From 9f9f825f8773415911b72911ed578dcc4e046369 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Sun, 25 Sep 2016 11:20:41 +0100
Subject: [PATCH] app functions for changing passwords
---
src/freedombone-app-babel | 4 +
src/freedombone-app-batman | 52 +-
src/freedombone-app-blog | 21 +
src/freedombone-app-blogstatic | 4 +
src/freedombone-app-cjdns | 898 +++++++++---------
src/freedombone-app-dlna | 338 +++----
src/freedombone-app-emacs | 4 +
src/freedombone-app-gnusocial | 1516 ++++++++++++++++---------------
src/freedombone-app-gogs | 4 +
src/freedombone-app-hubzilla | 4 +
src/freedombone-app-ipfs | 4 +
src/freedombone-app-irc | 454 ++++-----
src/freedombone-app-librevault | 4 +
src/freedombone-app-mediagoblin | 718 +++++++--------
src/freedombone-app-mumble | 428 ++++-----
src/freedombone-app-rss | 4 +
src/freedombone-app-searx | 466 +++++-----
src/freedombone-app-sip | 742 +++++++--------
src/freedombone-app-syncthing | 4 +
src/freedombone-app-tahoelafs | 4 +
src/freedombone-app-tox | 4 +
src/freedombone-app-vpn | 54 +-
src/freedombone-app-webmail | 370 ++++----
src/freedombone-app-wiki | 942 +++++++++----------
src/freedombone-app-xmpp | 4 +
src/freedombone-app-zeronet | 4 +
src/freedombone-tests | 80 +-
27 files changed, 3626 insertions(+), 3505 deletions(-)
diff --git a/src/freedombone-app-babel b/src/freedombone-app-babel
index 870307233..9c10c2ef1 100755
--- a/src/freedombone-app-babel
+++ b/src/freedombone-app-babel
@@ -33,6 +33,10 @@ VARIANTS=''
ENABLE_BABEL="no"
BABEL_PORT=6696
+function change_password_babel {
+ echo -n ''
+}
+
function reconfigure_babel {
echo -n ''
}
diff --git a/src/freedombone-app-batman b/src/freedombone-app-batman
index cf3137f3d..8e9856c63 100755
--- a/src/freedombone-app-batman
+++ b/src/freedombone-app-batman
@@ -33,12 +33,16 @@ VARIANTS='mesh'
ENABLE_BATMAN="no"
BATMAN_CELLID='any'
-function configure_firewall_for_batma {
+function change_password_batman {
+ echo -n ''
+}
+
+function configure_firewall_for_batman {
if grep -Fxq "configure_firewall_for_batman" $COMPLETION_FILE; then
- return
+ return
fi
if [[ $ENABLE_BATMAN != "yes" ]]; then
- return
+ return
fi
function_check save_firewall_settings
@@ -72,13 +76,13 @@ function restore_remote_batman {
function remove_batman {
if ! grep -Fxq "install_batman" $COMPLETION_FILE; then
- return
+ return
fi
${PROJECT_NAME}-mesh-install -f batman --remove yes
if [ ! "$?" = "0" ]; then
- echo $'Failed to remove batman'
- exit 79353
+ echo $'Failed to remove batman'
+ exit 79353
fi
sed -i '/install_batman/d' $COMPLETION_FILE
sed -i '/configure_firewall_for_batman/d' $COMPLETION_FILE
@@ -90,15 +94,15 @@ function mesh_install_batman {
chroot "$rootdir" apt-get -y install wireless-tools rfkill
if ! grep -q "batman_adv" $rootdir/etc/modules; then
- echo 'batman_adv' >> $rootdir/etc/modules
+ echo 'batman_adv' >> $rootdir/etc/modules
fi
BATMAN_SCRIPT=$rootdir/var/lib/batman
if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
- cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
+ cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
else
- cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
+ cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
fi
BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
@@ -124,32 +128,32 @@ function mesh_install_batman {
function install_batman {
if [ $INSTALLING_MESH ]; then
- mesh_install_batman
- return
+ mesh_install_batman
+ return
fi
if grep -Fxq "install_batman" $COMPLETION_FILE; then
- return
+ return
fi
if [[ $ENABLE_BATMAN != "yes" ]]; then
- return
+ return
fi
${PROJECT_NAME}-mesh-install -f batman
if [ ! "$?" = "0" ]; then
- echo $'Failed to install batman'
- exit 72524
+ echo $'Failed to install batman'
+ exit 72524
fi
if ! grep -q "Mesh Networking (B.A.T.M.A.N)" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo 'Mesh Networking (B.A.T.M.A.N)' >> /home/$MY_USERNAME/README
- echo '=============================' >> /home/$MY_USERNAME/README
- echo "Mesh ESSID: $WIFI_SSID" >> /home/$MY_USERNAME/README
- echo "Mesh cell ID: $BATMAN_CELLID" >> /home/$MY_USERNAME/README
- echo "Mesh wifi channel: $WIFI_CHANNEL" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo 'Mesh Networking (B.A.T.M.A.N)' >> /home/$MY_USERNAME/README
+ echo '=============================' >> /home/$MY_USERNAME/README
+ echo "Mesh ESSID: $WIFI_SSID" >> /home/$MY_USERNAME/README
+ echo "Mesh cell ID: $BATMAN_CELLID" >> /home/$MY_USERNAME/README
+ echo "Mesh wifi channel: $WIFI_CHANNEL" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
fi
function_check configure_firewall_for_batman
diff --git a/src/freedombone-app-blog b/src/freedombone-app-blog
index 3f1d2d2ff..cc0fc2000 100755
--- a/src/freedombone-app-blog
+++ b/src/freedombone-app-blog
@@ -38,6 +38,27 @@ FULLBLOG_COMMIT='bf5fe9486160be4da86d8987d3e5c977e1dc6d32'
MY_BLOG_TITLE="My Blog"
MY_BLOG_SUBTITLE="Another ${PROJECT_NAME} Blog"
+function change_password_blog {
+ if ! grep -q "Blog domain:" $COMPLETION_FILE; then
+ return
+ echo "Blog domain:$FULLBLOG_DOMAIN_NAME" >> $COMPLETION_FILE
+ fi
+ FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Blog domain" | head -n 1 | awk -F ':' '{print $2}')
+
+ BLOG_USERNAME="$1"
+ BLOG_PASSWORD="$2"
+ if [ ${#BLOG_PASSWORD} -lt 8 ]; then
+ echo $'Blog password is too short'
+ return
+ fi
+ BLOG_PASSWORD_HASH=$(${PROJECT_NAME}-sec --bloghash "$BLOG_PASSWORD")
+ if [ ${#BLOG_PASSWORD_HASH} -lt 8 ]; then
+ echo $'Blog admin password could not be hashed'
+ exit 625728
+ fi
+ sed -i "s|password =.*|password = $BLOG_PASSWORD_HASH|g" /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$BLOG_USERNAME.ini
+}
+
function reconfigure_blog {
echo -n ''
}
diff --git a/src/freedombone-app-blogstatic b/src/freedombone-app-blogstatic
index ee4ee8232..139cb4cf9 100755
--- a/src/freedombone-app-blogstatic
+++ b/src/freedombone-app-blogstatic
@@ -35,6 +35,10 @@ PELICAN_THEMES_REPO="https://github.com/getpelican/pelican-themes"
PELICAN_PLUGINS_REPO="https://github.com/getpelican/pelican-plugins"
DEFAULT_BLOG_TITLE=$"Freedombone Blog"
+function change_password_blogstatic {
+ echo -n ''
+}
+
function reconfigure_blogstatic {
echo -n ''
}
diff --git a/src/freedombone-app-cjdns b/src/freedombone-app-cjdns
index a6e3b2b25..bc18d0c1a 100755
--- a/src/freedombone-app-cjdns
+++ b/src/freedombone-app-cjdns
@@ -41,499 +41,503 @@ CJDNS_COMMIT='13189fde111d0500427a7a0ce06a970753527bca'
CJDCMD_REPO="https://github.com/inhies/cjdcmd"
CJDCMD_COMMIT='973cca6ed0eecf9041c3403a40193c0b1291b808'
+function change_password_cjdns {
+ echo -n ''
+}
+
function reconfigure_cjdns {
- echo -n ''
+ echo -n ''
}
function upgrade_cjdns {
- if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
- return
- fi
- function_check set_repo_commit
- set_repo_commit /etc/cjdns "cjdns commit" "$CJDNS_COMMIT" $CJDNS_REPO
+ if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
+ return
+ fi
+ function_check set_repo_commit
+ set_repo_commit /etc/cjdns "cjdns commit" "$CJDNS_COMMIT" $CJDNS_REPO
}
function configure_firewall_for_cjdns {
- if grep -Fxq "configure_firewall_for_cjdns" $COMPLETION_FILE; then
- return
- fi
- if [[ $ENABLE_CJDNS != "yes" ]]; then
- return
- fi
- ip6tables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
- ip6tables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
- ip6tables -A INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
- ip6tables -A INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT
-
- function_check save_firewall_settings
- save_firewall_settings
- echo 'configure_firewall_for_cjdns' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_cjdns" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ENABLE_CJDNS != "yes" ]]; then
+ return
+ fi
+ ip6tables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
+ ip6tables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+ ip6tables -A INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
+ ip6tables -A INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT
+
+ function_check save_firewall_settings
+ save_firewall_settings
+ echo 'configure_firewall_for_cjdns' >> $COMPLETION_FILE
}
function get_cjdns_public_key {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns public key" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_PUBLIC_KEY ]; then
- CJDNS_PUBLIC_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns public key" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns public key" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_PUBLIC_KEY ]; then
+ CJDNS_PUBLIC_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns public key" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
+ fi
}
function get_cjdns_private_key {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns private key" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_PRIVATE_KEY ]; then
- CJDNS_PRIVATE_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns private key" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns private key" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_PRIVATE_KEY ]; then
+ CJDNS_PRIVATE_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns private key" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
+ fi
}
function get_cjdns_ipv6_address {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns IPv6 address" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_IPV6 ]; then
- CJDNS_IPV6=$(cat /home/$MY_USERNAME/README | grep "cjdns IPv6 address" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns IPv6 address" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_IPV6 ]; then
+ CJDNS_IPV6=$(cat /home/$MY_USERNAME/README | grep "cjdns IPv6 address" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
+ fi
}
function get_cjdns_port {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns port" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_PORT ]; then
- CJDNS_PORT=$(cat /home/$MY_USERNAME/README | grep "cjdns port" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns port" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_PORT ]; then
+ CJDNS_PORT=$(cat /home/$MY_USERNAME/README | grep "cjdns port" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
+ fi
}
function get_cjdns_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns password" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_PASSWORD ]; then
- CJDNS_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "cjdns password" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns password" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_PASSWORD ]; then
+ CJDNS_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "cjdns password" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
+ fi
}
function backup_local_cjdns {
- echo -n ''
+ echo -n ''
}
function restore_local_cjdns {
- if [ -d $USB_MOUNT/backup/cjdns ]; then
- echo $"Restoring cjdns installation"
- temp_restore_dir=/root/tempcjdns
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir cjdns
- rm -rf /etc/cjdns
- cp -r $temp_restore_dir/etc/cjdns /etc/
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 8472
- fi
- rm -rf $temp_restore_dir
- fi
+ if [ -d $USB_MOUNT/backup/cjdns ]; then
+ echo $"Restoring cjdns installation"
+ temp_restore_dir=/root/tempcjdns
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir cjdns
+ rm -rf /etc/cjdns
+ cp -r $temp_restore_dir/etc/cjdns /etc/
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 8472
+ fi
+ rm -rf $temp_restore_dir
+ fi
}
function backup_remote_cjdns {
- echo -n ''
+ echo -n ''
}
function restore_remote_cjdns {
- if [ -d $SERVER_DIRECTORY/backup/cjdns ]; then
- echo $"Restoring cjdns installation"
- temp_restore_dir=/root/tempcjdns
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir cjdns
- rm -rf /etc/cjdns
- cp -r $temp_restore_dir/etc/cjdns /etc/
- if [ ! "$?" = "0" ]; then
- exit 7438
- fi
- rm -rf $temp_restore_dir
- fi
+ if [ -d $SERVER_DIRECTORY/backup/cjdns ]; then
+ echo $"Restoring cjdns installation"
+ temp_restore_dir=/root/tempcjdns
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir cjdns
+ rm -rf /etc/cjdns
+ cp -r $temp_restore_dir/etc/cjdns /etc/
+ if [ ! "$?" = "0" ]; then
+ exit 7438
+ fi
+ rm -rf $temp_restore_dir
+ fi
}
function remove_cjdns {
- if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
- return
- fi
- service cjdns stop
- ip6tables -D nat -D POSTROUTING -o tun0 -j MASQUERADE
- ip6tables -D FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
- ip6tables -D INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
- ip6tables -D INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- rm -rf /etc/cjdns
- sed -i '/install_cjdns/d' $COMPLETION_FILE
- sed -i '/cjdns /d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_cjdns/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
+ return
+ fi
+ service cjdns stop
+ ip6tables -D nat -D POSTROUTING -o tun0 -j MASQUERADE
+ ip6tables -D FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+ ip6tables -D INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
+ ip6tables -D INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ rm -rf /etc/cjdns
+ sed -i '/install_cjdns/d' $COMPLETION_FILE
+ sed -i '/cjdns /d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_cjdns/d' $COMPLETION_FILE
}
function install_cjdns_main {
- if [[ $ENABLE_CJDNS != "yes" ]]; then
- return
- fi
-
- if grep -Fxq "install_cjdns_main" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install nodejs git build-essential nmap
-
- # if a README exists then obtain the cjdns parameters
- function_check get_cjdns_ipv6_address
- get_cjdns_ipv6_address
-
- function_check get_cjdns_public_key
- get_cjdns_public_key
-
- function_check get_cjdns_private_key
- get_cjdns_private_key
-
- function_check get_cjdns_port
- get_cjdns_port
-
- function_check get_cjdns_password
- get_cjdns_password
-
- # special compile settings for running ./do on the Beaglebone Black
- if [[ $INSTALLING_ON_BBB == "yes" ]]; then
- CFLAGS="-O2 -march=armv7-a -mtune=cortex-a8 -mfpu=neon -ftree-vectorize -ffast-math -mfloat-abi=hard -marm -Wno-error=maybe-uninitialized"
- export LDFLAGS="$CFLAGS"
- fi
-
- if [ ! -d /etc/cjdns ]; then
- function_check git_pull
- git_clone $CJDNS_REPO /etc/cjdns
- cd /etc/cjdns
-
- git checkout $CJDNS_COMMIT -b $CJDNS_COMMIT
- if ! grep -q "cjdns commit" $COMPLETION_FILE; then
- echo "cjdns commit:$CJDNS_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/cjdns commit.*/cjdns commit:$CJDNS_COMMIT/g" $COMPLETION_FILE
- fi
-
- ./do
- if [ ! "$?" = "0" ]; then
- exit 7439
- fi
- # create a configuration
- if [ ! -f /etc/cjdns/cjdroute.conf ]; then
- ./cjdroute --genconf > /etc/cjdns/cjdroute.conf
- if [ ! "$?" = "0" ]; then
- exit 5922
- fi
- fi
- # create a user to run as
- useradd cjdns
- else
- cd /etc/cjdns
- function_check git_pull
- git_pull $CJDNS_REPO
- ./do
- if [ ! "$?" = "0" ]; then
- exit 9926
- fi
- fi
-
- # set permissions
- chown -R cjdns:cjdns /etc/cjdns
- chmod 600 /etc/cjdns/cjdroute.conf
-
- /sbin/ip tuntap add mode tun user cjdns dev cjdroute0
-
- # insert values into the configuration file
- if [ $CJDNS_PRIVATE_KEY ]; then
- sed -i "s/\"privateKey\":.*/\"privateKey\": \"$CJDNS_PRIVATE_KEY\",/g" /etc/cjdns/cjdroute.conf
- else
- CJDNS_PRIVATE_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"privateKey"' | awk -F '"' '{print $4}' | sed -n 1p)
- fi
- if [ $CJDNS_PUBLIC_KEY ]; then
- sed -i "s/\"publicKey\":.*/\"publicKey\": \"$CJDNS_PUBLIC_KEY\",/g" /etc/cjdns/cjdroute.conf
- else
- CJDNS_PUBLIC_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"publicKey"' | awk -F '"' '{print $4}' | sed -n 1p)
- fi
- if [ $CJDNS_IPV6 ]; then
- sed -i "s/\"ipv6\":.*/\"ipv6\": \"$CJDNS_IPV6\",/g" /etc/cjdns/cjdroute.conf
- else
- CJDNS_IPV6=$(cat /etc/cjdns/cjdroute.conf | grep '"ipv6"' | awk -F '"' '{print $4}' | sed -n 1p)
- fi
- if [ $CJDNS_PASSWORD ]; then
- sed -i "0,/{\"password\":.*/s//{\"password\": \"$CJDNS_PASSWORD\"}/g" /etc/cjdns/cjdroute.conf
- else
- CJDNS_PASSWORD=$(cat /etc/cjdns/cjdroute.conf | grep '"password"' | awk -F '"' '{print $4}' | sed -n 1p)
- fi
- if [ $CJDNS_PORT ]; then
- sed -i "s/\"bind\": \"0.0.0.0:.*/\"bind\": \"0.0.0.0:$CJDNS_PORT\",/g" /etc/cjdns/cjdroute.conf
- else
- CJDNS_PORT=$(cat /etc/cjdns/cjdroute.conf | grep '"bind": "0.0.0.0:' | awk -F '"' '{print $4}' | awk -F ':' '{print $2}' | sed -n 1p)
- fi
-
- function_check enable_ipv6
- enable_ipv6
-
- echo '#!/bin/sh -e' > /etc/init.d/cjdns
- echo '### BEGIN INIT INFO' >> /etc/init.d/cjdns
- echo '# hyperboria.sh - An init script (/etc/init.d/) for cjdns' >> /etc/init.d/cjdns
- echo '# Provides: cjdroute' >> /etc/init.d/cjdns
- echo '# Required-Start: $remote_fs $network' >> /etc/init.d/cjdns
- echo '# Required-Stop: $remote_fs $network' >> /etc/init.d/cjdns
- echo '# Default-Start: 2 3 4 5' >> /etc/init.d/cjdns
- echo '# Default-Stop: 0 1 6' >> /etc/init.d/cjdns
- echo '# Short-Description: Cjdns router' >> /etc/init.d/cjdns
- echo '# Description: A routing engine designed for security, scalability, speed and ease of use.' >> /etc/init.d/cjdns
- echo '# cjdns git repo: https://github.com/cjdelisle/cjdns/' >> /etc/init.d/cjdns
- echo '### END INIT INFO' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'PROG="cjdroute"' >> /etc/init.d/cjdns
- echo 'GIT_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
- echo 'PROG_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
- echo 'CJDNS_CONFIG="cjdroute.conf"' >> /etc/init.d/cjdns
- echo 'CJDNS_USER="cjdns"' >> /etc/init.d/cjdns
- echo "CJDNS_IP='$CJDNS_IPV6'" >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'start() {' >> /etc/init.d/cjdns
- echo ' # Start it up with the user cjdns' >> /etc/init.d/cjdns
- echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
- echo ' then' >> /etc/init.d/cjdns
- echo ' echo "cjdroute is already running. Doing nothing..."' >> /etc/init.d/cjdns
- echo ' else' >> /etc/init.d/cjdns
- echo ' echo " * Starting cjdroute"' >> /etc/init.d/cjdns
- echo ' su -c "$PROG_PATH/$PROG < $PROG_PATH/$CJDNS_CONFIG" - $CJDNS_USER' >> /etc/init.d/cjdns
- echo ' /sbin/ip addr add $CJDNS_IP/8 dev tun0' >> /etc/init.d/cjdns
- echo ' /sbin/ip link set mtu 1312 dev tun0' >> /etc/init.d/cjdns
- echo ' /sbin/ip link set tun0 up' >> /etc/init.d/cjdns
- echo ' /sbin/ip tuntap add mode tun user cjdns dev tun0' >> /etc/init.d/cjdns
- echo ' fi' >> /etc/init.d/cjdns
- echo '}' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'stop() {' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo ' if [ $(pgrep cjdroute | wc -l) != 2 ];' >> /etc/init.d/cjdns
- echo ' then' >> /etc/init.d/cjdns
- echo ' echo "cjdns isnt running."' >> /etc/init.d/cjdns
- echo ' else' >> /etc/init.d/cjdns
- echo ' echo "Killing cjdroute"' >> /etc/init.d/cjdns
- echo ' killall cjdroute' >> /etc/init.d/cjdns
- echo ' fi' >> /etc/init.d/cjdns
- echo '}' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'status() {' >> /etc/init.d/cjdns
- echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
- echo ' then' >> /etc/init.d/cjdns
- echo ' echo "Cjdns is running"' >> /etc/init.d/cjdns
- echo ' else' >> /etc/init.d/cjdns
- echo ' echo "Cjdns is not running"' >> /etc/init.d/cjdns
- echo ' fi' >> /etc/init.d/cjdns
- echo '}' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo ' update() {' >> /etc/init.d/cjdns
- echo ' cd $GIT_PATH' >> /etc/init.d/cjdns
- echo ' echo "Updating..."' >> /etc/init.d/cjdns
- echo ' git pull' >> /etc/init.d/cjdns
- echo ' ./do' >> /etc/init.d/cjdns
- echo '}' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo '## Check to see if we are running as root first.' >> /etc/init.d/cjdns
- echo 'if [ "$(id -u)" != "0" ]; then' >> /etc/init.d/cjdns
- echo ' echo "This script must be run as root" 1>&2' >> /etc/init.d/cjdns
- echo ' exit 1' >> /etc/init.d/cjdns
- echo 'fi' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'case $1 in' >> /etc/init.d/cjdns
- echo ' start)' >> /etc/init.d/cjdns
- echo ' start' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' stop)' >> /etc/init.d/cjdns
- echo ' stop' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' reload|restart|force-reload)' >> /etc/init.d/cjdns
- echo ' stop' >> /etc/init.d/cjdns
- echo ' sleep 1' >> /etc/init.d/cjdns
- echo ' start' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' status)' >> /etc/init.d/cjdns
- echo ' status' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' update|upgrade)' >> /etc/init.d/cjdns
- echo ' update' >> /etc/init.d/cjdns
- echo ' stop' >> /etc/init.d/cjdns
- echo ' sleep 2' >> /etc/init.d/cjdns
- echo ' start' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' **)' >> /etc/init.d/cjdns
- echo ' echo "Usage: $0 (start|stop|restart|status|update)" 1>&2' >> /etc/init.d/cjdns
- echo ' exit 1' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo 'esac' >> /etc/init.d/cjdns
- chmod +x /etc/init.d/cjdns
- update-rc.d cjdns defaults
- service cjdns start
- if [ ! "$?" = "0" ]; then
- systemctl status cjdns.service
- exit 8260
- fi
-
- apt-get -y install radvd
- echo 'interface eth0' > /etc/radvd.conf
- echo '{' >> /etc/radvd.conf
- echo ' AdvSendAdvert on;' >> /etc/radvd.conf
- echo ' prefix fdfc::1/64' >> /etc/radvd.conf
- echo ' {' >> /etc/radvd.conf
- echo ' AdvRouterAddr on;' >> /etc/radvd.conf
- echo ' };' >> /etc/radvd.conf
- echo '};' >> /etc/radvd.conf
- systemctl restart radvd
- if [ ! "$?" = "0" ]; then
- systemctl status radvd.service
- exit 4395
- fi
-
- if ! grep -q "# Mesh Networking (cjdns)" /etc/network/interfaces; then
- echo '' >> /etc/network/interfaces
- echo '# Mesh Networking (cjdns)' >> /etc/network/interfaces
- echo 'iface eth0 inet6 static' >> /etc/network/interfaces
- echo ' pre-up modprobe ipv6' >> /etc/network/interfaces
- echo ' address fdfc:0000:0000:0000:0000:0000:0000:0001' >> /etc/network/interfaces
- echo ' netmask 64' >> /etc/network/interfaces
- service network-manager restart
- if [ ! "$?" = "0" ]; then
- systemctl status networking.service
- exit 6949
- fi
- fi
-
- if ! grep -q $"Mesh Networking (cjdns)" /home/$MY_USERNAME/README; then
- CURRENT_IP_ADDRESS=$(ip addr show | grep "inet " | sed -n 2p | awk -F ' ' '{print $2}' | awk -F '/' '{print $1}')
-
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Mesh Networking (cjdns)' >> /home/$MY_USERNAME/README
- echo '=======================' >> /home/$MY_USERNAME/README
- echo $"cjdns IPv6 address: $CJDNS_IPV6" >> /home/$MY_USERNAME/README
- echo $"cjdns public key: $CJDNS_PUBLIC_KEY" >> /home/$MY_USERNAME/README
- echo $"cjdns private key: $CJDNS_PRIVATE_KEY" >> /home/$MY_USERNAME/README
- echo $"cjdns password: $CJDNS_PASSWORD" >> /home/$MY_USERNAME/README
- echo $"cjdns port: $CJDNS_PORT" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $"Forward port $CJDNS_PORT from your internet router to the ${PROJECT_NAME}" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Below is an example of your connection credentials' >> /home/$MY_USERNAME/README
- echo $'that you can give to other people so they can connect' >> /home/$MY_USERNAME/README
- echo $'to you using your default password' >> /home/$MY_USERNAME/README
- echo $'Adding a unique password for each user is advisable' >> /home/$MY_USERNAME/README
- echo $'so that leaks can be isolated.' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo "\"$CURRENT_IP_ADDRESS:$CJDNS_PORT\":{\"password\":\"$CJDNS_PASSWORD\",\"publicKey\":\"$CJDNS_PUBLIC_KEY\"}" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'More is not better. 3-5 cjdns peers is good. 30 peers is bad.' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'NEVER USE A PUBLIC PEER. These degrade the network and make it centralized.' >> /home/$MY_USERNAME/README
- echo $'Each node can handle many peers, but no node can handle the entire internet.' >> /home/$MY_USERNAME/README
- echo $'As this network grows any public peer will simply become saturated and' >> /home/$MY_USERNAME/README
- echo $'useless causing issues for the entire network.' >> /home/$MY_USERNAME/README
- echo $'Please report anyone offering you a public peer as they are promoting shared' >> /home/$MY_USERNAME/README
- echo $'passwords which could lead to people pretending to be you. A peering pass' >> /home/$MY_USERNAME/README
- echo $'should not contain someone elses nickname or info but should contain yours' >> /home/$MY_USERNAME/README
- echo $'to ensure it is not shared. It also helps when editing the conf to know who' >> /home/$MY_USERNAME/README
- echo $'each password is for.' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Possible cjdns destinations of interest:' >> /home/$MY_USERNAME/README
- echo ' http://transitiontech.ca/faq' >> /home/$MY_USERNAME/README
- echo ' http://cjdns.ca/hypeirc.txt' >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- function_check configure_firewall_for_cjdns
- configure_firewall_for_cjdns
-
- echo 'install_cjdns_main' >> $COMPLETION_FILE
+ if [[ $ENABLE_CJDNS != "yes" ]]; then
+ return
+ fi
+
+ if grep -Fxq "install_cjdns_main" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install nodejs git build-essential nmap
+
+ # if a README exists then obtain the cjdns parameters
+ function_check get_cjdns_ipv6_address
+ get_cjdns_ipv6_address
+
+ function_check get_cjdns_public_key
+ get_cjdns_public_key
+
+ function_check get_cjdns_private_key
+ get_cjdns_private_key
+
+ function_check get_cjdns_port
+ get_cjdns_port
+
+ function_check get_cjdns_password
+ get_cjdns_password
+
+ # special compile settings for running ./do on the Beaglebone Black
+ if [[ $INSTALLING_ON_BBB == "yes" ]]; then
+ CFLAGS="-O2 -march=armv7-a -mtune=cortex-a8 -mfpu=neon -ftree-vectorize -ffast-math -mfloat-abi=hard -marm -Wno-error=maybe-uninitialized"
+ export LDFLAGS="$CFLAGS"
+ fi
+
+ if [ ! -d /etc/cjdns ]; then
+ function_check git_pull
+ git_clone $CJDNS_REPO /etc/cjdns
+ cd /etc/cjdns
+
+ git checkout $CJDNS_COMMIT -b $CJDNS_COMMIT
+ if ! grep -q "cjdns commit" $COMPLETION_FILE; then
+ echo "cjdns commit:$CJDNS_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/cjdns commit.*/cjdns commit:$CJDNS_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ ./do
+ if [ ! "$?" = "0" ]; then
+ exit 7439
+ fi
+ # create a configuration
+ if [ ! -f /etc/cjdns/cjdroute.conf ]; then
+ ./cjdroute --genconf > /etc/cjdns/cjdroute.conf
+ if [ ! "$?" = "0" ]; then
+ exit 5922
+ fi
+ fi
+ # create a user to run as
+ useradd cjdns
+ else
+ cd /etc/cjdns
+ function_check git_pull
+ git_pull $CJDNS_REPO
+ ./do
+ if [ ! "$?" = "0" ]; then
+ exit 9926
+ fi
+ fi
+
+ # set permissions
+ chown -R cjdns:cjdns /etc/cjdns
+ chmod 600 /etc/cjdns/cjdroute.conf
+
+ /sbin/ip tuntap add mode tun user cjdns dev cjdroute0
+
+ # insert values into the configuration file
+ if [ $CJDNS_PRIVATE_KEY ]; then
+ sed -i "s/\"privateKey\":.*/\"privateKey\": \"$CJDNS_PRIVATE_KEY\",/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_PRIVATE_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"privateKey"' | awk -F '"' '{print $4}' | sed -n 1p)
+ fi
+ if [ $CJDNS_PUBLIC_KEY ]; then
+ sed -i "s/\"publicKey\":.*/\"publicKey\": \"$CJDNS_PUBLIC_KEY\",/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_PUBLIC_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"publicKey"' | awk -F '"' '{print $4}' | sed -n 1p)
+ fi
+ if [ $CJDNS_IPV6 ]; then
+ sed -i "s/\"ipv6\":.*/\"ipv6\": \"$CJDNS_IPV6\",/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_IPV6=$(cat /etc/cjdns/cjdroute.conf | grep '"ipv6"' | awk -F '"' '{print $4}' | sed -n 1p)
+ fi
+ if [ $CJDNS_PASSWORD ]; then
+ sed -i "0,/{\"password\":.*/s//{\"password\": \"$CJDNS_PASSWORD\"}/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_PASSWORD=$(cat /etc/cjdns/cjdroute.conf | grep '"password"' | awk -F '"' '{print $4}' | sed -n 1p)
+ fi
+ if [ $CJDNS_PORT ]; then
+ sed -i "s/\"bind\": \"0.0.0.0:.*/\"bind\": \"0.0.0.0:$CJDNS_PORT\",/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_PORT=$(cat /etc/cjdns/cjdroute.conf | grep '"bind": "0.0.0.0:' | awk -F '"' '{print $4}' | awk -F ':' '{print $2}' | sed -n 1p)
+ fi
+
+ function_check enable_ipv6
+ enable_ipv6
+
+ echo '#!/bin/sh -e' > /etc/init.d/cjdns
+ echo '### BEGIN INIT INFO' >> /etc/init.d/cjdns
+ echo '# hyperboria.sh - An init script (/etc/init.d/) for cjdns' >> /etc/init.d/cjdns
+ echo '# Provides: cjdroute' >> /etc/init.d/cjdns
+ echo '# Required-Start: $remote_fs $network' >> /etc/init.d/cjdns
+ echo '# Required-Stop: $remote_fs $network' >> /etc/init.d/cjdns
+ echo '# Default-Start: 2 3 4 5' >> /etc/init.d/cjdns
+ echo '# Default-Stop: 0 1 6' >> /etc/init.d/cjdns
+ echo '# Short-Description: Cjdns router' >> /etc/init.d/cjdns
+ echo '# Description: A routing engine designed for security, scalability, speed and ease of use.' >> /etc/init.d/cjdns
+ echo '# cjdns git repo: https://github.com/cjdelisle/cjdns/' >> /etc/init.d/cjdns
+ echo '### END INIT INFO' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'PROG="cjdroute"' >> /etc/init.d/cjdns
+ echo 'GIT_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
+ echo 'PROG_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
+ echo 'CJDNS_CONFIG="cjdroute.conf"' >> /etc/init.d/cjdns
+ echo 'CJDNS_USER="cjdns"' >> /etc/init.d/cjdns
+ echo "CJDNS_IP='$CJDNS_IPV6'" >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'start() {' >> /etc/init.d/cjdns
+ echo ' # Start it up with the user cjdns' >> /etc/init.d/cjdns
+ echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
+ echo ' then' >> /etc/init.d/cjdns
+ echo ' echo "cjdroute is already running. Doing nothing..."' >> /etc/init.d/cjdns
+ echo ' else' >> /etc/init.d/cjdns
+ echo ' echo " * Starting cjdroute"' >> /etc/init.d/cjdns
+ echo ' su -c "$PROG_PATH/$PROG < $PROG_PATH/$CJDNS_CONFIG" - $CJDNS_USER' >> /etc/init.d/cjdns
+ echo ' /sbin/ip addr add $CJDNS_IP/8 dev tun0' >> /etc/init.d/cjdns
+ echo ' /sbin/ip link set mtu 1312 dev tun0' >> /etc/init.d/cjdns
+ echo ' /sbin/ip link set tun0 up' >> /etc/init.d/cjdns
+ echo ' /sbin/ip tuntap add mode tun user cjdns dev tun0' >> /etc/init.d/cjdns
+ echo ' fi' >> /etc/init.d/cjdns
+ echo '}' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'stop() {' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo ' if [ $(pgrep cjdroute | wc -l) != 2 ];' >> /etc/init.d/cjdns
+ echo ' then' >> /etc/init.d/cjdns
+ echo ' echo "cjdns isnt running."' >> /etc/init.d/cjdns
+ echo ' else' >> /etc/init.d/cjdns
+ echo ' echo "Killing cjdroute"' >> /etc/init.d/cjdns
+ echo ' killall cjdroute' >> /etc/init.d/cjdns
+ echo ' fi' >> /etc/init.d/cjdns
+ echo '}' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'status() {' >> /etc/init.d/cjdns
+ echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
+ echo ' then' >> /etc/init.d/cjdns
+ echo ' echo "Cjdns is running"' >> /etc/init.d/cjdns
+ echo ' else' >> /etc/init.d/cjdns
+ echo ' echo "Cjdns is not running"' >> /etc/init.d/cjdns
+ echo ' fi' >> /etc/init.d/cjdns
+ echo '}' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo ' update() {' >> /etc/init.d/cjdns
+ echo ' cd $GIT_PATH' >> /etc/init.d/cjdns
+ echo ' echo "Updating..."' >> /etc/init.d/cjdns
+ echo ' git pull' >> /etc/init.d/cjdns
+ echo ' ./do' >> /etc/init.d/cjdns
+ echo '}' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo '## Check to see if we are running as root first.' >> /etc/init.d/cjdns
+ echo 'if [ "$(id -u)" != "0" ]; then' >> /etc/init.d/cjdns
+ echo ' echo "This script must be run as root" 1>&2' >> /etc/init.d/cjdns
+ echo ' exit 1' >> /etc/init.d/cjdns
+ echo 'fi' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'case $1 in' >> /etc/init.d/cjdns
+ echo ' start)' >> /etc/init.d/cjdns
+ echo ' start' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' stop)' >> /etc/init.d/cjdns
+ echo ' stop' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' reload|restart|force-reload)' >> /etc/init.d/cjdns
+ echo ' stop' >> /etc/init.d/cjdns
+ echo ' sleep 1' >> /etc/init.d/cjdns
+ echo ' start' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' status)' >> /etc/init.d/cjdns
+ echo ' status' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' update|upgrade)' >> /etc/init.d/cjdns
+ echo ' update' >> /etc/init.d/cjdns
+ echo ' stop' >> /etc/init.d/cjdns
+ echo ' sleep 2' >> /etc/init.d/cjdns
+ echo ' start' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' **)' >> /etc/init.d/cjdns
+ echo ' echo "Usage: $0 (start|stop|restart|status|update)" 1>&2' >> /etc/init.d/cjdns
+ echo ' exit 1' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo 'esac' >> /etc/init.d/cjdns
+ chmod +x /etc/init.d/cjdns
+ update-rc.d cjdns defaults
+ service cjdns start
+ if [ ! "$?" = "0" ]; then
+ systemctl status cjdns.service
+ exit 8260
+ fi
+
+ apt-get -y install radvd
+ echo 'interface eth0' > /etc/radvd.conf
+ echo '{' >> /etc/radvd.conf
+ echo ' AdvSendAdvert on;' >> /etc/radvd.conf
+ echo ' prefix fdfc::1/64' >> /etc/radvd.conf
+ echo ' {' >> /etc/radvd.conf
+ echo ' AdvRouterAddr on;' >> /etc/radvd.conf
+ echo ' };' >> /etc/radvd.conf
+ echo '};' >> /etc/radvd.conf
+ systemctl restart radvd
+ if [ ! "$?" = "0" ]; then
+ systemctl status radvd.service
+ exit 4395
+ fi
+
+ if ! grep -q "# Mesh Networking (cjdns)" /etc/network/interfaces; then
+ echo '' >> /etc/network/interfaces
+ echo '# Mesh Networking (cjdns)' >> /etc/network/interfaces
+ echo 'iface eth0 inet6 static' >> /etc/network/interfaces
+ echo ' pre-up modprobe ipv6' >> /etc/network/interfaces
+ echo ' address fdfc:0000:0000:0000:0000:0000:0000:0001' >> /etc/network/interfaces
+ echo ' netmask 64' >> /etc/network/interfaces
+ service network-manager restart
+ if [ ! "$?" = "0" ]; then
+ systemctl status networking.service
+ exit 6949
+ fi
+ fi
+
+ if ! grep -q $"Mesh Networking (cjdns)" /home/$MY_USERNAME/README; then
+ CURRENT_IP_ADDRESS=$(ip addr show | grep "inet " | sed -n 2p | awk -F ' ' '{print $2}' | awk -F '/' '{print $1}')
+
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Mesh Networking (cjdns)' >> /home/$MY_USERNAME/README
+ echo '=======================' >> /home/$MY_USERNAME/README
+ echo $"cjdns IPv6 address: $CJDNS_IPV6" >> /home/$MY_USERNAME/README
+ echo $"cjdns public key: $CJDNS_PUBLIC_KEY" >> /home/$MY_USERNAME/README
+ echo $"cjdns private key: $CJDNS_PRIVATE_KEY" >> /home/$MY_USERNAME/README
+ echo $"cjdns password: $CJDNS_PASSWORD" >> /home/$MY_USERNAME/README
+ echo $"cjdns port: $CJDNS_PORT" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $"Forward port $CJDNS_PORT from your internet router to the ${PROJECT_NAME}" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Below is an example of your connection credentials' >> /home/$MY_USERNAME/README
+ echo $'that you can give to other people so they can connect' >> /home/$MY_USERNAME/README
+ echo $'to you using your default password' >> /home/$MY_USERNAME/README
+ echo $'Adding a unique password for each user is advisable' >> /home/$MY_USERNAME/README
+ echo $'so that leaks can be isolated.' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo "\"$CURRENT_IP_ADDRESS:$CJDNS_PORT\":{\"password\":\"$CJDNS_PASSWORD\",\"publicKey\":\"$CJDNS_PUBLIC_KEY\"}" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'More is not better. 3-5 cjdns peers is good. 30 peers is bad.' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'NEVER USE A PUBLIC PEER. These degrade the network and make it centralized.' >> /home/$MY_USERNAME/README
+ echo $'Each node can handle many peers, but no node can handle the entire internet.' >> /home/$MY_USERNAME/README
+ echo $'As this network grows any public peer will simply become saturated and' >> /home/$MY_USERNAME/README
+ echo $'useless causing issues for the entire network.' >> /home/$MY_USERNAME/README
+ echo $'Please report anyone offering you a public peer as they are promoting shared' >> /home/$MY_USERNAME/README
+ echo $'passwords which could lead to people pretending to be you. A peering pass' >> /home/$MY_USERNAME/README
+ echo $'should not contain someone elses nickname or info but should contain yours' >> /home/$MY_USERNAME/README
+ echo $'to ensure it is not shared. It also helps when editing the conf to know who' >> /home/$MY_USERNAME/README
+ echo $'each password is for.' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Possible cjdns destinations of interest:' >> /home/$MY_USERNAME/README
+ echo ' http://transitiontech.ca/faq' >> /home/$MY_USERNAME/README
+ echo ' http://cjdns.ca/hypeirc.txt' >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ function_check configure_firewall_for_cjdns
+ configure_firewall_for_cjdns
+
+ echo 'install_cjdns_main' >> $COMPLETION_FILE
}
function install_cjdns_tools {
- if grep -Fxq "install_cjdns_tools" $COMPLETION_FILE; then
- return
- fi
- if [[ $ENABLE_CJDNS != "yes" ]]; then
- return
- fi
- if [ ! -d /etc/cjdns ]; then
- install_cjdns
- fi
-
- function_check select_go_version
- select_go_version
-
- apt-get -y install golang mercurial
- if [ ! -f ~/.bashrc ]; then
- touch ~/.bashrc
- fi
-
- if [ ! -d /home/git ]; then
- # add a gogs user account
- adduser --disabled-login --gecos 'Gogs' git
-
- # install Go
- if ! grep -q "export GOPATH=" ~/.bashrc; then
- echo "export GOPATH=$GOPATH" >> ~/.bashrc
- fi
- systemctl set-environment GOPATH=$GOPATH
- if ! grep -q "systemctl set-environment GOPATH=" ~/.bashrc; then
- echo "systemctl set-environment GOPATH=$GOPATH" >> ~/.bashrc
- fi
- if [ ! -d $GOPATH ]; then
- mkdir -p $GOPATH
- fi
- fi
-
- if ! grep -q "export GOPATH=" ~/.bashrc; then
- echo "export GOPATH=$GOPATH" >> ~/.bashrc
- fi
- expected_go_path='export PATH=$PATH:'${GOPATH}'/bin'
- export PATH=$PATH:${GOPATH}/bin
- if ! grep -q "$expected_go_path" ~/.bashrc; then
- echo "$expected_go_path" >> ~/.bashrc
- fi
- export PATH=$PATH:$GOPATH/bin
- CJDCMD_REPO2=$(echo "$CJDCMD_REPO" | sed 's|https://||g')
- go get $CJDCMD_REPO2
- if [ ! -f $GOPATH/bin/cjdcmd ]; then
- echo $'cjdcmd was not compiled. Check your golang installation'
- exit 7439
- fi
- cp $GOPATH/bin/cjdcmd /usr/bin
-
- # initialise from the cjdns config
- /usr/bin/cjdcmd cjdnsadmin -file /etc/cjdns/cjdroute.conf
-
- echo 'install_cjdns_tools' >> $COMPLETION_FILE
+ if grep -Fxq "install_cjdns_tools" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ENABLE_CJDNS != "yes" ]]; then
+ return
+ fi
+ if [ ! -d /etc/cjdns ]; then
+ install_cjdns
+ fi
+
+ function_check select_go_version
+ select_go_version
+
+ apt-get -y install golang mercurial
+ if [ ! -f ~/.bashrc ]; then
+ touch ~/.bashrc
+ fi
+
+ if [ ! -d /home/git ]; then
+ # add a gogs user account
+ adduser --disabled-login --gecos 'Gogs' git
+
+ # install Go
+ if ! grep -q "export GOPATH=" ~/.bashrc; then
+ echo "export GOPATH=$GOPATH" >> ~/.bashrc
+ fi
+ systemctl set-environment GOPATH=$GOPATH
+ if ! grep -q "systemctl set-environment GOPATH=" ~/.bashrc; then
+ echo "systemctl set-environment GOPATH=$GOPATH" >> ~/.bashrc
+ fi
+ if [ ! -d $GOPATH ]; then
+ mkdir -p $GOPATH
+ fi
+ fi
+
+ if ! grep -q "export GOPATH=" ~/.bashrc; then
+ echo "export GOPATH=$GOPATH" >> ~/.bashrc
+ fi
+ expected_go_path='export PATH=$PATH:'${GOPATH}'/bin'
+ export PATH=$PATH:${GOPATH}/bin
+ if ! grep -q "$expected_go_path" ~/.bashrc; then
+ echo "$expected_go_path" >> ~/.bashrc
+ fi
+ export PATH=$PATH:$GOPATH/bin
+ CJDCMD_REPO2=$(echo "$CJDCMD_REPO" | sed 's|https://||g')
+ go get $CJDCMD_REPO2
+ if [ ! -f $GOPATH/bin/cjdcmd ]; then
+ echo $'cjdcmd was not compiled. Check your golang installation'
+ exit 7439
+ fi
+ cp $GOPATH/bin/cjdcmd /usr/bin
+
+ # initialise from the cjdns config
+ /usr/bin/cjdcmd cjdnsadmin -file /etc/cjdns/cjdroute.conf
+
+ echo 'install_cjdns_tools' >> $COMPLETION_FILE
}
function install_cjdns {
- if grep -Fxq "install_cjdns" $COMPLETION_FILE; then
- return
- fi
- install_cjdns_main
- install_cjdns_tools
- echo 'install_cjdns' >> $COMPLETION_FILE
+ if grep -Fxq "install_cjdns" $COMPLETION_FILE; then
+ return
+ fi
+ install_cjdns_main
+ install_cjdns_tools
+ echo 'install_cjdns' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-dlna b/src/freedombone-app-dlna
index 734e663b1..ea685a800 100755
--- a/src/freedombone-app-dlna
+++ b/src/freedombone-app-dlna
@@ -30,206 +30,210 @@
VARIANTS='full media'
+function change_password_dlna {
+ echo -n ''
+}
+
function reconfigure_dlna {
- echo ''
+ echo ''
}
function upgrade_dlna {
- echo ''
+ echo ''
}
function configure_firewall_for_dlna {
- if grep -Fxq "configure_firewall_for_dlna" $COMPLETION_FILE; then
- return
- fi
- if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
- # docker does its own firewalling
- return
- fi
- iptables -A INPUT -p udp --dport 1900 -j ACCEPT
- iptables -A INPUT -p tcp --dport 8200 -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=('DLNA 1900')
- OPEN_PORTS+=('DLNA 8200')
- echo 'configure_firewall_for_dlna' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_dlna" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
+ # docker does its own firewalling
+ return
+ fi
+ iptables -A INPUT -p udp --dport 1900 -j ACCEPT
+ iptables -A INPUT -p tcp --dport 8200 -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=('DLNA 1900')
+ OPEN_PORTS+=('DLNA 8200')
+ echo 'configure_firewall_for_dlna' >> $COMPLETION_FILE
}
function backup_local_dlna {
- source_directory=/var/cache/minidlna
- if [ -d $source_directory ]; then
- dest_directory=dlna
- echo $"Backing up $source_directory to $dest_directory"
+ source_directory=/var/cache/minidlna
+ if [ -d $source_directory ]; then
+ dest_directory=dlna
+ echo $"Backing up $source_directory to $dest_directory"
- function_check backup_directory_to_usb
- backup_directory_to_usb $source_directory $dest_directory
+ function_check backup_directory_to_usb
+ backup_directory_to_usb $source_directory $dest_directory
- echo $"Backup to $dest_directory complete"
- fi
+ echo $"Backup to $dest_directory complete"
+ fi
}
function restore_local_dlna {
- if [ -d /var/cache/minidlna ]; then
- if [ -d $USB_MOUNT/backup/dlna ]; then
- echo $"Restoring DLNA cache"
- temp_restore_dir=/root/tempdlna
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir dlna
- cp -r $temp_restore_dir/var/cache/minidlna/* /var/cache/minidlna/
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 982572
- fi
- rm -rf $temp_restore_dir
- fi
- fi
+ if [ -d /var/cache/minidlna ]; then
+ if [ -d $USB_MOUNT/backup/dlna ]; then
+ echo $"Restoring DLNA cache"
+ temp_restore_dir=/root/tempdlna
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir dlna
+ cp -r $temp_restore_dir/var/cache/minidlna/* /var/cache/minidlna/
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 982572
+ fi
+ rm -rf $temp_restore_dir
+ fi
+ fi
}
function backup_remote_dlna {
- if [ -d /var/cache/minidlna ]; then
- echo $"Backing up DLNA cache"
- backup_directory_to_friend /var/cache/minidlna dlna
- echo $"Backup of DLNA cache complete"
- fi
+ if [ -d /var/cache/minidlna ]; then
+ echo $"Backing up DLNA cache"
+ backup_directory_to_friend /var/cache/minidlna dlna
+ echo $"Backup of DLNA cache complete"
+ fi
}
function restore_remote_dlna {
- if [ -d /var/cache/minidlna ]; then
- if [ -d $SERVER_DIRECTORY/backup/dlna ]; then
- echo $"Restoring DLNA cache"
- temp_restore_dir=/root/tempdlna
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir dlna
- cp -r $temp_restore_dir/var/cache/minidlna/* /var/cache/minidlna/
- if [ ! "$?" = "0" ]; then
- exit 982
- fi
- rm -rf $temp_restore_dir
- echo $"Restore of DLNA complete"
- fi
- fi
+ if [ -d /var/cache/minidlna ]; then
+ if [ -d $SERVER_DIRECTORY/backup/dlna ]; then
+ echo $"Restoring DLNA cache"
+ temp_restore_dir=/root/tempdlna
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir dlna
+ cp -r $temp_restore_dir/var/cache/minidlna/* /var/cache/minidlna/
+ if [ ! "$?" = "0" ]; then
+ exit 982
+ fi
+ rm -rf $temp_restore_dir
+ echo $"Restore of DLNA complete"
+ fi
+ fi
}
function remove_dlna {
- if ! grep -Fxq "install_dlna" $COMPLETION_FILE; then
- return
- fi
- service minidlna stop
- apt-get -y remove --purge minidlna
- if [ -f /etc/minidlna.conf ]; then
- rm /etc/minidlna.conf
- fi
- iptables -D INPUT -p udp --dport 1900 -j ACCEPT
- iptables -D INPUT -p tcp --dport 8200 -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
- sed -i '/install_dlna/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_dlna" $COMPLETION_FILE; then
+ return
+ fi
+ service minidlna stop
+ apt-get -y remove --purge minidlna
+ if [ -f /etc/minidlna.conf ]; then
+ rm /etc/minidlna.conf
+ fi
+ iptables -D INPUT -p udp --dport 1900 -j ACCEPT
+ iptables -D INPUT -p tcp --dport 8200 -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+ sed -i '/install_dlna/d' $COMPLETION_FILE
}
function install_dlna_main {
- if grep -Fxq "install_dlna_main" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install minidlna
-
- if [ ! -f /etc/minidlna.conf ]; then
- echo $"ERROR: minidlna does not appear to have installed. $CHECK_MESSAGE"
- exit 55
- fi
-
- sed -i "s|media_dir=/var/lib/minidlna|media_dir=A,/home/$MY_USERNAME/Music|g" /etc/minidlna.conf
- if ! grep -q "/home/$MY_USERNAME/Pictures" /etc/minidlna.conf; then
- echo "media_dir=P,/home/$MY_USERNAME/Pictures" >> /etc/minidlna.conf
- fi
- if ! grep -q "/home/$MY_USERNAME/Videos" /etc/minidlna.conf; then
- echo "media_dir=V,/home/$MY_USERNAME/Videos" >> /etc/minidlna.conf
- fi
- if ! grep -q "$USB_MOUNT/Music" /etc/minidlna.conf; then
- echo "media_dir=A,$USB_MOUNT/Music" >> /etc/minidlna.conf
- fi
- if ! grep -q "$USB_MOUNT/Pictures" /etc/minidlna.conf; then
- echo "media_dir=P,$USB_MOUNT/Pictures" >> /etc/minidlna.conf
- fi
- if ! grep -q "$USB_MOUNT/Videos" /etc/minidlna.conf; then
- echo "media_dir=V,$USB_MOUNT/Videos" >> /etc/minidlna.conf
- fi
- sed -i 's/#root_container=./root_container=B/g' /etc/minidlna.conf
- if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
- sed -i 's/#network_interface=/network_interface=eth0/g' /etc/minidlna.conf
- else
- sed -i 's/#network_interface=/network_interface=$WIFI_INTERFACE/g' /etc/minidlna.conf
- fi
- sed -i "s/#friendly_name=/friendly_name=\"${PROJECT_NAME} Media\"/g" /etc/minidlna.conf
- sed -i 's|#db_dir=/var/cache/minidlna|db_dir=/var/cache/minidlna|g' /etc/minidlna.conf
- sed -i 's/#inotify=yes/inotify=yes/g' /etc/minidlna.conf
- sed -i 's/#notify_interval=895/notify_interval=300/g' /etc/minidlna.conf
- sed -i "s|#presentation_url=/|presentation_url=http://localhost:8200|g" /etc/minidlna.conf
- service minidlna force-reload
- service minidlna reload
-
- sed -i 's/fs.inotify.max_user_watches*/fs.inotify.max_user_watches=65536/g' /etc/sysctl.conf
- if ! grep -q "max_user_watches" $COMPLETION_FILE; then
- echo 'fs.inotify.max_user_watches=65536' >> /etc/sysctl.conf
- fi
- /sbin/sysctl -p
-
- function_check configure_firewall_for_dlna
- configure_firewall_for_dlna
- echo 'install_dlna_main' >> $COMPLETION_FILE
+ if grep -Fxq "install_dlna_main" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install minidlna
+
+ if [ ! -f /etc/minidlna.conf ]; then
+ echo $"ERROR: minidlna does not appear to have installed. $CHECK_MESSAGE"
+ exit 55
+ fi
+
+ sed -i "s|media_dir=/var/lib/minidlna|media_dir=A,/home/$MY_USERNAME/Music|g" /etc/minidlna.conf
+ if ! grep -q "/home/$MY_USERNAME/Pictures" /etc/minidlna.conf; then
+ echo "media_dir=P,/home/$MY_USERNAME/Pictures" >> /etc/minidlna.conf
+ fi
+ if ! grep -q "/home/$MY_USERNAME/Videos" /etc/minidlna.conf; then
+ echo "media_dir=V,/home/$MY_USERNAME/Videos" >> /etc/minidlna.conf
+ fi
+ if ! grep -q "$USB_MOUNT/Music" /etc/minidlna.conf; then
+ echo "media_dir=A,$USB_MOUNT/Music" >> /etc/minidlna.conf
+ fi
+ if ! grep -q "$USB_MOUNT/Pictures" /etc/minidlna.conf; then
+ echo "media_dir=P,$USB_MOUNT/Pictures" >> /etc/minidlna.conf
+ fi
+ if ! grep -q "$USB_MOUNT/Videos" /etc/minidlna.conf; then
+ echo "media_dir=V,$USB_MOUNT/Videos" >> /etc/minidlna.conf
+ fi
+ sed -i 's/#root_container=./root_container=B/g' /etc/minidlna.conf
+ if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
+ sed -i 's/#network_interface=/network_interface=eth0/g' /etc/minidlna.conf
+ else
+ sed -i 's/#network_interface=/network_interface=$WIFI_INTERFACE/g' /etc/minidlna.conf
+ fi
+ sed -i "s/#friendly_name=/friendly_name=\"${PROJECT_NAME} Media\"/g" /etc/minidlna.conf
+ sed -i 's|#db_dir=/var/cache/minidlna|db_dir=/var/cache/minidlna|g' /etc/minidlna.conf
+ sed -i 's/#inotify=yes/inotify=yes/g' /etc/minidlna.conf
+ sed -i 's/#notify_interval=895/notify_interval=300/g' /etc/minidlna.conf
+ sed -i "s|#presentation_url=/|presentation_url=http://localhost:8200|g" /etc/minidlna.conf
+ service minidlna force-reload
+ service minidlna reload
+
+ sed -i 's/fs.inotify.max_user_watches*/fs.inotify.max_user_watches=65536/g' /etc/sysctl.conf
+ if ! grep -q "max_user_watches" $COMPLETION_FILE; then
+ echo 'fs.inotify.max_user_watches=65536' >> /etc/sysctl.conf
+ fi
+ /sbin/sysctl -p
+
+ function_check configure_firewall_for_dlna
+ configure_firewall_for_dlna
+ echo 'install_dlna_main' >> $COMPLETION_FILE
}
function script_for_attaching_usb_drive {
- if grep -Fxq "script_for_attaching_usb_drive" $COMPLETION_FILE; then
- return
- fi
- echo '#!/bin/bash' > /usr/bin/attach-music
- echo 'remove-music' >> /usr/bin/attach-music
- echo "if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/attach-music
- echo " mkdir $USB_MOUNT" >> /usr/bin/attach-music
- echo 'fi' >> /usr/bin/attach-music
- echo "mount /dev/sda1 $USB_MOUNT" >> /usr/bin/attach-music
- echo "chown root:root $USB_MOUNT" >> /usr/bin/attach-music
- echo "chown -R minidlna:minidlna $USB_MOUNT/*" >> /usr/bin/attach-music
- echo 'service minidlna restart' >> /usr/bin/attach-music
- echo 'minidlnad -R' >> /usr/bin/attach-music
- chmod +x /usr/bin/attach-music
- ln -s /usr/bin/attach-music /usr/bin/attach-usb
- ln -s /usr/bin/attach-music /usr/bin/attach-videos
- ln -s /usr/bin/attach-music /usr/bin/attach-pictures
- ln -s /usr/bin/attach-music /usr/bin/attach-media
-
- echo '#!/bin/bash' > /usr/bin/remove-music
- echo "if [ -d $USB_MOUNT ]; then" >> /usr/bin/remove-music
- echo " umount $USB_MOUNT" >> /usr/bin/remove-music
- echo " rm -rf $USB_MOUNT" >> /usr/bin/remove-music
- echo 'fi' >> /usr/bin/remove-music
- chmod +x /usr/bin/remove-music
- ln -s /usr/bin/remove-music /usr/bin/detach-music
- ln -s /usr/bin/remove-music /usr/bin/detach-usb
- ln -s /usr/bin/remove-music /usr/bin/remove-usb
- ln -s /usr/bin/remove-music /usr/bin/detach-media
- ln -s /usr/bin/remove-music /usr/bin/remove-media
- ln -s /usr/bin/remove-music /usr/bin/detach-videos
- ln -s /usr/bin/remove-music /usr/bin/remove-videos
- ln -s /usr/bin/remove-music /usr/bin/detach-pictures
- ln -s /usr/bin/remove-music /usr/bin/remove-pictures
-
- echo 'script_for_attaching_usb_drive' >> $COMPLETION_FILE
+ if grep -Fxq "script_for_attaching_usb_drive" $COMPLETION_FILE; then
+ return
+ fi
+ echo '#!/bin/bash' > /usr/bin/attach-music
+ echo 'remove-music' >> /usr/bin/attach-music
+ echo "if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/attach-music
+ echo " mkdir $USB_MOUNT" >> /usr/bin/attach-music
+ echo 'fi' >> /usr/bin/attach-music
+ echo "mount /dev/sda1 $USB_MOUNT" >> /usr/bin/attach-music
+ echo "chown root:root $USB_MOUNT" >> /usr/bin/attach-music
+ echo "chown -R minidlna:minidlna $USB_MOUNT/*" >> /usr/bin/attach-music
+ echo 'service minidlna restart' >> /usr/bin/attach-music
+ echo 'minidlnad -R' >> /usr/bin/attach-music
+ chmod +x /usr/bin/attach-music
+ ln -s /usr/bin/attach-music /usr/bin/attach-usb
+ ln -s /usr/bin/attach-music /usr/bin/attach-videos
+ ln -s /usr/bin/attach-music /usr/bin/attach-pictures
+ ln -s /usr/bin/attach-music /usr/bin/attach-media
+
+ echo '#!/bin/bash' > /usr/bin/remove-music
+ echo "if [ -d $USB_MOUNT ]; then" >> /usr/bin/remove-music
+ echo " umount $USB_MOUNT" >> /usr/bin/remove-music
+ echo " rm -rf $USB_MOUNT" >> /usr/bin/remove-music
+ echo 'fi' >> /usr/bin/remove-music
+ chmod +x /usr/bin/remove-music
+ ln -s /usr/bin/remove-music /usr/bin/detach-music
+ ln -s /usr/bin/remove-music /usr/bin/detach-usb
+ ln -s /usr/bin/remove-music /usr/bin/remove-usb
+ ln -s /usr/bin/remove-music /usr/bin/detach-media
+ ln -s /usr/bin/remove-music /usr/bin/remove-media
+ ln -s /usr/bin/remove-music /usr/bin/detach-videos
+ ln -s /usr/bin/remove-music /usr/bin/remove-videos
+ ln -s /usr/bin/remove-music /usr/bin/detach-pictures
+ ln -s /usr/bin/remove-music /usr/bin/remove-pictures
+
+ echo 'script_for_attaching_usb_drive' >> $COMPLETION_FILE
}
function install_dlna {
- if grep -Fxq "install_dlna" $COMPLETION_FILE; then
- return
- fi
- install_dlna_main
- script_for_attaching_usb_drive
- echo 'install_dlna' >> $COMPLETION_FILE
+ if grep -Fxq "install_dlna" $COMPLETION_FILE; then
+ return
+ fi
+ install_dlna_main
+ script_for_attaching_usb_drive
+ echo 'install_dlna' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-emacs b/src/freedombone-app-emacs
index d12838c04..66c4b8956 100755
--- a/src/freedombone-app-emacs
+++ b/src/freedombone-app-emacs
@@ -30,6 +30,10 @@
VARIANTS='all'
+function change_password_emacs {
+ echo -n ''
+}
+
function reconfigure_emacs {
echo -n ''
}
diff --git a/src/freedombone-app-gnusocial b/src/freedombone-app-gnusocial
index e63c0b26b..36750cf7e 100755
--- a/src/freedombone-app-gnusocial
+++ b/src/freedombone-app-gnusocial
@@ -53,832 +53,836 @@ SHARINGS_THEME_COMMIT='7106c7ef03'
GNUSOCIAL_NSFW_REPO="https://gitgud.io/ShitposterClub/SensitiveContent"
GNUSOCIAL_NSFW_COMMIT='a096bbe0cfae9a9b177682920ffb58d32a48e136'
+function change_password_gnusocial {
+ echo -n ''
+}
+
function get_mariadb_gnusocial_admin_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "MariaDB gnusocial admin password" /home/$MY_USERNAME/README; then
- MICROBLOG_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "MariaDB gnusocial admin password" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- if grep -q "Microblog administrator password" /home/$MY_USERNAME/README; then
- MICROBLOG_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Microblog administrator password" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "MariaDB gnusocial admin password" /home/$MY_USERNAME/README; then
+ MICROBLOG_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "MariaDB gnusocial admin password" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ if grep -q "Microblog administrator password" /home/$MY_USERNAME/README; then
+ MICROBLOG_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Microblog administrator password" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
}
function gnusocial_create_database {
- function_check get_mariadb_gnusocial_admin_password
- get_mariadb_gnusocial_admin_password
- if [ ! $MICROBLOG_ADMIN_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- MICROBLOG_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- MICROBLOG_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- if [ ! $MICROBLOG_ADMIN_PASSWORD ]; then
- return
- fi
-
- function_check create_database
- create_database gnusocial "$MICROBLOG_ADMIN_PASSWORD" $MY_USERNAME
+ function_check get_mariadb_gnusocial_admin_password
+ get_mariadb_gnusocial_admin_password
+ if [ ! $MICROBLOG_ADMIN_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ MICROBLOG_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ MICROBLOG_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+ if [ ! $MICROBLOG_ADMIN_PASSWORD ]; then
+ return
+ fi
+
+ function_check create_database
+ create_database gnusocial "$MICROBLOG_ADMIN_PASSWORD" $MY_USERNAME
}
function gnusocial_running_script {
- if ! grep -Fxq "install_gnusocial" $COMPLETION_FILE; then
- return
- fi
-
- # check that the daemon is running
- echo '#!/bin/bash' > /etc/cron.hourly/gnusocial-daemons
- echo 'daemon_lines=$(ps aux | grep "scripts/queuedaemon.php" | grep "/var/www")' >> /etc/cron.hourly/gnusocial-daemons
- echo 'if [[ $daemon_lines != *"/var/www/"* ]]; then' >> /etc/cron.hourly/gnusocial-daemons
-
- echo " ADMIN_USER=\$(cat $COMPLETION_FILE | grep 'Admin user' | awk -F ':' '{print \$2}')" >> /etc/cron.hourly/gnusocial-daemons
- echo ' MY_EMAIL_ADDRESS=$ADMIN_USER@$HOSTNAME' >> /etc/cron.hourly/gnusocial-daemons
- echo ' echo "Restarting GNU Social daemons" | mail -s "GNU Social daemons not found" $MY_EMAIL_ADDRESS' >> /etc/cron.hourly/gnusocial-daemons
- echo " cd /var/www/${MICROBLOG_DOMAIN_NAME}/htdocs" >> /etc/cron.hourly/gnusocial-daemons
- echo ' scripts/startdaemons.sh' >> /etc/cron.hourly/gnusocial-daemons
- echo 'fi' >> /etc/cron.hourly/gnusocial-daemons
- chmod +x /etc/cron.hourly/gnusocial-daemons
+ if ! grep -Fxq "install_gnusocial" $COMPLETION_FILE; then
+ return
+ fi
+
+ # check that the daemon is running
+ echo '#!/bin/bash' > /etc/cron.hourly/gnusocial-daemons
+ echo 'daemon_lines=$(ps aux | grep "scripts/queuedaemon.php" | grep "/var/www")' >> /etc/cron.hourly/gnusocial-daemons
+ echo 'if [[ $daemon_lines != *"/var/www/"* ]]; then' >> /etc/cron.hourly/gnusocial-daemons
+
+ echo " ADMIN_USER=\$(cat $COMPLETION_FILE | grep 'Admin user' | awk -F ':' '{print \$2}')" >> /etc/cron.hourly/gnusocial-daemons
+ echo ' MY_EMAIL_ADDRESS=$ADMIN_USER@$HOSTNAME' >> /etc/cron.hourly/gnusocial-daemons
+ echo ' echo "Restarting GNU Social daemons" | mail -s "GNU Social daemons not found" $MY_EMAIL_ADDRESS' >> /etc/cron.hourly/gnusocial-daemons
+ echo " cd /var/www/${MICROBLOG_DOMAIN_NAME}/htdocs" >> /etc/cron.hourly/gnusocial-daemons
+ echo ' scripts/startdaemons.sh' >> /etc/cron.hourly/gnusocial-daemons
+ echo 'fi' >> /etc/cron.hourly/gnusocial-daemons
+ chmod +x /etc/cron.hourly/gnusocial-daemons
}
function reconfigure_gnusocial {
- echo -n ''
+ echo -n ''
}
function upgrade_gnusocial {
- if ! grep -Fxq "install_gnusocial_main" $COMPLETION_FILE; then
- return
- fi
+ if ! grep -Fxq "install_gnusocial_main" $COMPLETION_FILE; then
+ return
+ fi
- # update to the next commit
- function_check set_repo_commit
- set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs "GNU Social commit" "$MICROBLOG_COMMIT" $MICROBLOG_REPO
+ # update to the next commit
+ function_check set_repo_commit
+ set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs "GNU Social commit" "$MICROBLOG_COMMIT" $MICROBLOG_REPO
- function_check gnusocial_running_script
- gnusocial_running_script
+ function_check gnusocial_running_script
+ gnusocial_running_script
}
function backup_local_gnusocial {
- MICROBLOG_DOMAIN_NAME='microblog'
- if grep -q "GNU Social domain" $COMPLETION_FILE; then
- MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
- fi
+ MICROBLOG_DOMAIN_NAME='microblog'
+ if grep -q "GNU Social domain" $COMPLETION_FILE; then
+ MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
+ fi
- source_directory=/var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
- if [ -d $source_directory ]; then
- dest_directory=gnusocial
- echo $"Backing up $source_directory to $dest_directory"
+ source_directory=/var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
+ if [ -d $source_directory ]; then
+ dest_directory=gnusocial
+ echo $"Backing up $source_directory to $dest_directory"
- function_check suspend_site
- suspend_site ${MICROBLOG_DOMAIN_NAME}
+ function_check suspend_site
+ suspend_site ${MICROBLOG_DOMAIN_NAME}
- function_check backup_directory_to_usb
- backup_directory_to_usb $source_directory $dest_directory
+ function_check backup_directory_to_usb
+ backup_directory_to_usb $source_directory $dest_directory
- function_check backup_database_to_usb
- backup_database_to_usb gnusocial
+ function_check backup_database_to_usb
+ backup_database_to_usb gnusocial
- function_check restart_site
- restart_site
+ function_check restart_site
+ restart_site
- echo $"Backup to $dest_directory complete"
- fi
+ echo $"Backup to $dest_directory complete"
+ fi
}
function restore_local_gnusocial {
- if ! grep -q "GNU Social domain" $COMPLETION_FILE; then
- return
- fi
- MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
- if [ $MICROBLOG_DOMAIN_NAME ]; then
- echo $"Restoring GNU Social"
- temp_restore_dir=/root/tempgnusocial
- gnusocial_dir=/var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
- # stop the daemons
- cd $gnusocial_dir
- scripts/stopdaemons.sh
-
- function_check gnusocial_create_database
- gnusocial_create_database
-
- restore_database gnusocial ${MICROBLOG_DOMAIN_NAME}
- if [ -d $temp_restore_dir ]; then
- rm -rf $temp_restore_dir
- fi
-
- # start the daemons
- cd $gnusocial_dir
- scripts/startdaemons.sh
- echo $"Restore of GNU Social complete"
- fi
+ if ! grep -q "GNU Social domain" $COMPLETION_FILE; then
+ return
+ fi
+ MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
+ if [ $MICROBLOG_DOMAIN_NAME ]; then
+ echo $"Restoring GNU Social"
+ temp_restore_dir=/root/tempgnusocial
+ gnusocial_dir=/var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
+ # stop the daemons
+ cd $gnusocial_dir
+ scripts/stopdaemons.sh
+
+ function_check gnusocial_create_database
+ gnusocial_create_database
+
+ restore_database gnusocial ${MICROBLOG_DOMAIN_NAME}
+ if [ -d $temp_restore_dir ]; then
+ rm -rf $temp_restore_dir
+ fi
+
+ # start the daemons
+ cd $gnusocial_dir
+ scripts/startdaemons.sh
+ echo $"Restore of GNU Social complete"
+ fi
}
function backup_remote_gnusocial {
- if grep -q "GNU Social domain" $COMPLETION_FILE; then
- MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
- temp_backup_dir=/var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
- if [ -d $temp_backup_dir ]; then
- function_check suspend_site
- suspend_site ${MICROBLOG_DOMAIN_NAME}
-
- function_check backup_database_to_friend
- backup_database_to_friend gnusocial
-
- echo $"Backing up GNU social installation"
-
- function_check backup_directory_to_friend
- backup_directory_to_friend $temp_backup_dir gnusocial
-
- function_check restart_site
- restart_site
- else
- echo $"GNU Social domain specified but not found in ${temp_backup_dir}"
- fi
- fi
+ if grep -q "GNU Social domain" $COMPLETION_FILE; then
+ MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
+ temp_backup_dir=/var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
+ if [ -d $temp_backup_dir ]; then
+ function_check suspend_site
+ suspend_site ${MICROBLOG_DOMAIN_NAME}
+
+ function_check backup_database_to_friend
+ backup_database_to_friend gnusocial
+
+ echo $"Backing up GNU social installation"
+
+ function_check backup_directory_to_friend
+ backup_directory_to_friend $temp_backup_dir gnusocial
+
+ function_check restart_site
+ restart_site
+ else
+ echo $"GNU Social domain specified but not found in ${temp_backup_dir}"
+ fi
+ fi
}
function restore_remote_gnusocial {
- if grep -q "GNU Social domain" $COMPLETION_FILE; then
- echo $"Restoring GNU Social"
- MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
-
- # stop the daemons
- cd /var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
- scripts/stopdaemons.sh
-
- function_check gnusocial_create_database
- gnusocial_create_database
-
- function_check restore_database_from_friend
- restore_database_from_friend gnusocial ${MICROBLOG_DOMAIN_NAME}
- if [ -d /root/tempgnusocial ]; then
- rm -rf /root/tempgnusocial
- fi
-
- # start the daemons
- cd /var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
- scripts/startdaemons.sh
- echo $"Restore of GNU Social complete"
- fi
+ if grep -q "GNU Social domain" $COMPLETION_FILE; then
+ echo $"Restoring GNU Social"
+ MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
+
+ # stop the daemons
+ cd /var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
+ scripts/stopdaemons.sh
+
+ function_check gnusocial_create_database
+ gnusocial_create_database
+
+ function_check restore_database_from_friend
+ restore_database_from_friend gnusocial ${MICROBLOG_DOMAIN_NAME}
+ if [ -d /root/tempgnusocial ]; then
+ rm -rf /root/tempgnusocial
+ fi
+
+ # start the daemons
+ cd /var/www/${MICROBLOG_DOMAIN_NAME}/htdocs
+ scripts/startdaemons.sh
+ echo $"Restore of GNU Social complete"
+ fi
}
function remove_gnusocial {
- if ! grep -Fxq "install_gnusocial" $COMPLETION_FILE; then
- return
- fi
- nginx_dissite $MICROBLOG_DOMAIN_NAME
- if [ -d /var/www/$MICROBLOG_DOMAIN_NAME ]; then
- rm -rf /var/www/$MICROBLOG_DOMAIN_NAME
- fi
- if [ -f /etc/nginx/sites-available/$MICROBLOG_DOMAIN_NAME ]; then
- rm /etc/nginx/sites-available/$MICROBLOG_DOMAIN_NAME
- fi
- function_check drop_database
- drop_database gnusocial
- function_check remove_onion_service
- remove_onion_service microblog ${MICROBLOG_ONION_PORT}
- sed -i '/install_gnusocial/d' $COMPLETION_FILE
- sed -i '/GNU Social /d' $COMPLETION_FILE
+ if ! grep -Fxq "install_gnusocial" $COMPLETION_FILE; then
+ return
+ fi
+ nginx_dissite $MICROBLOG_DOMAIN_NAME
+ if [ -d /var/www/$MICROBLOG_DOMAIN_NAME ]; then
+ rm -rf /var/www/$MICROBLOG_DOMAIN_NAME
+ fi
+ if [ -f /etc/nginx/sites-available/$MICROBLOG_DOMAIN_NAME ]; then
+ rm /etc/nginx/sites-available/$MICROBLOG_DOMAIN_NAME
+ fi
+ function_check drop_database
+ drop_database gnusocial
+ function_check remove_onion_service
+ remove_onion_service microblog ${MICROBLOG_ONION_PORT}
+ sed -i '/install_gnusocial/d' $COMPLETION_FILE
+ sed -i '/GNU Social /d' $COMPLETION_FILE
}
function install_gnusocial_main {
- if [ ! $MICROBLOG_DOMAIN_NAME ]; then
- echo $'No domain name was given for the microblog'
- exit 7359
- fi
-
- if grep -Fxq "install_gnusocial_main" $COMPLETION_FILE; then
- return
- fi
-
- function_check gnusocial_running_script
- gnusocial_running_script
-
- function_check install_mariadb
- install_mariadb
-
- function_check get_mariadb_password
- get_mariadb_password
-
- function_check repair_databases_script
- repair_databases_script
-
- apt-get -y install php-gettext php5-curl php5-gd php5-mysql git curl php-xml-parser
- apt-get -y install php5-memcached php5-intl
-
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME ]; then
- mkdir /var/www/$MICROBLOG_DOMAIN_NAME
- fi
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs ]; then
- function_check git_clone
- git_clone $MICROBLOG_REPO /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs ]; then
- echo $'Unable to clone gnusocial repo'
- exit 87525
- fi
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- git checkout $MICROBLOG_COMMIT -b $MICROBLOG_COMMIT
- if ! grep -q "GNU Social commit" $COMPLETION_FILE; then
- echo "GNU Social commit:$MICROBLOG_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/GNU Social commit.*/GNU Social commit:$MICROBLOG_COMMIT/g" $COMPLETION_FILE
- fi
-
- chmod a+w /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- chown www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- chmod +x /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/scripts/maildaemon.php
-
- function_check gnusocial_create_database
- gnusocial_create_database
-
- if [ ! -f "/etc/aliases" ]; then
- touch /etc/aliases
- fi
- if ! grep -q "www-data: root" /etc/aliases; then
- echo 'www-data: root' >> /etc/aliases
- fi
- if ! grep -q "/var/www/$MICROBLOG_DOMAIN_NAME/htdocs/scripts/maildaemon.php" /etc/aliases; then
- echo "*: /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/scripts/maildaemon.php" >> /etc/aliases
- fi
-
- function_check add_ddns_domain
- add_ddns_domain $MICROBLOG_DOMAIN_NAME
-
- microblog_nginx_site=/etc/nginx/sites-available/$MICROBLOG_DOMAIN_NAME
- if [[ $ONION_ONLY == "no" ]]; then
- function_check nginx_http_redirect
- nginx_http_redirect $MICROBLOG_DOMAIN_NAME
- echo 'server {' >> $microblog_nginx_site
- echo ' listen 443 ssl;' >> $microblog_nginx_site
- echo " server_name $MICROBLOG_DOMAIN_NAME;" >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Security' >> $microblog_nginx_site
- function_check nginx_ssl
- nginx_ssl $MICROBLOG_DOMAIN_NAME
-
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $MICROBLOG_DOMAIN_NAME
-
- function_check nginx_limits
- nginx_limits $MICROBLOG_DOMAIN_NAME '15m'
- echo ' add_header Strict-Transport-Security max-age=15768000;' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Logs' >> $microblog_nginx_site
- echo ' access_log off;' >> $microblog_nginx_site
- echo ' error_log off;' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Root' >> $microblog_nginx_site
- echo " root /var/www/$MICROBLOG_DOMAIN_NAME/htdocs;" >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Index' >> $microblog_nginx_site
- echo ' index index.php;' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # PHP' >> $microblog_nginx_site
- echo ' location ~ \.php {' >> $microblog_nginx_site
- echo ' include snippets/fastcgi-php.conf;' >> $microblog_nginx_site
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> $microblog_nginx_site
- echo ' }' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Location' >> $microblog_nginx_site
- echo ' location / {' >> $microblog_nginx_site
- echo ' try_files $uri $uri/ @gnusocial;' >> $microblog_nginx_site
- echo ' }' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Fancy URLs' >> $microblog_nginx_site
- echo ' location @gnusocial {' >> $microblog_nginx_site
- echo ' rewrite ^(.*)$ /index.php?p=$1 last;' >> $microblog_nginx_site
- echo ' }' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Restrict access that is unnecessary anyway' >> $microblog_nginx_site
- echo ' location ~ /\.(ht|git) {' >> $microblog_nginx_site
- echo ' deny all;' >> $microblog_nginx_site
- echo ' }' >> $microblog_nginx_site
- echo '}' >> $microblog_nginx_site
- else
- echo -n '' > $microblog_nginx_site
- fi
- echo 'server {' >> $microblog_nginx_site
- echo " listen 127.0.0.1:$MICROBLOG_ONION_PORT default_server;" >> $microblog_nginx_site
- echo " server_name $MICROBLOG_DOMAIN_NAME;" >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $MICROBLOG_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $MICROBLOG_DOMAIN_NAME '15m'
- echo '' >> $microblog_nginx_site
- echo ' # Logs' >> $microblog_nginx_site
- echo ' access_log off;' >> $microblog_nginx_site
- echo ' error_log off;' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Root' >> $microblog_nginx_site
- echo " root /var/www/$MICROBLOG_DOMAIN_NAME/htdocs;" >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Index' >> $microblog_nginx_site
- echo ' index index.php;' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # PHP' >> $microblog_nginx_site
- echo ' location ~ \.php {' >> $microblog_nginx_site
- echo ' include snippets/fastcgi-php.conf;' >> $microblog_nginx_site
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> $microblog_nginx_site
- echo ' }' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Location' >> $microblog_nginx_site
- echo ' location / {' >> $microblog_nginx_site
- echo ' try_files $uri $uri/ @gnusocial;' >> $microblog_nginx_site
- echo ' }' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Fancy URLs' >> $microblog_nginx_site
- echo ' location @gnusocial {' >> $microblog_nginx_site
- echo ' rewrite ^(.*)$ /index.php?p=$1 last;' >> $microblog_nginx_site
- echo ' }' >> $microblog_nginx_site
- echo '' >> $microblog_nginx_site
- echo ' # Restrict access that is unnecessary anyway' >> $microblog_nginx_site
- echo ' location ~ /\.(ht|git) {' >> $microblog_nginx_site
- echo ' deny all;' >> $microblog_nginx_site
- echo ' }' >> $microblog_nginx_site
- echo '}' >> $microblog_nginx_site
-
- function_check configure_php
- configure_php
-
- function_check create_site_certificate
- create_site_certificate $MICROBLOG_DOMAIN_NAME 'yes'
-
- # Ensure that the database gets backed up locally, if remote
- # backups are not being used
- function_check backup_databases_script_header
- backup_databases_script_header
-
- function_check backup_database_local
- backup_database_local gnusocial
-
- function_check nginx_ensite
- nginx_ensite $MICROBLOG_DOMAIN_NAME
-
- # NOTE: For the typical case always enable SSL and only
- # disable it if in onion only mode. This is due to complexities
- # with the way URLs are generated by GNU Social
- gnusocial_ssl='always'
- if [[ $ONION_ONLY != 'no' ]]; then
- gnusocial_ssl='never'
- fi
-
- MICROBLOG_ONION_HOSTNAME=$(add_onion_service microblog 80 ${MICROBLOG_ONION_PORT})
-
- MICROBLOG_SERVER=${MICROBLOG_DOMAIN_NAME}
- if [[ $ONION_ONLY != 'no' ]]; then
- MICROBLOG_SERVER=${MICROBLOG_ONION_HOSTNAME}
- fi
-
- # Create the configuration
- gnusocial_installer=/var/www/${MICROBLOG_DOMAIN_NAME}/htdocs/scripts/install_cli.php
- if [ ! -f $gnusocial_installer ]; then
- echo $'No GNU Social commandline installer found'
- exit 53026
- fi
- ${gnusocial_installer} --server "${MICROBLOG_SERVER}" \
- --host="localhost" --database="gnusocial" \
- --dbtype=mysql --username="root" -v \
- --password="$MARIADB_PASSWORD" \
- --sitename=$"GNU Social" --fancy='yes' \
- --admin-nick="$MY_USERNAME" \
- --admin-pass="$MICROBLOG_ADMIN_PASSWORD" \
- --site-profile="community" \
- --ssl=${gnusocial_ssl}
- # There can be a lot of warnings here so the return value check is disabled
- #if [ ! "$?" = "0" ]; then
- # # failed to install
- # echo $'Could not install GNU Social'
- # exit 72357
- #fi
-
- # check microblog has a config file
- microblog_config_file=/var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
- if [ ! -f $microblog_config_file ]; then
- echo $'Microblog config.php not found'
- exit 87586
- fi
-
- # Some useful settings
- if ! grep -q "Recommended GNU social settings" $microblog_config_file; then
- echo "" >> $microblog_config_file
- echo "// Recommended GNU social settings" >> $microblog_config_file
- echo "\$config['thumbnail']['maxsize'] = 3000;" >> $microblog_config_file
- echo "\$config['profile']['delete'] = true;" >> $microblog_config_file
- echo "\$config['profile']['changenick'] = true;" >> $microblog_config_file
- echo "\$config['public']['localonly'] = false;" >> $microblog_config_file
- echo "addPlugin('StoreRemoteMedia');" >> $microblog_config_file
- echo "\$config['queue']['enabled'] = true;" >> $microblog_config_file
- echo "\$config['queue']['daemon'] = true;" >> $microblog_config_file
- echo "\$config['ostatus']['hub_retries'] = 3;" >> $microblog_config_file
- fi
-
- # This improves performance
- sed -i "s|//\$config\['db'\]\['schemacheck'\].*|\$config\['db'\]\['schemacheck'\] = 'script';|g" $microblog_config_file
-
- systemctl restart php5-fpm
- systemctl restart nginx
-
- ${PROJECT_NAME}-addemail -u $MY_USERNAME -e "noreply@$MICROBLOG_DOMAIN_NAME" -g gnusocial --public no
-
- # some post-install instructions for the user
- if ! grep -q $"Microblog administrator" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Microblog' >> /home/$MY_USERNAME/README
- echo '=========' >> /home/$MY_USERNAME/README
- echo $"Microblog administrator nickname: $MY_USERNAME" >> /home/$MY_USERNAME/README
- echo $"Microblog administrator password: $MICROBLOG_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- if ! grep -q "Microblog onion domain" /home/$MY_USERNAME/README; then
- echo $"Microblog onion domain: ${MICROBLOG_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
- echo "GNU Social onion domain:${MICROBLOG_ONION_HOSTNAME}" >> $COMPLETION_FILE
-
- echo "GNU Social domain:$MICROBLOG_DOMAIN_NAME" >> $COMPLETION_FILE
- echo 'install_gnusocial_main' >> $COMPLETION_FILE
+ if [ ! $MICROBLOG_DOMAIN_NAME ]; then
+ echo $'No domain name was given for the microblog'
+ exit 7359
+ fi
+
+ if grep -Fxq "install_gnusocial_main" $COMPLETION_FILE; then
+ return
+ fi
+
+ function_check gnusocial_running_script
+ gnusocial_running_script
+
+ function_check install_mariadb
+ install_mariadb
+
+ function_check get_mariadb_password
+ get_mariadb_password
+
+ function_check repair_databases_script
+ repair_databases_script
+
+ apt-get -y install php-gettext php5-curl php5-gd php5-mysql git curl php-xml-parser
+ apt-get -y install php5-memcached php5-intl
+
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME ]; then
+ mkdir /var/www/$MICROBLOG_DOMAIN_NAME
+ fi
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs ]; then
+ function_check git_clone
+ git_clone $MICROBLOG_REPO /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs ]; then
+ echo $'Unable to clone gnusocial repo'
+ exit 87525
+ fi
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ git checkout $MICROBLOG_COMMIT -b $MICROBLOG_COMMIT
+ if ! grep -q "GNU Social commit" $COMPLETION_FILE; then
+ echo "GNU Social commit:$MICROBLOG_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/GNU Social commit.*/GNU Social commit:$MICROBLOG_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ chmod a+w /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ chown www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ chmod +x /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/scripts/maildaemon.php
+
+ function_check gnusocial_create_database
+ gnusocial_create_database
+
+ if [ ! -f "/etc/aliases" ]; then
+ touch /etc/aliases
+ fi
+ if ! grep -q "www-data: root" /etc/aliases; then
+ echo 'www-data: root' >> /etc/aliases
+ fi
+ if ! grep -q "/var/www/$MICROBLOG_DOMAIN_NAME/htdocs/scripts/maildaemon.php" /etc/aliases; then
+ echo "*: /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/scripts/maildaemon.php" >> /etc/aliases
+ fi
+
+ function_check add_ddns_domain
+ add_ddns_domain $MICROBLOG_DOMAIN_NAME
+
+ microblog_nginx_site=/etc/nginx/sites-available/$MICROBLOG_DOMAIN_NAME
+ if [[ $ONION_ONLY == "no" ]]; then
+ function_check nginx_http_redirect
+ nginx_http_redirect $MICROBLOG_DOMAIN_NAME
+ echo 'server {' >> $microblog_nginx_site
+ echo ' listen 443 ssl;' >> $microblog_nginx_site
+ echo " server_name $MICROBLOG_DOMAIN_NAME;" >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Security' >> $microblog_nginx_site
+ function_check nginx_ssl
+ nginx_ssl $MICROBLOG_DOMAIN_NAME
+
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $MICROBLOG_DOMAIN_NAME
+
+ function_check nginx_limits
+ nginx_limits $MICROBLOG_DOMAIN_NAME '15m'
+ echo ' add_header Strict-Transport-Security max-age=15768000;' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Logs' >> $microblog_nginx_site
+ echo ' access_log off;' >> $microblog_nginx_site
+ echo ' error_log off;' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Root' >> $microblog_nginx_site
+ echo " root /var/www/$MICROBLOG_DOMAIN_NAME/htdocs;" >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Index' >> $microblog_nginx_site
+ echo ' index index.php;' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # PHP' >> $microblog_nginx_site
+ echo ' location ~ \.php {' >> $microblog_nginx_site
+ echo ' include snippets/fastcgi-php.conf;' >> $microblog_nginx_site
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> $microblog_nginx_site
+ echo ' }' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Location' >> $microblog_nginx_site
+ echo ' location / {' >> $microblog_nginx_site
+ echo ' try_files $uri $uri/ @gnusocial;' >> $microblog_nginx_site
+ echo ' }' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Fancy URLs' >> $microblog_nginx_site
+ echo ' location @gnusocial {' >> $microblog_nginx_site
+ echo ' rewrite ^(.*)$ /index.php?p=$1 last;' >> $microblog_nginx_site
+ echo ' }' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Restrict access that is unnecessary anyway' >> $microblog_nginx_site
+ echo ' location ~ /\.(ht|git) {' >> $microblog_nginx_site
+ echo ' deny all;' >> $microblog_nginx_site
+ echo ' }' >> $microblog_nginx_site
+ echo '}' >> $microblog_nginx_site
+ else
+ echo -n '' > $microblog_nginx_site
+ fi
+ echo 'server {' >> $microblog_nginx_site
+ echo " listen 127.0.0.1:$MICROBLOG_ONION_PORT default_server;" >> $microblog_nginx_site
+ echo " server_name $MICROBLOG_DOMAIN_NAME;" >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $MICROBLOG_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $MICROBLOG_DOMAIN_NAME '15m'
+ echo '' >> $microblog_nginx_site
+ echo ' # Logs' >> $microblog_nginx_site
+ echo ' access_log off;' >> $microblog_nginx_site
+ echo ' error_log off;' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Root' >> $microblog_nginx_site
+ echo " root /var/www/$MICROBLOG_DOMAIN_NAME/htdocs;" >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Index' >> $microblog_nginx_site
+ echo ' index index.php;' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # PHP' >> $microblog_nginx_site
+ echo ' location ~ \.php {' >> $microblog_nginx_site
+ echo ' include snippets/fastcgi-php.conf;' >> $microblog_nginx_site
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> $microblog_nginx_site
+ echo ' }' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Location' >> $microblog_nginx_site
+ echo ' location / {' >> $microblog_nginx_site
+ echo ' try_files $uri $uri/ @gnusocial;' >> $microblog_nginx_site
+ echo ' }' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Fancy URLs' >> $microblog_nginx_site
+ echo ' location @gnusocial {' >> $microblog_nginx_site
+ echo ' rewrite ^(.*)$ /index.php?p=$1 last;' >> $microblog_nginx_site
+ echo ' }' >> $microblog_nginx_site
+ echo '' >> $microblog_nginx_site
+ echo ' # Restrict access that is unnecessary anyway' >> $microblog_nginx_site
+ echo ' location ~ /\.(ht|git) {' >> $microblog_nginx_site
+ echo ' deny all;' >> $microblog_nginx_site
+ echo ' }' >> $microblog_nginx_site
+ echo '}' >> $microblog_nginx_site
+
+ function_check configure_php
+ configure_php
+
+ function_check create_site_certificate
+ create_site_certificate $MICROBLOG_DOMAIN_NAME 'yes'
+
+ # Ensure that the database gets backed up locally, if remote
+ # backups are not being used
+ function_check backup_databases_script_header
+ backup_databases_script_header
+
+ function_check backup_database_local
+ backup_database_local gnusocial
+
+ function_check nginx_ensite
+ nginx_ensite $MICROBLOG_DOMAIN_NAME
+
+ # NOTE: For the typical case always enable SSL and only
+ # disable it if in onion only mode. This is due to complexities
+ # with the way URLs are generated by GNU Social
+ gnusocial_ssl='always'
+ if [[ $ONION_ONLY != 'no' ]]; then
+ gnusocial_ssl='never'
+ fi
+
+ MICROBLOG_ONION_HOSTNAME=$(add_onion_service microblog 80 ${MICROBLOG_ONION_PORT})
+
+ MICROBLOG_SERVER=${MICROBLOG_DOMAIN_NAME}
+ if [[ $ONION_ONLY != 'no' ]]; then
+ MICROBLOG_SERVER=${MICROBLOG_ONION_HOSTNAME}
+ fi
+
+ # Create the configuration
+ gnusocial_installer=/var/www/${MICROBLOG_DOMAIN_NAME}/htdocs/scripts/install_cli.php
+ if [ ! -f $gnusocial_installer ]; then
+ echo $'No GNU Social commandline installer found'
+ exit 53026
+ fi
+ ${gnusocial_installer} --server "${MICROBLOG_SERVER}" \
+ --host="localhost" --database="gnusocial" \
+ --dbtype=mysql --username="root" -v \
+ --password="$MARIADB_PASSWORD" \
+ --sitename=$"GNU Social" --fancy='yes' \
+ --admin-nick="$MY_USERNAME" \
+ --admin-pass="$MICROBLOG_ADMIN_PASSWORD" \
+ --site-profile="community" \
+ --ssl=${gnusocial_ssl}
+ # There can be a lot of warnings here so the return value check is disabled
+ #if [ ! "$?" = "0" ]; then
+ # # failed to install
+ # echo $'Could not install GNU Social'
+ # exit 72357
+ #fi
+
+ # check microblog has a config file
+ microblog_config_file=/var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
+ if [ ! -f $microblog_config_file ]; then
+ echo $'Microblog config.php not found'
+ exit 87586
+ fi
+
+ # Some useful settings
+ if ! grep -q "Recommended GNU social settings" $microblog_config_file; then
+ echo "" >> $microblog_config_file
+ echo "// Recommended GNU social settings" >> $microblog_config_file
+ echo "\$config['thumbnail']['maxsize'] = 3000;" >> $microblog_config_file
+ echo "\$config['profile']['delete'] = true;" >> $microblog_config_file
+ echo "\$config['profile']['changenick'] = true;" >> $microblog_config_file
+ echo "\$config['public']['localonly'] = false;" >> $microblog_config_file
+ echo "addPlugin('StoreRemoteMedia');" >> $microblog_config_file
+ echo "\$config['queue']['enabled'] = true;" >> $microblog_config_file
+ echo "\$config['queue']['daemon'] = true;" >> $microblog_config_file
+ echo "\$config['ostatus']['hub_retries'] = 3;" >> $microblog_config_file
+ fi
+
+ # This improves performance
+ sed -i "s|//\$config\['db'\]\['schemacheck'\].*|\$config\['db'\]\['schemacheck'\] = 'script';|g" $microblog_config_file
+
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ ${PROJECT_NAME}-addemail -u $MY_USERNAME -e "noreply@$MICROBLOG_DOMAIN_NAME" -g gnusocial --public no
+
+ # some post-install instructions for the user
+ if ! grep -q $"Microblog administrator" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Microblog' >> /home/$MY_USERNAME/README
+ echo '=========' >> /home/$MY_USERNAME/README
+ echo $"Microblog administrator nickname: $MY_USERNAME" >> /home/$MY_USERNAME/README
+ echo $"Microblog administrator password: $MICROBLOG_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ if ! grep -q "Microblog onion domain" /home/$MY_USERNAME/README; then
+ echo $"Microblog onion domain: ${MICROBLOG_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+ echo "GNU Social onion domain:${MICROBLOG_ONION_HOSTNAME}" >> $COMPLETION_FILE
+
+ echo "GNU Social domain:$MICROBLOG_DOMAIN_NAME" >> $COMPLETION_FILE
+ echo 'install_gnusocial_main' >> $COMPLETION_FILE
}
function install_gnusocial_plugin_sharings {
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins ]; then
- echo $'No local/plugins directory found for the microblog'
- exit 72945
- fi
-
- apt-get -y install liblocale-msgfmt-perl
-
- # update to the next commit
- function_check set_repo_commit
- set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins "GNU Social sharings plugin commit" "$SHARINGS_COMMIT" $SHARINGS_REPO
-
- if grep -Fxq "install_gnusocial_plugin_sharings" $COMPLETION_FILE; then
- return
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
- function_check git_clone
- git_clone $SHARINGS_REPO Sharings
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings ]; then
- echo $'Unable to clone microblog sharings plugin'
- exit 36738
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings
- git stash
- git checkout master
- git branch -D $SHARINGS_COMMIT
- git checkout $SHARINGS_COMMIT -b $SHARINGS_COMMIT
-
- # enable the plugin
- if ! grep -q "addPlugin('Sharings');" /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php; then
- echo "addPlugin('Sharings');" >> /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- php scripts/checkschema.php
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings
- php scripts/seedsharings.php
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- php scripts/checkschema.php
-
- # Languages
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings/locale/en/LC_MESSAGES
- msgfmt -o Sharings.mo Sharings.po
- if [ ! -f Sharings.po ]; then
- echo $'English translations for GNU Social sharings plugin were not created'
- exit 84352
- fi
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings/locale/en_GB/LC_MESSAGES
- msgfmt -o Sharings.mo Sharings.po
- if [ ! -f Sharings.po ]; then
- echo $'English (GB) translations for GNU Social sharings plugin were not created'
- exit 84352
- fi
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings/locale/en_US/LC_MESSAGES
- msgfmt -o Sharings.mo Sharings.po
- if [ ! -f Sharings.po ]; then
- echo $'English (US) translations for GNU Social sharings plugin were not created'
- exit 84352
- fi
-
- chown -R www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
-
- if ! grep -q "GNU Social sharings plugin commit" $COMPLETION_FILE; then
- echo "GNU Social sharings plugin commit:$SHARINGS_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s|GNU Social sharings plugin commit.*|GNU Social sharings plugin commit:$SHARINGS_COMMIT|g" $COMPLETION_FILE
- fi
- echo 'install_gnusocial_plugin_sharings' >> $COMPLETION_FILE
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins ]; then
+ echo $'No local/plugins directory found for the microblog'
+ exit 72945
+ fi
+
+ apt-get -y install liblocale-msgfmt-perl
+
+ # update to the next commit
+ function_check set_repo_commit
+ set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins "GNU Social sharings plugin commit" "$SHARINGS_COMMIT" $SHARINGS_REPO
+
+ if grep -Fxq "install_gnusocial_plugin_sharings" $COMPLETION_FILE; then
+ return
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
+ function_check git_clone
+ git_clone $SHARINGS_REPO Sharings
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings ]; then
+ echo $'Unable to clone microblog sharings plugin'
+ exit 36738
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings
+ git stash
+ git checkout master
+ git branch -D $SHARINGS_COMMIT
+ git checkout $SHARINGS_COMMIT -b $SHARINGS_COMMIT
+
+ # enable the plugin
+ if ! grep -q "addPlugin('Sharings');" /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php; then
+ echo "addPlugin('Sharings');" >> /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ php scripts/checkschema.php
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings
+ php scripts/seedsharings.php
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ php scripts/checkschema.php
+
+ # Languages
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings/locale/en/LC_MESSAGES
+ msgfmt -o Sharings.mo Sharings.po
+ if [ ! -f Sharings.po ]; then
+ echo $'English translations for GNU Social sharings plugin were not created'
+ exit 84352
+ fi
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings/locale/en_GB/LC_MESSAGES
+ msgfmt -o Sharings.mo Sharings.po
+ if [ ! -f Sharings.po ]; then
+ echo $'English (GB) translations for GNU Social sharings plugin were not created'
+ exit 84352
+ fi
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Sharings/locale/en_US/LC_MESSAGES
+ msgfmt -o Sharings.mo Sharings.po
+ if [ ! -f Sharings.po ]; then
+ echo $'English (US) translations for GNU Social sharings plugin were not created'
+ exit 84352
+ fi
+
+ chown -R www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+
+ if ! grep -q "GNU Social sharings plugin commit" $COMPLETION_FILE; then
+ echo "GNU Social sharings plugin commit:$SHARINGS_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s|GNU Social sharings plugin commit.*|GNU Social sharings plugin commit:$SHARINGS_COMMIT|g" $COMPLETION_FILE
+ fi
+ echo 'install_gnusocial_plugin_sharings' >> $COMPLETION_FILE
}
function install_gnusocial_plugin_sharings_theme {
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins ]; then
- echo $'No local/plugins directory found for the microblog'
- exit 74458
- fi
-
- # update to the next commit
- function_check set_repo_commit
- set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins "GNU Social sharings theme plugin commit" "$SHARINGS_THEME_COMMIT" $SHARINGS_THEME_REPO
-
- if grep -Fxq "install_gnusocial_plugin_sharings_theme" $COMPLETION_FILE; then
- return
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
- function_check git_clone
- git_clone $SHARINGS_THEME_REPO SharingsTheme
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/SharingsTheme ]; then
- echo $'Unable to clone microblog sharings plugin theme'
- exit 639253
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/SharingsTheme
- git stash
- git checkout master
- git branch -D $SHARINGS_THEME_COMMIT
- git checkout $SHARINGS_THEME_COMMIT -b $SHARINGS_THEME_COMMIT
-
- # enable the plugin
- if ! grep -q "addPlugin('SharingsTheme');" /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php; then
- echo "addPlugin('SharingsTheme');" >> /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- php scripts/checkschema.php
-
- chown -R www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
-
- if ! grep -q "GNU Social sharings plugin theme commit" $COMPLETION_FILE; then
- echo "GNU Social sharings plugin theme commit:$SHARINGS_THEME_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s|GNU Social sharings plugin theme commit.*|GNU Social sharings plugin theme commit:$SHARINGS_THEME_COMMIT|g" $COMPLETION_FILE
- fi
- echo 'install_gnusocial_plugin_sharings_theme' >> $COMPLETION_FILE
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins ]; then
+ echo $'No local/plugins directory found for the microblog'
+ exit 74458
+ fi
+
+ # update to the next commit
+ function_check set_repo_commit
+ set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins "GNU Social sharings theme plugin commit" "$SHARINGS_THEME_COMMIT" $SHARINGS_THEME_REPO
+
+ if grep -Fxq "install_gnusocial_plugin_sharings_theme" $COMPLETION_FILE; then
+ return
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
+ function_check git_clone
+ git_clone $SHARINGS_THEME_REPO SharingsTheme
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/SharingsTheme ]; then
+ echo $'Unable to clone microblog sharings plugin theme'
+ exit 639253
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/SharingsTheme
+ git stash
+ git checkout master
+ git branch -D $SHARINGS_THEME_COMMIT
+ git checkout $SHARINGS_THEME_COMMIT -b $SHARINGS_THEME_COMMIT
+
+ # enable the plugin
+ if ! grep -q "addPlugin('SharingsTheme');" /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php; then
+ echo "addPlugin('SharingsTheme');" >> /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ php scripts/checkschema.php
+
+ chown -R www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+
+ if ! grep -q "GNU Social sharings plugin theme commit" $COMPLETION_FILE; then
+ echo "GNU Social sharings plugin theme commit:$SHARINGS_THEME_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s|GNU Social sharings plugin theme commit.*|GNU Social sharings plugin theme commit:$SHARINGS_THEME_COMMIT|g" $COMPLETION_FILE
+ fi
+ echo 'install_gnusocial_plugin_sharings_theme' >> $COMPLETION_FILE
}
function expire_gnusocial_posts {
- # To prevent the database size from growing endlessly this script expires posts
- # after a number of months
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs ]; then
- return
- fi
-
- gnusocial_expire_script=/usr/bin/gnusocial-expire
-
- echo '<?php' > $gnusocial_expire_script
- echo '' >> $gnusocial_expire_script
- echo '// GNU Social post expiry script, based on StatExpire by Tony Baldwin' >> $gnusocial_expire_script
- echo '// https://github.com/tonybaldwin/statexpire' >> $gnusocial_expire_script
- echo '' >> $gnusocial_expire_script
- echo '$oldate=date(("Y-m-d"), strtotime("-3 months"));' >> $gnusocial_expire_script
- echo '$username="root";' >> $gnusocial_expire_script
- echo "\$password=trim(file_get_contents(\"$DATABASE_PASSWORD_FILE\"));" >> $gnusocial_expire_script
- echo '$database="gnusocial";' >> $gnusocial_expire_script
- echo '' >> $gnusocial_expire_script
- echo 'if (!$link = mysql_connect("localhost", $username, $password)) {' >> $gnusocial_expire_script
- echo ' echo "Could not connect to mariadb";' >> $gnusocial_expire_script
- echo ' exit;' >> $gnusocial_expire_script
- echo '}' >> $gnusocial_expire_script
- echo '' >> $gnusocial_expire_script
- echo 'if (!mysql_select_db($database, $link)) {' >> $gnusocial_expire_script
- echo ' echo "Could not select gnusocial database";' >> $gnusocial_expire_script
- echo ' exit;' >> $gnusocial_expire_script
- echo '}' >> $gnusocial_expire_script
- echo '' >> $gnusocial_expire_script
- echo "\$notice_query=\"DELETE FROM notice WHERE created <= '\$oldate 01:01:01'\";" >> $gnusocial_expire_script
- echo "\$conversation_query=\"DELETE FROM conversation WHERE created <= '$oldate 01:01:01'\";" >> $gnusocial_expire_script
- echo "\$reply_query=\"DELETE FROM reply WHERE modified <= '\$oldate 01:01:01'\";" >> $gnusocial_expire_script
- echo '' >> $gnusocial_expire_script
- echo 'mysql_query($notice_query);' >> $gnusocial_expire_script
- echo '$rowaff1=mysql_affected_rows();' >> $gnusocial_expire_script
- echo 'mysql_query($conversation_query);' >> $gnusocial_expire_script
- echo '$rowaff2=mysql_affected_rows();' >> $gnusocial_expire_script
- echo 'mysql_query($reply_query);' >> $gnusocial_expire_script
- echo '$rowaff3=mysql_affected_rows();' >> $gnusocial_expire_script
- echo 'mysql_close();' >> $gnusocial_expire_script
- echo '' >> $gnusocial_expire_script
- echo 'echo "Expire GNU Social posts: $rowaff1 notices, $rowaff2 conversations, and $rowaff3 replies deleted from database.\n";' >> $gnusocial_expire_script
- chmod +x $gnusocial_expire_script
-
- # Add a cron job
- if ! grep -q "$gnusocial_expire_script" /etc/crontab; then
- echo "10 3 5 * * root /usr/bin/timeout 500 /usr/bin/php $gnusocial_expire_script" >> /etc/crontab
- fi
-
- # remove old expire script
- if [ -f /etc/cron.weekly/clear-microblog-database ]; then
- rm /etc/cron.weekly/clear-microblog-database
- fi
+ # To prevent the database size from growing endlessly this script expires posts
+ # after a number of months
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs ]; then
+ return
+ fi
+
+ gnusocial_expire_script=/usr/bin/gnusocial-expire
+
+ echo '<?php' > $gnusocial_expire_script
+ echo '' >> $gnusocial_expire_script
+ echo '// GNU Social post expiry script, based on StatExpire by Tony Baldwin' >> $gnusocial_expire_script
+ echo '// https://github.com/tonybaldwin/statexpire' >> $gnusocial_expire_script
+ echo '' >> $gnusocial_expire_script
+ echo '$oldate=date(("Y-m-d"), strtotime("-3 months"));' >> $gnusocial_expire_script
+ echo '$username="root";' >> $gnusocial_expire_script
+ echo "\$password=trim(file_get_contents(\"$DATABASE_PASSWORD_FILE\"));" >> $gnusocial_expire_script
+ echo '$database="gnusocial";' >> $gnusocial_expire_script
+ echo '' >> $gnusocial_expire_script
+ echo 'if (!$link = mysql_connect("localhost", $username, $password)) {' >> $gnusocial_expire_script
+ echo ' echo "Could not connect to mariadb";' >> $gnusocial_expire_script
+ echo ' exit;' >> $gnusocial_expire_script
+ echo '}' >> $gnusocial_expire_script
+ echo '' >> $gnusocial_expire_script
+ echo 'if (!mysql_select_db($database, $link)) {' >> $gnusocial_expire_script
+ echo ' echo "Could not select gnusocial database";' >> $gnusocial_expire_script
+ echo ' exit;' >> $gnusocial_expire_script
+ echo '}' >> $gnusocial_expire_script
+ echo '' >> $gnusocial_expire_script
+ echo "\$notice_query=\"DELETE FROM notice WHERE created <= '\$oldate 01:01:01'\";" >> $gnusocial_expire_script
+ echo "\$conversation_query=\"DELETE FROM conversation WHERE created <= '$oldate 01:01:01'\";" >> $gnusocial_expire_script
+ echo "\$reply_query=\"DELETE FROM reply WHERE modified <= '\$oldate 01:01:01'\";" >> $gnusocial_expire_script
+ echo '' >> $gnusocial_expire_script
+ echo 'mysql_query($notice_query);' >> $gnusocial_expire_script
+ echo '$rowaff1=mysql_affected_rows();' >> $gnusocial_expire_script
+ echo 'mysql_query($conversation_query);' >> $gnusocial_expire_script
+ echo '$rowaff2=mysql_affected_rows();' >> $gnusocial_expire_script
+ echo 'mysql_query($reply_query);' >> $gnusocial_expire_script
+ echo '$rowaff3=mysql_affected_rows();' >> $gnusocial_expire_script
+ echo 'mysql_close();' >> $gnusocial_expire_script
+ echo '' >> $gnusocial_expire_script
+ echo 'echo "Expire GNU Social posts: $rowaff1 notices, $rowaff2 conversations, and $rowaff3 replies deleted from database.\n";' >> $gnusocial_expire_script
+ chmod +x $gnusocial_expire_script
+
+ # Add a cron job
+ if ! grep -q "$gnusocial_expire_script" /etc/crontab; then
+ echo "10 3 5 * * root /usr/bin/timeout 500 /usr/bin/php $gnusocial_expire_script" >> /etc/crontab
+ fi
+
+ # remove old expire script
+ if [ -f /etc/cron.weekly/clear-microblog-database ]; then
+ rm /etc/cron.weekly/clear-microblog-database
+ fi
}
function install_gnusocial_theme {
- # update to the next commit
- function_check set_repo_commit
- set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter "GNU Social theme commit" "$MICROBLOG_THEME_COMMIT" $MICROBLOG_THEME_REPO
-
- # customise with project logo
- if [ -f /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter/img/sprite.png ]; then
- if [ -f ~/freedombone/img/gnusocial_sprite.png ]; then
- cp ~/freedombone/img/gnusocial_sprite.png /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter/img/sprite.png
- fi
- fi
-
- if grep -Fxq "install_gnusocial_theme" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install wget
-
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins ]; then
- mkdir -p /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
- function_check git_clone
- git_clone $MICROBLOG_THEME_REPO Qvitter
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter
- git checkout $MICROBLOG_THEME_COMMIT -b $MICROBLOG_THEME_COMMIT
-
- # download a custom background image
- MICROBLOG_BACKGROUND_IMAGE_URL_EXT=
- if [ $MICROBLOG_BACKGROUND_IMAGE_URL ]; then
- if [[ $$MICROBLOG_BACKGROUND_IMAGE_URL == *".jpeg" || $$MICROBLOG_BACKGROUND_IMAGE_URL == *".jpg" ]]; then
- MICROBLOG_BACKGROUND_IMAGE_URL_EXT="jpg"
- fi
- if [[ $$MICROBLOG_BACKGROUND_IMAGE_URL == *".png" ]]; then
- MICROBLOG_BACKGROUND_IMAGE_URL_EXT="png"
- fi
- if [[ $$MICROBLOG_BACKGROUND_IMAGE_URL == *".gif" ]]; then
- MICROBLOG_BACKGROUND_IMAGE_URL_EXT="gif"
- fi
- if [ $MICROBLOG_BACKGROUND_IMAGE_URL_EXT ]; then
- wget $MICROBLOG_BACKGROUND_IMAGE_URL -O img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT}
- if [ ! -f img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT} ]; then
- echo "$MICROBLOG_BACKGROUND_IMAGE_URL"
- echo $'Custom background image for microblog could not be downloaded'
- exit 87524
- fi
- fi
- fi
-
- microblog_config_file=/var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
- if ! grep -q "addPlugin('Qvitter')" $microblog_config_file; then
- MICROBLOG_WELCOME_MESSAGE=$(echo $MICROBLOG_WELCOME_MESSAGE | sed "s|\$MICROBLOG_DOMAIN_NAME|$MICROBLOG_DOMAIN_NAME|g")
- echo "" >> $microblog_config_file
- echo "// Qvitter settings" >> $microblog_config_file
- echo "addPlugin('Qvitter');" >> $microblog_config_file
- echo "\$config['site']['qvitter']['enabledbydefault'] = true;" >> $microblog_config_file
- echo "\$config['site']['qvitter']['defaultbackgroundcolor'] = '#f4f4f4';" >> $microblog_config_file
- echo "\$config['site']['qvitter']['defaultlinkcolor'] = '#0084B4';" >> $microblog_config_file
- echo "\$config['site']['qvitter']['timebetweenpolling'] = 30000; // 30 secs" >> $microblog_config_file
- echo "\$config['site']['qvitter']['urlshortenerapiurl'] = 'http://qttr.at/shortener.php';" >> $microblog_config_file
- echo "\$config['site']['qvitter']['urlshortenersignature'] = 'b6afeec983';" >> $microblog_config_file
- if [ $MICROBLOG_BACKGROUND_IMAGE_URL ]; then
- echo "\$config['site']['qvitter']['sitebackground'] = 'img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT}';" >> $microblog_config_file
- else
- echo "\$config['site']['qvitter']['sitebackground'] = 'img/vagnsmossen.jpg';" >> $microblog_config_file
- fi
- echo "\$config['site']['qvitter']['favicon'] = 'img/favicon.ico?v=4';" >> $microblog_config_file
- echo "\$config['site']['qvitter']['sprite'] = Plugin::staticPath('Qvitter', '').'img/sprite.png?v=40';" >> $microblog_config_file
- echo "\$config['site']['qvitter']['enablewelcometext'] = true;" >> $microblog_config_file
- echo "\$config['site']['qvitter']['customwelcometext']['en'] = '$MICROBLOG_WELCOME_MESSAGE';" >> $microblog_config_file
- echo "\$config['site']['qvitter']['customwelcometext']['de'] = '$MICROBLOG_WELCOME_MESSAGE';" >> $microblog_config_file
- echo "\$config['site']['qvitter']['customwelcometext']['fr'] = '$MICROBLOG_WELCOME_MESSAGE';" >> $microblog_config_file
- echo "\$config['site']['qvitter']['customwelcometext']['es'] = '$MICROBLOG_WELCOME_MESSAGE';" >> $microblog_config_file
- echo "\$config['site']['qvitter']['blocked_ips'] = array();" >> $microblog_config_file
- else
- if [ $MICROBLOG_BACKGROUND_IMAGE_URL_EXT ]; then
- if [ -f img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT} ]; then
- sed -i "s|\$config['site']['qvitter']['sitebackground'].*|\$config['site']['qvitter']['sitebackground'] = 'img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT}';|g" $microblog_config_file
- fi
- fi
- fi
-
- # customise with project logo
- if [ -f /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter/img/sprite.png ]; then
- if [ -f ~/freedombone/img/gnusocial_sprite.png ]; then
- cp ~/freedombone/img/gnusocial_sprite.png /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter/img/sprite.png
- fi
- fi
-
- if ! grep -q "GNU Social theme commit" $COMPLETION_FILE; then
- echo "GNU Social theme commit:$MICROBLOG_THEME_COMMIT" >> $COMPLETION_FILE
- fi
-
- chown -R www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
-
- echo 'install_gnusocial_theme' >> $COMPLETION_FILE
+ # update to the next commit
+ function_check set_repo_commit
+ set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter "GNU Social theme commit" "$MICROBLOG_THEME_COMMIT" $MICROBLOG_THEME_REPO
+
+ # customise with project logo
+ if [ -f /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter/img/sprite.png ]; then
+ if [ -f ~/freedombone/img/gnusocial_sprite.png ]; then
+ cp ~/freedombone/img/gnusocial_sprite.png /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter/img/sprite.png
+ fi
+ fi
+
+ if grep -Fxq "install_gnusocial_theme" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install wget
+
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins ]; then
+ mkdir -p /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
+ function_check git_clone
+ git_clone $MICROBLOG_THEME_REPO Qvitter
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter
+ git checkout $MICROBLOG_THEME_COMMIT -b $MICROBLOG_THEME_COMMIT
+
+ # download a custom background image
+ MICROBLOG_BACKGROUND_IMAGE_URL_EXT=
+ if [ $MICROBLOG_BACKGROUND_IMAGE_URL ]; then
+ if [[ $$MICROBLOG_BACKGROUND_IMAGE_URL == *".jpeg" || $$MICROBLOG_BACKGROUND_IMAGE_URL == *".jpg" ]]; then
+ MICROBLOG_BACKGROUND_IMAGE_URL_EXT="jpg"
+ fi
+ if [[ $$MICROBLOG_BACKGROUND_IMAGE_URL == *".png" ]]; then
+ MICROBLOG_BACKGROUND_IMAGE_URL_EXT="png"
+ fi
+ if [[ $$MICROBLOG_BACKGROUND_IMAGE_URL == *".gif" ]]; then
+ MICROBLOG_BACKGROUND_IMAGE_URL_EXT="gif"
+ fi
+ if [ $MICROBLOG_BACKGROUND_IMAGE_URL_EXT ]; then
+ wget $MICROBLOG_BACKGROUND_IMAGE_URL -O img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT}
+ if [ ! -f img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT} ]; then
+ echo "$MICROBLOG_BACKGROUND_IMAGE_URL"
+ echo $'Custom background image for microblog could not be downloaded'
+ exit 87524
+ fi
+ fi
+ fi
+
+ microblog_config_file=/var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
+ if ! grep -q "addPlugin('Qvitter')" $microblog_config_file; then
+ MICROBLOG_WELCOME_MESSAGE=$(echo $MICROBLOG_WELCOME_MESSAGE | sed "s|\$MICROBLOG_DOMAIN_NAME|$MICROBLOG_DOMAIN_NAME|g")
+ echo "" >> $microblog_config_file
+ echo "// Qvitter settings" >> $microblog_config_file
+ echo "addPlugin('Qvitter');" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['enabledbydefault'] = true;" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['defaultbackgroundcolor'] = '#f4f4f4';" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['defaultlinkcolor'] = '#0084B4';" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['timebetweenpolling'] = 30000; // 30 secs" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['urlshortenerapiurl'] = 'http://qttr.at/shortener.php';" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['urlshortenersignature'] = 'b6afeec983';" >> $microblog_config_file
+ if [ $MICROBLOG_BACKGROUND_IMAGE_URL ]; then
+ echo "\$config['site']['qvitter']['sitebackground'] = 'img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT}';" >> $microblog_config_file
+ else
+ echo "\$config['site']['qvitter']['sitebackground'] = 'img/vagnsmossen.jpg';" >> $microblog_config_file
+ fi
+ echo "\$config['site']['qvitter']['favicon'] = 'img/favicon.ico?v=4';" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['sprite'] = Plugin::staticPath('Qvitter', '').'img/sprite.png?v=40';" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['enablewelcometext'] = true;" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['customwelcometext']['en'] = '$MICROBLOG_WELCOME_MESSAGE';" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['customwelcometext']['de'] = '$MICROBLOG_WELCOME_MESSAGE';" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['customwelcometext']['fr'] = '$MICROBLOG_WELCOME_MESSAGE';" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['customwelcometext']['es'] = '$MICROBLOG_WELCOME_MESSAGE';" >> $microblog_config_file
+ echo "\$config['site']['qvitter']['blocked_ips'] = array();" >> $microblog_config_file
+ else
+ if [ $MICROBLOG_BACKGROUND_IMAGE_URL_EXT ]; then
+ if [ -f img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT} ]; then
+ sed -i "s|\$config['site']['qvitter']['sitebackground'].*|\$config['site']['qvitter']['sitebackground'] = 'img/custom.${MICROBLOG_BACKGROUND_IMAGE_URL_EXT}';|g" $microblog_config_file
+ fi
+ fi
+ fi
+
+ # customise with project logo
+ if [ -f /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter/img/sprite.png ]; then
+ if [ -f ~/freedombone/img/gnusocial_sprite.png ]; then
+ cp ~/freedombone/img/gnusocial_sprite.png /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/Qvitter/img/sprite.png
+ fi
+ fi
+
+ if ! grep -q "GNU Social theme commit" $COMPLETION_FILE; then
+ echo "GNU Social theme commit:$MICROBLOG_THEME_COMMIT" >> $COMPLETION_FILE
+ fi
+
+ chown -R www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+
+ echo 'install_gnusocial_theme' >> $COMPLETION_FILE
}
function install_gnusocial_markdown {
- MICROBLOG_PATH=/var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ MICROBLOG_PATH=/var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- # update to the next commit
- function_check set_repo_commit
- set_repo_commit $MICROBLOG_PATH/local/plugins/Markdown "GNU Social Markdown commit" "$MICROBLOG_MARKDOWN_COMMIT" $MICROBLOG_MARKDOWN_REPO
+ # update to the next commit
+ function_check set_repo_commit
+ set_repo_commit $MICROBLOG_PATH/local/plugins/Markdown "GNU Social Markdown commit" "$MICROBLOG_MARKDOWN_COMMIT" $MICROBLOG_MARKDOWN_REPO
- if grep -Fxq "install_gnusocial_markdown" $COMPLETION_FILE; then
- return
- fi
+ if grep -Fxq "install_gnusocial_markdown" $COMPLETION_FILE; then
+ return
+ fi
- if [ -d $MICROBLOG_PATH/local/plugins/Markdown ]; then
- rm -rf $MICROBLOG_PATH/local/plugins/Markdown
- fi
+ if [ -d $MICROBLOG_PATH/local/plugins/Markdown ]; then
+ rm -rf $MICROBLOG_PATH/local/plugins/Markdown
+ fi
- if [ ! -d $MICROBLOG_PATH/local/plugins ]; then
- mkdir -p $MICROBLOG_PATH/local/plugins
- fi
+ if [ ! -d $MICROBLOG_PATH/local/plugins ]; then
+ mkdir -p $MICROBLOG_PATH/local/plugins
+ fi
- cd $MICROBLOG_PATH/local/plugins
- function_check git_clone
- git_clone $MICROBLOG_MARKDOWN_REPO Markdown
- cd $MICROBLOG_PATH/local/plugins/Markdown
- git checkout $MICROBLOG_MARKDOWN_COMMIT -b $MICROBLOG_MARKDOWN_COMMIT
+ cd $MICROBLOG_PATH/local/plugins
+ function_check git_clone
+ git_clone $MICROBLOG_MARKDOWN_REPO Markdown
+ cd $MICROBLOG_PATH/local/plugins/Markdown
+ git checkout $MICROBLOG_MARKDOWN_COMMIT -b $MICROBLOG_MARKDOWN_COMMIT
- microblog_config_file=$MICROBLOG_PATH/config.php
- if ! grep -q "addPlugin('Markdown'" $microblog_config_file; then
- echo "" >> $microblog_config_file
- echo "// Markdown settings" >> $microblog_config_file
- echo "addPlugin('Markdown');" >> $microblog_config_file
- fi
+ microblog_config_file=$MICROBLOG_PATH/config.php
+ if ! grep -q "addPlugin('Markdown'" $microblog_config_file; then
+ echo "" >> $microblog_config_file
+ echo "// Markdown settings" >> $microblog_config_file
+ echo "addPlugin('Markdown');" >> $microblog_config_file
+ fi
- if ! grep -q "GNU Social Markdown commit" $COMPLETION_FILE; then
- echo "GNU Social Markdown commit:$MICROBLOG_MARKDOWN_COMMIT" >> $COMPLETION_FILE
- fi
+ if ! grep -q "GNU Social Markdown commit" $COMPLETION_FILE; then
+ echo "GNU Social Markdown commit:$MICROBLOG_MARKDOWN_COMMIT" >> $COMPLETION_FILE
+ fi
- chown -R www-data:www-data $MICROBLOG_PATH
+ chown -R www-data:www-data $MICROBLOG_PATH
- echo 'install_gnusocial_markdown' >> $COMPLETION_FILE
+ echo 'install_gnusocial_markdown' >> $COMPLETION_FILE
}
function install_gnusocial_plugin_nsfw {
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins ]; then
- echo $'No local/plugins directory found for the microblog'
- exit 37252
- fi
-
- # update to the next commit
- function_check set_repo_commit
- set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins "GNU Social NSFW plugin commit" "$GNUSOCIAL_NSFW_COMMIT" $GNUSOCIAL_NSFW_REPO
-
- if grep -Fxq "install_gnusocial_plugin_nsfw" $COMPLETION_FILE; then
- return
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
- function_check git_clone
- git_clone $GNUSOCIAL_NSFW_REPO NSFW
- if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/NSFW ]; then
- echo $'Unable to clone microblog NSFW plugin'
- exit 36738
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/NSFW
- git stash
- git checkout master
- git branch -D $GNUSOCIAL_NSFW_COMMIT
- git checkout $GNUSOCIAL_NSFW_COMMIT -b $GNUSOCIAL_NSFW_COMMIT
-
- # enable the plugin
- if ! grep -q "addPlugin('SensitiveContent');" /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php; then
- echo "addPlugin('SensitiveContent');" >> /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
- fi
-
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- php scripts/checkschema.php
-
- chown -R www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
-
- if ! grep -q "GNU Social NSFW plugin commit" $COMPLETION_FILE; then
- echo "GNU Social NSFW plugin commit:$GNUSOCIAL_NSFW_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s|GNU Social NSFW plugin commit.*|GNU Social NSFW plugin commit:$GNUSOCIAL_NSFW_COMMIT|g" $COMPLETION_FILE
- fi
- echo 'install_gnusocial_plugin_nsfw' >> $COMPLETION_FILE
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins ]; then
+ echo $'No local/plugins directory found for the microblog'
+ exit 37252
+ fi
+
+ # update to the next commit
+ function_check set_repo_commit
+ set_repo_commit /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins "GNU Social NSFW plugin commit" "$GNUSOCIAL_NSFW_COMMIT" $GNUSOCIAL_NSFW_REPO
+
+ if grep -Fxq "install_gnusocial_plugin_nsfw" $COMPLETION_FILE; then
+ return
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins
+ function_check git_clone
+ git_clone $GNUSOCIAL_NSFW_REPO NSFW
+ if [ ! -d /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/NSFW ]; then
+ echo $'Unable to clone microblog NSFW plugin'
+ exit 36738
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/local/plugins/NSFW
+ git stash
+ git checkout master
+ git branch -D $GNUSOCIAL_NSFW_COMMIT
+ git checkout $GNUSOCIAL_NSFW_COMMIT -b $GNUSOCIAL_NSFW_COMMIT
+
+ # enable the plugin
+ if ! grep -q "addPlugin('SensitiveContent');" /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php; then
+ echo "addPlugin('SensitiveContent');" >> /var/www/$MICROBLOG_DOMAIN_NAME/htdocs/config.php
+ fi
+
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ php scripts/checkschema.php
+
+ chown -R www-data:www-data /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+
+ if ! grep -q "GNU Social NSFW plugin commit" $COMPLETION_FILE; then
+ echo "GNU Social NSFW plugin commit:$GNUSOCIAL_NSFW_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s|GNU Social NSFW plugin commit.*|GNU Social NSFW plugin commit:$GNUSOCIAL_NSFW_COMMIT|g" $COMPLETION_FILE
+ fi
+ echo 'install_gnusocial_plugin_nsfw' >> $COMPLETION_FILE
}
function install_gnusocial {
- if grep -Fxq "install_gnusocial" $COMPLETION_FILE; then
- return
- fi
- install_gnusocial_main
- expire_gnusocial_posts
- install_gnusocial_theme
- install_gnusocial_markdown
- install_gnusocial_plugin_sharings
- install_gnusocial_plugin_sharings_theme
- install_gnusocial_plugin_nsfw
- echo 'install_gnusocial' >> $COMPLETION_FILE
+ if grep -Fxq "install_gnusocial" $COMPLETION_FILE; then
+ return
+ fi
+ install_gnusocial_main
+ expire_gnusocial_posts
+ install_gnusocial_theme
+ install_gnusocial_markdown
+ install_gnusocial_plugin_sharings
+ install_gnusocial_plugin_sharings_theme
+ install_gnusocial_plugin_nsfw
+ echo 'install_gnusocial' >> $COMPLETION_FILE
}
# NOTE: deliberately there is no "exit 0"
diff --git a/src/freedombone-app-gogs b/src/freedombone-app-gogs
index 1eb598464..f2211ff90 100755
--- a/src/freedombone-app-gogs
+++ b/src/freedombone-app-gogs
@@ -38,6 +38,10 @@ GIT_CODE=
GIT_ONION_PORT=8090
GIT_ADMIN_PASSWORD=
+function change_password_gogs {
+ echo -n ''
+}
+
function gogs_parameters {
CURR_ARCH=
if [[ $ARCHITECTURE == *"386" || $ARCHITECTURE == *"686" ]]; then
diff --git a/src/freedombone-app-hubzilla b/src/freedombone-app-hubzilla
index dde1d7201..02206d335 100755
--- a/src/freedombone-app-hubzilla
+++ b/src/freedombone-app-hubzilla
@@ -40,6 +40,10 @@ HUBZILLA_ADMIN_PASSWORD=
HUBZILLA_COMMIT='8aee932525d0bc341713fe7052e2a5ab318a69c0'
HUBZILLA_ADDONS_COMMIT='4456f097e3faf2adeab696ad08e3f213e82199bd'
+function change_password_hubzilla {
+ echo -n ''
+}
+
function get_mariadb_hubzilla_admin_password {
if [ -f /home/$MY_USERNAME/README ]; then
if grep -q "MariaDB Hubzilla admin password" /home/$MY_USERNAME/README; then
diff --git a/src/freedombone-app-ipfs b/src/freedombone-app-ipfs
index 0a9b9a324..c2b5d561a 100755
--- a/src/freedombone-app-ipfs
+++ b/src/freedombone-app-ipfs
@@ -41,6 +41,10 @@ IPFS_JS_RONIN_VERSION='0.3.11'
IPFS_KEY_LENGTH=2048
IPFS_GO_VERSION=0.4.2
+function change_password_ipfs {
+ echo -n ''
+}
+
function reconfigure_ipfs {
echo -n ''
}
diff --git a/src/freedombone-app-irc b/src/freedombone-app-irc
index 248fbfb46..df68bcc5e 100755
--- a/src/freedombone-app-irc
+++ b/src/freedombone-app-irc
@@ -36,277 +36,281 @@ IRC_ONION_PORT=6697
# An optional password to log into IRC. This applies to all users
IRC_PASSWORD=
+function change_password_irc {
+ echo -n ''
+}
+
function reconfigure_irc {
- echo -n ''
+ echo -n ''
}
function upgrade_irc {
- echo -n ''
+ echo -n ''
}
function backup_local_irc {
- echo -n ''
+ echo -n ''
}
function restore_local_irc {
- echo -n ''
+ echo -n ''
}
function backup_remote_irc {
- echo -n ''
+ echo -n ''
}
function restore_remote_irc {
- echo -n ''
+ echo -n ''
}
function remove_irc {
- if ! grep -Fxq "install_irc" $COMPLETION_FILE; then
- return
- fi
- systemctl stop ngircd
- apt-get -y remove --purge ngircd
- apt-get -y remove --purge irssi
- if [ -d /etc/ngircd ]; then
- rm -rf /etc/ngircd
- fi
- iptables -D INPUT -p tcp --dport $IRC_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport 1024:65535 --sport $IRC_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
- function_check remove_onion_service
- remove_onion_service irc ${IRC_ONION_PORT}
- sed -i '/install_irc/d' $COMPLETION_FILE
- sed -i '/IRC /d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_irc/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_irc" $COMPLETION_FILE; then
+ return
+ fi
+ systemctl stop ngircd
+ apt-get -y remove --purge ngircd
+ apt-get -y remove --purge irssi
+ if [ -d /etc/ngircd ]; then
+ rm -rf /etc/ngircd
+ fi
+ iptables -D INPUT -p tcp --dport $IRC_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport 1024:65535 --sport $IRC_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+ function_check remove_onion_service
+ remove_onion_service irc ${IRC_ONION_PORT}
+ sed -i '/install_irc/d' $COMPLETION_FILE
+ sed -i '/IRC /d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_irc/d' $COMPLETION_FILE
}
function configure_firewall_for_irc {
- if [ ! -d /etc/ngircd ]; then
- return
- fi
- if grep -Fxq "configure_firewall_for_irc" $COMPLETION_FILE; then
- return
- fi
- if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
- # docker does its own firewalling
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
- iptables -A INPUT -p tcp --dport $IRC_PORT -j ACCEPT
- iptables -I INPUT -p tcp --dport 1024:65535 --sport $IRC_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
+ if [ ! -d /etc/ngircd ]; then
+ return
+ fi
+ if grep -Fxq "configure_firewall_for_irc" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
+ # docker does its own firewalling
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+ iptables -A INPUT -p tcp --dport $IRC_PORT -j ACCEPT
+ iptables -I INPUT -p tcp --dport 1024:65535 --sport $IRC_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
- OPEN_PORTS+=("IRC $IRC_PORT")
- echo 'configure_firewall_for_irc' >> $COMPLETION_FILE
+ OPEN_PORTS+=("IRC $IRC_PORT")
+ echo 'configure_firewall_for_irc' >> $COMPLETION_FILE
}
function install_irc_server {
- if grep -Fxq "install_irc_server" $COMPLETION_FILE; then
- return
- fi
- apt-get -y install ngircd
+ if grep -Fxq "install_irc_server" $COMPLETION_FILE; then
+ return
+ fi
+ apt-get -y install ngircd
- if [ ! -d /etc/ngircd ]; then
- echo $"ERROR: ngircd does not appear to have installed. $CHECK_MESSAGE"
- exit 53
- fi
+ if [ ! -d /etc/ngircd ]; then
+ echo $"ERROR: ngircd does not appear to have installed. $CHECK_MESSAGE"
+ exit 53
+ fi
- if [ ! -f /etc/ssl/certs/ngircd.dhparam ]; then
- ${PROJECT_NAME}-addcert -h ngircd --dhkey $DH_KEYLENGTH
- function_check check_certificates
- check_certificates ngircd
- fi
+ if [ ! -f /etc/ssl/certs/ngircd.dhparam ]; then
+ ${PROJECT_NAME}-addcert -h ngircd --dhkey $DH_KEYLENGTH
+ function_check check_certificates
+ check_certificates ngircd
+ fi
- DEFAULTDOMAIN=$DEFAULT_DOMAIN_NAME
- if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
- DEFAULTDOMAIN="${DEFAULT_DOMAIN_NAME}.local"
- fi
+ DEFAULTDOMAIN=$DEFAULT_DOMAIN_NAME
+ if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
+ DEFAULTDOMAIN="${DEFAULT_DOMAIN_NAME}.local"
+ fi
- # create a login password if needed
- if [ ! $IRC_PASSWORD ]; then
- IRC_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
+ # create a login password if needed
+ if [ ! $IRC_PASSWORD ]; then
+ IRC_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
- echo '**************************************************' > /etc/ngircd/motd
- echo $'* F R E E D O M B O N E I R C *' >> /etc/ngircd/motd
- echo '* *' >> /etc/ngircd/motd
- echo $'* Freedom in the Cloud *' >> /etc/ngircd/motd
- echo '**************************************************' >> /etc/ngircd/motd
- sed -i 's|MotdFile = /etc/ngircd/ngircd.motd|MotdFile = /etc/ngircd/motd|g' /etc/ngircd/ngircd.conf
- sed -i "s/irc@irc.example.com/$MY_EMAIL_ADDRESS/g" /etc/ngircd/ngircd.conf
- sed -i "s/irc.example.net/$DEFAULTDOMAIN/g" /etc/ngircd/ngircd.conf
- sed -i "s|Yet another IRC Server running on Debian GNU/Linux|IRC Server of $DEFAULTDOMAIN|g" /etc/ngircd/ngircd.conf
- sed -i 's/;Password = wealllikedebian/Password =/g' /etc/ngircd/ngircd.conf
- sed -i 's|;CertFile = /etc/ssl/certs/server.crt|CertFile = /etc/ssl/certs/ngircd.crt|g' /etc/ngircd/ngircd.conf
- sed -i 's|;DHFile = /etc/ngircd/dhparams.pem|DHFile = /etc/ssl/certs/ngircd.dhparam|g' /etc/ngircd/ngircd.conf
- sed -i 's|;KeyFile = /etc/ssl/private/server.key|KeyFile = /etc/ssl/private/ngircd.key|g' /etc/ngircd/ngircd.conf
- sed -i "s/;Ports =.*/Ports = $IRC_PORT/1" /etc/ngircd/ngircd.conf
- sed -i "s/;Ports =.*/Ports = $IRC_PORT/2" /etc/ngircd/ngircd.conf
- sed -i "s/;Name = #ngircd/Name = #${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf
- sed -i "s/;Topic = Our ngircd testing channel/Topic = ${PROJECT_NAME} chat channel/g" /etc/ngircd/ngircd.conf
- sed -i 's/;MaxUsers = 23/MaxUsers = 23/g' /etc/ngircd/ngircd.conf
- sed -i "s|;KeyFile = /etc/ngircd/#chan.key|KeyFile = /etc/ngircd/#${PROJECT_NAME}.key|g" /etc/ngircd/ngircd.conf
- sed -i "s/;CloakHost = cloaked.host/CloakHost = ${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf
- IRC_SALT="$(create_password 30)"
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- IRC_OPERATOR_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- IRC_OPERATOR_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- sed -i "s|;CloakHostSalt = abcdefghijklmnopqrstuvwxyz|CloakHostSalt = $IRC_SALT|g" /etc/ngircd/ngircd.conf
- sed -i 's/;ConnectIPv4 = yes/ConnectIPv4 = yes/g' /etc/ngircd/ngircd.conf
- sed -i 's/;MorePrivacy = no/MorePrivacy = yes/g' /etc/ngircd/ngircd.conf
- sed -i 's/;RequireAuthPing = no/RequireAuthPing = no/g' /etc/ngircd/ngircd.conf
- sed -i "s/;Name = TheOper/Name = $MY_USERNAME/g" /etc/ngircd/ngircd.conf
- sed -i "s/;Password = ThePwd/Password = $IRC_OPERATOR_PASSWORD/g" /etc/ngircd/ngircd.conf
- sed -i 's|;Listen =.*|Listen = 0.0.0.0,0.0.0.0:9050,127.0.0.1,127.0.0.1:9050|g' /etc/ngircd/ngircd.conf
- if [ $IRC_PASSWORD ]; then
- sed -i "0,/RE/s/Password =.*/Password =$IRC_PASSWORD/" /etc/ngircd/ngircd.conf
- fi
- # If we are on a mesh then DNS is not available
- if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
- sed -i "s/;DNS =.*/DNS = no/g" /etc/ngircd/ngircd.conf
- fi
- # upgrade a cypher
- sed -i 's|SECURE128|SECURE256|g' /etc/ngircd/ngircd.conf
- mkdir /var/run/ircd
- chown -R irc:irc /var/run/ircd
- mkdir /var/run/ngircd
- touch /var/run/ngircd/ngircd.pid
- chown -R irc:irc /var/run/ngircd
+ echo '**************************************************' > /etc/ngircd/motd
+ echo $'* F R E E D O M B O N E I R C *' >> /etc/ngircd/motd
+ echo '* *' >> /etc/ngircd/motd
+ echo $'* Freedom in the Cloud *' >> /etc/ngircd/motd
+ echo '**************************************************' >> /etc/ngircd/motd
+ sed -i 's|MotdFile = /etc/ngircd/ngircd.motd|MotdFile = /etc/ngircd/motd|g' /etc/ngircd/ngircd.conf
+ sed -i "s/irc@irc.example.com/$MY_EMAIL_ADDRESS/g" /etc/ngircd/ngircd.conf
+ sed -i "s/irc.example.net/$DEFAULTDOMAIN/g" /etc/ngircd/ngircd.conf
+ sed -i "s|Yet another IRC Server running on Debian GNU/Linux|IRC Server of $DEFAULTDOMAIN|g" /etc/ngircd/ngircd.conf
+ sed -i 's/;Password = wealllikedebian/Password =/g' /etc/ngircd/ngircd.conf
+ sed -i 's|;CertFile = /etc/ssl/certs/server.crt|CertFile = /etc/ssl/certs/ngircd.crt|g' /etc/ngircd/ngircd.conf
+ sed -i 's|;DHFile = /etc/ngircd/dhparams.pem|DHFile = /etc/ssl/certs/ngircd.dhparam|g' /etc/ngircd/ngircd.conf
+ sed -i 's|;KeyFile = /etc/ssl/private/server.key|KeyFile = /etc/ssl/private/ngircd.key|g' /etc/ngircd/ngircd.conf
+ sed -i "s/;Ports =.*/Ports = $IRC_PORT/1" /etc/ngircd/ngircd.conf
+ sed -i "s/;Ports =.*/Ports = $IRC_PORT/2" /etc/ngircd/ngircd.conf
+ sed -i "s/;Name = #ngircd/Name = #${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf
+ sed -i "s/;Topic = Our ngircd testing channel/Topic = ${PROJECT_NAME} chat channel/g" /etc/ngircd/ngircd.conf
+ sed -i 's/;MaxUsers = 23/MaxUsers = 23/g' /etc/ngircd/ngircd.conf
+ sed -i "s|;KeyFile = /etc/ngircd/#chan.key|KeyFile = /etc/ngircd/#${PROJECT_NAME}.key|g" /etc/ngircd/ngircd.conf
+ sed -i "s/;CloakHost = cloaked.host/CloakHost = ${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf
+ IRC_SALT="$(create_password 30)"
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ IRC_OPERATOR_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ IRC_OPERATOR_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ sed -i "s|;CloakHostSalt = abcdefghijklmnopqrstuvwxyz|CloakHostSalt = $IRC_SALT|g" /etc/ngircd/ngircd.conf
+ sed -i 's/;ConnectIPv4 = yes/ConnectIPv4 = yes/g' /etc/ngircd/ngircd.conf
+ sed -i 's/;MorePrivacy = no/MorePrivacy = yes/g' /etc/ngircd/ngircd.conf
+ sed -i 's/;RequireAuthPing = no/RequireAuthPing = no/g' /etc/ngircd/ngircd.conf
+ sed -i "s/;Name = TheOper/Name = $MY_USERNAME/g" /etc/ngircd/ngircd.conf
+ sed -i "s/;Password = ThePwd/Password = $IRC_OPERATOR_PASSWORD/g" /etc/ngircd/ngircd.conf
+ sed -i 's|;Listen =.*|Listen = 0.0.0.0,0.0.0.0:9050,127.0.0.1,127.0.0.1:9050|g' /etc/ngircd/ngircd.conf
+ if [ $IRC_PASSWORD ]; then
+ sed -i "0,/RE/s/Password =.*/Password =$IRC_PASSWORD/" /etc/ngircd/ngircd.conf
+ fi
+ # If we are on a mesh then DNS is not available
+ if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
+ sed -i "s/;DNS =.*/DNS = no/g" /etc/ngircd/ngircd.conf
+ fi
+ # upgrade a cypher
+ sed -i 's|SECURE128|SECURE256|g' /etc/ngircd/ngircd.conf
+ mkdir /var/run/ircd
+ chown -R irc:irc /var/run/ircd
+ mkdir /var/run/ngircd
+ touch /var/run/ngircd/ngircd.pid
+ chown -R irc:irc /var/run/ngircd
- IRC_ONION_HOSTNAME=$(add_onion_service irc ${IRC_PORT} ${IRC_ONION_PORT})
- if ! grep -q $"IRC onion domain" $COMPLETION_FILE; then
- echo "IRC onion domain:$IRC_ONION_HOSTNAME" >> $COMPLETION_FILE
- fi
+ IRC_ONION_HOSTNAME=$(add_onion_service irc ${IRC_PORT} ${IRC_ONION_PORT})
+ if ! grep -q $"IRC onion domain" $COMPLETION_FILE; then
+ echo "IRC onion domain:$IRC_ONION_HOSTNAME" >> $COMPLETION_FILE
+ fi
- systemctl restart ngircd
+ systemctl restart ngircd
- # keep the daemon running
- echo '' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo '# keep irc daemon running' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo 'IRC_RUNNING=$(pgrep ngircd > /dev/null && echo Running)' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo 'if [ ! $IRC_RUNNING ]; then' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo ' systemctl start ngircd' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo ' echo -n $CURRENT_DATE >> $LOGFILE' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo ' echo " IRC daemon restarted" >> $LOGFILE' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo 'fi' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ # keep the daemon running
+ echo '' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo '# keep irc daemon running' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo 'IRC_RUNNING=$(pgrep ngircd > /dev/null && echo Running)' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo 'if [ ! $IRC_RUNNING ]; then' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo ' systemctl start ngircd' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo ' echo -n $CURRENT_DATE >> $LOGFILE' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo ' echo " IRC daemon restarted" >> $LOGFILE' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo 'fi' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- if ! grep -q $"IRC Server" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'IRC Server' >> /home/$MY_USERNAME/README
- echo '==========' >> /home/$MY_USERNAME/README
- echo $'To connect to your IRC server in irssi:' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- if [[ $ONION_ONLY != 'yes' ]]; then
- echo " irssi" >> /home/$MY_USERNAME/README
- echo " /server add -auto -ssl $DEFAULTDOMAIN $IRC_PORT" >> /home/$MY_USERNAME/README
- echo " /connect $DEFAULT_DOMAIN_NAME" >> /home/$MY_USERNAME/README
- else
- echo " usetorwith irssi" >> /home/$MY_USERNAME/README
- echo " /server add -auto $IRC_ONION_HOSTNAME $IRC_PORT" >> /home/$MY_USERNAME/README
- echo " /connect $IRC_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
- fi
- echo " /join #${PROJECT_NAME}" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
+ if ! grep -q $"IRC Server" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'IRC Server' >> /home/$MY_USERNAME/README
+ echo '==========' >> /home/$MY_USERNAME/README
+ echo $'To connect to your IRC server in irssi:' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ if [[ $ONION_ONLY != 'yes' ]]; then
+ echo " irssi" >> /home/$MY_USERNAME/README
+ echo " /server add -auto -ssl $DEFAULTDOMAIN $IRC_PORT" >> /home/$MY_USERNAME/README
+ echo " /connect $DEFAULT_DOMAIN_NAME" >> /home/$MY_USERNAME/README
+ else
+ echo " usetorwith irssi" >> /home/$MY_USERNAME/README
+ echo " /server add -auto $IRC_ONION_HOSTNAME $IRC_PORT" >> /home/$MY_USERNAME/README
+ echo " /connect $IRC_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
+ fi
+ echo " /join #${PROJECT_NAME}" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
- function_check configure_firewall_for_irc
- configure_firewall_for_irc
- echo 'install_irc_server' >> $COMPLETION_FILE
+ function_check configure_firewall_for_irc
+ configure_firewall_for_irc
+ echo 'install_irc_server' >> $COMPLETION_FILE
}
function install_irc_client {
- if grep -Fxq "install_irc_client" $COMPLETION_FILE; then
- return
- fi
- apt-get -y install irssi
+ if grep -Fxq "install_irc_client" $COMPLETION_FILE; then
+ return
+ fi
+ apt-get -y install irssi
- if [ ! -d /home/$MY_USERNAME/.irssi ]; then
- mkdir /home/$MY_USERNAME/.irssi
- fi
+ if [ ! -d /home/$MY_USERNAME/.irssi ]; then
+ mkdir /home/$MY_USERNAME/.irssi
+ fi
- echo 'servers = (' > /home/$MY_USERNAME/.irssi/config
- echo ' {' >> /home/$MY_USERNAME/.irssi/config
- echo ' address = "chat.freenode.net";' >> /home/$MY_USERNAME/.irssi/config
- echo ' chatnet = "Freenode";' >> /home/$MY_USERNAME/.irssi/config
- echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
- echo ' autoconnect = "no";' >> /home/$MY_USERNAME/.irssi/config
- echo ' },' >> /home/$MY_USERNAME/.irssi/config
- echo ' {' >> /home/$MY_USERNAME/.irssi/config
- echo ' address = "irc.oftc.net";' >> /home/$MY_USERNAME/.irssi/config
- echo ' chatnet = "OFTC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
- echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
- echo ' },' >> /home/$MY_USERNAME/.irssi/config
- echo ' {' >> /home/$MY_USERNAME/.irssi/config
- echo " address = \"127.0.0.1\";" >> /home/$MY_USERNAME/.irssi/config
- if [[ $ONION_ONLY == 'no' ]]; then
- echo " port = \"${IRC_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
- echo ' use_ssl = "yes";' >> /home/$MY_USERNAME/.irssi/config
- else
- IRC_ONION_HOSTNAME=$(cat $COMPLETION_FILE | grep "IRC onion domain" | awk -F ':' '{print $2}')
- echo " port = \"${IRC_ONION_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
- echo ' use_ssl = "no";' >> /home/$MY_USERNAME/.irssi/config
- fi
- echo ' chatnet = "Freedombone";' >> /home/$MY_USERNAME/.irssi/config
- echo ' ssl_verify = "no";' >> /home/$MY_USERNAME/.irssi/config
- echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
- if [ $IRC_PASSWORD ]; then
- echo " password = \"${IRC_PASSWORD}\";" >> /home/$MY_USERNAME/.irssi/config
- fi
- echo ' }' >> /home/$MY_USERNAME/.irssi/config
- echo ');' >> /home/$MY_USERNAME/.irssi/config
- echo '' >> /home/$MY_USERNAME/.irssi/config
- echo 'chatnets = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' Freedombone = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' };' >> /home/$MY_USERNAME/.irssi/config
- echo ' Freenode = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' };' >> /home/$MY_USERNAME/.irssi/config
- echo ' OFTC = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_msgs = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' };' >> /home/$MY_USERNAME/.irssi/config
- echo '};' >> /home/$MY_USERNAME/.irssi/config
- echo '' >> /home/$MY_USERNAME/.irssi/config
- echo 'channels = (' >> /home/$MY_USERNAME/.irssi/config
- echo ' { name = "#freedombone"; chatnet = "Freedombone"; autojoin = "Yes"; },' >> /home/$MY_USERNAME/.irssi/config
- echo ');' >> /home/$MY_USERNAME/.irssi/config
- echo '' >> /home/$MY_USERNAME/.irssi/config
- echo 'settings = {' >> /home/$MY_USERNAME/.irssi/config
- echo " core = { real_name = \"$MY_NAME\"; user_name = \"$MY_USERNAME\"; nick = \"$MY_USERNAME\"; };" >> /home/$MY_USERNAME/.irssi/config
- echo ' "fe-text" = { actlist_sort = "refnum"; };' >> /home/$MY_USERNAME/.irssi/config
- echo '};' >> /home/$MY_USERNAME/.irssi/config
- echo 'ignores = ( { level = "CTCPS"; } );' >> /home/$MY_USERNAME/.irssi/config
+ echo 'servers = (' > /home/$MY_USERNAME/.irssi/config
+ echo ' {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' address = "chat.freenode.net";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' chatnet = "Freenode";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' autoconnect = "no";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' },' >> /home/$MY_USERNAME/.irssi/config
+ echo ' {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' address = "irc.oftc.net";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' chatnet = "OFTC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' },' >> /home/$MY_USERNAME/.irssi/config
+ echo ' {' >> /home/$MY_USERNAME/.irssi/config
+ echo " address = \"127.0.0.1\";" >> /home/$MY_USERNAME/.irssi/config
+ if [[ $ONION_ONLY == 'no' ]]; then
+ echo " port = \"${IRC_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
+ echo ' use_ssl = "yes";' >> /home/$MY_USERNAME/.irssi/config
+ else
+ IRC_ONION_HOSTNAME=$(cat $COMPLETION_FILE | grep "IRC onion domain" | awk -F ':' '{print $2}')
+ echo " port = \"${IRC_ONION_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
+ echo ' use_ssl = "no";' >> /home/$MY_USERNAME/.irssi/config
+ fi
+ echo ' chatnet = "Freedombone";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' ssl_verify = "no";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
+ if [ $IRC_PASSWORD ]; then
+ echo " password = \"${IRC_PASSWORD}\";" >> /home/$MY_USERNAME/.irssi/config
+ fi
+ echo ' }' >> /home/$MY_USERNAME/.irssi/config
+ echo ');' >> /home/$MY_USERNAME/.irssi/config
+ echo '' >> /home/$MY_USERNAME/.irssi/config
+ echo 'chatnets = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' Freedombone = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' };' >> /home/$MY_USERNAME/.irssi/config
+ echo ' Freenode = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' };' >> /home/$MY_USERNAME/.irssi/config
+ echo ' OFTC = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_msgs = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' };' >> /home/$MY_USERNAME/.irssi/config
+ echo '};' >> /home/$MY_USERNAME/.irssi/config
+ echo '' >> /home/$MY_USERNAME/.irssi/config
+ echo 'channels = (' >> /home/$MY_USERNAME/.irssi/config
+ echo ' { name = "#freedombone"; chatnet = "Freedombone"; autojoin = "Yes"; },' >> /home/$MY_USERNAME/.irssi/config
+ echo ');' >> /home/$MY_USERNAME/.irssi/config
+ echo '' >> /home/$MY_USERNAME/.irssi/config
+ echo 'settings = {' >> /home/$MY_USERNAME/.irssi/config
+ echo " core = { real_name = \"$MY_NAME\"; user_name = \"$MY_USERNAME\"; nick = \"$MY_USERNAME\"; };" >> /home/$MY_USERNAME/.irssi/config
+ echo ' "fe-text" = { actlist_sort = "refnum"; };' >> /home/$MY_USERNAME/.irssi/config
+ echo '};' >> /home/$MY_USERNAME/.irssi/config
+ echo 'ignores = ( { level = "CTCPS"; } );' >> /home/$MY_USERNAME/.irssi/config
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.irssi
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.irssi
- echo 'install_irc_client' >> $COMPLETION_FILE
+ echo 'install_irc_client' >> $COMPLETION_FILE
}
function install_irc {
- if grep -Fxq "install_irc" $COMPLETION_FILE; then
- return
- fi
- install_irc_server
- install_irc_client
- echo 'install_irc' >> $COMPLETION_FILE
+ if grep -Fxq "install_irc" $COMPLETION_FILE; then
+ return
+ fi
+ install_irc_server
+ install_irc_client
+ echo 'install_irc' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-librevault b/src/freedombone-app-librevault
index 2c6a156cc..482caa558 100755
--- a/src/freedombone-app-librevault
+++ b/src/freedombone-app-librevault
@@ -37,6 +37,10 @@ LIBREVAULT_REPO="https://github.com/Librevault/librevault"
LIBREVAULT_COMMIT='86a6aefcb5cc458f4d42195368fbcff2871f98e3'
LIBREVAULT_PORT=42345
+function change_password_librevault {
+ echo -n ''
+}
+
function reconfigure_librevault {
echo -n ''
# TODO
diff --git a/src/freedombone-app-mediagoblin b/src/freedombone-app-mediagoblin
index d023faca8..0a77e47aa 100755
--- a/src/freedombone-app-mediagoblin
+++ b/src/freedombone-app-mediagoblin
@@ -37,389 +37,393 @@ MEDIAGOBLIN_COMMIT='d1ac2d52fd8859c3f32fa38e4836ffe9615e5bba'
MEDIAGOBLIN_ADMIN_PASSWORD=
MEDIAGOBLIN_ONION_PORT=8096
+function change_password_mediagoblin {
+ echo -n ''
+}
+
function reconfigure_mediagoblin {
- echo -n ''
+ echo -n ''
}
function upgrade_mediagoblin {
- echo -n ''
+ echo -n ''
}
function backup_local_mediagoblin {
- echo -n ''
+ echo -n ''
}
function restore_local_mediagoblin {
- echo -n ''
+ echo -n ''
}
function backup_remote_mediagoblin {
- if grep -q "Mediagoblin domain" $COMPLETION_FILE; then
- MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}')
- function_check suspend_site
- suspend_site ${MEDIAGOBLIN_DOMAIN_NAME}
+ if grep -q "Mediagoblin domain" $COMPLETION_FILE; then
+ MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}')
+ function_check suspend_site
+ suspend_site ${MEDIAGOBLIN_DOMAIN_NAME}
- echo $"Backing up Mediagoblin"
+ echo $"Backing up Mediagoblin"
- backup_directory_to_friend /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs mediagoblin
+ backup_directory_to_friend /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs mediagoblin
- function_check restart_site
- restart_site
+ function_check restart_site
+ restart_site
- echo $"Backup of Mediagoblin complete"
- fi
+ echo $"Backup of Mediagoblin complete"
+ fi
}
function restore_remote_mediagoblin {
- if grep -q "Mediagoblin domain" $COMPLETION_FILE; then
- MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}')
- if [ -d $SERVER_DIRECTORY/backup/mediagoblin ]; then
- echo $"Restoring Mediagoblin installation"
- temp_restore_dir=/root/tempmediagoblin
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir mediagoblin
- cp -r $temp_restore_dir/* /
- if [ ! "$?" = "0" ]; then
- exit 5626
- fi
- rm -rf $temp_restore_dir
- echo $"Restore of Mediagoblin complete"
- fi
- chown -hR mediagoblin:www-data /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs
- fi
+ if grep -q "Mediagoblin domain" $COMPLETION_FILE; then
+ MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}')
+ if [ -d $SERVER_DIRECTORY/backup/mediagoblin ]; then
+ echo $"Restoring Mediagoblin installation"
+ temp_restore_dir=/root/tempmediagoblin
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir mediagoblin
+ cp -r $temp_restore_dir/* /
+ if [ ! "$?" = "0" ]; then
+ exit 5626
+ fi
+ rm -rf $temp_restore_dir
+ echo $"Restore of Mediagoblin complete"
+ fi
+ chown -hR mediagoblin:www-data /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs
+ fi
}
function remove_mediagoblin {
- echo -n ''
+ echo -n ''
}
function install_mediagoblin {
- if [ ! $MEDIAGOBLIN_DOMAIN_NAME ]; then
- return
- fi
-
- MEDIAGOBLIN_WORKING_DIRECTORY=/var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs
-
- # update to a new commit if needed
- function_check set_repo_commit
- set_repo_commit $MEDIAGOBLIN_WORKING_DIRECTORY "Mediagoblin commit" "$MEDIAGOBLIN_COMMIT" $MEDIAGOBLIN_REPO
- if [ -d $MEDIAGOBLIN_WORKING_DIRECTORY ]; then
- chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
- fi
-
- if grep -Fxq "install_mediagoblin" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install git-core python python-dev python-lxml python-pil
- apt-get -y install python-virtualenv npm nodejs-legacy automake
- apt-get -y install fcgiwrap
-
- #apt-get -y install postgresql postgresql-client python-psycopg2
- #apt-get -y install python-gst-1.0 libjpeg62-turbo-dev gstreamer1.0-plugins-base python-gobject
- #apt-get -y install gstreamer1.0-plugins-good gstreamer1.0-libav libav-tools gstreamer0.10-tools
- #apt-get -y install python-numpy python-scipy libsndfile1-dev python-gst0.10-dev
- #apt-get -y install gstreamer0.10-plugins-base gstreamer0.10-plugins-good gstreamer1.0-tools
- #su -c "createuser -A -D mediagoblin" - postgres
- #su -c "createdb -E UNICODE -O mediagoblin mediagoblin" - postgres
-
- useradd -c "GNU MediaGoblin system account" -d /var/lib/mediagoblin -m -r -g www-data mediagoblin
- groupadd mediagoblin
- usermod --append -G mediagoblin mediagoblin
-
- if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY ]; then
- mkdir -p $MEDIAGOBLIN_WORKING_DIRECTORY
- fi
-
- function_check git_clone
- git_clone $MEDIAGOBLIN_REPO $MEDIAGOBLIN_WORKING_DIRECTORY
- cd $MEDIAGOBLIN_WORKING_DIRECTORY
- git checkout $MEDIAGOBLIN_COMMIT -b $MEDIAGOBLIN_COMMIT
- git submodule init
- git submodule update
-
- if ! grep -q "Mediagoblin commit" $COMPLETION_FILE; then
- echo "Mediagoblin commit:$MEDIAGOBLIN_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/Mediagoblin commit.*/Mediagoblin commit:$MEDIAGOBLIN_COMMIT/g" $COMPLETION_FILE
- fi
-
- chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bootstrap.sh" - mediagoblin
- if [ ! "$?" = "0" ]; then
- exit 278826
- fi
-
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./configure" - mediagoblin
- if [ ! "$?" = "0" ]; then
- exit 462826
- fi
-
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && make" - mediagoblin
- if [ ! "$?" = "0" ]; then
- exit 738229
- fi
-
- if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev ]; then
- mkdir $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev
- fi
- chmod 750 $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install flup==1.0.3.dev-20110405" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade billiard" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade Paste" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade amqp" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade anyjson" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade py-bcrypt" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade wtforms" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade python-dateutil" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade alembic" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade waitress" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade imagesize" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade alabaster" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade snowballstemmer" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade docutils" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade Pygments" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade beautifulsoup4" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade WebOb" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade py" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade execnet" - mediagoblin
-
- # create some directories
- mkdir /var/log/mediagoblin
- chown -hR mediagoblin:www-data /var/log/mediagoblin
- mkdir /var/run/mediagoblin
- chown -hR mediagoblin:www-data /var/run/mediagoblin
-
- if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin.ini ]; then
- echo $'mediagoblin.ini not found'
- exit 737529
- fi
- if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/paste.ini ]; then
- echo $'paste.ini not found'
- exit 52762
- fi
-
- cp -av mediagoblin.ini mediagoblin_local.ini
- cp -av paste.ini paste_local.ini
-
- chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
-
- # init with systemd
- echo '[Unit]' > /etc/systemd/system/mediagoblin-celeryd.service
- echo 'Description=Mediagoblin Celeryd' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'After=network.target' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo '' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo '[Service]' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'Type=simple' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin-celeryd.service
- echo "Environment=MEDIAGOBLIN_CONFIG=$MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin_local.ini \\" >> /etc/systemd/system/mediagoblin-celeryd.service
- echo ' CELERY_CONFIG_MODULE=mediagoblin.init.celery.from_celery' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/celery worker \\" >> /etc/systemd/system/mediagoblin-celeryd.service
- echo ' --logfile=/var/log/mediagoblin/celery.log \' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo ' --loglevel=INFO' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'PIDFile=/var/run/mediagoblin/mediagoblin-celeryd.pid' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo '' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo '[Install]' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-celeryd.service
-
- echo '[Unit]' > /etc/systemd/system/mediagoblin-paster.service
- echo 'Description=Mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'After=network.target' >> /etc/systemd/system/mediagoblin-paster.service
- echo '' >> /etc/systemd/system/mediagoblin-paster.service
- echo '[Service]' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'Type=forking' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'Environment=CELERY_ALWAYS_EAGER=false' >> /etc/systemd/system/mediagoblin-paster.service
- echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin-paster.service
- echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/paster serve \\" >> /etc/systemd/system/mediagoblin-paster.service
- echo " $MEDIAGOBLIN_WORKING_DIRECTORY/paste_local.ini \\" >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --pid-file=/var/run/mediagoblin/mediagoblin.pid \' >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --log-file=/var/log/mediagoblin/mediagoblin.log \' >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --daemon \' >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --server-name=fcgi fcgi_host=127.0.0.1 fcgi_port=26543' >> /etc/systemd/system/mediagoblin-paster.service
- echo "ExecStop=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/paster serve \\" >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --pid-file=/var/run/mediagoblin/mediagoblin.pid \' >> /etc/systemd/system/mediagoblin-paster.service
- echo " $MEDIAGOBLIN_WORKING_DIRECTORY/paste_local.ini stop" >> /etc/systemd/system/mediagoblin-paster.service
- echo 'PIDFile=/var/run/mediagoblin/mediagoblin.pid' >> /etc/systemd/system/mediagoblin-paster.service
- echo '' >> /etc/systemd/system/mediagoblin-paster.service
- echo '[Install]' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-paster.service
- systemctl daemon-reload
- systemctl enable mediagoblin-celeryd
- systemctl enable mediagoblin-paster
- systemctl daemon-reload
- systemctl start mediagoblin-celeryd
- systemctl start mediagoblin-paster
-
- MEDIAGOBLIN_ONION_HOSTNAME=$(add_onion_service mediagoblin 80 ${MEDIAGOBLIN_ONION_PORT})
- if ! grep -q "Mediagoblin onion domain" $COMPLETION_FILE; then
- echo "Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}" >> $COMPLETION_FILE
- else
- sed -i "s|Mediagoblin onion domain.*|Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}|g" $COMPLETION_FILE
- fi
- if [[ $MEDIAGOBLIN_ONION_HOSTNAME == *"not found"* ]]; then
- echo $'Problem creating onion address for mediagoblin'
- exit 672652
- fi
-
- # web config
- MEDIAGOBLIN_VIRTUAL_HOST=/etc/nginx/sites-available/$MEDIAGOBLIN_DOMAIN_NAME
- function_check nginx_http_redirect
- nginx_http_redirect $MEDIAGOBLIN_DOMAIN_NAME
- if [[ $ONION_ONLY == 'no' ]]; then
- echo 'server {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' listen 443 ssl;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Stock useful config options, but ignore them :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' include /etc/nginx/mime.types;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' autoindex off;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- function_check nginx_limits
- nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
- function_check nginx_ssl
- nginx_ssl $MEDIAGOBLIN_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Gzip' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip_min_length 1024;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip_buffers 4 32k;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip_types text/plain application/x-javascript text/javascript text/xml text/css;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Mounting MediaGoblin stuff' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # This is the section you should read' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " server_name $MEDIAGOBLIN_DOMAIN_NAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' access_log /var/log/nginx/mediagoblin.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' error_log /var/log/nginx/mediagoblin.error.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # our understanding vs nginxs handling of script_name vs' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # path_info dont match :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' fastcgi_param PATH_INFO $fastcgi_script_name;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' fastcgi_param SCRIPT_NAME "";' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '}' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- else
- echo -n '' > $MEDIAGOBLIN_VIRTUAL_HOST
- fi
-
- echo 'server {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " listen 127.0.0.1:${MEDIAGOBLIN_ONION_PORT} default_server;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Stock useful config options, but ignore them :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' include /etc/nginx/mime.types;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' autoindex off;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- function_check nginx_limits
- nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Gzip' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip_min_length 1024;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip_buffers 4 32k;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip_types text/plain application/x-javascript text/javascript text/xml text/css;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Mounting MediaGoblin stuff' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # This is the section you should read' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " server_name $MEDIAGOBLIN_ONION_HOSTNAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' access_log /var/log/nginx/mediagoblin.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' error_log /var/log/nginx/mediagoblin.error.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # our understanding vs nginxs handling of script_name vs' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # path_info dont match :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' fastcgi_param PATH_INFO $fastcgi_script_name;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' fastcgi_param SCRIPT_NAME "";' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '}' >> $MEDIAGOBLIN_VIRTUAL_HOST
-
- function_check create_site_certificate
- create_site_certificate $MEDIAGOBLIN_DOMAIN_NAME
-
- nginx_ensite $MEDIAGOBLIN_DOMAIN_NAME
- systemctl restart php5-fpm
- systemctl restart nginx
-
- add_ddns_domain $MEDIAGOBLIN_DOMAIN_NAME
-
- if ! grep -q "Mediagoblin domain" $COMPLETION_FILE; then
- echo "Mediagoblin domain:$MEDIAGOBLIN_DOMAIN_NAME" >> $COMPLETION_FILE
- else
- sed -i "s/Mediagoblin domain.*/Mediagoblin domain:$MEDIAGOBLIN_DOMAIN_NAME/g" $COMPLETION_FILE
- fi
-
- echo 'install_mediagoblin' >> $COMPLETION_FILE
+ if [ ! $MEDIAGOBLIN_DOMAIN_NAME ]; then
+ return
+ fi
+
+ MEDIAGOBLIN_WORKING_DIRECTORY=/var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs
+
+ # update to a new commit if needed
+ function_check set_repo_commit
+ set_repo_commit $MEDIAGOBLIN_WORKING_DIRECTORY "Mediagoblin commit" "$MEDIAGOBLIN_COMMIT" $MEDIAGOBLIN_REPO
+ if [ -d $MEDIAGOBLIN_WORKING_DIRECTORY ]; then
+ chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
+ fi
+
+ if grep -Fxq "install_mediagoblin" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install git-core python python-dev python-lxml python-pil
+ apt-get -y install python-virtualenv npm nodejs-legacy automake
+ apt-get -y install fcgiwrap
+
+ #apt-get -y install postgresql postgresql-client python-psycopg2
+ #apt-get -y install python-gst-1.0 libjpeg62-turbo-dev gstreamer1.0-plugins-base python-gobject
+ #apt-get -y install gstreamer1.0-plugins-good gstreamer1.0-libav libav-tools gstreamer0.10-tools
+ #apt-get -y install python-numpy python-scipy libsndfile1-dev python-gst0.10-dev
+ #apt-get -y install gstreamer0.10-plugins-base gstreamer0.10-plugins-good gstreamer1.0-tools
+ #su -c "createuser -A -D mediagoblin" - postgres
+ #su -c "createdb -E UNICODE -O mediagoblin mediagoblin" - postgres
+
+ useradd -c "GNU MediaGoblin system account" -d /var/lib/mediagoblin -m -r -g www-data mediagoblin
+ groupadd mediagoblin
+ usermod --append -G mediagoblin mediagoblin
+
+ if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY ]; then
+ mkdir -p $MEDIAGOBLIN_WORKING_DIRECTORY
+ fi
+
+ function_check git_clone
+ git_clone $MEDIAGOBLIN_REPO $MEDIAGOBLIN_WORKING_DIRECTORY
+ cd $MEDIAGOBLIN_WORKING_DIRECTORY
+ git checkout $MEDIAGOBLIN_COMMIT -b $MEDIAGOBLIN_COMMIT
+ git submodule init
+ git submodule update
+
+ if ! grep -q "Mediagoblin commit" $COMPLETION_FILE; then
+ echo "Mediagoblin commit:$MEDIAGOBLIN_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/Mediagoblin commit.*/Mediagoblin commit:$MEDIAGOBLIN_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bootstrap.sh" - mediagoblin
+ if [ ! "$?" = "0" ]; then
+ exit 278826
+ fi
+
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./configure" - mediagoblin
+ if [ ! "$?" = "0" ]; then
+ exit 462826
+ fi
+
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && make" - mediagoblin
+ if [ ! "$?" = "0" ]; then
+ exit 738229
+ fi
+
+ if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev ]; then
+ mkdir $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev
+ fi
+ chmod 750 $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install flup==1.0.3.dev-20110405" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade billiard" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade Paste" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade amqp" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade anyjson" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade py-bcrypt" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade wtforms" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade python-dateutil" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade alembic" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade waitress" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade imagesize" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade alabaster" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade snowballstemmer" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade docutils" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade Pygments" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade beautifulsoup4" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade WebOb" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade py" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade execnet" - mediagoblin
+
+ # create some directories
+ mkdir /var/log/mediagoblin
+ chown -hR mediagoblin:www-data /var/log/mediagoblin
+ mkdir /var/run/mediagoblin
+ chown -hR mediagoblin:www-data /var/run/mediagoblin
+
+ if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin.ini ]; then
+ echo $'mediagoblin.ini not found'
+ exit 737529
+ fi
+ if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/paste.ini ]; then
+ echo $'paste.ini not found'
+ exit 52762
+ fi
+
+ cp -av mediagoblin.ini mediagoblin_local.ini
+ cp -av paste.ini paste_local.ini
+
+ chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
+
+ # init with systemd
+ echo '[Unit]' > /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'Description=Mediagoblin Celeryd' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'After=network.target' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo '' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo '[Service]' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'Type=simple' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo "Environment=MEDIAGOBLIN_CONFIG=$MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin_local.ini \\" >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo ' CELERY_CONFIG_MODULE=mediagoblin.init.celery.from_celery' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/celery worker \\" >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo ' --logfile=/var/log/mediagoblin/celery.log \' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo ' --loglevel=INFO' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'PIDFile=/var/run/mediagoblin/mediagoblin-celeryd.pid' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo '' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo '[Install]' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-celeryd.service
+
+ echo '[Unit]' > /etc/systemd/system/mediagoblin-paster.service
+ echo 'Description=Mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'After=network.target' >> /etc/systemd/system/mediagoblin-paster.service
+ echo '' >> /etc/systemd/system/mediagoblin-paster.service
+ echo '[Service]' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'Type=forking' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'Environment=CELERY_ALWAYS_EAGER=false' >> /etc/systemd/system/mediagoblin-paster.service
+ echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin-paster.service
+ echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/paster serve \\" >> /etc/systemd/system/mediagoblin-paster.service
+ echo " $MEDIAGOBLIN_WORKING_DIRECTORY/paste_local.ini \\" >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --pid-file=/var/run/mediagoblin/mediagoblin.pid \' >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --log-file=/var/log/mediagoblin/mediagoblin.log \' >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --daemon \' >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --server-name=fcgi fcgi_host=127.0.0.1 fcgi_port=26543' >> /etc/systemd/system/mediagoblin-paster.service
+ echo "ExecStop=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/paster serve \\" >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --pid-file=/var/run/mediagoblin/mediagoblin.pid \' >> /etc/systemd/system/mediagoblin-paster.service
+ echo " $MEDIAGOBLIN_WORKING_DIRECTORY/paste_local.ini stop" >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'PIDFile=/var/run/mediagoblin/mediagoblin.pid' >> /etc/systemd/system/mediagoblin-paster.service
+ echo '' >> /etc/systemd/system/mediagoblin-paster.service
+ echo '[Install]' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-paster.service
+ systemctl daemon-reload
+ systemctl enable mediagoblin-celeryd
+ systemctl enable mediagoblin-paster
+ systemctl daemon-reload
+ systemctl start mediagoblin-celeryd
+ systemctl start mediagoblin-paster
+
+ MEDIAGOBLIN_ONION_HOSTNAME=$(add_onion_service mediagoblin 80 ${MEDIAGOBLIN_ONION_PORT})
+ if ! grep -q "Mediagoblin onion domain" $COMPLETION_FILE; then
+ echo "Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}" >> $COMPLETION_FILE
+ else
+ sed -i "s|Mediagoblin onion domain.*|Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}|g" $COMPLETION_FILE
+ fi
+ if [[ $MEDIAGOBLIN_ONION_HOSTNAME == *"not found"* ]]; then
+ echo $'Problem creating onion address for mediagoblin'
+ exit 672652
+ fi
+
+ # web config
+ MEDIAGOBLIN_VIRTUAL_HOST=/etc/nginx/sites-available/$MEDIAGOBLIN_DOMAIN_NAME
+ function_check nginx_http_redirect
+ nginx_http_redirect $MEDIAGOBLIN_DOMAIN_NAME
+ if [[ $ONION_ONLY == 'no' ]]; then
+ echo 'server {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' listen 443 ssl;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Stock useful config options, but ignore them :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' include /etc/nginx/mime.types;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' autoindex off;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
+ function_check nginx_ssl
+ nginx_ssl $MEDIAGOBLIN_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Gzip' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip_min_length 1024;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip_buffers 4 32k;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip_types text/plain application/x-javascript text/javascript text/xml text/css;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Mounting MediaGoblin stuff' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # This is the section you should read' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " server_name $MEDIAGOBLIN_DOMAIN_NAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' access_log /var/log/nginx/mediagoblin.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' error_log /var/log/nginx/mediagoblin.error.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # our understanding vs nginxs handling of script_name vs' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # path_info dont match :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' fastcgi_param PATH_INFO $fastcgi_script_name;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' fastcgi_param SCRIPT_NAME "";' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '}' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ else
+ echo -n '' > $MEDIAGOBLIN_VIRTUAL_HOST
+ fi
+
+ echo 'server {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " listen 127.0.0.1:${MEDIAGOBLIN_ONION_PORT} default_server;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Stock useful config options, but ignore them :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' include /etc/nginx/mime.types;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' autoindex off;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Gzip' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip_min_length 1024;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip_buffers 4 32k;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip_types text/plain application/x-javascript text/javascript text/xml text/css;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Mounting MediaGoblin stuff' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # This is the section you should read' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " server_name $MEDIAGOBLIN_ONION_HOSTNAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' access_log /var/log/nginx/mediagoblin.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' error_log /var/log/nginx/mediagoblin.error.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # our understanding vs nginxs handling of script_name vs' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # path_info dont match :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' fastcgi_param PATH_INFO $fastcgi_script_name;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' fastcgi_param SCRIPT_NAME "";' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '}' >> $MEDIAGOBLIN_VIRTUAL_HOST
+
+ function_check create_site_certificate
+ create_site_certificate $MEDIAGOBLIN_DOMAIN_NAME
+
+ nginx_ensite $MEDIAGOBLIN_DOMAIN_NAME
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ add_ddns_domain $MEDIAGOBLIN_DOMAIN_NAME
+
+ if ! grep -q "Mediagoblin domain" $COMPLETION_FILE; then
+ echo "Mediagoblin domain:$MEDIAGOBLIN_DOMAIN_NAME" >> $COMPLETION_FILE
+ else
+ sed -i "s/Mediagoblin domain.*/Mediagoblin domain:$MEDIAGOBLIN_DOMAIN_NAME/g" $COMPLETION_FILE
+ fi
+
+ echo 'install_mediagoblin' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-mumble b/src/freedombone-app-mumble
index 356045f79..0f2582f02 100755
--- a/src/freedombone-app-mumble
+++ b/src/freedombone-app-mumble
@@ -39,257 +39,261 @@ VOIP_PORT=64738
VOIP_DATABASE="mumble-server.sqlite"
VOIP_CONFIG_FILE="mumble-server.ini"
+function change_password_mumble {
+ echo -n ''
+}
+
function reconfigure_mumble {
- echo -n ''
+ echo -n ''
}
function upgrade_mumble {
- echo -n ''
+ echo -n ''
}
function backup_local_mumble {
- if [ -f /etc/mumble-server.ini ]; then
- echo $"Backing up Mumble settings"
- temp_backup_dir=/root/tempvoipbackup
- if [ ! -d $temp_backup_dir ]; then
- mkdir -p $temp_backup_dir
- fi
- cp -f /etc/mumble-server.ini $temp_backup_dir
- cp -f /var/lib/mumble-server/mumble-server.sqlite $temp_backup_dir
- backup_directory_to_usb $temp_backup_dir voip
- echo $"Mumble settings backup complete"
- fi
+ if [ -f /etc/mumble-server.ini ]; then
+ echo $"Backing up Mumble settings"
+ temp_backup_dir=/root/tempvoipbackup
+ if [ ! -d $temp_backup_dir ]; then
+ mkdir -p $temp_backup_dir
+ fi
+ cp -f /etc/mumble-server.ini $temp_backup_dir
+ cp -f /var/lib/mumble-server/mumble-server.sqlite $temp_backup_dir
+ backup_directory_to_usb $temp_backup_dir voip
+ echo $"Mumble settings backup complete"
+ fi
}
function restore_local_mumble {
- if [ -d $USB_MOUNT/backup/voip ]; then
- echo $"Restoring VoIP settings"
- temp_restore_dir=/root/tempvoip
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir voip
- cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/mumble-server.ini /etc/
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 3679
- fi
- cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/mumble-server.sqlite /var/lib/mumble-server/
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 276
- fi
- rm -rf $temp_restore_dir
- cp /etc/ssl/certs/mumble* /var/lib/mumble-server
- cp /etc/ssl/private/mumble* /var/lib/mumble-server
- chown -R mumble-server:mumble-server /var/lib/mumble-server
- service mumble-server restart
- fi
+ if [ -d $USB_MOUNT/backup/voip ]; then
+ echo $"Restoring VoIP settings"
+ temp_restore_dir=/root/tempvoip
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir voip
+ cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/mumble-server.ini /etc/
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 3679
+ fi
+ cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/mumble-server.sqlite /var/lib/mumble-server/
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 276
+ fi
+ rm -rf $temp_restore_dir
+ cp /etc/ssl/certs/mumble* /var/lib/mumble-server
+ cp /etc/ssl/private/mumble* /var/lib/mumble-server
+ chown -R mumble-server:mumble-server /var/lib/mumble-server
+ service mumble-server restart
+ fi
}
function backup_remote_mumble {
- if [ -f /etc/mumble-server.ini ]; then
- echo $"Backing up VoIP settings"
- if [ ! -d /root/tempvoipbackup ]; then
- mkdir -p /root/tempvoipbackup
- fi
- cp -f /etc/mumble-server.ini /root/tempvoipbackup
- cp -f /var/lib/mumble-server/mumble-server.sqlite /root/tempvoipbackup
- backup_directory_to_friend /root/tempvoipbackup voip
- echo $"Backup of VoIP settings complete"
- fi
+ if [ -f /etc/mumble-server.ini ]; then
+ echo $"Backing up VoIP settings"
+ if [ ! -d /root/tempvoipbackup ]; then
+ mkdir -p /root/tempvoipbackup
+ fi
+ cp -f /etc/mumble-server.ini /root/tempvoipbackup
+ cp -f /var/lib/mumble-server/mumble-server.sqlite /root/tempvoipbackup
+ backup_directory_to_friend /root/tempvoipbackup voip
+ echo $"Backup of VoIP settings complete"
+ fi
}
function restore_remote_mumble {
- if [ -d $SERVER_DIRECTORY/backup/voip ]; then
- echo $"Restoring Mumble settings"
- temp_restore_dir=/root/tempvoip
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir voip
- cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/mumble-server.ini /etc/
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- exit 7823
- fi
- cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/sipwitch.conf /etc/sipwitch.conf
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- exit 7823
- fi
- cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/mumble-server.sqlite /var/lib/mumble-server/
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- exit 276
- fi
- rm -rf $temp_restore_dir
- cp /etc/ssl/certs/mumble* /var/lib/mumble-server
- cp /etc/ssl/private/mumble* /var/lib/mumble-server
- chown -R mumble-server:mumble-server /var/lib/mumble-server
- service mumble-server restart
- echo $"Restore of Mumble complete"
- fi
+ if [ -d $SERVER_DIRECTORY/backup/voip ]; then
+ echo $"Restoring Mumble settings"
+ temp_restore_dir=/root/tempvoip
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir voip
+ cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/mumble-server.ini /etc/
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ exit 7823
+ fi
+ cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/sipwitch.conf /etc/sipwitch.conf
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ exit 7823
+ fi
+ cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/mumble-server.sqlite /var/lib/mumble-server/
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ exit 276
+ fi
+ rm -rf $temp_restore_dir
+ cp /etc/ssl/certs/mumble* /var/lib/mumble-server
+ cp /etc/ssl/private/mumble* /var/lib/mumble-server
+ chown -R mumble-server:mumble-server /var/lib/mumble-server
+ service mumble-server restart
+ echo $"Restore of Mumble complete"
+ fi
}
function remove_mumble {
- if !grep -Fxq "install_mumble" $COMPLETION_FILE; then
- if ! grep -Fxq "install_voip" $COMPLETION_FILE; then
- return
- fi
- fi
- apt-get -y remove --purge mumble-server
- if [[ $ONION_ONLY == "no" ]]; then
- iptables -D INPUT -p udp --dport $VOIP_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $VOIP_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
- fi
- if [ -f /etc/mumble-server.ini ]; then
- rm /etc/mumble-server.ini
- fi
- function_check remove_onion_service
- remove_onion_service voip ${VOIP_PORT}
- sed -i '/install_mumble/d' $COMPLETION_FILE
- sed -i '/install_voip/d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_voip/d' $COMPLETION_FILE
- sed -i '/VoIP /d' $COMPLETION_FILE
+ if !grep -Fxq "install_mumble" $COMPLETION_FILE; then
+ if ! grep -Fxq "install_voip" $COMPLETION_FILE; then
+ return
+ fi
+ fi
+ apt-get -y remove --purge mumble-server
+ if [[ $ONION_ONLY == "no" ]]; then
+ iptables -D INPUT -p udp --dport $VOIP_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $VOIP_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+ fi
+ if [ -f /etc/mumble-server.ini ]; then
+ rm /etc/mumble-server.ini
+ fi
+ function_check remove_onion_service
+ remove_onion_service voip ${VOIP_PORT}
+ sed -i '/install_mumble/d' $COMPLETION_FILE
+ sed -i '/install_voip/d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_voip/d' $COMPLETION_FILE
+ sed -i '/VoIP /d' $COMPLETION_FILE
}
function get_voip_server_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "VoIP server password" /home/$MY_USERNAME/README; then
- if [ ! $VOIP_SERVER_PASSWORD ]; then
- VOIP_SERVER_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "VoIP server password" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- else
- if grep -q "Mumble server password" /home/$MY_USERNAME/README; then
- if [ ! $VOIP_SERVER_PASSWORD ]; then
- VOIP_SERVER_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Mumble server password" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "VoIP server password" /home/$MY_USERNAME/README; then
+ if [ ! $VOIP_SERVER_PASSWORD ]; then
+ VOIP_SERVER_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "VoIP server password" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ else
+ if grep -q "Mumble server password" /home/$MY_USERNAME/README; then
+ if [ ! $VOIP_SERVER_PASSWORD ]; then
+ VOIP_SERVER_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Mumble server password" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
+ fi
+ fi
}
function configure_firewall_for_voip {
- if grep -Fxq "configure_firewall_for_voip" $COMPLETION_FILE; then
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
- iptables -A INPUT -p udp --dport $VOIP_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $VOIP_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
+ if grep -Fxq "configure_firewall_for_voip" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+ iptables -A INPUT -p udp --dport $VOIP_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $VOIP_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
- OPEN_PORTS+=("Mumble $VOIP_PORT")
- echo 'configure_firewall_for_voip' >> $COMPLETION_FILE
+ OPEN_PORTS+=("Mumble $VOIP_PORT")
+ echo 'configure_firewall_for_voip' >> $COMPLETION_FILE
}
function install_mumble {
- if grep -Fxq "install_mumble" $COMPLETION_FILE; then
- return
- fi
- if grep -Fxq "install_voip" $COMPLETION_FILE; then
- return
- fi
- apt-get -y install mumble-server
+ if grep -Fxq "install_mumble" $COMPLETION_FILE; then
+ return
+ fi
+ if grep -Fxq "install_voip" $COMPLETION_FILE; then
+ return
+ fi
+ apt-get -y install mumble-server
- function_check get_voip_server_password
- get_voip_server_password
- if [ ! $VOIP_SERVER_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- VOIP_SERVER_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- VOIP_SERVER_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- if [ ${#VOIP_SERVER_PASSWORD} -lt $MINIMUM_PASSWORD_LENGTH ]; then
- VOIP_SERVER_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- fi
+ function_check get_voip_server_password
+ get_voip_server_password
+ if [ ! $VOIP_SERVER_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ VOIP_SERVER_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ VOIP_SERVER_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ if [ ${#VOIP_SERVER_PASSWORD} -lt $MINIMUM_PASSWORD_LENGTH ]; then
+ VOIP_SERVER_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+ fi
- # Make an ssl cert for the server
- if [ ! -f /etc/ssl/certs/mumble.dhparam ]; then
- ${PROJECT_NAME}-addcert -h mumble --dhkey $DH_KEYLENGTH
- function_check check_certificates
- check_certificates mumble
- fi
+ # Make an ssl cert for the server
+ if [ ! -f /etc/ssl/certs/mumble.dhparam ]; then
+ ${PROJECT_NAME}-addcert -h mumble --dhkey $DH_KEYLENGTH
+ function_check check_certificates
+ check_certificates mumble
+ fi
- # Check that the cert was created
- if [ ! -f /etc/ssl/certs/mumble.crt ]; then
- echo $'VoIP server certificate not created'
- exit 57892
- fi
- if [ ! -f /etc/ssl/private/mumble.key ]; then
- echo $'VoIP server key not created'
- exit 57893
- fi
- if [ ! -d /var/lib/mumble-server ]; then
- mkdir /var/lib/mumble-server
- fi
- cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
- cp /etc/ssl/private/mumble.key /var/lib/mumble-server
- chown -R mumble-server:mumble-server /var/lib/mumble-server
+ # Check that the cert was created
+ if [ ! -f /etc/ssl/certs/mumble.crt ]; then
+ echo $'VoIP server certificate not created'
+ exit 57892
+ fi
+ if [ ! -f /etc/ssl/private/mumble.key ]; then
+ echo $'VoIP server key not created'
+ exit 57893
+ fi
+ if [ ! -d /var/lib/mumble-server ]; then
+ mkdir /var/lib/mumble-server
+ fi
+ cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
+ cp /etc/ssl/private/mumble.key /var/lib/mumble-server
+ chown -R mumble-server:mumble-server /var/lib/mumble-server
- sed -i "s|welcometext=.*|welcometext=\"<br />Welcome to $DEFAULT_DOMAIN_NAME <b>VoIP</b>.<br />Chat freely!<br />\"|g" /etc/mumble-server.ini
+ sed -i "s|welcometext=.*|welcometext=\"<br />Welcome to $DEFAULT_DOMAIN_NAME <b>VoIP</b>.<br />Chat freely!<br />\"|g" /etc/mumble-server.ini
- if [[ $VOIP_SERVER_PASSWORD && $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
- sed -i "s|serverpassword=.*|serverpassword=$VOIP_SERVER_PASSWORD|g" /etc/mumble-server.ini
- fi
+ if [[ $VOIP_SERVER_PASSWORD && $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
+ sed -i "s|serverpassword=.*|serverpassword=$VOIP_SERVER_PASSWORD|g" /etc/mumble-server.ini
+ fi
- sed -i 's|#autobanAttempts.*|autobanAttempts = 10|g' /etc/mumble-server.ini
- sed -i 's|#autobanTimeframe.*|autobanTimeframe = 120|g' /etc/mumble-server.ini
- sed -i 's|#autobanTime.*|autobanTime = 300|g' /etc/mumble-server.ini
- sed -i 's|#sendversion=.*|sendversion=False|g' /etc/mumble-server.ini
- sed -i 's|sendversion=.*|sendversion=False|g' /etc/mumble-server.ini
- if ! grep -q "allowping" /etc/mumble-server.ini; then
- echo 'allowping=False' >> /etc/mumble-server.ini
- fi
- sed -i 's|allowping=.*|allowping=False|g' /etc/mumble-server.ini
- sed -i 's|#sslCert=.*|sslCert=/var/lib/mumble-server/mumble.crt|g' /etc/mumble-server.ini
- sed -i 's|#sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini
- sed -i 's|#certrequired=.*|certrequired=True|g' /etc/mumble-server.ini
- sed -i 's|users=100|users=10|g' /etc/mumble-server.ini
- sed -i 's|#channelnestinglimit=10|channelnestinglimit=10|g' /etc/mumble-server.ini
- sed -i 's|#textmessagelength=.*|textmessagelength=1000|g' /etc/mumble-server.ini
- sed -i 's|textmessagelength=.*|textmessagelength=1000|g' /etc/mumble-server.ini
- sed -i 's|#imagemessagelength=.*|imagemessagelength=131072|g' /etc/mumble-server.ini
- sed -i 's|#allowhtml=.*|allowhtml=False|g' /etc/mumble-server.ini
- sed -i 's|allowhtml=.*|allowhtml=False|g' /etc/mumble-server.ini
- sed -i "s|port=.*|port=${VOIP_PORT}|g" /etc/mumble-server.ini
+ sed -i 's|#autobanAttempts.*|autobanAttempts = 10|g' /etc/mumble-server.ini
+ sed -i 's|#autobanTimeframe.*|autobanTimeframe = 120|g' /etc/mumble-server.ini
+ sed -i 's|#autobanTime.*|autobanTime = 300|g' /etc/mumble-server.ini
+ sed -i 's|#sendversion=.*|sendversion=False|g' /etc/mumble-server.ini
+ sed -i 's|sendversion=.*|sendversion=False|g' /etc/mumble-server.ini
+ if ! grep -q "allowping" /etc/mumble-server.ini; then
+ echo 'allowping=False' >> /etc/mumble-server.ini
+ fi
+ sed -i 's|allowping=.*|allowping=False|g' /etc/mumble-server.ini
+ sed -i 's|#sslCert=.*|sslCert=/var/lib/mumble-server/mumble.crt|g' /etc/mumble-server.ini
+ sed -i 's|#sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini
+ sed -i 's|#certrequired=.*|certrequired=True|g' /etc/mumble-server.ini
+ sed -i 's|users=100|users=10|g' /etc/mumble-server.ini
+ sed -i 's|#channelnestinglimit=10|channelnestinglimit=10|g' /etc/mumble-server.ini
+ sed -i 's|#textmessagelength=.*|textmessagelength=1000|g' /etc/mumble-server.ini
+ sed -i 's|textmessagelength=.*|textmessagelength=1000|g' /etc/mumble-server.ini
+ sed -i 's|#imagemessagelength=.*|imagemessagelength=131072|g' /etc/mumble-server.ini
+ sed -i 's|#allowhtml=.*|allowhtml=False|g' /etc/mumble-server.ini
+ sed -i 's|allowhtml=.*|allowhtml=False|g' /etc/mumble-server.ini
+ sed -i "s|port=.*|port=${VOIP_PORT}|g" /etc/mumble-server.ini
- VOIP_ONION_HOSTNAME=$(add_onion_service voip ${VOIP_PORT} ${VOIP_PORT})
- if ! grep -q $"VoIP onion domain" $COMPLETION_FILE; then
- echo "VoIP onion domain:$VOIP_ONION_HOSTNAME" >> $COMPLETION_FILE
- fi
+ VOIP_ONION_HOSTNAME=$(add_onion_service voip ${VOIP_PORT} ${VOIP_PORT})
+ if ! grep -q $"VoIP onion domain" $COMPLETION_FILE; then
+ echo "VoIP onion domain:$VOIP_ONION_HOSTNAME" >> $COMPLETION_FILE
+ fi
- systemctl restart mumble-server
+ systemctl restart mumble-server
- if ! grep -q $"Mumble Server" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Mumble Server' >> /home/$MY_USERNAME/README
- echo '=============' >> /home/$MY_USERNAME/README
- echo $"Mumble onion domain:$VOIP_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
- echo $'Mumble server username: mumble-server' >> /home/$MY_USERNAME/README
- if [[ $SYSTEM_TYPE != "VARIANT_MESH" ]]; then
- echo $"Mumble server password: $VOIP_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
- fi
- echo '' >> /home/$MY_USERNAME/README
- echo $'To connect to the Mumble server use your username and the server password shown above.' >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
+ if ! grep -q $"Mumble Server" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Mumble Server' >> /home/$MY_USERNAME/README
+ echo '=============' >> /home/$MY_USERNAME/README
+ echo $"Mumble onion domain:$VOIP_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
+ echo $'Mumble server username: mumble-server' >> /home/$MY_USERNAME/README
+ if [[ $SYSTEM_TYPE != "VARIANT_MESH" ]]; then
+ echo $"Mumble server password: $VOIP_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
+ fi
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'To connect to the Mumble server use your username and the server password shown above.' >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
- function_check configure_firewall_for_voip
- configure_firewall_for_voip
- echo 'install_mumble' >> $COMPLETION_FILE
+ function_check configure_firewall_for_voip
+ configure_firewall_for_voip
+ echo 'install_mumble' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-rss b/src/freedombone-app-rss
index 9064f5203..811cdefd2 100755
--- a/src/freedombone-app-rss
+++ b/src/freedombone-app-rss
@@ -42,6 +42,10 @@ RSS_READER_PATH=/etc/share/tt-rss
RSS_READER_GNUSOCIAL_REPO="https://github.com/bashrc/ttrss-gnusocial"
RSS_READER_GNUSOCIAL_COMMIT='20b2535e3f2b0ddc0117b584bdcaa6bf7a2d9fa2'
+function change_password_rss {
+ echo -n ''
+}
+
function get_mariadb_rss_admin_password {
if [ -f /home/$MY_USERNAME/README ]; then
if grep -q "RSS reader admin password" /home/$MY_USERNAME/README; then
diff --git a/src/freedombone-app-searx b/src/freedombone-app-searx
index 875309d94..badd31d1d 100755
--- a/src/freedombone-app-searx
+++ b/src/freedombone-app-searx
@@ -38,259 +38,263 @@ SEARX_ONION_HOSTNAME=
SEARX_LOGIN_TEXT=$"Search engine login"
SEARX_PASSWORD=
+function change_password_searx {
+ echo -n ''
+}
+
function reconfigure_searx {
- echo -n ''
+ echo -n ''
}
function upgrade_searx {
- if ! grep -Fxq "install_searx" $COMPLETION_FILE; then
- return
- fi
-
- set_repo_commit $SEARX_PATH/searx "Search engine commit" "$SEARX_COMMIT" $SEARX_REPO
- if grep "Search engine key" $COMPLETION_FILE; then
- if [ -f ${SEARX_PATH}/searx/searx/settings.yml ]; then
- # note: this might change to a --tor option in a later version
- if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then
- echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
- fi
- SEARX_SECRET_KEY=$(cat $COMPLETION_FILE | grep "Search engine key" | awk -F ':' '{print $2}')
- sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml
- if [ -f /var/lib/tor/hidden_service_searx/hostname ]; then
- SEARX_ONION_HOSTNAME=$(echo /var/lib/tor/hidden_service_searx/hostname)
- sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml
- fi
- fi
- fi
+ if ! grep -Fxq "install_searx" $COMPLETION_FILE; then
+ return
+ fi
+
+ set_repo_commit $SEARX_PATH/searx "Search engine commit" "$SEARX_COMMIT" $SEARX_REPO
+ if grep "Search engine key" $COMPLETION_FILE; then
+ if [ -f ${SEARX_PATH}/searx/searx/settings.yml ]; then
+ # note: this might change to a --tor option in a later version
+ if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then
+ echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
+ fi
+ SEARX_SECRET_KEY=$(cat $COMPLETION_FILE | grep "Search engine key" | awk -F ':' '{print $2}')
+ sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml
+ if [ -f /var/lib/tor/hidden_service_searx/hostname ]; then
+ SEARX_ONION_HOSTNAME=$(echo /var/lib/tor/hidden_service_searx/hostname)
+ sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml
+ fi
+ fi
+ fi
}
function backup_local_searx {
- echo -n ''
+ echo -n ''
}
function restore_local_searx {
- echo -n ''
+ echo -n ''
}
function backup_remote_searx {
- echo -n ''
+ echo -n ''
}
function restore_remote_searx {
- echo -n ''
+ echo -n ''
}
function remove_searx {
- if ! grep -Fxq "install_searx" $COMPLETION_FILE; then
- return
- fi
- systemctl stop searx
- systemctl disable searx
- rm /etc/systemd/system/searx.service
- function_check remove_onion_service
- remove_onion_service searx ${SEARX_ONION_PORT}
- userdel -r searx
- nginx_dissite searx
- if [ -f /etc/nginx/sites-available/searx ]; then
- rm /etc/nginx/sites-available/searx
- fi
- if [ -d ${SEARX_PATH}/searx ]; then
- rm -rf ${SEARX_PATH}/searx
- fi
- sed -i '/install_searx/d' $COMPLETION_FILE
- sed -i '/Search engine /d' $COMPLETION_FILE
+ if ! grep -Fxq "install_searx" $COMPLETION_FILE; then
+ return
+ fi
+ systemctl stop searx
+ systemctl disable searx
+ rm /etc/systemd/system/searx.service
+ function_check remove_onion_service
+ remove_onion_service searx ${SEARX_ONION_PORT}
+ userdel -r searx
+ nginx_dissite searx
+ if [ -f /etc/nginx/sites-available/searx ]; then
+ rm /etc/nginx/sites-available/searx
+ fi
+ if [ -d ${SEARX_PATH}/searx ]; then
+ rm -rf ${SEARX_PATH}/searx
+ fi
+ sed -i '/install_searx/d' $COMPLETION_FILE
+ sed -i '/Search engine /d' $COMPLETION_FILE
}
function install_searx {
- # Note: currently socks5 outgoing proxies to other search engines does not work
- if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
- return
- fi
- if [ ! -d /etc/nginx ]; then
- echo $'Webserver is not installed'
- exit 62429
- fi
-
- if grep -Fxq "install_searx" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install python-pip libyaml-dev python-werkzeug python-babel python-lxml apache2-utils
- apt-get -y install git build-essential libxslt-dev python-dev python-virtualenv python-pybabel zlib1g-dev uwsgi uwsgi-plugin-python libapache2-mod-uwsgi
-
- pip install --upgrade pip
-
- pip install certifi
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install certifi'
- exit 737692
- fi
-
- pip install pyyaml
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install pyyaml'
- exit 469242
- fi
-
- pip install flask --upgrade
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install flask'
- exit 888575
- fi
-
- pip install flask_restless --upgrade
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install flask_restless'
- exit 54835
- fi
-
- pip install flask_babel --upgrade
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install flask_babel'
- exit 63738
- fi
-
- if [ ! -d $SEARX_PATH ]; then
- mkdir -p $SEARX_PATH
- fi
-
- # clone the repo
- cd $SEARX_PATH
- function_check git_clone
- git_clone $SEARX_REPO searx
- git checkout $SEARX_COMMIT -b $SEARX_COMMIT
- if ! grep -q "Search engine commit" $COMPLETION_FILE; then
- echo "Search engine commit:$SEARX_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/Search engine commit.*/Search engine commit:$SEARX_COMMIT/g" $COMPLETION_FILE
- fi
-
- # create an onion service
- SEARX_ONION_HOSTNAME=$(add_onion_service searx 80 ${SEARX_ONION_PORT})
- if ! grep "Search engine onion domain" $COMPLETION_FILE; then
- echo "Search engine onion domain:${SEARX_ONION_HOSTNAME}" >> $COMPLETION_FILE
- else
- sed -i "s|Search engine onion domain.*|Search engine onion domain:${SEARX_ONION_HOSTNAME}|g" $COMPLETION_FILE
- fi
-
- # an unprivileged user to run as
- useradd -d ${SEARX_PATH}/searx/ -s /bin/false searx
- adduser searx debian-tor
-
- # daemon
- echo '[Unit]' > /etc/systemd/system/searx.service
- echo 'Description=Searx (search engine)' >> /etc/systemd/system/searx.service
- echo 'After=syslog.target' >> /etc/systemd/system/searx.service
- echo 'After=network.target' >> /etc/systemd/system/searx.service
- echo '' >> /etc/systemd/system/searx.service
- echo '[Service]' >> /etc/systemd/system/searx.service
- echo 'Type=simple' >> /etc/systemd/system/searx.service
- echo 'User=searx' >> /etc/systemd/system/searx.service
- echo 'Group=searx' >> /etc/systemd/system/searx.service
- echo "WorkingDirectory=${SEARX_PATH}/searx" >> /etc/systemd/system/searx.service
- echo "ExecStart=/usr/bin/python ${SEARX_PATH}/searx/searx/webapp.py" >> /etc/systemd/system/searx.service
- echo 'Restart=always' >> /etc/systemd/system/searx.service
- echo 'Environment="USER=searx"' >> /etc/systemd/system/searx.service
- echo '' >> /etc/systemd/system/searx.service
- echo '[Install]' >> /etc/systemd/system/searx.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/searx.service
-
- # create a webserver file
- echo 'server {' > /etc/nginx/sites-available/searx
- echo " listen 127.0.0.1:${SEARX_ONION_PORT} default_server;" >> /etc/nginx/sites-available/searx
- echo " root ${SEARX_PATH}/searx;" >> /etc/nginx/sites-available/searx
- echo " server_name ${SEARX_ONION_HOSTNAME};" >> /etc/nginx/sites-available/searx
- echo ' access_log off;' >> /etc/nginx/sites-available/searx
- echo " error_log /var/log/searx_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- function_check nginx_limits
- nginx_limits searx '1M'
- function_check nginx_disable_sniffing
- nginx_disable_sniffing searx
- echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- echo ' location / {' >> /etc/nginx/sites-available/searx
- echo ' proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header Host $host;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header X-Remote-Port $remote_port;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/searx
- echo ' proxy_redirect off;' >> /etc/nginx/sites-available/searx
-
- echo " auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx
- echo ' auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx
- echo ' }' >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/searx
- echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- echo ' location = /robots.txt {' >> /etc/nginx/sites-available/searx
- echo ' allow all;' >> /etc/nginx/sites-available/searx
- echo ' log_not_found off;' >> /etc/nginx/sites-available/searx
- echo ' access_log off;' >> /etc/nginx/sites-available/searx
- echo ' }' >> /etc/nginx/sites-available/searx
- echo '}' >> /etc/nginx/sites-available/searx
-
- # replace the secret key
- if ! grep "Search engine key" $COMPLETION_FILE; then
- SEARX_SECRET_KEY="$(create_password 30)"
- echo "Search engine key:${SEARX_SECRET_KEY}" >> $COMPLETION_FILE
- else
- SEARX_SECRET_KEY=$(cat $COMPLETION_FILE | grep "Search engine key" | awk -F ':' '{print $2}')
- fi
- sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml
- sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings_robot.yml
- sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml
- sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings_robot.yml
-
- # note: this might change to a --tor option in a later version
- if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then
- echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
- fi
-
- chown -R searx:searx ${SEARX_PATH}/searx
-
- # enable the site
- nginx_ensite searx
-
- # restart the web server
- systemctl restart php5-fpm
- systemctl restart nginx
-
- # start the daemon
- systemctl enable searx.service
- systemctl daemon-reload
- systemctl start searx.service
-
- if ! grep -q "Your search engine password is" /home/$MY_USERNAME/README; then
- if [ ${#SEARX_PASSWORD} -lt 8 ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- SEARX_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- SEARX_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- echo "$SEARX_PASSWORD" | htpasswd -i -s -c /etc/nginx/.htpasswd $MY_USERNAME
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Search Engine' >> /home/$MY_USERNAME/README
- echo '=============' >> /home/$MY_USERNAME/README
- echo $"Search engine onion domain: ${SEARX_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo $"Your search engine password is: $SEARX_PASSWORD" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- echo 'install_searx' >> $COMPLETION_FILE
+ # Note: currently socks5 outgoing proxies to other search engines does not work
+ if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
+ return
+ fi
+ if [ ! -d /etc/nginx ]; then
+ echo $'Webserver is not installed'
+ exit 62429
+ fi
+
+ if grep -Fxq "install_searx" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install python-pip libyaml-dev python-werkzeug python-babel python-lxml apache2-utils
+ apt-get -y install git build-essential libxslt-dev python-dev python-virtualenv python-pybabel zlib1g-dev uwsgi uwsgi-plugin-python libapache2-mod-uwsgi
+
+ pip install --upgrade pip
+
+ pip install certifi
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install certifi'
+ exit 737692
+ fi
+
+ pip install pyyaml
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install pyyaml'
+ exit 469242
+ fi
+
+ pip install flask --upgrade
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install flask'
+ exit 888575
+ fi
+
+ pip install flask_restless --upgrade
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install flask_restless'
+ exit 54835
+ fi
+
+ pip install flask_babel --upgrade
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install flask_babel'
+ exit 63738
+ fi
+
+ if [ ! -d $SEARX_PATH ]; then
+ mkdir -p $SEARX_PATH
+ fi
+
+ # clone the repo
+ cd $SEARX_PATH
+ function_check git_clone
+ git_clone $SEARX_REPO searx
+ git checkout $SEARX_COMMIT -b $SEARX_COMMIT
+ if ! grep -q "Search engine commit" $COMPLETION_FILE; then
+ echo "Search engine commit:$SEARX_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/Search engine commit.*/Search engine commit:$SEARX_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ # create an onion service
+ SEARX_ONION_HOSTNAME=$(add_onion_service searx 80 ${SEARX_ONION_PORT})
+ if ! grep "Search engine onion domain" $COMPLETION_FILE; then
+ echo "Search engine onion domain:${SEARX_ONION_HOSTNAME}" >> $COMPLETION_FILE
+ else
+ sed -i "s|Search engine onion domain.*|Search engine onion domain:${SEARX_ONION_HOSTNAME}|g" $COMPLETION_FILE
+ fi
+
+ # an unprivileged user to run as
+ useradd -d ${SEARX_PATH}/searx/ -s /bin/false searx
+ adduser searx debian-tor
+
+ # daemon
+ echo '[Unit]' > /etc/systemd/system/searx.service
+ echo 'Description=Searx (search engine)' >> /etc/systemd/system/searx.service
+ echo 'After=syslog.target' >> /etc/systemd/system/searx.service
+ echo 'After=network.target' >> /etc/systemd/system/searx.service
+ echo '' >> /etc/systemd/system/searx.service
+ echo '[Service]' >> /etc/systemd/system/searx.service
+ echo 'Type=simple' >> /etc/systemd/system/searx.service
+ echo 'User=searx' >> /etc/systemd/system/searx.service
+ echo 'Group=searx' >> /etc/systemd/system/searx.service
+ echo "WorkingDirectory=${SEARX_PATH}/searx" >> /etc/systemd/system/searx.service
+ echo "ExecStart=/usr/bin/python ${SEARX_PATH}/searx/searx/webapp.py" >> /etc/systemd/system/searx.service
+ echo 'Restart=always' >> /etc/systemd/system/searx.service
+ echo 'Environment="USER=searx"' >> /etc/systemd/system/searx.service
+ echo '' >> /etc/systemd/system/searx.service
+ echo '[Install]' >> /etc/systemd/system/searx.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/searx.service
+
+ # create a webserver file
+ echo 'server {' > /etc/nginx/sites-available/searx
+ echo " listen 127.0.0.1:${SEARX_ONION_PORT} default_server;" >> /etc/nginx/sites-available/searx
+ echo " root ${SEARX_PATH}/searx;" >> /etc/nginx/sites-available/searx
+ echo " server_name ${SEARX_ONION_HOSTNAME};" >> /etc/nginx/sites-available/searx
+ echo ' access_log off;' >> /etc/nginx/sites-available/searx
+ echo " error_log /var/log/searx_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ function_check nginx_limits
+ nginx_limits searx '1M'
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing searx
+ echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ echo ' location / {' >> /etc/nginx/sites-available/searx
+ echo ' proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header Host $host;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header X-Remote-Port $remote_port;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_redirect off;' >> /etc/nginx/sites-available/searx
+
+ echo " auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx
+ echo ' auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx
+ echo ' }' >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/searx
+ echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ echo ' location = /robots.txt {' >> /etc/nginx/sites-available/searx
+ echo ' allow all;' >> /etc/nginx/sites-available/searx
+ echo ' log_not_found off;' >> /etc/nginx/sites-available/searx
+ echo ' access_log off;' >> /etc/nginx/sites-available/searx
+ echo ' }' >> /etc/nginx/sites-available/searx
+ echo '}' >> /etc/nginx/sites-available/searx
+
+ # replace the secret key
+ if ! grep "Search engine key" $COMPLETION_FILE; then
+ SEARX_SECRET_KEY="$(create_password 30)"
+ echo "Search engine key:${SEARX_SECRET_KEY}" >> $COMPLETION_FILE
+ else
+ SEARX_SECRET_KEY=$(cat $COMPLETION_FILE | grep "Search engine key" | awk -F ':' '{print $2}')
+ fi
+ sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml
+ sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings_robot.yml
+ sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml
+ sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings_robot.yml
+
+ # note: this might change to a --tor option in a later version
+ if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then
+ echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
+ fi
+
+ chown -R searx:searx ${SEARX_PATH}/searx
+
+ # enable the site
+ nginx_ensite searx
+
+ # restart the web server
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ # start the daemon
+ systemctl enable searx.service
+ systemctl daemon-reload
+ systemctl start searx.service
+
+ if ! grep -q "Your search engine password is" /home/$MY_USERNAME/README; then
+ if [ ${#SEARX_PASSWORD} -lt 8 ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ SEARX_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ SEARX_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+ echo "$SEARX_PASSWORD" | htpasswd -i -s -c /etc/nginx/.htpasswd $MY_USERNAME
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Search Engine' >> /home/$MY_USERNAME/README
+ echo '=============' >> /home/$MY_USERNAME/README
+ echo $"Search engine onion domain: ${SEARX_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo $"Your search engine password is: $SEARX_PASSWORD" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ echo 'install_searx' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-sip b/src/freedombone-app-sip
index 5d5b24acb..4746be927 100755
--- a/src/freedombone-app-sip
+++ b/src/freedombone-app-sip
@@ -37,416 +37,420 @@ VOIP_TURN_PORT=3478
VOIP_TURN_TLS_PORT=5349
VOIP_TURN_NONCE=
+function change_password_sip {
+ echo -n ''
+}
+
function reconfigure_sip {
- echo -n ''
+ echo -n ''
}
function upgrade_sip {
- # remove the original sipwitch daemon if it exists
- if [ -f /etc/init.d/sipwitch ]; then
- rm -f /etc/init.d/sipwitch
- fi
+ # remove the original sipwitch daemon if it exists
+ if [ -f /etc/init.d/sipwitch ]; then
+ rm -f /etc/init.d/sipwitch
+ fi
}
function backup_local_sip {
- if [ -f /etc/sipwitch.conf ]; then
- echo $"Backing up SIP settings"
- temp_backup_dir=/root/tempsipbackup
- if [ ! -d $temp_backup_dir ]; then
- mkdir -p $temp_backup_dir
- fi
- cp -f /etc/sipwitch.conf $temp_backup_dir
- backup_directory_to_usb $temp_backup_dir sip
- echo $"SIP settings backup complete"
- fi
+ if [ -f /etc/sipwitch.conf ]; then
+ echo $"Backing up SIP settings"
+ temp_backup_dir=/root/tempsipbackup
+ if [ ! -d $temp_backup_dir ]; then
+ mkdir -p $temp_backup_dir
+ fi
+ cp -f /etc/sipwitch.conf $temp_backup_dir
+ backup_directory_to_usb $temp_backup_dir sip
+ echo $"SIP settings backup complete"
+ fi
}
function restore_local_sip {
- if [ -d $USB_MOUNT/backup/sip ]; then
- echo $"Restoring SIP settings"
- temp_restore_dir=/root/tempsip
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir sip
- cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/sipwitch.conf /etc/sipwitch.conf
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- function_check set_user_permissions
- set_user_permissions
- backup_unmount_drive
- exit 3679
- fi
- rm -rf $temp_restore_dir
- service sipwitch restart
- echo $"Restore of SIP settings complete"
- fi
+ if [ -d $USB_MOUNT/backup/sip ]; then
+ echo $"Restoring SIP settings"
+ temp_restore_dir=/root/tempsip
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir sip
+ cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/sipwitch.conf /etc/sipwitch.conf
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ function_check set_user_permissions
+ set_user_permissions
+ backup_unmount_drive
+ exit 3679
+ fi
+ rm -rf $temp_restore_dir
+ service sipwitch restart
+ echo $"Restore of SIP settings complete"
+ fi
}
function backup_remote_sip {
- if [ -f /etc/sipwitch.conf ]; then
- echo $"Backing up SIP settings"
- temp_backup_dir=/root/tempsipbackup
- if [ ! -d $temp_backup_dir ]; then
- mkdir -p $temp_backup_dir
- fi
- cp -f /etc/sipwitch.conf $temp_backup_dir
- backup_directory_to_friend $temp_backup_dir sip
- echo $"Backup SIP settings complete"
- fi
+ if [ -f /etc/sipwitch.conf ]; then
+ echo $"Backing up SIP settings"
+ temp_backup_dir=/root/tempsipbackup
+ if [ ! -d $temp_backup_dir ]; then
+ mkdir -p $temp_backup_dir
+ fi
+ cp -f /etc/sipwitch.conf $temp_backup_dir
+ backup_directory_to_friend $temp_backup_dir sip
+ echo $"Backup SIP settings complete"
+ fi
}
function restore_remote_sip {
- echo -n ''
+ echo -n ''
}
function remove_sip {
- if ! grep -Fxq "install_sip" $COMPLETION_FILE; then
- return
- fi
- iptables -D INPUT -p udp --dport $VOIP_TURN_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $VOIP_TURN_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $VOIP_TURN_TLS_PORT -j ACCEPT
- iptables -D INPUT -p udp --dport $SIP_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $SIP_PORT -j ACCEPT
- iptables -D INPUT -p udp --dport $SIP_TLS_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $SIP_TLS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- function_check remove_onion_service
- remove_onion_service sip ${SIP_PORT}
-
- apt-get -y remove --purge sipwitch
- apt-get -y remove --purge turnserver
- if [ -f /etc/sipwitch.conf ]; then
- rm /etc/sipwitch.conf
- fi
- if [ -d /etc/turnserver ]; then
- rm -rf /etc/turnserver
- fi
- sed -i '/install_sip/d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_voip_turn/d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_sip4/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_sip" $COMPLETION_FILE; then
+ return
+ fi
+ iptables -D INPUT -p udp --dport $VOIP_TURN_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $VOIP_TURN_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $VOIP_TURN_TLS_PORT -j ACCEPT
+ iptables -D INPUT -p udp --dport $SIP_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $SIP_PORT -j ACCEPT
+ iptables -D INPUT -p udp --dport $SIP_TLS_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $SIP_TLS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ function_check remove_onion_service
+ remove_onion_service sip ${SIP_PORT}
+
+ apt-get -y remove --purge sipwitch
+ apt-get -y remove --purge turnserver
+ if [ -f /etc/sipwitch.conf ]; then
+ rm /etc/sipwitch.conf
+ fi
+ if [ -d /etc/turnserver ]; then
+ rm -rf /etc/turnserver
+ fi
+ sed -i '/install_sip/d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_voip_turn/d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_sip4/d' $COMPLETION_FILE
}
function configure_firewall_for_voip_turn {
- if grep -Fxq "configure_firewall_for_voip_turn" $COMPLETION_FILE; then
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
- iptables -A INPUT -p udp --dport $VOIP_TURN_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $VOIP_TURN_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $VOIP_TURN_TLS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=("TURN $VOIP_TURN_PORT")
- OPEN_PORTS+=("TURN TLS $VOIP_TURN_TLS_PORT")
- echo 'configure_firewall_for_voip_turn' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_voip_turn" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+ iptables -A INPUT -p udp --dport $VOIP_TURN_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $VOIP_TURN_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $VOIP_TURN_TLS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=("TURN $VOIP_TURN_PORT")
+ OPEN_PORTS+=("TURN TLS $VOIP_TURN_TLS_PORT")
+ echo 'configure_firewall_for_voip_turn' >> $COMPLETION_FILE
}
function configure_firewall_for_sip4 {
- if grep -Fxq "configure_firewall_for_sip4" $COMPLETION_FILE; then
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
- iptables -A INPUT -p udp --dport $SIP_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $SIP_PORT -j ACCEPT
- iptables -A INPUT -p udp --dport $SIP_TLS_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $SIP_TLS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=("SIP $SIP_PORT")
- OPEN_PORTS+=("SIP TLS $SIP_TLS_PORT")
- echo 'configure_firewall_for_sip4' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_sip4" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+ iptables -A INPUT -p udp --dport $SIP_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $SIP_PORT -j ACCEPT
+ iptables -A INPUT -p udp --dport $SIP_TLS_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $SIP_TLS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=("SIP $SIP_PORT")
+ OPEN_PORTS+=("SIP TLS $SIP_TLS_PORT")
+ echo 'configure_firewall_for_sip4' >> $COMPLETION_FILE
}
function get_sip_server_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "SIP server password" /home/$MY_USERNAME/README; then
- if [ ! $SIP_SERVER_PASSWORD ]; then
- SIP_SERVER_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "SIP server password" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "SIP server password" /home/$MY_USERNAME/README; then
+ if [ ! $SIP_SERVER_PASSWORD ]; then
+ SIP_SERVER_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "SIP server password" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
+ fi
}
function update_sipwitch_daemon {
- if [ ! -f /etc/init.d/sipwitch ]; then
- return
- fi
- service sipwitch stop
-
- # remove the original sipwitch daemon if it exists
- if [ -f /etc/init.d/sipwitch ]; then
- rm -f /etc/init.d/sipwitch
- fi
-
- # daemon
- echo '[Unit]' > /etc/systemd/system/sipwitch.service
- echo 'Description=GNU SIP Witch, a SIP telephony service daemon.' >> /etc/systemd/system/sipwitch.service
- echo 'After=network.target' >> /etc/systemd/system/sipwitch.service
- echo '' >> /etc/systemd/system/sipwitch.service
- echo '[Service]' >> /etc/systemd/system/sipwitch.service
- echo 'Type=simple' >> /etc/systemd/system/sipwitch.service
- echo 'Group=sipwitch' >> /etc/systemd/system/sipwitch.service
- echo 'PIDFile=/var/run/sipwitch/pidfile' >> /etc/systemd/system/sipwitch.service
- echo 'EnvironmentFile=-/etc/conf.d/sipwitch' >> /etc/systemd/system/sipwitch.service
- echo 'EnvironmentFile=-/etc/sipwitch.conf' >> /etc/systemd/system/sipwitch.service
- echo 'EnvironmentFile=-/etc/default/sipwitch' >> /etc/systemd/system/sipwitch.service
- echo 'ExecStartPre=-/bin/rm -f /var/run/sipwitch/control' >> /etc/systemd/system/sipwitch.service
- echo "ExecStart=/usr/sbin/sipw -f \$OPTIONS -P$SIP_PORT" >> /etc/systemd/system/sipwitch.service
- echo 'Restart=always' >> /etc/systemd/system/sipwitch.service
- echo 'NotifyAccess=main' >> /etc/systemd/system/sipwitch.service
- echo '' >> /etc/systemd/system/sipwitch.service
- echo '[Install]' >> /etc/systemd/system/sipwitch.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/sipwitch.service
-
- systemctl enable sipwitch
- systemctl daemon-reload
- systemctl start sipwitch
+ if [ ! -f /etc/init.d/sipwitch ]; then
+ return
+ fi
+ service sipwitch stop
+
+ # remove the original sipwitch daemon if it exists
+ if [ -f /etc/init.d/sipwitch ]; then
+ rm -f /etc/init.d/sipwitch
+ fi
+
+ # daemon
+ echo '[Unit]' > /etc/systemd/system/sipwitch.service
+ echo 'Description=GNU SIP Witch, a SIP telephony service daemon.' >> /etc/systemd/system/sipwitch.service
+ echo 'After=network.target' >> /etc/systemd/system/sipwitch.service
+ echo '' >> /etc/systemd/system/sipwitch.service
+ echo '[Service]' >> /etc/systemd/system/sipwitch.service
+ echo 'Type=simple' >> /etc/systemd/system/sipwitch.service
+ echo 'Group=sipwitch' >> /etc/systemd/system/sipwitch.service
+ echo 'PIDFile=/var/run/sipwitch/pidfile' >> /etc/systemd/system/sipwitch.service
+ echo 'EnvironmentFile=-/etc/conf.d/sipwitch' >> /etc/systemd/system/sipwitch.service
+ echo 'EnvironmentFile=-/etc/sipwitch.conf' >> /etc/systemd/system/sipwitch.service
+ echo 'EnvironmentFile=-/etc/default/sipwitch' >> /etc/systemd/system/sipwitch.service
+ echo 'ExecStartPre=-/bin/rm -f /var/run/sipwitch/control' >> /etc/systemd/system/sipwitch.service
+ echo "ExecStart=/usr/sbin/sipw -f \$OPTIONS -P$SIP_PORT" >> /etc/systemd/system/sipwitch.service
+ echo 'Restart=always' >> /etc/systemd/system/sipwitch.service
+ echo 'NotifyAccess=main' >> /etc/systemd/system/sipwitch.service
+ echo '' >> /etc/systemd/system/sipwitch.service
+ echo '[Install]' >> /etc/systemd/system/sipwitch.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/sipwitch.service
+
+ systemctl enable sipwitch
+ systemctl daemon-reload
+ systemctl start sipwitch
}
function install_sip_main {
- if grep -Fxq "install_sip_main" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install sipwitch
-
- function_check get_sip_server_password
- get_sip_server_password
- if [ ! $SIP_SERVER_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- SIP_SERVER_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- SIP_SERVER_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
-
- echo '<?xml version="1.0"?>' > /etc/sipwitch.conf
- echo '<sipwitch>' >> /etc/sipwitch.conf
- echo '<provision>' >> /etc/sipwitch.conf
-
- echo "<user id=\"$MY_USERNAME\">" >> /etc/sipwitch.conf
- echo '<extension>201</extension>' >> /etc/sipwitch.conf
- echo "<secret>$SIP_SERVER_PASSWORD</secret>" >> /etc/sipwitch.conf
- echo "<display>$MY_USERNAME 201</display>" >> /etc/sipwitch.conf
- echo '</user>' >> /etc/sipwitch.conf
-
- echo '</provision>' >> /etc/sipwitch.conf
- echo '<access>' >> /etc/sipwitch.conf
- echo '</access>' >> /etc/sipwitch.conf
- echo '<stack>' >> /etc/sipwitch.conf
- echo " <localnames>$DEFAULT_DOMAIN_NAME</localnames>" >> /etc/sipwitch.conf
- echo ' <mapped>200</mapped>' >> /etc/sipwitch.conf
- echo ' <threading>2</threading>' >> /etc/sipwitch.conf
- echo ' <interface>*</interface>' >> /etc/sipwitch.conf
- echo ' <dumping>false</dumping>' >> /etc/sipwitch.conf
- echo ' <system>system</system>' >> /etc/sipwitch.conf
- echo ' <anon>anonymous</anon>' >> /etc/sipwitch.conf
- echo '</stack>' >> /etc/sipwitch.conf
- echo '<timers>' >> /etc/sipwitch.conf
- echo ' <!-- ring every 4 seconds -->' >> /etc/sipwitch.conf
- echo ' <ring>4</ring>' >> /etc/sipwitch.conf
- echo ' <!-- call forward no answer after x rings -->' >> /etc/sipwitch.conf
- echo ' <cfna>4</cfna>' >> /etc/sipwitch.conf
- echo ' <!-- call reset to clear cid in stack, 6 seconds -->' >> /etc/sipwitch.conf
- echo ' <reset>6</reset>' >> /etc/sipwitch.conf
- echo '</timers>' >> /etc/sipwitch.conf
- echo '<!-- we have 2xx numbers plus space for external users -->' >> /etc/sipwitch.conf
- echo '<registry>' >> /etc/sipwitch.conf
- echo ' <prefix>200</prefix>' >> /etc/sipwitch.conf
- echo ' <range>100</range>' >> /etc/sipwitch.conf
- echo ' <keysize>77</keysize>' >> /etc/sipwitch.conf
- echo ' <mapped>200</mapped>' >> /etc/sipwitch.conf
- echo ' <!-- <realm>GNU Telephony</realm> -->' >> /etc/sipwitch.conf
- echo '</registry>' >> /etc/sipwitch.conf
- echo '<routing>' >> /etc/sipwitch.conf
- echo '</routing>' >> /etc/sipwitch.conf
- echo '</sipwitch>' >> /etc/sipwitch.conf
-
- sed -i 's|#PLUGINS=|PLUGINS=|g' /etc/default/sipwitch
- sed -i 's|PLUGINS=.*|PLUGINS="zeroconf subscriber forward"|g' /etc/default/sipwitch
- groupadd sipwitch
- usermod -aG sipwitch $MY_USERNAME
-
- SIP_ONION_HOSTNAME=$(add_onion_service sip ${SIP_PORT} ${SIP_PORT})
- if ! grep -q $"SIP onion domain" $COMPLETION_FILE; then
- echo "SIP onion domain:$SIP_ONION_HOSTNAME" >> $COMPLETION_FILE
- fi
-
- if ! grep -q $"SIP Server" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'SIP Server' >> /home/$MY_USERNAME/README
- echo '==========' >> /home/$MY_USERNAME/README
- echo $"SIP onion_domain: $SIP_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
- echo $"SIP server username: $MY_USERNAME" >> /home/$MY_USERNAME/README
- echo $"SIP server extension: 201" >> /home/$MY_USERNAME/README
- echo $"SIP server password: $SIP_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- function_check configure_firewall_for_sip4
- configure_firewall_for_sip4
- echo 'install_sip_main' >> $COMPLETION_FILE
+ if grep -Fxq "install_sip_main" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install sipwitch
+
+ function_check get_sip_server_password
+ get_sip_server_password
+ if [ ! $SIP_SERVER_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ SIP_SERVER_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ SIP_SERVER_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+
+ echo '<?xml version="1.0"?>' > /etc/sipwitch.conf
+ echo '<sipwitch>' >> /etc/sipwitch.conf
+ echo '<provision>' >> /etc/sipwitch.conf
+
+ echo "<user id=\"$MY_USERNAME\">" >> /etc/sipwitch.conf
+ echo '<extension>201</extension>' >> /etc/sipwitch.conf
+ echo "<secret>$SIP_SERVER_PASSWORD</secret>" >> /etc/sipwitch.conf
+ echo "<display>$MY_USERNAME 201</display>" >> /etc/sipwitch.conf
+ echo '</user>' >> /etc/sipwitch.conf
+
+ echo '</provision>' >> /etc/sipwitch.conf
+ echo '<access>' >> /etc/sipwitch.conf
+ echo '</access>' >> /etc/sipwitch.conf
+ echo '<stack>' >> /etc/sipwitch.conf
+ echo " <localnames>$DEFAULT_DOMAIN_NAME</localnames>" >> /etc/sipwitch.conf
+ echo ' <mapped>200</mapped>' >> /etc/sipwitch.conf
+ echo ' <threading>2</threading>' >> /etc/sipwitch.conf
+ echo ' <interface>*</interface>' >> /etc/sipwitch.conf
+ echo ' <dumping>false</dumping>' >> /etc/sipwitch.conf
+ echo ' <system>system</system>' >> /etc/sipwitch.conf
+ echo ' <anon>anonymous</anon>' >> /etc/sipwitch.conf
+ echo '</stack>' >> /etc/sipwitch.conf
+ echo '<timers>' >> /etc/sipwitch.conf
+ echo ' <!-- ring every 4 seconds -->' >> /etc/sipwitch.conf
+ echo ' <ring>4</ring>' >> /etc/sipwitch.conf
+ echo ' <!-- call forward no answer after x rings -->' >> /etc/sipwitch.conf
+ echo ' <cfna>4</cfna>' >> /etc/sipwitch.conf
+ echo ' <!-- call reset to clear cid in stack, 6 seconds -->' >> /etc/sipwitch.conf
+ echo ' <reset>6</reset>' >> /etc/sipwitch.conf
+ echo '</timers>' >> /etc/sipwitch.conf
+ echo '<!-- we have 2xx numbers plus space for external users -->' >> /etc/sipwitch.conf
+ echo '<registry>' >> /etc/sipwitch.conf
+ echo ' <prefix>200</prefix>' >> /etc/sipwitch.conf
+ echo ' <range>100</range>' >> /etc/sipwitch.conf
+ echo ' <keysize>77</keysize>' >> /etc/sipwitch.conf
+ echo ' <mapped>200</mapped>' >> /etc/sipwitch.conf
+ echo ' <!-- <realm>GNU Telephony</realm> -->' >> /etc/sipwitch.conf
+ echo '</registry>' >> /etc/sipwitch.conf
+ echo '<routing>' >> /etc/sipwitch.conf
+ echo '</routing>' >> /etc/sipwitch.conf
+ echo '</sipwitch>' >> /etc/sipwitch.conf
+
+ sed -i 's|#PLUGINS=|PLUGINS=|g' /etc/default/sipwitch
+ sed -i 's|PLUGINS=.*|PLUGINS="zeroconf subscriber forward"|g' /etc/default/sipwitch
+ groupadd sipwitch
+ usermod -aG sipwitch $MY_USERNAME
+
+ SIP_ONION_HOSTNAME=$(add_onion_service sip ${SIP_PORT} ${SIP_PORT})
+ if ! grep -q $"SIP onion domain" $COMPLETION_FILE; then
+ echo "SIP onion domain:$SIP_ONION_HOSTNAME" >> $COMPLETION_FILE
+ fi
+
+ if ! grep -q $"SIP Server" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'SIP Server' >> /home/$MY_USERNAME/README
+ echo '==========' >> /home/$MY_USERNAME/README
+ echo $"SIP onion_domain: $SIP_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
+ echo $"SIP server username: $MY_USERNAME" >> /home/$MY_USERNAME/README
+ echo $"SIP server extension: 201" >> /home/$MY_USERNAME/README
+ echo $"SIP server password: $SIP_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ function_check configure_firewall_for_sip4
+ configure_firewall_for_sip4
+ echo 'install_sip_main' >> $COMPLETION_FILE
}
function install_sip_turn {
- if grep -Fxq "install_sip_turn" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install turnserver
-
- # create a nonce if needed
- if [ ! $VOIP_TURN_NONCE ]; then
- VOIP_TURN_NONCE="$(create_password 30)"
- fi
-
- function_check create_site_certificate
- create_site_certificate $DEFAULT_DOMAIN_NAME
-
- echo '##' > /etc/turnserver/turnserver.conf
- echo '# TurnServer configuration file.' >> /etc/turnserver/turnserver.conf
- echo '#' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Public IPv4 address of any relayed address (if not set, no relay for IPv4).' >> /etc/turnserver/turnserver.conf
- echo '## To have multiple address, separate addresses with a comma' >> /etc/turnserver/turnserver.conf
- echo '## (i.e. listen_address = { "172.16.0.1", "172.17.0.1" }).' >> /etc/turnserver/turnserver.conf
- echo "listen_address = { \"192.168.0.1\" }" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Public IPv6 address of any relayed address (if not set, no relay for IPv6).' >> /etc/turnserver/turnserver.conf
- echo '## To have multiple address, separate address with a comma' >> /etc/turnserver/turnserver.conf
- echo '## (i.e. listen_addressv6 = { "2001:db8:1::1", "2001:db8:2::1" }).' >> /etc/turnserver/turnserver.conf
- echo "#listen_addressv6 = { \"2001:db8::1\" }" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## UDP listening port.' >> /etc/turnserver/turnserver.conf
- echo "udp_port = $VOIP_TURN_PORT" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TCP listening port.' >> /etc/turnserver/turnserver.conf
- echo "tcp_port = $VOIP_TURN_PORT" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TLS listening port.' >> /etc/turnserver/turnserver.conf
- echo "tls_port = $VOIP_TURN_TLS_PORT" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TLS support.' >> /etc/turnserver/turnserver.conf
- echo 'tls = true' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## DTLS support. It is an experimental feature and is not defined in TURN' >> /etc/turnserver/turnserver.conf
- echo '## standard.' >> /etc/turnserver/turnserver.conf
- echo 'dtls = false' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Maximum allocation port number.' >> /etc/turnserver/turnserver.conf
- echo 'max_port = 65535' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Minimum allocation port number.' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo 'min_port = 49152' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TURN-TCP support.' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo 'turn_tcp = true' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TURN-TCP buffering mode:' >> /etc/turnserver/turnserver.conf
- echo '## - true, use userspace buffering;' >> /etc/turnserver/turnserver.conf
- echo '## - false, use kernel buffering.' >> /etc/turnserver/turnserver.conf
- echo 'tcp_buffer_userspace = true' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TURN-TCP maximum buffer size.' >> /etc/turnserver/turnserver.conf
- echo 'tcp_buffer_size = 32768' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Daemon mode.' >> /etc/turnserver/turnserver.conf
- echo 'daemon = true' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Unprivileged user.' >> /etc/turnserver/turnserver.conf
- echo '## If you want to use this feature create a system user.' >> /etc/turnserver/turnserver.conf
- echo '## On Linux: adduser --system --group turnserver' >> /etc/turnserver/turnserver.conf
- echo 'unpriv_user = turnserver' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Realm value.' >> /etc/turnserver/turnserver.conf
- echo "realm = \"$DEFAULT_DOMAIN_NAME\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Nonce key.' >> /etc/turnserver/turnserver.conf
- echo "nonce_key = \"$VOIP_TURN_NONCE\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Max relay per username.' >> /etc/turnserver/turnserver.conf
- echo 'max_relay_per_username = 5' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Allocation lifetime.' >> /etc/turnserver/turnserver.conf
- echo 'allocation_lifetime = 1800' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Allocation bandwidth limitation (in KBytes/s).' >> /etc/turnserver/turnserver.conf
- echo '## 0 value means bandwidth quota disabled.' >> /etc/turnserver/turnserver.conf
- echo 'bandwidth_per_allocation = 150' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Restricted user bandwidth (in KBytes/s).' >> /etc/turnserver/turnserver.conf
- echo '## 0 value means bandwidth limitation disabled.' >> /etc/turnserver/turnserver.conf
- echo 'restricted_bandwidth = 10' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Denied addresses.' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '# disallow relaying to localhost' >> /etc/turnserver/turnserver.conf
- echo 'denied_address {' >> /etc/turnserver/turnserver.conf
- echo ' address = "127.0.0.1"' >> /etc/turnserver/turnserver.conf
- echo ' mask = "8"' >> /etc/turnserver/turnserver.conf
- echo ' port = 0' >> /etc/turnserver/turnserver.conf
- echo '}' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '# disallow relaying to ip6-localhost' >> /etc/turnserver/turnserver.conf
- echo 'denied_address {' >> /etc/turnserver/turnserver.conf
- echo ' address = "::1"' >> /etc/turnserver/turnserver.conf
- echo ' mask = "128"' >> /etc/turnserver/turnserver.conf
- echo ' port = 0' >> /etc/turnserver/turnserver.conf
- echo '}' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Certification Authority file.' >> /etc/turnserver/turnserver.conf
- echo "ca_file = \"/etc/ssl/certs/ca-certificates.crt\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Server certificate file.' >> /etc/turnserver/turnserver.conf
- if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem ]; then
- echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem\"" >> /etc/turnserver/turnserver.conf
- else
- if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt ]; then
- echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt\"" >> /etc/turnserver/turnserver.conf
- fi
- fi
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Private key file.' >> /etc/turnserver/turnserver.conf
- echo "private_key_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.key\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Account method.' >> /etc/turnserver/turnserver.conf
- echo "account_method = \"file\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Account file (if account_method = file).' >> /etc/turnserver/turnserver.conf
- echo "account_file = \"/etc/turnserver/turnusers.txt\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## mod_tmpuser.' >> /etc/turnserver/turnserver.conf
- echo 'mod_tmpuser = false' >> /etc/turnserver/turnserver.conf
-
- echo "${MY_USERNAME}:password:${DEFAULT_DOMAIN_NAME}:authorized" > /etc/turnserver/turnusers.txt
-
- systemctl restart turnserver
-
- function_check configure_firewall_for_voip_turn
- configure_firewall_for_voip_turn
- echo 'install_sip_turn' >> $COMPLETION_FILE
+ if grep -Fxq "install_sip_turn" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install turnserver
+
+ # create a nonce if needed
+ if [ ! $VOIP_TURN_NONCE ]; then
+ VOIP_TURN_NONCE="$(create_password 30)"
+ fi
+
+ function_check create_site_certificate
+ create_site_certificate $DEFAULT_DOMAIN_NAME
+
+ echo '##' > /etc/turnserver/turnserver.conf
+ echo '# TurnServer configuration file.' >> /etc/turnserver/turnserver.conf
+ echo '#' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Public IPv4 address of any relayed address (if not set, no relay for IPv4).' >> /etc/turnserver/turnserver.conf
+ echo '## To have multiple address, separate addresses with a comma' >> /etc/turnserver/turnserver.conf
+ echo '## (i.e. listen_address = { "172.16.0.1", "172.17.0.1" }).' >> /etc/turnserver/turnserver.conf
+ echo "listen_address = { \"192.168.0.1\" }" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Public IPv6 address of any relayed address (if not set, no relay for IPv6).' >> /etc/turnserver/turnserver.conf
+ echo '## To have multiple address, separate address with a comma' >> /etc/turnserver/turnserver.conf
+ echo '## (i.e. listen_addressv6 = { "2001:db8:1::1", "2001:db8:2::1" }).' >> /etc/turnserver/turnserver.conf
+ echo "#listen_addressv6 = { \"2001:db8::1\" }" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## UDP listening port.' >> /etc/turnserver/turnserver.conf
+ echo "udp_port = $VOIP_TURN_PORT" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TCP listening port.' >> /etc/turnserver/turnserver.conf
+ echo "tcp_port = $VOIP_TURN_PORT" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TLS listening port.' >> /etc/turnserver/turnserver.conf
+ echo "tls_port = $VOIP_TURN_TLS_PORT" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TLS support.' >> /etc/turnserver/turnserver.conf
+ echo 'tls = true' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## DTLS support. It is an experimental feature and is not defined in TURN' >> /etc/turnserver/turnserver.conf
+ echo '## standard.' >> /etc/turnserver/turnserver.conf
+ echo 'dtls = false' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Maximum allocation port number.' >> /etc/turnserver/turnserver.conf
+ echo 'max_port = 65535' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Minimum allocation port number.' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo 'min_port = 49152' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TURN-TCP support.' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo 'turn_tcp = true' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TURN-TCP buffering mode:' >> /etc/turnserver/turnserver.conf
+ echo '## - true, use userspace buffering;' >> /etc/turnserver/turnserver.conf
+ echo '## - false, use kernel buffering.' >> /etc/turnserver/turnserver.conf
+ echo 'tcp_buffer_userspace = true' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TURN-TCP maximum buffer size.' >> /etc/turnserver/turnserver.conf
+ echo 'tcp_buffer_size = 32768' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Daemon mode.' >> /etc/turnserver/turnserver.conf
+ echo 'daemon = true' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Unprivileged user.' >> /etc/turnserver/turnserver.conf
+ echo '## If you want to use this feature create a system user.' >> /etc/turnserver/turnserver.conf
+ echo '## On Linux: adduser --system --group turnserver' >> /etc/turnserver/turnserver.conf
+ echo 'unpriv_user = turnserver' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Realm value.' >> /etc/turnserver/turnserver.conf
+ echo "realm = \"$DEFAULT_DOMAIN_NAME\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Nonce key.' >> /etc/turnserver/turnserver.conf
+ echo "nonce_key = \"$VOIP_TURN_NONCE\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Max relay per username.' >> /etc/turnserver/turnserver.conf
+ echo 'max_relay_per_username = 5' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Allocation lifetime.' >> /etc/turnserver/turnserver.conf
+ echo 'allocation_lifetime = 1800' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Allocation bandwidth limitation (in KBytes/s).' >> /etc/turnserver/turnserver.conf
+ echo '## 0 value means bandwidth quota disabled.' >> /etc/turnserver/turnserver.conf
+ echo 'bandwidth_per_allocation = 150' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Restricted user bandwidth (in KBytes/s).' >> /etc/turnserver/turnserver.conf
+ echo '## 0 value means bandwidth limitation disabled.' >> /etc/turnserver/turnserver.conf
+ echo 'restricted_bandwidth = 10' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Denied addresses.' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '# disallow relaying to localhost' >> /etc/turnserver/turnserver.conf
+ echo 'denied_address {' >> /etc/turnserver/turnserver.conf
+ echo ' address = "127.0.0.1"' >> /etc/turnserver/turnserver.conf
+ echo ' mask = "8"' >> /etc/turnserver/turnserver.conf
+ echo ' port = 0' >> /etc/turnserver/turnserver.conf
+ echo '}' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '# disallow relaying to ip6-localhost' >> /etc/turnserver/turnserver.conf
+ echo 'denied_address {' >> /etc/turnserver/turnserver.conf
+ echo ' address = "::1"' >> /etc/turnserver/turnserver.conf
+ echo ' mask = "128"' >> /etc/turnserver/turnserver.conf
+ echo ' port = 0' >> /etc/turnserver/turnserver.conf
+ echo '}' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Certification Authority file.' >> /etc/turnserver/turnserver.conf
+ echo "ca_file = \"/etc/ssl/certs/ca-certificates.crt\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Server certificate file.' >> /etc/turnserver/turnserver.conf
+ if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem ]; then
+ echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem\"" >> /etc/turnserver/turnserver.conf
+ else
+ if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt ]; then
+ echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt\"" >> /etc/turnserver/turnserver.conf
+ fi
+ fi
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Private key file.' >> /etc/turnserver/turnserver.conf
+ echo "private_key_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.key\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Account method.' >> /etc/turnserver/turnserver.conf
+ echo "account_method = \"file\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Account file (if account_method = file).' >> /etc/turnserver/turnserver.conf
+ echo "account_file = \"/etc/turnserver/turnusers.txt\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## mod_tmpuser.' >> /etc/turnserver/turnserver.conf
+ echo 'mod_tmpuser = false' >> /etc/turnserver/turnserver.conf
+
+ echo "${MY_USERNAME}:password:${DEFAULT_DOMAIN_NAME}:authorized" > /etc/turnserver/turnusers.txt
+
+ systemctl restart turnserver
+
+ function_check configure_firewall_for_voip_turn
+ configure_firewall_for_voip_turn
+ echo 'install_sip_turn' >> $COMPLETION_FILE
}
function install_sip {
- if grep -Fxq "install_sip" $COMPLETION_FILE; then
- return
- fi
- install_sip_main
- update_sipwitch_daemon
- echo 'install_sip' >> $COMPLETION_FILE
+ if grep -Fxq "install_sip" $COMPLETION_FILE; then
+ return
+ fi
+ install_sip_main
+ update_sipwitch_daemon
+ echo 'install_sip' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-syncthing b/src/freedombone-app-syncthing
index ade7f33ba..f51dd2977 100755
--- a/src/freedombone-app-syncthing
+++ b/src/freedombone-app-syncthing
@@ -39,6 +39,10 @@ SYNCTHING_PORT=22000
SYNCTHING_SHARED_DATA=/var/lib/syncthing/SyncShared
SYNCTHING_USER_IDS_FILE='.syncthingids'
+function change_password_syncthing {
+ echo -n ''
+}
+
function reconfigure_syncthing {
echo -n ''
}
diff --git a/src/freedombone-app-tahoelafs b/src/freedombone-app-tahoelafs
index 640a5c7fa..eb79eb420 100755
--- a/src/freedombone-app-tahoelafs
+++ b/src/freedombone-app-tahoelafs
@@ -39,6 +39,10 @@ TAHOELAFS_STORAGE_SPACE=1G
TAHOELAFS_SHARED_DIR='Shared'
TAHOE_COMMAND="cd /var/lib/tahoelafs && venv/bin/tahoe"
+function change_password_tahoelafs {
+ echo -n ''
+}
+
function reconfigure_tahoelafs {
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
diff --git a/src/freedombone-app-tox b/src/freedombone-app-tox
index 942cb79cb..9120aad15 100755
--- a/src/freedombone-app-tox
+++ b/src/freedombone-app-tox
@@ -49,6 +49,10 @@ TOXIC_FILE=/usr/local/bin/toxic
QTOX_REPO="https://github.com/bashrc/qTox"
QTOX_COMMIT='27a628a3789fca4f31516c3982e580052dd3c773'
+function change_password_qtox {
+ echo -n ''
+}
+
function mesh_tox_qtox {
if [ ! ${rootdir}$INSTALL_DIR ]; then
INSTALL_DIR=${rootdir}/root/build
diff --git a/src/freedombone-app-vpn b/src/freedombone-app-vpn
index 2c139c9b4..f7585cba4 100755
--- a/src/freedombone-app-vpn
+++ b/src/freedombone-app-vpn
@@ -30,53 +30,57 @@
VARIANTS=''
+function change_password_vpn {
+ echo -n ''
+}
+
function reconfigure_vpn {
- echo -n ''
+ echo -n ''
}
function upgrade_vpn {
- echo -n ''
+ echo -n ''
}
function backup_local_vpn {
- echo -n ''
+ echo -n ''
}
function restore_local_vpn {
- echo -n ''
+ echo -n ''
}
function backup_remote_vpn {
- echo -n ''
+ echo -n ''
}
function restore_remote_vpn {
- echo -n ''
+ echo -n ''
}
function remove_vpn {
- apt-get -y remove --purge fastd
- sed -i '/install_vpn/d' $COMPLETION_FILE
+ apt-get -y remove --purge fastd
+ sed -i '/install_vpn/d' $COMPLETION_FILE
}
function install_vpn {
- if grep -Fxq "install_vpn" $COMPLETION_FILE; then
- return
- fi
- if ! grep -q "repo.universe-factory.net" /etc/apt/sources.list; then
- echo 'deb http://repo.universe-factory.net/debian/ sid main' >> /etc/apt/sources.list
- gpg --keyserver pgpkeys.mit.edu --recv-key 16EF3F64CB201D9C
- if [ ! "$?" = "0" ]; then
- exit 76272
- fi
- gpg -a --export 16EF3F64CB201D9C | sudo apt-key add -
- apt-get update
- apt-get -y install fastd
- if [ ! "$?" = "0" ]; then
- exit 52026
- fi
- fi
- echo 'install_vpn' >> $COMPLETION_FILE
+ if grep -Fxq "install_vpn" $COMPLETION_FILE; then
+ return
+ fi
+ if ! grep -q "repo.universe-factory.net" /etc/apt/sources.list; then
+ echo 'deb http://repo.universe-factory.net/debian/ sid main' >> /etc/apt/sources.list
+ gpg --keyserver pgpkeys.mit.edu --recv-key 16EF3F64CB201D9C
+ if [ ! "$?" = "0" ]; then
+ exit 76272
+ fi
+ gpg -a --export 16EF3F64CB201D9C | sudo apt-key add -
+ apt-get update
+ apt-get -y install fastd
+ if [ ! "$?" = "0" ]; then
+ exit 52026
+ fi
+ fi
+ echo 'install_vpn' >> $COMPLETION_FILE
}
# NOTE: deliberately there is no "exit 0"
diff --git a/src/freedombone-app-webmail b/src/freedombone-app-webmail
index 16bce597e..6b8a67711 100755
--- a/src/freedombone-app-webmail
+++ b/src/freedombone-app-webmail
@@ -38,222 +38,226 @@ WEBMAIL_ADMIN_PASSWORD=
WEB_PATH=/var/www
WEBMAIL_PATH=$WEB_PATH/webmail
+function change_password_webmail {
+ echo -n ''
+}
+
function get_mariadb_webmail_admin_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "MariaDB webmail admin password" /home/$MY_USERNAME/README; then
- WEBMAIL_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "MariaDB webmail admin password" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "MariaDB webmail admin password" /home/$MY_USERNAME/README; then
+ WEBMAIL_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "MariaDB webmail admin password" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
}
function webmail_create_database {
- function_check get_mariadb_webmail_admin_password
- get_mariadb_webmail_admin_password
- if [ ! $WEBMAIL_ADMIN_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- WEBMAIL_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- WEBMAIL_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- if [ ! $WEBMAIL_ADMIN_PASSWORD ]; then
- return
- fi
- function_check create_database
- create_database webmail "$WEBMAIL_ADMIN_PASSWORD"
+ function_check get_mariadb_webmail_admin_password
+ get_mariadb_webmail_admin_password
+ if [ ! $WEBMAIL_ADMIN_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ WEBMAIL_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ WEBMAIL_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+ if [ ! $WEBMAIL_ADMIN_PASSWORD ]; then
+ return
+ fi
+ function_check create_database
+ create_database webmail "$WEBMAIL_ADMIN_PASSWORD"
}
function reconfigure_webmail {
- echo -n ''
+ echo -n ''
}
function upgrade_webmail {
- if ! grep -Fxq "install_webmail" $COMPLETION_FILE; then
- return
- fi
- function_check set_repo_commit
- set_repo_commit $WEBMAIL_PATH "Webmail commit" "$WEBMAIL_COMMIT" $WEBMAIL_REPO
+ if ! grep -Fxq "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ function_check set_repo_commit
+ set_repo_commit $WEBMAIL_PATH "Webmail commit" "$WEBMAIL_COMMIT" $WEBMAIL_REPO
}
function backup_local_webmail {
- if ! grep -q "install_webmail" $COMPLETION_FILE; then
- return
- fi
- echo $"Backing up webmail"
+ if ! grep -q "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ echo $"Backing up webmail"
- function_check backup_database_to_usb
- backup_database_to_usb webmail
+ function_check backup_database_to_usb
+ backup_database_to_usb webmail
- echo $"Backing up webmail complete"
+ echo $"Backing up webmail complete"
}
function restore_local_webmail {
- if ! grep -q "install_webmail" $COMPLETION_FILE; then
- return
- fi
- echo $"Restoring webmail"
+ if ! grep -q "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ echo $"Restoring webmail"
- function_check webmail_create_database
- webmail_create_database
+ function_check webmail_create_database
+ webmail_create_database
- function_check restore_database
- restore_database webmail
+ function_check restore_database
+ restore_database webmail
- echo $"Restore of webmail complete"
+ echo $"Restore of webmail complete"
}
function backup_remote_webmail {
- echo -n ''
+ echo -n ''
}
function restore_remote_webmail {
- echo -n ''
+ echo -n ''
}
function remove_webmail {
- if ! grep -Fxq "install_webmail" $COMPLETION_FILE; then
- return
- fi
- nginx_dissite webmail
- if [ -f /etc/nginx/sites-available/webmail ]; then
- rm /etc/nginx/sites-available/webmail
- fi
- function_check remove_onion_service
- remove_onion_service webmail ${WEBMAIL_ONION_PORT}
- function_check drop_database
- drop_database webmail
- if [ -d $WEB_PATH/webmail ]; then
- rm -rf $WEB_PATH/webmail
- fi
- sed -i '/Webmail /d' $COMPLETION_FILE
- sed -i '/install_webmail/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ nginx_dissite webmail
+ if [ -f /etc/nginx/sites-available/webmail ]; then
+ rm /etc/nginx/sites-available/webmail
+ fi
+ function_check remove_onion_service
+ remove_onion_service webmail ${WEBMAIL_ONION_PORT}
+ function_check drop_database
+ drop_database webmail
+ if [ -d $WEB_PATH/webmail ]; then
+ rm -rf $WEB_PATH/webmail
+ fi
+ sed -i '/Webmail /d' $COMPLETION_FILE
+ sed -i '/install_webmail/d' $COMPLETION_FILE
}
function install_webmail {
- if grep -Fxq "install_webmail" $COMPLETION_FILE; then
- return
- fi
- if [ -d /etc/apache2 ]; then
- rm -rf /etc/apache2
- echo $'Removed Apache installation after Dokuwiki install'
- fi
-
- function_check install_mariadb
- install_mariadb
-
- function_check get_mariadb_password
- get_mariadb_password
-
- function_check repair_databases_script
- repair_databases_script
-
- apt-get -y install php5-common php5-cli php5-curl php5-gd php5-mysql php5-mcrypt git
- apt-get -y install php5-dev imagemagick php5-imagick php5-sqlite php-auth-sasl php-net-smtp php-mime-type
- apt-get -y install php-mail-mime php-mail-mimedecode php-net-ldap3 php5-pspell
- pear install Net_IDNA2
-
- if [ ! -f $WEBMAIL_PATH/index.php ]; then
- cd $WEB_PATH
- git_clone $WEBMAIL_REPO webmail
- cd $WEBMAIL_PATH
- git checkout $WEBMAIL_COMMIT -b $WEBMAIL_COMMIT
- if ! grep -q "Webmail commit" $COMPLETION_FILE; then
- echo "Webmail commit:$WEBMAIL_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/Webmail commit.*/Webmail commit:$WEBMAIL_COMMIT/g" $COMPLETION_FILE
- fi
- fi
- if [ ! -f $WEBMAIL_PATH/index.php ]; then
- echo $'Did not clone webmail repo'
- exit 52825
- fi
-
- WEBMAIL_ONION_HOSTNAME=$(add_onion_service webmail 80 ${WEBMAIL_ONION_PORT})
- echo "Webmail onion domain:${WEBMAIL_ONION_HOSTNAME}" >> $COMPLETION_FILE
-
- webmail_create_database
-
- mysql -u root --password="$MARIADB_PASSWORD" -D webmail < $WEBMAIL_PATH/SQL/mysql.initial.sql
-
- if [ ! -d /var/www/$DEFAULT_DOMAIN_NAME/htdocs ]; then
- mkdir -p /var/www/$DEFAULT_DOMAIN_NAME/htdocs
- fi
- ln -s $WEBMAIL_PATH /var/www/$DEFAULT_DOMAIN_NAME/htdocs/webmail
-
- if [ ! -f /var/www/webmail/config/config.inc.php ]; then
- # generate the configuration
- echo '<?php' > /var/www/webmail/config/config.inc.php
- echo "\$config['db_dsnw'] = 'mysql://root:${MARIADB_PASSWORD}@localhost/webmail';" >> /var/www/webmail/config/config.inc.php
- echo "\$config['default_host'] = 'localhost';" >> /var/www/webmail/config/config.inc.php
- echo "\$config['support_url'] = '';" >> /var/www/webmail/config/config.inc.php
- WEBMAIL_DES_KEY="$(create_password 25)"
- echo "\$config['des_key'] = '${WEBMAIL_DES_KEY}';" >> /var/www/webmail/config/config.inc.php
- echo "\$config['product_name'] = '${PROJECT_NAME}';" >> /var/www/webmail/config/config.inc.php
- echo "\$config['plugins'] = array('enigma');" >> /var/www/webmail/config/config.inc.php
- echo "\$config['mime_param_folding'] = 0;" >> /var/www/webmail/config/config.inc.php
- echo "\$config['enable_installer'] = false;" >> /var/www/webmail/config/config.inc.php
- fi
-
- chown -R www-data:www-data $WEBMAIL_PATH
-
- echo 'server {' > /etc/nginx/sites-available/webmail
- echo " listen 127.0.0.1:$WEBMAIL_ONION_PORT default_server;" >> /etc/nginx/sites-available/webmail
- echo " server_name $WEBMAIL_ONION_HOSTNAME;" >> /etc/nginx/sites-available/webmail
- echo " root ${WEBMAIL_PATH};" >> /etc/nginx/sites-available/webmail
- echo ' index index.php index.html index.htm;' >> /etc/nginx/sites-available/webmail
- echo ' access_log off;' >> /etc/nginx/sites-available/webmail
- echo ' error_log off;' >> /etc/nginx/sites-available/webmail
- echo ' location / {' >> /etc/nginx/sites-available/webmail
- echo ' try_files $uri $uri/ /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' error_page 404 /404.html;' >> /etc/nginx/sites-available/webmail
- echo ' error_page 500 502 503 504 /50x.html;' >> /etc/nginx/sites-available/webmail
- echo ' location = /50x.html {' >> /etc/nginx/sites-available/webmail
- echo " root ${WEBMAIL_PATH};" >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' location ~ ^/(README.md|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {' >> /etc/nginx/sites-available/webmail
- echo ' deny all;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' location ~ ^/(config|temp|logs)/ {' >> /etc/nginx/sites-available/webmail
- echo ' deny all;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/webmail
- echo ' deny all;' >> /etc/nginx/sites-available/webmail
- echo ' access_log off;' >> /etc/nginx/sites-available/webmail
- echo ' log_not_found off;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' location ~ \.php$ {' >> /etc/nginx/sites-available/webmail
- echo ' try_files $uri =404;' >> /etc/nginx/sites-available/webmail
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/webmail
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/webmail
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/webmail
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/webmail
- echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/webmail
- echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/webmail
- echo '}' >> /etc/nginx/sites-available/webmail
-
- nginx_ensite webmail
- systemctl restart php5-fpm
- systemctl restart nginx
-
- if ! grep -q "Webmail" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo 'Webmail' >> /home/$MY_USERNAME/README
- echo '=======' >> /home/$MY_USERNAME/README
- if [[ $ONION_ONLY == 'no' ]]; then
- echo $"Open https://$DEFAULT_DOMAIN_NAME/webmail/index.php" >> /home/$MY_USERNAME/README
- else
- echo $"Open http://$WEBMAIL_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
- fi
- echo $"MariaDB webmail admin password: $WEBMAIL_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- echo 'install_webmail' >> $COMPLETION_FILE
+ if grep -Fxq "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ if [ -d /etc/apache2 ]; then
+ rm -rf /etc/apache2
+ echo $'Removed Apache installation after Dokuwiki install'
+ fi
+
+ function_check install_mariadb
+ install_mariadb
+
+ function_check get_mariadb_password
+ get_mariadb_password
+
+ function_check repair_databases_script
+ repair_databases_script
+
+ apt-get -y install php5-common php5-cli php5-curl php5-gd php5-mysql php5-mcrypt git
+ apt-get -y install php5-dev imagemagick php5-imagick php5-sqlite php-auth-sasl php-net-smtp php-mime-type
+ apt-get -y install php-mail-mime php-mail-mimedecode php-net-ldap3 php5-pspell
+ pear install Net_IDNA2
+
+ if [ ! -f $WEBMAIL_PATH/index.php ]; then
+ cd $WEB_PATH
+ git_clone $WEBMAIL_REPO webmail
+ cd $WEBMAIL_PATH
+ git checkout $WEBMAIL_COMMIT -b $WEBMAIL_COMMIT
+ if ! grep -q "Webmail commit" $COMPLETION_FILE; then
+ echo "Webmail commit:$WEBMAIL_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/Webmail commit.*/Webmail commit:$WEBMAIL_COMMIT/g" $COMPLETION_FILE
+ fi
+ fi
+ if [ ! -f $WEBMAIL_PATH/index.php ]; then
+ echo $'Did not clone webmail repo'
+ exit 52825
+ fi
+
+ WEBMAIL_ONION_HOSTNAME=$(add_onion_service webmail 80 ${WEBMAIL_ONION_PORT})
+ echo "Webmail onion domain:${WEBMAIL_ONION_HOSTNAME}" >> $COMPLETION_FILE
+
+ webmail_create_database
+
+ mysql -u root --password="$MARIADB_PASSWORD" -D webmail < $WEBMAIL_PATH/SQL/mysql.initial.sql
+
+ if [ ! -d /var/www/$DEFAULT_DOMAIN_NAME/htdocs ]; then
+ mkdir -p /var/www/$DEFAULT_DOMAIN_NAME/htdocs
+ fi
+ ln -s $WEBMAIL_PATH /var/www/$DEFAULT_DOMAIN_NAME/htdocs/webmail
+
+ if [ ! -f /var/www/webmail/config/config.inc.php ]; then
+ # generate the configuration
+ echo '<?php' > /var/www/webmail/config/config.inc.php
+ echo "\$config['db_dsnw'] = 'mysql://root:${MARIADB_PASSWORD}@localhost/webmail';" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['default_host'] = 'localhost';" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['support_url'] = '';" >> /var/www/webmail/config/config.inc.php
+ WEBMAIL_DES_KEY="$(create_password 25)"
+ echo "\$config['des_key'] = '${WEBMAIL_DES_KEY}';" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['product_name'] = '${PROJECT_NAME}';" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['plugins'] = array('enigma');" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['mime_param_folding'] = 0;" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['enable_installer'] = false;" >> /var/www/webmail/config/config.inc.php
+ fi
+
+ chown -R www-data:www-data $WEBMAIL_PATH
+
+ echo 'server {' > /etc/nginx/sites-available/webmail
+ echo " listen 127.0.0.1:$WEBMAIL_ONION_PORT default_server;" >> /etc/nginx/sites-available/webmail
+ echo " server_name $WEBMAIL_ONION_HOSTNAME;" >> /etc/nginx/sites-available/webmail
+ echo " root ${WEBMAIL_PATH};" >> /etc/nginx/sites-available/webmail
+ echo ' index index.php index.html index.htm;' >> /etc/nginx/sites-available/webmail
+ echo ' access_log off;' >> /etc/nginx/sites-available/webmail
+ echo ' error_log off;' >> /etc/nginx/sites-available/webmail
+ echo ' location / {' >> /etc/nginx/sites-available/webmail
+ echo ' try_files $uri $uri/ /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' error_page 404 /404.html;' >> /etc/nginx/sites-available/webmail
+ echo ' error_page 500 502 503 504 /50x.html;' >> /etc/nginx/sites-available/webmail
+ echo ' location = /50x.html {' >> /etc/nginx/sites-available/webmail
+ echo " root ${WEBMAIL_PATH};" >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' location ~ ^/(README.md|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {' >> /etc/nginx/sites-available/webmail
+ echo ' deny all;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' location ~ ^/(config|temp|logs)/ {' >> /etc/nginx/sites-available/webmail
+ echo ' deny all;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/webmail
+ echo ' deny all;' >> /etc/nginx/sites-available/webmail
+ echo ' access_log off;' >> /etc/nginx/sites-available/webmail
+ echo ' log_not_found off;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' location ~ \.php$ {' >> /etc/nginx/sites-available/webmail
+ echo ' try_files $uri =404;' >> /etc/nginx/sites-available/webmail
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/webmail
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/webmail
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/webmail
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/webmail
+ echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/webmail
+ echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/webmail
+ echo '}' >> /etc/nginx/sites-available/webmail
+
+ nginx_ensite webmail
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ if ! grep -q "Webmail" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo 'Webmail' >> /home/$MY_USERNAME/README
+ echo '=======' >> /home/$MY_USERNAME/README
+ if [[ $ONION_ONLY == 'no' ]]; then
+ echo $"Open https://$DEFAULT_DOMAIN_NAME/webmail/index.php" >> /home/$MY_USERNAME/README
+ else
+ echo $"Open http://$WEBMAIL_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
+ fi
+ echo $"MariaDB webmail admin password: $WEBMAIL_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ echo 'install_webmail' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-wiki b/src/freedombone-app-wiki
index 6db1c580e..bb98c21a6 100755
--- a/src/freedombone-app-wiki
+++ b/src/freedombone-app-wiki
@@ -36,502 +36,506 @@ WIKI_TITLE="${PROJECT_NAME} Wiki"
WIKI_CODE=
WIKI_ONION_PORT=8089
+function change_password_wiki {
+ echo -n ''
+}
+
function reconfigure_wiki {
- echo -n ''
+ echo -n ''
}
function upgrade_wiki {
- echo -n ''
+ echo -n ''
}
function backup_local_wiki {
- source_directory=/var/lib/dokuwiki
- if [ -d $source_directory ]; then
- dest_directory=wiki
- echo $"Backing up $source_directory to $dest_directory"
+ source_directory=/var/lib/dokuwiki
+ if [ -d $source_directory ]; then
+ dest_directory=wiki
+ echo $"Backing up $source_directory to $dest_directory"
- function_check backup_directory_to_usb
- backup_directory_to_usb $source_directory $dest_directory
- backup_directory_to_usb /etc/dokuwiki wiki2
+ function_check backup_directory_to_usb
+ backup_directory_to_usb $source_directory $dest_directory
+ backup_directory_to_usb /etc/dokuwiki wiki2
- echo $"Backup to $dest_directory complete"
- fi
+ echo $"Backup to $dest_directory complete"
+ fi
}
function restore_local_wiki {
- if [ -d /var/lib/dokuwiki ]; then
- echo $"Restoring Wiki installation"
- WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Wiki domain" | awk -F ':' '{print $2}')
- temp_restore_dir=/root/tempwiki
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir wiki
- cp -r $temp_restore_dir/var/lib/dokuwiki/* /var/lib/dokuwiki/
- if [ ! "$?" = "0" ]; then
- function_check restore_directory_from_usb
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 868
- fi
- restore_directory_from_usb ${temp_restore_dir}2 wiki2
- cp -r ${temp_restore_dir}2/etc/dokuwiki/* /etc/dokuwiki/
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 869
- fi
- rm -rf $temp_restore_dir
- rm -rf ${temp_restore_dir}2
- chown -R www-data:www-data /var/lib/dokuwiki/*
- # Ensure that the bundled SSL cert is being used
- if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
- sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
- fi
- if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
- fi
- echo $"Restore of Wiki complete"
- fi
+ if [ -d /var/lib/dokuwiki ]; then
+ echo $"Restoring Wiki installation"
+ WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Wiki domain" | awk -F ':' '{print $2}')
+ temp_restore_dir=/root/tempwiki
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir wiki
+ cp -r $temp_restore_dir/var/lib/dokuwiki/* /var/lib/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ function_check restore_directory_from_usb
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 868
+ fi
+ restore_directory_from_usb ${temp_restore_dir}2 wiki2
+ cp -r ${temp_restore_dir}2/etc/dokuwiki/* /etc/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 869
+ fi
+ rm -rf $temp_restore_dir
+ rm -rf ${temp_restore_dir}2
+ chown -R www-data:www-data /var/lib/dokuwiki/*
+ # Ensure that the bundled SSL cert is being used
+ if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
+ sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
+ fi
+ if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
+ ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
+ ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
+ fi
+ echo $"Restore of Wiki complete"
+ fi
}
function backup_remote_wiki {
- if [ -d /etc/dokuwiki ]; then
- echo $"Backing up wiki"
- backup_directory_to_friend /var/lib/dokuwiki wiki
- backup_directory_to_friend /etc/dokuwiki wiki2
- fi
+ if [ -d /etc/dokuwiki ]; then
+ echo $"Backing up wiki"
+ backup_directory_to_friend /var/lib/dokuwiki wiki
+ backup_directory_to_friend /etc/dokuwiki wiki2
+ fi
}
function restore_remote_wiki {
- if [ -d $SERVER_DIRECTORY/backup/wiki ]; then
- WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Wiki domain" | awk -F ':' '{print $2}')
- echo $"Restoring Wiki installation $WIKI_DOMAIN_NAME"
- function_check restore_directory_from_friend
- restore_directory_from_friend /root/tempwiki wiki
- cp -r /root/tempwiki/var/lib/dokuwiki/* /var/lib/dokuwiki/
- if [ ! "$?" = "0" ]; then
- exit 868
- fi
- restore_directory_from_friend /root/tempwiki2 wiki2
- cp -r /root/tempwiki2/etc/dokuwiki/* /etc/dokuwiki/
- if [ ! "$?" = "0" ]; then
- exit 869
- fi
- rm -rf /root/tempwiki
- rm -rf /root/tempwiki2
- chown -R www-data:www-data /var/lib/dokuwiki/*
- # Ensure that the bundled SSL cert is being used
- if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
- sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
- fi
- if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
- fi
- echo $"Restore of Wiki complete"
- fi
+ if [ -d $SERVER_DIRECTORY/backup/wiki ]; then
+ WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Wiki domain" | awk -F ':' '{print $2}')
+ echo $"Restoring Wiki installation $WIKI_DOMAIN_NAME"
+ function_check restore_directory_from_friend
+ restore_directory_from_friend /root/tempwiki wiki
+ cp -r /root/tempwiki/var/lib/dokuwiki/* /var/lib/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ exit 868
+ fi
+ restore_directory_from_friend /root/tempwiki2 wiki2
+ cp -r /root/tempwiki2/etc/dokuwiki/* /etc/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ exit 869
+ fi
+ rm -rf /root/tempwiki
+ rm -rf /root/tempwiki2
+ chown -R www-data:www-data /var/lib/dokuwiki/*
+ # Ensure that the bundled SSL cert is being used
+ if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
+ sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
+ fi
+ if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
+ ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
+ ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
+ fi
+ echo $"Restore of Wiki complete"
+ fi
}
function remove_wiki {
- if ! grep -Fxq "install_wiki" $COMPLETION_FILE; then
- return
- fi
- function_check remove_onion_service
- remove_onion_service wiki ${WIKI_ONION_PORT}
- nginx_dissite $WIKI_DOMAIN_NAME
- if [ -f /etc/nginx/sites-available/$WIKI_DOMAIN_NAME ]; then
- rm /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- fi
- apt-get -y remove --purge dokuwiki
- if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
- rm -rf /var/www/$WIKI_DOMAIN_NAME
- fi
- if [ -d /var/lib/dokuwiki ]; then
- rm -rf /var/lib/dokuwiki
- fi
- if [ -d /etc/dokuwiki ]; then
- rm -rf /etc/dokuwiki
- fi
- if [ -d /usr/share/dokuwiki ]; then
- rm -rf /usr/share/dokuwiki
- fi
- sed -i '/install_wiki/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_wiki" $COMPLETION_FILE; then
+ return
+ fi
+ function_check remove_onion_service
+ remove_onion_service wiki ${WIKI_ONION_PORT}
+ nginx_dissite $WIKI_DOMAIN_NAME
+ if [ -f /etc/nginx/sites-available/$WIKI_DOMAIN_NAME ]; then
+ rm /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ fi
+ apt-get -y remove --purge dokuwiki
+ if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
+ rm -rf /var/www/$WIKI_DOMAIN_NAME
+ fi
+ if [ -d /var/lib/dokuwiki ]; then
+ rm -rf /var/lib/dokuwiki
+ fi
+ if [ -d /etc/dokuwiki ]; then
+ rm -rf /etc/dokuwiki
+ fi
+ if [ -d /usr/share/dokuwiki ]; then
+ rm -rf /usr/share/dokuwiki
+ fi
+ sed -i '/install_wiki/d' $COMPLETION_FILE
}
function get_wiki_admin_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "Wiki password" /home/$MY_USERNAME/README; then
- WIKI_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Wiki password:" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "Wiki password" /home/$MY_USERNAME/README; then
+ WIKI_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Wiki password:" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
}
function install_wiki {
- if grep -Fxq "install_wiki" $COMPLETION_FILE; then
- return
- fi
- if [ ! $WIKI_DOMAIN_NAME ]; then
- return
- fi
- apt-get -y install dokuwiki
- apt-get -y remove --purge apache*
- if [ -d /etc/apache2 ]; then
- rm -rf /etc/apache2
- echo $'Removed Apache installation after Dokuwiki install'
- fi
-
- if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
- mkdir /var/www/$WIKI_DOMAIN_NAME
- fi
- if [ -d /var/www/$WIKI_DOMAIN_NAME/htdocs ]; then
- rm -rf /var/www/$WIKI_DOMAIN_NAME/htdocs
- fi
-
- ln -s /usr/share/dokuwiki /var/www/$WIKI_DOMAIN_NAME/htdocs
-
- mkdir /var/lib/dokuwiki/custom
- cp /etc/dokuwiki/local.php.dist /var/lib/dokuwiki/custom/local.php
- ln -s /var/lib/dokuwiki/custom/local.php /etc/dokuwiki/local.php
-
- chown www-data /var/lib/dokuwiki/custom
- chown www-data /var/lib/dokuwiki/custom/local.php
- chown -R www-data /etc/dokuwiki
- chown -R www-data /usr/share/dokuwiki/lib/
- chmod 600 /var/lib/dokuwiki/custom/local.php
- chmod -R 755 /usr/share/dokuwiki/lib
-
- sed -i 's|//$conf|$conf|g' /var/lib/dokuwiki/custom/local.php
- sed -i "s|joe|$MY_USERNAME|g" /var/lib/dokuwiki/custom/local.php
-
- sed -i "s|Debian DokuWiki|$WIKI_TITLE|g" /etc/dokuwiki/local.php
-
- # set the admin user
- sed -i "s/@admin/$MY_USERNAME/g" /etc/dokuwiki/local.php
-
- # disallow registration of new users
- if ! grep -q "disableactions" /etc/dokuwiki/local.php; then
- echo "\$conf['disableactions'] = 'register';" >> /etc/dokuwiki/local.php
- fi
- if ! grep -q "disableactions" /var/lib/dokuwiki/custom/local.php; then
- echo "\$conf['disableactions'] = 'register';" >> /var/lib/dokuwiki/custom/local.php
- fi
-
- if ! grep -q "authtype" /var/lib/dokuwiki/custom/local.php; then
- echo "\$conf['authtype'] = 'authplain';" >> /var/lib/dokuwiki/custom/local.php
- fi
- if ! grep -q "authtype" /etc/dokuwiki/local.php; then
- echo "\$conf['authtype'] = 'authplain';" >> /etc/dokuwiki/local.php
- fi
-
- function_check get_wiki_admin_password
- get_wiki_admin_password
- if [ ! $WIKI_ADMIN_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- WIKI_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- WIKI_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- HASHED_WIKI_PASSWORD=$(echo -n "$WIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
- echo -n "$MY_USERNAME:$HASHED_WIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/lib/dokuwiki/acl/users.auth.php
- chmod 640 /var/lib/dokuwiki/acl/users.auth.php
-
- if ! grep -q "video/ogg" /etc/dokuwiki/mime.conf; then
- echo 'ogv video/ogg' >> /etc/dokuwiki/mime.conf
- fi
- if ! grep -q "video/mp4" /etc/dokuwiki/mime.conf; then
- echo 'mp4 video/mp4' >> /etc/dokuwiki/mime.conf
- fi
- if ! grep -q "video/webm" /etc/dokuwiki/mime.conf; then
- echo 'webm video/webm' >> /etc/dokuwiki/mime.conf
- fi
-
- WIKI_ONION_HOSTNAME=$(add_onion_service wiki 80 ${WIKI_ONION_PORT})
-
- if [[ $ONION_ONLY == "no" ]]; then
- echo 'server {' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' listen 80;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo 'server {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- function_check nginx_ssl
- nginx_ssl $WIKI_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $WIKI_DOMAIN_NAME
- echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # webmail' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location /webmail {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /webmail/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /webmail/installer/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- else
- echo -n '' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- fi
- echo 'server {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " listen 127.0.0.1:${WIKI_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " server_name $WIKI_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $WIKI_DOMAIN_NAME
- echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
-
- function_check create_site_certificate
- create_site_certificate $WIKI_DOMAIN_NAME
-
- function_check configure_php
- configure_php
-
- nginx_ensite $WIKI_DOMAIN_NAME
-
- systemctl restart php5-fpm
- systemctl restart nginx
-
- echo "Wiki onion domain:${WIKI_ONION_HOSTNAME}" >> $COMPLETION_FILE
-
- function_check add_ddns_domain
- add_ddns_domain $WIKI_DOMAIN_NAME
-
- # add some post-install instructions
- if ! grep -q $"Wiki password" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Wiki' >> /home/$MY_USERNAME/README
- echo '====' >> /home/$MY_USERNAME/README
- echo $"Wiki onion domain: ${WIKI_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo $"Wiki username: $MY_USERNAME" >> /home/$MY_USERNAME/README
- echo $"Wiki password: $WIKI_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Once you have set up the wiki then remove the install file:' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo " rm /var/www/$WIKI_DOMAIN_NAME/htdocs/install.php" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- echo "Wiki domain:$WIKI_DOMAIN_NAME" >> $COMPLETION_FILE
- echo 'install_wiki' >> $COMPLETION_FILE
+ if grep -Fxq "install_wiki" $COMPLETION_FILE; then
+ return
+ fi
+ if [ ! $WIKI_DOMAIN_NAME ]; then
+ return
+ fi
+ apt-get -y install dokuwiki
+ apt-get -y remove --purge apache*
+ if [ -d /etc/apache2 ]; then
+ rm -rf /etc/apache2
+ echo $'Removed Apache installation after Dokuwiki install'
+ fi
+
+ if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
+ mkdir /var/www/$WIKI_DOMAIN_NAME
+ fi
+ if [ -d /var/www/$WIKI_DOMAIN_NAME/htdocs ]; then
+ rm -rf /var/www/$WIKI_DOMAIN_NAME/htdocs
+ fi
+
+ ln -s /usr/share/dokuwiki /var/www/$WIKI_DOMAIN_NAME/htdocs
+
+ mkdir /var/lib/dokuwiki/custom
+ cp /etc/dokuwiki/local.php.dist /var/lib/dokuwiki/custom/local.php
+ ln -s /var/lib/dokuwiki/custom/local.php /etc/dokuwiki/local.php
+
+ chown www-data /var/lib/dokuwiki/custom
+ chown www-data /var/lib/dokuwiki/custom/local.php
+ chown -R www-data /etc/dokuwiki
+ chown -R www-data /usr/share/dokuwiki/lib/
+ chmod 600 /var/lib/dokuwiki/custom/local.php
+ chmod -R 755 /usr/share/dokuwiki/lib
+
+ sed -i 's|//$conf|$conf|g' /var/lib/dokuwiki/custom/local.php
+ sed -i "s|joe|$MY_USERNAME|g" /var/lib/dokuwiki/custom/local.php
+
+ sed -i "s|Debian DokuWiki|$WIKI_TITLE|g" /etc/dokuwiki/local.php
+
+ # set the admin user
+ sed -i "s/@admin/$MY_USERNAME/g" /etc/dokuwiki/local.php
+
+ # disallow registration of new users
+ if ! grep -q "disableactions" /etc/dokuwiki/local.php; then
+ echo "\$conf['disableactions'] = 'register';" >> /etc/dokuwiki/local.php
+ fi
+ if ! grep -q "disableactions" /var/lib/dokuwiki/custom/local.php; then
+ echo "\$conf['disableactions'] = 'register';" >> /var/lib/dokuwiki/custom/local.php
+ fi
+
+ if ! grep -q "authtype" /var/lib/dokuwiki/custom/local.php; then
+ echo "\$conf['authtype'] = 'authplain';" >> /var/lib/dokuwiki/custom/local.php
+ fi
+ if ! grep -q "authtype" /etc/dokuwiki/local.php; then
+ echo "\$conf['authtype'] = 'authplain';" >> /etc/dokuwiki/local.php
+ fi
+
+ function_check get_wiki_admin_password
+ get_wiki_admin_password
+ if [ ! $WIKI_ADMIN_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ WIKI_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ WIKI_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+ HASHED_WIKI_PASSWORD=$(echo -n "$WIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
+ echo -n "$MY_USERNAME:$HASHED_WIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/lib/dokuwiki/acl/users.auth.php
+ chmod 640 /var/lib/dokuwiki/acl/users.auth.php
+
+ if ! grep -q "video/ogg" /etc/dokuwiki/mime.conf; then
+ echo 'ogv video/ogg' >> /etc/dokuwiki/mime.conf
+ fi
+ if ! grep -q "video/mp4" /etc/dokuwiki/mime.conf; then
+ echo 'mp4 video/mp4' >> /etc/dokuwiki/mime.conf
+ fi
+ if ! grep -q "video/webm" /etc/dokuwiki/mime.conf; then
+ echo 'webm video/webm' >> /etc/dokuwiki/mime.conf
+ fi
+
+ WIKI_ONION_HOSTNAME=$(add_onion_service wiki 80 ${WIKI_ONION_PORT})
+
+ if [[ $ONION_ONLY == "no" ]]; then
+ echo 'server {' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' listen 80;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo 'server {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
+ function_check nginx_ssl
+ nginx_ssl $WIKI_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $WIKI_DOMAIN_NAME
+ echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # webmail' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location /webmail {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /webmail/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /webmail/installer/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ else
+ echo -n '' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ fi
+ echo 'server {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " listen 127.0.0.1:${WIKI_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " server_name $WIKI_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $WIKI_DOMAIN_NAME
+ echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+
+ function_check create_site_certificate
+ create_site_certificate $WIKI_DOMAIN_NAME
+
+ function_check configure_php
+ configure_php
+
+ nginx_ensite $WIKI_DOMAIN_NAME
+
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ echo "Wiki onion domain:${WIKI_ONION_HOSTNAME}" >> $COMPLETION_FILE
+
+ function_check add_ddns_domain
+ add_ddns_domain $WIKI_DOMAIN_NAME
+
+ # add some post-install instructions
+ if ! grep -q $"Wiki password" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Wiki' >> /home/$MY_USERNAME/README
+ echo '====' >> /home/$MY_USERNAME/README
+ echo $"Wiki onion domain: ${WIKI_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo $"Wiki username: $MY_USERNAME" >> /home/$MY_USERNAME/README
+ echo $"Wiki password: $WIKI_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Once you have set up the wiki then remove the install file:' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo " rm /var/www/$WIKI_DOMAIN_NAME/htdocs/install.php" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ echo "Wiki domain:$WIKI_DOMAIN_NAME" >> $COMPLETION_FILE
+ echo 'install_wiki' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-xmpp b/src/freedombone-app-xmpp
index 0fe85f544..07ec079f2 100755
--- a/src/freedombone-app-xmpp
+++ b/src/freedombone-app-xmpp
@@ -37,6 +37,10 @@ XMPP_PASSWORD=
XMPP_CIPHERS='"EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA"'
XMPP_ECC_CURVE='"secp384r1"'
+function change_password_xmpp {
+ echo -n ''
+}
+
function reconfigure_xmpp {
echo -n ''
}
diff --git a/src/freedombone-app-zeronet b/src/freedombone-app-zeronet
index 339b08859..bbfa23727 100755
--- a/src/freedombone-app-zeronet
+++ b/src/freedombone-app-zeronet
@@ -49,6 +49,10 @@ ZERONET_DEFAULT_MAIL_TAGLINE="Mail for the Mesh"
ZERONET_ID_REPO="https://github.com/HelloZeroNet/ZeroID"
ZERONET_ID_COMMIT='ccf14fdc96fa9cdb2ddd8a7ab283a8e17a4f234b'
+function change_password_zeronet {
+ echo -n ''
+}
+
function reconfigure_zeronet {
echo -n ''
}
diff --git a/src/freedombone-tests b/src/freedombone-tests
index 2cf7c6741..13b292e04 100755
--- a/src/freedombone-tests
+++ b/src/freedombone-tests
@@ -34,59 +34,59 @@ export TEXTDOMAIN=${PROJECT_NAME}-tests
export TEXTDOMAINDIR="/usr/share/locale"
function show_help {
- echo ''
- echo $"${PROJECT_NAME}-tests"
- echo ''
- echo $'Runs tests on the system'
- echo ''
- echo $' --help Show help'
- echo ''
- exit 0
+ echo ''
+ echo $"${PROJECT_NAME}-tests"
+ echo ''
+ echo $'Runs tests on the system'
+ echo ''
+ echo $' --help Show help'
+ echo ''
+ exit 0
}
function test_app_function_type {
- filename=$1
- fn_type=$2
- app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
- app_function=$(cat "${filename}" | grep "function ${fn_type}_${app_name} {" | awk -F "${fn_type}_" '{print $2}' | awk -F ' ' '{print $1}')
- if [ ! ${app_function} ]; then
- echo $"Application ${app_name} does not contain a function called '${fn_type}_${app_name}'"
- echo ''
- echo "See ${filename}"
- exit 72852
- fi
+ filename=$1
+ fn_type=$2
+ app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
+ app_function=$(cat "${filename}" | grep "function ${fn_type}_${app_name} {" | awk -F "${fn_type}_" '{print $2}' | awk -F ' ' '{print $1}')
+ if [ ! ${app_function} ]; then
+ echo $"Application ${app_name} does not contain a function called '${fn_type}_${app_name}'"
+ echo ''
+ echo "See ${filename}"
+ exit 72852
+ fi
}
function test_app_functions {
- FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
+ FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
- # check that these functions exist
- interface_functions=( install remove backup_local backup_remote restore_local restore_remote upgrade reconfigure )
+ # check that these functions exist
+ interface_functions=( install remove backup_local backup_remote restore_local restore_remote upgrade reconfigure change_password )
- # for all the app scripts
- for filename in $FILES
- do
- # for each expected interface function
- for f in "${interface_functions[@]}"
- do
- test_app_function_type ${filename} $f
- done
- done
+ # for all the app scripts
+ for filename in $FILES
+ do
+ # for each expected interface function
+ for f in "${interface_functions[@]}"
+ do
+ test_app_function_type ${filename} $f
+ done
+ done
}
while [[ $# > 1 ]]
do
- key="$1"
+ key="$1"
- case $key in
- -h|--help)
- show_help
- ;;
- *)
- # unknown option
- ;;
- esac
- shift
+ case $key in
+ -h|--help)
+ show_help
+ ;;
+ *)
+ # unknown option
+ ;;
+ esac
+ shift
done
echo $'Running tests'
--
GitLab