upgrade 5.07 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source /usr/share/yunohost/helpers
source _common.sh

#=================================================
# LOAD SETTINGS
#=================================================

app=$YNH_APP_INSTANCE_NAME
17

18
domain=$(ynh_app_setting_get $app domain)
HgO's avatar
HgO committed
19
path=$(ynh_app_setting_get $app path)
20
21
22
23
path_url=$(ynh_app_setting_get $app path_url)
app_user=$(ynh_app_setting_get $app app_user)
www_path=$(ynh_app_setting_get $app www_path)
opt_path=$(ynh_app_setting_get $app opt_path)
24

25
26
27
28
29
30
31
# There are two ways to get the version:
# - before 0.3.0~ynh1: version is only stored in app settings
# - after 0.3.0~ynh1: version is only stored in the manifest
# We don't use ynh_app_upstream_version, because it would return "null"
# when the version isn't in the manifest
manifest=/etc/yunohost/apps/$app/manifest.json
version=$(jq '.version // empty' -r -e $manifest || ynh_app_setting_get $app version)
32

33
34
35
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
36

37
38
39
if [[ -z $www_path ]]; then
  www_path=/var/www/$app
  ynh_app_setting_set $app www_path $www_path
40

41
  mkdir -p $www_path
42
fi
43

44
45
46
if [[ -z $opt_path ]]; then
  opt_path=/opt/$app
  ynh_app_setting_set $app opt_path $opt_path
47

48
  mkdir -p $opt_path
Thomasa Balthazar's avatar
Thomasa Balthazar committed
49
50
fi

51
52
53
54
if [[ -z $app_user ]]; then
  app_user=$app
  ynh_app_setting_set $app app_user $app_user
fi
Thomasa Balthazar's avatar
Thomasa Balthazar committed
55

56
if [[ -z $path_url ]]; then
HgO's avatar
HgO committed
57
  path_url=$path
Thomasa Balthazar's avatar
Thomasa Balthazar committed
58

59
60
61
62
63
64
65
  if [[ -z $path_url ]]; then
    ynh_die "Missing path url!"
  else
    ynh_app_setting_set $app path_url $path_url
  fi
fi

HgO's avatar
HgO committed
66
67
68
69
70
71
if [[ $path_url == */ ]]; then
  # Trim trailing slashes
  path_url=$(sed 's@/*$@@' <<< $path_url)
  ynh_app_setting_set $app path_url $path_url
fi

HgO's avatar
HgO committed
72
73
74
75
76
77
78
# path setting is needed by Yunohost
# when path is empty, Yunohost thinks the app is on the domain root
if [[ "$path" != "$path_url" ]]; then
  path=$path_url
  ynh_app_setting_set $app path $path
fi

79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================

ynh_print_info "Creating backup..."

ynh_backup_before_upgrade
ynh_clean_setup () {
	# restore it if the upgrade fails
	ynh_restore_upgradebackup
}

# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# INSTALL DEPENDENCIES
#=================================================

if [[ $version < "0.3.0~ynh1" ]]; then
  ynh_app_setting_delete $app version
  ynh_system_user_create --username $app_user --home_dir $www_path
103
fi
104

105
106
107
if [[ $version < "0.3.0~ynh4" ]]; then
  ynh_print_info "Removing old dependencies..."
  ynh_remove_app_dependencies virtualenv python3-venv libssl-dev libffi-dev python3-dev
108

109
110
  ynh_print_info "Upgrading dependencies..."
  ynh_install_app_dependencies python3-openssl python3-requests
111
112
113
114
115
116
117
118
119
120
fi

#=================================================
# PULL CHANGES AND SPECIFIC SETUP
#=================================================
# REINSTALL STATIC FILES
#=================================================

ynh_print_info "Installing static site..."

Ilja's avatar
Ilja committed
121
122
rm -rf $www_path
mkdir -p $www_path
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
cp -r ../sources/. $www_path
chown -R $app_user: $www_path

sed -i "s@PATHTOCHANGE@$path_url@g" ../conf/nginx.conf
sed -i "s@ALIASTOCHANGE@$www_path@g" ../conf/nginx.conf

cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf

nginx -tq
service nginx reload

#=================================================
# REINSTALL RENEW CERT
#=================================================

ynh_print_info "Installing automatic VPN certificate renewal..."

renew_cert_repo="https://github.com/neutrinet/renew_cert"
renew_cert_version=$(jq .version ../manifest.json -r -e | cut -d '~' -f 1)
renew_cert_path="$opt_path/renew_cert"
renew_cert_cron_script="renew_cert_cron.sh"

if [[ ! -e $renew_cert_path ]]; then
  git clone $renew_cert_repo $renew_cert_path
147
148
else
  git -C $renew_cert_path fetch -t
149
fi
Thomasa Balthazar's avatar
Thomasa Balthazar committed
150

151
152
153
154
155
156
157
158
159
git -C $renew_cert_path checkout $renew_cert_version

# We wrap the python3 script that actually renew the VPN certificate
# This wrapper will be used as a daily cron task
cp $renew_cert_cron_script $renew_cert_path/$renew_cert_cron_script

ynh_print_info "Setting up permissions"
chown -R $app_user: $opt_path

160
161
chmod 755 $renew_cert_path/$renew_cert_cron_script
chown root: $renew_cert_path/$renew_cert_cron_script
162
163
164
165
166
167
168
169
170
171

#=================================================
# SETTING UP CRONTAB
#=================================================

ynh_print_info "Setting up cron job for renewal..."

cat <<EOF > /etc/cron.daily/$app-renew-cert
#!/bin/bash
cd $renew_cert_path
172
$renew_cert_path/$renew_cert_cron_script
173
174
175
176
177
178
179
180
181
182
183
EOF

chown root:root /etc/cron.daily/$app-renew-cert
chmod 0755 /etc/cron.daily/$app-renew-cert

#=================================================
# FINALIZATION
#=================================================

ynh_print_info "Checking certificates..."
/etc/cron.daily/$app-renew-cert