-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathupgrade.sh
More file actions
executable file
·135 lines (119 loc) · 3.6 KB
/
upgrade.sh
File metadata and controls
executable file
·135 lines (119 loc) · 3.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#!/usr/bin/env bash
set -euo pipefail
INSTALL_DIR="/opt/quail"
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
FORCE_INTERACTIVE=0
FORCE_NON_INTERACTIVE=0
for arg in "$@"; do
case "${arg}" in
--interactive)
FORCE_INTERACTIVE=1
;;
--non-interactive)
FORCE_NON_INTERACTIVE=1
;;
*)
echo "ERROR: unknown option ${arg}" >&2
exit 1
;;
esac
done
INTERACTIVE=0
if [[ ${FORCE_NON_INTERACTIVE} -eq 1 ]]; then
INTERACTIVE=0
elif [[ ${FORCE_INTERACTIVE} -eq 1 ]]; then
INTERACTIVE=1
elif [[ -t 0 && -z "${CI:-}" ]]; then
INTERACTIVE=1
fi
escape_sed() {
printf '%s' "$1" | sed -e 's/[\/&|]/\\&/g'
}
set_env_var() {
local key="$1"
local value="$2"
local file="/etc/quail/config.env"
local escaped
escaped="$(escape_sed "${value}")"
if grep -q "^${key}=" "${file}"; then
sed -i "s|^${key}=.*|${key}=${escaped}|" "${file}"
else
printf '\n%s=%s\n' "${key}" "${value}" >> "${file}"
fi
}
if [[ ${EUID} -ne 0 ]]; then
echo "ERROR: upgrade.sh must be run as root." >&2
exit 1
fi
if [[ "${SCRIPT_DIR}" != "${INSTALL_DIR}" ]]; then
if [[ ! -d "${INSTALL_DIR}" ]]; then
echo "ERROR: expected Quail repo at ${INSTALL_DIR}." >&2
echo "TODO: clone this repository to ${INSTALL_DIR} before running upgrade." >&2
exit 1
fi
fi
if [[ ! -d "${INSTALL_DIR}/venv" ]]; then
python3 -m venv "${INSTALL_DIR}/venv"
fi
if [[ -f /etc/quail/config.env ]]; then
# shellcheck disable=SC1091
set -a
source /etc/quail/config.env
set +a
fi
reset_pin_now=0
if [[ ${INTERACTIVE} -eq 1 ]]; then
read -r -p "Change admin PIN? [y/N] " input
if [[ "${input}" =~ ^[Yy]$ ]]; then
while true; do
read -r -p "New QUAIL_ADMIN_PIN (4-9 digits): " pin_input
if [[ -z "${pin_input}" ]]; then
echo "PIN cannot be empty." >&2
continue
fi
if [[ ! "${pin_input}" =~ ^[0-9]+$ ]] || [[ ${#pin_input} -lt 4 ]] || [[ ${#pin_input} -gt 9 ]]; then
echo "PIN must be 4-9 digits." >&2
continue
fi
QUAIL_ADMIN_PIN="${pin_input}"
set_env_var "QUAIL_ADMIN_PIN" "${QUAIL_ADMIN_PIN}"
reset_pin_now=1
break
done
fi
fi
if [[ -f /etc/quail/config.env ]]; then
if ! grep -q "^QUAIL_ENABLE_WS=" /etc/quail/config.env; then
printf '\nQUAIL_ENABLE_WS=true\n' >> /etc/quail/config.env
fi
fi
if [[ -z "${QUAIL_DOMAINS:-}" ]]; then
echo "WARNING: QUAIL_DOMAINS is not set in /etc/quail/config.env." >&2
echo "Upgrades will continue, but new installs require this value to be configured." >&2
fi
if [[ "${QUAIL_RESET_PIN:-false}" == "true" || ${reset_pin_now} -eq 1 ]]; then
if [[ -z "${QUAIL_ADMIN_PIN:-}" ]]; then
echo "NOTICE: QUAIL_RESET_PIN is true, but QUAIL_ADMIN_PIN is not set." >&2
echo "Set QUAIL_ADMIN_PIN in /etc/quail/config.env to reset the admin PIN." >&2
elif [[ ! "${QUAIL_ADMIN_PIN}" =~ ^[0-9]+$ ]] || [[ ${#QUAIL_ADMIN_PIN} -lt 4 ]] || [[ ${#QUAIL_ADMIN_PIN} -gt 9 ]]; then
echo "NOTICE: QUAIL_ADMIN_PIN must be 4-9 digits to reset the admin PIN." >&2
else
"${INSTALL_DIR}/venv/bin/python" - <<'PY'
import os
from quail import db, settings
from quail.security import hash_pin
pin = os.getenv("QUAIL_ADMIN_PIN", "")
db_path = settings.get_settings().db_path
db.init_db(db_path)
if pin:
db.set_setting(db_path, "admin_pin_hash", hash_pin(pin))
PY
echo "NOTICE: Admin PIN updated from QUAIL_ADMIN_PIN." >&2
fi
fi
"${INSTALL_DIR}/venv/bin/pip" install --upgrade pip
"${INSTALL_DIR}/venv/bin/pip" install -r "${INSTALL_DIR}/requirements.txt"
systemctl daemon-reload
systemctl restart quail.service
systemctl restart quail-purge.timer
echo "Quail upgrade complete."