diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100644 index 0000000..2640eb1 --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,107 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +assets="https://github.com/kanboard/kanboard/archive/refs/tags/$version.tar.gz" + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Let's download source tarball +asset_url=$assets + +echo "Handling asset at $asset_url" + +src="app" + +# Create the temporary directory +tempdir="$(mktemp -d)" + +# Download sources and calculate checksum +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" +checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + +# Rewrite source file +cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=$extension +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true +EOT +echo "... conf/$src.src updated" + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..fb72ba0 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,49 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it every day at 6:00 UTC + schedule: + - cron: '0 6 * * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + draft: false diff --git a/README.md b/README.md index e71e8b0..f422adc 100644 --- a/README.md +++ b/README.md @@ -26,8 +26,7 @@ Kanboard is a free and open source Kanban project management software. - Super simple installation -**Shipped version:** 1.2.22~ynh2 - +**Shipped version:** 1.2.24~ynh1 **Demo:** https://demo.yunohost.org/kanboard/ diff --git a/README_fr.md b/README_fr.md index bd365c9..10225af 100644 --- a/README_fr.md +++ b/README_fr.md @@ -25,8 +25,7 @@ Kanboard est un logiciel de gestion de projet Kanban gratuit et open source. - Auto-hébergé -**Version incluse :** 1.2.22~ynh2 - +**Version incluse :** 1.2.24~ynh1 **Démo :** https://demo.yunohost.org/kanboard/ diff --git a/check_process b/check_process index 5ca5d45..eb6c3f4 100644 --- a/check_process +++ b/check_process @@ -2,8 +2,8 @@ ; Manifest domain="domain.tld" path="/path" - admin="john" is_public=1 + admin="john" ; Checks pkg_linter=1 setup_sub_dir=1 @@ -12,8 +12,10 @@ setup_private=1 setup_public=1 upgrade=1 - #1.2.21~ynh3 + # 1.2.21~ynh3 upgrade=1 from_commit=b667e4d5fd9cc860f706ad7e4e41208cf1d04f2a + # 1.2.22~ynh2 + upgrade=1 from_commit=781f62a9e41ee6b4fbdad7383cb31f8ae4432c66 backup_restore=1 multi_instance=1 change_url=1 diff --git a/conf/app.src b/conf/app.src index 6e82cd9..3a32bb1 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,7 @@ -SOURCE_URL=https://github.com/kanboard/kanboard/archive/refs/tags/v1.2.22.tar.gz -SOURCE_SUM=f609a23eb6e755297fee1b534b43ba8a913baaf60ece31840786b788cba2e641 +SOURCE_URL=https://github.com/kanboard/kanboard/archive/refs/tags/v1.2.24.tar.gz +SOURCE_SUM=720d41f53bfc937812b27ad777d324b713696b00acb10e8cb6afa2e39345fa46 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index 63d1f6b..924edad 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,36 +1,37 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - # Path to source - alias __FINALPATH__/; + # Path to source + alias __FINALPATH__/; - index index.php; - client_max_body_size 50M; - try_files $uri $uri/ __PATH__/index.php; + index index.php; + client_max_body_size 50M; - # Override CSP header to make SSOWAT user panel compatible with kanboard - more_set_headers "Content-Security-Policy: default-src 'self' 'unsafe-eval' data:; style-src 'self' 'unsafe-inline'"; + # Override CSP header to make SSOWAT user panel compatible with kanboard + more_set_headers "Content-Security-Policy: default-src 'self' 'unsafe-eval' data:; style-src 'self' 'unsafe-inline'"; - location __PATH__/(?:kanboard|config.php|config.default.php) { - deny all; - } - - # Deny access to the directory data - location __PATH__/data { - deny all; + location __PATH__/(?:kanboard|config.php|config.default.php) { + deny all; + } + + # Deny access to the directory data + location __PATH__/data { + deny all; } - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $request_filename; - fastcgi_param SERVER_NAME $host; - } + try_files $uri $uri/ __PATH__/index.php; + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_param SERVER_NAME $host; + } + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; } diff --git a/manifest.json b/manifest.json index b0dc8bc..ff4f104 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Kanban project management software", "fr": "Logiciel de gestion de projet Kanban" }, - "version": "1.2.22~ynh2", + "version": "1.2.24~ynh1", "url": "https://kanboard.net", "upstream": { "license": "MIT", @@ -52,15 +52,15 @@ "example": "/kanboard", "default": "/kanboard" }, - { - "name": "admin", - "type": "user" - }, { "name": "is_public", "type": "boolean", "default": false + }, + { + "name": "admin", + "type": "user" } ] } -} \ No newline at end of file +} diff --git a/scripts/_common.sh b/scripts/_common.sh index 168ac6c..811eb31 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,10 +3,15 @@ #================================================= # COMMON VARIABLES #================================================= +# PHP APP SPECIFIC +#================================================= -YNH_PHP_VERSION="8.0" +YNH_PHP_VERSION=8.0 -pkg_dependencies="php${YNH_PHP_VERSION}-fpm php${YNH_PHP_VERSION}-opcache php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-ldap" +php_dependencies="php${YNH_PHP_VERSION}-fpm php${YNH_PHP_VERSION}-opcache php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-ldap" + +# dependencies used by the app (must be on a single line) +pkg_dependencies="$php_dependencies" #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index cdeb5d9..05d3a3a 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -13,12 +14,16 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + true +} +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_print_info --message="Loading installation settings..." +ynh_print_info --message="Loading settings..." app=$YNH_APP_INSTANCE_NAME @@ -58,7 +63,7 @@ ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" #================================================= -# BACKUP A CRON FILE +# BACKUP VARIOUS FILES #================================================= ynh_backup --src_path="/etc/cron.d/$app" diff --git a/scripts/change_url b/scripts/change_url index 32a4874..faf80b6 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -24,7 +24,7 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +ynh_script_progression --message="Loading settings..." --weight=1 # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) @@ -93,6 +93,8 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi +#================================================= +# SPECIFIC MODIFICATIONS #================================================= # SETUP FAIL2BAN #================================================= @@ -105,9 +107,9 @@ ynh_remove_fail2ban_config ynh_add_fail2ban_config --logpath="/var/log/nginx/${new_domain}-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: ,.*$" --max_retry=5 #================================================= -# SPECIFIC MODIFICATIONS +# UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Applying Kanboard specific modifications..." --weight=2 +ynh_script_progression --message="Updating a configuration file..." --weight=2 if [ $change_domain -eq 1 ] then diff --git a/scripts/install b/scripts/install index c36366d..d2b84db 100644 --- a/scripts/install +++ b/scripts/install @@ -14,7 +14,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -28,16 +27,16 @@ domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC admin=$YNH_APP_ARG_ADMIN -email=$(ynh_user_get_info --username=$admin --key=mail) app=$YNH_APP_INSTANCE_NAME +email=$(ynh_user_get_info --username=$admin --key=mail) + #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=1 -# Check destination directory final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" @@ -50,8 +49,10 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=adminusername --value=$admin +ynh_app_setting_set --app=$app --key=admin --value=$admin +#================================================= +# STANDARD MODIFICATIONS #================================================= # INSTALL DEPENDENCIES #================================================= @@ -59,18 +60,6 @@ ynh_script_progression --message="Installing dependencies..." --weight=3 ynh_install_app_dependencies $pkg_dependencies -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# CREATE A MYSQL DATABASE -#================================================ -ynh_script_progression --message="Creating a MySQL database..." --weight=2 - -db_name=$(ynh_sanitize_dbid --db_name=$app) -db_user=$db_name -ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name - #================================================= # CREATE DEDICATED USER #================================================= @@ -79,6 +68,16 @@ ynh_script_progression --message="Configuring system user..." --weight=2 # Create a system user ynh_system_user_create --username=$app --home_dir="$final_path" +#================================================= +# CREATE A MYSQL DATABASE +#================================================= +ynh_script_progression --message="Creating a MySQL database..." --weight=2 + +db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name +ynh_app_setting_set --app=$app --key=db_name --value=$db_name +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -110,15 +109,15 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Configuring NGINX web server..." --weight=2 -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config #================================================= # SPECIFIC SETUP #================================================= -# CREATE CONFIG.PHP +# ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Configuring the app..." +ynh_script_progression --message="Adding a configuration file..." --weight=1 dir="__DIR__" ynh_add_config --template="../conf/config.php" --destination="$final_path/config.php" @@ -138,13 +137,6 @@ pushd $final_path php$phpversion cli db:migrate --no-interaction --verbose popd -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Configuring Fail2Ban..." --weight=10 - -ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: ,.*$" --max_retry=5 - #================================================= # SETUP CRON #================================================= @@ -154,14 +146,26 @@ ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app" chown root: "/etc/cron.d/$app" chmod 644 "/etc/cron.d/$app" +#================================================= +# GENERIC FINALIZATION +#================================================= +# SETUP FAIL2BAN +#================================================= +ynh_script_progression --message="Configuring Fail2Ban..." --weight=10 + +# Create a dedicated Fail2Ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: ,.*$" --max_retry=5 + #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring permissions..." --weight=2 -# Make app public or private +# Make app public if necessary if [ $is_public -eq 1 ] then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" ynh_replace_string --match_string="define('LDAP_AUTH'.*$" --replace_string="define('LDAP_AUTH', true);" --target_file="$final_path/config.php" ynh_replace_string --match_string="define('HIDE_LOGIN_FORM'.*$" --replace_string="define('HIDE_LOGIN_FORM', false);" --target_file="$final_path/config.php" @@ -173,9 +177,6 @@ fi ynh_permission_create --permission="ics" --url="/?controller=ICalendarController" --allowed="visitors" --label="ICS Public access" -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$final_path/config.php" - #================================================= # RELOAD NGINX #================================================= diff --git a/scripts/remove b/scripts/remove index d19cdf8..567ecb8 100644 --- a/scripts/remove +++ b/scripts/remove @@ -12,14 +12,14 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +ynh_script_progression --message="Loading settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # STANDARD REMOVE @@ -34,7 +34,7 @@ ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing the app main directory..." +ynh_script_progression --message="Removing app main directory..." --weight=1 # Remove the app directory securely ynh_secure_remove --file="$final_path" @@ -63,19 +63,20 @@ ynh_script_progression --message="Removing dependencies..." --weight=1 # Remove metapackage and its dependencies ynh_remove_app_dependencies -#================================================= -# GENERIC FINALIZATION #================================================= # REMOVE FAIL2BAN CONFIGURATION #================================================= ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=7 +# Remove the dedicated Fail2Ban config ynh_remove_fail2ban_config #================================================= -# REMOVE THE CRON FILE +# SPECIFIC REMOVE #================================================= -ynh_script_progression --message="Removing the cron file..." --weight=2 +# REMOVE VARIOUS FILES +#================================================= +ynh_script_progression --message="Removing various files..." --weight=2 # Remove a cron file ynh_secure_remove --file="/etc/cron.d/$app" diff --git a/scripts/restore b/scripts/restore index 925e75f..c5e0f18 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -13,12 +14,16 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + true +} +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 +ynh_script_progression --message="Loading settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME @@ -54,10 +59,32 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" +mkdir -p $final_path/sessions/ + chmod 750 "$final_path" +chown -R $app $final_path/{data,plugins,sessions} +chmod -R 700 $final_path/sessions chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" -chown -R $app $final_path/{data,plugins,sessions} + +#================================================= +# RESTORE FAIL2BAN CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=8 + +ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" +ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" +ynh_systemd_action --action=restart --service_name=fail2ban + +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=3 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE THE PHP-FPM CONFIGURATION @@ -73,8 +100,6 @@ ynh_script_progression --message="Restoring the NGINX web server configuration.. ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# SPECIFIC RESTORATION #================================================= # RESTORE THE MYSQL DATABASE #================================================= @@ -85,26 +110,9 @@ ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= -# RESTORE FAIL2BAN CONFIGURATION +# RESTORE VARIOUS FILES #================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=8 - -ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban - -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=3 - -# Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# RESTORE THE CRON FILE -#================================================= -ynh_script_progression --message="Restoring the cron file..." --weight=2 +ynh_script_progression --message="Restoring various files..." --weight=2 ynh_restore_file --origin_path="/etc/cron.d/$app" chown root: "/etc/cron.d/$app" @@ -115,7 +123,7 @@ chmod 644 "/etc/cron.d/$app" #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM.." --weight=2 +ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=2 ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index 160af58..5723e93 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -12,13 +12,13 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +ynh_script_progression --message="Loading settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=adminusername) +admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) phpversion=$YNH_PHP_VERSION @@ -37,12 +37,14 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # restore it if the upgrade fails + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors +#================================================= +# STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -60,6 +62,13 @@ if [ -z "$final_path" ]; then ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi +# If admin doesn't exist, create it +if [ -z "$admin" ]; then + admin=$(ynh_app_setting_get --app=$app --key=adminusername) + ynh_app_setting_set --app=$app --key=admin --value=$admin + ynh_app_setting_delete --app=$app --key=adminusername +fi + # Cleaning legacy permissions if ynh_legacy_permissions_exists; then ynh_legacy_permissions_delete_all @@ -80,8 +89,6 @@ ynh_script_progression --message="Making sure dedicated system user exists..." - # Create a dedicated user (if not existing) ynh_system_user_create --username=$app --home_dir="$final_path" -#================================================= -# STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -91,7 +98,7 @@ then ynh_script_progression --message="Upgrading source files..." --weight=3 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --keep="data config.php" + ynh_setup_source --dest_dir="$final_path" --keep="data/ config.php" fi mkdir -p $final_path/sessions/ @@ -102,7 +109,6 @@ chmod -R 700 $final_path/sessions chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" - #================================================= # UPGRADE DEPENDENCIES #================================================= @@ -126,6 +132,8 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config +#================================================= +# SPECIFIC UPGRADE #================================================= # UPGRADE KANBOARD #================================================= @@ -138,13 +146,6 @@ pushd $final_path php$phpversion cli plugin:upgrade --no-interaction --verbose popd -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=7 - -ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: ,.*$" --max_retry=5 - #================================================= # SETUP CRON #================================================= @@ -154,6 +155,16 @@ ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app" chown root: "/etc/cron.d/$app" chmod 644 "/etc/cron.d/$app" +#================================================= +# GENERIC FINALIZATION +#================================================= +# UPGRADE FAIL2BAN +#================================================= +ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=7 + +# Create a dedicated Fail2Ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: ,.*$" --max_retry=5 + #================================================= # RELOAD NGINX #================================================= @@ -165,4 +176,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last