phpmyadmin_ynh/scripts/upgrade

#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# LOAD SETTINGS
#=================================================

app=$YNH_APP_INSTANCE_NAME

domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
admin=$(ynh_app_setting_get $app admin)
final_path=$(ynh_app_setting_get $app final_path)
db_name=$(ynh_app_setting_get $app db_name)
db_admin_user=$(ynh_app_setting_get $app db_admin_user)
db_admin_pwd=$(ynh_app_setting_get $app db_admin_pwd)

#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================

# If db_name doesn't exist, create it
if [ -z $db_name ]; then
	# In older version, db_name was always phpmyadmin
	db_name=phpmyadmin
	ynh_app_setting_set $app db_name $db_name
fi

# If final_path doesn't exist, create it
if [ -z $final_path ]; then
	final_path="/var/www/$app"
	ynh_app_setting_set $app final_path $final_path
fi

# In older version, the admin setting was admin_user
if [ -z $admin ]; then
	admin=$(ynh_app_setting_get $app admin_user)
	ynh_app_setting_set "$app" admin "$admin"
	ynh_app_setting_delete $app admin_user
fi

# If db_admin_user doesn't exist, create it
if [ -z $db_admin_user ]; then
	# Setup a privileged user for phpmyadmin (to prevent using MySQL root user)
	db_admin_user="${app}_root"
	ynh_app_setting_set $app db_admin_user $db_admin_user
	db_admin_pwd="$(ynh_string_random)"
	ynh_app_setting_set $app db_admin_pwd $db_admin_pwd

	if ! ynh_mysql_user_exists "$db_admin_user" ; then
	  ynh_mysql_create_user "$db_admin_user" "$db_admin_pwd"
	  ynh_mysql_execute_as_root "GRANT ALL PRIVILEGES ON *.* TO '$db_admin_user'@'localhost' IDENTIFIED BY '$db_admin_pwd' WITH GRANT OPTION;
	  FLUSH PRIVILEGES;" mysql
	fi
fi

#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================

# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
	# restore it if the upgrade fails
	ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# CHECK THE PATH
#=================================================

# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)

#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================

# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"

#=================================================
# NGINX CONFIGURATION
#=================================================

# Create a dedicated nginx config
ynh_add_nginx_config

#=================================================
# CREATE DEDICATED USER
#=================================================

# Create a dedicated user (if not existing)
ynh_system_user_create $app

#=================================================
# PHP-FPM CONFIGURATION
#=================================================

# Create a dedicated php-fpm config
ynh_add_fpm_config

#=================================================
# SPECIFIC UPGRADE
#=================================================
# UPGRADE THE DATABASE
#=================================================

db_pwd=$(ynh_app_setting_get $app mysqlpwd)
# Handle upgrade from a version before latest version
# Ignore warnings and failures that will occur if already on latest version
ynh_replace_string "phpmyadmin" "$db_name" $final_path/sql/upgrade_column_info_4_3_0+.sql
ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" \
    < $final_path/sql/upgrade_column_info_4_3_0+.sql > /dev/null 2>&1 || true

# Upgrade from last version (don't ignore failures)
ynh_replace_string "phpmyadmin" "$db_name" $final_path/sql/upgrade_tables_4_7_0+.sql
ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" \
    < $final_path/sql/upgrade_tables_4_7_0+.sql

ynh_replace_string "phpmyadmin" "$db_name" $final_path/sql/create_tables.sql
ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" \
    < $final_path/sql/create_tables.sql

#=================================================
# CONFIGURE PHPMYADMIN
#=================================================

# Verify the checksum and backup the file if it's different
ynh_backup_if_checksum_is_different "$final_path/config.inc.php"

ynh_replace_string "__YNH_PMA_ADMIN_USER__" "$db_admin_user" ../conf/config.inc.php
ynh_replace_string "__YNH_PMA_ADMIN_PASSWORD__" "$db_admin_pwd" ../conf/config.inc.php
ynh_replace_string "__YNH_PMA_USER__" "$db_name" ../conf/config.inc.php
ynh_replace_string "__YNH_PMA_PASSWORD__" "$db_pwd" ../conf/config.inc.php

cp ../conf/config.inc.php $final_path

# Recalculate and store the config file checksum into the app settings
ynh_store_file_checksum "$final_path/config.inc.php"

#=================================================
# INSTALL DEPENDENCIES
#=================================================

# Set permissions for initialization
chown -R $app: "$final_path"

# Install composer
curl -sS https://getcomposer.org/installer \
	| COMPOSER_HOME="$final_path/.composer" \
	php -- --quiet --install-dir="$final_path" \
	|| ynh_die "Unable to install Composer"

# Update dependencies to create composer.lock
exec_as $app COMPOSER_HOME="$final_path/.composer" \
	php "$final_path/composer.phar" install --no-dev \
	-d "$final_path" --quiet --no-interaction \
	|| ynh_die "Unable to update core dependencies with Composer"

# Install dependencies
ynh_exec_warn_less exec_as $app COMPOSER_HOME="$final_path/.composer" \
	php "$final_path/composer.phar" update --no-dev \
	-d "$final_path" --quiet --no-interaction

#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================

# Set permissions to app files
chown -R root: $final_path
# config.inc.php contains sensitive data, restrict its access
chown root:$app $final_path/config.inc.php
chmod 640 $final_path/config.inc.php
# Setup phpMyAdmin temporary folder
mkdir -p $final_path/tmp
chown -R $app: $final_path/tmp

#=================================================
# SETUP SSOWAT
#=================================================

# Restrict access to admin only
yunohost app addaccess --users=$admin $app

#=================================================
# RELOAD NGINX
#=================================================

systemctl reload nginx