From d5a8c8d13b59087c580692d9565e228f392f9195 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Tue, 30 Mar 2021 18:42:51 +0200 Subject: [PATCH] Preserve config file and protect it --- scripts/install | 1 + scripts/upgrade | 20 +++++++++++++------- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/scripts/install b/scripts/install index c3ee073..4f92bc7 100644 --- a/scripts/install +++ b/scripts/install @@ -166,6 +166,7 @@ ynh_script_progression --message="Securing files and directories..." --weight=1 # Set permissions to app files chown -R $app: $final_path chmod 0644 /etc/logrotate.d/$app +chmod 600 $final_path/config/config.yml #================================================= # INTEGRATE SERVICE IN YUNOHOST diff --git a/scripts/upgrade b/scripts/upgrade index 1e734d1..82a64b0 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -87,13 +87,25 @@ if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." --weight=5 + tmpdir="$(mktemp -d)" + + # Backup the config file in the temp dir + cp -a "$final_path/config/config.yml" "$tmpdir/config.yml" + # Remove the app directory securely ynh_secure_remove --file=$final_path + git clone https://github.com/iv-org/invidious "$final_path" --quiet pushd "$final_path" || ynh_die shards update && shards install crystal build $final_path/src/invidious.cr --release popd || ynh_die + + # Copy the admin saved settings from tmp directory to final path + cp -a "$tmpdir/config.yml" "$final_path/config/config.yml" + + # Remove the tmp directory securely + ynh_secure_remove --file="$tmpdir" fi #================================================= @@ -112,13 +124,6 @@ ynh_script_progression --message="Making sure dedicated system user exists..." - # Create a dedicated user (if not existing) ynh_system_user_create --username=$app -#================================================= -# MODIFY A CONFIG FILE -#================================================= -ynh_script_progression --message="Modifying a config file..." --weight=3 - -ynh_add_config --template="../conf/config.yml" --destination="$final_path/config/config.yml" - #================================================= # SETUP SYSTEMD #================================================= @@ -145,6 +150,7 @@ ynh_script_progression --message="Securing files and directories..." --weight=1 # Set permissions on app files chown -R $app: $final_path chmod 0644 /etc/logrotate.d/$app +chmod 600 $final_path/config/config.yml #================================================= # INTEGRATE SERVICE IN YUNOHOST