#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source ynh_docker_image_extract source /usr/share/yunohost/helpers #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) #================================================= # STANDARD UPGRADE STEPS #================================================= # STOP SYSTEMD SERVICE #================================================= ynh_script_progression --message="Stopping a systemd service..." ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." # Download, check integrity, uncompress the source of vaultwarden from app.src to his build directory docker_arg="" if [ $YNH_ARCH == "armhf" ] then docker_arg="--os_arch_variant=linux/arm/v7" fi ynh_docker_image_extract --dest_dir="$install_dir/build/" --image_spec="$pkg_image:$(ynh_app_upstream_version)" $docker_arg mkdir -p "$install_dir/live/" fi chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # SPECIFIC UPGRADE #================================================= # MAKE UPGRADE #================================================= ynh_script_progression --message="Making upgrade..." if [ "$upgrade_type" == "UPGRADE_APP" ] then mv -f "$install_dir/build/vaultwarden" "$install_dir/live/vaultwarden" ynh_secure_remove --file="$install_dir/live/web-vault/" rsync -a "$install_dir/build/web-vault/" "$install_dir/live/web-vault/" ynh_secure_remove --file="$install_dir/build" fi chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" chown -R $app:$app "$install_dir" #================================================= # UPDATE A CONFIG FILE #================================================= ynh_script_progression --message="Updating a configuration file..." ynh_add_config --template="../conf/vaultwarden.env" --destination="$install_dir/live/.env" chmod 400 "$install_dir/live/.env" chown $app:$app "$install_dir/live/.env" #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Upgrading systemd configuration..." # Create a dedicated systemd config ynh_add_systemd_config #================================================= # GENERIC FINALIZATION #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Upgrading logrotate configuration..." mkdir -p "/var/log/$app" chown -R $app:$app "/var/log/$app" # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." yunohost service add $app --description="$app daemon for vaultwarden" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Rocket has launched from" --length=100 #================================================= # UPGRADE FAIL2BAN #================================================= ynh_script_progression --message="Reconfiguring Fail2Ban..." mkdir -p "/var/log/$app" touch "/var/log/$app/$app.log" chown -R $app:$app "/var/log/$app" # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Username or password is incorrect\. Try again\. IP: \. Username:.*$" #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed"