labriqueinternet
/
vpnclient_ynh
miroir de https://github.com/labriqueinternet/vpnclient_ynh


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139
							#!/bin/bash

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# SPECIAL UPGRADE FOR VERSIONS < 2.0
#=================================================

# Removing configuration files with naming that occured in versions < 1.2.0 ("vpnadmin" instead off "$app")
if [ -d /var/www/vpnadmin ]; then
  ynh_secure_remove /var/www/vpnadmin
fi

# Old stuff

if [ -f /etc/nginx/conf.d/*.d/$app.conf ]; then
	ynh_secure_remove /etc/nginx/conf.d/*.d/$app.conf
    ynh_systemd_action --service_name=nginx --action=reload
fi

for php_path in $(ls /etc/php/*/fpm/pool.d/$app.conf 2> /dev/null); do
	ynh_secure_remove $php_path
done

if [ -d /var/www/$app ]; then
	ynh_secure_remove /var/www/$app
fi

[ -z "${domain:-}" ] || ynh_app_setting_delete $app domain
[ -z "${path:-}" ] || ynh_app_setting_delete $app path
[ -z "${is_public:-}" ] || ynh_app_setting_delete $app is_public
[ -z "${install_dir:-}" ] || ynh_app_setting_delete $app install_dir

if [ -e "/etc/sudoers.d/${app}_ynh" ]; then
  ynh_secure_remove "/etc/sudoers.d/${app}_ynh"
fi

for script_path in $(ls /etc/openvpn/scripts/route-*.d/10-vpnclient-{set-firewall,unset-firewall} 2> /dev/null); do
  ynh_secure_remove "$script_path"
done

if [ -e "/etc/yunohost/hooks.d/90-vpnclient.tpl" ]; then
  ynh_secure_remove "/etc/yunohost/hooks.d/90-vpnclient.tpl"
fi

# New stuff

if [ -z "${dns_method:-}" ]; then
    ynh_app_setting_set --app=$app --key=dns_method --value=custom
fi
if [ -z "${nameservers:-}" ]; then
    nameservers="$(grep -o -P '\s*nameserver\s+\K[abcdefabcdef\d.:]+' /etc/resolv.dnsmasq.conf | sort | uniq | paste -s -d, -)"
    ynh_app_setting_set --app=$app --key=nameservers --value="$nameservers"
fi
if [ -z "${service_enabled:-}" ]; then
    ynh_app_setting_set --app=$app --key=service_enabled --value=0
fi
if [ -z "${ip6_addr:-}" ]; then
    ynh_app_setting_set --app=$app --key=ip6_addr --value=""
fi
if [ -z "${ip6_net:-}" ]; then
    ynh_app_setting_set --app=$app --key=ip6_net --value=""
fi

#=================================================
# UPGRADE FROM BUSTER TO BULLSEYE
#=================================================

if [ -e "/etc/systemd/system/openvpn@.service" ]; then
  ynh_secure_remove "/etc/systemd/system/openvpn@.service"
fi

#=================================================
# DEPLOY FILES FROM PACKAGE
#=================================================

ynh_print_info --message="Stopping VPN client to apply config changes..."

ynh_systemd_action --action="stop" --service_name="$service_checker_name.timer"
yunohost service stop $service_name

# Keep a copy of existing config files before overwriting them
tmp_dir=$(mktemp -d /tmp/vpnclient-upgrade-XXX)
cp -r /etc/openvpn/client* ${tmp_dir}

# Deploy files from package
vpnclient_deploy_files_and_services

# Generate config file from the uploaded .cube or .ovpn file, if available
if [[ -f "$tmp_dir/client.cube" ]]
then
    cp -f "$tmp_dir/client.cube" "$tmp_dir/client.conf"
    convert_cube_file "$tmp_dir/client.conf"
elif [[ -f "$tmp_dir/client.ovpn" ]]
then
    cp -f "$tmp_dir/client.ovpn" "$tmp_dir/client.conf"
    convert_ovpn_file "$tmp_dir/client.conf"
# In case we didn't keep the uploaded .ovpn file, we create one from the current config...
elif [[ -f "$tmp_dir/client.conf" ]]
then
    cp -f "$tmp_dir/client.conf" "$tmp_dir/client.ovpn"
    convert_ovpn_file "$tmp_dir/client.conf"
fi

# Restore previously existing config files
cp -r ${tmp_dir}/client* /etc/openvpn/
ynh_secure_remove ${tmp_dir}

#=================================================
# SERVICE INTEGRATION IN YUNOHOST
#=================================================

### Make sure that the yunohost services have a description and need-lock enabled
ynh_print_info "Configuring VPN client services..."

# main service
yunohost service add $service_name --description "Tunnels the internet traffic through a VPN" --need_lock --test_status="systemctl is-active openvpn@client.service" --log "/var/log/ynh-vpnclient.log"

# checker service (this service was previously integrated in yunohost but we do not do this anymore)
if ynh_exec_warn_less yunohost service status $service_checker_name >/dev/null
then
    yunohost service remove $service_checker_name
fi

#=================================================
# RESTART RELEVANT SERVICES
#=================================================
ynh_print_info "Restart services..."

# this is meant to propagate the new files and configs
yunohost service start $service_name
ynh_systemd_action --action="start" --service_name="$service_checker_name.timer"

#=================================================
# END OF SCRIPT
#=================================================

ynh_print_info "Upgrade of $app completed"