#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) #================================================= # STANDARD UPGRADE STEPS #================================================= # STOP SYSTEMD SERVICE #================================================= ynh_script_progression --message="Stopping a systemd service..." ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log" #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." # Upgrade from <0.2.1~ynh4: if ynh_compare_current_package_version --comparison lt --version 0.2.1~ynh4 || [ -z "${db_user:-}" ] then # import old parameters registration_open=$(ynh_app_setting_get --app="$app" --key=registration_open) registration_approval=$(ynh_app_setting_get --app="$app" --key=registration_approval) registration_reason=$(ynh_app_setting_get --app="$app" --key=registration_reason) # declaration of new parameters client_max_body_size="100M" media_image_max_size="2097152" media_video_max_size="10485760" media_description_min_chars="0" media_description_max_chars="500" media_remote_cache_days="30" statuses_max_chars="5000" statuses_cw_max_chars="100" statuses_poll_max_options="6" statuses_poll_option_max_chars="50" statuses_media_max_files="6" # conversion of old parameters registration_open=$(convert_bool "$registration_open") registration_approval=$(convert_bool "$registration_approval") registration_reason=$(convert_bool "$registration_reason") # fix db_user existence db_user=$db_name #REMOVEME? ynh_app_setting_set --app="$app" --key=db_user --value="$db_user" # registration of new parameters ynh_app_setting_set --app="$app" --key=client_max_body_size --value="$client_max_body_size" ynh_app_setting_set --app="$app" --key=media_image_max_size --value="$media_image_max_size" ynh_app_setting_set --app="$app" --key=media_video_max_size --value="$media_video_max_size" ynh_app_setting_set --app="$app" --key=media_description_min_chars --value="$media_description_min_chars" ynh_app_setting_set --app="$app" --key=media_description_max_chars --value="$media_description_max_chars" ynh_app_setting_set --app="$app" --key=media_remote_cache_days --value="$media_remote_cache_days" ynh_app_setting_set --app="$app" --key=statuses_max_chars --value="$statuses_max_chars" ynh_app_setting_set --app="$app" --key=statuses_cw_max_chars --value="$statuses_cw_max_chars" ynh_app_setting_set --app="$app" --key=statuses_poll_max_options --value="$statuses_poll_max_options" ynh_app_setting_set --app="$app" --key=statuses_poll_option_max_chars --value="$statuses_poll_option_max_chars" ynh_app_setting_set --app="$app" --key=statuses_media_max_files --value="$statuses_media_max_files" # registration of converted parameters ynh_app_setting_set --app="$app" --key=registration_open --value="$registration_open" ynh_app_setting_set --app="$app" --key=registration_approval --value="$registration_approval" ynh_app_setting_set --app="$app" --key=registration_reason --value="$registration_reason" fi # Upgrade from <0.3.7~ynh1: if ynh_compare_current_package_version --comparison lt --version 0.3.7~ynh1 || [ -z "${instance_expose_peers:-}" ] then # import old parameters registration_open=$(ynh_app_setting_get --app="$app" --key=registration_open) registration_approval=$(ynh_app_setting_get --app="$app" --key=registration_approval) registration_reason=$(ynh_app_setting_get --app="$app" --key=registration_reason) # declaration of new parameters instance_expose_peers="false" instance_expose_suspended="false" # conversion of old parameters if [ "$registration_open" = "true" ] || [ "$registration_open" = "false" ]; then accounts_registration_open=$registration_open accounts_approval_required=$registration_approval accounts_reason_required=$registration_reason else accounts_registration_open="false" accounts_approval_required="true" accounts_reason_required="false" fi # registration of new parameters ynh_app_setting_set --app="$app" --key=instance_expose_peers --value="$instance_expose_peers" ynh_app_setting_set --app="$app" --key=instance_expose_suspended --value="$instance_expose_suspended" # registration of converted parameters ynh_app_setting_set --app="$app" --key=accounts_registration_open --value="$accounts_registration_open" ynh_app_setting_set --app="$app" --key=accounts_approval_required --value="$accounts_approval_required" ynh_app_setting_set --app="$app" --key=accounts_reason_required --value="$accounts_reason_required" # deletion of old parameters ynh_app_setting_delete --app="$app" --key=registration_open ynh_app_setting_delete --app="$app" --key=registration_approval ynh_app_setting_delete --app="$app" --key=registration_reason fi # Upgrade from <0.5.0~ynh1: if ynh_compare_current_package_version --comparison lt --version 0.5.0~ynh1 || [ -z "${accounts_allow_custom_css:-}" ] then # declaration of new parameters accounts_allow_custom_css="false" instance_deliver_to_shared_inboxes="true" media_emoji_local_max_size="51200" media_emoji_remote_max_size="102400" # registration of new parameters ynh_app_setting_set --app="$app" --key=accounts_allow_custom_css --value="$accounts_allow_custom_css" ynh_app_setting_set --app="$app" --key=instance_deliver_to_shared_inboxes --value="$instance_deliver_to_shared_inboxes" ynh_app_setting_set --app="$app" --key=media_emoji_local_max_size --value="$media_emoji_local_max_size" ynh_app_setting_set --app="$app" --key=media_emoji_remote_max_size --value="$media_emoji_remote_max_size" fi # Upgrade from <0.6.0~ynh1: if ynh_compare_current_package_version --comparison lt --version 0.6.0~ynh1 || [ -z "${instance_expose_public_timeline:-}" ] then # declaration of new parameters landing_page_user="" instance_expose_public_timeline="false" storage_backend="local" storage_s3_endpoint="" storage_s3_proxy="false" storage_s3_access_key="" storage_s3_secret_key="" storage_s3_bucket="" advanced_cookies_samesite="lax" advanced_rate_limit_requests="1000" # registration of new parameters ynh_app_setting_set --app="$app" --key=landing_page_user --value="$landing_page_user" ynh_app_setting_set --app="$app" --key=instance_expose_public_timeline --value="$instance_expose_public_timeline" ynh_app_setting_set --app="$app" --key=storage_backend --value="$storage_backend" ynh_app_setting_set --app="$app" --key=storage_s3_endpoint --value="$storage_s3_endpoint" ynh_app_setting_set --app="$app" --key=storage_s3_proxy --value="$storage_s3_proxy" ynh_app_setting_set --app="$app" --key=storage_s3_access_key --value="$storage_s3_access_key" ynh_app_setting_set --app="$app" --key=storage_s3_secret_key --value="$storage_s3_secret_key" ynh_app_setting_set --app="$app" --key=storage_s3_bucket --value="$storage_s3_bucket" ynh_app_setting_set --app="$app" --key=advanced_cookies_samesite --value="$advanced_cookies_samesite" ynh_app_setting_set --app="$app" --key=advanced_rate_limit_requests --value="$advanced_rate_limit_requests" fi # Upgrade from <0.7.1~ynh1: if ynh_compare_current_package_version --comparison lt --version 0.7.1~ynh1 || [ -z "${instance_expose_suspended_web:-}" ] then # updating parameters advanced_rate_limit_requests="300" # declaration of new parameter instance_expose_suspended_web="false" # registration of parameters ynh_app_setting_set --app="$app" --key=advanced_rate_limit_requests --value="$advanced_rate_limit_requests" ynh_app_setting_set --app="$app" --key=instance_expose_suspended_web --value="$instance_expose_suspended_web" fi # Upgrade from <0.8.0~ynh2: (also upgrade from packaging v1) if ynh_compare_current_package_version --comparison lt --version 0.8.0~ynh2 || [ -z "${smtp_host:-}" ] || [ -z "${smtp_username:-}" ] then # declaration of new parameter smtp_host="127.0.0.1" smtp_port="25" smtp_username="$app" smtp_password="$mail_pwd" smtp_from="noreply-$app@$domain" smtp_disclose_recipients="false" # registration of parameters ynh_app_setting_set --app="$app" --key=smtp_host --value="$smtp_host" #REMOVEME? ynh_app_setting_set --app="$app" --key=smtp_port --value="$smtp_port" ynh_app_setting_set --app="$app" --key=smtp_username --value="$smtp_username" #REMOVEME? ynh_app_setting_set --app="$app" --key=smtp_password --value="$smtp_password" ynh_app_setting_set --app="$app" --key=smtp_from --value="$smtp_from" ynh_app_setting_set --app="$app" --key=smtp_disclose_recipients --value="$smtp_disclose_recipients" fi # Upgrade from <0.8.0~ynh3: if ynh_compare_current_package_version --comparison lt --version 0.8.0~ynh3 then # get settings from problem key allow_custom_css=$(ynh_app_setting_get --app="$app" --key=allow_custom_css) approval_required=$(ynh_app_setting_get --app="$app" --key=approval_required) reason_required=$(ynh_app_setting_get --app="$app" --key=reason_required) registration_open=$(ynh_app_setting_get --app="$app" --key=registration_open) # apply setting to correct key if set on old key if [ -n "$allow_custom_css" ] then ynh_app_setting_set --app="$app" --key=accounts_allow_custom_css --value="$allow_custom_css" ynh_app_setting_delete --app="$app" --key=allow_custom_css fi if [ -n "$approval_required" ] then ynh_app_setting_set --app="$app" --key=accounts_approval_required --value="$approval_required" ynh_app_setting_delete --app="$app" --key=approval_required fi if [ -n "$reason_required" ] then ynh_app_setting_set --app="$app" --key=accounts_reason_required --value="$reason_required" ynh_app_setting_delete --app="$app" --key=reason_required fi if [ -n "$registration_open" ] then ynh_app_setting_set --app="$app" --key=accounts_registration_open --value="$registration_open" ynh_app_setting_delete --app="$app" --key=registration_open fi fi # Upgrade from <0.10.0~ynh1: if ynh_compare_current_package_version --comparison lt --version 0.10.0~ynh1 || [ -z "${accounts_custom_css_length:-}" ] then # declaration of new parameter accounts_custom_css_length="10000" # registration of parameter ynh_app_setting_set --app="$app" --key=accounts_custom_css_length --value="$accounts_custom_css_length" fi # Upgrade from <0.11.0~ynh1: if ynh_compare_current_package_version --comparison lt --version 0.11.0~ynh1 || [ -z "$cache_memory_target" ] then # declaration of new parameter cache_memory_target="100MiB" instance_inject_mastodon_version="false" # update default config if [ "$media_remote_cache_days" == "30" ]; then # "30" is the old default value, "7" the new one # updating to the new default only if the old default value is used (to not overwrite an user modified value) media_remote_cache_days="7" ynh_app_setting_set --app="$app" --key=media_remote_cache_days --value="$media_remote_cache_days" fi # registration of parameter ynh_app_setting_set --app="$app" --key=cache_memory_target --value="$cache_memory_target" ynh_app_setting_set --app="$app" --key=instance_inject_mastodon_version --value="$instance_inject_mastodon_version" fi # Upgrade from <0.12.0~ynh1: if ynh_compare_current_package_version --comparison lt --version 0.12.0~ynh1 || [ -z "${instance_federation_mode:-}" ] then # declaration of new parameter instance_federation_mode="blocklist" # registration of parameter ynh_app_setting_set --app="$app" --key=instance_federation_mode --value="$instance_federation_mode" fi # Upgrade from <0.12.1~ynh2: if ynh_compare_current_package_version --comparison lt --version 0.12.1~ynh2 || [ -z "${oidc_enabled:-}" ] then # declaration of new parameter oidc_enabled="false" oidc_idp_name="" oidc_skip_verification="false" oidc_issuer="" oidc_client_id="" oidc_client_secret="" oidc_link_existing="false" # registration of parameter ynh_app_setting_set --app="$app" --key=oidc_enabled --value="$oidc_enabled" ynh_app_setting_set --app="$app" --key=oidc_idp_name --value="$oidc_idp_name" ynh_app_setting_set --app="$app" --key=oidc_skip_verification --value="$oidc_skip_verification" ynh_app_setting_set --app="$app" --key=oidc_issuer --value="$oidc_issuer" ynh_app_setting_set --app="$app" --key=oidc_client_id --value="$oidc_client_id" ynh_app_setting_set --app="$app" --key=oidc_client_secret --value="$oidc_client_secret" ynh_app_setting_set --app="$app" --key=oidc_client_secret --value="$oidc_link_existing" fi # fix a dumb "i set the setting to the wrong key in the past so i need to fix this shit" if [ -z "${oidc_link_existing:-}" ]; then oidc_link_existing="false" ynh_app_setting_set --app="$app" --key=oidc_client_secret --value="$oidc_link_existing" fi #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." # detect_arch comes from _common.sh / personnal helpers architecture=$(detect_arch) # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" --keep="config.yaml" fi # FIXME: this should be managed by the core in the future # Here, as a packager, you may have to tweak the ownerhsip/permissions # such that the appropriate users (e.g. maybe www-data) can access # files in some cases. # But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - # this will be treated as a security issue. chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R "$app:www-data" "$install_dir" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated NGINX config for the main domain ynh_add_nginx_config #================================================= # UPDATE A CONFIG FILE #================================================= ynh_script_progression --message="Updating a configuration file..." ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml" # FIXME: this should be handled by the core in the future # You may need to use chmod 600 instead of 400, # for example if the app is expected to be able to modify its own config chmod 400 "$install_dir/config.yaml" chown "$app:$app" "$install_dir/config.yaml" #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Upgrading systemd configuration..." # Create a dedicated systemd config ynh_add_systemd_config #================================================= # GENERIC FINALIZATION #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append #================================================= # SETUP FAIL2BAN #================================================= ynh_script_progression --message="Upgrading fail2ban configuration..." # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/${app}/${app}.log" --failregex="statusCode=401 path=/auth/sign_in clientIP= .* msg=\"Unauthorized:" --max_retry=5 #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." yunohost service add "$app" --description="Gotosocial server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed"