mirror of
https://github.com/YunoHost-Apps/wallabag2_ynh.git
synced 2024-10-01 13:35:06 +02:00
Use dedicated system user, backup before upgrade
This commit is contained in:
Jimmy Monin
parent
908a5cdc59
commit
f78d2bc897
6 changed files with 106 additions and 12 deletions
|
|
@ -8,8 +8,8 @@ listen.group = www-data
|
|||
listen.mode = 0600
|
||||
|
||||
; Unix user/group of processes.
|
||||
user = www-data
|
||||
group = www-data
|
||||
user = {USER}
|
||||
group = {USER}
|
||||
|
||||
; Choose how the process manager will control the number of child processes.
|
||||
pm = dynamic
|
||||
|
|
|
|||
|
|
@ -104,6 +104,35 @@ CHECK_FINALPATH () { # Check if destination directory already exists
|
|||
}
|
||||
|
||||
|
||||
BACKUP_FAIL_UPGRADE () {
|
||||
WARNING echo "Upgrade failed."
|
||||
app_bck=${app//_/-} # Replace all '_' by '-'
|
||||
if sudo yunohost backup list | grep -q $app_bck-pre-upgrade$backup_number; then # Check if existing archive before removing app and restoring
|
||||
sudo yunohost app remove $app # Remove app before restoring it
|
||||
sudo yunohost backup restore --ignore-hooks $app_bck-pre-upgrade$backup_number --apps $app --force # Restore the backup if upgrade failed
|
||||
ynh_die "The app was restored to the way it was before the failed upgrade."
|
||||
fi
|
||||
}
|
||||
|
||||
BACKUP_BEFORE_UPGRADE () { # Backup the current version of the app, restore it if the upgrade fails
|
||||
backup_number=1
|
||||
old_backup_number=2
|
||||
app_bck=${app//_/-} # Replace all '_' by '-'
|
||||
if sudo yunohost backup list | grep -q $app_bck-pre-upgrade1; then # Check for existing archive numbered 1
|
||||
backup_number=2 # And change archive number to 2
|
||||
old_backup_number=1
|
||||
fi
|
||||
|
||||
sudo yunohost backup create --ignore-hooks --apps $app --name $app_bck-pre-upgrade$backup_number # Create a backup different from the existing one
|
||||
if [ "$?" -eq 0 ]; then # If backup succfessful, delete former archive
|
||||
if sudo yunohost backup list | grep -q $app_bck-pre-upgrade$old_backup_number; then # Check for existing archive before removing it
|
||||
QUIET sudo yunohost backup delete $app_bck-pre-upgrade$old_backup_number
|
||||
fi
|
||||
else # If backup failed
|
||||
ynh_die "Backup failed, the upgrade process was aborted."
|
||||
fi
|
||||
}
|
||||
|
||||
#=================================================
|
||||
# FUTURE YUNOHOST HELPERS - TO BE REMOVED LATER
|
||||
#=================================================
|
||||
|
|
@ -274,4 +303,35 @@ ynh_secure_remove () {
|
|||
echo "$path_to_remove wasn't deleted because it doesn't exist." >&2
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Create a system user
|
||||
#
|
||||
# usage: ynh_system_user_create user_name [home_dir]
|
||||
# | arg: user_name - Name of the system user that will be create
|
||||
# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home
|
||||
ynh_system_user_create () {
|
||||
if ! ynh_system_user_exists "$1" # Check if the user exists on the system
|
||||
then # If the user doesn't exist
|
||||
if [ $# -ge 2 ]; then # If a home dir is mentioned
|
||||
user_home_dir="-d $2"
|
||||
else
|
||||
user_home_dir="--no-create-home"
|
||||
fi
|
||||
sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account"
|
||||
fi
|
||||
}
|
||||
|
||||
# Delete a system user
|
||||
#
|
||||
# usage: ynh_system_user_delete user_name
|
||||
# | arg: user_name - Name of the system user that will be create
|
||||
ynh_system_user_delete () {
|
||||
if ynh_system_user_exists "$1" # Check if the user exists on the system
|
||||
then
|
||||
echo "Remove the user $1" >&2
|
||||
sudo userdel $1
|
||||
else
|
||||
echo "The user $1 was not found" >&2
|
||||
fi
|
||||
}
|
||||
|
|
@ -75,10 +75,15 @@ ynh_mysql_create_db "$db_name" "$db_user" "$dbpass"
|
|||
|
||||
ynh_app_setting_set $app final_path "$final_path"
|
||||
# Create tmp directory and fetch app inside
|
||||
TMPDIR=$(ynh_mkdir_tmp)
|
||||
TMPDIR=$(mktemp -d)
|
||||
extract_wallabag "$TMPDIR"
|
||||
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
ynh_system_user_create $app # Create a dedicated system user
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC SETUP
|
||||
#=================================================
|
||||
|
|
@ -95,22 +100,22 @@ ynh_replace_string "{DESKEY}" "${deskey}" "$wb_conf"
|
|||
sudo mv "$TMPDIR" "$final_path"
|
||||
|
||||
# Set rights for www-data
|
||||
sudo chown -R www-data: $final_path
|
||||
sudo chown -R $app: $final_path
|
||||
|
||||
# Install dependencies and Wallabag
|
||||
exec_console www-data "$final_path" wallabag:install
|
||||
exec_console $app "$final_path" wallabag:install
|
||||
|
||||
# Add users to Wallabag
|
||||
for username in $(ynh_user_list); do
|
||||
user_email=$(sudo yunohost user info "$username" --output-as plain \
|
||||
| ynh_get_plain_key mail)
|
||||
user_pass=$(ynh_string_random)
|
||||
exec_console www-data "$final_path" fos:user:create \
|
||||
exec_console $app "$final_path" fos:user:create \
|
||||
"$username" "$user_email" "$user_pass"
|
||||
done
|
||||
|
||||
# Set admin user
|
||||
exec_console www-data "$final_path" fos:user:promote --super "$admin"
|
||||
exec_console $app "$final_path" fos:user:promote --super "$admin"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
|
|
@ -133,6 +138,7 @@ sudo cp "$nginx_conf" "/etc/nginx/conf.d/${domain}.d/${app}.conf"
|
|||
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
|
||||
ynh_replace_string "{POOLNAME}" "${app}" "$PKGDIR/conf/php-fpm.conf"
|
||||
ynh_replace_string "{DESTDIR}" "${final_path}" "$PKGDIR/conf/php-fpm.conf"
|
||||
ynh_replace_string "{USER}" "${app}" "$PKGDIR/conf/php-fpm.conf"
|
||||
sudo cp $PKGDIR/conf/php-fpm.conf "$phpfpm_conf"
|
||||
|
||||
# Set SSOwat rules
|
||||
|
|
|
|||
|
|
@ -61,3 +61,9 @@ ynh_remove_app_dependencies
|
|||
# The following command is keeped as a matter of transition with the previous way
|
||||
# of managing dependencies
|
||||
ynh_package_autoremove "wallabag-deps" || true
|
||||
|
||||
#=================================================
|
||||
# REMOVE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
ynh_system_user_delete $app
|
||||
|
|
@ -60,12 +60,17 @@ db_pwd=$(ynh_app_setting_get $app mysqlpwd)
|
|||
ynh_mysql_create_db $db_name $db_name $db_pwd
|
||||
ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql
|
||||
|
||||
#=================================================
|
||||
# RECREATE OF THE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
ynh_system_user_create $app # Recreate the dedicated user, if not existing
|
||||
|
||||
#=================================================
|
||||
# RESTORE USER RIGHTS
|
||||
#=================================================
|
||||
|
||||
sudo chown -R www-data: $final_path
|
||||
sudo chown -R $app: $final_path
|
||||
|
||||
#=================================================
|
||||
# RESTORE PHP-FPM CONFIGURATION
|
||||
|
|
|
|||
|
|
@ -48,6 +48,16 @@ if [ -z "$db_name" ] ; then
|
|||
ynh_app_setting_set "$app" db_name "$db_name"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
BACKUP_BEFORE_UPGRADE # Backup the current version of the app
|
||||
ynh_clean_setup () {
|
||||
BACKUP_FAIL_UPGRADE
|
||||
}
|
||||
ynh_abort_if_errors # Stop script if an error is detected
|
||||
|
||||
#=================================================
|
||||
# INSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
|
|
@ -62,6 +72,12 @@ ynh_install_app_dependencies "$PKG_DEPENDENCIES"
|
|||
TMPDIR=$(ynh_mkdir_tmp)
|
||||
extract_wallabag "$TMPDIR"
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
ynh_system_user_create $app # Create dedicated user if not existing
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC SETUP
|
||||
#=================================================
|
||||
|
|
@ -77,11 +93,11 @@ ynh_replace_string "{DESKEY}" "${deskey}" "$wb_conf"
|
|||
# Replace files and set permissions
|
||||
ynh_secure_remove "${final_path}"
|
||||
sudo mv "$TMPDIR" "${final_path}"
|
||||
sudo chown -R www-data: "${final_path}"
|
||||
sudo chown -R $app: "${final_path}"
|
||||
|
||||
# Upgrade database and clear the cache
|
||||
exec_console www-data "${final_path}" doctrine:migrations:migrate
|
||||
exec_console www-data "${final_path}" cache:clear
|
||||
exec_console $app "${final_path}" doctrine:migrations:migrate
|
||||
exec_console $app "${final_path}" cache:clear
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
|
|
@ -104,6 +120,7 @@ sudo cp "$nginx_conf" "/etc/nginx/conf.d/${domain}.d/${app}.conf"
|
|||
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
|
||||
ynh_replace_string "{POOLNAME}" "${app}" "$PKGDIR/conf/php-fpm.conf"
|
||||
ynh_replace_string "{DESTDIR}" "${final_path}" "$PKGDIR/conf/php-fpm.conf"
|
||||
ynh_replace_string "{USER}" "${app}" "$PKGDIR/conf/php-fpm.conf"
|
||||
sudo cp $PKGDIR/conf/php-fpm.conf "$phpfpm_conf"
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue