migrate the SSL certificates path for non-primary certs to a new layout using a new migration script

setup/migrate.py

@@ -0,0 +1,77 @@
+#!/usr/bin/python3
+
+# Migrates any file structures, database schemas, etc. between versions of Mail-in-a-Box.
+
+# We have to be careful here that any dependencies are already installed in the previous
+# version since this script runs before all other aspects of the setup script.
+
+import sys, os, os.path, glob, re, shutil
+
+sys.path.insert(0, 'management')
+from utils import load_environment, save_environment, safe_domain_name
+
+def migration_1(env):
+	# Re-arrange where we store SSL certificates. There was a typo also.
+
+	def move_file(fn, domain_name_escaped, filename):
+		# Moves an SSL-related file into the right place.
+		fn1 = os.path.join( env["STORAGE_ROOT"], 'ssl', domain_name_escaped, file_type)
+		os.makedirs(os.path.dirname(fn1), exist_ok=True)
+		shutil.move(fn, fn1)
+
+	# Migrate the 'domains' directory.
+	for sslfn in glob.glob(os.path.join( env["STORAGE_ROOT"], 'ssl/domains/*' )):
+		fn = os.path.basename(sslfn)
+		m = re.match("(.*)_(certifiate.pem|cert_sign_req.csr|private_key.pem)$", fn)
+		if m:
+			# get the new name for the file
+			domain_name, file_type = m.groups()
+			if file_type == "certifiate.pem": file_type = "ssl_certificate.pem" # typo
+			if file_type == "cert_sign_req.csr": file_type = "certificate_signing_request.csr" # nicer
+			move_file(sslfn, domain_name, file_type)
+
+	# Move the old domains directory if it is now empty.
+	try:
+		os.rmdir(os.path.join( env["STORAGE_ROOT"], 'ssl/domains'))
+	except:
+		pass
+
+if __name__ == "__main__":
+	if not os.access("/etc/mailinabox.conf", os.W_OK, effective_ids=True):
+		print("This script must be run as root.", file=sys.stderr)
+		sys.exit(1)
+
+	env = load_environment()
+
+	ourver = int(env.get("MIGRATIONID", "0"))
+
+	while True:
+		next_ver = (ourver + 1)
+		migration_func = globals().get("migration_%d" % next_ver)
+
+		if not migration_func:
+			# No more migrations to run.
+			break
+
+		print("Running migration to Mail-in-a-Box #%d..." % next_ver)
+
+		try:
+			migration_func(env)
+		except Exception as e:
+			print()
+			print("Error running the migration script:")
+			print()
+			print(e)
+			print()
+			print("Your system may be in an inconsistent state now. We're terribly sorry. A re-install from a backup might be the best way to continue.")
+			sys.exit(1)
+
+		ourver = next_ver
+
+		# Write out our current version now. Do this sooner rather than later
+		# in case of any problems.
+		env["MIGRATIONID"] = ourver
+		save_environment(env)
+
+		# iterate and try next version...
+

setup/start.sh

@@ -28,6 +28,11 @@ fi
 
 # Recall the last settings used if we're running this a second time.
 if [ -f /etc/mailinabox.conf ]; then
+	# Run any system migrations before proceeding. Since this is a second run,
+	# we assume we have Python already installed.
+	setup/migrate.py
+
+	# Okay now load the old .conf file to get existing configuration options.
 	cat /etc/mailinabox.conf | sed s/^/DEFAULT_/ > /tmp/mailinabox.prev.conf
 	source /tmp/mailinabox.prev.conf
 fi