YunoHost-Apps/wordpress_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/wordpress_ynh.git synced 2024-09-03 20:36:10 +02:00
Code Issues Activity Actions

Merge pull request #55 from YunoHost-Apps/upgrade_package

Browse source 
Upgrade package
This commit is contained in:
Maniack Crudelis 2019-02-15 12:33:54 +01:00 committed by GitHub
commit 63f337bc98
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 708 additions and 290 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
README.md
View file

@ -1,6 +1,6 @@
# Wordpress for YunoHost # Wordpress for YunoHost
[![Integration level](https://dash.yunohost.org/integration/wordpress.svg)](https://ci-apps.yunohost.org/jenkins/job/wordpress%20%28Official%29/lastBuild/consoleFull) [![Integration level](https://dash.yunohost.org/integration/wordpress.svg)](https://dash.yunohost.org/appci/app/wordpress)
[![Install Wordpress with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=wordpress) [![Install Wordpress with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=wordpress)
> *This package allow you to install wordpress quickly and simply on a YunoHost server. > *This package allow you to install wordpress quickly and simply on a YunoHost server.
@ -10,7 +10,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
WordPress is open source software you can use to create a beautiful website, blog, or app. WordPress is open source software you can use to create a beautiful website, blog, or app.
With this package, you can even activate the [multisite](https://codex.wordpress.org/Glossary#Multisite) option. With this package, you can even activate the [multisite](https://codex.wordpress.org/Glossary#Multisite) option.
**Shipped version:** 4.8 **Shipped version:** 5.0.3
## Screenshots ## Screenshots
@ -39,8 +39,9 @@ Supported, with LDAP and SSO.
#### Supported architectures #### Supported architectures
* Tested on x86_64 * x86-64b - [![](https://ci-apps.yunohost.org/ci/logs/wordpress%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/wordpress/)
* Tested on RaspberryPi * ARMv8-A - [![](https://ci-apps-arm.yunohost.org/ci/logs/wordpress%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/wordpress/)
* Jessie x86-64b - [![](https://ci-stretch.nohost.me/ci/logs/wordpress%20%28Official%29.svg)](https://ci-stretch.nohost.me/ci/apps/wordpress/)
## Limitations ## Limitations
@ -61,7 +62,7 @@ Please do your pull request to the [testing branch](https://github.com/YunoHost-
To try the testing branch, please proceed like that. To try the testing branch, please proceed like that.
``` ```
sudo yunohost app install https://github.com/YunoHost-Apps/wordpress_ynh/tree/testing --verbose sudo yunohost app install https://github.com/YunoHost-Apps/wordpress_ynh/tree/testing --debug
or or
sudo yunohost app upgrade wordpress -u https://github.com/YunoHost-Apps/wordpress_ynh/tree/testing --verbose sudo yunohost app upgrade wordpress -u https://github.com/YunoHost-Apps/wordpress_ynh/tree/testing --debug
``` ```

4
conf/app.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://wordpress.org/wordpress-4.9.1.tar.gz SOURCE_URL=https://wordpress.org/wordpress-5.0.3.tar.gz
SOURCE_SUM=111ecbfc98633103e1fc1105c0c00c76 SOURCE_SUM=83bec78836aabac08f769d50f1bffe5d
SOURCE_SUM_PRG=md5sum SOURCE_SUM_PRG=md5sum
ARCH_FORMAT=tar.gz ARCH_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true

2
conf/nginx.conf
View file

@ -18,7 +18,7 @@ location __PATH__/ {
client_max_body_size 30m; client_max_body_size 30m;
location ~ [^/]\.php(/|$) { location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock; fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
fastcgi_index index.php; fastcgi_index index.php;
include fastcgi_params; include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user; fastcgi_param REMOTE_USER $remote_user;

62
conf/php-fpm.conf
View file

@ -1,10 +1,11 @@
; Start a new pool named 'www'. ; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the ; the variable $pool can be used in any directive and will be replaced by the
; pool name ('www' here) ; pool name ('www' here)
[__NAMETOCHANGE__] [__NAMETOCHANGE__]
; Per pool prefix ; Per pool prefix
; It only applies on the following directives: ; It only applies on the following directives:
; - 'access.log'
; - 'slowlog' ; - 'slowlog'
; - 'listen' (unixsocket) ; - 'listen' (unixsocket)
; - 'chroot' ; - 'chroot'
@ -24,17 +25,21 @@ group = __USER__
; The address on which to accept FastCGI requests. ; The address on which to accept FastCGI requests.
; Valid syntaxes are: ; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port; ; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a ; 'port' - to listen on a TCP socket to all addresses on a
; specific port; ; specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket. ; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory. ; Note: This value is mandatory.
listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog. ; Set listen(2) backlog.
; Default Value: 128 (-1 on FreeBSD and OpenBSD) ; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 128 ;listen.backlog = 511
; Set permissions for unix socket, if one is used. In Linux, read/write ; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many ; permissions must be set in order to allow connections from a web server. Many
@ -45,7 +50,13 @@ listen.owner = www-data
listen.group = www-data listen.group = www-data
;listen.mode = 0660 ;listen.mode = 0660
; List of ipv4 addresses of FastCGI clients which are allowed to connect. ; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be ; must be separated by a comma. If this value is left blank, connections will be
@ -59,7 +70,13 @@ listen.group = www-data
; - The pool processes will inherit the master process priority ; - The pool processes will inherit the master process priority
; unless it specified otherwise ; unless it specified otherwise
; Default Value: no set ; Default Value: no set
; priority = -19 ; process.priority = -19
; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
; or group is differrent than the master process user. It allows to create process
; core dump and ptrace the process for the pool user.
; Default Value: no
; process.dumpable = yes
; Choose how the process manager will control the number of child processes. ; Choose how the process manager will control the number of child processes.
; Possible Values: ; Possible Values:
@ -122,7 +139,7 @@ pm.max_spare_servers = 3
; This can be useful to work around memory leaks in 3rd party libraries. For ; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0 ; Default Value: 0
pm.max_requests = 500 ; pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be ; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations: ; recognized as a status page. It shows the following informations:
@ -215,7 +232,7 @@ pm.max_requests = 500
; last request memory: 0 ; last request memory: 0
; ;
; Note: There is a real-time FPM status monitoring sample web page available ; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: ${prefix}/share/fpm/status.html ; It's available in: /usr/share/php/7.0/fpm/status.html
; ;
; Note: The value must start with a leading slash (/). The value can be ; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it ; anything, but it may not be a good idea to use the .php extension or it
@ -275,7 +292,7 @@ pm.max_requests = 500
; - %{megabytes}M ; - %{megabytes}M
; - %{mega}M ; - %{mega}M
; %n: pool name ; %n: pool name
; %o: ouput header ; %o: output header
; it must be associated with embraces to specify the name of the header: ; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o ; - %{Content-Type}o
; - %{X-Powered-By}o ; - %{X-Powered-By}o
@ -291,24 +308,28 @@ pm.max_requests = 500
; %t: server time the request was received ; %t: server time the request was received
; it can accept a strftime(3) format: ; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default) ; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished) ; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format: ; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default) ; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user ; %u: remote user
; ;
; Default: "%R - %u %t \"%m %r\" %s" ; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" ; access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests ; The log file for slow requests
; Default Value: not set ; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set ; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log ; slowlog = log/$pool.log.slow
; The timeout for serving a single request after which a PHP backtrace will be ; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'. ; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0 ; Default Value: 0
request_slowlog_timeout = 5s ;request_slowlog_timeout = 0
; The timeout for serving a single request after which the worker process will ; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option ; be killed. This option should be used when the 'max_execution_time' ini option
@ -347,15 +368,24 @@ chdir = __FINALPATH__
; Note: on highloaded environement, this can cause some delay in the page ; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms). ; process time (several ms).
; Default Value: no ; Default Value: no
catch_workers_output = yes ;catch_workers_output = yes
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no
; Limits the extensions of the main script FPM will allow to parse. This can ; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit ; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to ; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code. ; execute php code.
; Note: set an empty value to allow all extensions. ; Note: set an empty value to allow all extensions.
; Default Value: .php ; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 ;security.limit_extensions = .php .php3 .php4 .php5 .php7
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment. ; the current environment.

6
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Create a beautiful blog or website easily", "en": "Create a beautiful blog or website easily",
"fr": "Logiciel de création de blog ou de site Web" "fr": "Logiciel de création de blog ou de site Web"
}, },
"version": "4.9.1~ynh1", "version": "5.0.3~ynh1",
"url": "https://wordpress.org/", "url": "https://wordpress.org/",
"license": "GPL-2.0", "license": "GPL-2.0",
"maintainer": { "maintainer": {
@ -14,12 +14,12 @@
"email": "maniackc_dev@crudelis.fr" "email": "maniackc_dev@crudelis.fr"
}, },
"requirements": { "requirements": {
"yunohost": ">= 2.7.2" "yunohost": ">= 3.4"
}, },
"multi_instance": true, "multi_instance": true,
"services": [ "services": [
"nginx", "nginx",
"php5-fpm", "php7.0-fpm",
"mysql" "mysql"
], ],
"arguments": { "arguments": {

463
scripts/_common.sh
View file

@ -1,17 +1,5 @@
#!/bin/bash #!/bin/bash
#=================================================
# DISPLAYING
#=================================================
WARNING () { # Écrit sur le canal d'erreur pour passer en warning.
$@ >&2
}
ALL_QUIET () { # Redirige la sortie standard et d'erreur dans /dev/null
$@ > /dev/null 2>&1
}
#================================================= #=================================================
# BACKUP # BACKUP
#================================================= #=================================================
@ -28,56 +16,44 @@ CHECK_SIZE () { # Vérifie avant chaque backup que l'espace est suffisant
if [ $free_space -le $backup_size ] if [ $free_space -le $backup_size ]
then then
WARNING echo "Espace insuffisant pour sauvegarder $file_to_analyse." ynh_print_err "Espace insuffisant pour sauvegarder $file_to_analyse."
WARNING echo "Espace disponible: $(HUMAN_SIZE $free_space)" ynh_print_err "Espace disponible: $(HUMAN_SIZE $free_space)"
ynh_die "Espace nécessaire: $(HUMAN_SIZE $backup_size)" ynh_die "Espace nécessaire: $(HUMAN_SIZE $backup_size)"
fi fi
} }
#================================================= #=================================================
#============= FUTURE YUNOHOST HELPER ============ # FUTUR OFFICIAL HELPERS
#=================================================
# Delete a file checksum from the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_remove_file_checksum file
# | arg: file - The file for which the checksum will be deleted
ynh_delete_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}
#=================================================
# EXPERIMENTAL HELPERS
#================================================= #=================================================
# Create a dedicated fail2ban config (jail and filter conf files) # Create a dedicated fail2ban config (jail and filter conf files)
# #
# usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]] # usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]]
# | arg: log_file - Log file to be checked by fail2ban # | arg: -l, --logpath= - Log file to be checked by fail2ban
# | arg: failregex - Failregex to be looked for by fail2ban # | arg: -r, --failregex= - Failregex to be looked for by fail2ban
# | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3 # | arg: -m, --max_retry= - Maximum number of retries allowed before banning IP address - default: 3
# | arg: ports - Ports blocked for a banned IP address - default: http,https # | arg: -p, --ports= - Ports blocked for a banned IP address - default: http,https
ynh_add_fail2ban_config () { ynh_add_fail2ban_config () {
# Process parameters # Declare an array to define the options of this helper.
logpath=$1 declare -Ar args_array=( [l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= )
failregex=$2 local logpath
max_retry=${3:-3} local failregex
ports=${4:-http,https} local max_retry
local ports
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
max_retry=${max_retry:-3}
ports=${ports:-http,https}
test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf" finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf"
finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf" finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf"
ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
sudo tee $finalfail2banjailconf <<EOF tee $finalfail2banjailconf <<EOF
[$app] [$app]
enabled = true enabled = true
port = $ports port = $ports
@ -86,7 +62,7 @@ logpath = $logpath
maxretry = $max_retry maxretry = $max_retry
EOF EOF
sudo tee $finalfail2banfilterconf <<EOF tee $finalfail2banfilterconf <<EOF
[INCLUDES] [INCLUDES]
before = common.conf before = common.conf
[Definition] [Definition]
@ -94,25 +70,33 @@ failregex = $failregex
ignoreregex = ignoreregex =
EOF EOF
ynh_store_file_checksum "$finalfail2banjailconf" ynh_store_file_checksum "$finalfail2banjailconf"
ynh_store_file_checksum "$finalfail2banfilterconf" ynh_store_file_checksum "$finalfail2banfilterconf"
systemctl restart fail2ban if [ "$(lsb_release --codename --short)" != "jessie" ]; then
local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")" systemctl reload fail2ban
if [ -n "$fail2ban_error" ] else
then systemctl restart fail2ban
echo "[ERR] Fail2ban failed to load the jail for $app" >&2 fi
echo "WARNING${fail2ban_error#*WARNING}" >&2 local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")"
fi if [ -n "$fail2ban_error" ]
then
echo "[ERR] Fail2ban failed to load the jail for $app" >&2
echo "WARNING${fail2ban_error#*WARNING}" >&2
fi
} }
# Remove the dedicated fail2ban config (jail and filter conf files) # Remove the dedicated fail2ban config (jail and filter conf files)
# #
# usage: ynh_remove_fail2ban_config # usage: ynh_remove_fail2ban_config
ynh_remove_fail2ban_config () { ynh_remove_fail2ban_config () {
ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf" ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
sudo systemctl restart fail2ban if [ "$(lsb_release --codename --short)" != "jessie" ]; then
systemctl reload fail2ban
else
systemctl restart fail2ban
fi
} }
#================================================= #=================================================
@ -120,32 +104,91 @@ ynh_remove_fail2ban_config () {
# Read the value of a key in a ynh manifest file # Read the value of a key in a ynh manifest file
# #
# usage: ynh_read_manifest manifest key # usage: ynh_read_manifest manifest key
# | arg: manifest - Path of the manifest to read # | arg: -m, --manifest= - Path of the manifest to read
# | arg: key - Name of the key to find # | arg: -k, --key= - Name of the key to find
ynh_read_manifest () { ynh_read_manifest () {
manifest="$1" # Declare an array to define the options of this helper.
key="$2" declare -Ar args_array=( [m]=manifest= [k]=manifest_key= )
python3 -c "import sys, json;print(json.load(open('$manifest'))['$key'])" local manifest
local manifest_key
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
python3 -c "import sys, json;print(json.load(open('$manifest', encoding='utf-8'))['$manifest_key'])"
} }
# Exit without error if the package is up to date # Read the upstream version from the manifest
# The version number in the manifest is defined by <upstreamversion>~ynh<packageversion>
# For example : 4.3-2~ynh3
# This include the number before ~ynh
# In the last example it return 4.3-2
# #
# This helper should be used to avoid an upgrade of a package # usage: ynh_app_upstream_version [-m manifest]
# when it's not needed. # | arg: -m, --manifest= - Path of the manifest to read
ynh_app_upstream_version () {
declare -Ar args_array=( [m]=manifest= )
local manifest
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
manifest="${manifest:-../manifest.json}"
if [ ! -e "$manifest" ]; then
manifest="../settings/manifest.json" # Into the restore script, the manifest is not at the same place
fi
version_key=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version")
echo "${version_key/~ynh*/}"
}
# Read package version from the manifest
# The version number in the manifest is defined by <upstreamversion>~ynh<packageversion>
# For example : 4.3-2~ynh3
# This include the number after ~ynh
# In the last example it return 3
#
# usage: ynh_app_package_version [-m manifest]
# | arg: -m, --manifest= - Path of the manifest to read
ynh_app_package_version () {
declare -Ar args_array=( [m]=manifest= )
local manifest
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
manifest="${manifest:-../manifest.json}"
if [ ! -e "$manifest" ]; then
manifest="../settings/manifest.json" # Into the restore script, the manifest is not at the same place
fi
version_key=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version")
echo "${version_key/*~ynh/}"
}
# Checks the app version to upgrade with the existing app version and returns:
# - UPGRADE_APP if the upstream app version has changed
# - UPGRADE_PACKAGE if only the YunoHost package has changed
#
## It stops the current script without error if the package is up-to-date
#
# This helper should be used to avoid an upgrade of an app, or the upstream part
# of it, when it's not needed
# #
# To force an upgrade, even if the package is up to date, # To force an upgrade, even if the package is up to date,
# you have to set the variable YNH_FORCE_UPGRADE before. # you have to set the variable YNH_FORCE_UPGRADE before.
# example: sudo YNH_FORCE_UPGRADE=1 yunohost app upgrade MyApp # example: sudo YNH_FORCE_UPGRADE=1 yunohost app upgrade MyApp
# #
# usage: ynh_abort_if_up_to_date # usage: ynh_check_app_version_changed
ynh_abort_if_up_to_date () { ynh_check_app_version_changed () {
local force_upgrade=${YNH_FORCE_UPGRADE:-0} local force_upgrade=${YNH_FORCE_UPGRADE:-0}
local package_check=${PACKAGE_CHECK_EXEC:-0} local package_check=${PACKAGE_CHECK_EXEC:-0}
local version=$(ynh_read_manifest "/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" "version" || echo 1.0) # By default, upstream app version has changed
local last_version=$(ynh_read_manifest "../manifest.json" "version" || echo 1.0) local return_value="UPGRADE_APP"
if [ "$version" = "$last_version" ]
then local current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" --manifest_key="version" || echo 1.0)
local current_upstream_version="$(ynh_app_upstream_version --manifest="/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json")"
local update_version=$(ynh_read_manifest --manifest="../manifest.json" --manifest_key="version" || echo 1.0)
local update_upstream_version="$(ynh_app_upstream_version)"
if [ "$current_version" == "$update_version" ] ; then
# Complete versions are the same
if [ "$force_upgrade" != "0" ] if [ "$force_upgrade" != "0" ]
then then
echo "Upgrade forced by YNH_FORCE_UPGRADE." >&2 echo "Upgrade forced by YNH_FORCE_UPGRADE." >&2
@ -156,7 +199,184 @@ ynh_abort_if_up_to_date () {
else else
ynh_die "Up-to-date, nothing to do" 0 ynh_die "Up-to-date, nothing to do" 0
fi fi
elif [ "$current_upstream_version" == "$update_upstream_version" ] ; then
# Upstream versions are the same, only YunoHost package versions differ
return_value="UPGRADE_PACKAGE"
fi fi
echo $return_value
}
#=================================================
# Start (or other actions) a service, print a log in case of failure and optionnaly wait until the service is completely started
#
# usage: ynh_systemd_action [-n service_name] [-a action] [ [-l "line to match"] [-p log_path] [-t timeout] [-e length] ]
# | arg: -n, --service_name= - Name of the service to reload. Default : $app
# | arg: -a, --action= - Action to perform with systemctl. Default: start
# | arg: -l, --line_match= - Line to match - The line to find in the log to attest the service have finished to boot.
# If not defined it don't wait until the service is completely started.
# | arg: -p, --log_path= - Log file - Path to the log file. Default : /var/log/$app/$app.log
# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Default : 300 seconds.
# | arg: -e, --length= - Length of the error log : Default : 20
ynh_systemd_action() {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= )
local service_name
local action
local line_match
local length
local log_path
local timeout
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local service_name="${service_name:-$app}"
local action=${action:-start}
local log_path="${log_path:-/var/log/$service_name/$service_name.log}"
local length=${length:-20}
local timeout=${timeout:-300}
# Start to read the log
if [[ -n "${line_match:-}" ]]
then
local templog="$(mktemp)"
# Following the starting of the app in its log
if [ "$log_path" == "systemd" ] ; then
# Read the systemd journal
journalctl -u $service_name -f --since=-45 > "$templog" &
else
# Read the specified log file
tail -F -n0 "$log_path" > "$templog" &
fi
# Get the PID of the tail command
local pid_tail=$!
fi
echo "${action^} the service $service_name" >&2
systemctl $action $service_name \
|| ( journalctl --lines=$length -u $service_name >&2 \
; test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 \
; false )
# Start the timeout and try to find line_match
if [[ -n "${line_match:-}" ]]
then
local i=0
for i in $(seq 1 $timeout)
do
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
if grep --quiet "$line_match" "$templog"
then
echo "The service $service_name has correctly started." >&2
break
fi
echo -n "." >&2
sleep 1
done
if [ $i -eq $timeout ]
then
echo "The service $service_name didn't fully started before the timeout." >&2
echo "Please find here an extract of the end of the log of the service $service_name:"
journalctl --lines=$length -u $service_name >&2
test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2
fi
echo ""
ynh_clean_check_starting
fi
}
# Clean temporary process and file used by ynh_check_starting
# (usually used in ynh_clean_setup scripts)
#
# usage: ynh_clean_check_starting
ynh_clean_check_starting () {
# Stop the execution of tail.
kill -s 15 $pid_tail 2>&1
ynh_secure_remove "$templog" 2>&1
}
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
# Print a message as INFO and show progression during an app script
#
# usage: ynh_script_progression --message=message [--weight=weight] [--time]
# | arg: -m, --message= - The text to print
# | arg: -w, --weight= - The weight for this progression. This value is 1 by default. Use a bigger value for a longer part of the script.
# | arg: -t, --time= - Print the execution time since the last call to this helper. Especially usefull to define weights.
# | arg: -l, --last= - Use for the last call of the helper, to fill te progression bar.
increment_progression=0
previous_weight=0
# Define base_time when the file is sourced
base_time=$(date +%s)
ynh_script_progression () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [m]=message= [w]=weight= [t]=time [l]=last )
local message
local weight
local time
local last
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
weight=${weight:-1}
time=${time:-0}
last=${last:-0}
# Get execution time since the last $base_time
local exec_time=$(( $(date +%s) - $base_time ))
base_time=$(date +%s)
# Get the number of occurrences of 'ynh_script_progression' in the script. Except those are commented.
local helper_calls="$(grep --count "^[^#]*ynh_script_progression" $0)"
# Get the number of call with a weight value
local weight_calls=$(grep --perl-regexp --count "^[^#]*ynh_script_progression.*(--weight|-w )" $0)
# Get the weight of each occurrences of 'ynh_script_progression' in the script using --weight
local weight_valuesA="$(grep --perl-regexp "^[^#]*ynh_script_progression.*--weight" $0 | sed 's/.*--weight[= ]\([[:digit:]].*\)/\1/g')"
# Get the weight of each occurrences of 'ynh_script_progression' in the script using -w
local weight_valuesB="$(grep --perl-regexp "^[^#]*ynh_script_progression.*-w " $0 | sed 's/.*-w[= ]\([[:digit:]].*\)/\1/g')"
# Each value will be on a different line.
# Remove each 'end of line' and replace it by a '+' to sum the values.
local weight_values=$(( $(echo "$weight_valuesA" | tr '\n' '+') + $(echo "$weight_valuesB" | tr '\n' '+') 0 ))
# max_progression is a total number of calls to this helper.
# Less the number of calls with a weight value.
# Plus the total of weight values
local max_progression=$(( $helper_calls - $weight_calls + $weight_values ))
# Increment each execution of ynh_script_progression in this script by the weight of the previous call.
increment_progression=$(( $increment_progression + $previous_weight ))
# Store the weight of the current call in $previous_weight for next call
previous_weight=$weight
# Set the scale of the progression bar
local scale=20
# progress_string(1,2) should have the size of the scale.
local progress_string1="####################"
local progress_string0="...................."
# Reduce $increment_progression to the size of the scale
if [ $last -eq 0 ]
then
local effective_progression=$(( $increment_progression * $scale / $max_progression ))
# If last is specified, fill immediately the progression_bar
else
local effective_progression=$scale
fi
# Build $progression_bar from progress_string(1,2) according to $effective_progression
local progression_bar="${progress_string1:0:$effective_progression}${progress_string0:0:$(( $scale - $effective_progression ))}"
local print_exec_time=""
if [ $time -eq 1 ]
then
print_exec_time=" [$(date +%Hh%Mm,%Ss --date="0 + $exec_time sec")]"
fi
ynh_print_info "[$progression_bar] > ${message}${print_exec_time}"
} }
#================================================= #=================================================
@ -164,14 +384,20 @@ ynh_abort_if_up_to_date () {
# Send an email to inform the administrator # Send an email to inform the administrator
# #
# usage: ynh_send_readme_to_admin app_message [recipients] # usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: app_message - The message to send to the administrator. # | arg: -m --app_message= - The message to send to the administrator.
# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root # | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain" # example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you # If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2" # example: "root admin@domain user1 user2"
ynh_send_readme_to_admin() { ynh_send_readme_to_admin() {
local app_message="${1:-...No specific information...}" # Declare an array to define the options of this helper.
local recipients="${2:-root}" declare -Ar args_array=( [m]=app_message= [r]=recipients= )
local app_message
local recipients
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local app_message="${app_message:-...No specific information...}"
local recipients="${recipients:-root}"
# Retrieve the email of users # Retrieve the email of users
find_mails () { find_mails () {
@ -221,3 +447,82 @@ $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
# Send the email to the recipients # Send the email to the recipients
echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients" echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
} }
#=================================================
ynh_maintenance_mode_ON () {
# Load value of $path_url and $domain from the config if their not set
if [ -z $path_url ]; then
path_url=$(ynh_app_setting_get $app path)
fi
if [ -z $domain ]; then
domain=$(ynh_app_setting_get $app domain)
fi
# Create an html to serve as maintenance notice
echo "<!DOCTYPE html>
<html>
<head>
<meta http-equiv="refresh" content="3">
<title>Your app $app is currently under maintenance!</title>
<style>
body {
width: 70em;
margin: 0 auto;
}
</style>
</head>
<body>
<h1>Your app $app is currently under maintenance!</h1>
<p>This app has been put under maintenance by your administrator at $(date)</p>
<p>Please wait until the maintenance operation is done. This page will be reloaded as soon as your app will be back.</p>
</body>
</html>" > "/var/www/html/maintenance.$app.html"
# Create a new nginx config file to redirect all access to the app to the maintenance notice instead.
echo "# All request to the app will be redirected to ${path_url}_maintenance and fall on the maintenance notice
rewrite ^${path_url}/(.*)$ ${path_url}_maintenance/? redirect;
# Use another location, to not be in conflict with the original config file
location ${path_url}_maintenance/ {
alias /var/www/html/ ;
try_files maintenance.$app.html =503;
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}" > "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf"
# The current config file will redirect all requests to the root of the app.
# To keep the full path, we can use the following rewrite rule:
# rewrite ^${path_url}/(.*)$ ${path_url}_maintenance/\$1? redirect;
# The difference will be in the $1 at the end, which keep the following queries.
# But, if it works perfectly for a html request, there's an issue with any php files.
# This files are treated as simple files, and will be downloaded by the browser.
# Would be really be nice to be able to fix that issue. So that, when the page is reloaded after the maintenance, the user will be redirected to the real page he was.
systemctl reload nginx
}
ynh_maintenance_mode_OFF () {
# Load value of $path_url and $domain from the config if their not set
if [ -z $path_url ]; then
path_url=$(ynh_app_setting_get $app path)
fi
if [ -z $domain ]; then
domain=$(ynh_app_setting_get $app domain)
fi
# Rewrite the nginx config file to redirect from ${path_url}_maintenance to the real url of the app.
echo "rewrite ^${path_url}_maintenance/(.*)$ ${path_url}/\$1 redirect;" > "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf"
systemctl reload nginx
# Sleep 4 seconds to let the browser reload the pages and redirect the user to the app.
sleep 4
# Then remove the temporary files used for the maintenance.
rm "/var/www/html/maintenance.$app.html"
rm "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf"
systemctl reload nginx
}

51
scripts/_sed
View file

@ -1,51 +0,0 @@
#!/bin/bash
# https://github.com/YunoHost/yunohost/pull/394
# Substitute/replace a string (or expression) by another in a file
#
# usage: ynh_replace_string match_string replace_string target_file
# | arg: match_string - String to be searched and replaced in the file
# | arg: replace_string - String that will replace matches
# | arg: target_file - File in which the string will be replaced.
#
# As this helper is based on sed command, regular expressions and
# references to sub-expressions can be used
# (see sed manual page for more information)
ynh_replace_string () {
local delimit=@
local match_string=$1
local replace_string=$2
local workfile=$3
# Escape the delimiter if it's in the string.
match_string=${match_string//${delimit}/"\\${delimit}"}
replace_string=${replace_string//${delimit}/"\\${delimit}"}
sudo sed --in-place "s${delimit}${match_string}${delimit}${replace_string}${delimit}g" "$workfile"
}
# Substitute/replace a password by another in a file
#
# usage: ynh_replace_password_string match_string replace_string target_file
# | arg: match_string - String to be searched and replaced in the file
# | arg: replace_string - String that will replace matches
# | arg: target_file - File in which the string will be replaced.
#
# This helper will use ynh_replace_string, but as you can use special
# characters, you can't use some regular expressions and sub-expressions.
ynh_replace_password_string () {
local match_string=$1
local replace_string=$2
local workfile=$3
# Escape any backslash to preserve them as simple backslash.
match_string=${match_string//\\/"\\\\"}
replace_string=${replace_string//\\/"\\\\"}
# Escape the & character, who has a special function in sed.
match_string=${match_string//&/"\&"}
replace_string=${replace_string//&/"\&"}
ynh_replace_string "$match_string" "$replace_string" "$workfile"
}

29
scripts/backup
View file

@ -6,12 +6,7 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
if [ ! -e _common.sh ]; then source ../settings/scripts/_common.sh
# Get the _common.sh file if it's not in the current directory
cp ../settings/scripts/_common.sh ./_common.sh
chmod a+rx _common.sh
fi
source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
@ -24,6 +19,7 @@ ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Load settings" --weight=2
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -35,27 +31,31 @@ db_pwd=$(ynh_app_setting_get $app mysqlpwd)
#================================================= #=================================================
# STANDARD BACKUP STEPS # STANDARD BACKUP STEPS
#================================================= #=================================================
# BACKUP OF THE MAIN DIR OF THE APP # BACKUP THE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Backup the app main dir" --weight=2
CHECK_SIZE "$final_path" CHECK_SIZE "$final_path"
ynh_backup "$final_path" ynh_backup "$final_path"
#================================================= #=================================================
# BACKUP OF THE NGINX CONFIGURATION # BACKUP NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Backup nginx configuration"
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# BACKUP OF THE PHP-FPM CONFIGURATION # BACKUP PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Backup php-fpm configuration"
ynh_backup "/etc/php5/fpm/pool.d/$app.conf" ynh_backup "/etc/php/7.0/fpm/pool.d/$app.conf"
#================================================= #=================================================
# BACKUP OF THE SQL BDD # BACKUP THE MYSQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Backup the mysql database" --weight=2
ynh_mysql_dump_db "$db_name" > db.sql ynh_mysql_dump_db "$db_name" > db.sql
CHECK_SIZE "db.sql" CHECK_SIZE "db.sql"
@ -63,6 +63,13 @@ CHECK_SIZE "db.sql"
#================================================= #=================================================
# BACKUP FAIL2BAN CONFIGURATION # BACKUP FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Backup fail2ban configuration"
ynh_backup "/etc/fail2ban/jail.d/$app.conf" ynh_backup "/etc/fail2ban/jail.d/$app.conf"
ynh_backup "/etc/fail2ban/filter.d/$app.conf" ynh_backup "/etc/fail2ban/filter.d/$app.conf"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Backup completed" --last

66
scripts/change_url
View file

@ -8,11 +8,11 @@
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
source _sed
#================================================= #=================================================
# RETRIEVE ARGUMENTS # RETRIEVE ARGUMENTS
#================================================= #=================================================
ynh_script_progression --message="Retrieve arguments from the manifest"
old_domain=$YNH_APP_OLD_DOMAIN old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH old_path=$YNH_APP_OLD_PATH
@ -25,7 +25,9 @@ app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Load settings" --weight=2
final_path=$(ynh_app_setting_get $app final_path)
multisite=$(ynh_app_setting_get $app multisite) multisite=$(ynh_app_setting_get $app multisite)
if [ $multisite -eq 1 ] if [ $multisite -eq 1 ]
@ -37,12 +39,22 @@ fi
#================================================= #=================================================
# CHECK THE SYNTAX OF THE PATHS # CHECK THE SYNTAX OF THE PATHS
#================================================= #=================================================
ynh_script_progression --message="Check the syntax of the paths"
test -n "$old_path" || old_path="/" test -n "$old_path" || old_path="/"
test -n "$new_path" || new_path="/" test -n "$new_path" || new_path="/"
new_path=$(ynh_normalize_url_path $new_path) new_path=$(ynh_normalize_url_path $new_path)
old_path=$(ynh_normalize_url_path $old_path) old_path=$(ynh_normalize_url_path $old_path)
#=================================================
# ACTIVATE MAINTENANCE MODE
#=================================================
ynh_script_progression --message="Activate maintenance mode" --weight=2
path_url=$old_path
domain=$old_domain
ynh_maintenance_mode_ON
#================================================= #=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED # CHECK WHICH PARTS SHOULD BE CHANGED
#================================================= #=================================================
@ -71,6 +83,7 @@ ynh_abort_if_errors
#================================================= #=================================================
# MODIFY URL IN NGINX CONF # MODIFY URL IN NGINX CONF
#================================================= #=================================================
ynh_script_progression --message="Modify url in nginx configuration" --weight=3
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
@ -80,29 +93,15 @@ then
# Make a backup of the original nginx config file if modified # Make a backup of the original nginx config file if modified
ynh_backup_if_checksum_is_different "$nginx_conf_path" ynh_backup_if_checksum_is_different "$nginx_conf_path"
# Move from sub path to root # Set global variables for nginx helper
if [ "$new_path" == "/" ] domain="$old_domain"
then path_url="$new_path"
ynh_replace_string "\(^.*rewrite.*\^$old_path.* permanent;\)" "#sub_path_only\1" "$nginx_conf_path"
ynh_replace_string "\(rewrite *\^\)$old_path\$ $old_path/*" "\1$new_path$ $new_path" "$nginx_conf_path"
# Move to a sub path # Store path_url setting
else ynh_app_setting_set $app path "$path_url"
ynh_replace_string "^#sub_path_only" "" "$nginx_conf_path"
ynh_replace_string "\(rewrite *\^\)$old_path\$ $old_path/*" "\1$new_path$ $new_path/" "$nginx_conf_path"
fi
ynh_replace_string "location ${old_path%/}/" "location ${new_path%/}/" "$nginx_conf_path" # Create a dedicated nginx config
ynh_add_nginx_config
# Change the rewrite instructions for multisite
ynh_replace_string "rewrite \^$old_path\(.*last;\)" "rewrite ^$new_path\1" "$nginx_conf_path"
ynh_replace_string "$old_path\$2 last;" "$new_path\$2 last;" "$nginx_conf_path"
# Change the rewrite instruction with $request_filename
ynh_replace_string "${old_path%/}/index.php?q=" "${new_path%/}/index.php?q=" "$nginx_conf_path"
# Calculate and store the nginx config file checksum
ynh_store_file_checksum "$nginx_conf_path"
fi fi
# Change the domain for nginx # Change the domain for nginx
@ -112,9 +111,8 @@ then
ynh_delete_file_checksum "$nginx_conf_path" ynh_delete_file_checksum "$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
nginx_conf_path=/etc/nginx/conf.d/$new_domain.d/$app.conf # Store file checksum for the new config file location
# Calculate and store the nginx config file checksum ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
ynh_store_file_checksum "$nginx_conf_path"
fi fi
#================================================= #=================================================
@ -131,5 +129,21 @@ ynh_mysql_execute_as_root "UPDATE wp_options SET option_value='$new_domain$new_p
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reload nginx"
systemctl reload nginx ynh_systemd_action --action=reload --service_name=nginx
#=================================================
# DEACTIVE MAINTENANCE MODE
#=================================================
ynh_script_progression --message="Disable maintenance mode" --weight=5
path_url=$old_path
domain=$old_domain
ynh_maintenance_mode_OFF
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of url completed" --last

86
scripts/install
View file

@ -19,6 +19,7 @@ ynh_abort_if_errors
#================================================= #=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST # RETRIEVE ARGUMENTS FROM THE MANIFEST
#================================================= #=================================================
ynh_script_progression --message="Retrieve arguments from the manifest"
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH path_url=$YNH_APP_ARG_PATH
@ -32,6 +33,7 @@ app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS # CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS
#================================================= #=================================================
ynh_script_progression --message="Check if the app can be installed" --weight=2
final_path=/var/www/$app final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder" test ! -e "$final_path" || ynh_die "This path already contains a folder"
@ -39,18 +41,17 @@ test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Normalize the url path syntax # Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url) path_url=$(ynh_normalize_url_path $path_url)
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path # Register (book) web path
ynh_webpath_register $app $domain $path_url ynh_webpath_register $app $domain $path_url
if [ "$path_url" == "/" ] && [ $multisite -eq 1 ]; then if [ "$path_url" == "/" ] && [ $multisite -eq 1 ]; then
ynh_die "Multisite option of wordpress doesn't work at root of domain." ynh_die "Multisite option of wordpress doesn't work at the root of a domain."
fi fi
#================================================= #=================================================
# STORE SETTINGS FROM MANIFEST # STORE SETTINGS FROM MANIFEST
#================================================= #=================================================
ynh_script_progression --message="Store settings from manifest" --weight=2
ynh_app_setting_set $app domain $domain ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url ynh_app_setting_set $app path $path_url
@ -64,12 +65,14 @@ ynh_app_setting_set $app multisite $multisite
#================================================= #=================================================
# INSTALL DEPENDENCIES # INSTALL DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Install dependencies" --weight=9
ynh_install_app_dependencies php5-cli ynh_install_app_dependencies php5-cli
#================================================= #=================================================
# CREATE A SQL BDD # CREATE A MYSQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Create a mysql database"
db_name=$(ynh_sanitize_dbid $app) db_name=$(ynh_sanitize_dbid $app)
ynh_app_setting_set $app db_name $db_name ynh_app_setting_set $app db_name $db_name
@ -78,6 +81,7 @@ ynh_mysql_setup_db $db_name $db_name
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Download, check and unpack source" --weight=4
ynh_app_setting_set $app final_path $final_path ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
@ -86,24 +90,23 @@ ynh_setup_source "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configure nginx" --weight=3
# Create a dedicated nginx config # Create a dedicated nginx config
if [ "$path_url" != "/" ]
then
ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
fi
ynh_add_nginx_config ynh_add_nginx_config
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Create a dedicated user" --weight=3
# Create a system user # Create a dedicated system user
ynh_system_user_create $app ynh_system_user_create $app
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configure php-fpm" --weight=2
# Create a dedicated php-fpm config # Create a dedicated php-fpm config
ynh_add_fpm_config ynh_add_fpm_config
@ -113,6 +116,7 @@ ynh_add_fpm_config
#================================================= #=================================================
# CONFIGURE WP-CONFIG # CONFIGURE WP-CONFIG
#================================================= #=================================================
ynh_script_progression --message="Configure wp-config.php"
cp ../conf/wp-config.php $final_path/wp-config.php cp ../conf/wp-config.php $final_path/wp-config.php
# Change variables in Wordpress configuration # Change variables in Wordpress configuration
@ -134,34 +138,37 @@ done
#================================================= #=================================================
# SETTING UP WITH CURL # SETTING UP WITH CURL
#================================================= #=================================================
ynh_script_progression --message="Install wordpress with Curl" --weight=10
# Set right permissions for curl install # Set right permissions for curl install
chown -R $app: $final_path chown -R $app: $final_path
# Rend la page d'install publique pour curl # Set the app as temporarily public for curl call
ynh_app_setting_set $app unprotected_uris "/" ynh_app_setting_set $app unprotected_uris "/"
yunohost app ssowatconf # Régénère la configuration de SSOwat # Regen SSOwat configuration
yunohost app ssowatconf
# Reload Nginx # Reload Nginx
systemctl reload nginx ynh_systemd_action --action=reload --service_name=nginx
# Wordpress installation # Wordpress installation
ynh_local_curl "/wp-admin/install.php?step=2" "&weblog_title=YunoBlog" "user_name=$admin_wordpress" "admin_password=$db_pwd" "admin_password2=$db_pwd" "admin_email=$admin_wordpress@$domain" "Submit=Install+WordPress" ynh_local_curl "/wp-admin/install.php?step=2" "&weblog_title=YunoBlog" "user_name=$admin_wordpress" "admin_password=$db_pwd" "admin_password2=$db_pwd" "admin_email=$admin_wordpress@$domain" "Submit=Install+WordPress"
WARNING echo -n "Please wait during Wordpress installation" ynh_print_info "Please wait during Wordpress installation"
for i in `seq 1 300` for i in `seq 1 300`
do # La boucle attend la fin de l'installation de wordpress Ou 5 minutes. do
# The loop waits for wordpress to be installed, or 5 minutes.
if ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "show tables" | grep -q "wp_options"; then if ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "show tables" | grep -q "wp_options"; then
break # Si la table wp_options est trouvée, l'installation de wordpress est terminée. Quitte la boucle. # If the table wp_options is found, wordpress has finished its installation.
break
fi fi
WARNING echo -n "."
sleep 1 sleep 1
done done
WARNING echo ""
#================================================= #=================================================
# INSTALL WORDPRESS' PLUGINS # INSTALL WORDPRESS PLUGINS
#================================================= #=================================================
ynh_script_progression --message="Install wordpress plugins" --weight=20
wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $final_path/wp-cli.phar wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $final_path/wp-cli.phar
wpcli_alias="php $final_path/wp-cli.phar --allow-root --path=$final_path" wpcli_alias="php $final_path/wp-cli.phar --allow-root --path=$final_path"
@ -174,9 +181,10 @@ $wpcli_alias plugin install wp-fail2ban
#================================================= #=================================================
# SET LANGUAGE # SET LANGUAGE
#================================================= #=================================================
ynh_script_progression --message="Set language" --weight=3
$wpcli_alias core language install $language $wpcli_alias core language install $language
$wpcli_alias core language activate $language $wpcli_alias site switch-language $language
#================================================= #=================================================
# CONFIGURE MULTISITE # CONFIGURE MULTISITE
@ -184,14 +192,16 @@ $wpcli_alias core language activate $language
if [ $multisite -eq 1 ] if [ $multisite -eq 1 ]
then then
ynh_script_progression --message="Configure multisite" --weight=2
ynh_replace_string "#--MULTISITE--" "" /etc/nginx/conf.d/$domain.d/$app.conf ynh_replace_string "#--MULTISITE--" "" /etc/nginx/conf.d/$domain.d/$app.conf
# Autorise le multisite wordpress # Allow multisite
ynh_replace_string "//--MULTISITE1--define" "define " $final_path/wp-config.php ynh_replace_string "//--MULTISITE1--define" "define " $final_path/wp-config.php
# Active le multisite via wp-cli. # Activate multisite via wp-cli
ALL_QUIET $wpcli_alias core multisite-convert --base=$path_url/ ynh_exec_fully_quiet $wpcli_alias core multisite-convert --base=$path_url/
# Active le multisite wordpress # Activate multisite in wordpress config
ynh_replace_string "//--MULTISITE2--define" "define" $final_path/wp-config.php ynh_replace_string "//--MULTISITE2--define" "define" $final_path/wp-config.php
ynh_mysql_connect_as $db_name $db_pwd $db_name < ../conf/sql/multisite.sql ynh_mysql_connect_as $db_name $db_pwd $db_name < ../conf/sql/multisite.sql
@ -202,8 +212,9 @@ else
fi fi
#================================================= #=================================================
# ACTIVATE WORDPRESS' PLUGINS # ACTIVATE WORDPRESS PLUGINS
#================================================= #=================================================
ynh_script_progression --message="Activate wordpress plugins" --weight=4
$wpcli_alias plugin activate simple-ldap-login $plugin_network $wpcli_alias plugin activate simple-ldap-login $plugin_network
# Do not activate http-authentication, this plugin is sometimes unstable # Do not activate http-authentication, this plugin is sometimes unstable
@ -211,7 +222,7 @@ $wpcli_alias plugin activate companion-auto-update $plugin_network
$wpcli_alias plugin activate wp-fail2ban $plugin_network $wpcli_alias plugin activate wp-fail2ban $plugin_network
#================================================= #=================================================
# STORE THE CHECKSUM OF THE CONFIG FILE # STORE THE CONFIG FILE CHECKSUM
#================================================= #=================================================
# Calculate and store the config file checksum into the app settings # Calculate and store the config file checksum into the app settings
@ -223,32 +234,37 @@ ynh_store_file_checksum "$final_path/wp-config.php"
# SECURING FILES AND DIRECTORIES # SECURING FILES AND DIRECTORIES
#================================================= #=================================================
# Les fichiers appartiennent à l'user wordpress, pour permettre les mises à jour. # Set permissions to app files
# Files have to be own by the user of wordpress. To allow upgrade from the app.
chown -R $app: $final_path chown -R $app: $final_path
# Sauf le fichier de config wp-config.php qui appartient à root # Except the file config wp-config.php
chown root: $final_path/wp-config.php chown root: $final_path/wp-config.php
#================================================= #=================================================
# SETUP FAIL2BAN # SETUP FAIL2BAN
#================================================= #=================================================
ynh_script_progression --message="Configure fail2ban" --weight=7
ynh_add_fail2ban_config "/var/log/auth.log" "Authentication (attempt for unknown user|failure for) .* from <HOST>" 5 # Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from <HOST>" --max_retry=5
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
#================================================= #=================================================
ynh_script_progression --message="Setup SSOwat"
if [ $is_public -eq 0 ]; if [ $is_public -eq 0 ];
then then
# Retire l'accès public # Remove the public access
ynh_app_setting_delete $app unprotected_uris ynh_app_setting_delete $app unprotected_uris
fi fi
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reload nginx" --weight=3
systemctl reload nginx ynh_systemd_action --action=reload --service_name=nginx
#================================================= #=================================================
# REMOVE WP-CLI.PHAR # REMOVE WP-CLI.PHAR
@ -260,6 +276,12 @@ ynh_secure_remove $final_path/wp-cli.phar
# SEND A README FOR THE ADMIN # SEND A README FOR THE ADMIN
#================================================= #=================================================
message="If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/wordpress_ynh" message="If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/wordpress_ynh"
ynh_send_readme_to_admin "$message" "$admin_wordpress" ynh_send_readme_to_admin --app_message="$message" --recipients="$admin_wordpress"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation completed" --last

25
scripts/remove
View file

@ -12,6 +12,7 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Load settings" --weight=2
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -23,34 +24,39 @@ db_name=$(ynh_app_setting_get $app db_name)
#================================================= #=================================================
# REMOVE DEPENDENCIES # REMOVE DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Remove dependencies" --weight=11
# Remove metapackage and its dependencies # Remove metapackage and its dependencies
ynh_remove_app_dependencies ynh_remove_app_dependencies
#================================================= #=================================================
# REMOVE THE SQL BDD # REMOVE THE MYSQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Remove the mysql database" --weight=2
# Remove a database if it exists, along with the associated user # Remove a database if it exists, along with the associated user
ynh_mysql_remove_db $db_name $db_name ynh_mysql_remove_db $db_name $db_name
#================================================= #=================================================
# REMOVE THE MAIN DIR OF THE APP # REMOVE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Remove app main directory"
# Remove the app directory securely # Remove the app directory securely
ynh_secure_remove "/var/www/$app" ynh_secure_remove "/var/www/$app"
#================================================= #=================================================
# REMOVE THE NGINX CONFIGURATION # REMOVE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Remove nginx configuration"
# Remove the dedicated nginx config # Remove the dedicated nginx config
ynh_remove_nginx_config ynh_remove_nginx_config
#================================================= #=================================================
# REMOVE THE PHP-FPM CONFIGURATION # REMOVE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Remove php-fpm configuration" --weight=2
# Remove the dedicated php-fpm config # Remove the dedicated php-fpm config
ynh_remove_fpm_config ynh_remove_fpm_config
@ -58,7 +64,9 @@ ynh_remove_fpm_config
#================================================= #=================================================
# REMOVE FAIL2BAN CONFIGURATION # REMOVE FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Remove fail2ban configuration" --weight=8
# Remove the dedicated fail2ban config
ynh_remove_fail2ban_config ynh_remove_fail2ban_config
#================================================= #=================================================
@ -66,6 +74,13 @@ ynh_remove_fail2ban_config
#================================================= #=================================================
# REMOVE DEDICATED USER # REMOVE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Remove the dedicated user" --weight=3
# Delete a system user # Delete dedicated system user
ynh_system_user_delete $app ynh_system_user_delete $app
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Deletion completed" --last

72
scripts/restore
View file

@ -6,12 +6,7 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
if [ ! -e _common.sh ]; then source ../settings/scripts/_common.sh
# Get the _common.sh file if it's not in the current directory
cp ../settings/scripts/_common.sh ./_common.sh
chmod a+rx _common.sh
fi
source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
@ -24,6 +19,7 @@ ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Load settings" --weight=3
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -32,6 +28,7 @@ path_url=$(ynh_app_setting_get $app path)
is_public=$(ynh_app_setting_get $app is_public) is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path) final_path=$(ynh_app_setting_get $app final_path)
db_name=$(ynh_app_setting_get $app db_name) db_name=$(ynh_app_setting_get $app db_name)
admin_wordpress=$(ynh_app_setting_get $app admin)
#================================================= #=================================================
# CHECK IF THE APP CAN BE RESTORED # CHECK IF THE APP CAN BE RESTORED
@ -43,61 +40,96 @@ test ! -d $final_path \
|| ynh_die "There is already a directory: $final_path " || ynh_die "There is already a directory: $final_path "
#================================================= #=================================================
# STANDARD RESTORE STEPS # ACTIVATE MAINTENANCE MODE
#================================================= #=================================================
# RESTORE OF THE NGINX CONFIGURATION ynh_script_progression --message="Activate maintenance mode"
ynh_maintenance_mode_ON
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RESTORE OF THE MAIN DIR OF THE APP # RESTORE THE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Restore the app main directory"
ynh_restore_file "$final_path" ynh_restore_file "$final_path"
#================================================= #=================================================
# RESTORE OF THE SQL BDD # RESTORE THE MYSQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Restore the mysql database" --weight=3
db_pwd=$(ynh_app_setting_get $app mysqlpwd) db_pwd=$(ynh_app_setting_get $app mysqlpwd)
ynh_mysql_setup_db $db_name $db_name $db_pwd ynh_mysql_setup_db $db_name $db_name $db_pwd
ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql
#================================================= #=================================================
# RECREATE OF THE DEDICATED USER # RECREATE THE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Recreate the dedicated user" --weight=3
ynh_system_user_create $app # Recreate the dedicated user, if not exist # Create the dedicated user (if not existing)
ynh_system_user_create $app
#================================================= #=================================================
# RESTORE USER RIGHTS # RESTORE USER RIGHTS
#================================================= #=================================================
# Les fichiers appartiennent à l'user wordpress, pour permettre les mises à jour. # Set permissions to app files
# Files have to be own by the user of wordpress. To allow upgrade from the app.
chown -R $app: $final_path chown -R $app: $final_path
# Sauf le fichier de config wp-config.php qui appartient à root # Except the file config wp-config.php
chown root: $final_path/wp-config.php chown root: $final_path/wp-config.php
#================================================= #=================================================
# RESTORE OF THE PHP-FPM CONFIGURATION # RESTORE THE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf"
#================================================= #=================================================
# RESTORE FAIL2BAN CONFIGURATION # RESTORE THE FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restore the fail2ban configuration" --weight=6
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
systemctl restart fail2ban ynh_systemd_action --action=restart --service_name=fail2ban
#================================================= #=================================================
# GENERIC FINALISATION # GENERIC FINALISATION
#================================================= #=================================================
# RELOAD NGINX AND PHP-FPM # RELOAD NGINX AND PHP-FPM
#================================================= #=================================================
ynh_script_progression --message="Reload nginx and php-fpm" --weight=2
systemctl reload php5-fpm ynh_systemd_action --action=reload --service_name=php5-fpm
systemctl reload nginx ynh_systemd_action --action=reload --service_name=nginx
#=================================================
# DEACTIVE MAINTENANCE MODE
#=================================================
ynh_script_progression --message="Disable maintenance mode" --weight=8
ynh_maintenance_mode_OFF
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/wordpress_ynh"
ynh_send_readme_to_admin --app_message="$message" --recipients="$admin_wordpress"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed" --last

85
scripts/upgrade
View file

@ -12,6 +12,7 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Load settings" --weight=5
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -28,11 +29,12 @@ db_name=$(ynh_app_setting_get $app db_name)
# CHECK VERSION # CHECK VERSION
#================================================= #=================================================
ynh_abort_if_up_to_date upgrade_type=$(ynh_check_app_version_changed)
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
ynh_script_progression --message="Ensure downward compatibility"
if [ -z "$admin_wordpress" ]; then if [ -z "$admin_wordpress" ]; then
ynh_mysql_execute_as_root "select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';" $db_name ynh_mysql_execute_as_root "select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';" $db_name
@ -51,28 +53,32 @@ if [ -z "$language" ]; then
ynh_app_setting_set $app language $language ynh_app_setting_set $app language $language
fi fi
# Fix is_public as a boolean
if [ "${is_public,,}" = "yes" ]; then if [ "${is_public,,}" = "yes" ]; then
ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen ynh_app_setting_set $app is_public 1
is_public=1 is_public=1
elif [ "${is_public,,}" = "no" ]; then elif [ "${is_public,,}" = "no" ]; then
ynh_app_setting_set $app is_public 0 ynh_app_setting_set $app is_public 0
is_public=0 is_public=0
fi fi
# Fix multisite as a boolean
if [ "${multisite,,}" = "yes" ]; then if [ "${multisite,,}" = "yes" ]; then
ynh_app_setting_set $app multisite 1 # Fixe multisite en booléen ynh_app_setting_set $app multisite 1
multisite=1 multisite=1
elif [ "${multisite,,}" = "no" ]; then elif [ "${multisite,,}" = "no" ]; then
ynh_app_setting_set $app multisite 0 ynh_app_setting_set $app multisite 0
multisite=0 multisite=0
fi fi
if [ -z $db_name ]; then # Si db_name n'est pas renseigné dans app setting # If db_name doesn't exist, create it
if [ -z $db_name ]; then
db_name=$(ynh_sanitize_dbid $app) db_name=$(ynh_sanitize_dbid $app)
ynh_app_setting_set $app db_name $db_name ynh_app_setting_set $app db_name $db_name
fi fi
if grep add_filter.*auto_update $final_path/wp-config.php; then # Si des add_filter demeurent dans le wp-config # If some 'add_filter' are still in wp_config, remove them
if grep add_filter.*auto_update $final_path/wp-config.php; then
sed --in-place '/add_filter.*auto_update/d' $final_path/wp-config.php sed --in-place '/add_filter.*auto_update/d' $final_path/wp-config.php
fi fi
@ -81,6 +87,7 @@ fi
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backup the app before upgrading" --weight=15
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
@ -98,27 +105,40 @@ ynh_abort_if_errors
# Normalize the URL path syntax # Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url) path_url=$(ynh_normalize_url_path $path_url)
#=================================================
# ACTIVATE MAINTENANCE MODE
#=================================================
ynh_script_progression --message="Activate maintenance mode" --weight=2
ynh_maintenance_mode_ON
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrade dependencies" --weight=11
ynh_install_app_dependencies php5-cli
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Reconfigure nginx" --weight=2
# Create a dedicated nginx config # Create a dedicated nginx config
if [ "$path_url" != "/" ]
then
ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
fi
ynh_add_nginx_config ynh_add_nginx_config
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Create a dedicated user"
# Create the dedicated user, if not exist # Create a dedicated user (if not existing)
ynh_system_user_create $app ynh_system_user_create $app
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Reconfigure php-fpm" --weight=4
# Create a dedicated php-fpm config # Create a dedicated php-fpm config
ynh_add_fpm_config ynh_add_fpm_config
@ -126,15 +146,16 @@ ynh_add_fpm_config
#================================================= #=================================================
# SPECIFIC UPGRADE # SPECIFIC UPGRADE
#================================================= #=================================================
# SAVE THE CONFIG FILE IF IT BEEN MODIFIED # SAVE THE CONFIG FILE IF IT HAS BEEN MODIFIED
#================================================= #=================================================
# Verify the checksum and backup the file if it's different # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
ynh_backup_if_checksum_is_different "$final_path/wp-config.php" ynh_backup_if_checksum_is_different "$final_path/wp-config.php"
#================================================= #=================================================
# CONFIGURE MULTISITE # CONFIGURE MULTISITE
#================================================= #=================================================
ynh_script_progression --message="Configure multisite" --weight=2
if [ $multisite -eq 1 ] if [ $multisite -eq 1 ]
then then
@ -153,8 +174,9 @@ fi
ynh_app_setting_set $app multisite $multisite ynh_app_setting_set $app multisite $multisite
#================================================= #=================================================
# UPDATE WORDPRESS' PLUGINS # UPDATE WORDPRESS PLUGINS
#================================================= #=================================================
ynh_script_progression --message="Update wordpress plugins" --weight=11
wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $final_path/wp-cli.phar wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $final_path/wp-cli.phar
wpcli_alias="php $final_path/wp-cli.phar --allow-root --path=$final_path" wpcli_alias="php $final_path/wp-cli.phar --allow-root --path=$final_path"
@ -175,7 +197,7 @@ $wpcli_alias plugin is-installed http-authentication && $wpcli_alias plugin deac
# STORE THE CHECKSUM OF THE CONFIG FILE # STORE THE CHECKSUM OF THE CONFIG FILE
#================================================= #=================================================
# Recalculate and store the config file checksum into the app settings # Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum "$final_path/wp-config.php" ynh_store_file_checksum "$final_path/wp-config.php"
#================================================= #=================================================
@ -184,36 +206,57 @@ ynh_store_file_checksum "$final_path/wp-config.php"
# SECURING FILES AND DIRECTORIES # SECURING FILES AND DIRECTORIES
#================================================= #=================================================
# Les fichiers appartiennent à l'user wordpress, pour permettre les mises à jour. # Set permissions to app files
# Files have to be own by the user of wordpress. To allow upgrade from the app.
chown -R $app: $final_path chown -R $app: $final_path
# Sauf le fichier de config wp-config.php qui appartient à root # Except the file config wp-config.php
chown root: $final_path/wp-config.php chown root: $final_path/wp-config.php
#================================================= #=================================================
# UPGRADE FAIL2BAN # UPGRADE FAIL2BAN
#================================================= #=================================================
ynh_script_progression --message="Reconfigure fail2ban" --weight=9
ynh_add_fail2ban_config "/var/log/auth.log" "Authentication (attempt for unknown user|failure for) .* from <HOST>" 5 # Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from <HOST>" --max_retry=5
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
#================================================= #=================================================
ynh_script_progression --message="Reconfigure SSOwat"
ynh_app_setting_delete $app skipped_uris # Retire le skipped_uris si il existe encore. # Remove skipped_uris if it's still present
if [ $is_public -eq 0 ]; then # Retire l'accès public ynh_app_setting_delete $app skipped_uris
if [ $is_public -eq 0 ]; then
# Remove the public access
ynh_app_setting_delete $app unprotected_uris ynh_app_setting_delete $app unprotected_uris
else # Ou remplace le skipped_uris par unprotected_uris le cas échéant. else
# Or replace skipped_uris by unprotected_uris
ynh_app_setting_set $app unprotected_uris "/" ynh_app_setting_set $app unprotected_uris "/"
fi fi
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reload nginx"
systemctl reload nginx ynh_systemd_action --action=reload --service_name=nginx
#================================================= #=================================================
# REMOVE WP-CLI.PHAR # REMOVE WP-CLI.PHAR
#================================================= #=================================================
ynh_secure_remove $final_path/wp-cli.phar ynh_secure_remove $final_path/wp-cli.phar
#=================================================
# DEACTIVE MAINTENANCE MODE
#=================================================
ynh_script_progression --message="Disable maintenance mode" --weight=5
ynh_maintenance_mode_OFF
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade completed" --last