#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_script_progression --message="Loading installation settings..." --weight=2 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) deskey=$(ynh_app_setting_get --app=$app --key=deskey) language=$(ynh_app_setting_get --app=$app --key=language) #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=5 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=2 # If db_name doesn't exist, create it if [ -z "$db_name" ]; then db_name=$(ynh_sanitize_dbid --db_name=$app) ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi # If final_path doesn't exist, create it if [ -z "$final_path" ]; then final_path=/var/www/$app ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi # If path_url doesn't exist, create it if [ -z "$path_url" ]; then path_url=$(ynh_app_setting_get --app=$app --key=path_url) ynh_app_setting_set --app=$app --key=path --value=$path_url fi # If language doesn't exist, create it if [ -z "$language" ]; then language="en" ynh_app_setting_set --app=$app --key=language --value=$language fi # Create the log file is not already existing if [ ! -f "$final_path/var/logs/prod.log" ] then mkdir -p "$final_path/var/logs/" touch "$final_path/var/logs/prod.log" chown $app: "$final_path/var/logs/prod.log" fi if ynh_legacy_permissions_exists then ynh_legacy_permissions_delete_all ynh_app_setting_delete --app=$app --key=is_public fi #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 # Create a dedicated user (if not existing) ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." --weight=6 # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" #--keep="$final_path/app/config/parameters.yml" # Clear cache ynh_secure_remove --file="$final_path/var/cache" mkdir "$final_path/var/cache" fi #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=3 # Create a dedicated nginx config ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 # Create a dedicated php-fpm config ynh_add_fpm_config --package="$extra_php_dependencies" #================================================= # CONFIGURE FAIL2BAN #================================================= ynh_add_fail2ban_config --logpath="$final_path/var/logs/prod.log" --failregex='app.ERROR: Authentication failure for user "([\w]+)?", from IP ""' --max_retry=5 # same as install config #================================================= # SPECIFIC UPGRADE #================================================= # CONFIGURE WALLABAG #================================================= if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Reconfiguring wallabag..." --weight=11 ynh_add_config --template="../conf/parameters.yml.dist" --destination="$final_path/app/config/parameters.yml" #================================================= # UPGRADE WALLABAG #================================================= # Alias for php-cli execution command php_exec="ynh_exec_as $app php "$final_path/bin/console" --no-interaction --env=prod" # Set permissions to app files chown -R $app: $final_path # Upgrade database and clear the cache $php_exec doctrine:migrations:migrate $php_exec cache:clear # Configure Wallabag instance URL ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name <<< "UPDATE craue_config_setting SET value = 'https://$domain$path_url' WHERE name = 'wallabag_url'" fi #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions to app files chown -R $app:www-data $final_path chmod -R g=u,g-w,o-rwx $final_path # Restrict rights to Wallabag user only chmod 600 $final_path/app/config/parameters.yml if [ -e $final_path/var/cache/prod/appProdProjectContainer.php ]; then chmod 700 $final_path/var/cache/prod/appProdProjectContainer.php fi #================================================= # SETUP HOOKS #================================================= ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_create" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_delete" #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed" --last