YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity
yunohost/hooks/conf_regen/10-apt

83 lines
2.4 KiB
Bash
Executable file
Raw Permalink Blame History

#!/bin/bash
set -e
readonly YNH_DEFAULT_PHP_VERSION=7.4
do_pre_regen() {
pending_dir=$1
mkdir --parents "${pending_dir}/etc/apt/preferences.d"
# Add sury
mkdir -p ${pending_dir}/etc/apt/sources.list.d/
echo "deb https://packages.sury.org/php/ $(lsb_release --codename --short) main" > "${pending_dir}/etc/apt/sources.list.d/extra_php_version.list"
# Ban some packages from sury
echo "
Package: php-common
Pin: origin \"packages.sury.org\"
Pin-Priority: 500" >>"${pending_dir}/etc/apt/preferences.d/extra_php_version"
packages_to_refuse_from_sury="php php-* openssl libssl1.1 libssl-dev"
for package in $packages_to_refuse_from_sury; do
echo "
Package: $package
Pin: origin \"packages.sury.org\"
Pin-Priority: -1" >>"${pending_dir}/etc/apt/preferences.d/extra_php_version"
done
echo "
# PLEASE READ THIS WARNING AND DON'T EDIT THIS FILE
# You are probably reading this file because you tried to install apache2 or
# bind9. These 2 packages conflict with YunoHost.
# Installing apache2 will break nginx and break the entire YunoHost ecosystem
# on your server, therefore don't remove those lines!
# You have been warned.
Package: apache2
Pin: release *
Pin-Priority: -1
Package: apache2-bin
Pin: release *
Pin-Priority: -1
# Also bind9 will conflict with dnsmasq.
# Same story as for apache2.
# Don't install it, don't remove those lines.
Package: bind9
Pin: release *
Pin-Priority: -1
" >>"${pending_dir}/etc/apt/preferences.d/ban_packages"
}
do_post_regen() {
regen_conf_files=$1
# Purge expired keys (such as sury 95BD4743)
EXPIRED_KEYS="$(LC_ALL='en_US.UTF-8' apt-key list 2>/dev/null | grep -A1 'expired:' | grep -v 'expired\|^-' | sed 's/\s//g')"
for KEY in $EXPIRED_KEYS; do apt-key del $KEY 2>/dev/null; done
# Add sury key
# We do this only at the post regen and if the key doesn't already exists, because we don't want the regenconf to fuck everything up if the regenconf runs while the network is down
if [[ ! -s /etc/apt/trusted.gpg.d/extra_php_version.gpg ]]
then
wget --timeout 900 --quiet "https://packages.sury.org/php/apt.gpg" --output-document=- | gpg --dearmor >"/etc/apt/trusted.gpg.d/extra_php_version.gpg"
fi
# Make sure php7.4 is the default version when using php in cli
if test -e /usr/bin/php$YNH_DEFAULT_PHP_VERSION
then
update-alternatives --set php /usr/bin/php$YNH_DEFAULT_PHP_VERSION
fi
}
do_$1_regen ${@:2}
Reference in a new issue View git blame Copy permalink