#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_script_progression --message="Loading installation settings..." --time --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) admin=$(ynh_app_setting_get --app=$app --key=admin) is_public=$(ynh_app_setting_get --app=$app --key=is_public) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) random_key=$(ynh_app_setting_get --app=$app --key=random_key) #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then ynh_app_setting_set --app=$app --key=is_public --value=1 is_public=1 elif [ "$is_public" = "No" ]; then ynh_app_setting_set --app=$app --key=is_public --value=0 is_public=0 fi # If db_name doesn't exist, create it if [ -z $db_name ]; then db_name=$(ynh_sanitize_dbid --db_name=$app) ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi # If final_path doesn't exist, create it if [ -z "$final_path" ]; then final_path=/var/www/$app ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # CHECK THE PATH #================================================= # Normalize the URL path syntax path_url=$(ynh_normalize_url_path --path_url=$path_url) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Upgrading source files..." --time --weight=1 # Create a temporary directory tmpdir="$(mktemp -d)" # Backup the config file in the temp dir mkdir -p "$tmpdir/storage/upload" mkdir -p "$tmpdir/storage/export" mkdir -p "$final_path/storage/upload/" mkdir -p "$final_path/storage/export/" cp -a "$final_path/storage/upload/" "$tmpdir/storage/upload/" cp -a "$final_path/storage/export/" "$tmpdir/storage/export/" # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" rm -rf "$final_path/bootstrap/cache/*" cp -a "$tmpdir/storage/upload/" "$final_path/storage/upload/" cp -a "$tmpdir/storage/export/" "$final_path/storage/export/" #remove tmp dir sudo rm -Rf "$tmpdir" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Upgrading nginx web server configuration..." --time --weight=1 # Create a dedicated nginx config ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 # Create a dedicated user (if not existing) ynh_system_user_create --username=$app #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Upgrading php-fpm configuration..." --time --weight=1 # Create a dedicated php-fpm config ynh_add_fpm_config --phpversion=7.2 #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE" # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum --file="$final_path/CONFIG_FILE" #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1 # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append #================================================= # GENERIC FINALIZATION #================================================= # UPGRADE FAIL2BAN #================================================= # ynh_script_progression --message="Reconfiguring fail2ban..." --time --weight=1 # # Create a dedicated fail2ban config # ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path_url.*$" --max_retry=5 #================================================= # SPECIFIC UPGRADE #================================================= # Get the admin email email=$(ynh_user_get_info --username=$admin --key='mail') # setup application config sudo cp ../conf/.env $final_path/.env #================================================= # MODIFY A CONFIG FILE #================================================= ynh_replace_string --match_string"random_key" --replace_string="$random_key" --file="$final_path/.env" ynh_replace_string --match_string"yunouser" --replace_string="$db_name" --file="$final_path/.env" ynh_replace_string --match_string"yunopass" --replace_string="$db_pwd" --file="$final_path/.env" ynh_replace_string --match_string"yunobase" --replace_string="$db_name" --file="$final_path/.env" ynh_replace_string --match_string"yunomail" --replace_string="$email" --file="$final_path/.env" ynh_replace_string --match_string"yunodomain" --replace_string="$domain" --file="$final_path/.env" init_composer $final_path cd $final_path && sudo /usr/bin/php7.2 artisan migrate --env=production --force cd $final_path && sudo /usr/bin/php7.2 artisan cache:clear cd $final_path && sudo /usr/bin/php7.2 artisan firefly:upgrade-database cd $final_path && sudo /usr/bin/php7.2 artisan firefly:verify cd $final_path && sudo /usr/bin/php7.2 artisan passport:install # Verify the checksum and backup the file if it's different ynh_backup_if_checksum_is_different --file="$final_path/.env" # Recalculate and store the config file checksum into the app settings ynh_store_file_checksum --file="$final_path/.env" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set right permissions chown -R $app: $final_path #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Upgrading SSOwat configuration..." --time --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" fi #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=php7.2-fpm --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed" --time --last