#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app="$app" --key=domain) path_url=$(ynh_app_setting_get --app="$app" --key=path) is_public=$(ynh_app_setting_get --app="$app" --key=is_public) final_path=$(ynh_app_setting_get --app="$app" --key=final_path) db_name=$(ynh_app_setting_get --app="$app" --key=db_name) db_user="$db_name" port=$(ynh_app_setting_get --app="$app" --key=port) db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd) redis_db=$(ynh_app_setting_get --app="$app" --key=redis_db) code_migration=$(ynh_app_setting_get --app="$app" --key=code_migration) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_print_info --message="Ensuring downward compatibility..." # If redis_db doesn't exist, create it if [ -z "$redis_db" ]; then redis_db=0 ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" fi # make sure we have the last code organization if [ ! -d "$final_path/code/" ]; then mkdir "$final_path-tmp" mv "$final_path"/* "$final_path-tmp/" mkdir "$final_path/code" mv "$final_path-tmp/data/media" "$final_path/media" mv "$final_path-tmp/data/music" "$final_path/import" mv "$final_path-tmp"/* "$final_path/code" ynh_secure_remove --file="$final_path-tmp/" ynh_app_setting_set --app="$app" --key=code_migration --value=1 fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_print_info --message="Backing up the app before upgrading (may take a while)..." # Inform the backup/restore process that it should not save the data directory ynh_app_setting_set --app="$app" --key=backup_core_only --value=1 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_clean_check_starting ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # CHECK THE PATH #================================================= # Normalize the URL path syntax path_url=$(ynh_normalize_url_path "$path_url") #================================================= # CHECK THE PATH #================================================= # see 0.20.0: https://docs.funkwhale.audio/changelog.html#automatically-load-env-file loadfile="$final_path/code/load_env" if [ -e "$loadfile" ] ; then ynh_secure_remove --file="$loadfile" fi #================================================= # CLOSE A PORT #================================================= if yunohost firewall list | grep -q "\- $port$" then echo "Close port $port" yunohost firewall disallow TCP $port 2>&1 fi #================================================= # STANDARD UPGRADE STEPS #================================================= # STOP SYSTEMD SERVICE #================================================= ynh_print_info --message="Stopping a systemd service..." ynh_systemd_action --action="stop" --service_name="${app}-beat" --log_path="systemd" --line_match="Stopped Funkwhale" ynh_systemd_action --action="stop" --service_name="${app}-server" --log_path="systemd" --line_match="Stopped Funkwhale" ynh_systemd_action --action="stop" --service_name="${app}-worker" --log_path="systemd" --line_match="Stopped Funkwhale" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_print_info --message="Upgrading source files..." ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path/code" ynh_setup_source --dest_dir="$final_path/code" --source_id="app-frontend" ( cd "$final_path" mkdir -p code/config code/api code/data/static media import code/front ) #================================================= # NGINX CONFIGURATION #================================================= ynh_print_info --message="Upgrading nginx web server configuration..." # remove domain specific configuration funkwhale_nginx_domain_cleaning # add funkwhale specifics at the beginning of the domain configuration funkwhale_nginx_domain_configure # Create a dedicated nginx config ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_print_info --message="Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= ynh_print_info --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create --username="$app" --home_dir="$final_path" #================================================= # SPECIFIC UPGRADE #================================================= # PYTHON DEPENDENCIES #================================================= ynh_secure_remove --file="$final_path/code/virtualenv" virtualenv -p python3 "$final_path/code/virtualenv" ( set +o nounset source "${final_path}/code/virtualenv/bin/activate" set -o nounset pip install --upgrade pip pip install --upgrade setuptools pip install wheel pip install -r "${final_path}/code/api/requirements.txt" # https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16 pip uninstall django-cacheops --yes ) #================================================= # MODIFY THE CONFIG FILE #================================================= configfile="$final_path/code/config/.env" ynh_backup_if_checksum_is_different --file="$configfile" cp ../conf/env.prod "$configfile" key=$(ynh_string_random) ynh_app_setting_set --app="$app" --key=key --value="$key" ynh_replace_string --match_string="__REDIS_DB__" --replace_string="$redis_db" --target_file="$configfile" ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$configfile" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$configfile" ynh_replace_string --match_string="__DBUSER__" --replace_string="$db_name" --target_file="$configfile" ynh_replace_string --match_string="__DBPWD__" --replace_string="$db_pwd" --target_file="$configfile" ynh_replace_string --match_string="__DBNAME__" --replace_string="$app" --target_file="$configfile" ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="$configfile" ynh_replace_string --match_string="__KEY__" --replace_string="$key" --target_file="$configfile" #================================================= # MIGRATE #================================================= ( set +o nounset source "${final_path}/code/virtualenv/bin/activate" set -o nounset cd "$final_path/code" # needed for enabling the 'unaccent' extension ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH SUPERUSER;" --database="$db_name" python api/manage.py migrate ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH NOSUPERUSER;" --database="$db_name" python api/manage.py collectstatic --clear --noinput # https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16 # users-now-have-an-activitypub-actor-manual-action-required python api/manage.py script create_actors --no-input # https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16 #image-thumbnails-manual-action-required python api/manage.py script create_image_variations --no-input # https://docs.funkwhale.audio/upgrading/0.17.html#upgrade-instructions python api/manage.py script migrate_to_user_libraries --no-input # Delete pre 0.17 federated tracks [manual action suggested] # https://dev.funkwhale.audio/funkwhale/funkwhale/tags/0.18 python api/manage.py script delete_pre_017_federated_uploads --no-input ) #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum --file="$configfile" #================================================= # SETUP SYSTEMD #================================================= ynh_print_info --message="Upgrading systemd configuration..." cp ../conf/funkwhale.target "/etc/systemd/system/$app.target" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/systemd/system/$app.target" # Create a dedicated systemd config ynh_add_systemd_config --service="$app-server" --template="funkwhale-server.service" ynh_add_systemd_config --service="$app-worker" --template="funkwhale-worker.service" ynh_add_systemd_config --service="$app-beat" --template="funkwhale-beat.service" #================================================= # GENERIC FINALIZATION #================================================= # UPGRADE FAIL2BAN #================================================= ynh_print_info --message="Reconfiguring fail2ban..." ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failregex=".* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5 #================================================= # SECURE FILES AND DIRECTORIES #================================================= chown -R "$app": "$final_path" chmod -R 755 "$final_path/code/front/dist/" mkdir -p "/var/log/$app" chown -R "$app": "/var/log/$app" #================================================= # SETUP SSOWAT #================================================= ynh_print_info --message="Upgrading SSOwat configuration..." # Make app public if necessary if [ "$is_public" -eq 1 ] then # makes sure no SSO credentials to be passed ynh_app_setting_set --app="$app" --key=skipped_uris --value="/" fi #================================================= # START SYSTEMD SERVICE #================================================= ynh_print_info --message="Starting a systemd service..." ynh_systemd_action --action="start" --service_name="${app}-beat" --log_path="systemd" --line_match="celery beat process" ynh_systemd_action --action="start" --service_name="${app}-server" --log_path="systemd" --line_match="Listening on TCP address" ynh_systemd_action --action="start" --service_name="${app}-worker" --log_path="systemd" --line_match="celery worker" #================================================= # RELOAD NGINX #================================================= ynh_print_info --message="Reloading nginx web server..." ynh_systemd_action --service_name=nginx --action=reload #================================================= # REMOVE CODE MIGRATION FLAG #================================================= ynh_app_setting_set --app="$app" --key=code_migration --value=2 #================================================= # END OF SCRIPT #================================================= ynh_print_info --message="Upgrade of $app completed"