mirror of
https://github.com/YunoHost-Apps/shaarli_ynh.git
synced 2024-09-03 20:26:10 +02:00
187 lines
6.2 KiB
Bash
187 lines
6.2 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# LOAD SETTINGS
|
|
#=================================================
|
|
ynh_script_progression --message="Loading installation settings..."
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
|
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
|
|
#=================================================
|
|
# CHECK VERSION
|
|
#=================================================
|
|
|
|
upgrade_type=$(ynh_check_app_version_changed)
|
|
|
|
#=================================================
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
#=================================================
|
|
ynh_script_progression --message="Ensuring downward compatibility..."
|
|
|
|
# If final_path doesn't exist, create it
|
|
if [ -z "$final_path" ]; then
|
|
final_path=/var/www/$app
|
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
|
fi
|
|
|
|
# Cleaning legacy permissions
|
|
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
|
|
|
if [ -n "$is_public" ]; then
|
|
# Delete is_public key. It is now handled by the permissions system
|
|
ynh_app_setting_delete --app=$app --key=is_public
|
|
# Delete legacy permission settings
|
|
ynh_app_setting_delete --app=$app --key=unprotected_uris
|
|
ynh_app_setting_delete --app=$app --key=protected_uris
|
|
ynh_app_setting_delete --app=$app --key=skipped_uris
|
|
fi
|
|
|
|
#=================================================
|
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
#=================================================
|
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
|
|
|
|
# Backup the current version of the app
|
|
ynh_backup_before_upgrade
|
|
ynh_clean_setup () {
|
|
# restore it if the upgrade fails
|
|
ynh_restore_upgradebackup
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
|
|
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
|
then
|
|
ynh_script_progression --message="Upgrading source files..."
|
|
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source --dest_dir="$final_path"
|
|
fi
|
|
|
|
#=================================================
|
|
# REMOVE APP MAIN DIR
|
|
#=================================================
|
|
|
|
# Create a temporary directory
|
|
tmpdir="$(ynh_smart_mktemp 600)"
|
|
# Backup the config file in the temp dir
|
|
cp -a "$final_path/data" "$tmpdir/"
|
|
# Backup the theme file in the temp dir
|
|
cp -a "$final_path/tpl" "$tmpdir/"
|
|
|
|
# Remove the app directory securely
|
|
ynh_secure_remove "$final_path"
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
ynh_print_info "Upgrading source files..."
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source "$final_path"
|
|
cp -a "$tmpdir/data" "${final_path}/"
|
|
cp -a "$tmpdir/tpl" "${final_path}/"
|
|
ynh_secure_remove "$tmpdir"
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading NGINX web server configuration..."
|
|
|
|
# Bug in NGINX with locations and aliases (see http://stackoverflow.com/a/35102259 )
|
|
if [ $path_url = "/" ]; then
|
|
ynh_replace_string "__PATH_HACK__" "" "../conf/nginx.conf"
|
|
else
|
|
ynh_replace_string "__PATH_HACK__" "$path_url/$path_url" "../conf/nginx.conf"
|
|
fi
|
|
|
|
# Create a dedicated NGINX config
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# UPGRADE DEPENDENCIES
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading dependencies..."
|
|
|
|
ynh_install_app_dependencies $pkg_dependencies
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
ynh_script_progression --message="Making sure dedicated system user exists..."
|
|
|
|
# Create a dedicated user (if not existing)
|
|
ynh_system_user_create --username=$app
|
|
|
|
#=================================================
|
|
# PHP-FPM CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading PHP-FPM configuration..."
|
|
|
|
# Create a dedicated php-fpm config
|
|
ynh_add_fpm_config --usage=low --footprint=low --package="$extra_php_dependencies"
|
|
|
|
#=================================================
|
|
# SETUP LOGROTATE
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading logrotate configuration..."
|
|
|
|
# Use logrotate to manage app-specific logfile(s)
|
|
# Temporary fix for .txt log file and ynh_use_logrotate
|
|
if [ -d "$final_path/data/log.txt" ]
|
|
then
|
|
ynh_secure_remove "$final_path/data/log.txt"
|
|
touch "$final_path/data/log.txt"
|
|
fi
|
|
ynh_use_logrotate --non-append
|
|
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
# set proper permissions
|
|
ynh_script_progression --message="Set permissions..."
|
|
|
|
find $final_path -type f | xargs chmod 644
|
|
find $final_path -type d | xargs chmod 755
|
|
|
|
# Set right permissions for curl install
|
|
ynh_script_progression --message="Set rights..."
|
|
chown -R $app: $final_path
|
|
|
|
#=================================================
|
|
# UPGRADE FAIL2BAN
|
|
#=================================================
|
|
ynh_script_progression --message="Reconfiguring Fail2Ban..."
|
|
|
|
# Create a dedicated fail2ban config
|
|
ynh_add_fail2ban_config --logpath="$final_path/data/log.txt" --failregex="\s-\s<HOST>\s-\sLogin failed for user.*$"
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
ynh_script_progression --message="Reloading NGINX web server..."
|
|
|
|
ynh_systemd_action --service_name=nginx --action=reload
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression --message="Upgrade of $app completed"
|