From e3dafd63a26477ee2b54f520345d5e4d7ea7672c Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Sun, 16 Oct 2016 10:14:00 +0100
Subject: [PATCH] Rename wiki to dokuwiki
So that other wiki apps could be added without confusion
---
src/freedombone-app-dokuwiki | 572 ++++++++++++++++++++++++++++++++++
src/freedombone-app-wiki | 572 ----------------------------------
src/freedombone-config | 6 +-
src/freedombone-utils-dns | 8 +-
src/freedombone-utils-help | 5 -
src/freedombone-utils-onion | 6 +-
src/freedombone-utils-upgrade | 2 +-
7 files changed, 583 insertions(+), 588 deletions(-)
create mode 100755 src/freedombone-app-dokuwiki
delete mode 100755 src/freedombone-app-wiki
diff --git a/src/freedombone-app-dokuwiki b/src/freedombone-app-dokuwiki
new file mode 100755
index 000000000..534254034
--- /dev/null
+++ b/src/freedombone-app-dokuwiki
@@ -0,0 +1,572 @@
+#!/bin/bash
+#
+# .---. . .
+# | | |
+# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
+# | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
+# ' ' --' --' -' - -' ' ' -' -' -' ' - --'
+#
+# Freedom in the Cloud
+#
+# Dokuwiki application
+#
+# License
+# =======
+#
+# Copyright (C) 2014-2016 Bob Mottram <bob@robotics.uk.to>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+VARIANTS='full full-vim writer'
+
+DOKUWIKI_DOMAIN_NAME=
+DOKUWIKI_ADMIN_PASSWORD=
+DOKUWIKI_TITLE="${PROJECT_NAME} Dokuwiki"
+DOKUWIKI_CODE=
+DOKUWIKI_ONION_PORT=8089
+
+dokuwiki_variables=(ONION_ONLY
+ MY_USERNAME
+ DOKUWIKI_TITLE
+ DOKUWIKI_DOMAIN_NAME
+ DOKUWIKI_CODE
+ DDNS_PROVIDER)
+
+function install_interactive_dokuwiki {
+ if [[ $ONION_ONLY != "no" ]]; then
+ DOKUWIKI_TITLE=$'My Dokuwiki'
+ DOKUWIKI_DOMAIN_NAME='dokuwiki.local'
+ write_config_param "DOKUWIKI_TITLE" "$DOKUWIKI_TITLE"
+ write_config_param "DOKUWIKI_DOMAIN_NAME" "$DOKUWIKI_DOMAIN_NAME"
+ else
+ function_check interactive_site_details_with_title
+ interactive_site_details_with_title "dokuwiki" "DOKUWIKI_TITLE" "DOKUWIKI_DOMAIN_NAME" "DOKUWIKI_CODE"
+ fi
+ APP_INSTALLED=1
+}
+
+function change_password_dokuwiki {
+ echo -n ''
+}
+
+function reconfigure_dokuwiki {
+ echo -n ''
+}
+
+function upgrade_dokuwiki {
+ echo -n ''
+}
+
+function backup_local_dokuwiki {
+ source_directory=/var/lib/dokuwiki
+ if [ -d $source_directory ]; then
+ dest_directory=dokuwiki
+ echo $"Backing up $source_directory to $dest_directory"
+
+ function_check backup_directory_to_usb
+ backup_directory_to_usb $source_directory $dest_directory
+ backup_directory_to_usb /etc/dokuwiki dokuwiki2
+
+ echo $"Backup to $dest_directory complete"
+ fi
+}
+
+function restore_local_dokuwiki {
+ if [ -d /var/lib/dokuwiki ]; then
+ echo $"Restoring Dokuwiki installation"
+ DOKUWIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "dokuwiki domain" | awk -F ':' '{print $2}')
+ temp_restore_dir=/root/tempdokuwiki
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir dokuwiki
+ cp -r $temp_restore_dir/var/lib/dokuwiki/* /var/lib/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ function_check restore_directory_from_usb
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 868
+ fi
+ restore_directory_from_usb ${temp_restore_dir}2 dokuwiki2
+ cp -r ${temp_restore_dir}2/etc/dokuwiki/* /etc/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 869
+ fi
+ rm -rf $temp_restore_dir
+ rm -rf ${temp_restore_dir}2
+ chown -R www-data:www-data /var/lib/dokuwiki/*
+ # Ensure that the bundled SSL cert is being used
+ if [ -f /etc/ssl/certs/${DOKUWIKI_DOMAIN_NAME}.bundle.crt ]; then
+ sed -i "s|${DOKUWIKI_DOMAIN_NAME}.crt|${DOKUWIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${DOKUWIKI_DOMAIN_NAME}
+ fi
+ if [ -d /etc/letsencrypt/live/${DOKUWIKI_DOMAIN_NAME} ]; then
+ ln -s /etc/letsencrypt/live/${DOKUWIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${DOKUWIKI_DOMAIN_NAME}.key
+ ln -s /etc/letsencrypt/live/${DOKUWIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${DOKUWIKI_DOMAIN_NAME}.pem
+ fi
+ echo $"Restore of Dokuwiki complete"
+ fi
+}
+
+function backup_remote_dokuwiki {
+ if [ -d /etc/dokuwiki ]; then
+ echo $"Backing up dokuwiki"
+ backup_directory_to_friend /var/lib/dokuwiki dokuwiki
+ backup_directory_to_friend /etc/dokuwiki dokuwiki2
+ fi
+}
+
+function restore_remote_dokuwiki {
+ if [ -d $SERVER_DIRECTORY/backup/dokuwiki ]; then
+ DOKUWIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "dokuwiki domain" | awk -F ':' '{print $2}')
+ echo $"Restoring Dokuwiki installation $DOKUWIKI_DOMAIN_NAME"
+ function_check restore_directory_from_friend
+ restore_directory_from_friend /root/tempdokuwiki dokuwiki
+ cp -r /root/tempdokuwiki/var/lib/dokuwiki/* /var/lib/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ exit 868
+ fi
+ restore_directory_from_friend /root/tempdokuwiki2 dokuwiki2
+ cp -r /root/tempdokuwiki2/etc/dokuwiki/* /etc/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ exit 869
+ fi
+ rm -rf /root/tempdokuwiki
+ rm -rf /root/tempdokuwiki2
+ chown -R www-data:www-data /var/lib/dokuwiki/*
+ # Ensure that the bundled SSL cert is being used
+ if [ -f /etc/ssl/certs/${DOKUWIKI_DOMAIN_NAME}.bundle.crt ]; then
+ sed -i "s|${DOKUWIKI_DOMAIN_NAME}.crt|${DOKUWIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${DOKUWIKI_DOMAIN_NAME}
+ fi
+ if [ -d /etc/letsencrypt/live/${DOKUWIKI_DOMAIN_NAME} ]; then
+ ln -s /etc/letsencrypt/live/${DOKUWIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${DOKUWIKI_DOMAIN_NAME}.key
+ ln -s /etc/letsencrypt/live/${DOKUWIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${DOKUWIKI_DOMAIN_NAME}.pem
+ fi
+ echo $"Restore of Dokuwiki complete"
+ fi
+}
+
+function remove_dokuwiki {
+ if [ ${#DOKUWIKI_DOMAIN_NAME} -eq 0 ]; then
+ return
+ fi
+ function_check remove_onion_service
+ remove_onion_service dokuwiki ${DOKUWIKI_ONION_PORT}
+ nginx_dissite $DOKUWIKI_DOMAIN_NAME
+ if [ -f /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME ]; then
+ rm /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ fi
+ apt-get -y remove --purge dokuwiki
+ if [ ! -d /var/www/$DOKUWIKI_DOMAIN_NAME ]; then
+ rm -rf /var/www/$DOKUWIKI_DOMAIN_NAME
+ fi
+ if [ -d /var/lib/dokuwiki ]; then
+ rm -rf /var/lib/dokuwiki
+ fi
+ if [ -d /etc/dokuwiki ]; then
+ rm -rf /etc/dokuwiki
+ fi
+ if [ -d /usr/share/dokuwiki ]; then
+ rm -rf /usr/share/dokuwiki
+ fi
+ sed -i '/install_dokuwiki/d' $COMPLETION_FILE
+}
+
+function get_dokuwiki_admin_password {
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "Dokuwiki password" /home/$MY_USERNAME/README; then
+ DOKUWIKI_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Dokuwiki password:" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
+ fi
+}
+
+function install_dokuwiki {
+ if [ ! $DOKUWIKI_DOMAIN_NAME ]; then
+ return
+ fi
+ apt-get -y install dokuwiki
+ apt-get -y remove --purge apache*
+ if [ -d /etc/apache2 ]; then
+ rm -rf /etc/apache2
+ echo $'Removed Apache installation after Dokuwiki install'
+ fi
+
+ if [ ! -d /var/www/$DOKUWIKI_DOMAIN_NAME ]; then
+ mkdir /var/www/$DOKUWIKI_DOMAIN_NAME
+ fi
+ if [ -d /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs ]; then
+ rm -rf /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
+ fi
+
+ ln -s /usr/share/dokuwiki /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
+
+ if [ ! -d /var/lib/dokuwiki/custom ]; then
+ mkdir /var/lib/dokuwiki/custom
+ fi
+ cp /etc/dokuwiki/local.php.dist /var/lib/dokuwiki/custom/local.php
+ if [ ! -f /etc/dokuwiki/local.php ]; then
+ ln -s /var/lib/dokuwiki/custom/local.php /etc/dokuwiki/local.php
+ fi
+
+ chown www-data /var/lib/dokuwiki/custom
+ chown www-data /var/lib/dokuwiki/custom/local.php
+ chown -R www-data /etc/dokuwiki
+ chown -R www-data /usr/share/dokuwiki/lib/
+ chmod 600 /var/lib/dokuwiki/custom/local.php
+ chmod -R 755 /usr/share/dokuwiki/lib
+
+ sed -i 's|//$conf|$conf|g' /var/lib/dokuwiki/custom/local.php
+ sed -i "s|joe|$MY_USERNAME|g" /var/lib/dokuwiki/custom/local.php
+
+ sed -i "s|Debian Dokuwiki|$DOKUWIKI_TITLE|g" /etc/dokuwiki/local.php
+
+ # set the admin user
+ sed -i "s/@admin/$MY_USERNAME/g" /etc/dokuwiki/local.php
+
+ # disallow registration of new users
+ if ! grep -q "disableactions" /etc/dokuwiki/local.php; then
+ echo "\$conf['disableactions'] = 'register';" >> /etc/dokuwiki/local.php
+ fi
+ if ! grep -q "disableactions" /var/lib/dokuwiki/custom/local.php; then
+ echo "\$conf['disableactions'] = 'register';" >> /var/lib/dokuwiki/custom/local.php
+ fi
+
+ if ! grep -q "authtype" /var/lib/dokuwiki/custom/local.php; then
+ echo "\$conf['authtype'] = 'authplain';" >> /var/lib/dokuwiki/custom/local.php
+ fi
+ if ! grep -q "authtype" /etc/dokuwiki/local.php; then
+ echo "\$conf['authtype'] = 'authplain';" >> /etc/dokuwiki/local.php
+ fi
+
+ function_check get_dokuwiki_admin_password
+ get_dokuwiki_admin_password
+ if [ ! $DOKUWIKI_ADMIN_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ DOKUWIKI_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ DOKUWIKI_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+ HASHED_DOKUWIKI_PASSWORD=$(echo -n "$DOKUWIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
+ echo -n "$MY_USERNAME:$HASHED_DOKUWIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/lib/dokuwiki/acl/users.auth.php
+ chmod 640 /var/lib/dokuwiki/acl/users.auth.php
+
+ if ! grep -q "video/ogg" /etc/dokuwiki/mime.conf; then
+ echo 'ogv video/ogg' >> /etc/dokuwiki/mime.conf
+ fi
+ if ! grep -q "video/mp4" /etc/dokuwiki/mime.conf; then
+ echo 'mp4 video/mp4' >> /etc/dokuwiki/mime.conf
+ fi
+ if ! grep -q "video/webm" /etc/dokuwiki/mime.conf; then
+ echo 'webm video/webm' >> /etc/dokuwiki/mime.conf
+ fi
+
+ DOKUWIKI_ONION_HOSTNAME=$(add_onion_service dokuwiki 80 ${DOKUWIKI_ONION_PORT})
+
+ if [[ $ONION_ONLY == "no" ]]; then
+ echo 'server {' > /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' listen 80;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " root /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " server_name $DOKUWIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${DOKUWIKI_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $DOKUWIKI_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $DOKUWIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $DOKUWIKI_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' #deny access to store' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /store {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo 'server {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " root /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " server_name $DOKUWIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${DOKUWIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_ssl
+ nginx_ssl $DOKUWIKI_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $DOKUWIKI_DOMAIN_NAME
+ echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # webmail' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location /webmail {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $DOKUWIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /webmail/index.php last;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /webmail/installer/index.php last;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $DOKUWIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $DOKUWIKI_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' #deny access to store' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /store {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ else
+ echo -n '' > /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ fi
+ echo 'server {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " listen 127.0.0.1:${DOKUWIKI_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " root /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " server_name $DOKUWIKI_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${DOKUWIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $DOKUWIKI_DOMAIN_NAME
+ echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $DOKUWIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $DOKUWIKI_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' #deny access to store' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /store {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
+
+ function_check create_site_certificate
+ create_site_certificate $DOKUWIKI_DOMAIN_NAME
+
+ function_check configure_php
+ configure_php
+
+ nginx_ensite $DOKUWIKI_DOMAIN_NAME
+
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ function_check add_ddns_domain
+ add_ddns_domain $DOKUWIKI_DOMAIN_NAME
+
+ # add some post-install instructions
+ if ! grep -q $"Dokuwiki password" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Dokuwiki' >> /home/$MY_USERNAME/README
+ echo '====' >> /home/$MY_USERNAME/README
+ echo $"Dokuwiki onion domain: ${DOKUWIKI_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo $"Dokuwiki username: $MY_USERNAME" >> /home/$MY_USERNAME/README
+ echo $"Dokuwiki password: $DOKUWIKI_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Once you have set up the dokuwiki then remove the install file:' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo " rm /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/install.php" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ if ! grep -q "dokuwiki domain" $COMPLETION_FILE; then
+ echo "dokuwiki domain:$DOKUWIKI_DOMAIN_NAME" >> $COMPLETION_FILE
+ else
+ sed -i "s|dokuwiki domain.*|dokuwiki domain:$DOKUWIKI_DOMAIN_NAME|g" $COMPLETION_FILE
+ fi
+ APP_INSTALLED=1
+}
+
+# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-wiki b/src/freedombone-app-wiki
deleted file mode 100755
index 67ed498a3..000000000
--- a/src/freedombone-app-wiki
+++ /dev/null
@@ -1,572 +0,0 @@
-#!/bin/bash
-#
-# .---. . .
-# | | |
-# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
-# | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
-# ' ' --' --' -' - -' ' ' -' -' -' ' - --'
-#
-# Freedom in the Cloud
-#
-# Wiki application
-#
-# License
-# =======
-#
-# Copyright (C) 2014-2016 Bob Mottram <bob@robotics.uk.to>
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-VARIANTS='full full-vim writer'
-
-WIKI_DOMAIN_NAME=
-WIKI_ADMIN_PASSWORD=
-WIKI_TITLE="${PROJECT_NAME} Wiki"
-WIKI_CODE=
-WIKI_ONION_PORT=8089
-
-wiki_variables=(ONION_ONLY
- MY_USERNAME
- WIKI_TITLE
- WIKI_DOMAIN_NAME
- WIKI_CODE
- DDNS_PROVIDER)
-
-function install_interactive_wiki {
- if [[ $ONION_ONLY != "no" ]]; then
- WIKI_TITLE=$'My Wiki'
- WIKI_DOMAIN_NAME='wiki.local'
- write_config_param "WIKI_TITLE" "$WIKI_TITLE"
- write_config_param "WIKI_DOMAIN_NAME" "$WIKI_DOMAIN_NAME"
- else
- function_check interactive_site_details_with_title
- interactive_site_details_with_title "wiki" "WIKI_TITLE" "WIKI_DOMAIN_NAME" "WIKI_CODE"
- fi
- APP_INSTALLED=1
-}
-
-function change_password_wiki {
- echo -n ''
-}
-
-function reconfigure_wiki {
- echo -n ''
-}
-
-function upgrade_wiki {
- echo -n ''
-}
-
-function backup_local_wiki {
- source_directory=/var/lib/dokuwiki
- if [ -d $source_directory ]; then
- dest_directory=wiki
- echo $"Backing up $source_directory to $dest_directory"
-
- function_check backup_directory_to_usb
- backup_directory_to_usb $source_directory $dest_directory
- backup_directory_to_usb /etc/dokuwiki wiki2
-
- echo $"Backup to $dest_directory complete"
- fi
-}
-
-function restore_local_wiki {
- if [ -d /var/lib/dokuwiki ]; then
- echo $"Restoring Wiki installation"
- WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "wiki domain" | awk -F ':' '{print $2}')
- temp_restore_dir=/root/tempwiki
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir wiki
- cp -r $temp_restore_dir/var/lib/dokuwiki/* /var/lib/dokuwiki/
- if [ ! "$?" = "0" ]; then
- function_check restore_directory_from_usb
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 868
- fi
- restore_directory_from_usb ${temp_restore_dir}2 wiki2
- cp -r ${temp_restore_dir}2/etc/dokuwiki/* /etc/dokuwiki/
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 869
- fi
- rm -rf $temp_restore_dir
- rm -rf ${temp_restore_dir}2
- chown -R www-data:www-data /var/lib/dokuwiki/*
- # Ensure that the bundled SSL cert is being used
- if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
- sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
- fi
- if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
- fi
- echo $"Restore of Wiki complete"
- fi
-}
-
-function backup_remote_wiki {
- if [ -d /etc/dokuwiki ]; then
- echo $"Backing up wiki"
- backup_directory_to_friend /var/lib/dokuwiki wiki
- backup_directory_to_friend /etc/dokuwiki wiki2
- fi
-}
-
-function restore_remote_wiki {
- if [ -d $SERVER_DIRECTORY/backup/wiki ]; then
- WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "wiki domain" | awk -F ':' '{print $2}')
- echo $"Restoring Wiki installation $WIKI_DOMAIN_NAME"
- function_check restore_directory_from_friend
- restore_directory_from_friend /root/tempwiki wiki
- cp -r /root/tempwiki/var/lib/dokuwiki/* /var/lib/dokuwiki/
- if [ ! "$?" = "0" ]; then
- exit 868
- fi
- restore_directory_from_friend /root/tempwiki2 wiki2
- cp -r /root/tempwiki2/etc/dokuwiki/* /etc/dokuwiki/
- if [ ! "$?" = "0" ]; then
- exit 869
- fi
- rm -rf /root/tempwiki
- rm -rf /root/tempwiki2
- chown -R www-data:www-data /var/lib/dokuwiki/*
- # Ensure that the bundled SSL cert is being used
- if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
- sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
- fi
- if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
- fi
- echo $"Restore of Wiki complete"
- fi
-}
-
-function remove_wiki {
- if [ ${#WIKI_DOMAIN_NAME} -eq 0 ]; then
- return
- fi
- function_check remove_onion_service
- remove_onion_service wiki ${WIKI_ONION_PORT}
- nginx_dissite $WIKI_DOMAIN_NAME
- if [ -f /etc/nginx/sites-available/$WIKI_DOMAIN_NAME ]; then
- rm /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- fi
- apt-get -y remove --purge dokuwiki
- if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
- rm -rf /var/www/$WIKI_DOMAIN_NAME
- fi
- if [ -d /var/lib/dokuwiki ]; then
- rm -rf /var/lib/dokuwiki
- fi
- if [ -d /etc/dokuwiki ]; then
- rm -rf /etc/dokuwiki
- fi
- if [ -d /usr/share/dokuwiki ]; then
- rm -rf /usr/share/dokuwiki
- fi
- sed -i '/install_wiki/d' $COMPLETION_FILE
-}
-
-function get_wiki_admin_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "Wiki password" /home/$MY_USERNAME/README; then
- WIKI_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Wiki password:" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
-}
-
-function install_wiki {
- if [ ! $WIKI_DOMAIN_NAME ]; then
- return
- fi
- apt-get -y install dokuwiki
- apt-get -y remove --purge apache*
- if [ -d /etc/apache2 ]; then
- rm -rf /etc/apache2
- echo $'Removed Apache installation after Dokuwiki install'
- fi
-
- if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
- mkdir /var/www/$WIKI_DOMAIN_NAME
- fi
- if [ -d /var/www/$WIKI_DOMAIN_NAME/htdocs ]; then
- rm -rf /var/www/$WIKI_DOMAIN_NAME/htdocs
- fi
-
- ln -s /usr/share/dokuwiki /var/www/$WIKI_DOMAIN_NAME/htdocs
-
- if [ ! -d /var/lib/dokuwiki/custom ]; then
- mkdir /var/lib/dokuwiki/custom
- fi
- cp /etc/dokuwiki/local.php.dist /var/lib/dokuwiki/custom/local.php
- if [ ! -f /etc/dokuwiki/local.php ]; then
- ln -s /var/lib/dokuwiki/custom/local.php /etc/dokuwiki/local.php
- fi
-
- chown www-data /var/lib/dokuwiki/custom
- chown www-data /var/lib/dokuwiki/custom/local.php
- chown -R www-data /etc/dokuwiki
- chown -R www-data /usr/share/dokuwiki/lib/
- chmod 600 /var/lib/dokuwiki/custom/local.php
- chmod -R 755 /usr/share/dokuwiki/lib
-
- sed -i 's|//$conf|$conf|g' /var/lib/dokuwiki/custom/local.php
- sed -i "s|joe|$MY_USERNAME|g" /var/lib/dokuwiki/custom/local.php
-
- sed -i "s|Debian DokuWiki|$WIKI_TITLE|g" /etc/dokuwiki/local.php
-
- # set the admin user
- sed -i "s/@admin/$MY_USERNAME/g" /etc/dokuwiki/local.php
-
- # disallow registration of new users
- if ! grep -q "disableactions" /etc/dokuwiki/local.php; then
- echo "\$conf['disableactions'] = 'register';" >> /etc/dokuwiki/local.php
- fi
- if ! grep -q "disableactions" /var/lib/dokuwiki/custom/local.php; then
- echo "\$conf['disableactions'] = 'register';" >> /var/lib/dokuwiki/custom/local.php
- fi
-
- if ! grep -q "authtype" /var/lib/dokuwiki/custom/local.php; then
- echo "\$conf['authtype'] = 'authplain';" >> /var/lib/dokuwiki/custom/local.php
- fi
- if ! grep -q "authtype" /etc/dokuwiki/local.php; then
- echo "\$conf['authtype'] = 'authplain';" >> /etc/dokuwiki/local.php
- fi
-
- function_check get_wiki_admin_password
- get_wiki_admin_password
- if [ ! $WIKI_ADMIN_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- WIKI_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- WIKI_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- HASHED_WIKI_PASSWORD=$(echo -n "$WIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
- echo -n "$MY_USERNAME:$HASHED_WIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/lib/dokuwiki/acl/users.auth.php
- chmod 640 /var/lib/dokuwiki/acl/users.auth.php
-
- if ! grep -q "video/ogg" /etc/dokuwiki/mime.conf; then
- echo 'ogv video/ogg' >> /etc/dokuwiki/mime.conf
- fi
- if ! grep -q "video/mp4" /etc/dokuwiki/mime.conf; then
- echo 'mp4 video/mp4' >> /etc/dokuwiki/mime.conf
- fi
- if ! grep -q "video/webm" /etc/dokuwiki/mime.conf; then
- echo 'webm video/webm' >> /etc/dokuwiki/mime.conf
- fi
-
- WIKI_ONION_HOSTNAME=$(add_onion_service wiki 80 ${WIKI_ONION_PORT})
-
- if [[ $ONION_ONLY == "no" ]]; then
- echo 'server {' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' listen 80;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $WIKI_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo 'server {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_ssl
- nginx_ssl $WIKI_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $WIKI_DOMAIN_NAME
- echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # webmail' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location /webmail {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /webmail/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /webmail/installer/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- else
- echo -n '' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- fi
- echo 'server {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " listen 127.0.0.1:${WIKI_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " server_name $WIKI_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $WIKI_DOMAIN_NAME
- echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
-
- function_check create_site_certificate
- create_site_certificate $WIKI_DOMAIN_NAME
-
- function_check configure_php
- configure_php
-
- nginx_ensite $WIKI_DOMAIN_NAME
-
- systemctl restart php5-fpm
- systemctl restart nginx
-
- function_check add_ddns_domain
- add_ddns_domain $WIKI_DOMAIN_NAME
-
- # add some post-install instructions
- if ! grep -q $"Wiki password" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Wiki' >> /home/$MY_USERNAME/README
- echo '====' >> /home/$MY_USERNAME/README
- echo $"Wiki onion domain: ${WIKI_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo $"Wiki username: $MY_USERNAME" >> /home/$MY_USERNAME/README
- echo $"Wiki password: $WIKI_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Once you have set up the wiki then remove the install file:' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo " rm /var/www/$WIKI_DOMAIN_NAME/htdocs/install.php" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- if ! grep -q "wiki domain" $COMPLETION_FILE; then
- echo "wiki domain:$WIKI_DOMAIN_NAME" >> $COMPLETION_FILE
- else
- sed -i "s|wiki domain.*|wiki domain:$WIKI_DOMAIN_NAME|g" $COMPLETION_FILE
- fi
- APP_INSTALLED=1
-}
-
-# NOTE: deliberately no exit 0
diff --git a/src/freedombone-config b/src/freedombone-config
index 745b1228a..7b6c1f6e9 100755
--- a/src/freedombone-config
+++ b/src/freedombone-config
@@ -64,9 +64,9 @@ ENABLE_BATMAN=
DEBIAN_REPO=
NAMESERVER1=
NAMESERVER2=
-WIKI_TITLE=
-WIKI_DOMAIN_NAME=
-WIKI_CODE=
+DOKUWIKI_TITLE=
+DOKUWIKI_DOMAIN_NAME=
+DOKUWIKI_CODE=
MY_BLOG_TITLE=
FULLBLOG_DOMAIN_NAME=
FULLBLOG_CODE=
diff --git a/src/freedombone-utils-dns b/src/freedombone-utils-dns
index 500ad754b..93308d0a6 100755
--- a/src/freedombone-utils-dns
+++ b/src/freedombone-utils-dns
@@ -116,10 +116,10 @@ function create_freedns_updater {
echo "# $DEFAULT_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$DEFAULT_DOMAIN_CODE=" >> /usr/bin/dynamicdns
fi
- if [ $WIKI_CODE ]; then
- if [[ $WIKI_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
- echo "# $WIKI_DOMAIN_NAME" >> /usr/bin/dynamicdns
- echo "$FREEDNS_WGET$WIKI_CODE=" >> /usr/bin/dynamicdns
+ if [ $DOKUWIKI_CODE ]; then
+ if [[ $DOKUWIKI_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
+ echo "# $DOKUWIKI_DOMAIN_NAME" >> /usr/bin/dynamicdns
+ echo "$FREEDNS_WGET$DOKUWIKI_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $FULLBLOG_CODE ]; then
diff --git a/src/freedombone-utils-help b/src/freedombone-utils-help
index 27d8b521d..09bade8c8 100755
--- a/src/freedombone-utils-help
+++ b/src/freedombone-utils-help
@@ -47,11 +47,6 @@ function show_help {
echo $' --ddnsuser Dynamic DNS provider username'
echo $' --ddnspass Dynamic DNS provider password'
echo ''
- echo $' --microblogdomain Microblog domain name'
- echo $' --wikidomain Wiki domain name'
- echo $' --blogdomain Blog domain name'
- echo $' --hubzilladomain Hubzilla domain name'
- echo $' --gitdomain Git hosting domain name'
echo $' -t --time Domain used as a TLS time source'
echo $' --ssh ssh port number'
echo $' --list Public mailing list name'
diff --git a/src/freedombone-utils-onion b/src/freedombone-utils-onion
index 3015dbe41..30a096213 100755
--- a/src/freedombone-utils-onion
+++ b/src/freedombone-utils-onion
@@ -127,7 +127,7 @@ function set_default_onion_domains {
MICROBLOG_DOMAIN_NAME='microblog.local'
FULLBLOG_DOMAIN_NAME='blog.local'
- WIKI_DOMAIN_NAME='wiki.local'
+ DOKUWIKI_DOMAIN_NAME='dokuwiki.local'
DEFAULT_DOMAIN_NAME="${PROJECT_NAME}.local"
GIT_DOMAIN_NAME='git.local'
MEDIAGOBLIN_DOMAIN_NAME='media.local'
@@ -152,9 +152,9 @@ function create_avahi_onion_domains {
function_check create_avahi_service
create_avahi_service git http tcp $GIT_ONION_PORT
fi
- if [ $WIKI_DOMAIN_NAME ]; then
+ if [ $DOKUWIKI_DOMAIN_NAME ]; then
function_check create_avahi_service
- create_avahi_service wiki http tcp $WIKI_ONION_PORT
+ create_avahi_service dokuwiki http tcp $DOKUWIKI_ONION_PORT
fi
}
diff --git a/src/freedombone-utils-upgrade b/src/freedombone-utils-upgrade
index 055708149..2c4738d0e 100755
--- a/src/freedombone-utils-upgrade
+++ b/src/freedombone-utils-upgrade
@@ -75,7 +75,7 @@ function upgrade_installation_from_previous_versions {
sed -i 's|Blog|blog|g' $COMPLETION_FILE
sed -i 's|Hubzilla|hubzilla|g' $COMPLETION_FILE
sed -i 's|Gogs|gogs|g' $COMPLETION_FILE
- sed -i 's|Wiki|wiki|g' $COMPLETION_FILE
+ sed -i 's|Wiki|dokuwiki|g' $COMPLETION_FILE
sed -i 's|RSS|rss|g' $COMPLETION_FILE
sed -i 's|Webmail|webmail|g' $COMPLETION_FILE
sed -i 's|Zeronet|zeronet|g' $COMPLETION_FILE
--
GitLab