1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/grav_ynh.git synced 2024-09-03 19:16:01 +02:00
grav_ynh/scripts/upgrade
2021-02-11 11:31:33 +01:00

223 lines
7.9 KiB
Bash

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
language=$(ynh_app_setting_get --app=$app --key=language)
fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
db_name=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
# Cleaning legacy permissions
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
if [ -n "$is_public" ]; then
# Removing skipped/unprotected_uris under certain conditions, remove the visitors group added during the migration process of 3.7
# Remove skipped_uris. If the app was public, add visitors again to the main permission
if ynh_permission_has_user --permission=main --user=visitors
then
# Remove unprotected_uris
ynh_app_setting_delete --app=$app --key=unprotected_uris
# Remove protected_uris
ynh_app_setting_delete --app=$app --key=protected_uris
# Remove skipped_uris
ynh_app_setting_delete --app=$app --key=skipped_uris
# Give visitors main permission
ynh_permission_update --permission "main" --add "visitors"
else
# Remove unprotected_uris
ynh_app_setting_delete --app=$app --key=unprotected_uris
# Remove protected_uris
ynh_app_setting_delete --app=$app --key=protected_uris
# Remove skipped_uris
ynh_app_setting_delete --app=$app --key=skipped_uris
fi
ynh_app_setting_delete --app=$app --key=is_public
fi
# If fpm_footprint doesn't exist, create it
if [ -z "$fpm_footprint" ]; then
fpm_footprint=medium
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
fi
# If fpm_usage doesn't exist, create it
if [ -z "$fpm_usage" ]; then
fpm_usage=medium
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=2
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path" --source_id="app-upgrade"
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=3
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1
# Create a dedicated php-fpm config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --package="$extra_php_dependencies"
# Delete existing ini configuration file (backward compatibility)
if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then
ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini
fi
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions on app files
chown -R $app:www-data $final_path
find $final_path -type f -exec chmod 664 {} \;
find $final_path/bin -type f -exec chmod 775 {} \;
find $final_path -type d -exec chmod 775 {} \;
find $final_path -type d -exec chmod +s {} \;
#=================================================
# SPECIFIC UPGRADE
#=================================================
# UPGRADE PLUGINS
#=================================================
ynh_script_progression --message="Updating all plugins..." --weight=1
pushd "$final_path"
exec_as $app yes N | php${YNH_PHP_VERSION} bin/gpm update --all-yes --no-interaction
popd
#=================================================
# INSTALL LDAP PLUGIN
#=================================================
ynh_script_progression --message="Installing and configuring LDAP plugin..." --weight=3
pushd "$final_path"
exec_as $app php${YNH_PHP_VERSION} bin/gpm install login-ldap --all-yes --no-interaction
exec_as $app mkdir -p user/config/plugins/login-ldap
exec_as $app touch user/accounts/admin.yaml
popd
ynh_secure_remove "$final_path/user/plugins/login-ldap/login-ldap.yaml"
exec_as $app cp ../conf/login-ldap.yaml "$final_path/user/plugins/login-ldap/login-ldap.yaml"
ynh_replace_string "__ADMIN__" "$admin" "$final_path/user/plugins/login-ldap/login-ldap.yaml"
ynh_replace_string "__APP__" "$app" "$final_path/user/plugins/login-ldap/login-ldap.yaml"
exec_as $app cp "$final_path/user/plugins/login-ldap/login-ldap.yaml" "$final_path/user/config/plugins/login-ldap.yaml"
#=================================================
# CREATE A CRON TASK
#=================================================
echo "* * * * * $app php$phpversion $final_path/bin/grav scheduler 1>> /dev/null 2>&1" > /etc/cron.d/$app
#=================================================
# SETUP PERMISSIONS
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Giving admin permission to the specified used
if ! ynh_permission_exists --permission "admin"
then
ynh_permission_create --permission "admin" --allowed "$admin"
else
ynh_permission_update --permission "admin" --add "$admin"
fi
# Creating user permission
if ! ynh_permission_exists --permission "user"
then
ynh_permission_create --permission "user"
fi
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1
ynh_systemd_action --service_name=php${YNH_PHP_VERSION}-fpm --action=restart
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last