mirror of
https://github.com/YunoHost-Apps/wordpress_ynh.git
synced 2024-09-03 20:36:10 +02:00
380 lines
14 KiB
Bash
380 lines
14 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# LOAD SETTINGS
|
|
#=================================================
|
|
ynh_script_progression --message="Loading installation settings..." --weight=5
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
|
language=$(ynh_app_setting_get --app=$app --key=language)
|
|
admin_wordpress=$(ynh_app_setting_get --app=$app --key=admin)
|
|
multisite=$(ynh_app_setting_get --app=$app --key=multisite)
|
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
|
|
|
overwrite_nginx=$(ynh_app_setting_get --app=$app --key=overwrite_nginx)
|
|
overwrite_phpfpm=$(ynh_app_setting_get --app=$app --key=overwrite_phpfpm)
|
|
admin_mail_html=$(ynh_app_setting_get --app=$app --key=admin_mail_html)
|
|
|
|
fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
|
|
fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)
|
|
|
|
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
|
|
|
|
#=================================================
|
|
# CHECK VERSION
|
|
#=================================================
|
|
ynh_script_progression --message="Checking version..."
|
|
|
|
upgrade_type=$(ynh_check_app_version_changed)
|
|
|
|
#=================================================
|
|
# STANDARD UPGRADE STEPS
|
|
#=================================================
|
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
#=================================================
|
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=15
|
|
|
|
# Backup the current version of the app
|
|
ynh_backup_before_upgrade
|
|
ynh_clean_setup () {
|
|
# Restore it if the upgrade fails
|
|
ynh_restore_upgradebackup
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
#=================================================
|
|
# ACTIVATE MAINTENANCE MODE
|
|
#=================================================
|
|
ynh_script_progression --message="Activating maintenance mode..." --weight=2
|
|
|
|
ynh_maintenance_mode_ON
|
|
|
|
#=================================================
|
|
# STANDARD UPGRADE STEPS
|
|
#=================================================
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
#=================================================
|
|
ynh_script_progression --message="Ensuring downward compatibility..."
|
|
|
|
if [ -z "$admin_wordpress" ]; then
|
|
ynh_mysql_execute_as_root --sql="select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';" --database=$db_name
|
|
admin_wordpress=$(cat /tmp/wordpressuser)
|
|
ynh_secure_remove --file=/tmp/wordpressuser
|
|
ynh_app_setting_set --app=$app --key=admin --value=$admin_wordpress
|
|
fi
|
|
|
|
# If final_path doesn't exist, create it
|
|
if [ -z "$final_path" ]; then
|
|
final_path=/var/www/$app
|
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
|
fi
|
|
|
|
if [ -z "$language" ]; then
|
|
language=$(grep WPLANG $final_path/wp-config.php | cut -d"'" -f4)
|
|
ynh_app_setting_set --app=$app --key=language --value=$language
|
|
fi
|
|
|
|
# Fix multisite as a boolean
|
|
if [ "${multisite,,}" = "yes" ]; then
|
|
ynh_app_setting_set --app=$app --key=multisite --value=1
|
|
multisite=1
|
|
elif [ "${multisite,,}" = "no" ]; then
|
|
ynh_app_setting_set --app=$app --key=multisite --value=0
|
|
multisite=0
|
|
fi
|
|
|
|
# If db_name doesn't exist, create it
|
|
if [ -z "$db_name" ]; then
|
|
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
|
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
|
fi
|
|
|
|
# If some 'add_filter' are still in wp_config, remove them
|
|
if grep add_filter.*auto_update $final_path/wp-config.php; then
|
|
sed --in-place '/add_filter.*auto_update/d' $final_path/wp-config.php
|
|
fi
|
|
|
|
# If admin_mail_html doesn't exist, create it
|
|
if [ -z "$admin_mail_html" ]; then
|
|
admin_mail_html=1
|
|
ynh_app_setting_set --app=$app --key=admin_mail_html --value=$admin_mail_html
|
|
fi
|
|
|
|
# If overwrite_nginx doesn't exist, create it
|
|
if [ -z "$overwrite_nginx" ]; then
|
|
overwrite_nginx=1
|
|
ynh_app_setting_set $app overwrite_nginx $overwrite_nginx
|
|
fi
|
|
|
|
# If overwrite_phpfpm doesn't exist, create it
|
|
if [ -z "$overwrite_phpfpm" ]; then
|
|
overwrite_phpfpm=1
|
|
ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm
|
|
fi
|
|
|
|
# If fpm_footprint doesn't exist, create it
|
|
if [ -z "$fpm_footprint" ]; then
|
|
fpm_footprint=medium
|
|
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
|
|
fi
|
|
|
|
# If fpm_usage doesn't exist, create it
|
|
if [ -z "$fpm_usage" ]; then
|
|
# If the app is private, set the usage to low, otherwise to high.
|
|
if [ $(ynh_app_setting_get --app=$app --key=is_public) -eq 0 ]
|
|
then
|
|
usage=low
|
|
else
|
|
usage=high
|
|
fi
|
|
fpm_usage=$usage
|
|
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
|
|
fi
|
|
|
|
# If phpversion doesn't exist, create it
|
|
if [ -z "$phpversion" ]; then
|
|
phpversion=$YNH_PHP_VERSION
|
|
ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion
|
|
fi
|
|
|
|
# Replace wp-fail2ban by wp-fail2ban-redux
|
|
ynh_exec_warn_less wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$final_path/wp-cli.phar
|
|
wpcli_alias="php$phpversion $final_path/wp-cli.phar --allow-root --path=$final_path"
|
|
plugin_network=""
|
|
if [ $multisite -eq 1 ]; then
|
|
plugin_network="--network"
|
|
fi
|
|
$wpcli_alias plugin is-installed wp-fail2ban && $wpcli_alias plugin deactivate $plugin_network wp-fail2ban && $wpcli_alias plugin uninstall wp-fail2ban
|
|
$wpcli_alias plugin is-installed wp-fail2ban-redux || $wpcli_alias plugin install wp-fail2ban-redux
|
|
|
|
# Remove old ldap plugin
|
|
$wpcli_alias plugin is-installed simple-ldap-login && $wpcli_alias plugin deactivate $plugin_network simple-ldap-login && $wpcli_alias plugin uninstall simple-ldap-login
|
|
|
|
# Cleaning legacy permissions
|
|
if ynh_legacy_permissions_exists; then
|
|
ynh_legacy_permissions_delete_all
|
|
|
|
ynh_app_setting_delete --app=$app --key=is_public
|
|
fi
|
|
|
|
if ! ynh_permission_exists --permission="admin"; then
|
|
# Create the required permissions
|
|
ynh_permission_create --permission="admin" --url="/wp-login.php" --additional_urls="/wp-admin.php" --allowed=$admin_wordpress
|
|
fi
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
ynh_script_progression --message="Making sure dedicated system user exists..."
|
|
|
|
# Create a dedicated user (if not existing)
|
|
ynh_system_user_create --username=$app --home_dir="$final_path"
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
|
|
# Overwrite the NGINX configuration only if it's allowed
|
|
if [ $overwrite_nginx -eq 1 ]
|
|
then
|
|
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
|
|
ynh_add_nginx_config
|
|
fi
|
|
|
|
#=================================================
|
|
# UPGRADE DEPENDENCIES
|
|
#=================================================
|
|
ynh_script_progression --message="Upgrading dependencies..." --weight=5
|
|
|
|
ynh_install_app_dependencies $pkg_dependencies
|
|
|
|
#=================================================
|
|
# PHP-FPM CONFIGURATION
|
|
#=================================================
|
|
|
|
# Overwrite the PHP-FPM configuration only if it's allowed
|
|
if [ $overwrite_phpfpm -eq 1 ]
|
|
then
|
|
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=4
|
|
# Create a dedicated PHP-FPM config
|
|
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
|
|
fi
|
|
|
|
#=================================================
|
|
# SPECIFIC UPGRADE
|
|
#=================================================
|
|
# SAVE THE CONFIG FILE IF IT HAS BEEN MODIFIED
|
|
#=================================================
|
|
|
|
# Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
|
|
ynh_backup_if_checksum_is_different --file="$final_path/wp-config.php"
|
|
|
|
#=================================================
|
|
# CONFIGURE MULTISITE
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring multisite..." --weight=2
|
|
|
|
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
|
|
|
if [ $multisite -eq 1 ]
|
|
then
|
|
ynh_replace_string --match_string="#--MULTISITE--" --replace_string="" --target_file=/etc/nginx/conf.d/$domain.d/$app.conf
|
|
|
|
ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
|
|
|
|
ynh_systemd_action --service_name=nginx --action=reload
|
|
|
|
db_prefix=$(grep '^$table_prefix' "$final_path/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" )
|
|
|
|
ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/multisite.sql
|
|
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql
|
|
ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/multisite.sql
|
|
|
|
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql
|
|
plugin_network="--network"
|
|
else
|
|
multisite=0
|
|
db_prefix=$(grep '^$table_prefix' "$final_path/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" )
|
|
|
|
ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/single.sql
|
|
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql
|
|
ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/single.sql
|
|
|
|
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql
|
|
plugin_network=""
|
|
if ynh_permission_has_user --permission="main" --user="visitor"
|
|
then
|
|
ynh_replace_string --match_string="//--PUBLIC--define" --replace_string="define" --target_file=$final_path/wp-config.php
|
|
fi
|
|
fi
|
|
ynh_app_setting_set --app=$app --key=multisite --value=$multisite
|
|
|
|
#=================================================
|
|
# UPDATE WORDPRESS PLUGINS
|
|
#=================================================
|
|
ynh_script_progression --message="Updating plugins" --weight=11
|
|
|
|
# wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $final_path/wp-cli.phar
|
|
# wpcli_alias="php$phpversion $final_path/wp-cli.phar --allow-root --path=$final_path"
|
|
update_plugin () {
|
|
( $wpcli_alias plugin is-installed $1 && $wpcli_alias plugin update $1 ) || $wpcli_alias plugin install $1
|
|
}
|
|
update_plugin authldap
|
|
$wpcli_alias plugin activate authldap $plugin_network
|
|
update_plugin companion-auto-update
|
|
$wpcli_alias plugin activate companion-auto-update $plugin_network
|
|
|
|
update_plugin wp-fail2ban-redux
|
|
$wpcli_alias plugin activate wp-fail2ban-redux $plugin_network
|
|
|
|
# Disable broken plugin http-authentication
|
|
$wpcli_alias plugin is-installed http-authentication && $wpcli_alias plugin deactivate http-authentication $plugin_network
|
|
|
|
|
|
# Set file and directories ownership
|
|
mkdir -p $final_path/wp-content/uploads
|
|
mkdir -p $final_path/wp-content/temp
|
|
chown -R $app:www-data "$final_path"
|
|
find "$final_path" -type d -exec chmod 750 {} \;
|
|
find "$final_path" -type f -exec chmod 640 {} \;
|
|
find "$final_path/wp-content/uploads" -type d -exec chmod 770 {} \;
|
|
find "$final_path/wp-content/temp" -type d -exec chmod 770 {} \;
|
|
setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/uploads"
|
|
setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/temp"
|
|
|
|
#=================================================
|
|
# STORE THE CHECKSUM OF THE CONFIG FILE
|
|
#=================================================
|
|
|
|
# Recalculate and store the checksum of the file for the next upgrade.
|
|
ynh_store_file_checksum --file="$final_path/wp-config.php"
|
|
|
|
chmod 400 "$final_path/wp-config.php"
|
|
chown $app:$app "$final_path/wp-config.php"
|
|
|
|
#=================================================
|
|
# CREATE A CRON TASK FOR AUTOMATIC UPDATE
|
|
#=================================================
|
|
|
|
echo "# Reach everyday wp-cron.php to trig the internal WordPress cron.
|
|
0 3 * * * $app php$phpversion $final_path/wp-cron.php" > /etc/cron.d/$app
|
|
|
|
#=================================================
|
|
# GENERIC FINALISATION
|
|
#=================================================
|
|
# UPGRADE FAIL2BAN
|
|
#=================================================
|
|
ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=9
|
|
|
|
# Create a dedicated Fail2Ban config
|
|
ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from <HOST>" --max_retry=5
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
ynh_script_progression --message="Reloading NGINX web server..."
|
|
|
|
ynh_systemd_action --service_name=nginx --action=reload
|
|
|
|
#=================================================
|
|
# REMOVE WP-CLI.PHAR
|
|
#=================================================
|
|
|
|
ynh_secure_remove --file=$final_path/wp-cli.phar
|
|
|
|
#=================================================
|
|
# DEACTIVE MAINTENANCE MODE
|
|
#=================================================
|
|
ynh_script_progression --message="Disabling maintenance mode..." --weight=5
|
|
|
|
ynh_maintenance_mode_OFF
|
|
|
|
#=================================================
|
|
# SEND A README FOR THE ADMIN
|
|
#=================================================
|
|
|
|
# Get main domain and buid the url of the admin panel of the app.
|
|
admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app"
|
|
|
|
# If a html email is required. Apply html to the changelog.
|
|
if [ "$admin_mail_html" -eq 1 ]; then
|
|
format=html
|
|
else
|
|
format=plain
|
|
fi
|
|
ynh_app_changelog --format=$format
|
|
|
|
echo "Please manually trigger updates to major versions in the WordPress admin area.
|
|
You can also activate the automatic update in the Companion Auto Update plugin settings.
|
|
|
|
You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__.
|
|
You can also find some specific actions for this app by using the experimental __URL_TAG1__action feature__URL_TAG2__$admin_panel/actions__URL_TAG3__.
|
|
|
|
If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/wordpress_ynh__URL_TAG3__.
|
|
|
|
---
|
|
|
|
Changelog since your last upgrade:
|
|
$(cat changelog)" > mail_to_send
|
|
|
|
ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="$admin_wordpress" --type=upgrade
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression --message="Upgrade of $app completed" --last
|