mirror of
https://github.com/YunoHost-Apps/grav_ynh.git
synced 2024-09-03 19:16:01 +02:00
223 lines
7.9 KiB
Bash
223 lines
7.9 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# LOAD SETTINGS
|
|
#=================================================
|
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
|
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
language=$(ynh_app_setting_get --app=$app --key=language)
|
|
|
|
fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
|
|
fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)
|
|
|
|
#=================================================
|
|
# CHECK VERSION
|
|
#=================================================
|
|
|
|
upgrade_type=$(ynh_check_app_version_changed)
|
|
|
|
#=================================================
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
#=================================================
|
|
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
|
|
|
|
# If db_name doesn't exist, create it
|
|
if [ -z "$db_name" ]; then
|
|
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
|
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
|
fi
|
|
|
|
# If final_path doesn't exist, create it
|
|
if [ -z "$final_path" ]; then
|
|
final_path=/var/www/$app
|
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
|
fi
|
|
|
|
# Cleaning legacy permissions
|
|
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
|
|
|
if [ -n "$is_public" ]; then
|
|
# Removing skipped/unprotected_uris under certain conditions, remove the visitors group added during the migration process of 3.7
|
|
# Remove skipped_uris. If the app was public, add visitors again to the main permission
|
|
if ynh_permission_has_user --permission=main --user=visitors
|
|
then
|
|
# Remove unprotected_uris
|
|
ynh_app_setting_delete --app=$app --key=unprotected_uris
|
|
# Remove protected_uris
|
|
ynh_app_setting_delete --app=$app --key=protected_uris
|
|
# Remove skipped_uris
|
|
ynh_app_setting_delete --app=$app --key=skipped_uris
|
|
# Give visitors main permission
|
|
ynh_permission_update --permission "main" --add "visitors"
|
|
else
|
|
# Remove unprotected_uris
|
|
ynh_app_setting_delete --app=$app --key=unprotected_uris
|
|
# Remove protected_uris
|
|
ynh_app_setting_delete --app=$app --key=protected_uris
|
|
# Remove skipped_uris
|
|
ynh_app_setting_delete --app=$app --key=skipped_uris
|
|
fi
|
|
ynh_app_setting_delete --app=$app --key=is_public
|
|
fi
|
|
|
|
# If fpm_footprint doesn't exist, create it
|
|
if [ -z "$fpm_footprint" ]; then
|
|
fpm_footprint=medium
|
|
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
|
|
fi
|
|
|
|
# If fpm_usage doesn't exist, create it
|
|
if [ -z "$fpm_usage" ]; then
|
|
fpm_usage=medium
|
|
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
|
|
fi
|
|
|
|
#=================================================
|
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
#=================================================
|
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
|
|
|
|
# Backup the current version of the app
|
|
ynh_backup_before_upgrade
|
|
ynh_clean_setup () {
|
|
# restore it if the upgrade fails
|
|
ynh_restore_upgradebackup
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
#=================================================
|
|
# STANDARD UPGRADE STEPS
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
|
|
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
|
then
|
|
ynh_script_progression --message="Upgrading source files..." --weight=2
|
|
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source --dest_dir="$final_path" --source_id="app-upgrade"
|
|
fi
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
|
|
|
|
# Create a dedicated nginx config
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=3
|
|
|
|
# Create a dedicated user (if not existing)
|
|
ynh_system_user_create --username=$app --home_dir=$final_path
|
|
|
|
#=================================================
|
|
# PHP-FPM CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1
|
|
|
|
# Create a dedicated php-fpm config
|
|
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --package="$extra_php_dependencies"
|
|
|
|
# Delete existing ini configuration file (backward compatibility)
|
|
if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then
|
|
ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini
|
|
fi
|
|
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
|
|
# Set permissions on app files
|
|
chown -R $app:www-data $final_path
|
|
find $final_path -type f -exec chmod 664 {} \;
|
|
find $final_path/bin -type f -exec chmod 775 {} \;
|
|
find $final_path -type d -exec chmod 775 {} \;
|
|
find $final_path -type d -exec chmod +s {} \;
|
|
|
|
#=================================================
|
|
# SPECIFIC UPGRADE
|
|
#=================================================
|
|
# UPGRADE PLUGINS
|
|
#=================================================
|
|
ynh_script_progression --message="Updating all plugins..." --weight=1
|
|
|
|
pushd "$final_path"
|
|
exec_as $app yes N | php${YNH_PHP_VERSION} bin/gpm update --all-yes --no-interaction
|
|
popd
|
|
|
|
#=================================================
|
|
# INSTALL LDAP PLUGIN
|
|
#=================================================
|
|
ynh_script_progression --message="Installing and configuring LDAP plugin..." --weight=3
|
|
|
|
pushd "$final_path"
|
|
exec_as $app php${YNH_PHP_VERSION} bin/gpm install login-ldap --all-yes --no-interaction
|
|
exec_as $app mkdir -p user/config/plugins/login-ldap
|
|
exec_as $app touch user/accounts/admin.yaml
|
|
popd
|
|
|
|
ynh_secure_remove "$final_path/user/plugins/login-ldap/login-ldap.yaml"
|
|
exec_as $app cp ../conf/login-ldap.yaml "$final_path/user/plugins/login-ldap/login-ldap.yaml"
|
|
ynh_replace_string "__ADMIN__" "$admin" "$final_path/user/plugins/login-ldap/login-ldap.yaml"
|
|
ynh_replace_string "__APP__" "$app" "$final_path/user/plugins/login-ldap/login-ldap.yaml"
|
|
exec_as $app cp "$final_path/user/plugins/login-ldap/login-ldap.yaml" "$final_path/user/config/plugins/login-ldap.yaml"
|
|
|
|
#=================================================
|
|
# CREATE A CRON TASK
|
|
#=================================================
|
|
|
|
echo "* * * * * $app php$phpversion $final_path/bin/grav scheduler 1>> /dev/null 2>&1" > /etc/cron.d/$app
|
|
|
|
#=================================================
|
|
# SETUP PERMISSIONS
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring permissions..." --weight=1
|
|
|
|
# Giving admin permission to the specified used
|
|
if ! ynh_permission_exists --permission "admin"
|
|
then
|
|
ynh_permission_create --permission "admin" --allowed "$admin"
|
|
else
|
|
ynh_permission_update --permission "admin" --add "$admin"
|
|
fi
|
|
|
|
# Creating user permission
|
|
if ! ynh_permission_exists --permission "user"
|
|
then
|
|
ynh_permission_create --permission "user"
|
|
fi
|
|
|
|
#=================================================
|
|
# RELOAD NGINX AND PHP-FPM
|
|
#=================================================
|
|
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1
|
|
|
|
ynh_systemd_action --service_name=php${YNH_PHP_VERSION}-fpm --action=restart
|
|
ynh_systemd_action --service_name=nginx --action=reload
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression --message="Upgrade of $app completed" --last
|