1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/shaarli_ynh.git synced 2024-09-03 20:26:10 +02:00
shaarli_ynh/scripts/upgrade
lapineige c32745baee
Fix bad condition
Co-authored-by: Alex Garel <alex@garel.org>
2021-02-28 21:54:57 +01:00

159 lines
5.3 KiB
Bash

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
if [ -n "$is_public" ]; then
# Delete is_public key. It is now handled by the permissions system
ynh_app_setting_delete --app=$app --key=is_public
# Delete legacy permission settings
ynh_app_setting_delete --app=$app --key=unprotected_uris
ynh_app_setting_delete --app=$app --key=protected_uris
ynh_app_setting_delete --app=$app --key=skipped_uris
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ] || [ "$upgrade_type" == "UPGRADE_FORCED" ] # we should do that during a force upgrade too (as it could lead to a version upgrade for instance)
then
ynh_script_progression --message="Upgrading source files..."
# Create a temporary directory
tmpdir="$(mktemp -d)"
# Backup the config file in the temp dir
cp -a "$final_path/data" "$tmpdir/data"
cp -a "$final_path/tpl" "$tmpdir/tpl"
# Remove the app directory securely
ynh_secure_remove "$final_path"
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
cp -a "$tmpdir/data" "$final_path/"
cp -a -n "$tmpdir/tpl" "$final_path/" # copy without erasing existing templates (from official source)
# Remove the tmp directory securely
ynh_secure_remove --file="$tmpdir"
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading PHP-FPM configuration..."
# Create a dedicated php-fpm config
ynh_add_fpm_config --usage=low --footprint=low --package="$extra_php_dependencies"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..."
# Use logrotate to manage app-specific logfile(s)
# Temporary fix for .txt log file and ynh_use_logrotate
if [ -d "$final_path/data/log.txt" ]
then
ynh_secure_remove "$final_path/data/log.txt"
touch "$final_path/data/log.txt"
fi
ynh_use_logrotate --non-append
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
ynh_script_progression --message="Securing files and directories..."
chown -R $app: $final_path
chmod -R g+rX $final_path
chmod -R g+rwX $final_path/{cache/,data/,pagecache/,tmp/}
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..."
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$final_path/data/log.txt" --failregex="\s-\s<HOST>\s-\sLogin failed for user.*$"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed"