From 65a206dfc12118d1ec470c3c99eb5e6339fc26e6 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 5 Mar 2021 08:50:43 +0100 Subject: [PATCH] Fix --- check_process | 35 ++++++ scripts/_common.sh | 257 ++++++++++++++++++++++++++------------------- scripts/install | 2 +- scripts/restore | 176 ++++++++++++++++++++++++++++--- scripts/upgrade | 233 +++++++++++++++++++++++++++++++++++++++- 5 files changed, 578 insertions(+), 125 deletions(-) create mode 100644 check_process diff --git a/check_process b/check_process new file mode 100644 index 0000000..41888cb --- /dev/null +++ b/check_process @@ -0,0 +1,35 @@ +# See here for more information +# https://github.com/YunoHost/package_check#syntax-check_process-file + +# Move this file from check_process.default to check_process when you have filled it. + +;; Test complet + ; Manifest + domain="domain.tld" (DOMAIN) + path="/path" (PATH) + admin="john" (USER) + language="fr" + is_public=1 (PUBLIC|public=1|private=0) + password="pass" + port="666" (PORT) + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_nourl=0 + setup_private=1 + setup_public=1 + upgrade=1 + upgrade=1 from_commit=CommitHash + backup_restore=1 + multi_instance=1 + port_already_use=0 + change_url=1 +;;; Options +Email= +Notification=none +;;; Upgrade options + ; commit=CommitHash + name=Name and date of the commit. + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& + diff --git a/scripts/_common.sh b/scripts/_common.sh index 7726efc..16abd72 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -10,7 +10,7 @@ nodejs_version=14 # dependencies used by the app -pkg_dependencies="mongod mongodb-org mongodb-org-server mongodb-org-tools apt-transport-https build-essential gzip curl graphicsmagick" +pkg_dependencies="mongodb-org apt-transport-https build-essential gzip curl graphicsmagick" #================================================= # PERSONAL HELPERS @@ -20,25 +20,35 @@ pkg_dependencies="mongod mongodb-org mongodb-org-server mongodb-org-tools apt-tr # EXPERIMENTAL HELPERS #================================================= -# Evaluate a mongo command +MONGO_SERVICENAME_STRETCH="mongodb" +MONGO_SERVICENAME_BUSTER="mongod" +MONGO_DEPENDENCIES_STRETCH="mongodb mongodb-server mongo-tools" +MONGO_DEPENDENCIES_BUSTER="mongodb-org mongodb-org-server mongodb-org-tools" +MONGO_CONFIG_STRETCH="/etc/mongodb.conf" +MONGO_CONFIG_BUSTER="/etc/mongod.conf" +MONGO_REPO_BUSTER="deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.4 main" +MONGO_KEY_BUSTER="https://www.mongodb.org/static/pgp/server-4.4.asc" + +# Execute a mongo command # -# example: ynh_mongo_eval_as --command='db.getMongo().getDBNames().indexOf("wekan")' -# example: ynh_mongo_eval_as --command="db.getMongo().getDBNames().indexOf(\"wekan\")" +# example: ynh_mongo_exec --command='db.getMongo().getDBNames().indexOf("wekan")' +# example: ynh_mongo_exec --command="db.getMongo().getDBNames().indexOf(\"wekan\")" # -# usage: ynh_mongo_eval_as [--user=user] [--password=password] [--authenticationdatabase=authenticationdatabase] [--database=database] [--host=host] [--port=port] --command="command" -# | arg: -u, --user= - the user name to connect as -# | arg: -p, --password= - the user password -# | arg: -d, --authenticationdatabase= - the authenticationdatabase to connect to -# | arg: -d, --database= - the database to connect to -# | arg: -h, --host= - the host to connect to -# | arg: -P, --port= - the port to connect to -# | arg: -c, --command= - the command to evaluate +# usage: ynh_mongo_exec [--user=user] [--password=password] [--authenticationdatabase=authenticationdatabase] [--database=database] [--host=host] [--port=port] --command="command" [--eval] +# | arg: -u, --user= - The user name to connect as +# | arg: -p, --password= - The user password +# | arg: -d, --authenticationdatabase= - The authenticationdatabase to connect to +# | arg: -d, --database= - The database to connect to +# | arg: -h, --host= - The host to connect to +# | arg: -P, --port= - The port to connect to +# | arg: -c, --command= - The command to evaluate +# | arg: -e, --eval - Evaluate instead of execute the command. # # -ynh_mongo_eval_as() { +ynh_mongo_exec() { # Declare an array to define the options of this helper. - local legacy_args=upadhPc - local -A args_array=( [u]=user= [p]=password= [a]=authenticationdatabase= [d]=database= [h]=host= [P]=port= [c]=command= ) + local legacy_args=upadhPce + local -A args_array=( [u]=user= [p]=password= [a]=authenticationdatabase= [d]=database= [h]=host= [P]=port= [c]=command= [e]=eval ) local user local password local authenticationdatabase @@ -46,60 +56,79 @@ ynh_mongo_eval_as() { local host local port local command + local eval # Manage arguments with getopts ynh_handle_getopts_args "$@" user="${user:-}" password="${password:-}" - authenticationdatabase="${authenticationdatabase:-"admin"}" - database="${database:-"admin"}" + authenticationdatabase="${authenticationdatabase:-}" + database="${database:-}" host="${host:-}" port="${port:-}" + eval=${eval:-0} # If user is provided if [ -n "$user" ] then user="--username=$user" - password="--password=$password" - authenticationdatabase="--authenticationDatabase=$authenticationdatabase" + + # If password is provided + if [ -n "$password" ] + then + password="--password=$password" + fi + + # If authenticationdatabase is provided + if [ -n "$authenticationdatabase" ] + then + authenticationdatabase="--authenticationDatabase=$authenticationdatabase" + else + authenticationdatabase="--authenticationDatabase=admin" + fi else password="" authenticationdatabase="" fi - # Configure dabase connection - database="use $database" - # If host is provided if [ -n "$host" ] then host="--host=$host" fi - # If host is provided + # If port is provided if [ -n "$port" ] then port="--port=$port" fi - mongo --quiet $user $password $authenticationdatabase $host $port < ./dump.bson # # usage: ynh_mongo_dump_db --database=database -# | arg: -d, --database= - the database name to dump +# | arg: -d, --database= - The database name to dump # | ret: the mongodump output # # @@ -147,10 +177,10 @@ ynh_mongo_dump_db() { # # [internal] # -# usage: ynh_mongo_create_user --db_user=db_user --db_pwd=db_pwd --db_name=db_name -# | arg: -u, --db_user= - the user name to create -# | arg: -p, --db_pwd= - the password to identify user by -# | arg: -n, --db_name= - Name of the database to grant privilegies +# usage: ynh_mongo_create_user --db_user=user --db_pwd=pwd --db_name=name +# | arg: -u, --db_user= - The user name to create +# | arg: -p, --db_pwd= - The password to identify user by +# | arg: -n, --db_name= - Name of the database to grant privilegies # # ynh_mongo_create_user() { @@ -164,16 +194,16 @@ ynh_mongo_create_user() { ynh_handle_getopts_args "$@" # Create the user and set the user as admin of the db - ynh_mongo_eval_as --database="$db_name" --command='db.createUser( { user: "'${db_user}'", pwd: "'${db_pwd}'", roles: [ { role: "readWrite", db: "'${db_name}'" } ] } );' + ynh_mongo_exec --database="$db_name" --command='db.createUser( { user: "'${db_user}'", pwd: "'${db_pwd}'", roles: [ { role: "readWrite", db: "'${db_name}'" } ] } );' # Add clustermonitoring rights - ynh_mongo_eval_as --database="$db_name" --command='db.grantRolesToUser("'${db_user}'",[{ role: "clusterMonitor", db: "admin" }]);' + ynh_mongo_exec --database="$db_name" --command='db.grantRolesToUser("'${db_user}'",[{ role: "clusterMonitor", db: "admin" }]);' } # Check if a mongo database exists # # usage: ynh_mongo_database_exists --database=database -# | arg: -d, --database= - the database for which to check existence +# | arg: -d, --database= - The database for which to check existence # | exit: Return 1 if the database doesn't exist, 0 otherwise # # @@ -185,11 +215,11 @@ ynh_mongo_database_exists() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if [ $(ynh_mongo_eval_as --command='db.getMongo().getDBNames().indexOf("'${database}'")') -lt 0 ] + if [ $(ynh_mongo_exec --command='db.getMongo().getDBNames().indexOf("'${database}'")' --eval) -lt 0 ] then - return 0 - else return 1 + else + return 0 fi } @@ -198,7 +228,7 @@ ynh_mongo_database_exists() { # example: ynh_mongo_restore_db --database=wekan < ./dump.bson # # usage: ynh_mongo_restore_db --database=database -# | arg: -d, --database= - the database name to restore +# | arg: -d, --database= - The database name to restore # # ynh_mongo_restore_db() { @@ -216,27 +246,29 @@ ynh_mongo_restore_db() { # # [internal] # -# usage: ynh_mongo_drop_user --db_user=user -# | arg: -u, --db_user= -the user to drop +# usage: ynh_mongo_drop_user --db_user=user --db_name=name +# | arg: -u, --db_user= - The user to drop +# | arg: -n, --db_name= - Name of the database # # ynh_mongo_drop_user() { # Declare an array to define the options of this helper. - local legacy_args=u - local -A args_array=( [u]=db_user= ) + local legacy_args=un + local -A args_array=( [u]=db_user= [n]=db_name= ) local db_user + local db_name # Manage arguments with getopts ynh_handle_getopts_args "$@" - ynh_mongo_eval_as --command='db.dropUser("'${db_user}'", {w: "majority", wtimeout: 5000})' + ynh_mongo_exec --database="$db_name" --command='db.dropUser("'$db_user'", {w: "majority", wtimeout: 5000})' } # Create a database, an user and its password. Then store the password in the app's config # # usage: ynh_mongo_setup_db --db_user=user --db_name=name [--db_pwd=pwd] -# | arg: -u, --db_user= - Owner of the database -# | arg: -n, --db_name= - Name of the database -# | arg: -p, --db_pwd= - Password of the database. If not provided, a password will be generated +# | arg: -u, --db_user= - Owner of the database +# | arg: -n, --db_name= - Name of the database +# | arg: -p, --db_pwd= - Password of the database. If not provided, a password will be generated # # After executing this helper, the password of the created database will be available in $db_pwd # It will also be stored as "mongopwd" into the app settings. @@ -248,7 +280,7 @@ ynh_mongo_setup_db() { local -A args_array=( [u]=db_user= [n]=db_name= [p]=db_pwd= ) local db_user local db_name - local db_pwd + db_pwd="" # Manage arguments with getopts ynh_handle_getopts_args "$@" @@ -259,14 +291,15 @@ ynh_mongo_setup_db() { # Create the user and grant access to the database ynh_mongo_create_user --db_user="$db_user" --db_pwd="$db_pwd" --db_name="$db_name" + # Store the password in the app's config ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd } # Remove a database if it exists, and the associated user # # usage: ynh_mongo_remove_db --db_user=user --db_name=name -# | arg: -u, --db_user= - Owner of the database -# | arg: -n, --db_name= - Name of the database +# | arg: -u, --db_user= - Owner of the database +# | arg: -n, --db_name= - Name of the database # # ynh_mongo_remove_db() { @@ -278,58 +311,62 @@ ynh_mongo_remove_db() { # Manage arguments with getopts ynh_handle_getopts_args "$@" - if ynh_mongo_database_exists --database=$db_name - then # Check if the database exists - ynh_mongo_drop_db --database="$db_name" # Remove the database + if ynh_mongo_database_exists --database=$db_name; then # Check if the database exists + ynh_mongo_drop_db --database=$db_name # Remove the database else ynh_print_warn --message="Database $db_name not found" fi # Remove mongo user if it exists - ynh_mongo_drop_user --db_user=$db_user + ynh_mongo_drop_user --db_user=$db_user --db_name=$db_name } +# Install MongoDB and integrate MongoDB service in YunoHost +# +# usage: ynh_install_mongo +# +# +ynh_install_mongo() { + ynh_print_info --message="Installing MongoDB..." + # Define Mongo Service Name + if [ "$(lsb_release --codename --short)" = "buster" ]; then + ynh_install_extra_app_dependencies --repo="$MONGO_REPO_BUSTER" --package="$MONGO_DEPENDENCIES_BUSTER" --key="$MONGO_KEY_BUSTER" + MONGODB_SERVICENAME=$MONGO_SERVICENAME_BUSTER + else + ynh_install_app_dependencies $MONGO_DEPENDENCIES_STRETCH + MONGODB_SERVICENAME=$MONGO_SERVICENAME_STRETCH + fi + mongodb_servicename=$MONGODB_SERVICENAME + + # Make sure MongoDB is started and enabled + systemctl is-enabled $MONGODB_SERVICENAME -q || systemctl enable $MONGODB_SERVICENAME --quiet + systemctl is-active $MONGODB_SERVICENAME -q || ynh_systemd_action --service_name=$MONGODB_SERVICENAME --action=restart --line_match="aiting for connections" --log_path="/var/log/mongodb/$MONGODB_SERVICENAME.log" + + # Integrate MongoDB service in YunoHost + yunohost service add $MONGODB_SERVICENAME --description "MongoDB daemon" --log "/var/log/mongodb/$MONGODB_SERVICENAME.log" +} - - - - -#================================================= -# FUTURE OFFICIAL HELPERS -#================================================= - - - -# installdeps(){ - -# if [ $(dpkg --print-architecture) == "armhf" ]; then -# #Install mongodb for debian armhf -# sudo apt-get update -# sudo apt-get install -y mongodb-server - -# # start mongodb service -# sudo systemctl enable mongodb.service -# sudo systemctl start mongodb.service - -# # add mongodb to services -# sudo yunohost service add mongodb -l /var/log/mongodb/mongodb.log -# else -# #Install mongodb for debian x86/x64 -# sudo apt-get install dirmngr && sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4 -# echo "deb http://repo.mongodb.org/apt/debian ${DEBIAN_ISSUE}/mongodb-org/4.0 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list -# sudo apt-get update -# sudo apt-get install -y mongodb-org - -# # start mongodb service -# sudo systemctl enable mongod.service -# sudo systemctl start mongod.service - -# # add mongodb to services -# sudo yunohost service add mongod -l /var/log/mongodb/mongod.log -# fi - -# #Install other dependencies -# sudo apt-get install -y build-essential gzip curl graphicsmagick - -# } +# Remove MongoDB +# Only remove the MongoDB service integration in YunoHost for now +# if MongoDB package as been removed +# +# usage: ynh_remove_mongo +# +# +ynh_remove_mongo() { + # Only remove the mongodb service if it is not installed. + if ! ynh_package_is_installed --package="mongodb*" + then + ynh_print_info --message="Removing MongoDB service..." + # Define Mongo Service Name + if [ "$(lsb_release --codename --short)" = "buster" ]; then + MONGODB_SERVICENAME=$MONGO_SERVICENAME_BUSTER + else + MONGODB_SERVICENAME=$MONGO_SERVICENAME_STRETCH + fi + # Remove the mongodb service + yunohost service remove $MONGODB_SERVICENAME + # ynh_secure_remove --file=$MONGO_ROOT_PWD_FILE + fi +} \ No newline at end of file diff --git a/scripts/install b/scripts/install index 4701806..e53643e 100644 --- a/scripts/install +++ b/scripts/install @@ -6,8 +6,8 @@ # IMPORT GENERIC HELPERS #================================================= +source _common.sh source /usr/share/yunohost/helpers -source ./_common.sh #================================================= # MANAGE SCRIPT FAILURE diff --git a/scripts/restore b/scripts/restore index adf14de..abc463d 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,26 +1,176 @@ #!/bin/bash -set -eu - -#================================================= -# IMPORT GENERIC HELPERS -#================================================= -if [ ! -e _common.sh ]; then - # Fetch helpers file if not in current directory - cp ../settings/scripts/_common.sh ./_common.sh - chmod a+rx _common.sh -fi -source /usr/share/yunohost/helpers -source _common.sh #================================================= # GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + #================================================= # MANAGE SCRIPT FAILURE #================================================= -# Exit on command errors and treat access to unset variables as an error +ynh_clean_setup () { + #### Remove this function if there's nothing to clean before calling the remove script. + true +} +# Exit if an error occurs during the execution of the script ynh_abort_if_errors +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) + +#================================================= +# CHECK IF THE APP CAN BE RESTORED +#================================================= +ynh_script_progression --message="Validating restoration parameters..." --time --weight=1 + +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}${path_url}" +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " + +#================================================= +# STANDARD RESTORATION STEPS +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Restoring the app main directory..." --time --weight=1 + +ynh_restore_file --origin_path="$final_path" + +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app + +#================================================= +# RESTORE USER RIGHTS +#================================================= + +# Restore permissions on app files +chown -R root: $final_path + +#================================================= +# RESTORE THE PHP-FPM CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" + +#================================================= +# RESTORE FAIL2BAN CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the Fail2Ban configuration..." --time --weight=1 + +ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" +ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" +ynh_systemd_action --action=restart --service_name=fail2ban + +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# RESTORE THE MYSQL DATABASE +#================================================= +ynh_script_progression --message="Restoring the MySQL database..." --time --weight=1 + +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql + +#================================================= +# RESTORE SYSTEMD +#================================================= +ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1 + +ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +systemctl enable $app.service --quiet + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 + +yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" + +#================================================= +# RESTORE VARIOUS FILES +#================================================= + +ynh_restore_file --origin_path="/etc/cron.d/$app" + +ynh_restore_file --origin_path="/etc/$app/" + +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/logrotate.d/$app" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= +ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Restoration completed for $app" --time --last + + + + + + + + + + + + #================================================= # LOAD SETTINGS #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 5b31d0e..ab29fac 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,5 +1,236 @@ #!/bin/bash -set -eu + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +language=$(ynh_app_setting_get --app=$app --key=language) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) + +#================================================= +# CHECK VERSION +#================================================= + +### This helper will compare the version of the currently installed app and the version of the upstream package. +### $upgrade_type can have 2 different values +### - UPGRADE_APP if the upstream app version has changed +### - UPGRADE_PACKAGE if only the YunoHost package has changed +### ynh_check_app_version_changed will stop the upgrade if the app is up to date. +### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 + +# +# N.B. : the followings setting migrations snippets are provided as *EXAMPLES* +# of what you may want to do in some cases (e.g. a setting was not defined on +# some legacy installs and you therefore want to initiaze stuff during upgrade) +# + +# If db_name doesn't exist, create it +#if [ -z "$db_name" ]; then +# db_name=$(ynh_sanitize_dbid --db_name=$app) +# ynh_app_setting_set --app=$app --key=db_name --value=$db_name +#fi + +# If final_path doesn't exist, create it +#if [ -z "$final_path" ]; then +# final_path=/var/www/$app +# ynh_app_setting_set --app=$app --key=final_path --value=$final_path +#fi + +### If nobody installed your app before 4.1, +### then you may safely remove these lines + +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +if ! ynh_permission_exists --permission="admin"; then + # Create the required permissions + ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin +fi + +# Create a permission if needed +if ! ynh_permission_exists --permission="api"; then + ynh_permission_create --permission="api" --url "/api" --allowed="visitors" --show_tile="false" --protected="true" +fi + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." --time --weight=1 + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" +fi + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1 + +# Create a dedicated NGINX config +ynh_add_nginx_config + +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading PHP-FPM configuration..." --time --weight=1 + +# Create a dedicated PHP-FPM config +ynh_add_fpm_config + +#================================================= +# SPECIFIC UPGRADE +#================================================= +# ... +#================================================= + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1 + +# Create a dedicated systemd config +ynh_add_systemd_config + +#================================================= +# MODIFY A CONFIG FILE +#================================================= + +### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. +### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. +ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE" + +ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE" + +# Recalculate and store the checksum of the file for the next upgrade. +ynh_store_file_checksum --file="$final_path/CONFIG_FILE" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Set permissions on app files +chown -R root: $final_path + +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1 + +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 + +yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --time --weight=1 + +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" + +#================================================= +# UPGRADE FAIL2BAN +#================================================= +ynh_script_progression --message="Reconfiguring Fail2Ban..." --time --weight=1 + +# Create a dedicated Fail2Ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" --time --last + + + + + + + + + #================================================= # GENERIC START