#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) is_public=$(ynh_app_setting_get $app is_public) final_path=$(ynh_app_setting_get $app final_path) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_print_info "Ensuring downward compatibility..." # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then ynh_app_setting_set $app is_public 1 is_public=1 elif [ "$is_public" = "No" ]; then ynh_app_setting_set $app is_public 0 is_public=0 fi # If final_path doesn't exist, create it if [ -z $final_path ]; then final_path=/var/www/$app ynh_app_setting_set $app final_path $final_path fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_print_info "Backing up the app before upgrading (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # CHECK THE PATH #================================================= # Normalize the URL path syntax # N.B. : this is for app installations before YunoHost 2.7 # where this value might be something like /foo/ or foo/ # instead of /foo .... # If nobody installed your app before 2.7, then you may # safely remove this line path_url=$(ynh_normalize_url_path $path_url) #================================================= # REMOVE APP MAIN DIR #================================================= # Create a temporary directory tmpdir="$(ynh_smart_mktemp 600)" # Backup the config file in the temp dir cp -a "$final_path/data" "$tmpdir/" # Remove the app directory securely ynh_secure_remove "$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_print_info "Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source "$final_path" cp -a "$tmpdir/data" "${final_path}/" rm -Rf "$tmpdir" #================================================= # NGINX CONFIGURATION #================================================= ynh_print_info "Upgrading nginx web server configuration..." # Create a dedicated nginx config ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_print_info "Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER #================================================= ynh_print_info "Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create $app #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_print_info "Upgrading php-fpm configuration..." # Create a dedicated php-fpm config ynh_add_fpm_config #================================================= # SETUP LOGROTATE #================================================= ynh_print_info "Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append #================================================= # SETUP FAIL2BAN #================================================= ynh_print_info "Upgrading Fail2Ban configuration..." ynh_add_fail2ban_config "$final_path/data/log.txt" "\s-\s\s-\sLogin failed for user.*$" 5 # Set right permissions chown -R $app: $final_path #================================================= # SETUP SSOWAT #================================================= ynh_print_info "Upgrading SSOwat configuration..." # Make app public if necessary if [ $is_public -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway ynh_app_setting_set $app unprotected_uris "/" fi #================================================= # RELOAD NGINX #================================================= ynh_print_info "Reloading nginx web server..." systemctl reload nginx #================================================= # END OF SCRIPT #================================================= ynh_print_info "Upgrade of $app completed"