From 5e9efd52bfa0443255a6d52f9dcf499fbd15941b Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Fri, 11 May 2018 12:56:18 +0100
Subject: [PATCH] Initial rocketchat app

---
 src/freedombone-app-rocketchat | 463 +++++++++++++++++++++++++++++++++
 src/freedombone-template       |   5 +-
 src/freedombone-utils-mongodb  |   1 +
 3 files changed, 468 insertions(+), 1 deletion(-)
 create mode 100755 src/freedombone-app-rocketchat

diff --git a/src/freedombone-app-rocketchat b/src/freedombone-app-rocketchat
new file mode 100755
index 000000000..6884b49a3
--- /dev/null
+++ b/src/freedombone-app-rocketchat
@@ -0,0 +1,463 @@
+#!/bin/bash
+#
+#  _____               _           _
+# |   __|___ ___ ___ _| |___ _____| |_ ___ ___ ___
+# |   __|  _| -_| -_| . | . |     | . | . |   | -_|
+# |__|  |_| |___|___|___|___|_|_|_|___|___|_|_|___|
+#
+#                              Freedom in the Cloud
+#
+# License
+# =======
+#
+# Copyright (C) 2018 Bob Mottram <bob@freedombone.net>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+VARIANTS='full full-vim'
+
+IN_DEFAULT_INSTALL=0
+SHOW_ON_ABOUT=1
+
+ROCKETCHAT_DOMAIN_NAME=
+ROCKETCHAT_CODE=
+ROCKETCHAT_ONION_PORT=9018
+ROCKETCHAT_REPO="https://github.com/RocketChat/Rocket.Chat"
+ROCKETCHAT_COMMIT='08149ebebbe265bce8f06289ad9a2f6bb4b1464b'
+ROCKETCHAT_PORT_INTERNAL=3004
+
+rocketchat_variables=(ONION_ONLY
+                      ROCKETCHAT_DOMAIN_NAME
+                      ROCKETCHAT_CODE
+                      DDNS_PROVIDER
+                      MY_USERNAME)
+
+function logging_on_rocketchat {
+    echo -n ''
+}
+
+function logging_off_rocketchat {
+    echo -n ''
+}
+
+function remove_user_rocketchat {
+    remove_username="$1"
+
+    "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp rocketchat
+}
+
+function add_user_rocketchat {
+    new_username="$1"
+    new_user_password="$2"
+
+    "${PROJECT_NAME}-pass" -u "$new_username" -a rocketchat -p "$new_user_password"
+    echo '0'
+}
+
+function install_interactive_rocketchat {
+    if [ ! "$ONION_ONLY" ]; then
+        ONION_ONLY='no'
+    fi
+
+    if [[ "$ONION_ONLY" != "no" ]]; then
+        ROCKETCHAT_DOMAIN_NAME='rocketchat.local'
+        write_config_param "ROCKETCHAT_DOMAIN_NAME" "$ROCKETCHAT_DOMAIN_NAME"
+    else
+        interactive_site_details "rocketchat" "ROCKETCHAT_DOMAIN_NAME" "ROCKETCHAT_CODE"
+    fi
+    APP_INSTALLED=1
+}
+
+function change_password_rocketchat {
+    curr_username="$1"
+    new_user_password="$2"
+
+    read_config_param 'ROCKETCHAT_DOMAIN_NAME'
+
+    "${PROJECT_NAME}-pass" -u "$curr_username" -a rocketchat -p "$new_user_password"
+}
+
+function rocketchat_create_database {
+    if [ -f $IMAGE_PASSWORD_FILE ]; then
+        ROCKETCHAT_ADMIN_PASSWORD="$(printf "%d" "$(cat "")")"
+    else
+        if [ ! $ROCKETCHAT_ADMIN_PASSWORD ]; then
+            ROCKETCHAT_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+        fi
+    fi
+    if [ ! $ROCKETCHAT_ADMIN_PASSWORD ]; then
+        return
+    fi
+
+    create_database_mongodb rocketchat "$ROCKETCHAT_ADMIN_PASSWORD" $MY_USERNAME
+}
+
+function reconfigure_rocketchat {
+    # This is used if you need to switch identity. Dump old keys and generate new ones
+    echo -n ''
+}
+
+function configure_interactive_rocketchat {
+    W=(1 $"Option 1"
+       2 $"Option 2")
+
+    while true
+    do
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"rocketchat" --menu $"Choose an operation, or ESC for main menu:" 14 70 3 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+            break
+        fi
+        case $selection in
+            1) # call some function for option 1
+            ;;
+            2) # call some function for option 2
+            ;;
+        esac
+    done
+}
+
+function upgrade_rocketchat {
+    CURR_ROCKETCHAT_COMMIT=$(get_completion_param "rocketchat commit")
+    if [[ "$CURR_ROCKETCHAT_COMMIT" == "$ROCKETCHAT_COMMIT" ]]; then
+        return
+    fi
+
+    if grep -q "rocketchat domain" "$COMPLETION_FILE"; then
+        ROCKETCHAT_DOMAIN_NAME=$(get_completion_param "rocketchat domain")
+    fi
+
+    # update to the next commit
+    set_repo_commit "/etc/rocketchat" "rocketchat commit" "$ROCKETCHAT_COMMIT" "$ROCKETCHAT_REPO"
+    chown -R rocketchat:rocketchat "/etc/rocketchat"
+
+    systemctl restart rocketchat
+}
+
+function backup_local_rocketchat {
+    ROCKETCHAT_DOMAIN_NAME='rocketchat'
+    if grep -q "rocketchat domain" "$COMPLETION_FILE"; then
+        ROCKETCHAT_DOMAIN_NAME=$(get_completion_param "rocketchat domain")
+    fi
+
+    source_directory=/etc/rocketchat
+
+    suspend_site "${ROCKETCHAT_DOMAIN_NAME}"
+
+    systemctl stop rocketchat
+
+    dest_directory=rocketchat
+    backup_directory_to_usb "$source_directory" $dest_directory
+
+    USE_MONGODB=1
+    backup_database_to_usb rocketchat
+
+    restart_site
+    systemctl start rocketchat
+}
+
+function restore_local_rocketchat {
+    if ! grep -q "rocketchat domain" "$COMPLETION_FILE"; then
+        return
+    fi
+    ROCKETCHAT_DOMAIN_NAME=$(get_completion_param "rocketchat domain")
+    if [ ! "$ROCKETCHAT_DOMAIN_NAME" ]; then
+        return
+    fi
+    suspend_site "${ROCKETCHAT_DOMAIN_NAME}"
+    systemctl stop rocketchat
+
+    temp_restore_dir=/root/temprocketchat
+    rocketchat_dir=/etc/rocketchat
+
+    rocketchat_create_database
+
+    USE_MONGODB=1
+    restore_database rocketchat
+    if [ -d $temp_restore_dir ]; then
+        rm -rf $temp_restore_dir
+    fi
+
+    restore_directory_from_usb $temp_restore_dir rocketchat
+    if [ -d $temp_restore_dir ]; then
+        if [ -d "$temp_restore_dir$rocketchat_dir" ]; then
+            cp -rp "$temp_restore_dir$rocketchat_dir"/* "$rocketchat_dir"/
+        else
+            if [ ! -d "$rocketchat_dir" ]; then
+                mkdir "$rocketchat_dir"
+            fi
+            cp -rp "$temp_restore_dir"/* "$rocketchat_dir"/
+        fi
+        chown -R rocketchat:rocketchat "$rocketchat_dir"
+        rm -rf $temp_restore_dir
+    fi
+    systemctl start rocketchat
+
+    restart_site
+}
+
+function backup_remote_rocketchat {
+    ROCKETCHAT_DOMAIN_NAME='rocketchat'
+    if grep -q "rocketchat domain" "$COMPLETION_FILE"; then
+        ROCKETCHAT_DOMAIN_NAME=$(get_completion_param "rocketchat domain")
+    fi
+
+    source_directory=/etc/rocketchat
+
+    suspend_site "${ROCKETCHAT_DOMAIN_NAME}"
+    systemctl stop rocketchat
+
+    dest_directory=rocketchat
+    backup_directory_to_friend "$source_directory" $dest_directory
+    USE_MONGODB=1
+    backup_database_to_friend rocketchat
+
+
+    systemctl start rocketchat
+
+    restart_site
+}
+
+function restore_remote_rocketchat {
+    if ! grep -q "rocketchat domain" "$COMPLETION_FILE"; then
+        return
+    fi
+    ROCKETCHAT_DOMAIN_NAME=$(get_completion_param "rocketchat domain")
+    if [ ! "$ROCKETCHAT_DOMAIN_NAME" ]; then
+        return
+    fi
+    suspend_site "${ROCKETCHAT_DOMAIN_NAME}"
+    systemctl stop rocketchat
+
+    temp_restore_dir=/root/temprocketchat
+    rocketchat_dir=/etc/rocketchat
+
+    rocketchat_create_database
+
+    USE_MONGODB=1
+    restore_database_from_friend rocketchat
+    if [ -d "$temp_restore_dir" ]; then
+        rm -rf $temp_restore_dir
+    fi
+
+    restore_directory_from_friend $temp_restore_dir rocketchat
+    if [ -d $temp_restore_dir ]; then
+        if [ -d "$temp_restore_dir$rocketchat_dir" ]; then
+            cp -rp "$temp_restore_dir$rocketchat_dir"/* "$rocketchat_dir"/
+        else
+            if [ ! -d "$rocketchat_dir" ]; then
+                mkdir "$rocketchat_dir"
+            fi
+            cp -rp $temp_restore_dir/* "$rocketchat_dir"/
+        fi
+        chown -R rocketchat:rocketchat "$rocketchat_dir"
+        rm -rf $temp_restore_dir
+    fi
+    systemctl start rocketchat
+
+    restart_site
+}
+
+function remove_rocketchat {
+    nginx_dissite "$ROCKETCHAT_DOMAIN_NAME"
+    remove_certs "$ROCKETCHAT_DOMAIN_NAME"
+
+    if [ -f /etc/systemd/system/rocketchat.service ]; then
+        systemctl stop rocketchat
+        systemctl disable rocketchat
+        rm /etc/systemd/system/rocketchat.service
+    fi
+    userdel -r rocketchat
+    remove_nodejs rocketchat
+
+
+    if [ -d "/var/www/$ROCKETCHAT_DOMAIN_NAME" ]; then
+        rm -rf "/var/www/$ROCKETCHAT_DOMAIN_NAME"
+    fi
+    if [ -f "/etc/nginx/sites-available/$ROCKETCHAT_DOMAIN_NAME" ]; then
+        rm "/etc/nginx/sites-available/$ROCKETCHAT_DOMAIN_NAME"
+    fi
+    drop_database_mongodb rocketchat
+    remove_onion_service rocketchat "${ROCKETCHAT_ONION_PORT}"
+    if grep -q "rocketchat" /etc/crontab; then
+        sed -i "/rocketchat/d" /etc/crontab
+    fi
+    remove_app rocketchat
+    remove_completion_param install_rocketchat
+    sed -i '/rocketchat/d' "$COMPLETION_FILE"
+
+    remove_ddns_domain "$ROCKETCHAT_DOMAIN_NAME"
+}
+
+function install_rocketchat {
+    apt-get install -yq curl graphicsmagick
+
+    install_mongodb
+
+    install_nodejs rocketchat
+    if [ ! "$ROCKETCHAT_DOMAIN_NAME" ]; then
+        echo $'No domain name was given'
+        exit 3568356
+    fi
+
+    if [ -d "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs" ]; then
+        rm -rf "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs"
+    fi
+    if [ -d /repos/rocketchat ]; then
+        mkdir "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs"
+        cp -r -p /repos/rocketchat/. "/etc/rocketchat"
+        cd "/etc/rocketchat" || exit 36487365
+        git pull
+    else
+        git_clone "$ROCKETCHAT_REPO" "/etc/rocketchat"
+    fi
+
+    if [ ! -d "/etc/rocketchat" ]; then
+        echo $'Unable to clone rocketchat repo'
+        exit 87525
+    fi
+
+    cd "/etc/rocketchat" || exit 3463754637
+    git checkout "$ROCKETCHAT_COMMIT" -b "$ROCKETCHAT_COMMIT"
+    set_completion_param "rocketchat commit" "$ROCKETCHAT_COMMIT"
+
+    chmod g+w "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs"
+    chown -R www-data:www-data "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs"
+
+    rocketchat_create_database
+
+    add_ddns_domain "$ROCKETCHAT_DOMAIN_NAME"
+
+    ROCKETCHAT_ONION_HOSTNAME=$(add_onion_service rocketchat 80 "${ROCKETCHAT_ONION_PORT}")
+
+    rocketchat_nginx_site=/etc/nginx/sites-available/$ROCKETCHAT_DOMAIN_NAME
+    if [[ "$ONION_ONLY" == "no" ]]; then
+        nginx_http_redirect "$ROCKETCHAT_DOMAIN_NAME" "index index.html"
+        { echo 'server {';
+          echo '  listen 443 ssl;';
+          echo '  #listen [::]:443 ssl;';
+          echo "  server_name $ROCKETCHAT_DOMAIN_NAME;";
+          echo ''; } >> "$rocketchat_nginx_site"
+        nginx_compress "$ROCKETCHAT_DOMAIN_NAME"
+        echo '' >> "$rocketchat_nginx_site"
+        echo '  # Security' >> "$rocketchat_nginx_site"
+        nginx_ssl "$ROCKETCHAT_DOMAIN_NAME"
+
+        nginx_security_options "$ROCKETCHAT_DOMAIN_NAME"
+
+        { echo '  add_header Strict-Transport-Security max-age=15768000;';
+          echo '';
+          echo '  # Logs';
+          echo '  access_log /dev/null;';
+          echo '  error_log /dev/null;';
+          echo '';
+          echo '  # Root';
+          echo "  root /var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs;";
+          echo '';
+          echo '  index index.html;';
+          echo '  # Location';
+          echo '  location / {'; } >> "$rocketchat_nginx_site"
+        nginx_limits "$ROCKETCHAT_DOMAIN_NAME" '15m'
+        { echo "    proxy_pass http://localhost:$ROCKETCHAT_PORT_INTERNAL;";
+          echo '    proxy_http_version 1.1;';
+          echo "    proxy_set_header Upgrade \$http_upgrade;";
+          echo "    proxy_set_header Connection \"upgrade\";";
+          echo "    proxy_set_header Host \$http_host;";
+          echo '';
+          echo "    proxy_set_header X-Real-IP \$remote_addr;";
+          echo "    proxy_set_header X-Forward-For \$proxy_add_x_forwarded_for;";
+          echo '    proxy_set_header X-Forward-Proto http;';
+          echo '    proxy_set_header X-Nginx-Proxy true;';
+          echo '';
+          echo '    proxy_redirect off;';
+          echo '  }';
+          echo '}'; } >> "$rocketchat_nginx_site"
+    else
+        echo -n '' > "$rocketchat_nginx_site"
+    fi
+    { echo 'server {';
+      echo "    listen 127.0.0.1:$ROCKETCHAT_ONION_PORT default_server;";
+      echo "    server_name $ROCKETCHAT_ONION_HOSTNAME;";
+      echo ''; } >> "$rocketchat_nginx_site"
+    nginx_compress "$ROCKETCHAT_DOMAIN_NAME"
+    echo '' >> "$rocketchat_nginx_site"
+    nginx_security_options "$ROCKETCHAT_DOMAIN_NAME"
+    { echo '';
+      echo '  # Logs';
+      echo '  access_log /dev/null;';
+      echo '  error_log /dev/null;';
+      echo '';
+      echo '  # Root';
+      echo "  root /var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs;";
+      echo '';
+      echo '  index index.html;';
+      echo '  # Location';
+      echo '  location / {'; } >> "$rocketchat_nginx_site"
+    nginx_limits "$ROCKETCHAT_DOMAIN_NAME" '15m'
+    { echo "    proxy_pass http://localhost:$ROCKETCHAT_PORT_INTERNAL;";
+      echo '    proxy_http_version 1.1;';
+      echo "    proxy_set_header Upgrade \$http_upgrade;";
+      echo "    proxy_set_header Connection \"upgrade\";";
+      echo "    proxy_set_header Host \$http_host;";
+      echo '';
+      echo "    proxy_set_header X-Real-IP \$remote_addr;";
+      echo "    proxy_set_header X-Forward-For \$proxy_add_x_forwarded_for;";
+      echo '    proxy_set_header X-Forward-Proto http;';
+      echo '    proxy_set_header X-Nginx-Proxy true;';
+      echo '';
+      echo '    proxy_redirect off;';
+      echo '  }';
+      echo '}'; } >> "$rocketchat_nginx_site"
+
+    adduser --system --home="/etc/rocketchat" --group rocketchat
+
+    { echo '[Unit]';
+      echo 'Description=rocketchat';
+      echo 'After=syslog.target';
+      echo 'After=network.target';
+      echo '';
+      echo '[Service]';
+      echo 'Type=simple';
+      echo 'User=rocketchat';
+      echo 'Group=rocketchat';
+      echo 'WorkingDirectory=/etc/rocketchat';
+      echo 'ExecStart=/usr/local/bin/node main.js';
+      echo 'Environment=USER=rocketchat';
+      echo 'Restart=always';
+      echo 'StandardError=syslog';
+      echo 'Environment=NODE_ENV=production';
+      echo "Environment=PORT=${ROCKETCHAT_PORT_INTERNAL}";
+      echo "Environment=ROOT_URL=http://localhost:${ROCKETCHAT_PORT_INTERNAL}";
+      echo "Environment=MONGO_URL=mongodb://mongo:${MONGODB_PORT}/rocketchat";
+      echo '';
+      echo '[Install]';
+      echo 'WantedBy=multi-user.target'; } >> "/etc/systemd/system/rocketchat.service"
+    systemctl enable rocketchat
+    chown -R rocketchat:rocketchat "/etc/rocketchat"
+    systemctl start rocketchat
+
+    create_site_certificate "$ROCKETCHAT_DOMAIN_NAME" 'yes'
+
+    nginx_ensite "$ROCKETCHAT_DOMAIN_NAME"
+
+    systemctl restart nginx
+
+    "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a rocketchat -p "$ROCKETCHAT_ADMIN_PASSWORD"
+    set_completion_param "rocketchat domain" "$ROCKETCHAT_DOMAIN_NAME"
+
+    APP_INSTALLED=1
+}
+
+# NOTE: deliberately there is no "exit 0"
diff --git a/src/freedombone-template b/src/freedombone-template
index e39df783f..faffd9b9d 100755
--- a/src/freedombone-template
+++ b/src/freedombone-template
@@ -398,6 +398,9 @@ else
     echo "    set_repo_commit \"${app_dir}\" \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \"\$${app_name_upper}_REPO\""
     echo "    chown -R ${app_name}:${app_name} \"${app_dir}\""
 fi
+if [ $app_daemon ]; then
+    echo "    systemctl restart ${app_name}"
+fi
 echo '}'
 echo ''
 echo "function backup_local_${app_name} {"
@@ -901,7 +904,7 @@ if [ $app_webui ]; then
             echo "    { echo \"    try_files \\\$uri \\\$uri/ index.php?\\\$args;\";"
         fi
     else
-        echo "      echo \"    proxy_pass http://localhost:\$${app_name_upper}_PORT_INTERNAL;\";"
+        echo "      { echo \"    proxy_pass http://localhost:\$${app_name_upper}_PORT_INTERNAL;\";"
     fi
     echo "      echo '  }';"
     echo "      echo '}'; } >> \"\$${app_name}_nginx_site\""
diff --git a/src/freedombone-utils-mongodb b/src/freedombone-utils-mongodb
index 8f7c8484c..1448b3239 100755
--- a/src/freedombone-utils-mongodb
+++ b/src/freedombone-utils-mongodb
@@ -29,6 +29,7 @@
 # Set this when calling backup and restore commands
 USE_MONGODB=
 MONGODB_APPS_FILE=$HOME/.mongodbapps
+MONGODB_PORT=27017
 
 function store_original_mongodb_password {
     if [ ! -f /root/.mongodboriginal ]; then
-- 
GitLab