#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get $app domain) path_url="/" admin=$(ynh_app_setting_get $app admin) is_public=$(ynh_app_setting_get $app is_public) final_path=$(ynh_app_setting_get $app final_path) db_name=$(ynh_app_setting_get "$app" psql_db) admin_email=$(ynh_app_setting_get "$app" admin_email) random_key=$(ynh_app_setting_get "$app" random_key) name=$(ynh_app_setting_get "$app" name) port=$(ynh_app_setting_get "$app" port) db_pwd=$(ynh_app_setting_get "$app" psqlpwd) cache=$(ynh_app_setting_get "$app" cache) size=$(ynh_app_setting_get "$app" size) registration=$(ynh_app_setting_get "$app" registration) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then ynh_app_setting_set $app is_public 1 is_public=1 elif [ "$is_public" = "No" ]; then ynh_app_setting_set $app is_public 0 is_public=0 fi # If db_name doesn't exist, create it if [ -z $db_name ]; then db_name=$(ynh_sanitize_dbid $app) ynh_app_setting_set $app db_name $db_name fi # If final_path doesn't exist, create it if [ -z $final_path ]; then final_path=/var/www/$app ynh_app_setting_set $app final_path $final_path fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors # Stop Pleroma for upgrade yunohost service stop "$app" #================================================= # CHECK THE PATH #================================================= # Normalize the URL path syntax path_url=$(ynh_normalize_url_path $path_url) #================================================= # STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= # Download, check integrity, uncompress and patch the source from app.src #ynh_setup_source "$final_path/$app" ( cd $final_path/$app && git pull ) #================================================= # NGINX CONFIGURATION #================================================= # Create a dedicated nginx config ynh_add_nginx_config ynh_secure_remove /etc/nginx/conf.d/$app-cache.conf if [ $cache -eq 1 ] then cp -rf "../conf/cache.conf" "/etc/nginx/conf.d/$app-cache.conf" ynh_replace_string "{APP}" "$app" "/etc/nginx/conf.d/$app-cache.conf" ynh_replace_string "__SIZE__" "$size" "/etc/nginx/conf.d/$app-cache.conf" ynh_store_file_checksum "/etc/nginx/conf.d/$app-cache.conf" ynh_replace_string "{APP}" "$app" "../conf/media.conf" ynh_replace_string "__PORT__" "$port" "../conf/media.conf" sudo su -c "cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf" ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" fi #================================================= # UPGRADE DEPENDENCIES #================================================= # Add erlang for Debian Jessie if [ "$(lsb_release --codename --short)" == "jessie" ]; then echo "deb http://packages.erlang-solutions.com/debian jessie contrib" | tee /etc/apt/sources.list.d/erlang-solutions.list elif [ "$(lsb_release --codename --short)" == "stretch" ]; then echo "deb http://packages.erlang-solutions.com/debian stretch contrib" | tee /etc/apt/sources.list.d/erlang-solutions.list fi sudo wget https://packages.erlang-solutions.com/debian/erlang_solutions.asc sudo apt-key add erlang_solutions.asc sudo rm erlang_solutions.asc # install dependencies ynh_install_app_dependencies git build-essential postgresql postgresql-contrib openssl g++ apt-transport-https erlang-inets elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools #================================================= # CREATE DEDICATED USER #================================================= # Create a dedicated user (if not existing) ynh_system_user_create $app #================================================= # PHP-FPM CONFIGURATION #================================================= # Create a dedicated php-fpm config #ynh_add_fpm_config #================================================= # SPECIFIC UPGRADE #================================================= # ... #================================================= #================================================= # MAKE UPGRADE #================================================= # Give permission to the final_path chown -R "$app":"$app" "$final_path" ( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix local.hex --force ) ( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix local.rebar --force ) ( cd $final_path/$app && sudo -u "$app" mix deps.get ) ynh_psql_execute_as_root \ "ALTER USER $app WITH SUPERUSER;" ( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix ecto.migrate --force ) ynh_psql_execute_as_root \ "ALTER USER $app WITH NOSUPERUSER;" ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. ynh_backup_if_checksum_is_different "$final_path/$app/config/prod.secret.exs" # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum "$final_path/$app/config/prod.secret.exs" #================================================= # CLOSE A PORT #================================================= if yunohost firewall list | grep -q "\- $port$" then echo "Close port $port" >&2 yunohost firewall disallow TCP $port 2>&1 fi #================================================= # SETUP LOGROTATE #================================================= # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append #================================================= # SETUP SYSTEMD #================================================= # Create a dedicated systemd config ynh_add_systemd_config #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions on app files chown -R "$app":"$app" "$final_path" #================================================= # SETUP SSOWAT #================================================= # Make app public if necessary if [ $is_public -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway ynh_app_setting_set $app unprotected_uris "/" fi #================================================= # RELOAD NGINX #================================================= systemctl reload nginx #================================================= # START SERVICE #================================================= yunohost service start $app sleep 30