#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= # STANDARD RESTORATION STEPS #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 ynh_restore_file --origin_path="$install_dir" # FIXME: this should be managed by the core in the future # Here, as a packager, you may have to tweak the ownerhsip/permissions # such that the appropriate users (e.g. maybe www-data) can access # files in some cases. # But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - # this will be treated as a security issue. chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R "$app:www-data" "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY #================================================= ynh_script_progression --message="Restoring the data directory..." --weight=5 ynh_restore_file --origin_path="$data_dir" --not_mandatory mkdir -p "$data_dir" # FIXME: this should be managed by the core in the future # Here, as a packager, you may have to tweak the ownerhsip/permissions # such that the appropriate users (e.g. maybe www-data) can access # files in some cases. # But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - # this will be treated as a security issue. chmod 750 "$data_dir" chmod -R o-rwx "$data_dir" chown -R "$app:www-data" "$data_dir" #================================================= # RESTORE THE POSTGRESQL DATABASE #================================================= ynh_script_progression --message="Restoring the PostgreSQL database..." ynh_psql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 # compare if the system arch is different from the binary arch # if so, download the correct binary arch="$YNH_ARCH" if [ "$arch" == "amd64" ]; then arch="x86-64"; fi if [ "$arch" != "$(file "$install_dir"/gotosocial | cut -d ',' -f 2 | tr -d ' ')" ] then ynh_script_progression --message="Migrating binary architecture..." # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep="config.yaml" fi # FIXME: this should be managed by the core in the future # Here, as a packager, you may have to tweak the ownerhsip/permissions # such that the appropriate users (e.g. maybe www-data) can access # files in some cases. # But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder _ # this will be treated as a security issue. chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R "$app:www-data" "$install_dir" #================================================= # RESTORE VARIOUS FILES #================================================= mkdir -p "/var/log/$app" #================================================= # RESTORE SYSTEMD #================================================= ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable "$app.service" --quiet #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 yunohost service add "$app" --description="Gotosocial server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" #================================================= # RESTORE THE LOGROTATE CONFIGURATION #================================================= ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= # RESTORE THE FAIL2BAN CONFIGURATION #================================================= ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=restart --service_name=fail2ban #================================================= # GENERIC FINALIZATION #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Restoration completed for $app" --last