEDICATED USER
#=================================================

# Create a dedicated user (if not existing)
ynh_system_user_create $app

#=================================================
# SECURING FILES AND DIRECTORIES
#=================================================

# Set files ownership to etherpad
chown -R $app: $final_path
chmod 600 "$final_path/credentials.json"
# Restrict access to credentials.json
chown $app -R /var/log/$app/etherpad.log

#=================================================
# UPGRADE FAIL2BAN
#=================================================

# Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failregex="<HOST> .* .POST /mypads/api/auth/login HTTP/1.1. 400" --max_retry=5

#=================================================
# SETUP LOGROTATE
#=================================================

# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append

#=================================================
# SETUP SYSTEMD
#=================================================

ynh_replace_string "__ENV_PATH__" "$PATH" "../conf/systemd.service"
# Create a dedicated systemd config
ynh_add_systemd_config

#=================================================
# SOME HACKS
#=================================================

if [ $mypads -eq 1 ]
then
	# Find the /div just after the field to open a pad
	mod_line=$(grep -nA5 "index.createOpenPad" $final_path/src/templates/index.html | grep "</div>" | cut -d '-' -f 1)
	# In order to add a link to mypads plugin.
	sed -i "$mod_line s@div>@&\n\t<center><br><font size="5"><a href="./mypads/">Mypads</a></font></center>@" $final_path/src/templates/index.html
fi

#=================================================
# SETUP SSOWAT
#=================================================

# Make app public if necessary
if [ $is_public -eq 1 ]; then
	ynh_app_setting_set $app skipped_uris "/"
else
	# etherpad admin page doesn't support SSO...
	ynh_app_setting_set $app skipped_uris "/admin"
fi

#=================================================
# RELOAD NGINX
#=================================================

ynh_systemd_action --action=reload --service_name=nginx

#=================================================
# CHECK ETHERPAD STARTING
#=================================================

# Wait for etherpad to be fully started
ynh_systemd_action --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120"

#=================================================
# DEACTIVE MAINTENANCE MODE
#=================================================

ynh_maintenance_mode_OFF