mirror of
https://github.com/YunoHost-Apps/privatebin_ynh.git
synced 2024-09-03 20:15:56 +02:00
160 lines
4.7 KiB
Bash
160 lines
4.7 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# LOAD SETTINGS
|
|
#=================================================
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
domain=$(ynh_app_setting_get $app domain)
|
|
path_url=$(ynh_app_setting_get $app path)
|
|
is_public=$(ynh_app_setting_get $app is_public)
|
|
final_path=$(ynh_app_setting_get $app final_path)
|
|
|
|
#=================================================
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
#=================================================
|
|
|
|
# Fix is_public as a boolean value
|
|
if [ "$is_public" = "Yes" ]; then
|
|
ynh_app_setting_set $app is_public 1
|
|
is_public=1
|
|
elif [ "$is_public" = "No" ]; then
|
|
ynh_app_setting_set $app is_public 0
|
|
is_public=0
|
|
elif [ -z "$is_public" ]; then
|
|
if grep --quiet "unprotected_uris" "/etc/yunohost/apps/$app/settings.yml"
|
|
then
|
|
ynh_app_setting_set $app is_public 1
|
|
is_public=1
|
|
else
|
|
ynh_app_setting_set $app is_public 0
|
|
is_public=0
|
|
fi
|
|
fi
|
|
|
|
# If final_path doesn't exist, create it
|
|
if [ -z $final_path ]; then
|
|
final_path=/var/www/$app
|
|
ynh_app_setting_set $app final_path $final_path
|
|
fi
|
|
|
|
#=================================================
|
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
#=================================================
|
|
|
|
# Backup the current version of the app
|
|
ynh_backup_before_upgrade
|
|
ynh_clean_setup () {
|
|
# restore it if the upgrade fails
|
|
ynh_restore_upgradebackup
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
#=================================================
|
|
# CHECK THE PATH
|
|
#=================================================
|
|
|
|
# Normalize the URL path syntax
|
|
path_url=$(ynh_normalize_url_path $path_url)
|
|
|
|
#=================================================
|
|
# STANDARD UPGRADE STEPS
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
|
|
# Create a dedicated nginx config
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
|
|
# Create a system user
|
|
ynh_system_user_create $app
|
|
|
|
#=================================================
|
|
# PHP-FPM CONFIGURATION
|
|
#=================================================
|
|
|
|
# Create a dedicated php-fpm config
|
|
ynh_add_fpm_config
|
|
|
|
#=================================================
|
|
# SPECIFIC UPGRADE
|
|
#=================================================
|
|
# REMOVE OLD FILES
|
|
#=================================================
|
|
|
|
# ??? Maybe julienmalik can explain us why he would remove all this files.
|
|
# Clean all files and directory except the data directory
|
|
ynh_secure_remove $final_path/cfg
|
|
ynh_secure_remove $final_path/CREDITS.md
|
|
ynh_secure_remove $final_path/i18n
|
|
ynh_secure_remove $final_path/index.php
|
|
ynh_secure_remove $final_path/js
|
|
ynh_secure_remove $final_path/README.md
|
|
ynh_secure_remove $final_path/tmp
|
|
ynh_secure_remove $final_path/CHANGELOG.md
|
|
ynh_secure_remove $final_path/css
|
|
ynh_secure_remove $final_path/favicon.ico
|
|
ynh_secure_remove $final_path/img
|
|
ynh_secure_remove $final_path/INSTALL.md
|
|
ynh_secure_remove $final_path/lib
|
|
ynh_secure_remove $final_path/robots.txt
|
|
ynh_secure_remove $final_path/tpl
|
|
ynh_secure_remove $final_path/data
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source "$final_path"
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
|
|
# Set permissions to app files
|
|
chown -R root: $final_path
|
|
# Files owned by user specific can just read
|
|
find $final_path -type f | xargs chmod 644
|
|
find $final_path -type d | xargs chmod 755
|
|
|
|
# except for data and tmp subdir, where the user must have write permissions
|
|
mkdir -p $final_path/{data,tmp}
|
|
chown -R $app:root $final_path/{data,tmp}
|
|
chmod 700 $final_path/{data,tmp}
|
|
|
|
#=================================================
|
|
# SETUP SSOWAT
|
|
#=================================================
|
|
|
|
#=================================================
|
|
# SETUP SSOWAT
|
|
#=================================================
|
|
|
|
# If app is public, add url to SSOWat conf as skipped_uris
|
|
if [ $is_public -eq 1 ]; then
|
|
# unprotected_uris allows SSO credentials to be passed anyway.
|
|
ynh_app_setting_set "$app" unprotected_uris "/"
|
|
fi
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
|
|
systemctl reload nginx
|