#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= ynh_script_progression --message="Loading installation settings..." --weight=5 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) language=$(ynh_app_setting_get --app=$app --key=language) admin_wordpress=$(ynh_app_setting_get --app=$app --key=admin) multisite=$(ynh_app_setting_get --app=$app --key=multisite) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) overwrite_nginx=$(ynh_app_setting_get --app=$app --key=overwrite_nginx) overwrite_phpfpm=$(ynh_app_setting_get --app=$app --key=overwrite_phpfpm) admin_mail_html=$(ynh_app_setting_get --app=$app --key=admin_mail_html) fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # CHECK VERSION #================================================= ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) #================================================= # STANDARD UPGRADE STEPS #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=15 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # ACTIVATE MAINTENANCE MODE #================================================= ynh_script_progression --message="Activating maintenance mode..." --weight=2 ynh_maintenance_mode_ON #================================================= # STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." if [ -z "$admin_wordpress" ]; then ynh_mysql_execute_as_root --sql="select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';" --database=$db_name admin_wordpress=$(cat /tmp/wordpressuser) ynh_secure_remove --file=/tmp/wordpressuser ynh_app_setting_set --app=$app --key=admin --value=$admin_wordpress fi # If final_path doesn't exist, create it if [ -z "$final_path" ]; then final_path=/var/www/$app ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi if [ -z "$language" ]; then language=$(grep WPLANG $final_path/wp-config.php | cut -d"'" -f4) ynh_app_setting_set --app=$app --key=language --value=$language fi # Fix multisite as a boolean if [ "${multisite,,}" = "yes" ]; then ynh_app_setting_set --app=$app --key=multisite --value=1 multisite=1 elif [ "${multisite,,}" = "no" ]; then ynh_app_setting_set --app=$app --key=multisite --value=0 multisite=0 fi # If db_name doesn't exist, create it if [ -z "$db_name" ]; then db_name=$(ynh_sanitize_dbid --db_name=$app) ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi # If some 'add_filter' are still in wp_config, remove them if grep add_filter.*auto_update $final_path/wp-config.php; then sed --in-place '/add_filter.*auto_update/d' $final_path/wp-config.php fi # If admin_mail_html doesn't exist, create it if [ -z "$admin_mail_html" ]; then admin_mail_html=1 ynh_app_setting_set --app=$app --key=admin_mail_html --value=$admin_mail_html fi # If overwrite_nginx doesn't exist, create it if [ -z "$overwrite_nginx" ]; then overwrite_nginx=1 ynh_app_setting_set $app overwrite_nginx $overwrite_nginx fi # If overwrite_phpfpm doesn't exist, create it if [ -z "$overwrite_phpfpm" ]; then overwrite_phpfpm=1 ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm fi # If fpm_footprint doesn't exist, create it if [ -z "$fpm_footprint" ]; then fpm_footprint=medium ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint fi # If fpm_usage doesn't exist, create it if [ -z "$fpm_usage" ]; then # If the app is private, set the usage to low, otherwise to high. if [ $(ynh_app_setting_get --app=$app --key=is_public) -eq 0 ] then usage=low else usage=high fi fpm_usage=$usage ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage fi # If phpversion doesn't exist, create it if [ -z "$phpversion" ]; then phpversion=$YNH_PHP_VERSION ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion fi # Replace wp-fail2ban by wp-fail2ban-redux ynh_exec_warn_less wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$final_path/wp-cli.phar wpcli_alias="php$phpversion $final_path/wp-cli.phar --allow-root --path=$final_path" plugin_network="" if [ $multisite -eq 1 ]; then plugin_network="--network" fi $wpcli_alias plugin is-installed wp-fail2ban && $wpcli_alias plugin deactivate $plugin_network wp-fail2ban && $wpcli_alias plugin uninstall wp-fail2ban $wpcli_alias plugin is-installed wp-fail2ban-redux || $wpcli_alias plugin install wp-fail2ban-redux # Remove old ldap plugin $wpcli_alias plugin is-installed simple-ldap-login && $wpcli_alias plugin deactivate $plugin_network simple-ldap-login && $wpcli_alias plugin uninstall simple-ldap-login # Cleaning legacy permissions if ynh_legacy_permissions_exists; then ynh_legacy_permissions_delete_all ynh_app_setting_delete --app=$app --key=is_public fi if ! ynh_permission_exists --permission="admin"; then # Create the required permissions ynh_permission_create --permission="admin" --url="/wp-login.php" --additional_urls="/wp-admin.php" --allowed=$admin_wordpress fi #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # NGINX CONFIGURATION #================================================= # Overwrite the NGINX configuration only if it's allowed if [ $overwrite_nginx -eq 1 ] then ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 ynh_add_nginx_config fi #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." --weight=5 ynh_install_app_dependencies $pkg_dependencies #================================================= # PHP-FPM CONFIGURATION #================================================= # Overwrite the PHP-FPM configuration only if it's allowed if [ $overwrite_phpfpm -eq 1 ] then ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=4 # Create a dedicated PHP-FPM config ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint fi #================================================= # SPECIFIC UPGRADE #================================================= # SAVE THE CONFIG FILE IF IT HAS BEEN MODIFIED #================================================= # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ynh_backup_if_checksum_is_different --file="$final_path/wp-config.php" #================================================= # CONFIGURE MULTISITE #================================================= ynh_script_progression --message="Configuring multisite..." --weight=2 db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) if [ $multisite -eq 1 ] then ynh_replace_string --match_string="#--MULTISITE--" --replace_string="" --target_file=/etc/nginx/conf.d/$domain.d/$app.conf ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_systemd_action --service_name=nginx --action=reload db_prefix=$(grep '^$table_prefix' "$final_path/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" ) ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/multisite.sql ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/multisite.sql ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql plugin_network="--network" else multisite=0 db_prefix=$(grep '^$table_prefix' "$final_path/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" ) ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/single.sql ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/single.sql ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql plugin_network="" if ynh_permission_has_user --permission="main" --user="visitor" then ynh_replace_string --match_string="//--PUBLIC--define" --replace_string="define" --target_file=$final_path/wp-config.php fi fi ynh_app_setting_set --app=$app --key=multisite --value=$multisite #================================================= # UPDATE WORDPRESS PLUGINS #================================================= ynh_script_progression --message="Updating plugins" --weight=11 # wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $final_path/wp-cli.phar # wpcli_alias="php$phpversion $final_path/wp-cli.phar --allow-root --path=$final_path" update_plugin () { ( $wpcli_alias plugin is-installed $1 && $wpcli_alias plugin update $1 ) || $wpcli_alias plugin install $1 } update_plugin authldap $wpcli_alias plugin activate authldap $plugin_network update_plugin companion-auto-update $wpcli_alias plugin activate companion-auto-update $plugin_network update_plugin wp-fail2ban-redux $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network # Disable broken plugin http-authentication $wpcli_alias plugin is-installed http-authentication && $wpcli_alias plugin deactivate http-authentication $plugin_network # Set file and directories ownership mkdir -p $final_path/wp-content/uploads mkdir -p $final_path/wp-content/temp chown -R $app:www-data "$final_path" find "$final_path" -type d -exec chmod 750 {} \; find "$final_path" -type f -exec chmod 640 {} \; find "$final_path/wp-content/uploads" -type d -exec chmod 770 {} \; find "$final_path/wp-content/temp" -type d -exec chmod 770 {} \; setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/uploads" setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/temp" #================================================= # STORE THE CHECKSUM OF THE CONFIG FILE #================================================= # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum --file="$final_path/wp-config.php" chmod 400 "$final_path/wp-config.php" chown $app:$app "$final_path/wp-config.php" #================================================= # CREATE A CRON TASK FOR AUTOMATIC UPDATE #================================================= echo "# Reach everyday wp-cron.php to trig the internal WordPress cron. 0 3 * * * $app php$phpversion $final_path/wp-cron.php" > /etc/cron.d/$app #================================================= # GENERIC FINALISATION #================================================= # UPGRADE FAIL2BAN #================================================= ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=9 # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from " --max_retry=5 #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload #================================================= # REMOVE WP-CLI.PHAR #================================================= ynh_secure_remove --file=$final_path/wp-cli.phar #================================================= # DEACTIVE MAINTENANCE MODE #================================================= ynh_script_progression --message="Disabling maintenance mode..." --weight=5 ynh_maintenance_mode_OFF #================================================= # SEND A README FOR THE ADMIN #================================================= # Get main domain and buid the url of the admin panel of the app. admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app" # If a html email is required. Apply html to the changelog. if [ "$admin_mail_html" -eq 1 ]; then format=html else format=plain fi ynh_app_changelog --format=$format echo "Please manually trigger updates to major versions in the WordPress admin area. You can also activate the automatic update in the Companion Auto Update plugin settings. You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__. You can also find some specific actions for this app by using the experimental __URL_TAG1__action feature__URL_TAG2__$admin_panel/actions__URL_TAG3__. If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/wordpress_ynh__URL_TAG3__. --- Changelog since your last upgrade: $(cat changelog)" > mail_to_send ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="$admin_wordpress" --type=upgrade #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed" --last