labriqueinternet
/
vpnclient_ynh
miroir de https://github.com/labriqueinternet/vpnclient_ynh


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160
							#!/bin/bash

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# SPECIAL UPGRADE FOR VERSIONS < 2.0
#=================================================

# Removing configuration files with naming that occured in versions < 1.2.0 ("vpnadmin" instead off "$app")
if [ -d /var/www/vpnadmin ]; then
  ynh_safe_rm /var/www/vpnadmin
fi

# Old stuff

if [ -f /etc/nginx/conf.d/*.d/$app.conf ]; then
	ynh_safe_rm /etc/nginx/conf.d/*.d/$app.conf
  ynh_systemctl --service="nginx" --action="reload"
fi

for php_path in $(ls /etc/php/*/fpm/pool.d/$app.conf 2> /dev/null); do
	ynh_safe_rm "$php_path"
done

if [ -d /var/www/$app ]; then
	ynh_safe_rm "/var/www/$app"
fi

[ -z "${domain:-}" ] || ynh_app_setting_delete domain
[ -z "${path:-}" ] || ynh_app_setting_delete path
[ -z "${is_public:-}" ] || ynh_app_setting_delete is_public
[ -z "${install_dir:-}" ] || ynh_app_setting_delete install_dir

if [ -e "/etc/sudoers.d/${app}_ynh" ]; then
  ynh_safe_rm "/etc/sudoers.d/${app}_ynh"
fi

if [ -e "/etc/yunohost/hooks.d/90-vpnclient.tpl" ]; then
  ynh_safe_rm "/etc/yunohost/hooks.d/90-vpnclient.tpl"
fi

if [ -e "/etc/openvpn/client.conf.tpl" ]; then
  ynh_safe_rm "/etc/openvpn/client.conf.tpl"
fi

# New stuff

ynh_app_setting_set_default --key="dns_method" --value="custom"
default_nameservers="$(grep -o -P '\s*nameserver\s+\K[abcdefabcdef\d.:]+' /etc/resolv.dnsmasq.conf | sort | uniq | paste -s -d, -)"
ynh_app_setting_set_default --key="nameservers" --value="$default_nameservers"
ynh_app_setting_set_default --key="service_enabled" --value="0"
ynh_app_setting_set_default --key="ip6_addr" --value=""
ynh_app_setting_set_default --key="ip6_net" --value=""
ynh_app_setting_set_default --key="ip6_send_over_tun_enabled" --value="0"

#=================================================
# UPGRADE FROM BUSTER TO BULLSEYE
#=================================================

if [ -e "/etc/systemd/system/openvpn@.service" ]; then
  ynh_safe_rm "/etc/systemd/system/openvpn@.service"
fi

#=================================================
# DEPLOY FILES FROM PACKAGE
#=================================================

ynh_print_info "Stopping VPN client to apply config changes..."

ynh_systemctl --action="stop" --service="$service_checker_name.timer"
yunohost service stop $service_name

# Moving log files from legacy location
if [[ -e "/var/log/openvpn-client.log" ]]; then
  mkdir -p "/var/log/$app"
  mv "/var/log/openvpn-client.log" "/var/log/$app/"
fi
if [[ -e "/var/log/openvpn-client.status" ]]; then
  mkdir -p "/var/log/$app"
  mv "/var/log/openvpn-client.status" "/var/log/$app/"
fi
if [[ -e "/var/log/ynh-vpnclient.log" ]]; then
  mkdir -p "/var/log/$app"
  mv "/var/log/ynh-vpnclient.log" "/var/log/$app/"
fi
# Fixing incorrect logrotate config
if grep -q -e "/var/log/ynh-vpnclient.log" -e "/var/log/openvpn-client.log" "/etc/logrotate.d/$app"; then
  ynh_config_remove_logrotate
  chmod 0755 /var/log
  chown root:root /var/log
fi

# Keep a copy of existing config files before overwriting them
tmp_dir=$(mktemp -d /tmp/vpnclient-upgrade-XXX)
for config_file in /etc/openvpn/client.{conf,cube,ovpn}; do
  if [[ -f "${config_file}" ]]; then
    cp "${config_file}" "${tmp_dir}/"
  fi
done

# Deploy files from package
vpnclient_deploy_files_and_services

# Generate config file from the uploaded .cube or .ovpn file, if available
if [[ -f "$tmp_dir/client.cube" ]]
then
    cp -f "$tmp_dir/client.cube" "$tmp_dir/client.conf"
    convert_cube_file "$tmp_dir/client.conf"
elif [[ -f "$tmp_dir/client.ovpn" ]]
then
    cp -f "$tmp_dir/client.ovpn" "$tmp_dir/client.conf"
    convert_ovpn_file "$tmp_dir/client.conf"
# In case we didn't keep the uploaded .ovpn file, we create one from the current config...
elif [[ -f "$tmp_dir/client.conf" ]]
then
    cp -f "$tmp_dir/client.conf" "$tmp_dir/client.ovpn"
    convert_ovpn_file "$tmp_dir/client.conf"
fi

# Restore previously existing config files
for config_file in ${tmp_dir}/client.{conf,cube,ovpn}; do
  if [[ -f "${config_file}" ]]; then
    cp "${config_file}" /etc/openvpn/
  fi
done
ynh_safe_rm "${tmp_dir}"

#=================================================
# SERVICE INTEGRATION IN YUNOHOST
#=================================================

### Make sure that the yunohost services have a description and need-lock enabled
ynh_print_info "Configuring VPN client services..."

# main service
yunohost service add $service_name --description "Tunnels the internet traffic through a VPN" --need_lock --test_status="systemctl is-active openvpn@client.service" --log "/var/log/$app/ynh-vpnclient.log"

ynh_config_add_logrotate

# checker service (this service was previously integrated in yunohost but we do not do this anymore)
if ynh_hide_warnings yunohost service status $service_checker_name >/dev/null
then
    yunohost service remove $service_checker_name
fi

#=================================================
# RESTART RELEVANT SERVICES
#=================================================
ynh_print_info "Restart services..."

# this is meant to propagate the new files and configs
yunohost service start $service_name
ynh_systemctl --action="start" --service="$service_checker_name.timer"

#=================================================
# END OF SCRIPT
#=================================================

ynh_print_info "Upgrade of $app completed"