mirror of
https://github.com/YunoHost-Apps/wordpress_ynh.git
synced 2024-09-03 20:36:10 +02:00
215 lines
6.6 KiB
Bash
Executable file
215 lines
6.6 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
#=================================================
|
|
# DISPLAYING
|
|
#=================================================
|
|
|
|
WARNING () { # Écrit sur le canal d'erreur pour passer en warning.
|
|
$@ >&2
|
|
}
|
|
|
|
ALL_QUIET () { # Redirige la sortie standard et d'erreur dans /dev/null
|
|
$@ > /dev/null 2>&1
|
|
}
|
|
|
|
#=================================================
|
|
# BACKUP
|
|
#=================================================
|
|
|
|
HUMAN_SIZE () { # Transforme une taille en Ko en une taille lisible pour un humain
|
|
human=$(numfmt --to=iec --from-unit=1K $1)
|
|
echo $human
|
|
}
|
|
|
|
CHECK_SIZE () { # Vérifie avant chaque backup que l'espace est suffisant
|
|
file_to_analyse=$1
|
|
backup_size=$(du --summarize "$file_to_analyse" | cut -f1)
|
|
free_space=$(df --output=avail "/home/yunohost.backup" | sed 1d)
|
|
|
|
if [ $free_space -le $backup_size ]
|
|
then
|
|
WARNING echo "Espace insuffisant pour sauvegarder $file_to_analyse."
|
|
WARNING echo "Espace disponible: $(HUMAN_SIZE $free_space)"
|
|
ynh_die "Espace nécessaire: $(HUMAN_SIZE $backup_size)"
|
|
fi
|
|
}
|
|
|
|
|
|
#=================================================
|
|
#============= FUTURE YUNOHOST HELPER ============
|
|
#=================================================
|
|
|
|
# Delete a file checksum from the app settings
|
|
#
|
|
# $app should be defined when calling this helper
|
|
#
|
|
# usage: ynh_remove_file_checksum file
|
|
# | arg: file - The file for which the checksum will be deleted
|
|
ynh_delete_file_checksum () {
|
|
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
|
|
ynh_app_setting_delete $app $checksum_setting_name
|
|
}
|
|
|
|
|
|
#=================================================
|
|
# EXPERIMENTAL HELPERS
|
|
#=================================================
|
|
|
|
# Create a dedicated fail2ban config (jail and filter conf files)
|
|
#
|
|
# usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]]
|
|
# | arg: log_file - Log file to be checked by fail2ban
|
|
# | arg: failregex - Failregex to be looked for by fail2ban
|
|
# | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3
|
|
# | arg: ports - Ports blocked for a banned IP address - default: http,https
|
|
ynh_add_fail2ban_config () {
|
|
# Process parameters
|
|
logpath=$1
|
|
failregex=$2
|
|
max_retry=${3:-3}
|
|
ports=${4:-http,https}
|
|
|
|
test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
|
|
test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
|
|
|
|
finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf"
|
|
finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf"
|
|
ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
|
|
ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
|
|
|
|
sudo tee $finalfail2banjailconf <<EOF
|
|
[$app]
|
|
enabled = true
|
|
port = $ports
|
|
filter = $app
|
|
logpath = $logpath
|
|
maxretry = $max_retry
|
|
EOF
|
|
|
|
sudo tee $finalfail2banfilterconf <<EOF
|
|
[INCLUDES]
|
|
before = common.conf
|
|
[Definition]
|
|
failregex = $failregex
|
|
ignoreregex =
|
|
EOF
|
|
|
|
ynh_store_file_checksum "$finalfail2banjailconf"
|
|
ynh_store_file_checksum "$finalfail2banfilterconf"
|
|
|
|
systemctl restart fail2ban
|
|
local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")"
|
|
if [ -n "$fail2ban_error" ]
|
|
then
|
|
echo "[ERR] Fail2ban failed to load the jail for $app" >&2
|
|
echo "WARNING${fail2ban_error#*WARNING}" >&2
|
|
fi
|
|
}
|
|
|
|
# Remove the dedicated fail2ban config (jail and filter conf files)
|
|
#
|
|
# usage: ynh_remove_fail2ban_config
|
|
ynh_remove_fail2ban_config () {
|
|
ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
|
|
ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
|
|
sudo systemctl restart fail2ban
|
|
}
|
|
|
|
#=================================================
|
|
|
|
# Read the value of a key in a ynh manifest file
|
|
#
|
|
# usage: ynh_read_manifest manifest key
|
|
# | arg: manifest - Path of the manifest to read
|
|
# | arg: key - Name of the key to find
|
|
ynh_read_manifest () {
|
|
manifest="$1"
|
|
key="$2"
|
|
python3 -c "import sys, json;print(json.load(open('$manifest'))['$key'])"
|
|
}
|
|
|
|
# Exit without error if the package is up to date
|
|
#
|
|
# This helper should be used to avoid an upgrade of a package
|
|
# when it's not needed.
|
|
#
|
|
# To force an upgrade, even if the package is up to date,
|
|
# you have to set the variable YNH_FORCE_UPGRADE before.
|
|
# example: sudo YNH_FORCE_UPGRADE=1 yunohost app upgrade MyApp
|
|
#
|
|
# usage: ynh_abort_if_up_to_date
|
|
ynh_abort_if_up_to_date () {
|
|
local force_upgrade=${YNH_FORCE_UPGRADE:-0}
|
|
local package_check=${PACKAGE_CHECK_EXEC:-0}
|
|
|
|
local version=$(ynh_read_manifest "/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" "version" || echo 1.0)
|
|
local last_version=$(ynh_read_manifest "../manifest.json" "version" || echo 1.0)
|
|
if [ "$version" = "$last_version" ]
|
|
then
|
|
if [ "$force_upgrade" != "0" ]
|
|
then
|
|
echo "Upgrade forced by YNH_FORCE_UPGRADE." >&2
|
|
unset YNH_FORCE_UPGRADE
|
|
elif [ "$package_check" != "0" ]
|
|
then
|
|
echo "Upgrade forced for package check." >&2
|
|
else
|
|
ynh_die "Up-to-date, nothing to do" 0
|
|
fi
|
|
fi
|
|
}
|
|
|
|
#=================================================
|
|
|
|
# Send an email to inform the administrator
|
|
#
|
|
# usage: ynh_send_readme_to_admin app_message [recipients]
|
|
# | arg: app_message - The message to send to the administrator.
|
|
# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
|
|
# example: "root admin@domain"
|
|
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
|
|
# example: "root admin@domain user1 user2"
|
|
ynh_send_readme_to_admin() {
|
|
local app_message="${1:-...No specific information...}"
|
|
local recipients="${2:-root}"
|
|
|
|
# Retrieve the email of users
|
|
find_mails () {
|
|
local list_mails="$1"
|
|
local mail
|
|
local recipients=" "
|
|
# Read each mail in argument
|
|
for mail in $list_mails
|
|
do
|
|
# Keep root or a real email address as it is
|
|
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
|
|
then
|
|
recipients="$recipients $mail"
|
|
else
|
|
# But replace an user name without a domain after by its email
|
|
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
|
|
then
|
|
recipients="$recipients $mail"
|
|
fi
|
|
fi
|
|
done
|
|
echo "$recipients"
|
|
}
|
|
recipients=$(find_mails "$recipients")
|
|
|
|
local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
|
|
|
|
local mail_message="This is an automated message from your beloved YunoHost server.
|
|
|
|
Specific information for the application $app.
|
|
|
|
$app_message
|
|
|
|
---
|
|
Automatic diagnosis data from YunoHost
|
|
|
|
$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
|
|
|
|
# Send the email to the recipients
|
|
echo "$mail_message" | mail -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
|
|
}
|