#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) is_public=$(ynh_app_setting_get --app=$app --key=is_public) port=$(ynh_app_setting_get --app=$app --key=port) final_path=$(ynh_app_setting_get --app=$app --key=final_path) secret=$(ynh_app_setting_get --app=$app --key=secret) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) theme=$(ynh_app_setting_get --app=$app theme) hashed_password=$(ynh_app_setting_get --app=$app --key=hashed_password) #================================================= # CHECK VERSION #================================================= ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then ynh_app_setting_set --app=$app --key=is_public --value=1 is_public=1 elif [ "$is_public" = "No" ]; then ynh_app_setting_set --app=$app --key=is_public --value=0 is_public=0 fi # If final_path doesn't exist, create it if [ -z "$final_path" ]; then final_path=/var/www/$app ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi if [ -z "$db_pwd" ]; then db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) # Fix old db_pwd if [ -z "$db_pwd" ]; then ynh_psql_test_if_first_run db_name=$(ynh_sanitize_dbid --db_name="$app") db_user=$db_name # Initialize database and store postgres password for upgrade ynh_psql_setup_db --db_user="$db_user" --db_name="$db_name" ynh_app_setting_set --app="$app" --key=db_name --value="$db_name" db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) # Password created in ynh_psql_setup_db function else ynh_app_setting_delete --app=$app --key=db_pwd ynh_app_setting_set --app=$app --key=psqlpwd --value=$db_pwd fi fi if [ -z "$theme" ]; then theme="milligram" ynh_app_setting_set --app=$app --key=theme --value=$theme fi if [ -z "$hashed_password" ]; then # Generate random password password=$(ynh_string_random --length=8) hashed_password=$(echo -n $password | sha256sum | cut -d' ' -f1) echo "The new version of LSTU provide an admin and a stats area which required a password." > mail_to_send echo "" >> mail_to_send echo "This password is: $password" >> mail_to_send ynh_send_readme_to_admin --app_message="mail_to_send" --type="upgrade" ynh_app_setting_set --app=$app --key=hashed_password --value=$hashed_password fi # In previous versions, the port was mistakenly exposed to the outside world >_> if yunohost firewall list | grep -q "\- $port$" then ynh_script_progression --message="Closing port $port..." ynh_exec_warn_less yunohost firewall disallow TCP $port fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { ynh_clean_check_starting # restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS #================================================= # STOP SYSTEMD SERVICE #================================================= ynh_script_progression --message="Stopping a systemd service..." ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" fi #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated nginx config ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create --username=$app #================================================= # SPECIFIC UPGRADE #================================================= # UPGRADE LSTU CONFIGURATION #================================================= ynh_script_progression --message="Upgrading lstu configuration..." config="${final_path}/lstu.conf" ynh_backup_if_checksum_is_different --file="$config" cp ../conf/lstu.conf.template "$config" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config" ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$config" ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config" ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$config" ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_user" --target_file="$config" ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config" ynh_replace_string --match_string="__SELECTED_THEME__" --replace_string="$theme" --target_file="$config" ynh_replace_string --match_string="__PASSWORD_HASHED__" --replace_string="$hashed_password" --target_file="$config" ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$config" if [ $is_public -eq 0 ]; then ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="" --target_file="$config" else ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="#" --target_file="$config" fi ynh_store_file_checksum --file="$config" #================================================= # BUILD LSU #================================================= ynh_script_progression --message="Building lstu..." pushd $final_path carton install --deployment --without=sqlite --without=mysql popd #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Upgrading systemd configuration..." # Create a dedicated systemd config ynh_add_systemd_config #================================================= # GENERIC FINALIZATION #================================================= # SECURING FILES AND DIRECTORIES #================================================= ynh_script_progression --message="Securing files and directories..." # Set permissions on app files chown -R $app: $final_path #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." yunohost service add $app --log "/var/log/$app.log" --log "/var/www/$app/log/production.log" #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." yunohost service add $app --log="/var/log/$app.log" --log="/var/www/$app/log/production.log" #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Upgrading SSOwat configuration..." ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" if [ $is_public -eq 0 ] then # If the app is private, only the shortened URLs are publics. if [ "$path_url" == "/" ]; then # If the path is /, clear it to prevent any error with the regex. path_url="" fi # Modify the domain to be used in a regex domain_regex=$(echo "$domain" | sed 's@-@.@g') ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/login$","$domain_regex$path_url/logout$","$domain_regex$path_url/api$","$domain_regex$path_url/extensions$","$domain_regex$path_url/stats$","$domain_regex$path_url/d/.*$","$domain_regex$path_url/a$","$domain_regex$path_url/$" fi #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." ynh_systemd_action --service_name=$app --action=reload --line_match="Reloaded Shortened URLs service." --log_path="systemd" #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed"