mirror of
https://github.com/YunoHost-Apps/kanboard_ynh.git
synced 2024-09-03 19:36:17 +02:00
202 lines
6 KiB
Bash
202 lines
6 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
# Overload the helper ynh_handle_getopts_args to have fixes from unstable.
|
|
# Needed for ynh_add_fail2ban_config
|
|
source _getopts_fix.sh
|
|
|
|
#=================================================
|
|
# LOAD SETTINGS
|
|
#=================================================
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
domain=$(ynh_app_setting_get $app domain)
|
|
path_url=$(ynh_app_setting_get $app path)
|
|
admin=$(ynh_app_setting_get $app adminusername)
|
|
is_public=$(ynh_app_setting_get $app is_public)
|
|
final_path=$(ynh_app_setting_get $app final_path)
|
|
db_name=$(ynh_app_setting_get $app db_name)
|
|
|
|
#=================================================
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
#=================================================
|
|
|
|
# Fix is_public as a boolean value
|
|
if [ "$is_public" = "Yes" ]; then
|
|
ynh_app_setting_set $app is_public 1
|
|
is_public=1
|
|
elif [ "$is_public" = "No" ]; then
|
|
ynh_app_setting_set $app is_public 0
|
|
is_public=0
|
|
fi
|
|
|
|
# If db_name doesn't exist, create it
|
|
if [ -z $db_name ]; then
|
|
db_name=$(ynh_sanitize_dbid $app)
|
|
ynh_app_setting_set $app db_name $db_name
|
|
fi
|
|
|
|
# If final_path doesn't exist, create it
|
|
if [ -z $final_path ]; then
|
|
final_path=/var/www/$app
|
|
ynh_app_setting_set $app final_path $final_path
|
|
fi
|
|
|
|
#=================================================
|
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
#=================================================
|
|
|
|
# Backup the current version of the app
|
|
ynh_backup_before_upgrade
|
|
ynh_clean_setup () {
|
|
# restore it if the upgrade fails
|
|
ynh_restore_upgradebackup
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
#=================================================
|
|
# CHECK THE PATH
|
|
#=================================================
|
|
|
|
# Normalize the URL path syntax
|
|
path_url=$(ynh_normalize_url_path $path_url)
|
|
|
|
#=================================================
|
|
# STANDARD UPGRADE STEPS
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
|
|
# Move old app dir
|
|
mv "$final_path" "$final_path.old"
|
|
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source "$final_path"
|
|
mkdir -p "$final_path"/sessions
|
|
|
|
# restore data
|
|
cp -a "$final_path.old/data" "$final_path"
|
|
|
|
# restore plugins
|
|
if [ -e "$final_path.old/plugins" ]
|
|
then
|
|
cp -a "$final_path.old/plugins" "$final_path"
|
|
fi
|
|
# delete temp directory
|
|
ynh_secure_remove "$final_path.old"
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
|
|
# Create a dedicated nginx config
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
|
|
# Create a dedicated user (if not existing)
|
|
ynh_system_user_create $app
|
|
|
|
#=================================================
|
|
# PHP-FPM CONFIGURATION
|
|
#=================================================
|
|
|
|
# Create a dedicated php-fpm config
|
|
ynh_add_fpm_config
|
|
|
|
#=================================================
|
|
# UPGRADE DEPENDENCIES
|
|
#=================================================
|
|
|
|
ynh_install_app_dependencies $pkg_dependencies
|
|
|
|
#=================================================
|
|
# SPECIFIC UPGRADE
|
|
#=================================================
|
|
# CREATE CONFIG.PHP
|
|
#=================================================
|
|
|
|
# Retrieve admin email
|
|
email=$(ynh_user_get_info $admin mail)
|
|
|
|
# Copy and edit config.php
|
|
config_php="${final_path}/config.php"
|
|
|
|
ynh_backup_if_checksum_is_different "$config_php"
|
|
|
|
cp ../conf/config.php "$config_php"
|
|
db_pwd=$(ynh_app_setting_get $app mysqlpwd)
|
|
ynh_replace_string "__DB_PWD__" "$db_pwd" "$config_php"
|
|
ynh_replace_string "__DB_NAME__" $db_name "$config_php"
|
|
ynh_replace_string "__USER__" $admin "$config_php"
|
|
ynh_replace_string "__EMAIL__" $email "$config_php"
|
|
ynh_replace_string "__DOMAIN__" $domain "$config_php"
|
|
|
|
#=================================================
|
|
# UPGRADE KANBOARD
|
|
#=================================================
|
|
|
|
(
|
|
cd "$final_path"
|
|
# Launch database migration
|
|
php cli db:migrate --no-interaction --verbose
|
|
# Launch plugins migration
|
|
php cli plugin:upgrade --no-interaction --verbose
|
|
)
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
|
|
# Set permissions to app files
|
|
chown -R root: $final_path
|
|
chown -R $app $final_path/{data,plugins,sessions}
|
|
chmod -R 700 $final_path/sessions
|
|
|
|
#=================================================
|
|
# SETUP FAIL2BAN
|
|
#=================================================
|
|
|
|
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: <HOST>,.*$" --max_retry=5
|
|
|
|
#=================================================
|
|
# SETUP SSOWAT
|
|
#=================================================
|
|
|
|
# Make app public or private
|
|
if [ $is_public -eq 1 ]
|
|
then
|
|
ynh_app_setting_set $app unprotected_uris "/"
|
|
ynh_replace_string "define('LDAP_AUTH'.*$" "define('LDAP_AUTH', true);" "$config_php"
|
|
ynh_replace_string "define('HIDE_LOGIN_FORM'.*$" "define('HIDE_LOGIN_FORM', false);" "$config_php"
|
|
ynh_replace_string "define('REMEMBER_ME_AUTH'.*$" "define('REMEMBER_ME_AUTH', true);" "$config_php"
|
|
ynh_replace_string "define('DISABLE_LOGOUT'.*$" "define('DISABLE_LOGOUT', false);" "$config_php"
|
|
else
|
|
ynh_app_setting_set $app unprotected_uris "/jsonrpc.php"
|
|
fi
|
|
|
|
# Calculate and store the config file checksum into the app settings
|
|
ynh_store_file_checksum "$config_php"
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
|
|
systemctl reload nginx
|
|
|
|
#=================================================
|
|
#=================================================
|
|
|