#!/bin/bash #================================================= # DISPLAYING #================================================= WARNING () { # Écrit sur le canal d'erreur pour passer en warning. $@ >&2 } ALL_QUIET () { # Redirige la sortie standard et d'erreur dans /dev/null $@ > /dev/null 2>&1 } #================================================= # BACKUP #================================================= HUMAN_SIZE () { # Transforme une taille en Ko en une taille lisible pour un humain human=$(numfmt --to=iec --from-unit=1K $1) echo $human } CHECK_SIZE () { # Vérifie avant chaque backup que l'espace est suffisant file_to_analyse=$1 backup_size=$(du --summarize "$file_to_analyse" | cut -f1) free_space=$(df --output=avail "/home/yunohost.backup" | sed 1d) if [ $free_space -le $backup_size ] then WARNING echo "Espace insuffisant pour sauvegarder $file_to_analyse." WARNING echo "Espace disponible: $(HUMAN_SIZE $free_space)" ynh_die "Espace nécessaire: $(HUMAN_SIZE $backup_size)" fi } #================================================= #============= FUTURE YUNOHOST HELPER ============ #================================================= # Delete a file checksum from the app settings # # $app should be defined when calling this helper # # usage: ynh_remove_file_checksum file # | arg: file - The file for which the checksum will be deleted ynh_delete_file_checksum () { local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' ynh_app_setting_delete $app $checksum_setting_name } #================================================= # EXPERIMENTAL HELPERS #================================================= # Create a dedicated fail2ban config (jail and filter conf files) # # usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]] # | arg: log_file - Log file to be checked by fail2ban # | arg: failregex - Failregex to be looked for by fail2ban # | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3 # | arg: ports - Ports blocked for a banned IP address - default: http,https ynh_add_fail2ban_config () { # Process parameters logpath=$1 failregex=$2 max_retry=${3:-3} ports=${4:-http,https} test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf" finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf" ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 sudo tee $finalfail2banjailconf <&2 echo "WARNING${fail2ban_error#*WARNING}" >&2 fi } # Remove the dedicated fail2ban config (jail and filter conf files) # # usage: ynh_remove_fail2ban_config ynh_remove_fail2ban_config () { ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf" ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" sudo systemctl restart fail2ban } #================================================= # Read the value of a key in a ynh manifest file # # usage: ynh_read_manifest manifest key # | arg: manifest - Path of the manifest to read # | arg: key - Name of the key to find ynh_read_manifest () { manifest="$1" key="$2" python3 -c "import sys, json;print(json.load(open('$manifest'))['$key'])" } # Exit without error if the package is up to date # # This helper should be used to avoid an upgrade of a package # when it's not needed. # # To force an upgrade, even if the package is up to date, # you have to set the variable YNH_FORCE_UPGRADE before. # example: sudo YNH_FORCE_UPGRADE=1 yunohost app upgrade MyApp # # usage: ynh_abort_if_up_to_date ynh_abort_if_up_to_date () { local force_upgrade=${YNH_FORCE_UPGRADE:-0} local package_check=${PACKAGE_CHECK_EXEC:-0} local version=$(ynh_read_manifest "/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" "version" || echo 1.0) local last_version=$(ynh_read_manifest "../manifest.json" "version" || echo 1.0) if [ "$version" = "$last_version" ] then if [ "$force_upgrade" != "0" ] then echo "Upgrade forced by YNH_FORCE_UPGRADE." >&2 unset YNH_FORCE_UPGRADE elif [ "$package_check" != "0" ] then echo "Upgrade forced for package check." >&2 else ynh_die "Up-to-date, nothing to do" 0 fi fi } #================================================= # Send an email to inform the administrator # # usage: ynh_send_readme_to_admin app_message [recipients] # | arg: app_message - The message to send to the administrator. # | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root # example: "root admin@domain" # If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you # example: "root admin@domain user1 user2" ynh_send_readme_to_admin() { local app_message="${1:-...No specific information...}" local recipients="${2:-root}" # Retrieve the email of users find_mails () { local list_mails="$1" local mail local recipients=" " # Read each mail in argument for mail in $list_mails do # Keep root or a real email address as it is if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@" then recipients="$recipients $mail" else # But replace an user name without a domain after by its email if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null) then recipients="$recipients $mail" fi fi done echo "$recipients" } recipients=$(find_mails "$recipients") local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!" local mail_message="This is an automated message from your beloved YunoHost server. Specific information for the application $app. $app_message --- Automatic diagnosis data from YunoHost $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')" # Send the email to the recipients echo "$mail_message" | mail -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients" }