#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) #================================================= # ACTIVATE MAINTENANCE MODE #================================================= ynh_maintenance_mode_ON #================================================= # STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." if [ -z "$admin_wordpress" ]; then ynh_mysql_execute_as_root --sql="select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';" --database=$db_name admin_wordpress=$(cat /tmp/wordpressuser) ynh_secure_remove --file=/tmp/wordpressuser #REMOVEME? ynh_app_setting_set --app=$app --key=admin --value=$admin_wordpress fi # If install_dir doesn't exist, create it if [ -z "$install_dir" ]; then #REMOVEME? install_dir=/var/www/$app #REMOVEME? ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir fi if [ -z "$language" ]; then language=$(grep WPLANG $install_dir/wp-config.php | cut -d"'" -f4) ynh_app_setting_set --app=$app --key=language --value=$language fi # Fix multisite as a boolean if [ "${multisite,,}" = "yes" ]; then ynh_app_setting_set --app=$app --key=multisite --value=1 multisite=1 elif [ "${multisite,,}" = "no" ]; then ynh_app_setting_set --app=$app --key=multisite --value=0 multisite=0 fi # If db_name doesn't exist, create it if [ -z "$db_name" ]; then db_name=$(ynh_sanitize_dbid --db_name=$app) #REMOVEME? ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi # If some 'add_filter' are still in wp_config, remove them if grep add_filter.*auto_update $install_dir/wp-config.php; then sed --in-place '/add_filter.*auto_update/d' $install_dir/wp-config.php fi # If admin_mail_html doesn't exist, create it if [ -z "$admin_mail_html" ]; then admin_mail_html=1 #REMOVEME? ynh_app_setting_set --app=$app --key=admin_mail_html --value=$admin_mail_html fi # If overwrite_nginx doesn't exist, create it if [ -z "$overwrite_nginx" ]; then overwrite_nginx=1 ynh_app_setting_set $app overwrite_nginx $overwrite_nginx fi # If overwrite_phpfpm doesn't exist, create it if [ -z "$overwrite_phpfpm" ]; then overwrite_phpfpm=1 ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm fi # If fpm_footprint doesn't exist, create it if [ -z "$fpm_footprint" ]; then fpm_footprint=medium ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint fi # If fpm_free_footprint doesn't exist, create it if [ -z "$fpm_free_footprint" ]; then fpm_free_footprint=0 ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint fi # If fpm_usage doesn't exist, create it if [ -z "$fpm_usage" ]; then # If the app is private, set the usage to low, otherwise to high. #REMOVEME? if [ $(ynh_app_setting_get --app=$app --key=is_public) -eq 0 ] then usage=low else usage=high fi fpm_usage=$usage ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage fi # If phpversion doesn't exist, create it if [ -z "$phpversion" ]; then phpversion=$YNH_PHP_VERSION ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion fi # Replace wp-fail2ban by wp-fail2ban-redux ynh_exec_warn_less wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$install_dir/wp-cli.phar wpcli_alias="php$phpversion $install_dir/wp-cli.phar --allow-root --path=$install_dir" plugin_network="" if [ $multisite -eq 1 ]; then plugin_network="--network" fi $wpcli_alias plugin is-installed wp-fail2ban && $wpcli_alias plugin deactivate $plugin_network wp-fail2ban && $wpcli_alias plugin uninstall wp-fail2ban $wpcli_alias plugin is-installed wp-fail2ban-redux || $wpcli_alias plugin install wp-fail2ban-redux # Remove old ldap plugin $wpcli_alias plugin is-installed simple-ldap-login && $wpcli_alias plugin deactivate $plugin_network simple-ldap-login && $wpcli_alias plugin uninstall simple-ldap-login #================================================= # NGINX CONFIGURATION #================================================= # Overwrite the NGINX configuration only if it's allowed if [ $overwrite_nginx -eq 1 ] then ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 ynh_add_nginx_config fi #================================================= # PHP-FPM CONFIGURATION #================================================= # Overwrite the PHP-FPM configuration only if it's allowed if [ $overwrite_phpfpm -eq 1 ] then ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=4 # Create a dedicated PHP-FPM config ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint fi #================================================= # SPECIFIC UPGRADE #================================================= # SAVE THE CONFIG FILE IF IT HAS BEEN MODIFIED #================================================= # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ynh_backup_if_checksum_is_different --file="$install_dir/wp-config.php" #================================================= # CONFIGURE MULTISITE #================================================= ynh_script_progression --message="Configuring multisite..." --weight=2 if [ $multisite -eq 1 ] then ynh_replace_string --match_string="#--MULTISITE--" --replace_string="" --target_file=/etc/nginx/conf.d/$domain.d/$app.conf ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_systemd_action --service_name=nginx --action=reload db_prefix=$(grep '^$table_prefix' "$install_dir/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" ) ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/multisite.sql ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/multisite.sql ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql plugin_network="--network" else multisite=0 db_prefix=$(grep '^$table_prefix' "$install_dir/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" ) ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/single.sql ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/single.sql ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql plugin_network="" if ynh_permission_has_user --permission="main" --user="visitor" then ynh_replace_string --match_string="//--PUBLIC--define" --replace_string="define" --target_file=$install_dir/wp-config.php fi fi ynh_app_setting_set --app=$app --key=multisite --value=$multisite #================================================= # UPDATE WORDPRESS PLUGINS #================================================= ynh_script_progression --message="Updating plugins" --weight=11 # wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $install_dir/wp-cli.phar # wpcli_alias="php$phpversion $install_dir/wp-cli.phar --allow-root --path=$install_dir" update_plugin () { ( $wpcli_alias plugin is-installed $1 && $wpcli_alias plugin update $1 ) || $wpcli_alias plugin install $1 } update_plugin authldap $wpcli_alias plugin activate authldap $plugin_network update_plugin companion-auto-update $wpcli_alias plugin activate companion-auto-update $plugin_network update_plugin wp-fail2ban-redux $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network # Disable broken plugin http-authentication $wpcli_alias plugin is-installed http-authentication && $wpcli_alias plugin deactivate http-authentication $plugin_network # Set file and directories ownership mkdir -p $install_dir/wp-content/uploads mkdir -p $install_dir/wp-content/temp chown -R $app:www-data "$install_dir" find "$install_dir" -type d -exec chmod 750 {} \; find "$install_dir" -type f -exec chmod 640 {} \; find "$install_dir/wp-content/uploads" -type d -exec chmod 770 {} \; find "$install_dir/wp-content/temp" -type d -exec chmod 770 {} \; setfacl -Rm d:g:www-data:rwX "$install_dir/wp-content/uploads" setfacl -Rm d:g:www-data:rwX "$install_dir/wp-content/temp" #================================================= # STORE THE CHECKSUM OF THE CONFIG FILE #================================================= # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum --file="$install_dir/wp-config.php" chmod 400 "$install_dir/wp-config.php" chown $app:$app "$install_dir/wp-config.php" #================================================= # CREATE A CRON TASK FOR AUTOMATIC UPDATE #================================================= echo "# Reach everyday wp-cron.php to trig the internal WordPress cron. 0 3 * * * $app php$phpversion $install_dir/wp-cron.php" > /etc/cron.d/$app #================================================= # GENERIC FINALISATION #================================================= # UPGRADE FAIL2BAN #================================================= ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=9 # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from " --max_retry=5 #================================================= # REMOVE WP-CLI.PHAR #================================================= ynh_secure_remove --file=$install_dir/wp-cli.phar #================================================= # DEACTIVE MAINTENANCE MODE #================================================= ynh_maintenance_mode_OFF #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Upgrade of $app completed" --last