#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) admin=$(ynh_app_setting_get $app admin) final_path=$(ynh_app_setting_get $app final_path) db_name=$(ynh_app_setting_get $app db_name) db_admin_user=$(ynh_app_setting_get $app db_admin_user) db_admin_pwd=$(ynh_app_setting_get $app db_admin_pwd) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= # If db_name doesn't exist, create it if [ -z $db_name ]; then # In older version, db_name was always phpmyadmin db_name=phpmyadmin ynh_app_setting_set $app db_name $db_name fi # If final_path doesn't exist, create it if [ -z $final_path ]; then final_path="/var/www/$app" ynh_app_setting_set $app final_path $final_path fi # In older version, the admin setting was admin_user if [ -z $admin ]; then admin=$(ynh_app_setting_get $app admin_user) ynh_app_setting_set "$app" admin "$admin" ynh_app_setting_delete $app admin_user fi # If db_admin_user doesn't exist, create it if [ -z $db_admin_user ]; then # Setup a privileged user for phpmyadmin (to prevent using MySQL root user) db_admin_user="${app}_root" ynh_app_setting_set $app db_admin_user $db_admin_user db_admin_pwd="$(ynh_string_random)" ynh_app_setting_set $app db_admin_pwd $db_admin_pwd if ! ynh_mysql_user_exists "$db_admin_user" ; then ynh_mysql_create_user "$db_admin_user" "$db_admin_pwd" ynh_mysql_execute_as_root "GRANT ALL PRIVILEGES ON *.* TO '$db_admin_user'@'localhost' IDENTIFIED BY '$db_admin_pwd' WITH GRANT OPTION; FLUSH PRIVILEGES;" mysql fi fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_backup_before_upgrade # Backup the current version of the app ynh_clean_setup () { ynh_restore_upgradebackup # restore it if the upgrade fails } ynh_abort_if_errors # Exit if an error occurs during the execution of the script #================================================= # CHECK THE PATH #================================================= # Normalize the URL path syntax path_url=$(ynh_normalize_url_path $path_url) #================================================= # STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source "$final_path" #================================================= # NGINX CONFIGURATION #================================================= # Create a dedicated nginx config ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= # Create a system user ynh_system_user_create $app #================================================= # PHP-FPM CONFIGURATION #================================================= # Create a dedicated php-fpm config ynh_add_fpm_config #================================================= # SPECIFIC UPGRADE #================================================= # UPGRADE THE DATABASE #================================================= db_pwd=$(ynh_app_setting_get $app mysqlpwd) # Handle upgrade from a version before latest version # Ignore warnings and failures that will occur if already on latest version ynh_replace_string "phpmyadmin" "$db_name" $final_path/sql/upgrade_column_info_4_3_0+.sql ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" \ < $final_path/sql/upgrade_column_info_4_3_0+.sql > /dev/null 2>&1 || true # Upgrade from last version (don't ignore failures) ynh_replace_string "phpmyadmin" "$db_name" $final_path/sql/upgrade_tables_4_7_0+.sql ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" \ < $final_path/sql/upgrade_tables_4_7_0+.sql ynh_replace_string "phpmyadmin" "$db_name" $final_path/sql/create_tables.sql ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" \ < $final_path/sql/create_tables.sql #================================================= # CONFIGURE PHPMYADMIN #================================================= # Verify the checksum and backup the file if it's different ynh_backup_if_checksum_is_different "$final_path/config.inc.php" ynh_replace_string "YNH_DOMAIN" "$domain" ../conf/config.inc.php ynh_replace_string "YNH_PMA_ADMIN_USER" "$db_admin_user" ../conf/config.inc.php ynh_replace_string "YNH_PMA_ADMIN_PASSWORD" "$db_admin_pwd" ../conf/config.inc.php ynh_replace_string "YNH_PMA_USER" "$db_name" ../conf/config.inc.php ynh_replace_string "YNH_PMA_PASSWORD" "$db_pwd" ../conf/config.inc.php ynh_replace_string "YNH_MYSQL_ROOT_PASSWORD" "$(cat $MYSQL_ROOT_PWD_FILE)" ../conf/config.inc.php cp ../conf/config.inc.php $final_path # Recalculate and store the config file checksum into the app settings ynh_store_file_checksum "$final_path/config.inc.php" #================================================= # INSTALL DEPENDENCIES #================================================= # Install composer init_composer "$final_path" # Install dependencies exec_composer "$final_path" update --no-dev #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions to app files chown -R root: $final_path # config.inc.php contains sensitive data, restrict its access chown root:$app $final_path/config.inc.php chmod 640 $final_path/config.inc.php # Setup phpMyAdmin temporary folder mkdir -p $final_path/tmp chown $app: $final_path/tmp #================================================= # SETUP SSOWAT #================================================= # Restrict access to admin only yunohost app addaccess --users=$admin $app #================================================= # RELOAD NGINX #================================================= systemctl reload nginx