reverseproxy_ynh/scripts/upgrade


#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source /usr/share/yunohost/helpers

#=================================================
# LOAD SETTINGS
#=================================================

# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)
redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)

#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================

# Fix is_public as a boolean value
# Default value for redirect_type if upgrading from https://github.com/scith/redirect_ynh
if [ -z "$redirect_type" ];
then
    redirect_type="proxy"
    ynh_app_setting_set $app 'redirect_type' $redirect_type
fi

# Migrate away from old stuff with 'is_public' and old redirect type names
is_public=$(ynh_app_setting_get "$app" is_public)
if [ -n "$is_public" ]
then
    if [ "$is_public" = "Yes" ]; then
        is_public=1
    elif [ "$is_public" = "No" ]; then
        is_public=0
    fi

    if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then
       echo "WARNING: You previously had a 'supposedly' private 301 or 302 redirection... but it was found that it was public all along and it is not easy to create such a private redirection. Your 301 or 302 redirection will be re-flagged as public..." >&2
       is_public=1
    fi

    if [ "$redirect_type" == "proxy" ] && [ "$is_public" = "1" ]
    then
        redirect_type="public_proxy"
    elif [ "$redirect_type" == "proxy" ] && [ "$is_public" = "0" ]
    then
        redirect_type="private_proxy"
    elif [ "$redirect_type" == "visible_302" ]
    then
        redirect_type="public_302"
    elif [ "$redirect_type" == "visible_301" ]
    then
        redirect_type="public_301"
    fi
    
    ynh_app_setting_set $app 'redirect_type' $redirect_type
    ynh_app_setting_set $app 'is_public'
fi

# Migrate legacy permissions to new system
if ynh_legacy_permissions_exists
then
    ynh_legacy_permissions_delete_all

    ynh_app_setting_delete --app=$app --key=is_public
fi

#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================

# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
	# restore it if the upgrade fails
	ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

# Validate redirect path
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1

#=================================================
# CONFIGURE NGINX
#=================================================

# Nginx configuration
for FILE in $(ls ../conf/nginx-*.conf)
do
    ynh_replace_string "YNH_LOCATION" "$path_url" $FILE
done
if [ "$redirect_type" = "public_302" ];
then
    ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf
    cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "public_301" ];
then
    ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf
    cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf
elif [ "$redirect_type" = "public_proxy" ] || [ "$redirect_type" = "private_proxy" ];
then
    ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf
    cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf
fi

#=================================================
# CONFIGURE SSOWAT
#=================================================

# Make app public if necessary
if [ "$redirect_type" != "private_proxy" ]
then
	# unprotected_uris allows SSO credentials to be passed anyway.
	ynh_permission_update --permission="main" --add="visitors"
fi

#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1

ynh_systemd_action --service_name=nginx --action=reload

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression --message="Upgrade of $app completed" --last
Add basic helpers 2018-05-26 10:27:01 +02:00
Initial commit. 2016-06-20 23:43:51 +02:00			`#!/bin/bash`

Add basic helpers 2018-05-26 10:27:01 +02:00			`#=================================================`
			`# GENERIC START`
			`#=================================================`
			`# IMPORT GENERIC HELPERS`
			`#=================================================`

			`source /usr/share/yunohost/helpers`

			`#=================================================`
			`# LOAD SETTINGS`
			`#=================================================`
Initial commit. 2016-06-20 23:43:51 +02:00
			`# Retrieve arguments`
Misc cleaning 2019-05-15 18:42:44 +02:00			`app=$YNH_APP_INSTANCE_NAME`
Fix 2021-08-22 08:58:18 +02:00			`domain=$(ynh_app_setting_get --app=$app --key=domain)`
			`path_url=$(ynh_app_setting_get --app=$app --key=path)`
			`redirect_type=$(ynh_app_setting_get --app=$app --key=redirect_type)`
			`redirect_path=$(ynh_app_setting_get --app=$app --key=redirect_path)`
Initial commit. 2016-06-20 23:43:51 +02:00
Add basic helpers 2018-05-26 10:27:01 +02:00			`#=================================================`
			`# ENSURE DOWNWARD COMPATIBILITY`
			`#=================================================`

			`# Fix is_public as a boolean value`
[fix] Default value for redirect_type. Fixes #1 2016-11-23 21:49:09 +01:00			`# Default value for redirect_type if upgrading from https://github.com/scith/redirect_ynh`
			`if [ -z "$redirect_type" ];`
			`then`
			`redirect_type="proxy"`
[fix] Save redirect_type default value. #1 2016-11-23 21:53:14 +01:00			`ynh_app_setting_set $app 'redirect_type' $redirect_type`
[fix] Default value for redirect_type. Fixes #1 2016-11-23 21:49:09 +01:00			`fi`

is_public was a lie. Only reverse proxy can be private. 2019-05-15 18:35:57 +02:00			`# Migrate away from old stuff with 'is_public' and old redirect type names`
			`is_public=$(ynh_app_setting_get "$app" is_public)`
			`if [ -n "$is_public" ]`
			`then`
			`if [ "$is_public" = "Yes" ]; then`
			`is_public=1`
			`elif [ "$is_public" = "No" ]; then`
			`is_public=0`
			`fi`

			`if [ "$is_public" = "0" ] && [ "$redirect_type" != "proxy" ]; then`
Fix 2021-08-22 08:58:18 +02:00			`echo "WARNING: You previously had a 'supposedly' private 301 or 302 redirection... but it was found that it was public all along and it is not easy to create such a private redirection. Your 301 or 302 redirection will be re-flagged as public..." >&2`
is_public was a lie. Only reverse proxy can be private. 2019-05-15 18:35:57 +02:00			`is_public=1`
			`fi`

			`if [ "$redirect_type" == "proxy" ] && [ "$is_public" = "1" ]`
			`then`
			`redirect_type="public_proxy"`
			`elif [ "$redirect_type" == "proxy" ] && [ "$is_public" = "0" ]`
			`then`
			`redirect_type="private_proxy"`
			`elif [ "$redirect_type" == "visible_302" ]`
			`then`
			`redirect_type="public_302"`
			`elif [ "$redirect_type" == "visible_301" ]`
			`then`
			`redirect_type="public_301"`
			`fi`

			`ynh_app_setting_set $app 'redirect_type' $redirect_type`
			`ynh_app_setting_set $app 'is_public'`
			`fi`

Update upgrade 2021-08-22 09:01:11 +02:00			`# Migrate legacy permissions to new system`
			`if ynh_legacy_permissions_exists`
			`then`
			`ynh_legacy_permissions_delete_all`

			`ynh_app_setting_delete --app=$app --key=is_public`
			`fi`
is_public was a lie. Only reverse proxy can be private. 2019-05-15 18:35:57 +02:00
Add basic helpers 2018-05-26 10:27:01 +02:00			`#=================================================`
			`# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP`
			`#=================================================`

			`# Backup the current version of the app`
			`ynh_backup_before_upgrade`
			`ynh_clean_setup () {`
			`# restore it if the upgrade fails`
			`ynh_restore_upgradebackup`
			`}`
			`# Exit if an error occurs during the execution of the script`
			`ynh_abort_if_errors`

Initial commit. 2016-06-20 23:43:51 +02:00			`# Validate redirect path`
			`url_regex='(https?\|ftp\|file)://[-A-Za-z0-9\+&@#/%?=~_\|!:,.;]*[-A-Za-z0-9\+&@#/%=~_\|]'`
Various fixes for linter warnings / deprecrated practices 2019-04-29 20:49:40 +02:00			`[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1`
Initial commit. 2016-06-20 23:43:51 +02:00
Misc cleaning 2019-05-15 18:42:44 +02:00			`#=================================================`
			`# CONFIGURE NGINX`
			`#=================================================`

Initial commit. 2016-06-20 23:43:51 +02:00			`# Nginx configuration`
Moar misc fixes following tests... 2019-05-09 23:08:09 +02:00			`for FILE in $(ls ../conf/nginx-*.conf)`
			`do`
			`ynh_replace_string "YNH_LOCATION" "$path_url" $FILE`
			`done`
is_public was a lie. Only reverse proxy can be private. 2019-05-15 18:35:57 +02:00			`if [ "$redirect_type" = "public_302" ];`
Initial commit. 2016-06-20 23:43:51 +02:00			`then`
Various fixes for linter warnings / deprecrated practices 2019-04-29 20:49:40 +02:00			`ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-302.conf`
Remove sudo 2018-05-26 10:01:42 +02:00			`cp ../conf/nginx-visible-302.conf /etc/nginx/conf.d/$domain.d/$app.conf`
is_public was a lie. Only reverse proxy can be private. 2019-05-15 18:35:57 +02:00			`elif [ "$redirect_type" = "public_301" ];`
Initial commit. 2016-06-20 23:43:51 +02:00			`then`
Various fixes for linter warnings / deprecrated practices 2019-04-29 20:49:40 +02:00			`ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-visible-301.conf`
Remove sudo 2018-05-26 10:01:42 +02:00			`cp ../conf/nginx-visible-301.conf /etc/nginx/conf.d/$domain.d/$app.conf`
is_public was a lie. Only reverse proxy can be private. 2019-05-15 18:35:57 +02:00			`elif [ "$redirect_type" = "public_proxy" ] \|\| [ "$redirect_type" = "private_proxy" ];`
Initial commit. 2016-06-20 23:43:51 +02:00			`then`
Various fixes for linter warnings / deprecrated practices 2019-04-29 20:49:40 +02:00			`ynh_replace_string "YNH_REDIRECT_PATH" "$redirect_path" ../conf/nginx-proxy.conf`
Remove sudo 2018-05-26 10:01:42 +02:00			`cp ../conf/nginx-proxy.conf /etc/nginx/conf.d/$domain.d/$app.conf`
Initial commit. 2016-06-20 23:43:51 +02:00			`fi`

Add basic helpers 2018-05-26 10:27:01 +02:00			`#=================================================`
Misc cleaning 2019-05-15 18:42:44 +02:00			`# CONFIGURE SSOWAT`
Add basic helpers 2018-05-26 10:27:01 +02:00			`#=================================================`

Initial commit. 2016-06-20 23:43:51 +02:00			`# Make app public if necessary`
is_public was a lie. Only reverse proxy can be private. 2019-05-15 18:35:57 +02:00			`if [ "$redirect_type" != "private_proxy" ]`
Initial commit. 2016-06-20 23:43:51 +02:00			`then`
Add basic helpers 2018-05-26 10:27:01 +02:00			`# unprotected_uris allows SSO credentials to be passed anyway.`
Fix linter warnings 2021-01-23 15:21:17 +01:00			`ynh_permission_update --permission="main" --add="visitors"`
Initial commit. 2016-06-20 23:43:51 +02:00			`fi`

Fix linter warnings 2021-01-23 15:21:17 +01:00			`#=================================================`
			`# RELOAD NGINX`
			`#=================================================`
			`ynh_script_progression --message="Reloading NGINX web server..." --weight=1`

			`ynh_systemd_action --service_name=nginx --action=reload`

			`#=================================================`
			`# END OF SCRIPT`
			`#=================================================`

			`ynh_script_progression --message="Upgrade of $app completed" --last`