ncp-update: fixes on the new step based upgrade system

Signed-off-by: nachoparker <[email protected]>

changelog.md

@@ -1,5 +1,7 @@
 
-[v1.13.5](https://github.com/nextcloud/nextcloudpi/commit/abba511) (2019-06-29) ncp-web: adjust ipv6 local restrictions
+[v1.13.6](https://github.com/nextcloud/nextcloudpi/commit/0b77407) (2019-06-29) ncp-update: fixes on the new step based upgrade system
+
+[v1.13.5](https://github.com/nextcloud/nextcloudpi/commit/fbdab43) (2019-06-29) ncp-web: adjust ipv6 local restrictions
 
 [v1.13.4 ](https://github.com/nextcloud/nextcloudpi/commit/ce4477c) (2019-06-29) nc-previews: adjust preview sizes
 

etc/library.sh

@@ -92,7 +92,7 @@ function configure_app()
 function run_app()
 {
   local ncp_app=$1
-  local script="$(find "$BINDIR" -name $ncp_app.sh)"
+  local script="$(find "$BINDIR" -name $ncp_app.sh | head -1)"
 
   [[ -f "$script" ]] || { echo "file $script not found"; return 1; }
 
@@ -147,7 +147,7 @@ function is_active_app()
   local script="$bin_dir/$ncp_app.sh"
   local cfg_file="$CFGDIR/$ncp_app.cfg"
 
-  [[ -f "$script" ]] || local script="$(find "$BINDIR" -name $ncp_app.sh)"
+  [[ -f "$script" ]] || local script="$(find "$BINDIR" -name $ncp_app.sh | head -1)"
   [[ -f "$script" ]] || { echo "file $script not found"; return 1; }
 
   # function
@@ -194,7 +194,7 @@ function install_app()
     local script="$ncp_app"
     local ncp_app="$(basename "$script" .sh)"
   else
-    local script="$(find "$BINDIR" -name $ncp_app.sh)"
+    local script="$(find "$BINDIR" -name $ncp_app.sh | head -1)"
   fi
 
   # do it
@@ -234,7 +234,7 @@ function is_more_recent_than()
 {
   local version_A="$1"
   local version_B="$2"
- 
+
   local major_a=$( cut -d. -f1 <<<"$version_A" )
   local minor_a=$( cut -d. -f2 <<<"$version_A" )
   local patch_a=$( cut -d. -f3 <<<"$version_A" )
@@ -250,7 +250,7 @@ function is_more_recent_than()
     return 1
   elif [ "$major_b" -eq "$major_a" ] && [ "$minor_b" -gt "$minor_a" ]; then
     return 1
-  elif [ "$major_b" -eq "$major_a" ] && [ "$minor_b" -eq "$minor_a" ] && [ "$patch_b" -gt "$patch_a" ]; then
+  elif [ "$major_b" -eq "$major_a" ] && [ "$minor_b" -eq "$minor_a" ] && [ "$patch_b" -ge "$patch_a" ]; then
     return 1
   fi
 

run_update_history.sh

@@ -7,15 +7,15 @@ set -e
 source /usr/local/etc/library.sh
 
 # Updates folder contains the "history" of updates
-updates="$1"
-[ -d "$updates" ] || { echo "$updates does not exist. Abort" >&2; exit 1; }
+updates_dir="$1"
+[ -d "$updates_dir" ] || { echo "$updates_dir does not exist. Abort" >&2; exit 1; }
 
 # Get the array of updates dir
 # The files in updates dir are sorted by tag number
 # Files names follow the syntax of a tag: x.y.z.sh
 while read line ; do
   updates_list+=("$line")
-done < <( ls -1 "$updates" | sort -V)
+done < <( ls -1 "$updates_dir" | sort -V)
 
 starting_checkpoint=0
 len=${#updates_list[@]}
@@ -40,7 +40,7 @@ if is_more_recent_than "$latest_checkpoint_version" "$current_version" ; then
 
   # An update is *applicable* when it is more recent than the current version
   # An older update/checkpoint is not *applicable* to our system
-    
+
   lower_bound=0
   upper_bound=$end_of_list
   while [ $lower_bound -le $upper_bound ]; do
@@ -97,12 +97,12 @@ if is_more_recent_than "$latest_checkpoint_version" "$current_version" ; then
   # Starting checkpoint has been found so update the system for the rest updates
 
   for(( i="$starting_checkpoint"; i<="$end_of_list"; i++)); do
-    update_file=${updates_list[i]}
+    update_file=${updates_list[$i]}
     tag_update=$( basename "$update_file" .sh )
     echo -e "Updating system to version $tag_update . . ."
-    ./"$updates"/"$update_file" || exit 1
-    echo -e "System updated successfully to version $tag_update"
+    bash "$updates_dir/$update_file" || exit 1
     echo "v$tag_update" > /usr/local/etc/ncp-version
+    echo -e "System updated successfully to version v$tag_update"
   done
 fi
 

update.sh

@@ -11,6 +11,7 @@
 set -e
 
 CONFDIR=/usr/local/etc/ncp-config.d/
+UPDATESDIR=updates
 
 # don't make sense in a docker container
 EXCL_DOCKER="
@@ -49,8 +50,6 @@ cp etc/library.sh /usr/local/etc/
 
 source /usr/local/etc/library.sh
 
-./run_update_history.sh "updates"
-
 mkdir -p "$CONFDIR"
 
 # prevent installing some ncp-apps in the docker version
@@ -123,6 +122,9 @@ cp -r ncp-app /var/www/
   # update services
   cp docker/{lamp/010lamp,nextcloud/020nextcloud,nextcloudpi/000ncp} /etc/services-enabled.d
 
+  # update old images
+  ./run_update_history.sh "$UPDATESDIR"
+
 }
 
 exit 0

updates/1.10.11.sh → updates/1.13.6.sh

@@ -1,5 +1,7 @@
 #!/bin/bash
 
+set -e
+
 ## BACKWARD FIXES ( for older images )
 
 source /usr/local/etc/library.sh
@@ -24,6 +26,13 @@ EOF
     :
   }
 
+  # remove files that have been moved
+  rm -f "$BINDIR"/CONFIG/nc-notify-updates.sh
+  rm -f "$BINDIR"/TOOLS/nc-update-nc-apps.sh
+  rm -f "$BINDIR"/TOOLS/nc-update-nextcloud.sh
+  rm -f "$BINDIR"/TOOLS/nc-update.sh
+  rm -f "$BINDIR"/{SYSTEM/unattended-upgrades.sh,CONFIG/nc-autoupdate-nc.sh,CONFIG/nc-autoupdate-ncp.sh,CONFIG/nc-update-nc-apps-auto.sh}
+
   # update to the latest version
   is_active_app nc-autoupdate-nc && run_app nc-autoupdate-nc
 
@@ -48,7 +57,7 @@ EOF
   is_active_app nc-update-nc-apps-auto && run_app nc-update-nc-apps-auto
 
   # rework letsencrypt notification
-  USER="$(jq -r '.params[2].value' "$CONFDIR"/letsencrypt.cfg)"
+  USER="$(jq -r '.params[2].value' "$CFGDIR"/letsencrypt.cfg)"
   mkdir -p /etc/letsencrypt/renewal-hooks/deploy/
   cat > /etc/letsencrypt/renewal-hooks/deploy/ncp <<EOF
 #!/bin/bash
@@ -117,9 +126,73 @@ EOF
   # fix logrotate files
   chmod 0444 /etc/logrotate.d/*
 
+  # adjust preview sizes
+  [[ "$(ncc config:system:get preview_max_x)" == "" ]] && {
+    ncc config:app:set previewgenerator squareSizes --value="32 256"
+    ncc config:app:set previewgenerator widthSizes  --value="256 384"
+    ncc config:app:set previewgenerator heightSizes --value="256"
+    ncc config:system:set preview_max_x --value 2048
+    ncc config:system:set preview_max_y --value 2048
+    ncc config:system:set jpeg_quality --value 60
+  }
+
+  # adjust local IPv6
+  cat > /etc/apache2/sites-available/ncp.conf <<EOF
+Listen 4443
+<VirtualHost _default_:4443>
+  DocumentRoot /var/www/ncp-web
+  SSLEngine on
+  SSLCertificateFile      /etc/ssl/certs/ssl-cert-snakeoil.pem
+  SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+  # 2 days to avoid very big backups requests to timeout
+  TimeOut 172800
+
+  <IfModule mod_authnz_external.c>
+    DefineExternalAuth pwauth pipe /usr/sbin/pwauth
+  </IfModule>
+
+</VirtualHost>
+<Directory /var/www/ncp-web/>
+
+  AuthType Basic
+  AuthName "ncp-web login"
+  AuthBasicProvider external
+  AuthExternal pwauth
+
+  SetEnvIf Request_URI "^" noauth
+  SetEnvIf Request_URI "^index\.php$" !noauth
+  SetEnvIf Request_URI "^/$" !noauth
+  SetEnvIf Request_URI "^/wizard/index.php$" !noauth
+  SetEnvIf Request_URI "^/wizard/$" !noauth
+
+  <RequireAll>
+
+   <RequireAny>
+      Require host localhost
+      Require local
+      Require ip 192.168
+      Require ip 172
+      Require ip 10
+      Require ip fd00::/8
+      Require ip fe80::/10
+   </RequireAny>
+
+   <RequireAny>
+      Require env noauth
+      Require user ncp
+   </RequireAny>
+
+  </RequireAll>
+
+</Directory>
+EOF
+
   # remove redundant opcache configuration. Leave until update bug is fixed -> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815968
   # Bug #416 reappeared after we moved to php7.2 and debian buster packages. (keep last)
   [[ "$( ls -l /etc/php/7.2/fpm/conf.d/*-opcache.ini |  wc -l )" -gt 1 ]] && rm "$( ls /etc/php/7.2/fpm/conf.d/*-opcache.ini | tail -1 )"
   [[ "$( ls -l /etc/php/7.2/cli/conf.d/*-opcache.ini |  wc -l )" -gt 1 ]] && rm "$( ls /etc/php/7.2/cli/conf.d/*-opcache.ini | tail -1 )"
 
 } # end - only live updates
+
+exit 0