-
Notifications
You must be signed in to change notification settings - Fork 67
/
upgrade
executable file
·369 lines (295 loc) · 15 KB
/
upgrade
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
#!/bin/bash
source _common.sh
source /usr/share/yunohost/helpers
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# Remove the option backup_core_only if it's in the settings.yml file
ynh_app_setting_delete --app=$app --key=backup_core_only
# If phpflags doesn't exist, create it
if [ -z "${phpflags:-}" ]; then
phpflags="--define apc.enable_cli=1"
ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags
fi
if ynh_compare_current_package_version --comparison lt --version 22.2~ynh1
then
ynh_die --message="Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9"
fi
#=================================================
# SPECIFIC UPGRADE
#=================================================
# MAKE SEQUENTIAL UPGRADES FROM EACH MAJOR
# VERSION TO THE NEXT ONE
#=================================================
filter_boring_occ_warnings() {
# Filter stupid and boring messages such as the progress bar looking like:
# 3/3 [============================] 100% Starting ...
# and being pretty much useless, as well as the annoying warning about "only a limited number of commands" etc...
sed -E 's@\s*([0-9]+\/[0-9]+\s+\[(-|>|=)+\]\s+[0-9]+%|\s*Starting ...|Nextcloud or one of the apps require upgrade - only a limited number of commands are available|You may use your browser or the occ upgrade command to do the upgrade)@@g'
}
# Define a function to execute commands with `occ`
exec_occ() {
# Backward compatibility to upgrade from older versions
if [ $current_major_version = "last" ] || [ $current_major_version -ge 26 ]
then
NEXTCLOUD_PHP_VERSION="8.2"
elif [ $current_major_version -ge 24 ]
then
NEXTCLOUD_PHP_VERSION="8.1"
else
NEXTCLOUD_PHP_VERSION="7.4"
fi
# NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies
# will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ...
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then
local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)"
pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}"
# Packaging v1 ~legacy : ynh_install_app_dependencies is designed to be called several times
# but the second time it will *append* the list of dependencies rather than replace the existing dependencies
# resulting in a crash when parsing what's the php version the app uses, hence we need to force the full-replacement
YNH_INSTALL_APP_DEPENDENCIES_REPLACE=true
ynh_install_app_dependencies "$pkg_dependencies"
fi
(cd "$install_dir" && ynh_exec_as "$app" \
php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") 2> >(filter_boring_occ_warnings >&2)
}
# Define a function to add an external storage
# Create the external storage for the given folders and enable sharing
create_external_storage() {
local mount_dir="$1"
local mount_name="$2"
local mount_id=$(exec_occ files_external:create --output=json \
"$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true)
! [[ $mount_id =~ ^[0-9]+$ ]] \
&& ynh_print_warn --message="Unable to create external storage" \
|| exec_occ files_external:option "$mount_id" enable_sharing true
}
function list_installed_apps_not_compatible_with_future_version()
{
local nextcloud_destination_version="$1"
local nextcloud_current_version="$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)"
local installed_apps=$(mktemp)
local core_apps_in_current_version=$(mktemp)
local nextcloud_destination_appcatalog=$(mktemp)
# Run a first "dummy" command just to make sure we have the appropriate php dependencies installed,
# otherwise this creates funky stuff when tweaking the apt deps because the next command is piped into jq ...
exec_occ -V >/dev/null
# List installed apps
exec_occ app:list --output json | jq -r ".enabled | keys[]" | sort > $installed_apps
# Fetch Nextcloud list of core apps from their github repo for the current version
curl -s https://raw.githubusercontent.com/nextcloud/server/v$nextcloud_current_version/core/shipped.json | jq -r '.shippedApps[]' | sort > $core_apps_in_current_version
# Fetch Nextcloud app catalog (doesnt contain core app) for the future version
curl -s https://apps.nextcloud.com/api/v1/platform/$nextcloud_destination_version.0.0/apps.json | jq -r '.[] | .id' | sort > $nextcloud_destination_appcatalog
# Compute set complement, cf https://catonmat.net/set-operations-in-unix-shell
# We want to list the installed apps which are neither core apps nor in the destination catalog
comm -23 <(comm -23 $installed_apps $core_apps_in_current_version) $nextcloud_destination_appcatalog
}
current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
current_major_version=${current_version%%.*}
last_version=$(ynh_read_manifest --manifest_key="resources.sources.main.url" | grep -o '[0-9][0-9]\.[0-9]\.[0-9]')
last_major_version=${last_version%%.*}
if [[ "$last_major_version" != "$current_major_version" ]]
then
installed_apps_not_compatible_with_future_version="$(list_installed_apps_not_compatible_with_future_version $last_major_version)"
if [[ -n "$installed_apps_not_compatible_with_future_version" ]]
then
ynh_die --message="The following apps are not (yet?) compatible with Nextcloud $last_major_version. You should make sure to upgrade the app, or disable it, or wait for it to become compatible before running this upgrade : $installed_apps_not_compatible_with_future_version"
fi
fi
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading $app..." --weight=3
# Set write access for the following commands
chown -R $app: "$install_dir" "$data_dir"
# Print the current version number of Nextcloud
exec_occ -V
if [ "$(exec_occ config:system:get mysql.utf8mb4)" != "true" ]; then
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
# Change your databases character set and collation
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \
<<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
# Set the mysql.utf8mb4 config to true in config.php
exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true"
exec_occ maintenance:repair
fi
# Upgrade may fail if this app is enabled
# Take all apps enabled, and check if mail is one of them
# Then temporary disable the mail app
mail_app_must_be_reactived=0
if exec_occ app:list | awk '/Enabled/{f=1;next} /Disabled/{f=0} f' | grep -q -w mail; then
exec_occ app:disable mail
mail_app_must_be_reactived=1
fi
# While the current version is not the last version, do an upgrade
while [ "$last_version" != "$current_version" ]
do
next_major_version="$(( $current_major_version + 1 ))"
if [[ "$next_major_version" -ge "$last_major_version" ]]; then
ynh_print_info --message="Upgrading to Nextcloud $last_version"
cp -a ../sources/patches_last_version/* ../sources/patches
source_id="main"
else
ynh_print_info --message="Upgrading to Nextcloud $next_major_version"
source_id="$next_major_version"
fi
# Create a temporary directory
tmpdir="$(ynh_smart_mktemp min_size=300)"
ynh_setup_source --dest_dir="$tmpdir" --source_id="$source_id"
# Backup the config file in the temp dir
cp -a "$install_dir/config/config.php" "$tmpdir/config/config.php"
# Enable maintenance mode
exec_occ maintenance:mode --on
# Backup 3rd party applications from the current Nextcloud
# But do not overwrite if there is any upgrade
# (apps directory already exists in Nextcloud archive)
(
cd $install_dir/apps
for nc_app_dir in */
do
if [ ! -d "$tmpdir/apps/$nc_app_dir" ]
then
cp -a "$nc_app_dir" "$tmpdir/apps/$nc_app_dir"
fi
done
)
# Replace the old Nextcloud by the new one
ynh_secure_remove --file="$install_dir"
mv "$tmpdir" "$install_dir"
# Set write access for the following commands
chown -R $app: "$install_dir" "$data_dir"
# Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3)
exec_occ maintenance:mode --off
exec_occ upgrade \
|| [ $? -eq 3 ] || ynh_die --message="Unable to upgrade $app"
# Get the new current version number
current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
current_major_version=${current_version%%.*}
# Print the current version number of Nextcloud
exec_occ -V
done
exec_occ db:add-missing-indices -n
exec_occ db:add-missing-columns -n
exec_occ db:add-missing-primary-keys -n
exec_occ db:convert-filecache-bigint -n
#=================================================
# CONFIGURE NEXTCLOUD
#=================================================
ynh_script_progression --message="Reconfiguring $app..." --weight=9
# Verify the checksum and backup the file if it's different
ynh_backup_if_checksum_is_different --file="$install_dir/config/config.php"
nc_conf="${install_dir}/config.json"
ynh_add_config --template="config.json" --destination="$nc_conf"
# Reneable the mail app
if [ $mail_app_must_be_reactived -eq 1 ]; then
exec_occ app:enable mail
fi
# Ensure that UpdateNotification app is disabled
exec_occ app:disable updatenotification
# Enable LDAP plugin
exec_occ app:enable user_ldap
# Update all installed apps
exec_occ app:update --all
# Load the config file in nextcloud
exec_occ config:import "$nc_conf"
# Then remove the config file
ynh_secure_remove --file="$nc_conf"
#=================================================
# ALLOW USERS TO DISCONNECT FROM NEXTCLOUD
#=================================================
# Add dynamic logout URL to the config
exec_occ config:system:get logout_url >/dev/null 2>&1 \
|| echo "
//-YunoHost-
// set logout_url according to main domain
\$main_domain = exec('cat /etc/yunohost/current_host');
\$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout';
//-YunoHost-
" >> "$install_dir/config/config.php"
#=================================================
# CHANGE HOSTNAME FOR ACTIVITY NOTIFICATIONS
#=================================================
exec_occ config:system:set overwrite.cli.url --value="https://${domain}${path}"
#=================================================
# MOUNT HOME FOLDERS AS EXTERNAL STORAGE
#=================================================
# Enable External Storage and create local mount to home folder as needed
if [ $user_home -eq 1 ]; then
exec_occ app:enable files_external
exec_occ files_external:list --output=json \
| grep -q '"storage":"\\\\OC\\\\Files\\\\Storage\\\\Local"' \
|| create_external_storage "/home/\$user" "Home"
# Iterate over users to extend their home folder permissions
for u in $(ynh_user_list); do
setfacl --modify g:$app:rwx "/home/$u" || true
done
fi
#=================================================
# STORE THE CHECKSUM OF THE CONFIG FILE
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="${install_dir}/config/config.php"
fi
#=================================================
# REGEN PERMISSIONS
#=================================================
ynh_script_progression --message="Reapplying file permissions..." --weight=2
# Fix app ownerships & permissions
chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $install_dir
#=================================================
# REGEN SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2
#-------------------------------------------------
# PHP-FPM
#-------------------------------------------------
ynh_add_fpm_config
#-------------------------------------------------
# NGINX
#-------------------------------------------------
# Delete current NGINX configuration to be able to check if .well-known is already served.
ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_remove_nginx_config
ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf"
# Wait untils NGINX has fully reloaded
ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd"
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi
# Create a dedicated NGINX config
ynh_add_nginx_config
#-------------------------------------------------
# CRON JOB
#-------------------------------------------------
cron_path="/etc/cron.d/$app"
ynh_add_config --template="nextcloud.cron" --destination="$cron_path"
chown root: "$cron_path"
chmod 644 "$cron_path"
exec_occ background:cron
#-------------------------------------------------
# LOGROTATE
#-------------------------------------------------
ynh_use_logrotate --non-append
#-------------------------------------------------
# FAIL2BAN
#-------------------------------------------------
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$data_dir/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last