mirror of
https://github.com/YunoHost-Apps/wordpress_ynh.git
synced 2024-09-03 20:36:10 +02:00
211 lines
8.6 KiB
Bash
211 lines
8.6 KiB
Bash
#!/bin/bash
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
ynh_app_setting_set_default --key=php_memory_limit --value=64M
|
|
|
|
#=================================================
|
|
# ACTIVATE MAINTENANCE MODE
|
|
#=================================================
|
|
|
|
ynh_maintenance_mode_ON
|
|
|
|
#=================================================
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
#=================================================
|
|
ynh_script_progression "Ensuring downward compatibility..."
|
|
|
|
if [ -z "${admin:-}" ]; then
|
|
ynh_mysql_db_shell <<< "select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';"
|
|
|
|
admin=$(cat /tmp/wordpressuser)
|
|
ynh_safe_rm /tmp/wordpressuser
|
|
ynh_app_setting_set --key=admin --value=$admin
|
|
fi
|
|
|
|
# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=language --value=$(grep WPLANG $install_dir/wp-config.php | cut -d"'" -f4)
|
|
if [ -z "${language:-}" ]; then
|
|
language=$(grep WPLANG $install_dir/wp-config.php | cut -d"'" -f4)
|
|
ynh_app_setting_set --key=language --value=$language
|
|
fi
|
|
|
|
# Fix multisite as a boolean
|
|
if [ "${multisite,,}" = "yes" ]; then
|
|
ynh_app_setting_set --key=multisite --value=1
|
|
multisite=1
|
|
elif [ "${multisite,,}" = "no" ]; then
|
|
ynh_app_setting_set --key=multisite --value=0
|
|
multisite=0
|
|
fi
|
|
|
|
# If some 'add_filter' are still in wp_config, remove them
|
|
if grep add_filter.*auto_update $install_dir/wp-config.php; then
|
|
sed --in-place '/add_filter.*auto_update/d' $install_dir/wp-config.php
|
|
fi
|
|
|
|
# If fpm_footprint doesn't exist, create it
|
|
if [ -z "${fpm_footprint:-}" ]; then
|
|
fpm_footprint=medium
|
|
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_footprint --value=$fpm_footprint
|
|
fi
|
|
|
|
# If fpm_free_footprint doesn't exist, create it
|
|
if [ -z "${fpm_free_footprint:-}" ]; then
|
|
fpm_free_footprint=0
|
|
#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_free_footprint --value=$fpm_free_footprint
|
|
fi
|
|
|
|
# If fpm_usage doesn't exist, create it
|
|
if [ -z "${fpm_usage:-}" ]; then
|
|
fpm_usage=low
|
|
#REMOVEME? Everything about fpm_usage is removed in helpers2.1... | ynh_app_setting_set --key=fpm_usage --value=$fpm_usage
|
|
fi
|
|
|
|
# Replace wp-fail2ban by wp-fail2ban-redux
|
|
ynh_hide_warnings wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$install_dir/wp-cli.phar
|
|
wpcli_alias="php$php_version $install_dir/wp-cli.phar --allow-root --path=$install_dir"
|
|
plugin_network=""
|
|
if [ $multisite -eq 1 ]; then
|
|
plugin_network="--network"
|
|
fi
|
|
$wpcli_alias plugin is-installed wp-fail2ban && $wpcli_alias plugin deactivate $plugin_network wp-fail2ban && $wpcli_alias plugin uninstall wp-fail2ban
|
|
$wpcli_alias plugin is-installed wp-fail2ban-redux || $wpcli_alias plugin install wp-fail2ban-redux
|
|
|
|
# Remove old ldap plugin
|
|
$wpcli_alias plugin is-installed simple-ldap-login && $wpcli_alias plugin deactivate $plugin_network simple-ldap-login && $wpcli_alias plugin uninstall simple-ldap-login
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression "Upgrading NGINX web server configuration..."
|
|
|
|
ynh_config_add_nginx
|
|
|
|
#=================================================
|
|
# PHP-FPM CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression "Upgrading PHP-FPM configuration..."
|
|
|
|
# Create a dedicated PHP-FPM config
|
|
ynh_config_add_phpfpm
|
|
|
|
#=================================================
|
|
# SAVE THE CONFIG FILE IF IT HAS BEEN MODIFIED
|
|
#=================================================
|
|
|
|
# Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
|
|
ynh_backup_if_checksum_is_different "$install_dir/wp-config.php"
|
|
|
|
#=================================================
|
|
# CONFIGURE MULTISITE
|
|
#=================================================
|
|
ynh_script_progression "Configuring multisite..."
|
|
|
|
if [ $multisite -eq 1 ]
|
|
then
|
|
ynh_replace --match="#--MULTISITE--" --replace="" --file=/etc/nginx/conf.d/$domain.d/$app.conf
|
|
|
|
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
|
|
|
|
ynh_systemctl --service=nginx --action=reload
|
|
|
|
db_prefix=$(grep '^$table_prefix' "$install_dir/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" )
|
|
|
|
ynh_replace --match="__DB_PREFIX__" --replace="$db_prefix" --file=../conf/sql/multisite.sql
|
|
ynh_replace --match="__APP__" --replace="$app" --file=../conf/sql/multisite.sql
|
|
ynh_replace --match="__LENGTH__" --replace="$((${#app} + 108))" --file=../conf/sql/multisite.sql
|
|
|
|
ynh_mysql_db_shell < ../conf/sql/multisite.sql
|
|
plugin_network="--network"
|
|
else
|
|
multisite=0
|
|
db_prefix=$(grep '^$table_prefix' "$install_dir/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" )
|
|
|
|
ynh_replace --match="__DB_PREFIX__" --replace="$db_prefix" --file=../conf/sql/single.sql
|
|
ynh_replace --match="__APP__" --replace="$app" --file=../conf/sql/single.sql
|
|
ynh_replace --match="__LENGTH__" --replace="$((${#app} + 108))" --file=../conf/sql/single.sql
|
|
|
|
ynh_mysql_db_shell < ../conf/sql/single.sql
|
|
plugin_network=""
|
|
if ynh_permission_has_user --permission="main" --user="visitor"
|
|
then
|
|
ynh_replace --match="//--PUBLIC--define" --replace="define" --file=$install_dir/wp-config.php
|
|
fi
|
|
fi
|
|
ynh_app_setting_set --key=multisite --value=$multisite
|
|
|
|
#=================================================
|
|
# UPDATE WORDPRESS PLUGINS
|
|
#=================================================
|
|
ynh_script_progression "Updating plugins"
|
|
|
|
# wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $install_dir/wp-cli.phar
|
|
# wpcli_alias="php$php_version $install_dir/wp-cli.phar --allow-root --path=$install_dir"
|
|
update_plugin () {
|
|
( $wpcli_alias plugin is-installed $1 && $wpcli_alias plugin update $1 ) || $wpcli_alias plugin install $1
|
|
}
|
|
update_plugin authldap
|
|
$wpcli_alias plugin activate authldap $plugin_network
|
|
update_plugin companion-auto-update
|
|
$wpcli_alias plugin activate companion-auto-update $plugin_network
|
|
|
|
update_plugin wp-fail2ban-redux
|
|
$wpcli_alias plugin activate wp-fail2ban-redux $plugin_network
|
|
|
|
# Disable broken plugin http-authentication
|
|
$wpcli_alias plugin is-installed http-authentication && $wpcli_alias plugin deactivate http-authentication $plugin_network
|
|
|
|
# Set file and directories ownership
|
|
mkdir -p $install_dir/wp-content/uploads
|
|
mkdir -p $install_dir/wp-content/temp
|
|
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
|
|
find "$install_dir" -type d -exec chmod 750 {} \;
|
|
find "$install_dir" -type f -exec chmod 640 {} \;
|
|
find "$install_dir/wp-content/uploads" -type d -exec chmod 770 {} \;
|
|
find "$install_dir/wp-content/temp" -type d -exec chmod 770 {} \;
|
|
setfacl -Rm d:g:www-data:rwX "$install_dir/wp-content/uploads"
|
|
setfacl -Rm d:g:www-data:rwX "$install_dir/wp-content/temp"
|
|
|
|
#=================================================
|
|
# STORE THE CHECKSUM OF THE CONFIG FILE
|
|
#=================================================
|
|
|
|
# Recalculate and store the checksum of the file for the next upgrade.
|
|
ynh_store_file_checksum "$install_dir/wp-config.php"
|
|
|
|
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$install_dir/wp-config.php"
|
|
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/wp-config.php"
|
|
|
|
#=================================================
|
|
# CREATE A CRON TASK FOR AUTOMATIC UPDATE
|
|
#=================================================
|
|
|
|
echo "# Reach everyday wp-cron.php to trig the internal WordPress cron.
|
|
0 3 * * * $app php$php_version $install_dir/wp-cron.php" > /etc/cron.d/$app
|
|
|
|
#=================================================
|
|
# UPGRADE FAIL2BAN
|
|
#=================================================
|
|
ynh_script_progression "Reconfiguring Fail2Ban..."
|
|
|
|
# Create a dedicated Fail2Ban config
|
|
ynh_config_add_fail2ban --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from <HOST>"
|
|
|
|
#=================================================
|
|
# REMOVE WP-CLI.PHAR
|
|
#=================================================
|
|
|
|
ynh_safe_rm $install_dir/wp-cli.phar
|
|
|
|
#=================================================
|
|
# DEACTIVE MAINTENANCE MODE
|
|
#=================================================
|
|
|
|
ynh_maintenance_mode_OFF
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression "Upgrade of $app completed"
|