#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers # Overload the helper ynh_handle_getopts_args to have fixes from unstable. # Needed for ynh_add_fail2ban_config source _getopts_fix.sh #================================================= # LOAD SETTINGS #================================================= app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) admin=$(ynh_app_setting_get $app adminusername) is_public=$(ynh_app_setting_get $app is_public) final_path=$(ynh_app_setting_get $app final_path) db_name=$(ynh_app_setting_get $app db_name) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then ynh_app_setting_set $app is_public 1 is_public=1 elif [ "$is_public" = "No" ]; then ynh_app_setting_set $app is_public 0 is_public=0 fi # If db_name doesn't exist, create it if [ -z $db_name ]; then db_name=$(ynh_sanitize_dbid $app) ynh_app_setting_set $app db_name $db_name fi # If final_path doesn't exist, create it if [ -z $final_path ]; then final_path=/var/www/$app ynh_app_setting_set $app final_path $final_path fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # CHECK THE PATH #================================================= # Normalize the URL path syntax path_url=$(ynh_normalize_url_path $path_url) #================================================= # STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_print_info "Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source "$final_path" mkdir -p $final_path/sessions/ #================================================= # NGINX CONFIGURATION #================================================= # Create a dedicated nginx config ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= # Create a dedicated user (if not existing) ynh_system_user_create $app #================================================= # PHP-FPM CONFIGURATION #================================================= # Create a dedicated php-fpm config ynh_add_fpm_config #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_install_app_dependencies $pkg_dependencies #================================================= # SPECIFIC UPGRADE #================================================= # CREATE CONFIG.PHP #================================================= # Retrieve admin email email=$(ynh_user_get_info $admin mail) # Copy and edit config.php config_php="${final_path}/config.php" ynh_backup_if_checksum_is_different "$config_php" cp ../conf/config.php "$config_php" db_pwd=$(ynh_app_setting_get $app mysqlpwd) ynh_replace_string "__DB_PWD__" "$db_pwd" "$config_php" ynh_replace_string "__DB_NAME__" $db_name "$config_php" ynh_replace_string "__USER__" $admin "$config_php" ynh_replace_string "__EMAIL__" $email "$config_php" ynh_replace_string "__DOMAIN__" $domain "$config_php" #================================================= # UPGRADE KANBOARD #================================================= ( cd "$final_path" # Launch database migration php cli db:migrate --no-interaction --verbose # Launch plugins migration php cli plugin:upgrade --no-interaction --verbose ) #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions to app files chown -R root: $final_path chown -R $app $final_path/{data,plugins,sessions} chmod -R 700 $final_path/sessions #================================================= # SETUP FAIL2BAN #================================================= ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: ,.*$" --max_retry=5 #================================================= # SETUP SSOWAT #================================================= # Make app public or private if [ $is_public -eq 1 ] then ynh_app_setting_set $app unprotected_uris "/" ynh_replace_string "define('LDAP_AUTH'.*$" "define('LDAP_AUTH', true);" "$config_php" ynh_replace_string "define('HIDE_LOGIN_FORM'.*$" "define('HIDE_LOGIN_FORM', false);" "$config_php" ynh_replace_string "define('REMEMBER_ME_AUTH'.*$" "define('REMEMBER_ME_AUTH', true);" "$config_php" ynh_replace_string "define('DISABLE_LOGOUT'.*$" "define('DISABLE_LOGOUT', false);" "$config_php" else ynh_app_setting_set $app unprotected_uris "/jsonrpc.php" fi # Calculate and store the config file checksum into the app settings ynh_store_file_checksum "$config_php" #================================================= # RELOAD NGINX #================================================= systemctl reload nginx #================================================= #=================================================