pihole_ynh/scripts/upgrade

#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=3

app=$YNH_APP_INSTANCE_NAME

domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
query_logging=$(ynh_app_setting_get --app=$app --key=query_logging)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp)
port=$(ynh_app_setting_get --app=$app --key=port)
pihole_version="$(ynh_app_setting_get --app=$app --key=pihole_version)"

overwrite_setupvars=$(ynh_app_setting_get --app=$app --key=overwrite_setupvars)
overwrite_ftl=$(ynh_app_setting_get --app=$app --key=overwrite_ftl)

#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..." --weight=1

upgrade_type=$(ynh_check_app_version_changed)

#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=7

# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
	# Restore it if the upgrade fails
	ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# ACTIVATE MAINTENANCE MODE
#=================================================
ynh_script_progression --message="Activating maintenance mode..." --weight=1

ynh_maintenance_mode_ON

#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1

# If overwrite_setupvars doesn't exist, create it
if [ -z "$overwrite_setupvars" ]; then
	overwrite_setupvars=1
	ynh_app_setting_set --app=$app --key=overwrite_setupvars --value=$overwrite_setupvars
fi

# If overwrite_ftl doesn't exist, create it
if [ -z "$overwrite_ftl" ]; then
	overwrite_ftl=1
	ynh_app_setting_set --app=$app --key=overwrite_ftl --value=$overwrite_ftl
fi

# If admin_mail_html doesn't exist, create it
if [ -z "$admin_mail_html" ]; then
	admin_mail_html=1
	ynh_app_setting_set --app=$app --key=admin_mail_html --value=$admin_mail_html
fi

# If pihole_version doesn't exist, create it
if [ -z "$pihole_version" ]; then
	pihole_version="Last 3.X"
	ynh_app_setting_set --app=$app --key=pihole_version --value="$pihole_version"
fi

#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1

# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"

#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================

if [ "$upgrade_type" == "UPGRADE_APP" ]
then
	ynh_script_progression --message="Upgrading source files..." --weight=4
	ynh_setup_source --dest_dir="$PI_HOLE_LOCAL_REPO" --source_id="pi-hole_Core"
	ynh_setup_source --dest_dir="$final_path" --source_id=pi-hole_AdminLTE
	FTL_temp_path=$(mktemp -d)
	ynh_setup_source --dest_dir="$FTL_temp_path" --source_id="pi-hole_FTL"
fi

chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"

#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=6

ynh_install_app_dependencies $pkg_dependencies

#=================================================
# PHP-FPM CONFIGURATION
#=================================================

ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=3
# Create a dedicated PHP-FPM config
ynh_add_fpm_config

#=================================================
# NGINX CONFIGURATION
#=================================================

ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
# Create a dedicated NGINX config
ynh_add_nginx_config

#=================================================
# SPECIFIC UPGRADE
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1

ynh_systemd_action --service_name=pihole-FTL --action="stop" --log_path="/var/log/pihole-FTL.log"

#=================================================
# UPDATE PIHOLE-FTL
#=================================================

if [ "$upgrade_type" == "UPGRADE_APP" ]
then
	ynh_script_progression --message="Upgrading PiHole-FTL..." --weight=35

	# Instead of downloading a binary file, we're going to compile it
	( 
		cd "$FTL_temp_path"
		ynh_exec_warn_less cmake .
		ynh_exec_warn_less make
		ynh_exec_warn_less make install
	)
	ynh_secure_remove --file="$FTL_temp_path"
fi

#=================================================
# UPDATE THE SCRIPTS
#=================================================
ynh_script_progression --message="Updating the scripts..." --weight=1

pushd "${PI_HOLE_LOCAL_REPO}"
	install -o "${app}" -Dm755 -d "${PI_HOLE_INSTALL_DIR}"
	install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" gravity.sh
	install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/*.sh
	install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/COL_TABLE
	install -o "${app}" -Dm755 -t "${PI_HOLE_BIN_DIR}" pihole
	install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole
popd

#=================================================
# UPDATE THE CONFIGS
#=================================================
ynh_script_progression --message="Updating the configs..." --weight=1

install -d -m 0755 ${PI_HOLE_CONFIG_DIR}

cp -f "../conf/dns-servers.conf" "$PI_HOLE_CONFIG_DIR/dns-servers.conf"
chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf"

# Overwrite pihole-FTL config file only if it's allowed
if [ $overwrite_ftl -eq 1 ]
then
	ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf"
fi

install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL"

#=================================================
# INSTALL SUDOER FILE
#=================================================
ynh_script_progression --message="Installing sudoer file..." --weight=1

install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole
echo "$app ALL=NOPASSWD: ${PI_HOLE_BIN_DIR}/pihole" >> /etc/sudoers.d/pihole

#=================================================
# UPDATE A CRON JOB
#=================================================
ynh_script_progression --message="Updating a cron job..." --weight=1

install -D -m 644 -T -o root -g root ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.cron /etc/cron.d/pihole

# Randomize gravity update time
ynh_replace_string --match_string="59 1 " --replace_string="$((1 + RANDOM % 58)) $((3 + RANDOM % 2)) " --target_file="/etc/cron.d/pihole"

# Randomize update checker time
ynh_replace_string --match_string="59 17" --replace_string="$((1 + RANDOM % 58)) $((12 + RANDOM % 8))" --target_file="/etc/cron.d/pihole"

# Remove Git usage for version. Which fails because we use here a release instead of master.
ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole

#=================================================
# UPDATE LOGROTATE SCRIPT FOR PI-HOLE
#=================================================
ynh_script_progression --message="Updating logrotate script for PI-HOLE..." --weight=1

install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate "$PI_HOLE_CONFIG_DIR/logrotate"

sed -i "/# su #/d;" "$PI_HOLE_CONFIG_DIR/logrotate"

#=================================================
# DISABLING DNSMASQ
#=================================================
ynh_script_progression --message="Disabling DNSMASQ..." --weight=1

# Last version available
# Stopped dnsmasq to replace it by pihole-FTL
ynh_systemd_action --service_name=dnsmasq --action=stop

# Disable the real dnsmasq service
#ynh_exec_warn_less systemctl disable dnsmasq --quiet

#=================================================
# FINAL EXPORTS
#=================================================

setupVars="$PI_HOLE_CONFIG_DIR/setupVars.conf"

# Overwrite the setupVars config file only if it's allowed
if [ $overwrite_setupvars -eq 1 ]
then
	ynh_script_progression --message="Final exports..." --weight=1

	# Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
	ynh_backup_if_checksum_is_different --file="$setupVars"

	# Get the default network interface
	main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}')
	echo "PIHOLE_INTERFACE=$main_iface" > $setupVars
	echo "IPV4_ADDRESS=127.0.0.1" >> $setupVars
	echo "IPV6_ADDRESS=::1" >> $setupVars
	echo "PIHOLE_DNS_1=" >> $setupVars
	echo "PIHOLE_DNS_2=" >> $setupVars
	if [ $query_logging -eq 1 ]; then
		query_logging=true
	else
		query_logging=false
	fi
	echo "QUERY_LOGGING=$query_logging" >> $setupVars
	echo "INSTALL_WEB=true" >> $setupVars
	echo "BLOCKING_ENABLED=true" >> $setupVars

	# Recalculate and store the checksum of the file for the next upgrade.
	ynh_store_file_checksum --file="$setupVars"
fi

#=================================================
# ENABLING FTL
#=================================================
ynh_script_progression --message="Enable FTL..." --weight=1

ynh_exec_warn_less systemctl enable pihole-FTL --quiet

# Replace the service dnsmasq by pihole-FTL
# That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL
#ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service
systemctl mask dnsmasq.service

# Reload systemd config
systemctl daemon-reload

#=================================================
# CREATE LOG FILES
#=================================================
ynh_script_progression --message="Creating log files..." --weight=1

touch /var/log/{pihole,pihole-FTL}.log
chmod 644 /var/log/{pihole,pihole-FTL}.log
dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2)
chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log

#=================================================
# BUILD THE LISTS WITH GRAVITY
#=================================================
ynh_script_progression --message="Building the lists with Gravity..." --weight=7

cp -f "../conf/adlists.default" "$PI_HOLE_CONFIG_DIR/adlists.list"
ynh_exec_warn_less $PI_HOLE_INSTALL_DIR/gravity.sh --force

#=================================================
# CONFIGURE DNS FOR THE LOCAL DOMAINS
#=================================================
ynh_script_progression --message="Configuring DNS for the local domains..." --weight=7

# Find the IP associated to the network interface
localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1)

# List all YunoHost domains
while read perdomain
do
	# Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution.
	ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts

	# And add a resolution on the local IP instead
	grep -q "^$localipv4.*$perdomain" /etc/hosts || \
		echo "$localipv4	$perdomain #Added by pihole#" >> /etc/hosts
done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')"

#=================================================
# SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE
#=================================================
ynh_script_progression --message="Setting versions for the footer of the web interface..." --weight=1

echo "master master master" > $PI_HOLE_CONFIG_DIR/localbranches
echo "$(ynh_app_upstream_version) $pihole_adminlte_version $pihole_flt_version" | tee $PI_HOLE_CONFIG_DIR/{GitHubVersions,localversions}  > /dev/null

#=================================================
# UPDATE CONF_REGEN HOOK
#=================================================
ynh_script_progression --message="Updating conf_regen hook..." --weight=1

cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app"

systemctl daemon-reload
ynh_exec_warn_less yunohost tools regen-conf dnsmasq

#=================================================
# GENERIC FINALIZATION
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1

yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" --needs_exposed_ports 53 67

#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=2

ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log"

#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1

ynh_systemd_action --service_name=nginx --action=reload

#=================================================
# DEACTIVE MAINTENANCE MODE
#=================================================
ynh_script_progression --message="Disabling maintenance mode..." --weight=5

ynh_maintenance_mode_OFF

#=================================================
# SEND A README FOR THE ADMIN
#=================================================

# Get main domain and buid the url of the admin panel of the app.
admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app"

if [ $enable_dhcp -eq 1 ]
then
	dhcp_alert="You asked to use the internal DHCP server of dnsmasq with Pi-hole.
You should really read the documentation about that, https://github.com/YunoHost-Apps/pihole_ynh/blob/master/dhcp.md

"
else
	dhcp_alert=""
fi

echo "${dhcp_alert}You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__.
You can also find some specific actions for this app by using the experimental __URL_TAG1__action feature__URL_TAG2__$admin_panel/actions__URL_TAG3__.

If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/pihole_ynh__URL_TAG3__.

---

Changelog since your last upgrade:
$(cat changelog)" > mail_to_send

ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="$admin" --type=upgrade

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression --message="Upgrade of $app completed" --last