#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source ynh_systemd_action source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get $app domain) path_url="/" admin=$(ynh_app_setting_get $app admin) is_public=$(ynh_app_setting_get $app is_public) final_path=$(ynh_app_setting_get $app final_path) db_name=$(ynh_app_setting_get "$app" db_name) admin_email=$(ynh_app_setting_get "$app" admin_email) random_key=$(ynh_app_setting_get "$app" random_key) name=$(ynh_app_setting_get "$app" name) port=$(ynh_app_setting_get "$app" port) db_pwd=$(ynh_app_setting_get "$app" db_pwd) cache=$(ynh_app_setting_get "$app" cache) size=$(ynh_app_setting_get "$app" size) registration=$(ynh_app_setting_get "$app" registration) psql_db=$(ynh_app_setting_get "$app" psql_db) if [ -n "$psql_db" ] then db_name=$(ynh_app_setting_get "$app" psql_db) db_pwd=$(ynh_app_setting_get "$app" psqlpwd) ynh_app_setting_set "$app" db_name "$db_name" ynh_app_setting_set "$app" db_pwd "$db_pwd" ynh_app_setting_delete "$app" psql_db ynh_app_setting_delete "$app" psqlpwd fi #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_print_info "Ensuring downward compatibility..." # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then ynh_app_setting_set $app is_public 1 is_public=1 elif [ "$is_public" = "No" ]; then ynh_app_setting_set $app is_public 0 is_public=0 fi # If db_name doesn't exist, create it if [ -z $db_name ]; then db_name=$(ynh_sanitize_dbid $app) ynh_app_setting_set $app db_name $db_name fi # If final_path doesn't exist, create it if [ -z $final_path ]; then final_path=/var/www/$app ynh_app_setting_set $app final_path $final_path fi # Remove repository ynh_secure_remove "/etc/apt/sources.list.d/erlang-solutions.list" #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_print_info "Backing up the app before upgrading (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_restore_upgradebackup ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # STOP SERVICE #================================================= ynh_systemd_action --action=stop --service_name=$app #================================================= # CHECK THE PATH #================================================= # Normalize the URL path syntax path_url=$(ynh_normalize_url_path $path_url) #================================================= # STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_print_info "Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src #ynh_setup_source "$final_path" git clone --quiet https://git.pleroma.social/pleroma/pleroma "$final_path/upgrade" pushd "$final_path/upgrade" git checkout -b master popd cp -a "$final_path/upgrade/." "$final_path/$app/." rm -r "$final_path/upgrade" #================================================= # NGINX CONFIGURATION #================================================= ynh_print_info "Upgrading nginx web server configuration..." # Create a dedicated nginx config ynh_add_nginx_config ynh_secure_remove /etc/nginx/conf.d/$app-cache.conf if [ $cache -eq 1 ] then cp -rf "../conf/cache.conf" "/etc/nginx/conf.d/$app-cache.conf" ynh_replace_string "{APP}" "$app" "/etc/nginx/conf.d/$app-cache.conf" ynh_replace_string "__SIZE__" "$size" "/etc/nginx/conf.d/$app-cache.conf" ynh_store_file_checksum "/etc/nginx/conf.d/$app-cache.conf" ynh_replace_string "{APP}" "$app" "../conf/media.conf" ynh_replace_string "__PORT__" "$port" "../conf/media.conf" sudo su -c "cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf" ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" fi #================================================= # INSTALL ERLANG and ELIXIR #================================================= ynh_print_info "Installing erlang and elixir ..." if [ "$(lsb_release --codename --short)" == "jessie" ]; then sudo apt install -y ../conf/esl-erlang_21.2.6-1~debian~jessie_amd64.deb sudo apt install -y ../conf/elixir_1.8.1-2~debian~jessie_amd64.deb elif [ "$(lsb_release --codename --short)" == "stretch" ]; then sudo apt install -y ../conf/esl-erlang_21.2.6-1~debian~stretch_amd64.deb sudo apt install -y ../conf/elixir_1.8.1-2~debian~stretch_amd64.deb fi #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_print_info "Upgrading dependencies..." # install dependencies ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= ynh_print_info "Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create "$app" "$final_path" #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_print_info "Upgrading php-fpm configuration..." # Create a dedicated php-fpm config #ynh_add_fpm_config #================================================= # SPECIFIC UPGRADE #================================================= # MODIFY A CONFIG FILE #================================================= cp -f ../conf/generated_config.exs "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__DOMAIN__" "$domain" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__KEY__" "$random_key" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__INSTANCE_NAME__" "$name" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__ADMIN_EMAIL__" "$admin_email" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__PORT__" "$port" "$final_path/$app/config/prod.secret.exs" if [ $cache -eq 1 ] then ynh_replace_string "__MEDIA_CACHE__" "true" "$final_path/$app/config/prod.secret.exs" else ynh_replace_string "__MEDIA_CACHE__" "false" "$final_path/$app/config/prod.secret.exs" fi # Set registrations open/closed if [ $registration -eq 1 ] then ynh_replace_string "__REG__" "true" "$final_path/$app/config/prod.secret.exs" else ynh_replace_string "__REG__" "false" "$final_path/$app/config/prod.secret.exs" fi #================================================= # MAKE UPGRADE #================================================= # Give permission to the final_path chown -R "$app":"$app" "$final_path" pushd $final_path/$app sudo -u "$app" MIX_ENV=prod mix deps.get sudo -u "$app" MIX_ENV=prod mix ecto.migrate --force #Generate key pair sudo -u "$app" MIX_ENV=prod mix web_push.gen.keypair >> "config/prod.secret.exs" ynh_replace_string "administrator@example.com" "$admin_email" "$final_path/$app/config/prod.secret.exs" popd ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. ynh_backup_if_checksum_is_different "$final_path/$app/config/prod.secret.exs" # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum "$final_path/$app/config/prod.secret.exs" #================================================= # CLOSE A PORT #================================================= if yunohost firewall list | grep -q "\- $port$" then echo "Close port $port" >&2 yunohost firewall disallow TCP $port 2>&1 fi #================================================= # SETUP LOGROTATE #================================================= ynh_print_info "Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append #================================================= # SETUP SYSTEMD #================================================= ynh_print_info "Upgrading systemd configuration..." # Create a dedicated systemd config ynh_add_systemd_config #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions on app files chown -R "$app":"$app" "$final_path" #================================================= # SETUP SSOWAT #================================================= ynh_print_info "Upgrading SSOwat configuration..." # Make app public if necessary if [ $is_public -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway ynh_app_setting_set $app unprotected_uris "/" fi #================================================= # RELOAD NGINX #================================================= ynh_print_info "Reloading nginx web server..." systemctl reload nginx #================================================= # START SERVICE #================================================= ynh_systemd_action --action=start --service_name=$app --log_path=systemd --line_match="Running Pleroma.Web.Endpoint" sleep 10 #================================================= # END OF SCRIPT #================================================= ynh_print_info "Upgrade of $app completed"