mirror of
https://github.com/YunoHost-Apps/piwigo_ynh.git
synced 2024-09-03 20:06:03 +02:00
167 lines
6.6 KiB
Bash
167 lines
6.6 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# CHECK VERSION
|
|
#=================================================
|
|
|
|
upgrade_type=$(ynh_check_app_version_changed)
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
|
|
# sets extended pattern matching options in the bash shell
|
|
shopt -s extglob
|
|
|
|
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
|
then
|
|
ynh_script_progression --message="Upgrading source files..." --weight=3
|
|
|
|
# Create tmp directory and fetch app inside
|
|
tmpdir="$(ynh_smart_mktemp --min_size=300)"
|
|
ynh_setup_source --dest_dir="$tmpdir"
|
|
|
|
# Fetch needed plugins
|
|
mkdir -p $tmpdir/plugins/Ldap_Login
|
|
ynh_setup_source --dest_dir="$tmpdir/plugins/Ldap_Login" --source_id=ldap_plugin
|
|
ynh_setup_source --dest_dir="$tmpdir/plugins" --source_id=log_failed_logins_plugin
|
|
|
|
# Install files and set permissions
|
|
cp -a $tmpdir/!(upload|_data|galleries) $install_dir
|
|
|
|
# Backward compatibility:
|
|
# If the _data subdirectory wasn't already moved to /home/yunohost.app/$app,
|
|
# then move it there
|
|
if [ ! -h $install_dir/_data ] ; then
|
|
mv $install_dir/_data $data_dir
|
|
ln -sd $data_dir/_data $install_dir/_data
|
|
fi
|
|
|
|
# Backward compatibility:
|
|
# If the galleries subdirectory wasn't already moved to /home/yunohost.app/$app,
|
|
# then move it there
|
|
if [ ! -h $install_dir/galleries ] ; then
|
|
mv $install_dir/galleries $data_dir
|
|
ln -sd $data_dir/galleries $install_dir/galleries
|
|
fi
|
|
|
|
ynh_secure_remove --file="$tmpdir"
|
|
fi
|
|
|
|
chmod 750 "$data_dir"
|
|
chmod -R o-rwx "$data_dir"
|
|
chown -R $app:www-data "$data_dir"
|
|
|
|
chmod 750 "$install_dir"
|
|
chmod -R o-rwx "$install_dir"
|
|
chown -R $app:www-data "$install_dir"
|
|
|
|
#=================================================
|
|
# PHP-FPM CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=3
|
|
|
|
# Create a dedicated PHP-FPM config
|
|
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
|
|
|
|
# Create a dedicated NGINX config
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# SPECIFIC UPGRADE
|
|
#=================================================
|
|
# UPGRADE APPLICATION WITH CURL
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading Piwigo with cURL..." --weight=6
|
|
|
|
# Reload NGINX
|
|
ynh_systemd_action --service_name=nginx --action=reload
|
|
|
|
if [ "$language" = "fr" ] ; then
|
|
applanguage="fr_FR"
|
|
else
|
|
applanguage="en_UK"
|
|
fi
|
|
|
|
# Upgrade Piwigo via cURL
|
|
# FIXME : Why Curl ... Why can't we trigger the migration from the command line somehow ...
|
|
#ynh_local_curl "/upgrade.php?language=$applanguage&now=true" "language=$applanguage" "username=$admin" "password=$admin_pwd"
|
|
|
|
#=================================================
|
|
# CONFIGURE PIWIGO
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring Piwigo..."
|
|
|
|
# Change local config
|
|
ynh_add_config --template="../conf/config.inc.php" --destination="$install_dir/local/config/config.inc.php"
|
|
|
|
# Setup database in local/config/database.inc.php
|
|
ynh_add_config --template="../conf/database.inc.php" --destination="$install_dir/local/config/database.inc.php"
|
|
|
|
chmod 750 "$install_dir"
|
|
chmod -R o-rwx "$install_dir"
|
|
chown -R $app:www-data "$install_dir"
|
|
|
|
#=================================================
|
|
# CONFIGURE LDAP PLUGIN
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring LDAP plugin..."
|
|
|
|
# Disable LDAP plugin to avoid warning messages during API call
|
|
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "DELETE FROM plugins WHERE id='Ldap_Login';"
|
|
|
|
# Activate the LDAP plugin using the WS API
|
|
|
|
# Login with admin account
|
|
|
|
# FIXME: Is this stuff really needed ... isn't there a way to enable the damn LDAP login plugin from the command line or something ...
|
|
#ynh_local_curl "/ws.php?format=json" "method=pwg.session.login" "username=$admin" "password=$admin_pwd"
|
|
# Get session token
|
|
status=$(ynh_local_curl "/ws.php?format=json" "method=pwg.session.getStatus")
|
|
pwg_token=$(jq --raw-output .result.pwg_token <<< $status)
|
|
# Activate the Ldap_Login plugin
|
|
ynh_local_curl "/ws.php?format=json" "method=pwg.plugins.performAction" "action=activate" "plugin=Ldap_Login" "pwg_token=$pwg_token"
|
|
# Log out
|
|
ynh_local_curl "/ws.php?format=json" "method=pwg.session.logout"
|
|
|
|
# Edit Ldap_Login plugin configuration
|
|
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE piwigo_ldap_login_config SET value='ou=users,dc=yunohost,dc=org' WHERE param = 'ld_basedn';
|
|
UPDATE piwigo_ldap_login_config SET value='uid' WHERE param = 'ld_user_attr';
|
|
UPDATE piwigo_ldap_login_config SET value='' WHERE param = 'ld_binddn';
|
|
UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'allow_new_users';
|
|
UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'ld_group_user_active';"
|
|
# Remove configuration file for older plugin version
|
|
if [ -f $install_dir/plugins/Ldap_Login/data.dat ] ; then
|
|
ynh_secure_remove --file=$install_dir/plugins/Ldap_Login/data.dat
|
|
fi
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# UPGRADE FAIL2BAN
|
|
#=================================================
|
|
ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=8
|
|
|
|
# Configure and activate log_failed_logins plugin
|
|
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');" 2>&1 > /dev/null || ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE plugins SET state='active' WHERE id='log_failed_logins';"
|
|
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');" 2>&1 > /dev/null || ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE config SET value='/var/log/${app}FailedLogins.log' WHERE param='logFailedLoginsFilename';"
|
|
|
|
touch "/var/log/${app}FailedLogins.log"
|
|
chown $app: "/var/log/${app}FailedLogins.log"
|
|
|
|
ynh_add_fail2ban_config --logpath="/var/log/${app}FailedLogins.log" --failregex="ip=<HOST>" --max_retry=6
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression --message="Upgrade of $app completed" --last
|