Skip to content
Snippets Groups Projects
Commit 5479d49d authored by Bob Mottram's avatar Bob Mottram
Browse files

More tidying

parent 8848ea40
No related branches found
No related tags found
No related merge requests found
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 3597 additions and 3556 deletions
src/freedombone-app-etherpad
+ 243
240
View file @ 5479d49d
......@@ -41,7 +41,7 @@ ETHERPAD_REPO="https://github.com/ether/etherpad-lite"
ETHERPAD_COMMIT='454f539561a8d9de51ed107a29d974eb79198bc6'
ETHERPAD_ADMIN_PASSWORD=
ETHERPAD_TITLE=$'Freedombone Docs'
ETHERPAD_WELCOME_MESSAGE=$"Welcome to ${ETHERPAD_TITLE}!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!"
ETHERPAD_WELCOME_MESSAGE=$"Welcome to ${ETHERPAD_TITLE}!\\n\\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!"
etherpad_variables=(ONION_ONLY
DEFAULT_DOMAIN_NAME
......@@ -67,109 +67,109 @@ function change_password_etherpad {
read_config_param ETHERPAD_DOMAIN_NAME
if grep -q "\"$change_username\": {" /var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json; then
user_line=$(cat /var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json | grep "\"$change_username\": {")
user_line=$(grep "\"$change_username\": {" "/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json")
if [[ "$user_line" == *"\"is_admin\": true"* ]]; then
sed -i "s|\"$change_username\": {.*|\"$change_username\": { \"password\": "$new_user_password", \"is_admin\": true }|g" /var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json
sed -i "s|\"$change_username\": {.*|\"$change_username\": { \"password\": \"$new_user_password\", \"is_admin\": true }|g" "/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json"
else
sed -i "s|\"$change_username\": {.*|\"$change_username\": { \"password\": "$new_user_password", \"is_admin\": false },|g" /var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json
sed -i "s|\"$change_username\": {.*|\"$change_username\": { \"password\": \"$new_user_password\", \"is_admin\": false },|g" /var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json
fi
${PROJECT_NAME}-pass -u $change_username -a etherpad -p "$2"
"${PROJECT_NAME}-pass" -u "$change_username" -a etherpad -p "$2"
systemctl restart etherpad
fi
}
function etherpad_create_database {
if [ -f $IMAGE_PASSWORD_FILE ]; then
ETHERPAD_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
if [ -f "$IMAGE_PASSWORD_FILE" ]; then
ETHERPAD_ADMIN_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"
else
if [ ! $ETHERPAD_ADMIN_PASSWORD ]; then
ETHERPAD_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
if [ ! "$ETHERPAD_ADMIN_PASSWORD" ]; then
ETHERPAD_ADMIN_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"
fi
fi
if [ ! $ETHERPAD_ADMIN_PASSWORD ]; then
if [ ! "$ETHERPAD_ADMIN_PASSWORD" ]; then
return
fi
function_check create_database
create_database etherpad "$ETHERPAD_ADMIN_PASSWORD" $MY_USERNAME
create_database etherpad "$ETHERPAD_ADMIN_PASSWORD" "$MY_USERNAME"
}
function create_etherpad_settings {
settings_file=/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json
echo '{' > $settings_file
echo " \"title\": \"${ETHERPAD_TITLE}\"," >> $settings_file
echo ' "favicon": "favicon.ico",' >> $settings_file
echo ' "ip": "127.0.0.1",' >> $settings_file
echo " \"port\" : ${ETHERPAD_PORT}," >> $settings_file
echo ' "showSettingsInAdminPage" : true,' >> $settings_file
echo ' "dbType" : "mysql",' >> $settings_file
echo ' "dbSettings" : {' >> $settings_file
echo ' "user" : "root",' >> $settings_file
echo ' "host" : "localhost",' >> $settings_file
echo " \"password\": \"${MARIADB_PASSWORD}\"," >> $settings_file
echo ' "database": "etherpad",' >> $settings_file
echo ' "charset" : "utf8mb4"' >> $settings_file
echo ' },' >> $settings_file
echo " \"defaultPadText\" : \"${ETHERPAD_WELCOME_MESSAGE}\"," >> $settings_file
echo ' "padOptions": {' >> $settings_file
echo ' "noColors": false,' >> $settings_file
echo ' "showControls": true,' >> $settings_file
echo ' "showChat": true,' >> $settings_file
echo ' "showLineNumbers": false,' >> $settings_file
echo ' "useMonospaceFont": false,' >> $settings_file
echo ' "userName": false,' >> $settings_file
echo ' "userColor": true,' >> $settings_file
echo ' "rtl": false,' >> $settings_file
echo ' "alwaysShowChat": true,' >> $settings_file
echo ' "chatAndUsers": true,' >> $settings_file
echo ' "lang": "en-gb"' >> $settings_file
echo ' },' >> $settings_file
echo ' "suppressErrorsInPadText" : true,' >> $settings_file
echo ' "requireSession" : false,' >> $settings_file
echo ' "editOnly" : false,' >> $settings_file
echo ' "sessionNoPassword" : false,' >> $settings_file
echo ' "minify" : true,' >> $settings_file
echo ' "maxAge" : 21600, // 60 * 60 * 6 = 6 hours' >> $settings_file
echo ' "abiword" : null,' >> $settings_file
echo ' "soffice" : null,' >> $settings_file
echo ' "tidyHtml" : null,' >> $settings_file
echo ' "allowUnknownFileEnds" : false,' >> $settings_file
echo ' "requireAuthentication" : true,' >> $settings_file
echo ' "requireAuthorization" : true,' >> $settings_file
echo ' "trustProxy" : false,' >> $settings_file
echo ' "disableIPlogging" : true,' >> $settings_file
echo ' "users": {' >> $settings_file
echo " \"${MY_USERNAME}\": { \"password\": \"${ETHERPAD_ADMIN_PASSWORD}\", \"is_admin\": true }" >> $settings_file
echo ' },' >> $settings_file
echo ' "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],' >> $settings_file
echo ' "loadTest": false,' >> $settings_file
echo ' "indentationOnNewLine": false,' >> $settings_file
echo ' "toolbar": {' >> $settings_file
echo ' "left": [' >> $settings_file
echo ' ["bold", "italic", "underline", "strikethrough"],' >> $settings_file
echo ' ["orderedlist", "unorderedlist", "indent", "outdent"],' >> $settings_file
echo ' ["undo", "redo"],' >> $settings_file
echo ' ["clearauthorship"]' >> $settings_file
echo ' ],' >> $settings_file
echo ' "right": [' >> $settings_file
echo ' ["importexport", "timeslider", "savedrevision"],' >> $settings_file
echo ' ["settings", "embed"],' >> $settings_file
echo ' ["showusers"]' >> $settings_file
echo ' ],' >> $settings_file
echo ' "timeslider": [' >> $settings_file
echo ' ["timeslider_export", "timeslider_returnToPad"]' >> $settings_file
echo ' ]' >> $settings_file
echo ' },' >> $settings_file
echo ' "loglevel": "INFO"' >> $settings_file
echo '}' >> $settings_file
settings_file="/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json"
{ echo '{';
echo " \"title\": \"${ETHERPAD_TITLE}\",";
echo ' "favicon": "favicon.ico",';
echo ' "ip": "127.0.0.1",';
echo " \"port\" : ${ETHERPAD_PORT},";
echo ' "showSettingsInAdminPage" : true,';
echo ' "dbType" : "mysql",';
echo ' "dbSettings" : {';
echo ' "user" : "root",';
echo ' "host" : "localhost",';
echo " \"password\": \"${MARIADB_PASSWORD}\",";
echo ' "database": "etherpad",';
echo ' "charset" : "utf8mb4"';
echo ' },';
echo " \"defaultPadText\" : \"${ETHERPAD_WELCOME_MESSAGE}\",";
echo ' "padOptions": {';
echo ' "noColors": false,';
echo ' "showControls": true,';
echo ' "showChat": true,';
echo ' "showLineNumbers": false,';
echo ' "useMonospaceFont": false,';
echo ' "userName": false,';
echo ' "userColor": true,';
echo ' "rtl": false,';
echo ' "alwaysShowChat": true,';
echo ' "chatAndUsers": true,';
echo ' "lang": "en-gb"';
echo ' },';
echo ' "suppressErrorsInPadText" : true,';
echo ' "requireSession" : false,';
echo ' "editOnly" : false,';
echo ' "sessionNoPassword" : false,';
echo ' "minify" : true,';
echo ' "maxAge" : 21600, // 60 * 60 * 6 = 6 hours';
echo ' "abiword" : null,';
echo ' "soffice" : null,';
echo ' "tidyHtml" : null,';
echo ' "allowUnknownFileEnds" : false,';
echo ' "requireAuthentication" : true,';
echo ' "requireAuthorization" : true,';
echo ' "trustProxy" : false,';
echo ' "disableIPlogging" : true,';
echo ' "users": {';
echo " \"${MY_USERNAME}\": { \"password\": \"${ETHERPAD_ADMIN_PASSWORD}\", \"is_admin\": true }";
echo ' },';
echo ' "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],';
echo ' "loadTest": false,';
echo ' "indentationOnNewLine": false,';
echo ' "toolbar": {';
echo ' "left": [';
echo ' ["bold", "italic", "underline", "strikethrough"],';
echo ' ["orderedlist", "unorderedlist", "indent", "outdent"],';
echo ' ["undo", "redo"],';
echo ' ["clearauthorship"]';
echo ' ],';
echo ' "right": [';
echo ' ["importexport", "timeslider", "savedrevision"],';
echo ' ["settings", "embed"],';
echo ' ["showusers"]';
echo ' ],';
echo ' "timeslider": [';
echo ' ["timeslider_export", "timeslider_returnToPad"]';
echo ' ]';
echo ' },';
echo ' "loglevel": "INFO"';
echo '}'; } > $settings_file
chmod 600 $settings_file
}
......@@ -177,7 +177,7 @@ function remove_user_etherpad {
remove_username="$1"
settings_file=/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json
${PROJECT_NAME}-pass -u $remove_username --rmapp etherpad
"${PROJECT_NAME}-pass" -u "$remove_username" --rmapp etherpad
if grep -q "\"$remove_username\": {" $settings_file; then
sed -i "/\"$remove_username\": {/d" $settings_file
......@@ -191,7 +191,7 @@ function add_user_etherpad {
settings_file=/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json
if ! grep -q "\"$new_username\": {" $settings_file; then
${PROJECT_NAME}-pass -u $new_username -a etherpad -p "$2"
"${PROJECT_NAME}-pass" -u "$new_username" -a etherpad -p "$2"
sed -i "/\"users\": {/a \"$new_username\": { \"password\": \"$new_user_password\", \"is_admin\": false }," $settings_file
if grep -q "\"$new_username\": {" $settings_file; then
systemctl restart etherpad
......@@ -204,11 +204,11 @@ function add_user_etherpad {
}
function install_interactive_etherpad {
if [ ! $ONION_ONLY ]; then
if [ ! "$ONION_ONLY" ]; then
ONION_ONLY='no'
fi
if [[ $ONION_ONLY != "no" ]]; then
if [[ "$ONION_ONLY" != "no" ]]; then
ETHERPAD_DOMAIN_NAME='etherpad.local'
write_config_param "ETHERPAD_DOMAIN_NAME" "$ETHERPAD_DOMAIN_NAME"
else
......@@ -220,18 +220,17 @@ function install_interactive_etherpad {
function etherpad_set_title {
read_config_param "ETHERPAD_TITLE"
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --title $"Etherpad Title" \
--backtitle $"Freedombone Control Panel" \
--inputbox $'Set a title for your etherpad system' 10 60 "$ETHERPAD_TITLE" 2>$data
--inputbox $'Set a title for your etherpad system' 10 60 "$ETHERPAD_TITLE" 2>"$data"
sel=$?
case $sel in
0)
temp_title=$(<$data)
temp_title=$(<"$data")
if [ ${#temp_title} -gt 0 ]; then
ETHERPAD_TITLE="$temp_title"
settings_file=/var/www/$ETHERPAD_DOMAIN_NAME/htdocs/settings.json
settings_file="/var/www/$ETHERPAD_DOMAIN_NAME/htdocs/settings.json"
write_config_param "ETHERPAD_TITLE" "$ETHERPAD_TITLE"
sed -i "s|\"title\":.*|\"title\": \"${ETHERPAD_TITLE}\"|g" $settings_file
......@@ -241,22 +240,22 @@ function etherpad_set_title {
fi
;;
esac
rm -f "$data"
}
function etherpad_set_welcome_message {
read_config_param "ETHERPAD_WELCOME_MESSAGE"
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --title $"Etherpad Welcome Message" \
--backtitle $"Freedombone Control Panel" \
--inputbox $'Set a welcome message, which can include html formatting' 10 60 "$ETHERPAD_WELCOME_MESSAGE" 2>$data
--inputbox $'Set a welcome message, which can include html formatting' 10 60 "$ETHERPAD_WELCOME_MESSAGE" 2>"$data"
sel=$?
case $sel in
0)
temp_welcome=$(<$data)
temp_welcome=$(<"$data")
if [ ${#temp_welcome} -gt 0 ]; then
ETHERPAD_WELCOME_MESSAGE="$temp_welcome"
settings_file=/var/www/$ETHERPAD_DOMAIN_NAME/htdocs/settings.json
settings_file="/var/www/$ETHERPAD_DOMAIN_NAME/htdocs/settings.json"
write_config_param "ETHERPAD_WELCOME_MESSAGE" "$ETHERPAD_WELCOME_MESSAGE"
sed -i "s|\"defaultPadText\" :.*|\"defaultPadText\" : \"${ETHERPAD_WELCOME_MESSAGE}\"|g" $settings_file
......@@ -266,29 +265,33 @@ function etherpad_set_welcome_message {
fi
;;
esac
rm -f "$data"
}
function configure_interactive_etherpad {
while true
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"Etherpad Settings" \
--radiolist $"Choose an operation:" 12 70 3 \
1 $"Set Title" off \
2 $"Set a welcome message" off \
3 $"Exit" on 2> $data
3 $"Exit" on 2> "$data"
sel=$?
case $sel in
1) return;;
255) return;;
1) rm -f "$data"
return;;
255) rm -f "$data"
return;;
esac
case $(cat $data) in
case $(cat "$data") in
1) etherpad_set_title;;
2) etherpad_set_welcome_message;;
3) break;;
3) rm -f "$data"
break;;
esac
rm -f "$data"
done
}
......@@ -311,18 +314,18 @@ function upgrade_etherpad {
function backup_local_etherpad {
ETHERPAD_DOMAIN_NAME='etherpad'
if grep -q "etherpad domain" $COMPLETION_FILE; then
if grep -q "etherpad domain" "$COMPLETION_FILE"; then
ETHERPAD_DOMAIN_NAME=$(get_completion_param "etherpad domain")
fi
source_directory=/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs
if [ -d $source_directory ]; then
if [ -d "$source_directory" ]; then
dest_directory=etherpad
function_check suspend_site
suspend_site ${ETHERPAD_DOMAIN_NAME}
suspend_site "${ETHERPAD_DOMAIN_NAME}"
function_check backup_directory_to_usb
backup_directory_to_usb $source_directory $dest_directory
backup_directory_to_usb "$source_directory" "$dest_directory"
function_check backup_database_to_usb
backup_database_to_usb etherpad
......@@ -333,50 +336,50 @@ function backup_local_etherpad {
}
function restore_local_etherpad {
if ! grep -q "etherpad domain" $COMPLETION_FILE; then
if ! grep -q "etherpad domain" "$COMPLETION_FILE"; then
return
fi
ETHERPAD_DOMAIN_NAME=$(get_completion_param "etherpad domain")
if [ $ETHERPAD_DOMAIN_NAME ]; then
if [ "$ETHERPAD_DOMAIN_NAME" ]; then
temp_restore_dir=/root/tempetherpad
etherpad_dir=/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs
#etherpad_dir="/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs"
function_check etherpad_create_database
etherpad_create_database
restore_database etherpad ${ETHERPAD_DOMAIN_NAME}
restore_database etherpad "${ETHERPAD_DOMAIN_NAME}"
if [ -d $temp_restore_dir ]; then
rm -rf $temp_restore_dir
fi
chown -R etherpad: /var/www/${ETHERPAD_DOMAIN_NAME}/htdocs
if [ -f /etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem ]; then
chown etherpad: /etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem
chown -R etherpad: "/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs"
if [ -f "/etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem" ]; then
chown etherpad: "/etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem"
fi
if [ -f /etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key ]; then
chown etherpad: /etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key
if [ -f "/etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key" ]; then
chown etherpad: "/etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key"
fi
MARIADB_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mariadb)
settings_file=/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json
sed -i "s|\"password\":.*|\"password\": \"${MARIADB_PASSWORD}\",|g" $settings_file
MARIADB_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mariadb)
settings_file="/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json"
sed -i "s|\"password\":.*|\"password\": \"${MARIADB_PASSWORD}\",|g" "$settings_file"
MARIADB_PASSWORD=
fi
}
function backup_remote_etherpad {
if grep -q "etherpad domain" $COMPLETION_FILE; then
if grep -q "etherpad domain" "$COMPLETION_FILE"; then
ETHERPAD_DOMAIN_NAME=$(get_completion_param "etherpad domain")
temp_backup_dir=/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs
if [ -d $temp_backup_dir ]; then
temp_backup_dir="/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs"
if [ -d "$temp_backup_dir" ]; then
function_check suspend_site
suspend_site ${ETHERPAD_DOMAIN_NAME}
suspend_site "${ETHERPAD_DOMAIN_NAME}"
function_check backup_database_to_friend
backup_database_to_friend etherpad
function_check backup_directory_to_friend
backup_directory_to_friend $temp_backup_dir etherpad
backup_directory_to_friend "$temp_backup_dir" etherpad
function_check restart_site
restart_site
......@@ -387,29 +390,29 @@ function backup_remote_etherpad {
}
function restore_remote_etherpad {
if grep -q "etherpad domain" $COMPLETION_FILE; then
if grep -q "etherpad domain" "$COMPLETION_FILE"; then
ETHERPAD_DOMAIN_NAME=$(get_completion_param "etherpad domain")
function_check etherpad_create_database
etherpad_create_database
function_check restore_database_from_friend
restore_database_from_friend etherpad ${ETHERPAD_DOMAIN_NAME}
restore_database_from_friend etherpad "${ETHERPAD_DOMAIN_NAME}"
if [ -d /root/tempetherpad ]; then
rm -rf /root/tempetherpad
fi
chown -R etherpad: /var/www/${ETHERPAD_DOMAIN_NAME}/htdocs
if [ -f /etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem ]; then
chown etherpad: /etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem
chown -R etherpad: "/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs"
if [ -f "/etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem" ]; then
chown etherpad: "/etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem"
fi
if [ -f /etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key ]; then
chown etherpad: /etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key
if [ -f "/etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key" ]; then
chown etherpad: "/etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key"
fi
MARIADB_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mariadb)
settings_file=/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json
sed -i "s|\"password\":.*|\"password\": \"${MARIADB_PASSWORD}\",|g" $settings_file
MARIADB_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mariadb)
settings_file="/var/www/${ETHERPAD_DOMAIN_NAME}/htdocs/settings.json"
sed -i "s|\"password\":.*|\"password\": \"${MARIADB_PASSWORD}\",|g" "$settings_file"
MARIADB_PASSWORD=
fi
}
......@@ -427,13 +430,13 @@ function remove_etherpad {
rm /etc/systemd/system/etherpad.service
fi
systemctl daemon-reload
nginx_dissite $ETHERPAD_DOMAIN_NAME
remove_certs $ETHERPAD_DOMAIN_NAME
if [ -d /var/www/$ETHERPAD_DOMAIN_NAME ]; then
rm -rf /var/www/$ETHERPAD_DOMAIN_NAME
nginx_dissite "$ETHERPAD_DOMAIN_NAME"
remove_certs "$ETHERPAD_DOMAIN_NAME"
if [ -d "/var/www/$ETHERPAD_DOMAIN_NAME" ]; then
rm -rf "/var/www/$ETHERPAD_DOMAIN_NAME"
fi
if [ -f /etc/nginx/sites-available/$ETHERPAD_DOMAIN_NAME ]; then
rm /etc/nginx/sites-available/$ETHERPAD_DOMAIN_NAME
if [ -f "/etc/nginx/sites-available/$ETHERPAD_DOMAIN_NAME" ]; then
rm "/etc/nginx/sites-available/$ETHERPAD_DOMAIN_NAME"
fi
function_check drop_database
drop_database etherpad
......@@ -441,7 +444,7 @@ function remove_etherpad {
remove_onion_service etherpad ${ETHERPAD_ONION_PORT}
remove_app etherpad
remove_completion_param install_etherpad
sed -i '/etherpad/d' $COMPLETION_FILE
sed -i '/etherpad/d' "$COMPLETION_FILE"
remove_backup_database_local etherpad
remove_nodejs etherpad
......@@ -449,22 +452,22 @@ function remove_etherpad {
userdel -r etherpad
function_check remove_ddns_domain
remove_ddns_domain $ETHERPAD_DOMAIN_NAME
remove_ddns_domain "$ETHERPAD_DOMAIN_NAME"
}
function install_etherpad {
if [ ! $ETHERPAD_DOMAIN_NAME ]; then
if [ ! "$ETHERPAD_DOMAIN_NAME" ]; then
echo $'No domain name was given for etherpad'
exit 7359
fi
check_ram_availability 2000
if [ -f $IMAGE_PASSWORD_FILE ]; then
ETHERPAD_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
if [ -f "$IMAGE_PASSWORD_FILE" ]; then
ETHERPAD_ADMIN_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"
else
if [ ! $ETHERPAD_ADMIN_PASSWORD ]; then
ETHERPAD_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
if [ ! "$ETHERPAD_ADMIN_PASSWORD" ]; then
ETHERPAD_ADMIN_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"
fi
fi
......@@ -484,133 +487,133 @@ function install_etherpad {
function_check install_nodejs
install_nodejs etherpad
if [ ! -d /var/www/$ETHERPAD_DOMAIN_NAME ]; then
mkdir /var/www/$ETHERPAD_DOMAIN_NAME
if [ ! -d "/var/www/$ETHERPAD_DOMAIN_NAME" ]; then
mkdir "/var/www/$ETHERPAD_DOMAIN_NAME"
fi
if [ ! -d /var/www/$ETHERPAD_DOMAIN_NAME/htdocs ]; then
if [ ! -d "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs" ]; then
if [ -d /repos/etherpad ]; then
mkdir /var/www/$ETHERPAD_DOMAIN_NAME/htdocs
cp -r -p /repos/etherpad/. /var/www/$ETHERPAD_DOMAIN_NAME/htdocs
cd /var/www/$ETHERPAD_DOMAIN_NAME/htdocs
mkdir "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs"
cp -r -p /repos/etherpad/. "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs"
cd "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs" || exit 32468346
git pull
else
function_check git_clone
git_clone $ETHERPAD_REPO /var/www/$ETHERPAD_DOMAIN_NAME/htdocs
git_clone "$ETHERPAD_REPO" "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs"
fi
if [ ! -d /var/www/$ETHERPAD_DOMAIN_NAME/htdocs ]; then
if [ ! -d "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs" ]; then
echo $'Unable to clone etherpad repo'
exit 56382
fi
fi
cd /var/www/$ETHERPAD_DOMAIN_NAME/htdocs
git checkout $ETHERPAD_COMMIT -b $ETHERPAD_COMMIT
cd "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs" || exit 24654824
git checkout "$ETHERPAD_COMMIT" -b "$ETHERPAD_COMMIT"
set_completion_param "etherpad commit" "$ETHERPAD_COMMIT"
chmod a+w /var/www/$ETHERPAD_DOMAIN_NAME/htdocs
chown www-data:www-data /var/www/$ETHERPAD_DOMAIN_NAME/htdocs
chmod a+w "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs"
chown www-data:www-data "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs"
function_check etherpad_create_database
etherpad_create_database
function_check add_ddns_domain
add_ddns_domain $ETHERPAD_DOMAIN_NAME
add_ddns_domain "$ETHERPAD_DOMAIN_NAME"
create_etherpad_settings
adduser --system --home=/var/www/$ETHERPAD_DOMAIN_NAME/htdocs/ --group etherpad
chown -R etherpad: /var/www/$ETHERPAD_DOMAIN_NAME/htdocs/
echo '[Unit]' > /etc/systemd/system/etherpad.service
echo 'Description=etherpad-lite (real-time collaborative document editing)' >> /etc/systemd/system/etherpad.service
echo 'After=syslog.target network.target' >> /etc/systemd/system/etherpad.service
echo '' >> /etc/systemd/system/etherpad.service
echo '[Service]' >> /etc/systemd/system/etherpad.service
echo 'Type=simple' >> /etc/systemd/system/etherpad.service
echo 'User=etherpad' >> /etc/systemd/system/etherpad.service
echo 'Group=etherpad' >> /etc/systemd/system/etherpad.service
echo "WorkingDirectory=/var/www/$ETHERPAD_DOMAIN_NAME/htdocs" >> /etc/systemd/system/etherpad.service
echo "ExecStart=/var/www/$ETHERPAD_DOMAIN_NAME/htdocs/bin/run.sh" >> /etc/systemd/system/etherpad.service
echo 'Restart=on-failure' >> /etc/systemd/system/etherpad.service
echo 'SuccessExitStatus=3 4' >> /etc/systemd/system/etherpad.service
echo 'RestartForceExitStatus=3 4' >> /etc/systemd/system/etherpad.service
echo '' >> /etc/systemd/system/etherpad.service
echo '[Install]' >> /etc/systemd/system/etherpad.service
echo 'WantedBy=multi-user.target' >> /etc/systemd/system/etherpad.service
adduser --system --home="/var/www/$ETHERPAD_DOMAIN_NAME/htdocs/" --group etherpad
chown -R etherpad: "/var/www/$ETHERPAD_DOMAIN_NAME/htdocs/"
{ echo '[Unit]';
echo 'Description=etherpad-lite (real-time collaborative document editing)';
echo 'After=syslog.target network.target';
echo '';
echo '[Service]';
echo 'Type=simple';
echo 'User=etherpad';
echo 'Group=etherpad';
echo "WorkingDirectory=/var/www/$ETHERPAD_DOMAIN_NAME/htdocs";
echo "ExecStart=/var/www/$ETHERPAD_DOMAIN_NAME/htdocs/bin/run.sh";
echo 'Restart=on-failure';
echo 'SuccessExitStatus=3 4';
echo 'RestartForceExitStatus=3 4';
echo '';
echo '[Install]';
echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/etherpad.service
chmod +x /etc/systemd/system/etherpad.service
etherpad_nginx_site=/etc/nginx/sites-available/$ETHERPAD_DOMAIN_NAME
if [[ $ONION_ONLY == "no" ]]; then
function_check nginx_http_redirect
nginx_http_redirect $ETHERPAD_DOMAIN_NAME
echo 'server {' >> $etherpad_nginx_site
echo ' listen 443 ssl;' >> $etherpad_nginx_site
echo ' #listen [::]:443 ssl;' >> $etherpad_nginx_site
echo " server_name $ETHERPAD_DOMAIN_NAME;" >> $etherpad_nginx_site
echo '' >> $etherpad_nginx_site
echo ' # Security' >> $etherpad_nginx_site
nginx_http_redirect "$ETHERPAD_DOMAIN_NAME"
{ echo 'server {';
echo ' listen 443 ssl;';
echo ' #listen [::]:443 ssl;';
echo " server_name $ETHERPAD_DOMAIN_NAME;";
echo '';
echo ' # Security'; } >> "$etherpad_nginx_site"
function_check nginx_ssl
nginx_ssl $ETHERPAD_DOMAIN_NAME
nginx_ssl "$ETHERPAD_DOMAIN_NAME"
function_check nginx_disable_sniffing
nginx_disable_sniffing $ETHERPAD_DOMAIN_NAME
echo ' add_header Strict-Transport-Security max-age=15768000;' >> $etherpad_nginx_site
echo '' >> $etherpad_nginx_site
echo ' # Logs' >> $etherpad_nginx_site
echo ' access_log /dev/null;' >> $etherpad_nginx_site
echo ' error_log /dev/null;' >> $etherpad_nginx_site
echo '' >> $etherpad_nginx_site
echo ' # Root' >> $etherpad_nginx_site
echo " root /var/www/$ETHERPAD_DOMAIN_NAME/htdocs;" >> $etherpad_nginx_site
echo '' >> $etherpad_nginx_site
echo ' location / {' >> $etherpad_nginx_site
nginx_disable_sniffing "$ETHERPAD_DOMAIN_NAME"
{ echo ' add_header Strict-Transport-Security max-age=15768000;';
echo '';
echo ' # Logs';
echo ' access_log /dev/null;';
echo ' error_log /dev/null;';
echo '';
echo ' # Root';
echo " root /var/www/$ETHERPAD_DOMAIN_NAME/htdocs;";
echo '';
echo ' location / {'; } >> "$etherpad_nginx_site"
function_check nginx_limits
nginx_limits $ETHERPAD_DOMAIN_NAME '15m'
echo " proxy_pass http://localhost:${ETHERPAD_PORT}/;" >> $etherpad_nginx_site
echo ' proxy_set_header Host $host;' >> $etherpad_nginx_site
echo ' proxy_buffering off;' >> $etherpad_nginx_site
echo ' }' >> $etherpad_nginx_site
echo '}' >> $etherpad_nginx_site
nginx_limits "$ETHERPAD_DOMAIN_NAME" '15m'
{ echo " proxy_pass http://localhost:${ETHERPAD_PORT}/;";
echo " proxy_set_header Host \$host;";
echo ' proxy_buffering off;';
echo ' }';
echo '}'; } >> "$etherpad_nginx_site"
else
echo -n '' > $etherpad_nginx_site
echo -n '' > "$etherpad_nginx_site"
fi
echo 'server {' >> $etherpad_nginx_site
echo " listen 127.0.0.1:$ETHERPAD_ONION_PORT default_server;" >> $etherpad_nginx_site
echo " server_name $ETHERPAD_DOMAIN_NAME;" >> $etherpad_nginx_site
echo '' >> $etherpad_nginx_site
{ echo 'server {';
echo " listen 127.0.0.1:$ETHERPAD_ONION_PORT default_server;";
echo " server_name $ETHERPAD_ONION_HOSTNAME;";
echo ''; } >> "$etherpad_nginx_site"
function_check nginx_disable_sniffing
nginx_disable_sniffing $ETHERPAD_DOMAIN_NAME
echo '' >> $etherpad_nginx_site
echo ' # Logs' >> $etherpad_nginx_site
echo ' access_log /dev/null;' >> $etherpad_nginx_site
echo ' error_log /dev/null;' >> $etherpad_nginx_site
echo '' >> $etherpad_nginx_site
echo ' # Root' >> $etherpad_nginx_site
echo " root /var/www/$ETHERPAD_DOMAIN_NAME/htdocs;" >> $etherpad_nginx_site
echo '' >> $etherpad_nginx_site
echo ' location / {' >> $etherpad_nginx_site
nginx_disable_sniffing "$ETHERPAD_DOMAIN_NAME"
{ echo '';
echo ' # Logs';
echo ' access_log /dev/null;';
echo ' error_log /dev/null;';
echo '';
echo ' # Root';
echo " root /var/www/$ETHERPAD_DOMAIN_NAME/htdocs;";
echo '';
echo ' location / {'; } >> "$etherpad_nginx_site"
function_check nginx_limits
nginx_limits $ETHERPAD_DOMAIN_NAME '15m'
echo " proxy_pass http://localhost:${ETHERPAD_PORT}/;" >> $etherpad_nginx_site
echo ' proxy_set_header Host $host;' >> $etherpad_nginx_site
echo ' proxy_buffering off;' >> $etherpad_nginx_site
echo ' }' >> $etherpad_nginx_site
echo '}' >> $etherpad_nginx_site
nginx_limits "$ETHERPAD_DOMAIN_NAME" '15m'
{ echo " proxy_pass http://localhost:${ETHERPAD_PORT}/;";
echo " proxy_set_header Host \$host;";
echo ' proxy_buffering off;';
echo ' }';
echo '}'; } >> "$etherpad_nginx_site"
function_check create_site_certificate
create_site_certificate $ETHERPAD_DOMAIN_NAME 'yes'
create_site_certificate "$ETHERPAD_DOMAIN_NAME" 'yes'
if [ -f /etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.crt ]; then
mv /etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.crt /etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem
if [ -f "/etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.crt" ]; then
mv "/etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.crt" "/etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem"
fi
if [ -f /etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem ]; then
chown etherpad: /etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem
if [ -f "/etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem" ]; then
chown etherpad: "/etc/ssl/certs/${ETHERPAD_DOMAIN_NAME}.pem"
fi
if [ -f /etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key ]; then
chown etherpad: /etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key
if [ -f "/etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key" ]; then
chown etherpad: "/etc/ssl/private/${ETHERPAD_DOMAIN_NAME}.key"
fi
usermod -a -G ssl-cert etherpad
......@@ -623,14 +626,14 @@ function install_etherpad {
backup_database_local etherpad
function_check nginx_ensite
nginx_ensite $ETHERPAD_DOMAIN_NAME
nginx_ensite "$ETHERPAD_DOMAIN_NAME"
ETHERPAD_ONION_HOSTNAME=$(add_onion_service etherpad 80 ${ETHERPAD_ONION_PORT})
${PROJECT_NAME}-pass -u $MY_USERNAME -a etherpad -p "$ETHERPAD_ADMIN_PASSWORD"
"${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a etherpad -p "$ETHERPAD_ADMIN_PASSWORD"
function_check add_ddns_domain
add_ddns_domain $ETHERPAD_DOMAIN_NAME
add_ddns_domain "$ETHERPAD_DOMAIN_NAME"
set_completion_param "etherpad domain" "$ETHERPAD_DOMAIN_NAME"
......
src/freedombone-app-fedwiki
+ 124
125
View file @ 5479d49d
......@@ -127,7 +127,7 @@ function add_user_fedwiki {
}
function install_interactive_fedwiki {
if [ ! $ONION_ONLY ]; then
if [ ! "$ONION_ONLY" ]; then
ONION_ONLY='no'
fi
......@@ -148,7 +148,7 @@ function change_password_fedwiki {
echo $'Fedwiki password is too short'
return
fi
${PROJECT_NAME}-pass -u $FEDWIKI_USERNAME -a fedwiki -p "$FEDWIKI_PASSWORD"
"${PROJECT_NAME}-pass" -u "$FEDWIKI_USERNAME" -a fedwiki -p "$FEDWIKI_PASSWORD"
sed -i "s|--cookieSecret .*|--cookieSecret '${FEDWIKI_PASSWORD}'|g" /etc/systemd/system/fedwiki.service
sed -i "s|\"secret\":.*|\"secret\": \"${FEDWIKI_PASSWORD}\"|g" ${FEDWIKI_DATA}/status/owner.json
systemctl daemon-reload
......@@ -177,12 +177,12 @@ function upgrade_fedwiki {
function backup_local_fedwiki {
FEDWIKI_DOMAIN_NAME='fedwiki.local'
if grep -q "fedwiki domain" $COMPLETION_FILE; then
if grep -q "fedwiki domain" "$COMPLETION_FILE"; then
FEDWIKI_DOMAIN_NAME=$(get_completion_param "fedwiki domain")
fi
systemctl stop fedwiki
suspend_site ${FEDWIKI_DOMAIN_NAME}
suspend_site "${FEDWIKI_DOMAIN_NAME}"
fedwiki_path=$FEDWIKI_DATA
if [ -d $fedwiki_path ]; then
......@@ -195,11 +195,11 @@ function backup_local_fedwiki {
function restore_local_fedwiki {
FEDWIKI_DOMAIN_NAME='fedwiki.local'
if grep -q "fedwiki domain" $COMPLETION_FILE; then
if grep -q "fedwiki domain" "$COMPLETION_FILE"; then
FEDWIKI_DOMAIN_NAME=$(get_completion_param "fedwiki domain")
fi
if [ $FEDWIKI_DOMAIN_NAME ]; then
suspend_site ${FEDWIKI_DOMAIN_NAME}
if [ "$FEDWIKI_DOMAIN_NAME" ]; then
suspend_site "${FEDWIKI_DOMAIN_NAME}"
systemctl stop fedwiki
temp_restore_dir=/root/tempfedwiki
......@@ -215,8 +215,8 @@ function restore_local_fedwiki {
rm -rf $temp_restore_dir
fi
FEDWIKI_PASSWORD=$(cat ${FEDWIKI_DATA}/status/owner.json | grep secret | awk -F '"' '{print $4}')
${PROJECT_NAME}-pass -u $FEDWIKI_USERNAME -a fedwiki -p "$FEDWIKI_PASSWORD"
FEDWIKI_PASSWORD=$(grep secret "${FEDWIKI_DATA}/status/owner.json" | awk -F '"' '{print $4}')
"${PROJECT_NAME}-pass" -u "$FEDWIKI_USERNAME" -a fedwiki -p "$FEDWIKI_PASSWORD"
sed -i "s|--cookieSecret .*|--cookieSecret '${FEDWIKI_PASSWORD}'|g" /etc/systemd/system/fedwiki.service
write_config_param "FEDWIKI_COOKIE" "$FEDWIKI_PASSWORD"
systemctl daemon-reload
......@@ -227,12 +227,12 @@ function restore_local_fedwiki {
function backup_remote_fedwiki {
FEDWIKI_DOMAIN_NAME='fedwiki.local'
if grep -q "fedwiki domain" $COMPLETION_FILE; then
if grep -q "fedwiki domain" "$COMPLETION_FILE"; then
FEDWIKI_DOMAIN_NAME=$(get_completion_param "fedwiki domain")
fi
systemctl stop fedwiki
suspend_site ${FEDWIKI_DOMAIN_NAME}
suspend_site "${FEDWIKI_DOMAIN_NAME}"
temp_backup_dir=$FEDWIKI_DATA
if [ -d $temp_backup_dir ]; then
......@@ -248,12 +248,12 @@ function backup_remote_fedwiki {
function restore_remote_fedwiki {
FEDWIKI_DOMAIN_NAME='fedwiki.local'
if grep -q "fedwiki domain" $COMPLETION_FILE; then
if grep -q "fedwiki domain" "$COMPLETION_FILE"; then
FEDWIKI_DOMAIN_NAME=$(get_completion_param "fedwiki domain")
fi
systemctl stop fedwiki
suspend_site ${FEDWIKI_DOMAIN_NAME}
suspend_site "${FEDWIKI_DOMAIN_NAME}"
temp_restore_dir=/root/tempfedwiki
function_check restore_directory_from_friend
......@@ -268,8 +268,8 @@ function restore_remote_fedwiki {
rm -rf $temp_restore_dir
fi
FEDWIKI_PASSWORD=$(cat ${FEDWIKI_DATA}/status/owner.json | grep secret | awk -F '"' '{print $4}')
${PROJECT_NAME}-pass -u $FEDWIKI_USERNAME -a fedwiki -p "$FEDWIKI_PASSWORD"
FEDWIKI_PASSWORD=$(grep secret "${FEDWIKI_DATA}/status/owner.json" | awk -F '"' '{print $4}')
"${PROJECT_NAME}-pass" -u "$FEDWIKI_USERNAME" -a fedwiki -p "$FEDWIKI_PASSWORD"
sed -i "s|--cookieSecret .*|--cookieSecret '${FEDWIKI_PASSWORD}'|g" /etc/systemd/system/fedwiki.service
write_config_param "FEDWIKI_COOKIE" "$FEDWIKI_PASSWORD"
systemctl daemon-reload
......@@ -294,20 +294,20 @@ function remove_fedwiki {
remove_nodejs fedwiki
read_config_param "FEDWIKI_DOMAIN_NAME"
nginx_dissite $FEDWIKI_DOMAIN_NAME
remove_certs ${FEDWIKI_DOMAIN_NAME}
if [ -f /etc/nginx/sites-available/$FEDWIKI_DOMAIN_NAME ]; then
rm -f /etc/nginx/sites-available/$FEDWIKI_DOMAIN_NAME
nginx_dissite "$FEDWIKI_DOMAIN_NAME"
remove_certs "${FEDWIKI_DOMAIN_NAME}"
if [ -f "/etc/nginx/sites-available/$FEDWIKI_DOMAIN_NAME" ]; then
rm -f "/etc/nginx/sites-available/$FEDWIKI_DOMAIN_NAME"
fi
if [ -d /var/www/$FEDWIKI_DOMAIN_NAME ]; then
rm -rf /var/www/$FEDWIKI_DOMAIN_NAME
if [ -d "/var/www/$FEDWIKI_DOMAIN_NAME" ]; then
rm -rf "/var/www/$FEDWIKI_DOMAIN_NAME"
fi
remove_config_param FEDWIKI_DOMAIN_NAME
remove_config_param FEDWIKI_CODE
function_check remove_onion_service
remove_onion_service fedwiki ${FEDWIKI_ONION_PORT}
remove_completion_param "install_fedwiki"
sed -i '/fedwiki/d' $COMPLETION_FILE
sed -i '/fedwiki/d' "$COMPLETION_FILE"
groupdel -f fedwiki
userdel -r fedwiki
......@@ -317,101 +317,102 @@ function remove_fedwiki {
fi
function_check remove_ddns_domain
remove_ddns_domain $FEDWIKI_DOMAIN_NAME
remove_ddns_domain "$FEDWIKI_DOMAIN_NAME"
}
function fedwiki_setup_web {
fedwiki_nginx_file=/etc/nginx/sites-available/$FEDWIKI_DOMAIN_NAME
if [[ $ONION_ONLY == "no" ]]; then
echo 'server {' > $fedwiki_nginx_file
echo ' listen 80;' >> $fedwiki_nginx_file
echo ' listen [::]:80;' >> $fedwiki_nginx_file
echo " server_name $FEDWIKI_DOMAIN_NAME;" >> $fedwiki_nginx_file
echo ' rewrite ^ https://$server_name$request_uri? permanent;' >> $fedwiki_nginx_file
echo '}' >> $fedwiki_nginx_file
echo '' >> $fedwiki_nginx_file
echo 'server {' >> $fedwiki_nginx_file
echo ' listen 443 ssl;' >> $fedwiki_nginx_file
echo ' #listen [::]:443 ssl;' >> $fedwiki_nginx_file
echo " server_name $FEDWIKI_DOMAIN_NAME;" >> $fedwiki_nginx_file
echo '' >> $fedwiki_nginx_file
fedwiki_nginx_file="/etc/nginx/sites-available/$FEDWIKI_DOMAIN_NAME"
if [[ "$ONION_ONLY" == "no" ]]; then
{ echo 'server {';
echo ' listen 80;';
echo ' listen [::]:80;';
echo " server_name $FEDWIKI_DOMAIN_NAME;";
echo " rewrite ^ https://\$server_name\$request_uri? permanent;";
echo '}';
echo '';
echo 'server {';
echo ' listen 443 ssl;';
echo ' #listen [::]:443 ssl;';
echo " server_name $FEDWIKI_DOMAIN_NAME;";
echo ''; } > "$fedwiki_nginx_file"
function_check nginx_ssl
nginx_ssl $FEDWIKI_DOMAIN_NAME mobile
sed -i '/Content-Security-Policy/d' $fedwiki_nginx_file
sed -i '/X-XSS-Protection/d' $fedwiki_nginx_file
sed -i '/X-Robots-Tag/d' $fedwiki_nginx_file
sed -i '/X-Download-Options/d' $fedwiki_nginx_file
sed -i '/X-Permitted-Cross-Domain-Policies/d' $fedwiki_nginx_file
echo ' add_header X-Robots-Tag none;' >> $fedwiki_nginx_file
echo ' add_header X-Download-Options noopen;' >> $fedwiki_nginx_file
echo ' add_header X-Frame-Options DENY;' >> $fedwiki_nginx_file
echo ' add_header X-Content-Type-Options nosniff;' >> $fedwiki_nginx_file
echo ' add_header Strict-Transport-Security max-age=15768000;' >> $fedwiki_nginx_file
echo '' >> $fedwiki_nginx_file
echo ' location /fonts-font-awesome/ {' >> $fedwiki_nginx_file
echo ' alias /usr/share/fonts-font-awesome/;' >> $fedwiki_nginx_file
echo ' }' >> $fedwiki_nginx_file
echo '' >> $fedwiki_nginx_file
echo ' location / {' >> $fedwiki_nginx_file
echo " proxy_pass http://localhost:${FEDWIKI_PORT};" >> $fedwiki_nginx_file
echo ' proxy_set_header X-Real-IP $remote_addr;' >> $fedwiki_nginx_file
echo ' proxy_set_header Host $host;' >> $fedwiki_nginx_file
echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $fedwiki_nginx_file
echo ' client_max_body_size 1M;' >> $fedwiki_nginx_file
echo ' }' >> $fedwiki_nginx_file
echo '}' >> $fedwiki_nginx_file
echo '' >> $fedwiki_nginx_file
nginx_ssl "$FEDWIKI_DOMAIN_NAME" mobile
sed -i '/Content-Security-Policy/d' "$fedwiki_nginx_file"
sed -i '/X-XSS-Protection/d' "$fedwiki_nginx_file"
sed -i '/X-Robots-Tag/d' "$fedwiki_nginx_file"
sed -i '/X-Download-Options/d' "$fedwiki_nginx_file"
sed -i '/X-Permitted-Cross-Domain-Policies/d' "$fedwiki_nginx_file"
{ echo ' add_header X-Robots-Tag none;';
echo ' add_header X-Download-Options noopen;';
echo ' add_header X-Frame-Options DENY;';
echo ' add_header X-Content-Type-Options nosniff;';
echo ' add_header Strict-Transport-Security max-age=15768000;';
echo '';
echo ' location /fonts-font-awesome/ {';
echo ' alias /usr/share/fonts-font-awesome/;';
echo ' }';
echo '';
echo ' location / {';
echo " proxy_pass http://localhost:${FEDWIKI_PORT};";
echo " proxy_set_header X-Real-IP \$remote_addr;";
echo " proxy_set_header Host \$host;";
echo " proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";
echo ' client_max_body_size 1M;';
echo ' }';
echo '}';
echo ''; } >> "$fedwiki_nginx_file"
else
echo -n '' > $fedwiki_nginx_file
fi
echo 'server {' >> $fedwiki_nginx_file
echo " listen 127.0.0.1:$FEDWIKI_ONION_PORT default_server;" >> $fedwiki_nginx_file
echo " server_name $FEDWIKI_ONION_HOSTNAME;" >> $fedwiki_nginx_file
echo '' >> $fedwiki_nginx_file
echo ' add_header X-Robots-Tag none;' >> $fedwiki_nginx_file
echo ' add_header X-Download-Options noopen;' >> $fedwiki_nginx_file
echo ' add_header X-Frame-Options DENY;' >> $fedwiki_nginx_file
echo ' add_header X-Content-Type-Options nosniff;' >> $fedwiki_nginx_file
echo '' >> $fedwiki_nginx_file
echo ' location /fonts-font-awesome/ {' >> $fedwiki_nginx_file
echo ' alias /usr/share/fonts-font-awesome/;' >> $fedwiki_nginx_file
echo ' }' >> $fedwiki_nginx_file
echo '' >> $fedwiki_nginx_file
echo ' location / {' >> $fedwiki_nginx_file
echo " proxy_pass http://localhost:${FEDWIKI_PORT};" >> $fedwiki_nginx_file
echo ' proxy_set_header X-Real-IP $remote_addr;' >> $fedwiki_nginx_file
echo ' proxy_set_header Host $host;' >> $fedwiki_nginx_file
echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $fedwiki_nginx_file
echo ' client_max_body_size 1M;' >> $fedwiki_nginx_file
echo ' }' >> $fedwiki_nginx_file
echo '}' >> $fedwiki_nginx_file
echo -n '' > "$fedwiki_nginx_file"
fi
{ echo 'server {';
echo " listen 127.0.0.1:$FEDWIKI_ONION_PORT default_server;";
echo " server_name $FEDWIKI_ONION_HOSTNAME;";
echo '';
echo ' add_header X-Robots-Tag none;';
echo ' add_header X-Download-Options noopen;';
echo ' add_header X-Frame-Options DENY;';
echo ' add_header X-Content-Type-Options nosniff;';
echo '';
echo ' location /fonts-font-awesome/ {';
echo ' alias /usr/share/fonts-font-awesome/;';
echo ' }';
echo '';
echo ' location / {';
echo " proxy_pass http://localhost:${FEDWIKI_PORT};";
echo " proxy_set_header X-Real-IP \$remote_addr;";
echo " proxy_set_header Host \$host;";
echo " proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";
echo ' client_max_body_size 1M;';
echo ' }';
echo '}'; } >> "$fedwiki_nginx_file"
function_check create_site_certificate
create_site_certificate $FEDWIKI_DOMAIN_NAME 'yes'
create_site_certificate "$FEDWIKI_DOMAIN_NAME" 'yes'
function_check nginx_ensite
nginx_ensite $FEDWIKI_DOMAIN_NAME
nginx_ensite "$FEDWIKI_DOMAIN_NAME"
}
function install_fedwiki {
if [[ $VARIANT == "mesh"* ]]; then
# shellcheck disable=SC2153
if [[ "$VARIANT" == "mesh"* ]]; then
return
fi
if [ ! $ONION_ONLY ]; then
if [ ! "$ONION_ONLY" ]; then
ONION_ONLY='no'
fi
if [ ! $FEDWIKI_DOMAIN_NAME ]; then
if [ ! "$FEDWIKI_DOMAIN_NAME" ]; then
echo $'The fedwiki domain name was not specified'
exit 893635
fi
if [ ! -d /var/www/$FEDWIKI_DOMAIN_NAME/htdocs ]; then
mkdir -p /var/www/$FEDWIKI_DOMAIN_NAME/htdocs
if [ ! -d "/var/www/$FEDWIKI_DOMAIN_NAME/htdocs" ]; then
mkdir -p "/var/www/$FEDWIKI_DOMAIN_NAME/htdocs"
fi
if [ ! -d $FEDWIKI_DATA ]; then
......@@ -429,14 +430,12 @@ function install_fedwiki {
apt-get -yq install fonts-font-awesome
npm install -g wiki@$FEDWIKI_VERSION
if [ ! "$?" = "0" ]; then
if ! npm install -g wiki@$FEDWIKI_VERSION; then
echo $'Failed to install fedwiki'
exit 6293523
fi
npm install -g wiki-security-friends@0.1.0
if [ ! "$?" = "0" ]; then
if ! npm install -g wiki-security-friends@0.1.0; then
echo $'Failed to install wiki-security-friends'
exit 783533
fi
......@@ -457,44 +456,44 @@ function install_fedwiki {
FEDWIKI_COOKIE="$(create_password 20)"
fi
echo '[Unit]' > /etc/systemd/system/fedwiki.service
echo 'Description=Fedwiki federated wiki' >> /etc/systemd/system/fedwiki.service
echo 'After=syslog.target' >> /etc/systemd/system/fedwiki.service
echo 'After=network.target' >> /etc/systemd/system/fedwiki.service
echo '' >> /etc/systemd/system/fedwiki.service
echo '[Service]' >> /etc/systemd/system/fedwiki.service
echo 'User=fedwiki' >> /etc/systemd/system/fedwiki.service
echo 'Group=fedwiki' >> /etc/systemd/system/fedwiki.service
echo "WorkingDirectory=/usr/local/lib/node_modules/wiki" >> /etc/systemd/system/fedwiki.service
echo "ExecStart=/usr/local/bin/wiki --security_type friends --session_duration 7 --data $FEDWIKI_DATA -p $FEDWIKI_PORT --cookieSecret '${FEDWIKI_COOKIE}'" >> /etc/systemd/system/fedwiki.service
echo 'StandardOutput=syslog' >> /etc/systemd/system/fedwiki.service
echo 'StandardError=syslog' >> /etc/systemd/system/fedwiki.service
echo 'SyslogIdentifier=fedwiki' >> /etc/systemd/system/fedwiki.service
echo 'Restart=always' >> /etc/systemd/system/fedwiki.service
echo "Environment=NODE_ENV=production" >> /etc/systemd/system/fedwiki.service
echo '' >> /etc/systemd/system/fedwiki.service
echo '[Install]' >> /etc/systemd/system/fedwiki.service
echo 'WantedBy=multi-user.target' >> /etc/systemd/system/fedwiki.service
{ echo '[Unit]';
echo 'Description=Fedwiki federated wiki';
echo 'After=syslog.target';
echo 'After=network.target';
echo '';
echo '[Service]';
echo 'User=fedwiki';
echo 'Group=fedwiki';
echo "WorkingDirectory=/usr/local/lib/node_modules/wiki";
echo "ExecStart=/usr/local/bin/wiki --security_type friends --session_duration 7 --data $FEDWIKI_DATA -p $FEDWIKI_PORT --cookieSecret '${FEDWIKI_COOKIE}'";
echo 'StandardOutput=syslog';
echo 'StandardError=syslog';
echo 'SyslogIdentifier=fedwiki';
echo 'Restart=always';
echo "Environment=NODE_ENV=production";
echo '';
echo '[Install]';
echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/fedwiki.service
if [ ! -d ${FEDWIKI_DATA}/status ]; then
mkdir -p ${FEDWIKI_DATA}/status
fi
fedwiki_auth_file=${FEDWIKI_DATA}/status/owner.json
echo '{' > $fedwiki_auth_file
echo " \"name\": \"${MY_USERNAME}\"," >> $fedwiki_auth_file
echo ' "friend": {' >> $fedwiki_auth_file
echo " \"secret\": \"${FEDWIKI_COOKIE}\"" >> $fedwiki_auth_file
echo ' }' >> $fedwiki_auth_file
echo '}' >> $fedwiki_auth_file
{ echo '{';
echo " \"name\": \"${MY_USERNAME}\",";
echo ' "friend": {';
echo " \"secret\": \"${FEDWIKI_COOKIE}\"";
echo ' }';
echo '}'; } > $fedwiki_auth_file
chown -R fedwiki:fedwiki $FEDWIKI_DATA
fedwiki_setup_web
${PROJECT_NAME}-pass -u $MY_USERNAME -a fedwiki -p "$FEDWIKI_COOKIE"
"${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a fedwiki -p "$FEDWIKI_COOKIE"
function_check add_ddns_domain
add_ddns_domain $FEDWIKI_DOMAIN_NAME
add_ddns_domain "$FEDWIKI_DOMAIN_NAME"
fedwiki_remove_bad_links
......
src/freedombone-app-friendica
+ 251
249
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-ghost
+ 195
195
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-gnusocial
+ 286
280
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-gogs
+ 222
215
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-htmly
+ 276
269
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-hubzilla
+ 256
254
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-icecast
+ 220
216
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-ipfs
+ 146
146
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-irc
+ 208
203
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-jitsi
+ 84
85
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-kanboard
+ 195
198
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-keyserver
+ 207
200
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-koel
+ 250
247
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-lychee
+ 184
184
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-mailpile
+ 86
86
View file @ 5479d49d
This diff is collapsed.
src/freedombone-app-matrix
+ 164
164
View file @ 5479d49d
This diff is collapsed.
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment