aboutsummaryrefslogtreecommitdiff
path: root/scripts/upgrade
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/upgrade')
-rw-r--r--scripts/upgrade27
1 files changed, 24 insertions, 3 deletions
diff --git a/scripts/upgrade b/scripts/upgrade
index fbe9ec7..c906570 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -36,6 +36,8 @@ secret_key_base=$(ynh_app_setting_get "$app" secret_key_base)
otp_secret=$(ynh_app_setting_get "$app" otp_secret)
ldap_user=$(ynh_app_setting_get "$app" ldap_user)
ldap_password=$(ynh_app_setting_get "$app" ldap_password)
+vapid_private_key=$(ynh_app_setting_get "$app" vapid_private_key)
+vapid_public_key=$(ynh_app_setting_get "$app" vapid_public_key)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
@@ -71,19 +73,28 @@ fi
# If paperclip_secret doesn't exist, retrieve it or create it
if [[ -z "$paperclip_secret" ]]; then
- paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
+ paperclip_secret=$(grep -oP "PAPERCLIP_SECRET=\K\w+" test)
+ if [[ -z "$paperclip_secret" ]]; then
+ paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
+ fi
ynh_app_setting_set "$app" paperclip_secret "$paperclip_secret"
fi
# If secret_key_base doesn't exist, retrieve it or create it
if [[ -z "$secret_key_base" ]]; then
- secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
+ secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" test)
+ if [[ -z "$secret_key_base" ]]; then
+ secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
+ fi
ynh_app_setting_set "$app" secret_key_base "$secret_key_base"
fi
# If otp_secret doesn't exist, retrieve it or create it
if [[ -z "$otp_secret" ]]; then
- otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
+ otp_secret=$(grep -oP "OTP_SECRET=\K\w+" test)
+ if [[ -z "$otp_secret" ]]; then
+ otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
+ fi
ynh_app_setting_set "$app" otp_secret "$otp_secret"
fi
@@ -234,6 +245,16 @@ pushd "$final_path/live"
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails db:migrate
popd
+# If vapid_private_key doesn't exist, retrieve it or create it
+if [[ -z "$vapid_private_key" ]]; then
+ sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
+ vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K\w+" "$final_path/live/key.txt")
+ vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K\w+" "$final_path/live/key.txt")
+ ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key"
+ ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key"
+ ynh_secure_remove "$final_path/live/key.txt"
+fi
+
# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum "${final_path}/live/.env.production"
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-12-17 07:53:19 +0000