diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf new file mode 100644 index 0000000..b626ca2 --- /dev/null +++ b/conf/extra_php-fpm.conf @@ -0,0 +1,15 @@ + +; Additional php.ini defines, specific to this pool of workers. +php_value[upload_max_filesize] = 10G +php_value[post_max_size] = 10G +php_value[default_charset] = UTF-8 +; OPcache is already activated by default +; php_value[opcache.enable]=1 +; The following parameters are nevertheless recommended for Nextcloud +; see here: https://docs.nextcloud.com/server/15/admin_manual/installation/server_tuning.html#enable-php-opcache +php_value[opcache.enable_cli]=1 +php_value[opcache.interned_strings_buffer]=8 +php_value[opcache.max_accelerated_files]=10000 +php_value[opcache.memory_consumption]=128 +php_value[opcache.save_comments]=1 +php_value[opcache.revalidate_freq]=1 diff --git a/scripts/_common.sh b/scripts/_common.sh index 71fcc5c..2abc3c8 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,11 +3,7 @@ # COMMON VARIABLES #================================================= -pkg_dependencies="php5-gd php5-json php5-intl php5-mcrypt php5-curl php5-apcu php5-redis php5-ldap php5-imagick imagemagick acl tar smbclient at" - -if [ "$(lsb_release --codename --short)" != "jessie" ]; then - pkg_dependencies="$pkg_dependencies php-zip php-apcu php-mbstring php-xml" -fi +pkg_dependencies="php-gd php-json php-intl php-mcrypt php-curl php-apcu php-redis php-ldap php-imagick php-zip php-mbstring php-xml imagemagick acl tar smbclient at" #================================================= # COMMON HELPERS @@ -49,7 +45,7 @@ rename_mysql_db() { } #================================================= -# COMMON HELPERS -- SHOULD BE ADDED TO YUNOHOST +# EXPERIMENTAL HELPERS #================================================= # Execute a command as another user @@ -65,15 +61,40 @@ exec_as() { fi } +#================================================= + # Check if an URL is already handled # usage: is_url_handled URL is_url_handled() { - local output=($(curl -k -s -o /dev/null \ - -w 'x%{redirect_url} %{http_code}' "$1")) - # It's handled if it does not redirect to the SSO nor return 404 - [[ ! ${output[0]} =~ \/yunohost\/sso\/ && ${output[1]} != 404 ]] + # Declare an array to define the options of this helper. + declare -Ar args_array=( [u]=url= ) + local url + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + # Try to get the url with curl, and keep the http code and an eventual redirection url. + local curl_output="$(curl --insecure --silent --output /dev/null \ + --write-out '%{http_code};%{redirect_url}' "$url")" + + # Cut the output and keep only the first part to keep the http code + local http_code="${curl_output%%;*}" + # Do the same thing but keep the second part, the redirection url + local redirection="${curl_output#*;}" + + # Return 1 if the url isn't handled. + # Which means either curl got a 404 (or the admin) or the sso. + # A handled url should redirect to a publicly accessible url. + # Return 1 if the url has returned 404 + if [ "$http_code" = "404" ] || [[ $redirection =~ "/yunohost/admin" ]]; then + return 1 + # Return 1 if the url is redirected to the SSO + elif [[ $redirection =~ "/yunohost/sso" ]]; then + return 1 + fi } +#================================================= + # Make the main steps to migrate an app to its fork. # # This helper has to be used for an app which needs to migrate to a new name or a new fork @@ -318,49 +339,21 @@ ynh_handle_app_migration () { fi } - -#================================================= -# EXPERIMENTAL HELPERS -#================================================= -#================================================= -# YUNOHOST MULTIMEDIA INTEGRATION #================================================= -# Install or update the main directory yunohost.multimedia +# Check available space before creating a temp directory. # -# usage: ynh_multimedia_build_main_dir -ynh_multimedia_build_main_dir () { - local ynh_media_release="v1.0" - local checksum="4852c8607db820ad51f348da0dcf0c88" - - # Download yunohost.multimedia scripts - wget -nv https://github.com/YunoHost-Apps/yunohost.multimedia/archive/${ynh_media_release}.tar.gz - - # Verify checksum - echo "${checksum} ${ynh_media_release}.tar.gz" | md5sum -c --status \ - || ynh_die "Corrupt source" - - # Extract - mkdir yunohost.multimedia-master - tar -xf ${ynh_media_release}.tar.gz -C yunohost.multimedia-master --strip-components 1 - ./yunohost.multimedia-master/script/ynh_media_build.sh -} - -# Grant write access to multimedia directories to a specified user +# usage: ynh_smart_mktemp --min_size="Min size" # -# usage: ynh_multimedia_addaccess user_name -# -# | arg: user_name - User to be granted write access -ynh_multimedia_addaccess () { - local user_name=$1 - groupadd -f multimedia - usermod -a -G multimedia $user_name -} - -#================================================= - +# | arg: -s, --min_size= - Minimal size needed for the temporary directory, in Mb ynh_smart_mktemp () { - local min_size="${1:-300}" + # Declare an array to define the options of this helper. + declare -Ar args_array=( [s]=min_size= ) + local min_size + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + min_size="${min_size:-300}" # Transform the minimum size from megabytes to kilobytes min_size=$(( $min_size * 1024 )) @@ -379,7 +372,7 @@ ynh_smart_mktemp () { elif is_there_enough_space /home; then local tmpdir=/home else - ynh_die "Insufficient free space to continue..." + ynh_die "Insufficient free space to continue..." fi echo "$(sudo mktemp --directory --tmpdir="$tmpdir")" @@ -612,3 +605,46 @@ ynh_get_scalable_phpfpm () { fi fi } + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= + +#================================================= +# YUNOHOST MULTIMEDIA INTEGRATION +#================================================= + +# Install or update the main directory yunohost.multimedia +# +# usage: ynh_multimedia_build_main_dir +ynh_multimedia_build_main_dir () { + local ynh_media_release="v1.2" + local checksum="806a827ba1902d6911095602a9221181" + + # Download yunohost.multimedia scripts + wget -nv https://github.com/YunoHost-Apps/yunohost.multimedia/archive/${ynh_media_release}.tar.gz + + # Check the control sum + echo "${checksum} ${ynh_media_release}.tar.gz" | md5sum -c --status \ + || ynh_die "Corrupt source" + + # Check if the package acl is installed. Or install it. + ynh_package_is_installed 'acl' \ + || ynh_package_install acl + + # Extract + mkdir yunohost.multimedia-master + tar -xf ${ynh_media_release}.tar.gz -C yunohost.multimedia-master --strip-components 1 + ./yunohost.multimedia-master/script/ynh_media_build.sh +} + +# Grant write access to multimedia directories to a specified user +# +# usage: ynh_multimedia_addaccess user_name +# +# | arg: user_name - User to be granted write access +ynh_multimedia_addaccess () { + local user_name=$1 + groupadd -f multimedia + usermod -a -G multimedia $user_name +} diff --git a/scripts/upgrade b/scripts/upgrade index 79a0f85..c436f71 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -13,35 +13,46 @@ source _ynh_add_fpm_config #================================================= # LOAD SETTINGS #================================================= +ynh_script_progression --message="Loading installation settings..." --weight=3 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get $app domain) -path_url=$(ynh_app_setting_get $app path) -admin=$(ynh_app_setting_get $app admin) -final_path=$(ynh_app_setting_get $app final_path) -db_name=$(ynh_app_setting_get $app db_name) -user_home=$(ynh_app_setting_get $app user_home) +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +user_home=$(ynh_app_setting_get --app=$app --key=user_home) fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) #================================================= -# ENSURE DOWNWARD COMPATIBILITY +# CHECK VERSION #================================================= +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." + # If db_name doesn't exist, create it -if [ -z $db_name ]; then - db_name=$(ynh_sanitize_dbid $app) - ynh_app_setting_set $app db_name $db_name +if [ -z "$db_name" ]; then + db_name=$(ynh_sanitize_dbid --db_name=$app) + ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi # If final_path doesn't exist, create it -if [ -z $final_path ]; then +if [ -z "$final_path" ]; then final_path=/var/www/$app - ynh_app_setting_set $app final_path $final_path + ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi +# Remove the option backup_core_only if it's in the settings.yml file +ynh_app_setting_delete --app=$app --key=backup_core_only + # If fpm_footprint doesn't exist, create it if [ -z "$fpm_footprint" ]; then fpm_footprint=high @@ -57,10 +68,10 @@ fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=30 # Made a backup only after the version 11.0.0 # Before, the datas will be always saved. - # Get the current version number of nextcloud/owncloud current_version=$(grep OC_VersionString "$final_path/version.php" | cut -d\' -f2) current_major_version=${current_version%%.*} @@ -68,20 +79,25 @@ current_major_version=${current_version%%.*} if [ $current_major_version -gt 11 ] then # Inform the backup/restore process that it should not save the data directory - ynh_app_setting_set $app backup_core_only 1 + # Use only for the previous backup script that doesn't set 'is_big' + ynh_app_setting_set --app=$app --key=backup_core_only --value=1 # Backup the current version of the app ynh_backup_before_upgrade - ynh_clean_setup () { - # Remove the post migration script before its execution ! - ynh_secure_remove "/tmp/owncloud_post_migration.sh" 2>&1 - # restore it if the upgrade fails - ynh_restore_upgradebackup + # Remove the option backup_core_only after the backup. + ynh_app_setting_delete $app backup_core_only + + ynh_clean_setup () { + # Remove the post migration script before its execution ! + ynh_exec_warn_less ynh_secure_remove --file="/tmp/owncloud_post_migration.sh" + + # restore it if the upgrade fails + ynh_restore_upgradebackup } fi -# Exit if an error occurs during the script execution +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= @@ -91,10 +107,10 @@ ynh_abort_if_errors ynh_handle_app_migration "owncloud" "owncloud_migration" if [ $migration_process -eq 1 ] then - # If a migration has been perform + # If a migration has been performed # Reload some values changed by the migration process - final_path=$(ynh_app_setting_get $app final_path) - db_name=$(ynh_app_setting_get $app db_name) + final_path=$(ynh_app_setting_get --app=$app --key=final_path) + db_name=$(ynh_app_setting_get --app=$app --key=db_name) # Remove the old fake package for owncloud. # Its name is specific, so the migration process can't remove it @@ -114,27 +130,29 @@ fi #================================================= # Normalize the URL path syntax -path_url=$(ynh_normalize_url_path $path_url) +path_url=$(ynh_normalize_url_path --path_url=$path_url) #================================================= # STANDARD UPGRADE STEPS #================================================= # NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2 + +ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" # Delete current nginx configuration to be able to check if .well-known is already served. ynh_remove_nginx_config -ynh_app_setting_delete $app "checksum__etc_nginx_conf.d_$domain.d_$app.conf" || true -# Do not serve .well-known if it's already served on the domain -if is_url_handled "https://${domain}/.well-known/caldav" ; then - sed -ri '/^location = \/\.well\-known\/(caldav|carddav) \{/,/\}/d' \ - "../conf/nginx.conf" -fi +ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" -# Handle root path, avoid double slash. -# Temporary fix, in waiting for an upgrade of the helper. (#361) -path_url_slash_less=${path_url%/} -ynh_replace_string "__PATH__/" "$path_url_slash_less/" "../conf/nginx.conf" +# Check if .well-known is available for this domain +if is_url_handled --url="https://$domain/.well-known/caldav" || is_url_handled --url="https://$domain/.well-known/carddav" +then + ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." + + # Remove lines about .well-known/carddav and caldav with sed. + sed --in-place --regexp-extended '/^location = \/\.well\-known\/(caldav|carddav) \{/,/\}/d' "../conf/nginx.conf" +fi # Create a dedicated nginx config ynh_add_nginx_config @@ -142,20 +160,28 @@ ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." -# Create a system user -ynh_system_user_create $app +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app #================================================= # PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2 # Create a dedicated php-fpm config ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint +# Delete existing ini configuration file (backward compatibility) +if [ -f /etc/php/7.0/fpm/conf.d/20-$app.ini ]; then + ynh_secure_remove --file=/etc/php/7.0/fpm/conf.d/20-$app.ini +fi + #================================================= # UPGRADE DEPENDENCIES #================================================= +ynh_script_progression --message="Upgrading dependencies..." --weight=7 ynh_install_app_dependencies $pkg_dependencies @@ -166,144 +192,184 @@ ynh_install_app_dependencies $pkg_dependencies # VERSION TO THE NEXT ONE #================================================= -# Load the last available version -source upgrade.d/upgrade.last.sh -last_version=$next_version +# Define a function to execute commands with `occ` +exec_occ() { +(cd "$final_path" && exec_as "$app" \ + php occ --no-interaction --no-ansi "$@") +} +# Define a function to add an external storage +# Create the external storage for the given folders and enable sharing +create_external_storage() { +local datadir="$1" +local mount_name="$2" +local mount_id=`exec_occ files_external:create --output=json \ + "$mount_name" 'local' 'null::null' -c "datadir=$datadir" || true` +! [[ $mount_id =~ ^[0-9]+$ ]] \ + && ynh_print_warn --message="Unable to create external storage" \ + || exec_occ files_external:option "$mount_id" enable_sharing true +} # Define app's data directory -datadir="/home/yunohost.app/${app}/data" +datadir="/home/yunohost.app/$app/data" -# Set write access for the following commands -chown -R $app: "$final_path" "$datadir" +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading nextcloud..." --weight=3 -# Print the current version number of nextcloud -exec_occ -V - -# While the current version is not the last version, do an upgrade -while [ "$last_version" != "$current_version" ] -do - - # The major version is the first part of the version number - # major_version=${next_version%%.*} - major_version=${last_version%%.*} - current_major_version=${current_version%%.*} - - # If the current version has the same major version than the next one, - # then it's the last upgrade to do - if [ "$major_version" -eq "$current_major_version" ]; then - current_major_version=last - # Execute the commands dedicated to the last upgrade - last_upgrade_operations - fi - - # Load the value for this version - source upgrade.d/upgrade.$current_major_version.sh - - echo -e "\nUpgrade to nextcloud $next_version" >&2 - - # Create an app.src for this version of nextcloud - cp ../conf/app.src.default ../conf/app.src - ynh_replace_string "__VERSION__" "$next_version" "../conf/app.src" - ynh_replace_string "__SHA256_SUM__" "$nextcloud_source_sha256" "../conf/app.src" - - # Create a temporary directory - tmpdir="$(ynh_smart_mktemp 300)" - - # Install the next nextcloud version in $tmpdir - ynh_setup_source "$tmpdir" - - # Enable maintenance mode - exec_occ maintenance:mode --on - - # Backup the config file in the temp dir - cp -a "$final_path/config/config.php" "$tmpdir/config/config.php" - - # Backup 3rd party applications from the current nextcloud - # But do not overwrite if there is any upgrade - # (apps directory already exists in Nextcloud archive) - cp -a --update "$final_path/apps" "$tmpdir" - - # Replace the old nextcloud by the new one - ynh_secure_remove "$final_path" - mv "$tmpdir" "$final_path" - ynh_secure_remove "$tmpdir" + # Load the last available version + source upgrade.d/upgrade.last.sh + last_version=$next_version # Set write access for the following commands chown -R $app: "$final_path" "$datadir" - # Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3) - exec_occ maintenance:mode --off - exec_occ upgrade \ - || ([[ $? -eq 3 ]] || ynh_die "Unable to upgrade Nextcloud") - - # Get the new current version number - current_version=$(grep OC_VersionString "$final_path/version.php" | cut -d\' -f2) - current_major_version=${current_version%%.*} - # Print the current version number of nextcloud exec_occ -V -done -#================================================= -# CONFIGURE NEXTCLOUD -#================================================= + # While the current version is not the last version, do an upgrade + while [ "$last_version" != "$current_version" ] + do -# Verify the checksum and backup the file if it's different -ynh_backup_if_checksum_is_different "${final_path}/config/config.php" + # The major version is the first part of the version number + # major_version=${next_version%%.*} + major_version=${last_version%%.*} + current_major_version=${current_version%%.*} -nc_conf="${final_path}/config.json" -cp ../conf/config.json "$nc_conf" -ynh_replace_string "#DOMAIN#" "$domain" "$nc_conf" -ynh_replace_string "#DATADIR#" "$datadir" "$nc_conf" + # If the current version has the same major version than the next one, + # then it's the last upgrade to do + if [ "$major_version" -eq "$current_major_version" ]; then + current_major_version=last + # Execute the commands dedicated to the last upgrade + last_upgrade_operations + fi -# Ensure that UpdateNotification app is disabled -exec_occ app:disable updatenotification + # Load the value for this version + source upgrade.d/upgrade.$current_major_version.sh -# Enable plugins -exec_occ app:enable user_ldap + ynh_print_info --message="Upgrade to nextcloud $next_version" -# Load the config file in nextcloud -exec_occ config:import "$nc_conf" -# Then remove it -rm -f "$nc_conf" + # Create an app.src for this version of nextcloud + cp ../conf/app.src.default ../conf/app.src + ynh_replace_string --match_string="__VERSION__" --replace_string="$next_version" --target_file="../conf/app.src" + ynh_replace_string --match_string="__SHA256_SUM__" --replace_string="$nextcloud_source_sha256" --target_file="../conf/app.src" -#================================================= -# ALLOW USERS TO DISCONNECT FROM NEXTCLOUD -#================================================= + # Create a temporary directory + tmpdir="$(ynh_smart_mktemp min_size=300)" -# Add dynamic logout URL to the config -exec_occ config:system:get logout_url >/dev/null 2>&1 \ - || echo " -//-YunoHost- -// set logout_url according to main domain -\$main_domain = exec('cat /etc/yunohost/current_host'); -\$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout'; -//-YunoHost- -" >> "${final_path}/config/config.php" + # Install the next nextcloud version in $tmpdir + ynh_setup_source --dest_dir="$tmpdir" -#================================================= -# MOUNT HOME FOLDERS AS EXTERNAL STORAGE -#================================================= + # Enable maintenance mode + exec_occ maintenance:mode --on -# Enable External Storage and create local mount to home folder as needed -if [ $user_home -eq 1 ]; then - exec_occ app:enable files_external - exec_occ files_external:list --output=json \ - | grep -q '"storage":"\\\\OC\\\\Files\\\\Storage\\\\Local"' \ - || create_external_storage "/home/\$user" "Home" - # Iterate over users to extend their home folder permissions - for u in $(ynh_user_list); do - setfacl -m g:$app:rwx "/home/$u" || true + # Backup the config file in the temp dir + cp -a "$final_path/config/config.php" "$tmpdir/config/config.php" + + # Backup 3rd party applications from the current nextcloud + # But do not overwrite if there is any upgrade + # (apps directory already exists in Nextcloud archive) + ( + cd $final_path/apps + for nc_app_dir in */ + do + if [ ! -d "$tmpdir/apps/$nc_app_dir" ] + then + cp -a "$nc_app_dir" "$tmpdir/apps/$nc_app_dir" + fi + done + ) + + # Replace the old nextcloud by the new one + ynh_secure_remove --file="$final_path" + mv "$tmpdir" "$final_path" + ynh_secure_remove --file="$tmpdir" + + # Set write access for the following commands + chown -R $app: "$final_path" "$datadir" + + # Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3) + exec_occ maintenance:mode --off + exec_occ upgrade \ + || ([ $? -eq 3 ] || ynh_die --message="Unable to upgrade Nextcloud") + + # Get the new current version number + current_version=$(grep OC_VersionString "$final_path/version.php" | cut -d\' -f2) + current_major_version=${current_version%%.*} + + # Print the current version number of nextcloud + exec_occ -V done + + #================================================= + # CONFIGURE NEXTCLOUD + #================================================= + ynh_script_progression --message="Reconfiguring nextcloud..." --weight=9 + + # Verify the checksum and backup the file if it's different + ynh_backup_if_checksum_is_different --file="$final_path/config/config.php" + + nc_conf="${final_path}/config.json" + cp ../conf/config.json "$nc_conf" + + ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$nc_conf" + ynh_replace_string --match_string="__DATADIR__" --replace_string="$datadir" --target_file="$nc_conf" + + # Ensure that UpdateNotification app is disabled + exec_occ app:disable updatenotification + + # Enable plugins + exec_occ app:enable user_ldap + + # Load the config file in nextcloud + exec_occ config:import "$nc_conf" + + # Then remove the config file + ynh_secure_remove --file="$nc_conf" + + #================================================= + # ALLOW USERS TO DISCONNECT FROM NEXTCLOUD + #================================================= + + # Add dynamic logout URL to the config + exec_occ config:system:get logout_url >/dev/null 2>&1 \ + || echo " + //-YunoHost- + // set logout_url according to main domain + \$main_domain = exec('cat /etc/yunohost/current_host'); + \$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout'; + //-YunoHost- + " >> "$final_path/config/config.php" + + #================================================= + # CHANGE HOSTNAME FOR ACTIVITY NOTIFICATIONS + #================================================= + + ynh_replace_string --match_string="'overwrite.cli.url' => 'http://localhost'," --replace_string="'overwrite.cli.url' => 'https://${domain}'," --target_file="${final_path}/config/config.php" + + #================================================= + # MOUNT HOME FOLDERS AS EXTERNAL STORAGE + #================================================= + + # Enable External Storage and create local mount to home folder as needed + if [ $user_home -eq 1 ]; then + exec_occ app:enable files_external + exec_occ files_external:list --output=json \ + | grep -q '"storage":"\\\\OC\\\\Files\\\\Storage\\\\Local"' \ + || create_external_storage "/home/\$user" "Home" + # Iterate over users to extend their home folder permissions + for u in $(ynh_user_list); do + setfacl --modify g:$app:rwx "/home/$u" || true + done + fi + + #================================================= + # STORE THE CHECKSUM OF THE CONFIG FILE + #================================================= + + # Calculate and store the config file checksum into the app settings + ynh_store_file_checksum --file="${final_path}/config/config.php" fi -#================================================= -# STORE THE CHECKSUM OF THE CONFIG FILE -#================================================= - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum "${final_path}/config/config.php" - #================================================= # UPDATE THE CRON JOB #================================================= @@ -313,8 +379,8 @@ cp -a ../conf/nextcloud.cron "$cron_path" chown root: "$cron_path" chmod 644 "$cron_path" -ynh_replace_string "#USER#" "$app" "$cron_path" -ynh_replace_string "#DESTDIR#" "$final_path" "$cron_path" +ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="$cron_path" +ynh_replace_string --match_string="__DESTDIR__" --replace_string="$final_path" --target_file="$cron_path" exec_occ background:cron @@ -323,11 +389,12 @@ exec_occ background:cron #================================================= # Set system group in hooks -ynh_replace_string "#GROUP#" "$app" ../hooks/post_user_create +ynh_replace_string --match_string="__GROUP__" --replace_string="$app" --target_file=../hooks/post_user_create #================================================= # YUNOHOST MULTIMEDIA INTEGRATION #================================================= +ynh_script_progression --message="Updating multimedia directories..." --weight=6 # Build YunoHost multimedia directories ynh_multimedia_build_main_dir @@ -346,43 +413,57 @@ ynh_multimedia_addaccess $app # Fix app ownerships & permissions chown -R $app: "$final_path" "$datadir" -find ${final_path}/ -type f -print0 | xargs -0 chmod 0644 -find ${final_path}/ -type d -print0 | xargs -0 chmod 0755 -find ${datadir}/ -type f -print0 | xargs -0 chmod 0640 -find ${datadir}/ -type d -print0 | xargs -0 chmod 0750 -chmod 640 "${final_path}/config/config.php" +find $final_path/ -type f -print0 | xargs -0 chmod 0644 +find $final_path/ -type d -print0 | xargs -0 chmod 0755 +find $datadir/ -type f -print0 | xargs -0 chmod 0640 +find $datadir/ -type d -print0 | xargs -0 chmod 0750 +chmod 640 "$final_path/config/config.php" chmod 755 /home/yunohost.app #================================================= # WARNING ABOUT THIRD-PARTY APPS #================================================= -# Warn about possible disabled apps -echo "Note that if you've installed some third-parties Nextcloud applications, \ -they are probably disabled and you'll have to manually enable them again." >&2 +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + # Warn about possible disabled apps + ynh_print_warn --message="Note that if you've installed some third-parties Nextcloud applications, \ + they are probably disabled and you'll have to manually enable them again." +fi #================================================= # SETUP LOGROTATE #================================================= +ynh_script_progression --message="Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append +#================================================= +# SETUP FAIL2BAN +#================================================= +ynh_script_progression --message="Reconfiguring fail2ban..." --weight=7 + +# Create a dedicated fail2ban config +ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 + #================================================= # GENERIC FINALIZATION #================================================= # SETUP SSOWAT #================================================= +ynh_script_progression --message="Upgrading SSOwat configuration..." --weight=2 -ynh_app_setting_set $app unprotected_uris "/" -ynh_app_setting_set $app skipped_regex \ - "$(sed 's/[\.\-]/\%&/g' <<< $domain)/%.well%-known/.*" +ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" +ynh_app_setting_set --app=$app --key=skipped_regex \ + --value="$(sed 's/[\.\-]/\%&/g' <<< $domain)/%.well%-known/.*" #================================================= # RELOAD NGINX #================================================= +ynh_script_progression --message="Reloading nginx web server..." -systemctl reload nginx +ynh_systemd_action --service_name=nginx --action=reload #================================================= # FINISH MIGRATION PROCESS @@ -390,17 +471,23 @@ systemctl reload nginx if [ $migration_process -eq 1 ] then - echo "ownCloud has been successfully migrated to Nextcloud! \ + ynh_print_info --message="ownCloud has been successfully migrated to Nextcloud! \ A last scheduled operation will run in a couple of minutes to finish the \ migration in YunoHost side. Do not proceed any application operation while \ -you don't see Nextcloud as installed." >&2 +you don't see Nextcloud as installed." # Execute a post migration script after the end of this upgrade. # Mainly for some cleaning script_post_migration=owncloud_post_migration.sh - ynh_replace_string "__OLD_APP__" "$old_app" ../conf/$script_post_migration - ynh_replace_string "__NEW_APP__" "$app" ../conf/$script_post_migration + ynh_replace_string --match_string="__OLD_APP__" --replace_string="$old_app" --target_file=../conf/$script_post_migration + ynh_replace_string --match_string="__NEW_APP__" --replace_string="$app" --target_file=../conf/$script_post_migration cp ../conf/$script_post_migration /tmp chmod +x /tmp/$script_post_migration (cd /tmp; echo "/tmp/$script_post_migration > /tmp/$script_post_migration.log 2>&1" | at now + 2 minutes) fi + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" --last