Skip to content
Snippets Groups Projects
Normal view Permalink
freedombone-utils-webadmin 4.74 KiB
Newer Older
Bob Mottram's avatar
web admin directory
Bob Mottram committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 
#!/bin/bash
#  _____               _           _
# |   __|___ ___ ___ _| |___ _____| |_ ___ ___ ___
# |   __|  _| -_| -_| . | . |     | . | . |   | -_|
# |__|  |_| |___|___|___|___|_|_|_|___|___|_|_|___|
#
#                              Freedom in the Cloud
#
# Web based administration user interface
#
# License
# =======
#
# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

function install_web_admin {
    # TODO
    # This is intended as a placeholder for a potential local web user interface
    # similar to Plinth or the yunohost admin interface
    local_hostname=$(grep 'host-name' /etc/avahi/avahi-daemon.conf | awk -F '=' '{print $2}').local

    if [ ! -d "/var/www/${local_hostname}/htdocs/admin" ]; then
        mkdir -p "/var/www/${local_hostname}/htdocs/admin"
    fi

    if [ -d "/usr/share/${PROJECT_NAME}/webadmin" ]; then
        cp -r "/usr/share/${PROJECT_NAME}/webadmin"/* "/var/www/${local_hostname}/htdocs/admin"
    else
        { echo '<html>';
          echo '  <body>';
          echo "  This is a placeholder for the web admin panel on ${local_hostname}";
          echo '  </body>';
          echo '</html>'; } > "/var/www/${local_hostname}/htdocs/admin/index.html"
    fi

    nginx_file=/etc/nginx/sites-available/$local_hostname
    { echo 'server {';
      echo '  listen 80 default_server;';
      echo '  #listen [::]:80;';
      echo "  server_name ${local_hostname};";
      echo "  root /var/www/${local_hostname}/htdocs;";
      echo '  index index.html;';
      echo '';
      echo '  access_log /dev/null;';
      echo '  error_log /dev/null;';
      echo '';
      echo '  location ^~ /admin {';
      echo '    root /var/www/cubieboard2.local/htdocs;';
      echo '    index index.html;';
      echo "    error_page 405 = \$uri;";
      echo '  }';
      echo '';
      echo '  location /icons {';
      echo '    autoindex on;';
      echo '    break;';
      echo '  }';
      echo '';
      echo '  rewrite ^/plinth/(.*)$ /api.json last;';
      echo '';
      echo '  location / {';
      echo "    root /var/www/${local_hostname}/htdocs/plinth;";
      echo '    index api.json /api.json;';
      echo "    error_page 405 = \$uri;";
      echo '  }';
      echo '}';
      echo '';
      echo 'server {';
      echo '  listen 443 default_server ssl;';
      echo '  #listen [::]:443 ssl;';
      echo "  server_name ${local_hostname};";
      echo "  root /var/www/${local_hostname}/htdocs;";
      echo '  index index.html;';
      echo '';
      echo '  access_log /dev/null;';
      echo '  error_log /dev/null;';
      echo ''; } > "$nginx_file"

    nginx_ssl "${local_hostname}"
    nginx_security_options "${local_hostname}"

    { echo '  add_header Strict-Transport-Security max-age=0;';
      echo '';
      echo '  location ^~ /admin {';
      echo '    root /var/www/cubieboard2.local/htdocs;';
      echo '    index index.html;';
      echo "    error_page 405 = \$uri;";
      echo '  }';
      echo '';
      echo '  location /icons {';
      echo '    autoindex on;';
      echo '    break;';
      echo '  }';
      echo '';
      echo '  rewrite ^/plinth/(.*)$ /api.json last;';
      echo '';
      echo '  location / {';
      echo "    root /var/www/${local_hostname}/htdocs/plinth;";
      echo '    index api.json /api.json;';
      echo "    error_page 405 = \$uri;";
      echo '  }';
      echo '}'; } >> "$nginx_file"

    if [ ! -f "/etc/ssl/certs/${local_hostname}.crt" ]; then
        "${PROJECT_NAME}-addcert" -h "${local_hostname}" --dhkey "${DH_KEYLENGTH}"
    fi

    sed -i "s|ssl_certificate .*|ssl_certificate /etc/ssl/certs/${local_hostname}.crt;|g" "$nginx_file"
    sed -i "s|ssl_certificate_key .*|ssl_certificate_key /etc/ssl/private/${local_hostname}.key;|g" "$nginx_file"

    nginx_ensite "${local_hostname}"

    # Compatibility with FreedomBox android app
    # The installed apps get published to a json file called api.json
    # in this directory
    if [ ! -d "/var/www/${local_hostname}/htdocs/plinth" ]; then
        mkdir -p "/var/www/${local_hostname}/htdocs/plinth"
    fi

    chown -R www-data:www-data "/var/www/${local_hostname}/htdocs"
}

# NOTE: deliberately no exit 0