|
|
@ -12,7 +12,7 @@ source /usr/share/yunohost/helpers |
|
|
|
#================================================= |
|
|
|
# LOAD SETTINGS |
|
|
|
#================================================= |
|
|
|
ynh_script_progression --message="Loading installation settings..." --time --weight=1 |
|
|
|
ynh_script_progression --message="Loading installation settings..." |
|
|
|
|
|
|
|
app=$YNH_APP_INSTANCE_NAME |
|
|
|
|
|
|
@ -36,7 +36,7 @@ upgrade_type=$(ynh_check_app_version_changed) |
|
|
|
#================================================= |
|
|
|
# ENSURE DOWNWARD COMPATIBILITY |
|
|
|
#================================================= |
|
|
|
ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 |
|
|
|
ynh_script_progression --message="Ensuring downward compatibility..." |
|
|
|
|
|
|
|
# Fix is_public as a boolean value |
|
|
|
if [ "$is_public" = "Yes" ]; then |
|
|
@ -56,7 +56,7 @@ fi |
|
|
|
#================================================= |
|
|
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP |
|
|
|
#================================================= |
|
|
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1 |
|
|
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." |
|
|
|
|
|
|
|
# Backup the current version of the app |
|
|
|
ynh_backup_before_upgrade |
|
|
@ -67,18 +67,6 @@ ynh_clean_setup () { |
|
|
|
# Exit if an error occurs during the execution of the script |
|
|
|
ynh_abort_if_errors |
|
|
|
|
|
|
|
#================================================= |
|
|
|
# CHECK THE PATH |
|
|
|
#================================================= |
|
|
|
|
|
|
|
# Normalize the URL path syntax |
|
|
|
# N.B. : this is for app installations before YunoHost 2.7 |
|
|
|
# where this value might be something like /foo/ or foo/ |
|
|
|
# instead of /foo .... |
|
|
|
# If nobody installed your app before 2.7, then you may |
|
|
|
# safely remove this line |
|
|
|
path_url=$(ynh_normalize_url_path --path_url=$path_url) |
|
|
|
|
|
|
|
#================================================= |
|
|
|
# STANDARD UPGRADE STEPS |
|
|
|
#================================================= |
|
|
@ -89,23 +77,20 @@ path_url=$(ynh_normalize_url_path --path_url=$path_url) |
|
|
|
|
|
|
|
if [ "$upgrade_type" == "UPGRADE_APP" ] |
|
|
|
then |
|
|
|
ynh_script_progression --message="Upgrading source files..." --time --weight=1 |
|
|
|
ynh_script_progression --message="Upgrading source files..." |
|
|
|
|
|
|
|
# Remove old version |
|
|
|
ynh_secure_remove --file="$final_path" |
|
|
|
|
|
|
|
# Download, check integrity, uncompress and patch the source from app.src |
|
|
|
ynh_setup_source --dest_dir="$final_path" |
|
|
|
|
|
|
|
# Remove unused directories or files from older release |
|
|
|
ynh_secure_remove --file="$final_path/aide.svg" |
|
|
|
ynh_secure_remove --file="$final_path/favicons" |
|
|
|
ynh_secure_remove --file="$final_path/parinux.png" |
|
|
|
ynh_secure_remove --file="$final_path/phpqrcode" |
|
|
|
ynh_secure_remove --file="$final_path/ubuntu-dl.ttf" |
|
|
|
fi |
|
|
|
|
|
|
|
#================================================= |
|
|
|
# NGINX CONFIGURATION |
|
|
|
#================================================= |
|
|
|
ynh_script_progression --message="Upgrading nginx web server configuration..." --time --weight=1 |
|
|
|
ynh_script_progression --message="Upgrading nginx web server configuration..." |
|
|
|
|
|
|
|
# Create a dedicated nginx config |
|
|
|
ynh_add_nginx_config |
|
|
@ -113,14 +98,14 @@ ynh_add_nginx_config |
|
|
|
#================================================= |
|
|
|
# UPGRADE DEPENDENCIES |
|
|
|
#================================================= |
|
|
|
#ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 |
|
|
|
#ynh_script_progression --message="Upgrading dependencies..." |
|
|
|
|
|
|
|
#ynh_install_app_dependencies $pkg_dependencies |
|
|
|
|
|
|
|
#================================================= |
|
|
|
# CREATE DEDICATED USER |
|
|
|
#================================================= |
|
|
|
ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 |
|
|
|
ynh_script_progression --message="Making sure dedicated system user exists..." |
|
|
|
|
|
|
|
# Create a dedicated user (if not existing) |
|
|
|
ynh_system_user_create --username=$app |
|
|
@ -128,7 +113,7 @@ ynh_system_user_create --username=$app |
|
|
|
#================================================= |
|
|
|
# PHP-FPM CONFIGURATION |
|
|
|
#================================================= |
|
|
|
ynh_script_progression --message="Upgrading php-fpm configuration..." --time --weight=1 |
|
|
|
ynh_script_progression --message="Upgrading php-fpm configuration..." |
|
|
|
|
|
|
|
# Create a dedicated php-fpm config |
|
|
|
ynh_add_fpm_config |
|
|
@ -139,9 +124,9 @@ ynh_add_fpm_config |
|
|
|
|
|
|
|
### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. |
|
|
|
### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. |
|
|
|
ynh_backup_if_checksum_is_different --file="$final_path/options.inc.php" |
|
|
|
ynh_backup_if_checksum_is_different --file="$final_path/config.inc.php" |
|
|
|
# Recalculate and store the checksum of the file for the next upgrade. |
|
|
|
ynh_store_file_checksum --file="$final_path/options.inc.php" |
|
|
|
ynh_store_file_checksum --file="$final_path/config.inc.php" |
|
|
|
|
|
|
|
#================================================= |
|
|
|
# GENERIC FINALIZATION |
|
|
@ -149,26 +134,35 @@ ynh_store_file_checksum --file="$final_path/options.inc.php" |
|
|
|
# SECURE FILES AND DIRECTORIES |
|
|
|
#================================================= |
|
|
|
|
|
|
|
### For security reason, any app should set the permissions to root: before anything else. |
|
|
|
### Then, if write authorization is needed, any access should be given only to directories |
|
|
|
### that really need such authorization. |
|
|
|
|
|
|
|
# Set permissions to app files |
|
|
|
chown -R root:$app $final_path |
|
|
|
chmod -R g+w $final_path |
|
|
|
chown -R root: $final_path |
|
|
|
find $final_path -type f | xargs chmod 644 |
|
|
|
find $final_path -type d | xargs chmod 755 |
|
|
|
|
|
|
|
# For temp subdir, the user must have write permissions |
|
|
|
mkdir -p $final_path/temp |
|
|
|
chown -R $app:root $final_path/temp |
|
|
|
chmod 711 $final_path/temp |
|
|
|
|
|
|
|
#================================================= |
|
|
|
# SETUP SSOWAT |
|
|
|
#================================================= |
|
|
|
ynh_script_progression --message="Upgrading SSOwat configuration..." --time --weight=1 |
|
|
|
ynh_script_progression --message="Upgrading SSOwat configuration..." |
|
|
|
|
|
|
|
# Make app public if necessary |
|
|
|
if [ $is_public -eq 1 ] |
|
|
|
then |
|
|
|
# unprotected_uris allows SSO credentials to be passed anyway |
|
|
|
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" |
|
|
|
ynh_permission_update --permission "main" --add visitors |
|
|
|
fi |
|
|
|
|
|
|
|
#================================================= |
|
|
|
# RELOAD NGINX |
|
|
|
#================================================= |
|
|
|
ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 |
|
|
|
ynh_script_progression --message="Reloading nginx web server..." |
|
|
|
|
|
|
|
ynh_systemd_action --service_name=nginx --action=reload |
|
|
|
|
|
|
@ -176,4 +170,4 @@ ynh_systemd_action --service_name=nginx --action=reload |
|
|
|
# END OF SCRIPT |
|
|
|
#================================================= |
|
|
|
|
|
|
|
ynh_script_progression --message="Upgrade of $app completed" --time --last |
|
|
|
ynh_script_progression --message="Upgrade of $app completed" --last |