forked from thenewgroup/auto-updates
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsecurity-updates.sh
executable file
·61 lines (50 loc) · 1.58 KB
/
security-updates.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#!/bin/bash
# Place this script in cron and run hourly. To limit this script to only 1 site, set WEB_ROOT to your Drupal root.
#
# To use on multiple sites, set WEB_ROOT at the shared folder for all Drupal sites.
drush=`which drush`
WEB_ROOT="/var/www/"
# Replace with "public_html" if you use a public_html subfolder
PUBLIC_DIR="."
EMAIL="[email protected]"
BACKUP_DIR="$HOME/backups/"
# Create a backup folder if it does not exist.
if [[ ! -d $BACKUP_DIR ]]
then
echo "Creating new backup directory in $BACKUP_DIR"
mkdir -p $BACKUP_DIR
fi
echo "Scanning sites directory for Drupal installations"
cd $WEB_ROOT
for i in $WEB_ROOT/
do
# Handle symlinks
SITE_DIR=$(readlink -f $i)
cd $SITE_DIR
cd $PUBLIC_DIR
# Does the directory have a Drupal site?
SITE_STATUS=$($drush status | wc -l)
if [[ $SITE_STATUS -gt 7 ]]
then
echo "Drupal site found in $(pwd)"
# Make sure status is up to date
drush pm-refresh
# Check for security updates
OUTPUT="$(drush pm-updatestatus --security-only)"
if [[ $OUTPUT == *"UPDATE"* ]]
then
drush vset maintance_mode 1
# Take a backup and if it succeeds, run the update
SITE_NAME=`basename ${i}`
drush sql-dump | gzip > ${BACKUP_DIR}/${SITE_NAME}-pre-sec-update.sql.gz && drush up --security-only -y | mail -s "Your website needs testing" "$EMAIL"
drush vset maintance_mode 0
# Notify stakeholders
echo "A critical security update has been applied to $SITE_NAME. You should test production now."
else
echo "No available security updates"
fi
else
echo "No Drupal site found"
fi
done
echo "Done with Drupal security updates"