#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get "$app" domain) path_url=$(ynh_app_setting_get "$app" path) is_public=$(ynh_app_setting_get "$app" is_public) final_path=$(ynh_app_setting_get "$app" final_path) db_name=$(ynh_app_setting_get "$app" db_name) db_user=$db_name port=$(ynh_app_setting_get "$app" port) db_pwd=$(ynh_app_setting_get "$app" psqlpwd) redis_db=$(ynh_app_setting_get "$app" redis_db) code_migration=$(ynh_app_setting_get "$app" code_migration) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_print_info "Ensuring downward compatibility..." # If redis_db doesn't exist, create it if [ -z "$redis_db" ]; then redis_db=0 ynh_app_setting_set "$app" redis_db "$redis_db" fi # make sure we have the last code organization if [ ! -d "$final_path/code/" ]; then mkdir "$final_path-tmp" mv "$final_path"/* "$final_path-tmp/" mkdir "$final_path/code" mv "$final_path-tmp/data/media" "$final_path/media" mv "$final_path-tmp/data/music" "$final_path/import" mv "$final_path-tmp"/* "$final_path/code" ynh_secure_remove "$final_path-tmp/" ynh_app_setting_set "$app" code_migration 1 fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_print_info "Backing up the app before upgrading (may take a while)..." # Inform the backup/restore process that it should not save the data directory ynh_app_setting_set "$app" backup_core_only 1 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # STOP SERVICES #================================================= ynh_print_info "Stopping $app services..." ynh_systemd_action --action=stop --service_name=${app}-beat --log_path=systemd --line_match="Stopped Funkwhale" ynh_systemd_action --action=stop --service_name=${app}-server --log_path=systemd --line_match="Stopped Funkwhale" ynh_systemd_action --action=stop --service_name=${app}-worker --log_path=systemd --line_match="Stopped Funkwhale" #================================================= # CHECK THE PATH #================================================= # Normalize the URL path syntax path_url=$(ynh_normalize_url_path "$path_url") #================================================= # STANDARD UPGRADE STEPS #================================================= # CLOSE A PORT #================================================= if yunohost firewall list | grep -q "\- $port$" then echo "Close port $port" yunohost firewall disallow TCP $port 2>&1 fi #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_print_info "Upgrading source files..." ynh_app_setting_set "$app" final_path "$final_path" # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source "$final_path/code" ynh_setup_source "$final_path/code" "app-frontend" ( cd "$final_path" mkdir -p code/config code/api code/data/static media import code/front ) #================================================= # NGINX CONFIGURATION #================================================= ynh_print_info "Upgrading nginx web server configuration..." # remove domain specific configuration funkwhale_nginx_domain_cleaning # add funkwhale specifics at the beginning of the domain configuration funkwhale_nginx_domain_configure # Create a dedicated nginx config ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_print_info "Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= ynh_print_info "Making sure dedicated system user exists..." # Create a system user ynh_system_user_create "$app" #================================================= # SPECIFIC UPGRADE #================================================= # PYTHON DEPENDENCIES #================================================= ynh_secure_remove "$final_path/code/virtualenv" virtualenv -p python3 "$final_path/code/virtualenv" ( set +o nounset source "${final_path}/code/virtualenv/bin/activate" set -o nounset pip install --upgrade pip pip install --upgrade setuptools pip install wheel pip install -r "${final_path}/code/api/requirements.txt" # https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16 pip uninstall django-cacheops --yes ) #================================================= # MODIFY THE CONFIG FILE #================================================= configfile="$final_path/code/config/.env" cp ../conf/env.prod "$configfile" key=$(ynh_string_random) ynh_app_setting_set "$app" key "$key" ynh_replace_string "__REDIS_DB__" "$redis_db" "$configfile" ynh_replace_string "__PORT__" "$port" "$configfile" ynh_replace_string "__DOMAIN__" "$domain" "$configfile" ynh_replace_string "__DBUSER__" "$db_name" "$configfile" ynh_replace_string "__DBPWD__" "$db_pwd" "$configfile" ynh_replace_string "__DBNAME__" "$app" "$configfile" ynh_replace_string "__FINALPATH__" "$final_path" "$configfile" ynh_replace_string "__KEY__" "$key" "$configfile" loadfile="$final_path/code/load_env" cat > "$loadfile" <<'EOL' #!/bin/bash export $(cat "__FINALPATH__/code/config/.env" | grep -v ^# | xargs) EOL chmod +x "$loadfile" ynh_replace_string "__FINALPATH__" "$final_path" "$loadfile" #================================================= # MIGRATE #================================================= ( set +o nounset source "${final_path}/code/virtualenv/bin/activate" source "$loadfile" set -o nounset cd "$final_path/code" # needed for enabling the 'unaccent' extension ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH SUPERUSER;" --database="$db_name" python api/manage.py migrate ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH NOSUPERUSER;" --database="$db_name" python api/manage.py collectstatic --clear --noinput # https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16 # users-now-have-an-activitypub-actor-manual-action-required python api/manage.py script create_actors --no-input # https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16 #image-thumbnails-manual-action-required python api/manage.py script create_image_variations --no-input # https://docs.funkwhale.audio/upgrading/0.17.html#upgrade-instructions python api/manage.py script migrate_to_user_libraries --no-input # Delete pre 0.17 federated tracks [manual action suggested] # https://dev.funkwhale.audio/funkwhale/funkwhale/tags/0.18 python api/manage.py script delete_pre_017_federated_uploads --no-input ) #================================================= # SETUP SYSTEMD #================================================= ynh_print_info "Upgrading systemd configuration..." cp ../conf/funkwhale.target "/etc/systemd/system/$app.target" ynh_replace_string "__APP__" "$app" "/etc/systemd/system/$app.target" # Create a dedicated systemd config ynh_add_systemd_config "$app-server" "funkwhale-server.service" ynh_add_systemd_config "$app-worker" "funkwhale-worker.service" ynh_add_systemd_config "$app-beat" "funkwhale-beat.service" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= chown -R "$app": "$final_path" chmod -R 755 "$final_path/code/front/dist/" mkdir -p "/var/log/$app" chown -R "$app": "/var/log/$app" #================================================= # SETUP FAIL2BAN #================================================= ynh_add_fail2ban_config "/var/log/nginx/$domain-access.log" ".* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" 5 #================================================= # SETUP SSOWAT #================================================= ynh_print_info "Upgrading SSOwat configuration..." # Make app public if necessary if [ "$is_public" -eq 1 ] then # makes sure no SSO credentials to be passed ynh_app_setting_set "$app" skipped_uris "/" fi #================================================= # RELOAD NGINX #================================================= ynh_print_info "Upgrading SSOwat configuration..." systemctl reload nginx #================================================= # REMOVE CODE MIGRATION FLAG #================================================= ynh_app_setting_set "$app" code_migration 2 #================================================= # START SERVICES #================================================= ynh_print_info "Start Services..." ynh_systemd_action --action=start --service_name=${app}-beat --log_path=systemd --line_match="celery beat process" ynh_systemd_action --action=start --service_name=${app}-server --log_path=systemd --line_match="Listening on TCP address" ynh_systemd_action --action=start --service_name=${app}-worker --log_path=systemd --line_match="celery worker" #================================================= # END OF SCRIPT #================================================= ynh_print_info "Upgrade of $app completed"