diff options
author | Papa Dragon <dragondaddy@omtc.fr> | 2020-08-30 12:18:51 +0200 |
---|---|---|
committer | Papa Dragon <dragondaddy@omtc.fr> | 2020-08-30 12:18:51 +0200 |
commit | adee24af6fcf057ad9cedd44bd11199806b01379 (patch) | |
tree | 68a9045f881a20c683003949e81fa59727ca23ac /.homeinstall/zotserver-setup.sh | |
parent | 1b161b0ee4d16711dc6540b14f50f20b68a7b565 (diff) | |
download | volse-hubzilla-adee24af6fcf057ad9cedd44bd11199806b01379.tar.gz volse-hubzilla-adee24af6fcf057ad9cedd44bd11199806b01379.tar.bz2 volse-hubzilla-adee24af6fcf057ad9cedd44bd11199806b01379.zip |
Update of the home install setup script
- "hubzilla" replaced by "zotserver" in file names and file content when relevant
- Nginx can now be installed as the web server (Apache still chosen by default in the config file)
- Setup script now allows installation of multiple hub/instances on the same server
- Daily cron jobs script was updated an splitted : one global script launches shared commands
(SSL cert renewal + global backup on external device) and every instance has its own script for
git pull (individual scripts are launched by the global one)
Diffstat (limited to '.homeinstall/zotserver-setup.sh')
-rwxr-xr-x | .homeinstall/zotserver-setup.sh | 793 |
1 files changed, 793 insertions, 0 deletions
diff --git a/.homeinstall/zotserver-setup.sh b/.homeinstall/zotserver-setup.sh new file mode 100755 index 000000000..42ff6685d --- /dev/null +++ b/.homeinstall/zotserver-setup.sh @@ -0,0 +1,793 @@ +#!/bin/bash +# +# How to use +# ---------- +# +# This file automates the installation of +# - hubzilla: https://zotlabs.org/page/hubzilla/hubzilla-project and +# - zap: https://zotlabs.com/zap/ +# - misty : https://zotlabs.com/misty/ +# - osada : https://codeberg.org/zot/osada +# - redmatrix : https://codeberg.org/zot/redmatrix +# under Debian Linux "Buster" +# +# 1) Copy the file "zotserver-config.txt.template" to "zotserver-config.txt" +# Follow the instuctions there +# +# 2) Switch to user "root" by typing "su -" +# +# 3) Run with "./zotserver-setup.sh" +# If this fails check if you can execute the script. +# - To make it executable type "chmod +x zotserver-setup.sh" +# - or run "bash zotserver-setup.sh" +# +# +# What does this script do basically? +# ----------------------------------- +# +# This file automates the installation of a Zot hub/instance under Debian Linux +# - install +# * apache webserver, +# * php, +# * mariadb - the database for zotserver, +# * adminer, +# * git to download and update addons +# - configure cron +# * "Run.php" for regular background processes of your Zot hub/instance +# * "apt-get update" and "apt-get dist-upgrade" and "apt-get autoremove" to keep linux up-to-date +# * run command to keep the IP up-to-date > DynDNS provided by selfHOST.de or freedns.afraid.org +# * backup your server's database and files (rsync) +# - run letsencrypt to create, register and use a certifacte for https +# +# +# Discussion +# ---------- +# +# Security - password is the same for mysql-server, phpmyadmin and your hub/instance db +# - The script runs into installation errors for phpmyadmin if it uses +# different passwords. For the sake of simplicity one single password. +# +# How to restore from backup +# -------------------------- +# +# (Some explanations here would certainly be useful) +# +# Daily backup +# ------------ +# +# The installation +# - writes a shell script in /var/www/ +# - creates a daily cron that runs this script +# +# The script makes a (daily) backup of all relevant files +# - /var/lib/mysql/ > database +# - /var/www/ > hubzilla/zap/misty from git repository +# - /etc/letsencrypt/ > certificates +# +# The backup will be written on an external disk compatible to LUKS+ext4 (see zotserver-config.txt) +# +# How to restore from backup +# -------------------------- +# +# (Some explanations here would certainly be useful) +# +# +# Credits +# ------- +# +# The script is based on Thomas Willinghams script "debian-setup.sh" +# which he used to install the red#matrix. +# +# The documentation for bash is here +# https://www.gnu.org/software/bash/manual/bash.html +# +function check_sanity { + # Do some sanity checking. + print_info "Sanity check..." + if [ $(/usr/bin/id -u) != "0" ] + then + die 'Must be run by root user' + fi + + if [ -f /etc/lsb-release ] + then + die "Distribution is not supported" + fi + if [ ! -f /etc/debian_version ] + then + die "Debian is supported only" + fi + if ! grep -q 'Linux 10' /etc/issue + then + die "Linux 10 (buster) is supported only"x + fi +} + +function check_config { + print_info "config check..." + # Check for required parameters + if [ -z "$db_pass" ] + then + die "db_pass not set in $configfile" + fi + if [ -z "$le_domain" ] + then + die "le_domain not set in $configfile" + fi + # backup is important and should be checked + if [ -n "$backup_device_name" ] + then + if [ ! -d "$backup_mount_point" ] + then + mkdir "$backup_mount_point" + fi + device_mounted=0 + if fdisk -l | grep -i "$backup_device_name.*linux" + then + print_info "ok - filesystem of external device is linux" + if [ -n "$backup_device_pass" ] + then + echo "$backup_device_pass" | cryptsetup luksOpen $backup_device_name cryptobackup + if mount /dev/mapper/cryptobackup /media/zotserver_backup + then + device_mounted=1 + print_info "ok - could encrypt and mount external backup device" + umount /media/zotserver_backup + else + print_warn "backup to external device will fail because encryption failed" + fi + cryptsetup luksClose cryptobackup + else + if mount $backup_device_name /media/zotserver_backup + then + device_mounted=1 + print_info "ok - could mount external backup device" + umount /media/zotserver_backup + else + print_warn "backup to external device will fail because mount failed" + fi + fi + else + print_warn "backup to external device will fail because filesystem is either not linux or 'backup_device_name' is not correct in $configfile" + fi + if [ $device_mounted == 0 ] + then + die "backup device not ready" + fi + fi +} + +function die { + echo "ERROR: $1" > /dev/null 1>&2 + exit 1 +} + + +function update_upgrade { + print_info "updated and upgrade..." + # Run through the apt-get update/upgrade first. This should be done before + # we try to install any package + apt-get -q -y update && apt-get -q -y dist-upgrade + print_info "updated and upgraded linux" +} + +function check_install { + if [ -z "`which "$1" 2>/dev/null`" ] + then + # export DEBIAN_FRONTEND=noninteractive ... answers from the package + # configuration database + # - q ... without progress information + # - y ... answer interactive questions with "yes" + # DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends -q -y install $2 + DEBIAN_FRONTEND=noninteractive apt-get -q -y install $2 + print_info "installed $2 installed for $1" + else + print_warn "$2 already installed" + fi +} + +function nocheck_install { + # export DEBIAN_FRONTEND=noninteractive ... answers from the package configuration database + # - q ... without progress information + # - y ... answer interactive questions with "yes" + # DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends -q -y install $2 + # DEBIAN_FRONTEND=noninteractive apt-get --install-suggests -q -y install $1 + DEBIAN_FRONTEND=noninteractive apt-get -q -y install $1 + print_info "installed $1" +} + + +function print_info { + echo -n -e '\e[1;34m' + echo -n $1 + echo -e '\e[0m' +} + +function print_warn { + echo -n -e '\e[1;31m' + echo -n $1 + echo -e '\e[0m' +} + +function stop_zotserver { + if [ $webserver = "nginx" ] + then + print_info "stopping nginx webserver..." + systemctl stop nginx + elif [ $webserver = "apache" ] + then + print_info "stopping apache webserver..." + systemctl stop apache2 + fi + print_info "stopping mysql db..." + systemctl stop mariadb +} + +function install_apache { + print_info "installing apache..." + nocheck_install "apache2 apache2-utils" + a2enmod rewrite + systemctl restart apache2 +} + +function install_nginx { + print_info "installing nginx..." + nocheck_install "nginx" + systemctl restart nginx +} + +function add_vhost { + print_info "adding apache vhost" + echo "<VirtualHost *:80>" >> "/etc/apache2/sites-available/${le_domain}.conf" + echo "ServerName ${le_domain}" >> "/etc/apache2/sites-available/${le_domain}.conf" + echo "DocumentRoot $install_path" >> "/etc/apache2/sites-available/${le_domain}.conf" + echo "</VirtualHost>" >> "/etc/apache2/sites-available/${le_domain}.conf" + a2ensite $le_domain +} + +function add_nginx_block { + print_info "adding nginx block" + sed "s|SERVER_NAME|${le_domain}|g;s|INSTALL_PATH|${install_path}|g;s|ZOTSERVER_LOG|${install_folder}-${zotserver}.log|;s|PHP_FPM_SOCK|$(ls /var/run/php/*sock)|;" nginx-zotserver.conf.template >> /etc/nginx/sites-enabled/${le_domain}.conf + ln -s /etc/nginx/sites-enabled/${le_domain}.conf /etc/nginx/sites-available/ +} + +function install_imagemagick { + print_info "installing imagemagick..." + nocheck_install "imagemagick" +} + +function install_curl { + print_info "installing curl..." + nocheck_install "curl" +} + +function install_wget { + print_info "installing wget..." + nocheck_install "wget" +} + +function install_sendmail { + print_info "installing sendmail..." + nocheck_install "sendmail sendmail-bin" +} + +function install_php { + # openssl and mbstring are included in libapache2-mod-php + print_info "installing php..." + if [ $webserver = "nginx" ] + then + nocheck_install "php php-pear php-curl php-gd php-mbstring php-xml php-zip php-fpm" + sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/7.3/fpm/php.ini + sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/7.3/fpm/php.ini + systemctl reload php7.3-fpm + elif [ $webserver = "apache" ] + then + nocheck_install "libapache2-mod-php php php-pear php-curl php-gd php-mbstring php-xml php-zip" + sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/7.3/apache2/php.ini + sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/7.3/apache2/php.ini + fi +} + +function install_mysql { + print_info "installing mysql..." + if [ -z "$mysqlpass" ] + then + die "mysqlpass not set in $configfile" + fi + if type mysql ; then + echo "Yes, mysql is installed" + else + echo "mariadb-server" + nocheck_install "mariadb-server" + systemctl status mariadb + systemctl start mariadb + mysql --user=root <<_EOF_ +UPDATE mysql.user SET Password=PASSWORD('${mysqlpass}') WHERE User='root'; +DELETE FROM mysql.user WHERE User=''; +DROP DATABASE IF EXISTS test; +DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'; +FLUSH PRIVILEGES; +_EOF_ + fi +} + +function install_adminer { + print_info "installing adminer..." + nocheck_install "adminer" + if [ ! -f /etc/adminer/adminer.conf ] + then + echo "Alias /adminer /usr/share/adminer/adminer" > /etc/adminer/adminer.conf + ln -s /etc/adminer/adminer.conf /etc/apache2/conf-available/adminer.conf + else + print_info "file /etc/adminer/adminer.conf exists already" + fi + + a2enmod rewrite + + if [ ! -f /etc/apache2/apache2.conf ] + then + die "could not find file /etc/apache2/apache2.conf" + fi + sed -i \ + "s/AllowOverride None/AllowOverride all/" \ + /etc/apache2/apache2.conf + + a2enconf adminer + systemctl restart mariadb + systemctl reload apache2 +} + +function create_zotserver_db { + print_info "creating zotserver database..." + if [ -z "$zotserver_db_name" ] + then + zotserver_db_name=$zotserver + fi + if [ -z "$zotserver_db_user" ] + then + zotserver_db_user=$zotserver + fi + if [ -z "$zotserver_db_pass" ] + then + die "zotserver_db_pass not set in $configfile" + fi + systemctl restart mariadb + # Make sure we don't write over an already existing database if we install more than one Zot hub/instance + if [ -z $(mysql -h localhost -u root -p$mysqlpass -e "SHOW DATABASES;" | grep $zotserver_db_name) ] + then + Q1="CREATE DATABASE IF NOT EXISTS $zotserver_db_name;" + Q2="GRANT USAGE ON *.* TO $zotserver_db_user@localhost IDENTIFIED BY '$zotserver_db_pass';" + Q3="GRANT ALL PRIVILEGES ON $zotserver_db_name.* to $zotserver_db_user@localhost identified by '$zotserver_db_pass';" + Q4="FLUSH PRIVILEGES;" + SQL="${Q1}${Q2}${Q3}${Q4}" + mysql -uroot -p$mysqlpass -e "$SQL" + else + die "Can't write over an already existing database!" + fi +} + +function run_freedns { + print_info "run freedns (dynamic IP)..." + if [ -z "$freedns_key" ] + then + print_info "freedns was not started because 'freedns_key' is empty in $configfile" + else + if [ -n "$selfhost_user" ] + then + die "You can not use freeDNS AND selfHOST for dynamic IP updates ('freedns_key' AND 'selfhost_user' set in $configfile)" + fi + wget --no-check-certificate -O - http://freedns.afraid.org/dynamic/update.php?$freedns_key + fi +} + +function install_run_selfhost { + print_info "install and start selfhost (dynamic IP)..." + if [ -z "$selfhost_user" ] + then + print_info "selfHOST was not started because 'selfhost_user' is empty in $configfile" + else + if [ -n "$freedns_key" ] + then + die "You can not use freeDNS AND selfHOST for dynamic IP updates ('freedns_key' AND 'selfhost_user' set in $configfile)" + fi + if [ -z "$selfhost_pass" ] + then + die "selfHOST was not started because 'selfhost_pass' is empty in $configfile" + fi + if [ ! -d $selfhostdir ] + then + mkdir $selfhostdir + fi + # the old way + # https://carol.selfhost.de/update?username=123456&password=supersafe + # + # the prefered way + wget --output-document=$selfhostdir/$selfhostscript http://jonaspasche.de/selfhost-updater + echo "router" > $selfhostdir/device + echo "$selfhost_user" > $selfhostdir/user + echo "$selfhost_pass" > $selfhostdir/pass + bash $selfhostdir/$selfhostscript update + fi +} + +function ping_domain { + print_info "ping domain $domain..." + # Is the domain resolved? Try to ping 6 times à 10 seconds + COUNTER=0 + for i in {1..6} + do + print_info "loop $i for ping -c 1 $domain ..." + if ping -c 4 -W 1 $le_domain + then + print_info "$le_domain resolved" + break + else + if [ $i -gt 5 ] + then + die "Failed to: ping -c 1 $domain not resolved" + fi + fi + sleep 10 + done + sleep 5 +} + +function configure_cron_freedns { + print_info "configure cron for freedns..." + if [ -z "$freedns_key" ] + then + print_info "freedns is not configured because freedns_key is empty in $configfile" + else + # Use cron for dynamich ip update + # - at reboot + # - every 30 minutes + if [ -z "`grep 'freedns.afraid.org' /etc/crontab`" ] + then + echo "@reboot root http://freedns.afraid.org/dynamic/update.php?$freedns_key > /dev/null 2>&1" >> /etc/crontab + echo "*/30 * * * * root wget --no-check-certificate -O - http://freedns.afraid.org/dynamic/update.php?$freedns_key > /dev/null 2>&1" >> /etc/crontab + else + print_info "cron for freedns was configured already" + fi + fi +} + +function configure_cron_selfhost { + print_info "configure cron for selfhost..." + if [ -z "$selfhost_user" ] + then + print_info "selfhost is not configured because selfhost_key is empty in $configfile" + else + # Use cron for dynamich ip update + # - at reboot + # - every 5 minutes + if [ -z "`grep 'selfhost-updater.sh' /etc/crontab`" ] + then + echo "@reboot root bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab + echo "*/5 * * * * root /bin/bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab + else + print_info "cron for selfhost was configured already" + fi + fi +} + +function install_letsencrypt { + print_info "installing let's encrypt ..." + # check if user gave domain + if [ -z "$le_domain" ] + then + die "Failed to install let's encrypt: 'le_domain' is empty in $configfile" + fi + if [ -z "$le_email" ] + then + die "Failed to install let's encrypt: 'le_email' is empty in $configfile" + fi + if [ $webserver = "nginx" ] + then + nocheck_install "certbot" + print_info "run certbot..." + systemctl stop nginx + certbot certonly --standalone -d $le_domain -m $le_email --agree-tos --non-interactive + systemctl start nginx + elif [ $webserver = "apache" ] + then + nocheck_install "certbot python-certbot-apache" + print_info "run certbot ..." + certbot --apache -w $install_path -d $le_domain -m $le_email --agree-tos --non-interactive --redirect --hsts --uir + service apache2 restart + fi +} + +function check_https { + print_info "checking httpS > testing ..." + url_https=https://$le_domain + wget_output=$(wget -nv --spider --max-redirect 0 $url_https) + if [ $? -ne 0 ] + then + print_warn "check not ok" + else + print_info "check ok" + fi +} + +function zotserver_name { + if git remote -v | grep -i "origin.*hubzilla.*" + then + zotserver=hubzilla + elif git remote -v | grep -i "origin.*zap.*" + then + zotserver=zap + elif git remote -v | grep -i "origin.*misty.*" + then + zotserver=misty + elif git remote -v | grep -i "origin.*osada.*" + then + zotserver=osada + elif git remote -v | grep -i "origin.*redmatrix.*" + then + zotserver=redmatrix + else + die "neither redmatrix, osada, misty, zap nor hubzilla repository > did not install redmatrix/osada/misty/zap/hubzilla" + fi +} + +function install_zotserver { + print_info "installing addons..." + cd $install_path/ + if [ $zotserver = "hubzilla" ] + then + print_info "hubzilla" + util/add_addon_repo https://framagit.org/hubzilla/addons hzaddons + elif [ $zotserver = "zap" ] + then + print_info "zap" + util/add_addon_repo https://codeberg.org/zot/zap-addons.git zaddons + elif [ $zotserver = "misty" ] + then + print_info "misty" + util/add_addon_repo https://codeberg.org/zot/misty-addons.git maddons + elif [ $zotserver = "osada" ] + then + print_info "osada" + util/add_addon_repo https://codeberg.org/zot/osada-addons.git oaddons + elif [ $zotserver = "redmatrix" ] + then + print_info "redmatrix" + util/add_addon_repo https://codeberg.org/zot/redmatrix-addons.git raddons + else + die "neither redmatrix, osada, misty, zap nor hubzilla repository > did not install addons or redmatrix/osada/misty/zap/hubzilla" + fi + mkdir -p "cache/smarty3" + mkdir -p "store" + chmod -R 777 store + touch .htconfig.php + chmod ou+w .htconfig.php + cd /var/www/ + chown -R www-data:www-data $install_path + chown root:www-data $install_path/ + chown root:www-data $install_path/.htaccess + chmod 0644 $install_path/.htaccess + print_info "installed addons" +} + +function install_rsync { + print_info "installing rsync..." + nocheck_install "rsync" +} + +function install_cryptosetup { + print_info "installing cryptsetup..." + nocheck_install "cryptsetup" +} + +function configure_zotserverdaily { + echo "#!/bin/sh" >> /var/www/$zotserverdaily + echo "#" >> /var/www/$zotserverdaily + echo "# update of $le_domain Zot hub/instance" >> /var/www/$zotserverdaily + echo "echo \"\$(date) - updating core and addons...\"" >> /var/www/$zotserverdaily + echo "echo \"reaching git repository for $le_domain $zotserver hub/instance...\"" >> /var/www/$zotserverdaily + echo "(cd $install_path ; util/udall)" >> /var/www/$zotserverdaily + echo "chown -R www-data:www-data $install_path # make all accessible for the webserver" >> /var/www/$zotserverdaily + if [ $webserver = "apache" ] + then + echo "chown root:www-data $install_path/.htaccess" >> /var/www/$zotserverdaily + echo "chmod 0644 $install_path/.htaccess # www-data can read but not write it" >> /var/www/$zotserverdaily + fi + chmod a+x /var/www/$zotserverdaily +} + +function configure_cron_daily { + print_info "configuring cron..." + # every 10 min for poller.php + if [ -z "`grep '$install_path.*Run.php' /etc/crontab`" ] + then + echo "*/10 * * * * www-data cd $install_path; php Zotlabs/Daemon/Run.php Cron >> /dev/null 2>&1" >> /etc/crontab + fi + # Run external script daily at 05:30 + # - stop apache/nginx and mysql-server + # - renew the certificate of letsencrypt + # - backup db, files ($install_path), certificates if letsencrypt + # - update zotserver core and addon + # - update and upgrade linux + # - reboot is done by "shutdown -h now" because "reboot" hangs sometimes depending on the system + echo "#!/bin/sh" > /var/www/$zotcron + echo "#" >> /var/www/$zotcron + echo "echo \" \"" >> /var/www/$zotcron + echo "echo \"+++ \$(date) +++\"" >> /var/www/$zotcron + echo "echo \" \"" >> /var/www/$zotcron + echo "echo \"\$(date) - stopping $webserver and mysql...\"" >> /var/www/$zotcron + if [ $webserver = "nginx" ] + then + echo "systemctl stop nginx" >> /var/www/$zotcron + elif [ $webserver = "apache" ] + then + echo "service apache2 stop" >> /var/www/$zotcron + fi + echo "/etc/init.d/mysql stop # to avoid inconsistencies" >> /var/www/$zotcron + echo "#" >> /var/www/$zotcron + echo "echo \"\$(date) - renew certificate...\"" >> /var/www/$zotcron + echo "certbot renew --noninteractive" >> /var/www/$zotcron + echo "#" >> /var/www/$zotcron + echo "# backup" >> /var/www/$zotcron + echo "echo \"\$(date) - try to mount external device for backup...\"" >> /var/www/$zotcron + echo "backup_device_name=$backup_device_name" >> /var/www/$zotcron + echo "backup_device_pass=$backup_device_pass" >> /var/www/$zotcron + echo "backup_mount_point=$backup_mount_point" >> /var/www/$zotcron + echo "device_mounted=0" >> /var/www/$zotcron + echo "if [ -n \"\$backup_device_name\" ]" >> /var/www/$zotcron + echo "then" >> /var/www/$zotcron + echo " if blkid | grep $backup_device_name" >> /var/www/$zotcron + echo " then" >> /var/www/$zotcron + if [ -n "$backup_device_pass" ] + then + echo " echo \"decrypting backup device...\"" >> /var/www/$zotcron + echo " echo "\"$backup_device_pass\"" | cryptsetup luksOpen $backup_device_name cryptobackup" >> /var/www/$zotcron + fi + echo " if [ ! -d $backup_mount_point ]" >> /var/www/$zotcron + echo " then" >> /var/www/$zotcron + echo " mkdir $backup_mount_point" >> /var/www/$zotcron + echo " fi" >> /var/www/$zotcron + echo " echo \"mounting backup device...\"" >> /var/www/$zotcron + if [ -n "$backup_device_pass" ] + then + echo " if mount /dev/mapper/cryptobackup $backup_mount_point" >> /var/www/$zotcron + else + echo " if mount $backup_device_name $backup_mount_point" >> /var/www/$zotcron + fi + echo " then" >> /var/www/$zotcron + echo " device_mounted=1" >> /var/www/$zotcron + echo " echo \"device $backup_device_name is now mounted. Starting backup...\"" >> /var/www/$zotcron + echo " rsync -a --delete /var/lib/mysql/ /media/zotserver_backup/mysql" >> /var/www/$zotcron + echo " rsync -a --delete /var/www/ /media/zotserver_backup/www" >> /var/www/$zotcron + echo " rsync -a --delete /etc/letsencrypt/ /media/zotserver_backup/letsencrypt" >> /var/www/$zotcron + echo " echo \"\$(date) - disk sizes...\"" >> /var/www/$zotcron + echo " df -h" >> /var/www/$zotcron + echo " echo \"\$(date) - db size...\"" >> /var/www/$zotcron + echo " du -h $backup_mount_point | grep mysql/zotserver" >> /var/www/$zotcron + echo " echo \"unmounting backup device...\"" >> /var/www/$zotcron + echo " umount $backup_mount_point" >> /var/www/$zotcron + echo " else" >> /var/www/$zotcron + echo " echo \"failed to mount device $backup_device_name\"" >> /var/www/$zotcron + echo " fi" >> /var/www/$zotcron + if [ -n "$backup_device_pass" ] + then + echo " echo \"closing decrypted backup device...\"" >> /var/www/$zotcron + echo " cryptsetup luksClose cryptobackup" >> /var/www/$zotcron + fi + echo " fi" >> /var/www/$zotcron + echo "fi" >> /var/www/$zotcron + echo "if [ \$device_mounted == 0 ]" >> /var/www/$zotcron + echo "then" >> /var/www/$zotcron + echo " echo \"device could not be mounted $backup_device_name. No backup written.\"" >> /var/www/$zotcron + echo "fi" >> /var/www/$zotcron + echo "#" >> /var/www/$zotcron + echo "echo \"\$(date) - db size...\"" >> /var/www/$zotcron + echo "du -h /var/lib/mysql/ | grep mysql/" >> /var/www/$zotcron + echo "#" >> /var/www/$zotcron + echo "cd /var/www" >> /var/www/$zotcron + echo "for f in *-daily.sh; do \"./\${f}\"; done" >> /var/www/$zotcron + echo "echo \"\$(date) - updating linux...\"" >> /var/www/$zotcron + echo "apt-get -q -y update && apt-get -q -y dist-upgrade && apt-get -q -y autoremove # update linux and upgrade" >> /var/www/$zotcron + echo "echo \"\$(date) - Backup and update finished. Rebooting...\"" >> /var/www/$zotcron + echo "#" >> /var/www/$zotcron + echo "shutdown -r now" >> /var/www/$zotcron + + # If global cron job does not exist we add it to /etc/crontab + if grep -q $zotcron /etc/crontab + then + echo "cron job already in /etc/crontab" + else + echo "30 05 * * * root /bin/bash /var/www/$zotcron >> /var/www/zot-daily.log 2>&1" >> /etc/crontab + echo "0 0 1 * * root rm /var/www/zot-daily.log" >> /etc/crontab + fi + + # This is active after either "reboot" or cron reload" + systemctl restart cron + print_info "configured cron for updates/upgrades" +} + +######################################################################## +# START OF PROGRAM +######################################################################## +export PATH=/bin:/usr/bin:/sbin:/usr/sbin +check_sanity + +zotserver_name +print_info "We're installing a $zotserver instance" +install_path="$(dirname "$(pwd)")" +install_folder="$(basename $install_path)" + +# Read config file edited by user +configfile=zotserver-config.txt +source $configfile + +selfhostdir=/etc/selfhost +selfhostscript=selfhost-updater.sh +zotcron="zotcron.sh" +zotserverdaily="${install_folder}-${zotserver}-daily.sh" +backup_mount_point="/media/zotserver_backup" + +#set -x # activate debugging from here + +check_config +stop_zotserver +update_upgrade +install_curl +install_wget +install_sendmail +if [ $webserver = "nginx" ] +then + install_nginx +elif [ $webserver = "apache" ] +then + install_apache +else +die "Failed to install a Web server: 'webserver' not set to \"apache\" or \"nginx\" in $configfile" +fi +install_imagemagick +install_php +if [ $webserver = "nginx" ] +then + add_nginx_block +elif [ $webserver = "apache" ] +then + if [ "$install_path" != "/var/www/html" ] + then + add_vhost + fi +fi +install_mysql +if [ $webserver = "apache" ] +then +install_adminer +fi +create_zotserver_db +run_freedns +install_run_selfhost +ping_domain +configure_cron_freedns +configure_cron_selfhost + +if [ "$le_domain" != "localhost" ] +then + install_letsencrypt + check_https +else + print_info "is localhost - skipped installation of letsencrypt and configuration of apache for https" +fi + +install_zotserver + +configure_zotserverdaily + +configure_cron_daily + +if [ "$le_domain" != "localhost" ] +then + install_cryptosetup + install_rsync +else + print_info "is localhost - skipped installation of cryptosetup" +fi + + +#set +x # stop debugging from here |