#!/bin/bash source _common.sh source /usr/share/yunohost/helpers #================================================= # SPECIAL UPGRADE FOR VERSIONS < 2.0 #================================================= # Removing configuration files with naming that occured in versions < 1.2.0 ("vpnadmin" instead off "$app") if [ -d /var/www/vpnadmin ]; then ynh_safe_rm /var/www/vpnadmin fi # Old stuff if [ -f /etc/nginx/conf.d/*.d/$app.conf ]; then ynh_safe_rm /etc/nginx/conf.d/*.d/$app.conf ynh_systemctl --service="nginx" --action="reload" fi for php_path in $(ls /etc/php/*/fpm/pool.d/$app.conf 2> /dev/null); do ynh_safe_rm "$php_path" done if [ -d /var/www/$app ]; then ynh_safe_rm "/var/www/$app" fi [ -z "${domain:-}" ] || ynh_app_setting_delete domain [ -z "${path:-}" ] || ynh_app_setting_delete path [ -z "${is_public:-}" ] || ynh_app_setting_delete is_public [ -z "${install_dir:-}" ] || ynh_app_setting_delete install_dir if [ -e "/etc/sudoers.d/${app}_ynh" ]; then ynh_safe_rm "/etc/sudoers.d/${app}_ynh" fi if [ -e "/etc/yunohost/hooks.d/90-vpnclient.tpl" ]; then ynh_safe_rm "/etc/yunohost/hooks.d/90-vpnclient.tpl" fi if [ -e "/etc/openvpn/client.conf.tpl" ]; then ynh_safe_rm "/etc/openvpn/client.conf.tpl" fi # Fixing incorrect logrotate config if grep -q -e "/var/log/ynh-vpnclient.log" -e "/var/log/openvpn-client.log" "/etc/logrotate.d/$app"; then ynh_config_remove_logrotate chmod 0755 /var/log chown root:root /var/log fi # New stuff ynh_app_setting_set_default --key="dns_method" --value="custom" default_nameservers="$(grep -o -P '\s*nameserver\s+\K[abcdefabcdef\d.:]+' /etc/resolv.dnsmasq.conf | sort | uniq | paste -s -d, -)" ynh_app_setting_set_default --key="nameservers" --value="$default_nameservers" ynh_app_setting_set_default --key="service_enabled" --value="0" ynh_app_setting_set_default --key="ip6_addr" --value="" ynh_app_setting_set_default --key="ip6_net" --value="" ynh_app_setting_set_default --key="ip6_send_over_tun_enabled" --value="0" #================================================= # UPGRADE FROM BUSTER TO BULLSEYE #================================================= if [ -e "/etc/systemd/system/openvpn@.service" ]; then ynh_safe_rm "/etc/systemd/system/openvpn@.service" fi #================================================= # DEPLOY FILES FROM PACKAGE #================================================= ynh_print_info "Stopping VPN client to apply config changes..." ynh_systemctl --action="stop" --service="$service_checker_name.timer" yunohost service stop $service_name # Keep a copy of existing config files before overwriting them tmp_dir=$(mktemp -d /tmp/vpnclient-upgrade-XXX) for config_file in /etc/openvpn/client.{conf,cube,ovpn}; do if [[ -f "${config_file}" ]]; then cp "${config_file}" "${tmp_dir}/" fi done # Deploy files from package vpnclient_deploy_files_and_services # Generate config file from the uploaded .cube or .ovpn file, if available if [[ -f "$tmp_dir/client.cube" ]] then cp -f "$tmp_dir/client.cube" "$tmp_dir/client.conf" # We copy the config template because it will be modified later cp -f "../conf/openvpn_client.conf.tpl" "$tmp_dir/client.conf.tpl" convert_cube_file "$tmp_dir/client.conf" elif [[ -f "$tmp_dir/client.ovpn" ]] then cp -f "$tmp_dir/client.ovpn" "$tmp_dir/client.conf" convert_ovpn_file "$tmp_dir/client.conf" # In case we didn't keep the uploaded .ovpn file, we create one from the current config... elif [[ -f "$tmp_dir/client.conf" ]] then cp -f "$tmp_dir/client.conf" "$tmp_dir/client.ovpn" convert_ovpn_file "$tmp_dir/client.conf" fi # Restore previously existing config files for config_file in ${tmp_dir}/client.{conf,cube,ovpn}; do if [[ -f "${config_file}" ]]; then cp "${config_file}" /etc/openvpn/ fi done ynh_safe_rm "${tmp_dir}" #================================================= # SERVICE INTEGRATION IN YUNOHOST #================================================= ### Make sure that the yunohost services have a description and need-lock enabled ynh_print_info "Configuring VPN client services..." # main service yunohost service add $service_name --description "Tunnels the internet traffic through a VPN" --need_lock --test_status="systemctl is-active openvpn@client.service" --log "/var/log/$app/ynh-vpnclient.log" ynh_config_add_logrotate # Moving log files from legacy location if [[ -e "/var/log/openvpn-client.log" ]]; then mv "/var/log/openvpn-client.log" "/var/log/$app/" fi if [[ -e "/var/log/openvpn-client.status" ]]; then mv "/var/log/openvpn-client.status" "/var/log/$app/" fi if [[ -e "/var/log/ynh-vpnclient.log" ]]; then mv "/var/log/ynh-vpnclient.log" "/var/log/$app/" fi # checker service (this service was previously integrated in yunohost but we do not do this anymore) if ynh_hide_warnings yunohost service status $service_checker_name >/dev/null then yunohost service remove $service_checker_name fi #================================================= # RESTART RELEVANT SERVICES #================================================= ynh_print_info "Restart services..." # this is meant to propagate the new files and configs yunohost service start $service_name ynh_systemctl --action="start" --service="$service_checker_name.timer" #================================================= # END OF SCRIPT #================================================= ynh_print_info "Upgrade of $app completed"