diff --git a/scripts/.fonctions b/scripts/.fonctions new file mode 100644 index 0000000..d0513c4 --- /dev/null +++ b/scripts/.fonctions @@ -0,0 +1,307 @@ +#!/bin/bash + +ynh_version="2.7.14" + +YNH_VERSION () { # Returns the version number of the Yunohost moulinette + ynh_version=$(sudo yunohost -v | grep "moulinette:" | cut -d' ' -f2 | cut -d'.' -f1,2) +} + +CHECK_VAR () { # Verifies that the variable is not empty. + # $1 = Variable to be checked + # $2 = Display text on error + test -n "$1" || (echo "$2" >&2 && false) +} + +EXIT_PROPERLY () { # Causes the script to stop in the event of an error. And clean the residue. + trap '' ERR + echo -e "\e[91m \e[1m" # Shell in light red bold + echo -e "!!\n $app install's script has encountered an error. Installation was cancelled.\n!!" >&2 + + if type -t CLEAN_SETUP > /dev/null; then # Checks the existence of the function before executing it. + CLEAN_SETUP # Call the specific cleanup function of the install script. + fi + + # Compensates the ssowat bug that does not remove the app's input in case of installation error. + sudo sed -i "\@\"$domain$path/\":@d" /etc/ssowat/conf.json + + if [ "$ynh_version" = "2.2" ]; then + /bin/bash $script_dir/remove + fi + + ynh_die +} + +TRAP_ON () { # Activate signal capture + trap EXIT_PROPERLY ERR # Capturing exit signals on error +} + +TRAP_OFF () { # Ignoring signal capture until TRAP_ON + trap '' ERR # Ignoring exit signals +} + +CHECK_USER () { # Check the validity of the user admin + # $1 = User admin variable + ynh_user_exists "$1" || (echo "Wrong admin" >&2 && false) +} + +CHECK_PATH () { # Vérifie la présence du / en début de path. Et son absence à la fin. + if [ "${path:0:1}" != "/" ]; then # Si le premier caractère n'est pas un / + path="/$path" # Ajoute un / en début de path + fi + if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then # Si le dernier caractère est un / et que ce n'est pas le seul caractère. + path="${path:0:${#path}-1}" # Supprime le dernier caractère + fi +} + +CHECK_DOMAINPATH () { # Vérifie la disponibilité du path et du domaine. + sudo yunohost app checkurl $domain$path -a $app +} + +CHECK_FINALPATH () { # Vérifie que le dossier de destination n'est pas déjà utilisé. + final_path=/opt/$app + if [ -e "$final_path" ] + then + echo "This path already contains a folder" >&2 + false + fi +} + +# Remove a file or a directory securely +# +# usage: ynh_secure_remove path_to_remove +# | arg: path_to_remove - File or directory to remove +ynh_secure_remove () { + path_to_remove=$1 + forbidden_path=" \ + /var/www \ + /home/yunohost.app" + + if [[ "$forbidden_path" =~ "$path_to_remove" \ + # Match all path or subpath in $forbidden_path + || "$path_to_remove" =~ ^/[[:alnum:]]+$ \ + # Match all first level path from / (Like /var, /root, etc...) + || "${path_to_remove:${#path_to_remove}-1}" = "/" ]] + # Match if the path finish by /. Because it's seems there is an empty variable + then + echo "Avoid deleting of $path_to_remove." >&2 + else + if [ -e "$path_to_remove" ] + then + sudo rm -R "$path_to_remove" + else + echo "$path_to_remove doesn't deleted because it's not exist." >&2 + fi + fi +} + +# Add config nginx +ynh_nginx_config () { + finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_compare_checksum_config "$finalnginxconf" 1 + sudo cp ../conf/nginx.conf "$finalnginxconf" + + # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. + # Substitute in a nginx config file only if the variable is not empty + if test -n "${path:-}"; then + ynh_substitute_char "__PATH__" "$path" "$finalnginxconf" + fi + if test -n "${domain:-}"; then + ynh_substitute_char "__DOMAIN__" "$domain" "$finalnginxconf" + fi + if test -n "${port:-}"; then + ynh_substitute_char "__PORT__" "$port" "$finalnginxconf" + fi + if test -n "${app:-}"; then + ynh_substitute_char "__NAME__" "$app" "$finalnginxconf" + fi + if test -n "${final_path:-}"; then + ynh_substitute_char "__FINALPATH__" "$final_path" "$finalnginxconf" + fi + ynh_store_checksum_config "$finalnginxconf" + + sudo systemctl reload nginx +} + +# Remove config nginx +ynh_remove_nginx_config () { + ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf" + sudo systemctl reload nginx +} + +# Substitute a string by another in a file +# +# usage: ynh_substitute_char string_to_find replace_string file_to_analyse +# | arg: string_to_find - String to replace in the file +# | arg: replace_string - New string that will replace +# | arg: file_to_analyse - File where the string will be replaced. +ynh_substitute_char () { + delimit=@ + match_char=${1//${delimit}/"\\${delimit}"} # Escape the delimiter if it's in the string. + replace_char=${2//${delimit}/"\\${delimit}"} + workfile=$3 + + sudo sed --in-place "s${delimit}${match_char}${delimit}${replace_char}${delimit}g" "$workfile" +} + +ynh_store_checksum_config () { + config_file_checksum=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' + ynh_app_setting_set $app $config_file_checksum $(sudo md5sum "$1" | cut -d' ' -f1) +} + +ynh_compare_checksum_config () { + current_config_file=$1 + compress_backup=${2:-0} # If $2 is empty, compress_backup will set at 0 + config_file_checksum=checksum_${current_config_file//[\/ ]/_} # Replace all '/' and ' ' by '_' + checksum_value=$(ynh_app_setting_get $app $config_file_checksum) + if [ -n "$checksum_value" ] + then # Proceed only if a value was stocked into the app config + if ! echo "$checksum_value $current_config_file" | md5sum -c --status + then # If the checksum is now different + backup_config_file="$current_config_file.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')" + if [ compress_backup -eq 1 ] + then + sudo tar --create --gzip --file "$backup_config_file.tar.gz" "$current_config_file" # Backup the current config file and compress + backup_config_file="$backup_config_file.tar.gz" + else + sudo cp -a "$current_config_file" "$backup_config_file" # Backup the current config file + fi + echo "Config file $current_config_file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_config_file" >&2 + echo "$backup_config_file" # Return the name of the backup file + fi + fi +} + +# Create a system user +# +# usage: ynh_system_user_create user_name [home_dir] +# | arg: user_name - Name of the system user that will be create +# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home +ynh_system_user_create () { + if ! ynh_system_user_exists "$1" # Check if the user exists on the system + then # If the user doesn't exist + if [ $# -ge 2 ]; then # If a home dir is mentioned + user_home_dir="-d $2" + else + user_home_dir="--no-create-home" + fi + sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account" + fi +} + +# Delete a system user +# +# usage: ynh_system_user_delete user_name +# | arg: user_name - Name of the system user that will be create +ynh_system_user_delete () { + if ynh_system_user_exists "$1" # Check if the user exists on the system + then + echo "Remove the user $1" >&2 + sudo userdel $1 + else + echo "The user $1 was not found" >&2 + fi +} + +# Create a db without password +# +# usage: ynh_mysql_create_user user +# | arg: user - the user name to create +ynh_psql_create_db_without_password() { + db=$1 + sudo su -c "psql" postgres <<< \ + "CREATE USER $db CREATEDB;" +} + +# Create a user +# +# usage: ynh_mysql_create_user user pwd [host] +# | arg: user - the user name to create +# | arg: pwd - the password to identify user by +ynh_psql_create_user() { + sudo su -c "createuser -s ${1}" postgres +} + +# Create a database and grant optionnaly privilegies to a user +# +# usage: ynh_mysql_create_db db [user [pwd]] +# | arg: db - the database name to create +# | arg: user - the user to grant privilegies +# | arg: pwd - the password to identify user by +ynh_psql_create_db() { + db=$1 + # grant all privilegies to user + if [[ $# -gt 1 ]]; then + if [[ $# -lt 3 ]]; then + ynh_psql_create_user ${2} + else + ynh_psql_create_user ${2} "${3}" + fi + sudo su -c "createdb -O ${2} $db" postgres + else + sudo su -c "createdb $db" postgres + fi +} + +# Create extension +# +# usage: ynh_psql_create_extension db extension +# | arg: extension - the extension name to create +ynh_psql_create_extension() { + sudo su -c "psql" postgres <<< \ + "CREATE EXTENSION ${1};" +} + +# Create role +# +# usage: ynh_psql_create_role role +# | arg: role - the role to create +ynh_psql_create_role() { + sudo su -c "psql" postgres <<< \ + "CREATE ROLE ${1} WITH LOGIN SUPERUSER PASSWORD '${1}';" +} + +# Revoke connect +# +# usage: ynh_psql_revoke_connect user +# | arg: user - the user name to revoke +ynh_psql_revoke_connect() { + sudo su -c "psql" postgres <<< \ + "REVOKE CONNECT ON DATABASE ${1} FROM GROUP;" +} + +# Drop a database +# +# usage: ynh_mysql_drop_db db +# | arg: db - the database name to drop +ynh_psql_drop_db() { + sudo su -c "psql" postgres <<< \ + "REASSIGN OWNED BY root TO postgres; + DROP OWNED BY root;" + sudo su -c "dropdb ${1}" postgres +} + +# Drop a user +# +# usage: ynh_mysql_drop_user user +# | arg: user - the user name to drop +ynh_psql_drop_user() { + sudo su -c "dropuser ${1}" postgres +} + +# Drop extension +# +# usage: ynh_psql_drop_extension extension +# | arg: extension - the extension to create +ynh_psql_drop_extension() { + sudo su -c "psql" postgres <<< \ + "DROP EXTENSION ${1};" +} + +# Drop role +# +# usage: ynh_psql_drop_role role +# | arg: extension - the role to create +ynh_psql_drop_role() { + sudo su -c "psql" postgres <<< \ + "DROP ROLE ${1};" +} diff --git a/scripts/upgrade b/scripts/upgrade index 6979d62..0d3a0f9 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,6 +9,7 @@ set -eu #================================================= source _common.sh +source .fonctions source /usr/share/yunohost/helpers #=================================================