mirror of
https://github.com/YunoHost-Apps/wordpress_ynh.git
synced 2024-09-03 20:36:10 +02:00
219 lines
7 KiB
Bash
219 lines
7 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC STARTING
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# LOAD SETTINGS
|
|
#=================================================
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
domain=$(ynh_app_setting_get $app domain)
|
|
path_url=$(ynh_app_setting_get $app path)
|
|
admin_wordpress=$(ynh_app_setting_get $app admin)
|
|
language=$(ynh_app_setting_get $app language)
|
|
is_public=$(ynh_app_setting_get $app is_public)
|
|
multisite=$(ynh_app_setting_get $app multisite)
|
|
final_path=$(ynh_app_setting_get $app final_path)
|
|
db_name=$(ynh_app_setting_get $app db_name)
|
|
|
|
#=================================================
|
|
# CHECK VERSION
|
|
#=================================================
|
|
|
|
ynh_abort_if_up_to_date
|
|
|
|
#=================================================
|
|
# ENSURE DOWNWARD COMPATIBILITY
|
|
#=================================================
|
|
|
|
if [ -z "$admin_wordpress" ]; then
|
|
ynh_mysql_execute_as_root "select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';" $db_name
|
|
admin_wordpress=$(cat /tmp/wordpressuser)
|
|
ynh_secure_remove /tmp/wordpressuser
|
|
ynh_app_setting_set $app admin $admin_wordpress
|
|
fi
|
|
|
|
if [ -z "$final_path" ]; then
|
|
final_path=/var/www/$app
|
|
ynh_app_setting_set $app final_path $final_path
|
|
fi
|
|
|
|
if [ -z "$language" ]; then
|
|
language=$(grep WPLANG $final_path/wp-config.php | cut -d"'" -f4)
|
|
ynh_app_setting_set $app language $language
|
|
fi
|
|
|
|
if [ "${is_public,,}" = "yes" ]; then
|
|
ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen
|
|
is_public=1
|
|
elif [ "${is_public,,}" = "no" ]; then
|
|
ynh_app_setting_set $app is_public 0
|
|
is_public=0
|
|
fi
|
|
|
|
if [ "${multisite,,}" = "yes" ]; then
|
|
ynh_app_setting_set $app multisite 1 # Fixe multisite en booléen
|
|
multisite=1
|
|
elif [ "${multisite,,}" = "no" ]; then
|
|
ynh_app_setting_set $app multisite 0
|
|
multisite=0
|
|
fi
|
|
|
|
if [ -z $db_name ]; then # Si db_name n'est pas renseigné dans app setting
|
|
db_name=$(ynh_sanitize_dbid $app)
|
|
ynh_app_setting_set $app db_name $db_name
|
|
fi
|
|
|
|
if grep add_filter.*auto_update $final_path/wp-config.php; then # Si des add_filter demeurent dans le wp-config
|
|
sed --in-place '/add_filter.*auto_update/d' $final_path/wp-config.php
|
|
fi
|
|
|
|
#=================================================
|
|
# STANDARD UPGRADE STEPS
|
|
#=================================================
|
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
#=================================================
|
|
|
|
# Backup the current version of the app
|
|
ynh_backup_before_upgrade
|
|
ynh_clean_setup () {
|
|
# restore it if the upgrade fails
|
|
ynh_restore_upgradebackup
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
#=================================================
|
|
# CHECK THE PATH
|
|
#=================================================
|
|
|
|
# Normalize the URL path syntax
|
|
path_url=$(ynh_normalize_url_path $path_url)
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
|
|
# Create a dedicated nginx config
|
|
if [ "$path_url" != "/" ]
|
|
then
|
|
ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
|
|
fi
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
|
|
# Create the dedicated user, if not exist
|
|
ynh_system_user_create $app
|
|
|
|
#=================================================
|
|
# PHP-FPM CONFIGURATION
|
|
#=================================================
|
|
|
|
# Create a dedicated php-fpm config
|
|
ynh_add_fpm_config
|
|
|
|
#=================================================
|
|
# SPECIFIC UPGRADE
|
|
#=================================================
|
|
# SAVE THE CONFIG FILE IF IT BEEN MODIFIED
|
|
#=================================================
|
|
|
|
# Verify the checksum and backup the file if it's different
|
|
ynh_backup_if_checksum_is_different "$final_path/wp-config.php"
|
|
|
|
#=================================================
|
|
# CONFIGURE MULTISITE
|
|
#=================================================
|
|
|
|
if [ $multisite -eq 1 ]
|
|
then
|
|
ynh_replace_string "#--MULTISITE--" "" /etc/nginx/conf.d/$domain.d/$app.conf
|
|
plugin_network="--network"
|
|
else
|
|
multisite=0
|
|
plugin_network=""
|
|
if [ $is_public -eq 0 ]
|
|
then
|
|
ynh_replace_string "#--PRIVATE--" "" /etc/nginx/conf.d/$domain.d/$app.conf
|
|
else
|
|
ynh_replace_string "//--PUBLIC--define" "define" $final_path/wp-config.php
|
|
fi
|
|
fi
|
|
ynh_app_setting_set $app multisite $multisite
|
|
|
|
#=================================================
|
|
# UPDATE WORDPRESS' PLUGINS
|
|
#=================================================
|
|
|
|
wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $final_path/wp-cli.phar
|
|
wpcli_alias="php $final_path/wp-cli.phar --allow-root --path=$final_path"
|
|
update_plugin () {
|
|
( $wpcli_alias plugin is-installed $1 && $wpcli_alias plugin update $1 ) || $wpcli_alias plugin install $1
|
|
}
|
|
update_plugin simple-ldap-login
|
|
$wpcli_alias plugin activate simple-ldap-login $plugin_network
|
|
update_plugin companion-auto-update
|
|
$wpcli_alias plugin activate companion-auto-update $plugin_network
|
|
update_plugin wp-fail2ban
|
|
$wpcli_alias plugin activate wp-fail2ban $plugin_network
|
|
|
|
# Disable broken plugin http-authentication
|
|
$wpcli_alias plugin is-installed http-authentication && $wpcli_alias plugin deactivate http-authentication
|
|
|
|
#=================================================
|
|
# STORE THE CHECKSUM OF THE CONFIG FILE
|
|
#=================================================
|
|
|
|
# Recalculate and store the config file checksum into the app settings
|
|
ynh_store_file_checksum "$final_path/wp-config.php"
|
|
|
|
#=================================================
|
|
# GENERIC FINALISATION
|
|
#=================================================
|
|
# SECURING FILES AND DIRECTORIES
|
|
#=================================================
|
|
|
|
# Les fichiers appartiennent à l'user wordpress, pour permettre les mises à jour.
|
|
chown -R $app: $final_path
|
|
# Sauf le fichier de config wp-config.php qui appartient à root
|
|
chown root: $final_path/wp-config.php
|
|
|
|
#=================================================
|
|
# UPGRADE FAIL2BAN
|
|
#=================================================
|
|
|
|
ynh_add_fail2ban_config "/var/log/auth.log" "Authentication (attempt for unknown user|failure for) .* from <HOST>" 5
|
|
|
|
#=================================================
|
|
# SETUP SSOWAT
|
|
#=================================================
|
|
|
|
ynh_app_setting_delete $app skipped_uris # Retire le skipped_uris si il existe encore.
|
|
if [ $is_public -eq 0 ]; then # Retire l'accès public
|
|
ynh_app_setting_delete $app unprotected_uris
|
|
else # Ou remplace le skipped_uris par unprotected_uris le cas échéant.
|
|
ynh_app_setting_set $app unprotected_uris "/"
|
|
fi
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
|
|
systemctl reload nginx
|
|
|
|
#=================================================
|
|
# REMOVE WP-CLI.PHAR
|
|
#=================================================
|
|
|
|
ynh_secure_remove $final_path/wp-cli.phar
|