diff options
-rw-r--r-- | .gitlab-ci.yml | 95 | ||||
-rw-r--r-- | .homeinstall/README.md | 186 | ||||
-rw-r--r-- | .homeinstall/hubzilla-config.txt.template | 11 | ||||
-rw-r--r--[-rwxr-xr-x] | .homeinstall/hubzilla-setup.sh | 291 | ||||
-rw-r--r-- | Zotlabs/Module/Wfinger.php | 2 | ||||
-rw-r--r-- | include/event.php | 7 |
6 files changed, 179 insertions, 413 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 43c65f365..40e219551 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,6 +1,6 @@ # Select image from https://hub.docker.com/_/php/ #image: php:7.2 -# Use a prepared Hubzilla image to optimise pipeline run +# Use a prepared Hubzilla image to optimise pipeline duration image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.2 @@ -32,55 +32,28 @@ variables: before_script: +# pecl and composer do not work with PHP production restrictions (from Hubzilla Docker image) +- if [ -f /usr/local/etc/php/conf.d/z_prod.ini ]; then mv /usr/local/etc/php/conf.d/z_prod.ini /usr/local/etc/php/conf.d/z_prod.ini.off; fi # Install & enable Xdebug for code coverage reports - pecl install xdebug - docker-php-ext-enable xdebug # Install composer - curl -sS https://getcomposer.org/installer | php # Install dev libraries from composer -- php composer.phar install --no-progress +- php ./composer.phar install --no-progress -# test PHP7 with MySQL 5.7 -php7.2_mysql 1/2: +# hidden job definition with template for MySQL/MariaDB +.job_template_mysql: &job_definition_mysql stage: test - services: - - mysql:5.7 - script: - - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE" - - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE" - - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE" - - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text - - -# test PHP7 with MySQL latest (8) -php7.2_mysql 2/2: - stage: test - services: - - name: mysql:latest - command: ["--default-authentication-plugin=mysql_native_password"] script: - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE" - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE" - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE" - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text - -# test PHP7 with MariaDB latest (10.3) -php7.2_mariadb: - stage: test - services: - - name: mariadb:latest - alias: mysql - script: - - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE" - - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE" - - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE" - - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text - - -# test PHP7 with PostgreSQL latest -php7.2_postgres: +# hidden job definition with template for PostgreSQL +.job_template_postgres: &job_definition_postgres stage: test services: - postgres:latest @@ -95,7 +68,10 @@ php7.2_postgres: #- psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "\dt;" # Run the actual tests - vendor/bin/phpunit --configuration tests/phpunit-pgsql.xml --testdox - artifacts: + +# hidden job definition with artifacts config template +.artifacts_template: + artifacts: &artifacts_template expire_in: 1 week # Gitlab should show the results, but has problems parsing PHPUnit's junit file. reports: @@ -106,7 +82,52 @@ php7.2_postgres: - tests/results/ -# Generate Doxygen API Documentation and deploy it at GitLab pages +# PHP7.2 with MySQL 5.7 +php7.2_mysql5.7: + <<: *job_definition_mysql + services: + - mysql:5.7 + + +# PHP7.2 with MySQL 8 (latest) +php7.2_mysql8: + <<: *job_definition_mysql + services: + - name: mysql:8 + command: ["--default-authentication-plugin=mysql_native_password"] + + +# PHP7.2 with MariaDB 10.2 +php7.2_mariadb10.2: + <<: *job_definition_mysql + services: + - name: mariadb:10.2 + alias: mysql + + +# PHP7.3 with MariaDB 10.3 (latest) +php7.3_mariadb10.3: + <<: *job_definition_mysql + image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3 + services: + - name: mariadb:10.3 + alias: mysql + + +# PHP7.2 with PostgreSQL latest (11) +php7.2_postgres11: + <<: *job_definition_postgres + artifacts: *artifacts_template + + +# PHP7.3 with PostgreSQL latest (11) +php7.3_postgres11: + <<: *job_definition_postgres + image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3 + artifacts: *artifacts_template + + +# Generate Doxygen API Documentation and deploy it as GitLab pages pages: stage: deploy cache: {} diff --git a/.homeinstall/README.md b/.homeinstall/README.md index d63931a84..45e1ba0e6 100644 --- a/.homeinstall/README.md +++ b/.homeinstall/README.md @@ -1,16 +1,43 @@ # Hubzilla at Home next to your Router -Run hubzilla-setup.sh for an unattended installation of hubzilla. +This readme will show you how to install and run Hubzilla or Zap at home. + +The installation is done by a script. + +What the script will do for you... + ++ install everything required by Zap/Hubzilla, basically a web server (Apache), PHP, a database (MySQL), certbot,... ++ create a database ++ run certbot to have everything for a secure connection (httpS) ++ create a script for daily maintenance + - backup to external disk (certificates, database, /var/www/) + - renew certfificate (letsencrypt) + - update of Zap/Hubzilla + - update of Debian + - restart ++ create cron jobs for + - DynDNS (selfHOST.de or freedns.afraid.org) every 5 minutes + - Master.php for Zap/Hubzilla every 10 minutes + - daily maintenance script every day at 05:30 The script is known to work without adjustments with + Hardware - - Mini-PC with Debian-9.5-amd64, or - - Rapberry 3 with Raspbian, Debian-9.5 + - Mini-PC with Debian 9 (stretch), or + - Rapberry 3 with Raspbian, Debian 9 + DynDNS - selfHOST.de - freedns.afraid.org +The script can install both [Hubzilla](https://zotlabs.org/page/hubzilla/hubzilla-project) and [Zap](https://zotlabs.com/zap/). Make sure to use the correct GIT repositories. + ++ Hubzilla + - core: git clone https://framagit.org/hubzilla/core.git html (in this readme) + - addons: util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons (in hubzilla-setup.sh) ++ Zap + - core: git clone https://framagit.org/zot/zap.git html (in this readme) + - addons: util/add_addon_repo https://framagit.org/zot/zap-addons.git zaddons (in hubzilla-setup.sh) + ## Disclaimers - This script does work with Debian 9 only. @@ -29,7 +56,7 @@ Hardware Software + Fresh installation of Debian 9 (Stretch) -+ Router with open ports 80 and 443 for your Hub ++ Router with open ports 80 and 443 for your web server ## The basic steps (quick overview) @@ -44,10 +71,9 @@ Software - nano hubzilla-config.txt - Read the comments carefully - Enter your values: db pass, domain, values for dyn DNS - - Make sure your external drive (for backups) is mounted + - Prepare your external disk for backups - hubzilla-setup.sh as root - ... wait, wait, wait until the script is finised - - reboot + Open your domain with a browser and step throught the initial configuration of hubzilla. ## Troubleshooting @@ -66,57 +92,27 @@ In Admin settings of hubzilla or via terminal # Step-by-Step in Detail -## Preparations Hardware - -### Mini-PC - -### Recommended: USB Drive for Backups - -The installation will create a daily backup written to an external drive. - -The USB drive must be compatible with the filesystems - -- ext4 (if you do not want to encrypt the USB) -- LUKS + ext4 (if you want to encrypt the USB) - -The backup includes - -- Hubzilla DB -- Hubzilla installation /var/www/html -- Certificates for letsencrypt - ## Preparations Software -### Install Debian Linux on the Mini-PC - -Download the stable Debian at https://www.debian.org/ -(Debian 8 is no longer supported.) +## Install Debian 9 -Create bootable USB drive with Debian on it.You could use +Provided you use a Raspberry Pi 3... -- unetbootin, https://en.wikipedia.org/wiki/UNetbootin -- or simply the linux command "dd" +Download the OS Raspbian from https://www.raspberrypi.org/downloads/raspbian/ -Example for command dd... +Follow the installation instruction there. - su - - dd if=2018-10-09-raspbian-stretch.img of=/dev/mmcblk0 +## Configure your Router -Do not forget to unmount the SD card before and check if unmounted like in this example... +Your web has to be visible in the internet. - su - - umount /dev/mmcblk0* - df -h +Open the ports 80 and 443 on your router for your Debian. Make sure your web server is marked as "exposed host". +## Preparations Dynamic IP Address -Switch off your mini pc, plug in your USB drive and start the mini pc from the -stick. Install Debian. Follow the instructions of the installation. - -### Configure your Router - -Open the ports 80 and 443 on your router for your Debian +Follow the instructions in .homeinstall/hubzilla-config.txt. -## Preparations Dynamic IP Address +In short... Your Hubzilla must be reachable by a domain that you can type in your browser @@ -132,105 +128,15 @@ There are two ways to get a domain... ...for example buy at selfHOST.de -The cost are around 10,- € once and 1,50 € per month (2017). +The cost is 1,50 € per month (2019). ### Method 2: Register a free subdomain ...for example register at freedns.afraid.org -Follow the instructions in .homeinstall/hubzilla-config.txt. - - -## Install Hubzilla on your Debian - -Login to your debian -(Provided your username is "you" and the name of the mini pc is "debian". You -could take the IP address instead of "debian") - - ssh -X you@debian - -Change to root user - - su -l - -Install git - - apt-get install git - -Make the directory for apache and change diretory to it - - mkdir /var/www - cd /var/www/ - -Clone hubzilla from git ("git pull" will update it later) - - git clone https://framagit.org/hubzilla/core.git html - -Change to the install script - - cd html/.homeinstall/ - -Copy the template file - - cp hubzilla-config.txt.template hubzilla-config.txt - -Modify the file "hubzilla-config.txt". Read the instructions there carefully and enter your values. - - nano hubzilla-config.txt - -Make sure your external drive (for backups) is plugged in and can be mounted as configured in "hubzilla-config.txt". Otherwise the daily backups will not work. - -Run the script - - ./hubzilla-setup.sh - -Wait... The script should not finish with an error message. - -In a webbrowser open your domain. -Expected: A test page of hubzilla is shown. All checks there should be -successfull. Go on... -Expected: A page for the Hubzilla server configuration shows up. - -Leave db server name "127.0.0.1" and port "0" untouched. - -Enter - -- DB user name = hubzilla -- DB pass word = This is the password you entered in "hubzilla-config.txt" -- DB name = hubzilla - -Leave db type "MySQL" untouched. - -Follow the instructions in the next pages. - -Recommended: Set path to imagemagick - -- in admin settings of hubzilla or -- via terminal - - util/config system.imagick_convert_path /usr/bin/convert - -After the daily script was executed at 05:30 (am) - -- look at /var/www/html/hubzilla-daily.log -- check your backup on the external drive -- optionally view the daily log under yourdomain.org/admin/logs/ - - set the logfile to var/www/html/hubzilla-daily.log - - -## Install Hubzilla in a Virtual Machine for Test Purposes - -Modify the file "hubzilla-config.txt". - - nano hubzilla-config.txt - -There use - - le_domain=localhost - -## Note for the Rasperry +## Note on Rasperry -The script was tested with an Raspberry 3 under Raspian (Debian 9.5, 2018-10-09-raspbian-stretch.img). +The script was tested with an Raspberry 3 under Raspian, Debian 9. It is recommended to run the Raspi without graphical frontend (X-Server). Use... @@ -240,7 +146,7 @@ to boot the Rapsi to the client console. DO NOT FORGET TO CHANGE THE DEFAULT PASSWORD FOR USER PI! -If the validation of the mail address fails for the very first registered user... +On a Raspian Stretch (Debian 9) the validation of the mail address fails for the very first user. This used to happen on some *bsd distros but there was some work to fix that a year ago (2017). So if your system isn't registered in DNS or DNS isn't active do diff --git a/.homeinstall/hubzilla-config.txt.template b/.homeinstall/hubzilla-config.txt.template index e42da0e4e..f0bf6121c 100644 --- a/.homeinstall/hubzilla-config.txt.template +++ b/.homeinstall/hubzilla-config.txt.template @@ -2,8 +2,8 @@ ### MANDATORY - database password ############# # # Please give your database password +# It is better to not use blanks inside the password. # Example: db_pass=pass_word_with_no_blanks_in_it -# Example: db_pass="this password has blanks in it" db_pass= ############################################### @@ -18,9 +18,12 @@ db_pass= # Example: my.cooldomain.org # Example: cooldomain.org # -# Example: localhost (test installation without certificates for httpS) +# You might use "localhost" for a LOCAL TEST installation. +# This is usefull if you want to debug the server inside a VM. # -# Email is optional +# Example: localhost +# +# Email is optional if you use "localhost". # # le_domain= @@ -30,7 +33,7 @@ le_email= ### OPTIONAL - selfHOST - dynamic IP address ## # # 1. Register a domain at selfhost.de -# - choose offer "DOMAIN dynamisch" 1,50€/mon at 08.01.2016 +# - choose offer "DOMAIN dynamisch" 1,50€/mon at 04/2019 # 2. Get your configuration for dynamic IP update # - Log in at selfhost.de # - go to "DynDNS Accounte" diff --git a/.homeinstall/hubzilla-setup.sh b/.homeinstall/hubzilla-setup.sh index 1f3ad5db5..023ef7afc 100755..100644 --- a/.homeinstall/hubzilla-setup.sh +++ b/.homeinstall/hubzilla-setup.sh @@ -3,7 +3,10 @@ # How to use # ---------- # -# This file automates the installation of hubzilla under Debian Linux +# This file automates the installation of +# - hubzilla: https://zotlabs.org/page/hubzilla/hubzilla-project and +# - zap: https://zotlabs.com/zap/ +# under Debian Linux # # 1) Copy the file "hubzilla-config.txt.template" to "hubzilla-config.txt" # Follow the instuctions there @@ -25,16 +28,14 @@ # * php, # * mysql - the database for hubzilla, # * phpmyadmin, -# * git to download and update hubzilla itself +# * git to download and update hubzilla addon # - download hubzilla core and addons # - configure cron -# * "poller.php" for regular background prozesses of hubzilla -# * to_do "apt-get update" and "apt-get dist-upgrade" to keep linux -# up-to-date -# * to_do backup hubzillas database and files (rsnapshot) -# - configure dynamic ip with cron -# - to_do letsencrypt -# - to_do redirection to https +# * "Master.php" for regular background prozesses of hubzilla +# * "apt-get update" and "apt-get dist-upgrade" and "apt-get autoremove" to keep linux up-to-date +# * run command to keep the IP up-to-date > DynDNS provided by selfHOST.de or freedns.afraid.org +# * backup hubzillas database and files (rsync) +# - letsencrypt # # # Discussion @@ -43,26 +44,11 @@ # Security - password is the same for mysql-server, phpmyadmin and hubzilla db # - The script runs into installation errors for phpmyadmin if it uses # different passwords. For the sake of simplicity one singel password. -# -# Security - suhosin for PHP -# - The script does not install suhosin. -# - Is the security package suhosin usefull or not usefull? # # Hubzilla - email verification # - The script switches off email verification off in all htconfig.tpl. # Example: /var/www/html/view/en/htconfig.tpl # - Is this a silly idea or not? -# -# -# Remove Hubzilla (for a fresh start using the script) -# ---------------------------------------------------- -# -# You could use /var/www/hubzilla-remove.sh -# that is created by hubzilla-setup.sh. -# -# The script will remove (almost everything) what was installed by the script. -# After the removal you could run the script again to have a fresh install -# of all applications including hubzilla and its database. # # How to restore from backup # -------------------------- @@ -76,18 +62,10 @@ # # hubzilla-daily.sh makes a (daily) backup of all relevant files # - /var/lib/mysql/ > hubzilla database -# - /var/www/html/ > hubzilla from github -# - /var/www/letsencrypt/ > certificates -# -# hubzilla-daily.sh writes the backup -# - either to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt) -# - or to /var/cache/rsnapshot in case the external disk is not plugged in +# - /var/www/ > hubzilla/zap from github +# - /etc/letsencrypt/ > certificates # -# Restore backup -# - - - - - - - -# -# This was not tested yet. -# Bacically you can copy the files from the backup to the server. +# hubzilla-daily.sh writes the backup to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt) # # Credits # ------- @@ -136,11 +114,11 @@ function check_config { # backup is important and should be checked if [ -n "$backup_device_name" ] then - if [ ! -d "$backup_mount_point" ] - then - mkdir "$backup_mount_point" - fi - device_mounted=0 + if [ ! -d "$backup_mount_point" ] + then + mkdir "$backup_mount_point" + fi + device_mounted=0 if fdisk -l | grep -i "$backup_device_name.*linux" then print_info "ok - filesystem of external device is linux" @@ -264,7 +242,7 @@ function install_sendmail { function install_php { # openssl and mbstring are included in libapache2-mod-php print_info "installing php..." - nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd" + nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd php-mysqli php-mbstring php-xml" sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/7.0/apache2/php.ini sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/7.0/apache2/php.ini } @@ -449,11 +427,11 @@ function configure_cron_selfhost { print_info "configure cron for selfhost..." if [ -z "$selfhost_user" ] then - print_info "freedns is not configured because freedns_key is empty in $configfile" + print_info "selfhost is not configured because selfhost_key is empty in $configfile" else # Use cron for dynamich ip update # - at reboot - # - every 30 minutes + # - every 5 minutes if [ -z "`grep 'selfhost-updater.sh' /etc/crontab`" ] then echo "@reboot root bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab @@ -471,89 +449,24 @@ function install_letsencrypt { then die "Failed to install let's encrypt: 'le_domain' is empty in $configfile" fi - # configure apache - apache_le_conf=/etc/apache2/sites-available/le-default.conf - if [ -f $apache_le_conf ] - then - print_info "$apache_le_conf exist already" - else - cat > $apache_le_conf <<END -# letsencrypt default Apache configuration -Alias /.well-known/acme-challenge /var/www/letsencrypt - -<Directory /var/www/letsencrypt> - Options FollowSymLinks - Allow from all -</Directory> -END - a2ensite le-default.conf - service apache2 restart - fi - # download the shell script - if [ -d $le_dir ] - then - print_info "letsenrypt exists already (nothing downloaded > no certificate created and registered)" - return 0 - fi - git clone https://github.com/lukas2511/dehydrated $le_dir - cd $le_dir - # create config file for letsencrypt.sh - echo "WELLKNOWN=$le_dir" > $le_dir/config.sh - if [ -n "$le_email" ] - then - echo "CONTACT_EMAIL=$le_email" >> $le_dir/config.sh - fi - # create domain file for letsencrypt.sh - # WATCH THIS: - # - It did not work wit "sub.domain.org www.sub.domain.org". - # - So just use "sub.domain.org" only! - echo "$le_domain" > $le_dir/domains.txt - # test apache config for letsencrpyt - url_http=http://$le_domain/.well-known/acme-challenge/domains.txt - wget_output=$(wget -nv --spider --max-redirect 0 $url_http) - if [ $? -ne 0 ] - then - die "Failed to load $url_http" - fi - # accept terms of service of letsencrypt - ./dehydrated --register --accept-terms - # run script dehydrated - # - ./dehydrated --cron --config $le_dir/config.sh -} - -function configure_apache_for_https { - print_info "configuring apache to use httpS ..." - # letsencrypt.sh - # - # "${BASEDIR}/certs/${domain}/privkey.pem" - # "${BASEDIR}/certs/${domain}/cert.pem" - # "${BASEDIR}/certs/${domain}/fullchain.pem" - # - SSLCertificateFile=${le_dir}/certs/${le_domain}/cert.pem - SSLCertificateKeyFile=${le_dir}/certs/${le_domain}/privkey.pem - SSLCertificateChainFile=${le_dir}/certs/${le_domain}/fullchain.pem - if [ ! -f $SSLCertificateFile ] + # check if user gave mail address + if [ -z "$le_email" ] then - print_warn "Failed to configure apache for httpS: Missing certificate file $SSLCertificateFile" - return 0 + die "Failed to install let's encrypt: 'le_domain' is empty in $configfile" fi - # make sure that the ssl mode is enabled - print_info "...configuring apache to use httpS - a2enmod ssl ..." - a2enmod ssl - # modify apach' ssl conf file - if grep -i "ServerName" $sslconf + nocheck_install "apt-transport-https" + # add backports to your sources.list + backports_list=/etc/apt/sources.list.d/backports.list + if [ -f $backports_list ] then - print_info "seems that apache was already configered to use httpS with $sslconf" + print_info "$backports_list exist already" else - sed -i "s/ServerAdmin.*$/ServerAdmin webmaster@localhost\\n ServerName ${le_domain}/" $sslconf - fi - sed -i s#/etc/ssl/certs/ssl-cert-snakeoil.pem#$SSLCertificateFile# $sslconf - sed -i s#/etc/ssl/private/ssl-cert-snakeoil.key#$SSLCertificateKeyFile# $sslconf - sed -i s#/etc/apache2/ssl.crt/server-ca.crt#$SSLCertificateChainFile# $sslconf - sed -i s/#SSLCertificateChainFile/SSLCertificateChainFile/ $sslconf - # apply changes - a2ensite default-ssl.conf + echo "deb https://deb.debian.org/debian stretch-backports main" > $backports_list + fi + apt-get -y update + DEBIAN_FRONTEND=noninteractive apt-get -q -y -t stretch-backports install certbot python-certbot-apache + print_info "run certbot ..." + certbot --apache -w /var/www/html -d $le_domain -m $le_email --agree-tos --non-interactive --redirect --hsts --uir service apache2 restart } @@ -572,7 +485,10 @@ function check_https { function install_hubzilla { print_info "installing hubzilla addons..." cd /var/www/html/ - util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons + # if you install Hubzilla + util/add_addon_repo https://framagit.org/hubzilla/addons hzaddons + # if you install ZAP + #util/add_addon_repo https://framagit.org/zot/zap-addons.git zaddons mkdir -p "store/[data]/smarty3" chmod -R 777 store touch .htconfig.php @@ -582,7 +498,7 @@ function install_hubzilla { chown root:www-data /var/www/html/ chown root:www-data /var/www/html/.htaccess chmod 0644 /var/www/html/.htaccess - # try to switch off email registration + print_info "try to switch off email registration..." sed -i "s/verify_email.*1/verify_email'] = 0/" /var/www/html/view/*/ht* if [ -n "`grep -r 'verify_email.*1' /var/www/html/view/`" ] then @@ -591,49 +507,9 @@ function install_hubzilla { print_info "installed hubzilla" } -function rewrite_to_https { - print_info "configuring apache to redirect http to httpS ..." - htaccessfile=/var/www/html/.htaccess - if grep -i "https" $htaccessfile - then - print_info "...configuring apache to redirect http to httpS was already done in $htaccessfile" - else - sed -i "s#QSA]#QSA]\\n RewriteCond %{SERVER_PORT} !^443$\\n RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]#" $htaccessfile - fi - service apache2 restart -} - -# This will allways overwrite both config files -# - internal disk -# - external disk (LUKS + ext4) -# of rsnapshot for hubzilla -function install_rsnapshot { - print_info "installing rsnapshot..." - nocheck_install "rsnapshot" - # internal disk - cp -f /etc/rsnapshot.conf $snapshotconfig - sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig - sed -i "s/^backup/#backup/" $snapshotconfig - echo "backup /var/lib/mysql/ localhost/" >> $snapshotconfig - echo "backup /var/www/html/ localhost/" >> $snapshotconfig - echo "backup /var/www/letsencrypt/ localhost/" >> $snapshotconfig - # external disk - if [ -n "$backup_device_name" ] - then - cp -f /etc/rsnapshot.conf $snapshotconfig_external_device - sed -i "s#snapshot_root.*#snapshot_root $backup_mount_point#" $snapshotconfig_external_device - sed -i "/alpha/s/6/30/" $snapshotconfig_external_device - sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig_external_device - sed -i "s/^backup/#backup/" $snapshotconfig_external_device - if [ -z "`grep 'letsencrypt' $snapshotconfig_external_device`" ] - then - echo "backup /var/lib/mysql/ localhost/" >> $snapshotconfig_external_device - echo "backup /var/www/html/ localhost/" >> $snapshotconfig_external_device - echo "backup /var/www/letsencrypt/ localhost/" >> $snapshotconfig_external_device - fi - else - print_info "No backup configuration (rsnapshot) for external device configured. Reason: backup_device_name and/or backup_device_pass not given in $configfile" - fi +function install_rsync { + print_info "installing rsync..." + nocheck_install "rsync" } function install_cryptosetup { @@ -644,28 +520,28 @@ function install_cryptosetup { function configure_cron_daily { print_info "configuring cron..." # every 10 min for poller.php - if [ -z "`grep 'poller.php' /etc/crontab`" ] + if [ -z "`grep 'Master.php' /etc/crontab`" ] then echo "*/10 * * * * www-data cd /var/www/html; php Zotlabs/Daemon/Master.php Cron >> /dev/null 2>&1" >> /etc/crontab fi # Run external script daily at 05:30 # - stop apache and mysql-server - # - backup hubzilla + # - renew the certificate of letsencrypt + # - backup db, files (/var/www/html), certificates if letsencrypt # - update hubzilla core and addon # - update and upgrade linux - # - reboot + # - reboot is done by "shutdown -h now" because "reboot" hangs sometimes depending on the system echo "#!/bin/sh" > /var/www/$hubzilladaily echo "#" >> /var/www/$hubzilladaily echo "echo \" \"" >> /var/www/$hubzilladaily echo "echo \"+++ \$(date) +++\"" >> /var/www/$hubzilladaily echo "echo \" \"" >> /var/www/$hubzilladaily echo "echo \"\$(date) - renew certificate...\"" >> /var/www/$hubzilladaily -echo "bash $le_dir/dehydrated --cron --config $le_dir/config.sh" >> /var/www/$hubzilladaily +echo "certbot renew --noninteractive" >> /var/www/$hubzilladaily echo "#" >> /var/www/$hubzilladaily -echo "# stop hubzilla" >> /var/www/$hubzilladaily -echo "echo \"\$(date) - stoping apache and mysql...\"" >> /var/www/$hubzilladaily +echo "echo \"\$(date) - stopping apache and mysql...\"" >> /var/www/$hubzilladaily echo "service apache2 stop" >> /var/www/$hubzilladaily -echo "/etc/init.d/mysql stop # to avoid inconsistancies" >> /var/www/$hubzilladaily +echo "/etc/init.d/mysql stop # to avoid inconsistencies" >> /var/www/$hubzilladaily echo "#" >> /var/www/$hubzilladaily echo "# backup" >> /var/www/$hubzilladaily echo "echo \"\$(date) - try to mount external device for backup...\"" >> /var/www/$hubzilladaily @@ -696,11 +572,13 @@ echo " if mount $backup_device_name $backup_mount_point" >> /var/www/$hub echo " then" >> /var/www/$hubzilladaily echo " device_mounted=1" >> /var/www/$hubzilladaily echo " echo \"device $backup_device_name is now mounted. Starting backup...\"" >> /var/www/$hubzilladaily -echo " rsnapshot -c $snapshotconfig_external_device alpha" >> /var/www/$hubzilladaily -echo " echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily -echo " df -h" >> /var/www/$hubzilladaily -echo " echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily -echo " du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily +echo " rsync -a --delete /var/lib/mysql/ /media/hubzilla_backup/mysql" >> /var/www/$hubzilladaily +echo " rsync -a --delete /var/www/ /media/hubzilla_backup/www" >> /var/www/$hubzilladaily +echo " rsync -a --delete /etc/letsencrypt/ /media/hubzilla_backup/letsencrypt" >> /var/www/$hubzilladaily +echo " echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily +echo " df -h" >> /var/www/$hubzilladaily +echo " echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily +echo " du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily echo " echo \"unmounting backup device...\"" >> /var/www/$hubzilladaily echo " umount $backup_mount_point" >> /var/www/$hubzilladaily echo " else" >> /var/www/$hubzilladaily @@ -722,18 +600,16 @@ echo "echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily echo "du -h /var/lib/mysql/ | grep mysql/hubzilla" >> /var/www/$hubzilladaily echo "#" >> /var/www/$hubzilladaily echo "# update" >> /var/www/$hubzilladaily -echo "echo \"\$(date) - updating dehydrated...\"" >> /var/www/$hubzilladaily -echo "git -C /var/www/letsencrypt/ pull" >> /var/www/$hubzilladaily -echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily +echo "echo \"\$(date) - updating core and addons...\"" >> /var/www/$hubzilladaily echo "(cd /var/www/html/ ; util/udall)" >> /var/www/$hubzilladaily echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily echo "echo \"\$(date) - updating linux...\"" >> /var/www/$hubzilladaily echo "apt-get -q -y update && apt-get -q -y dist-upgrade && apt-get -q -y autoremove # update linux and upgrade" >> /var/www/$hubzilladaily -echo "echo \"\$(date) - Backup hubzilla and update linux finished. Rebooting...\"" >> /var/www/$hubzilladaily +echo "echo \"\$(date) - Backup and update finished. Rebooting...\"" >> /var/www/$hubzilladaily echo "#" >> /var/www/$hubzilladaily -echo "reboot" >> /var/www/$hubzilladaily +echo "shutdown -r now" >> /var/www/$hubzilladaily if [ -z "`grep 'hubzilla-daily.sh' /etc/crontab`" ] then @@ -745,38 +621,6 @@ echo "reboot" >> /var/www/$hubzilladaily print_info "configured cron for updates/upgrades" } -function write_uninstall_script { - print_info "writing uninstall script..." - - cat > /var/www/hubzilla-remove.sh <<END -#!/bin/sh -# -# This script removes Hubzilla. -# You might do this for a fresh start using the script. -# The script will remove (almost everything) what was installed by the script, -# all applications including hubzilla and its database. -# -# Backup the certificates of letsencrypt (you never know) -cp -a /var/www/letsencrypt/ ~/backup_le_certificats -# -# Removal -apt-get remove apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin -apt-get purge apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin -apt-get autoremove -apt-get clean -rm /etc/rsnapshot_hubzilla.conf -rm /etc/rsnapshot_hubzilla_external_device.conf -rm -R /etc/apache2/ -rm -R /var/lib/mysql/ -rm -R /var/www -rm -R /etc/selfhost/ -# uncomment the next line if you want to remove the backups -# rm -R /var/cache/rsnapshot -nano /etc/crontab # remove entries there manually -END - chmod -x /var/www/hubzilla-remove.sh -} - ######################################################################## # START OF PROGRAM ######################################################################## @@ -792,11 +636,7 @@ selfhostdir=/etc/selfhost selfhostscript=selfhost-updater.sh hubzilladaily=hubzilla-daily.sh plugins_update=.homeinstall/plugins_update.sh -snapshotconfig=/etc/rsnapshot_hubzilla.conf -snapshotconfig_external_device=/etc/rsnapshot_hubzilla_external_device.conf backup_mount_point=/media/hubzilla_backup -le_dir=/var/www/letsencrypt -sslconf=/etc/apache2/sites-available/default-ssl.conf #set -x # activate debugging from here @@ -820,7 +660,6 @@ configure_cron_selfhost if [ "$le_domain" != "localhost" ] then install_letsencrypt - configure_apache_for_https check_https else print_info "is localhost - skipped installation of letsencrypt and configuration of apache for https" @@ -828,20 +667,12 @@ fi install_hubzilla -if [ "$le_domain" != "localhost" ] -then - rewrite_to_https - install_rsnapshot -else - print_info "is localhost - skipped rewrite to https and installation of rsnapshot" -fi - configure_cron_daily if [ "$le_domain" != "localhost" ] then + install_rsync install_cryptosetup - write_uninstall_script else print_info "is localhost - skipped installation of cryptosetup" fi diff --git a/Zotlabs/Module/Wfinger.php b/Zotlabs/Module/Wfinger.php index 03275abbc..a19bdbedc 100644 --- a/Zotlabs/Module/Wfinger.php +++ b/Zotlabs/Module/Wfinger.php @@ -128,7 +128,7 @@ class Wfinger extends \Zotlabs\Web\Controller { 'http://webfinger.net/ns/name' => $r[0]['channel_name'], 'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name'], 'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey'], - 'http://purl.org/zot/federation' => 'zot' + 'http://purl.org/zot/federation' => 'zot,zot6' ]; foreach($aliases as $alias) diff --git a/include/event.php b/include/event.php index fdb9e1415..77118c329 100644 --- a/include/event.php +++ b/include/event.php @@ -4,8 +4,11 @@ * @brief Event related functions. */ + use Sabre\VObject; +use Zotlabs\Lib\Activity; + use Ramsey\Uuid\Uuid; use Ramsey\Uuid\Exception\UnsatisfiedDependencyException; @@ -65,7 +68,7 @@ function format_event_html($ev) { } function format_event_obj($jobject) { - $event = array(); + $event = []; $object = json_decode($jobject,true); @@ -1046,6 +1049,7 @@ function event_store_item($arr, $event) { 'location' => $arr['location'], 'adjust' => $arr['adjust'], 'content' => format_event_bbcode($arr), + 'attachment' => Activity::encode_attachment($r[0]), 'author' => array( 'name' => $r[0]['xchan_name'], 'address' => $r[0]['xchan_addr'], @@ -1200,6 +1204,7 @@ function event_store_item($arr, $event) { 'location' => $arr['location'], 'adjust' => $arr['adjust'], 'content' => format_event_bbcode($arr), + 'attachment' => Activity::encode_attachment($item_arr), 'author' => array( 'name' => $x[0]['xchan_name'], 'address' => $x[0]['xchan_addr'], |