mirror of
https://github.com/YunoHost-Apps/pleroma_ynh.git
synced 2024-09-03 20:15:59 +02:00
253 lines
No EOL
8.9 KiB
Bash
Executable file
253 lines
No EOL
8.9 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
source psql.sh
|
|
|
|
#=================================================
|
|
# LOAD SETTINGS
|
|
#=================================================
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
domain=$(ynh_app_setting_get $app domain)
|
|
path_url="/"
|
|
admin=$(ynh_app_setting_get $app admin)
|
|
is_public=$(ynh_app_setting_get $app is_public)
|
|
final_path=$(ynh_app_setting_get $app final_path)
|
|
db_name=$(ynh_app_setting_get "$app" psql_db)
|
|
admin_email=$(ynh_app_setting_get "$app" admin_email)
|
|
random_key=$(ynh_app_setting_get "$app" random_key)
|
|
name=$(ynh_app_setting_get "$app" name)
|
|
port=$(ynh_app_setting_get "$app" port)
|
|
db_pwd=$(ynh_app_setting_get "$app" psqlpwd)
|
|
cache=$(ynh_app_setting_get "$app" cache)
|
|
size=$(ynh_app_setting_get "$app" size)
|
|
registration=$(ynh_app_setting_get "$app" registration)
|
|
|
|
#=================================================
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
#=================================================
|
|
|
|
# Fix is_public as a boolean value
|
|
if [ "$is_public" = "Yes" ]; then
|
|
ynh_app_setting_set $app is_public 1
|
|
is_public=1
|
|
elif [ "$is_public" = "No" ]; then
|
|
ynh_app_setting_set $app is_public 0
|
|
is_public=0
|
|
fi
|
|
|
|
# If db_name doesn't exist, create it
|
|
if [ -z $db_name ]; then
|
|
db_name=$(ynh_sanitize_dbid $app)
|
|
ynh_app_setting_set $app db_name $db_name
|
|
fi
|
|
|
|
# If final_path doesn't exist, create it
|
|
if [ -z $final_path ]; then
|
|
final_path=/var/www/$app
|
|
ynh_app_setting_set $app final_path $final_path
|
|
fi
|
|
|
|
#=================================================
|
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
#=================================================
|
|
|
|
# Backup the current version of the app
|
|
ynh_backup_before_upgrade
|
|
ynh_clean_setup () {
|
|
# restore it if the upgrade fails
|
|
ynh_restore_upgradebackup
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
# Stop Pleroma for upgrade
|
|
systemctl stop "$app"
|
|
|
|
#=================================================
|
|
# CHECK THE PATH
|
|
#=================================================
|
|
|
|
# Normalize the URL path syntax
|
|
path_url=$(ynh_normalize_url_path $path_url)
|
|
|
|
#=================================================
|
|
# STANDARD UPGRADE STEPS
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
#ynh_setup_source "$final_path"
|
|
( cd $final_path/$app && git pull )
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
|
|
# Create a dedicated nginx config
|
|
ynh_add_nginx_config
|
|
|
|
ynh_secure_remove /etc/nginx/conf.d/$app-cache.conf
|
|
if [ $cache -eq 1 ]
|
|
then
|
|
cp -rf "../conf/cache.conf" "/etc/nginx/conf.d/$app-cache.conf"
|
|
ynh_replace_string "{APP}" "$app" "/etc/nginx/conf.d/$app-cache.conf"
|
|
ynh_replace_string "__SIZE__" "$size" "/etc/nginx/conf.d/$app-cache.conf"
|
|
ynh_store_file_checksum "/etc/nginx/conf.d/$app-cache.conf"
|
|
ynh_replace_string "{APP}" "$app" "../conf/media.conf"
|
|
ynh_replace_string "__PORT__" "$port" "../conf/media.conf"
|
|
sudo su -c "cat ../conf/media.conf >> /etc/nginx/conf.d/$domain.d/$app.conf"
|
|
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
|
|
fi
|
|
|
|
#=================================================
|
|
# UPGRADE DEPENDENCIES
|
|
#=================================================
|
|
|
|
# Add erlang for Debian Jessie
|
|
|
|
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
|
|
echo "deb http://packages.erlang-solutions.com/debian jessie contrib" | tee /etc/apt/sources.list.d/erlang-solutions.list
|
|
elif
|
|
[ "$(lsb_release --codename --short)" == "stretch" ]; then
|
|
echo "deb http://packages.erlang-solutions.com/debian stretch contrib" | tee /etc/apt/sources.list.d/erlang-solutions.list
|
|
fi
|
|
sudo wget https://packages.erlang-solutions.com/debian/erlang_solutions.asc
|
|
sudo apt-key add erlang_solutions.asc
|
|
sudo rm erlang_solutions.asc
|
|
|
|
# install dependencies
|
|
ynh_install_app_dependencies git build-essential postgresql postgresql-contrib openssl g++ apt-transport-https erlang-inets elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools
|
|
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
|
|
# Create a dedicated user (if not existing)
|
|
ynh_system_user_create $app
|
|
|
|
#=================================================
|
|
# PHP-FPM CONFIGURATION
|
|
#=================================================
|
|
|
|
# Create a dedicated php-fpm config
|
|
#ynh_add_fpm_config
|
|
|
|
#=================================================
|
|
# SPECIFIC UPGRADE
|
|
#=================================================
|
|
# ...
|
|
#=================================================
|
|
|
|
#===================================================
|
|
# Add PostgreSQL extension pg_trgm and citext
|
|
#===================================================
|
|
|
|
ynh_psql_execute_as_root "\connect $db_name
|
|
CREATE EXTENSION IF NOT EXISTS unaccent;CREATE EXTENSION IF NOT EXISTS pg_trgm;"
|
|
ynh_psql_execute_as_root "\connect $db_name
|
|
CREATE EXTENSION IF NOT EXISTS unaccent;CREATE EXTENSION IF NOT EXISTS citext;"
|
|
|
|
# Open this port
|
|
yunohost firewall allow Both "$port" 2>&1
|
|
|
|
|
|
# Give permission to the final_path
|
|
chown -R "$app":"$app" "$final_path"
|
|
( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix local.hex --force )
|
|
( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix local.rebar --force )
|
|
( cd $final_path/$app && sudo -u "$app" mix deps.get )
|
|
( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix ecto.migrate --force )
|
|
|
|
#=================================================
|
|
# MODIFY A CONFIG FILE
|
|
#=================================================
|
|
cp -f ../conf/prod.secret.exs "$final_path/$app/config/prod.secret.exs"
|
|
cp -f ../conf/setup_db.psql "$final_path/$app/config/setup_db.psql"
|
|
|
|
ynh_replace_string "__DOMAIN__" "$domain" "$final_path/$app/config/prod.secret.exs"
|
|
ynh_replace_string "__KEY__" "$random_key" "$final_path/$app/config/prod.secret.exs"
|
|
ynh_replace_string "__INSTANCE_NAME__" "$name" "$final_path/$app/config/prod.secret.exs"
|
|
ynh_replace_string "__DB_NAME__" "$app" "$final_path/$app/config/prod.secret.exs"
|
|
ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/$app/config/prod.secret.exs"
|
|
ynh_replace_string "__ADMIN_EMAIL__" "$admin_email" "$final_path/$app/config/prod.secret.exs"
|
|
ynh_replace_string "__PORT__" "$port" "$final_path/$app/config/prod.secret.exs"
|
|
ynh_replace_string "__DB_NAME__" "$app" "$final_path/$app/config/setup_db.psql"
|
|
ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/$app/config/setup_db.psql"
|
|
if [ $cache -eq 1 ]
|
|
then
|
|
ynh_replace_string "__MEDIA_CACHE__" "true" "$final_path/$app/config/prod.secret.exs"
|
|
else
|
|
ynh_replace_string "__MEDIA_CACHE__" "false" "$final_path/$app/config/prod.secret.exs"
|
|
fi
|
|
|
|
# Set registrations open/closed
|
|
if [ $registration -eq 1 ]
|
|
then
|
|
ynh_replace_string "__REG__" "true" "$final_path/$app/config/prod.secret.exs"
|
|
else
|
|
ynh_replace_string "__REG__" "false" "$final_path/$app/config/prod.secret.exs"
|
|
fi
|
|
|
|
# Recalculate and store the config file checksum into the app settings
|
|
ynh_store_file_checksum "$final_path/$app/config/prod.secret.exs"
|
|
|
|
### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
|
|
### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it.
|
|
ynh_backup_if_checksum_is_different "$final_path/$app/config/prod.secret.exs"
|
|
# Recalculate and store the checksum of the file for the next upgrade.
|
|
ynh_store_file_checksum "$final_path/$app/config/prod.secret.exs"
|
|
|
|
#=================================================
|
|
# SETUP LOGROTATE
|
|
#=================================================
|
|
|
|
# Use logrotate to manage app-specific logfile(s)
|
|
ynh_use_logrotate --non-append
|
|
|
|
#=================================================
|
|
# SETUP SYSTEMD
|
|
#=================================================
|
|
# Create a dedicated systemd config
|
|
ynh_add_systemd_config
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
|
|
# Set permissions on app files
|
|
chown -R "$app":"$app" "$final_path"
|
|
|
|
|
|
#=================================================
|
|
# SETUP SSOWAT
|
|
#=================================================
|
|
|
|
# Make app public if necessary
|
|
if [ $is_public -eq 1 ]
|
|
then
|
|
# unprotected_uris allows SSO credentials to be passed anyway
|
|
ynh_app_setting_set $app unprotected_uris "/"
|
|
fi
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
|
|
systemctl reload nginx
|
|
systemctl enable "$app"
|
|
systemctl start "$app"
|
|
# App needs time to start
|
|
sleep 10 |