aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.homeinstall/README.md186
-rw-r--r--.homeinstall/hubzilla-config.txt.template11
-rw-r--r--[-rwxr-xr-x].homeinstall/hubzilla-setup.sh291
-rw-r--r--Zotlabs/Module/Photo.php45
-rwxr-xr-xutil/storageconv16
5 files changed, 133 insertions, 416 deletions
diff --git a/.homeinstall/README.md b/.homeinstall/README.md
index d63931a84..45e1ba0e6 100644
--- a/.homeinstall/README.md
+++ b/.homeinstall/README.md
@@ -1,16 +1,43 @@
# Hubzilla at Home next to your Router
-Run hubzilla-setup.sh for an unattended installation of hubzilla.
+This readme will show you how to install and run Hubzilla or Zap at home.
+
+The installation is done by a script.
+
+What the script will do for you...
+
++ install everything required by Zap/Hubzilla, basically a web server (Apache), PHP, a database (MySQL), certbot,...
++ create a database
++ run certbot to have everything for a secure connection (httpS)
++ create a script for daily maintenance
+ - backup to external disk (certificates, database, /var/www/)
+ - renew certfificate (letsencrypt)
+ - update of Zap/Hubzilla
+ - update of Debian
+ - restart
++ create cron jobs for
+ - DynDNS (selfHOST.de or freedns.afraid.org) every 5 minutes
+ - Master.php for Zap/Hubzilla every 10 minutes
+ - daily maintenance script every day at 05:30
The script is known to work without adjustments with
+ Hardware
- - Mini-PC with Debian-9.5-amd64, or
- - Rapberry 3 with Raspbian, Debian-9.5
+ - Mini-PC with Debian 9 (stretch), or
+ - Rapberry 3 with Raspbian, Debian 9
+ DynDNS
- selfHOST.de
- freedns.afraid.org
+The script can install both [Hubzilla](https://zotlabs.org/page/hubzilla/hubzilla-project) and [Zap](https://zotlabs.com/zap/). Make sure to use the correct GIT repositories.
+
++ Hubzilla
+ - core: git clone https://framagit.org/hubzilla/core.git html (in this readme)
+ - addons: util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons (in hubzilla-setup.sh)
++ Zap
+ - core: git clone https://framagit.org/zot/zap.git html (in this readme)
+ - addons: util/add_addon_repo https://framagit.org/zot/zap-addons.git zaddons (in hubzilla-setup.sh)
+
## Disclaimers
- This script does work with Debian 9 only.
@@ -29,7 +56,7 @@ Hardware
Software
+ Fresh installation of Debian 9 (Stretch)
-+ Router with open ports 80 and 443 for your Hub
++ Router with open ports 80 and 443 for your web server
## The basic steps (quick overview)
@@ -44,10 +71,9 @@ Software
- nano hubzilla-config.txt
- Read the comments carefully
- Enter your values: db pass, domain, values for dyn DNS
- - Make sure your external drive (for backups) is mounted
+ - Prepare your external disk for backups
- hubzilla-setup.sh as root
- ... wait, wait, wait until the script is finised
- - reboot
+ Open your domain with a browser and step throught the initial configuration of hubzilla.
## Troubleshooting
@@ -66,57 +92,27 @@ In Admin settings of hubzilla or via terminal
# Step-by-Step in Detail
-## Preparations Hardware
-
-### Mini-PC
-
-### Recommended: USB Drive for Backups
-
-The installation will create a daily backup written to an external drive.
-
-The USB drive must be compatible with the filesystems
-
-- ext4 (if you do not want to encrypt the USB)
-- LUKS + ext4 (if you want to encrypt the USB)
-
-The backup includes
-
-- Hubzilla DB
-- Hubzilla installation /var/www/html
-- Certificates for letsencrypt
-
## Preparations Software
-### Install Debian Linux on the Mini-PC
-
-Download the stable Debian at https://www.debian.org/
-(Debian 8 is no longer supported.)
+## Install Debian 9
-Create bootable USB drive with Debian on it.You could use
+Provided you use a Raspberry Pi 3...
-- unetbootin, https://en.wikipedia.org/wiki/UNetbootin
-- or simply the linux command "dd"
+Download the OS Raspbian from https://www.raspberrypi.org/downloads/raspbian/
-Example for command dd...
+Follow the installation instruction there.
- su -
- dd if=2018-10-09-raspbian-stretch.img of=/dev/mmcblk0
+## Configure your Router
-Do not forget to unmount the SD card before and check if unmounted like in this example...
+Your web has to be visible in the internet.
- su -
- umount /dev/mmcblk0*
- df -h
+Open the ports 80 and 443 on your router for your Debian. Make sure your web server is marked as "exposed host".
+## Preparations Dynamic IP Address
-Switch off your mini pc, plug in your USB drive and start the mini pc from the
-stick. Install Debian. Follow the instructions of the installation.
-
-### Configure your Router
-
-Open the ports 80 and 443 on your router for your Debian
+Follow the instructions in .homeinstall/hubzilla-config.txt.
-## Preparations Dynamic IP Address
+In short...
Your Hubzilla must be reachable by a domain that you can type in your browser
@@ -132,105 +128,15 @@ There are two ways to get a domain...
...for example buy at selfHOST.de
-The cost are around 10,- € once and 1,50 € per month (2017).
+The cost is 1,50 € per month (2019).
### Method 2: Register a free subdomain
...for example register at freedns.afraid.org
-Follow the instructions in .homeinstall/hubzilla-config.txt.
-
-
-## Install Hubzilla on your Debian
-
-Login to your debian
-(Provided your username is "you" and the name of the mini pc is "debian". You
-could take the IP address instead of "debian")
-
- ssh -X you@debian
-
-Change to root user
-
- su -l
-
-Install git
-
- apt-get install git
-
-Make the directory for apache and change diretory to it
-
- mkdir /var/www
- cd /var/www/
-
-Clone hubzilla from git ("git pull" will update it later)
-
- git clone https://framagit.org/hubzilla/core.git html
-
-Change to the install script
-
- cd html/.homeinstall/
-
-Copy the template file
-
- cp hubzilla-config.txt.template hubzilla-config.txt
-
-Modify the file "hubzilla-config.txt". Read the instructions there carefully and enter your values.
-
- nano hubzilla-config.txt
-
-Make sure your external drive (for backups) is plugged in and can be mounted as configured in "hubzilla-config.txt". Otherwise the daily backups will not work.
-
-Run the script
-
- ./hubzilla-setup.sh
-
-Wait... The script should not finish with an error message.
-
-In a webbrowser open your domain.
-Expected: A test page of hubzilla is shown. All checks there should be
-successfull. Go on...
-Expected: A page for the Hubzilla server configuration shows up.
-
-Leave db server name "127.0.0.1" and port "0" untouched.
-
-Enter
-
-- DB user name = hubzilla
-- DB pass word = This is the password you entered in "hubzilla-config.txt"
-- DB name = hubzilla
-
-Leave db type "MySQL" untouched.
-
-Follow the instructions in the next pages.
-
-Recommended: Set path to imagemagick
-
-- in admin settings of hubzilla or
-- via terminal
-
- util/config system.imagick_convert_path /usr/bin/convert
-
-After the daily script was executed at 05:30 (am)
-
-- look at /var/www/html/hubzilla-daily.log
-- check your backup on the external drive
-- optionally view the daily log under yourdomain.org/admin/logs/
- - set the logfile to var/www/html/hubzilla-daily.log
-
-
-## Install Hubzilla in a Virtual Machine for Test Purposes
-
-Modify the file "hubzilla-config.txt".
-
- nano hubzilla-config.txt
-
-There use
-
- le_domain=localhost
-
-## Note for the Rasperry
+## Note on Rasperry
-The script was tested with an Raspberry 3 under Raspian (Debian 9.5, 2018-10-09-raspbian-stretch.img).
+The script was tested with an Raspberry 3 under Raspian, Debian 9.
It is recommended to run the Raspi without graphical frontend (X-Server). Use...
@@ -240,7 +146,7 @@ to boot the Rapsi to the client console.
DO NOT FORGET TO CHANGE THE DEFAULT PASSWORD FOR USER PI!
-If the validation of the mail address fails for the very first registered user...
+On a Raspian Stretch (Debian 9) the validation of the mail address fails for the very first user.
This used to happen on some *bsd distros but there was some work to fix that a year ago (2017).
So if your system isn't registered in DNS or DNS isn't active do
diff --git a/.homeinstall/hubzilla-config.txt.template b/.homeinstall/hubzilla-config.txt.template
index e42da0e4e..f0bf6121c 100644
--- a/.homeinstall/hubzilla-config.txt.template
+++ b/.homeinstall/hubzilla-config.txt.template
@@ -2,8 +2,8 @@
### MANDATORY - database password #############
#
# Please give your database password
+# It is better to not use blanks inside the password.
# Example: db_pass=pass_word_with_no_blanks_in_it
-# Example: db_pass="this password has blanks in it"
db_pass=
###############################################
@@ -18,9 +18,12 @@ db_pass=
# Example: my.cooldomain.org
# Example: cooldomain.org
#
-# Example: localhost (test installation without certificates for httpS)
+# You might use "localhost" for a LOCAL TEST installation.
+# This is usefull if you want to debug the server inside a VM.
#
-# Email is optional
+# Example: localhost
+#
+# Email is optional if you use "localhost".
#
#
le_domain=
@@ -30,7 +33,7 @@ le_email=
### OPTIONAL - selfHOST - dynamic IP address ##
#
# 1. Register a domain at selfhost.de
-# - choose offer "DOMAIN dynamisch" 1,50€/mon at 08.01.2016
+# - choose offer "DOMAIN dynamisch" 1,50€/mon at 04/2019
# 2. Get your configuration for dynamic IP update
# - Log in at selfhost.de
# - go to "DynDNS Accounte"
diff --git a/.homeinstall/hubzilla-setup.sh b/.homeinstall/hubzilla-setup.sh
index 1f3ad5db5..023ef7afc 100755..100644
--- a/.homeinstall/hubzilla-setup.sh
+++ b/.homeinstall/hubzilla-setup.sh
@@ -3,7 +3,10 @@
# How to use
# ----------
#
-# This file automates the installation of hubzilla under Debian Linux
+# This file automates the installation of
+# - hubzilla: https://zotlabs.org/page/hubzilla/hubzilla-project and
+# - zap: https://zotlabs.com/zap/
+# under Debian Linux
#
# 1) Copy the file "hubzilla-config.txt.template" to "hubzilla-config.txt"
# Follow the instuctions there
@@ -25,16 +28,14 @@
# * php,
# * mysql - the database for hubzilla,
# * phpmyadmin,
-# * git to download and update hubzilla itself
+# * git to download and update hubzilla addon
# - download hubzilla core and addons
# - configure cron
-# * "poller.php" for regular background prozesses of hubzilla
-# * to_do "apt-get update" and "apt-get dist-upgrade" to keep linux
-# up-to-date
-# * to_do backup hubzillas database and files (rsnapshot)
-# - configure dynamic ip with cron
-# - to_do letsencrypt
-# - to_do redirection to https
+# * "Master.php" for regular background prozesses of hubzilla
+# * "apt-get update" and "apt-get dist-upgrade" and "apt-get autoremove" to keep linux up-to-date
+# * run command to keep the IP up-to-date > DynDNS provided by selfHOST.de or freedns.afraid.org
+# * backup hubzillas database and files (rsync)
+# - letsencrypt
#
#
# Discussion
@@ -43,26 +44,11 @@
# Security - password is the same for mysql-server, phpmyadmin and hubzilla db
# - The script runs into installation errors for phpmyadmin if it uses
# different passwords. For the sake of simplicity one singel password.
-#
-# Security - suhosin for PHP
-# - The script does not install suhosin.
-# - Is the security package suhosin usefull or not usefull?
#
# Hubzilla - email verification
# - The script switches off email verification off in all htconfig.tpl.
# Example: /var/www/html/view/en/htconfig.tpl
# - Is this a silly idea or not?
-#
-#
-# Remove Hubzilla (for a fresh start using the script)
-# ----------------------------------------------------
-#
-# You could use /var/www/hubzilla-remove.sh
-# that is created by hubzilla-setup.sh.
-#
-# The script will remove (almost everything) what was installed by the script.
-# After the removal you could run the script again to have a fresh install
-# of all applications including hubzilla and its database.
#
# How to restore from backup
# --------------------------
@@ -76,18 +62,10 @@
#
# hubzilla-daily.sh makes a (daily) backup of all relevant files
# - /var/lib/mysql/ > hubzilla database
-# - /var/www/html/ > hubzilla from github
-# - /var/www/letsencrypt/ > certificates
-#
-# hubzilla-daily.sh writes the backup
-# - either to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt)
-# - or to /var/cache/rsnapshot in case the external disk is not plugged in
+# - /var/www/ > hubzilla/zap from github
+# - /etc/letsencrypt/ > certificates
#
-# Restore backup
-# - - - - - - -
-#
-# This was not tested yet.
-# Bacically you can copy the files from the backup to the server.
+# hubzilla-daily.sh writes the backup to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt)
#
# Credits
# -------
@@ -136,11 +114,11 @@ function check_config {
# backup is important and should be checked
if [ -n "$backup_device_name" ]
then
- if [ ! -d "$backup_mount_point" ]
- then
- mkdir "$backup_mount_point"
- fi
- device_mounted=0
+ if [ ! -d "$backup_mount_point" ]
+ then
+ mkdir "$backup_mount_point"
+ fi
+ device_mounted=0
if fdisk -l | grep -i "$backup_device_name.*linux"
then
print_info "ok - filesystem of external device is linux"
@@ -264,7 +242,7 @@ function install_sendmail {
function install_php {
# openssl and mbstring are included in libapache2-mod-php
print_info "installing php..."
- nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd"
+ nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd php-mysqli php-mbstring php-xml"
sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/7.0/apache2/php.ini
sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/7.0/apache2/php.ini
}
@@ -449,11 +427,11 @@ function configure_cron_selfhost {
print_info "configure cron for selfhost..."
if [ -z "$selfhost_user" ]
then
- print_info "freedns is not configured because freedns_key is empty in $configfile"
+ print_info "selfhost is not configured because selfhost_key is empty in $configfile"
else
# Use cron for dynamich ip update
# - at reboot
- # - every 30 minutes
+ # - every 5 minutes
if [ -z "`grep 'selfhost-updater.sh' /etc/crontab`" ]
then
echo "@reboot root bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab
@@ -471,89 +449,24 @@ function install_letsencrypt {
then
die "Failed to install let's encrypt: 'le_domain' is empty in $configfile"
fi
- # configure apache
- apache_le_conf=/etc/apache2/sites-available/le-default.conf
- if [ -f $apache_le_conf ]
- then
- print_info "$apache_le_conf exist already"
- else
- cat > $apache_le_conf <<END
-# letsencrypt default Apache configuration
-Alias /.well-known/acme-challenge /var/www/letsencrypt
-
-<Directory /var/www/letsencrypt>
- Options FollowSymLinks
- Allow from all
-</Directory>
-END
- a2ensite le-default.conf
- service apache2 restart
- fi
- # download the shell script
- if [ -d $le_dir ]
- then
- print_info "letsenrypt exists already (nothing downloaded > no certificate created and registered)"
- return 0
- fi
- git clone https://github.com/lukas2511/dehydrated $le_dir
- cd $le_dir
- # create config file for letsencrypt.sh
- echo "WELLKNOWN=$le_dir" > $le_dir/config.sh
- if [ -n "$le_email" ]
- then
- echo "CONTACT_EMAIL=$le_email" >> $le_dir/config.sh
- fi
- # create domain file for letsencrypt.sh
- # WATCH THIS:
- # - It did not work wit "sub.domain.org www.sub.domain.org".
- # - So just use "sub.domain.org" only!
- echo "$le_domain" > $le_dir/domains.txt
- # test apache config for letsencrpyt
- url_http=http://$le_domain/.well-known/acme-challenge/domains.txt
- wget_output=$(wget -nv --spider --max-redirect 0 $url_http)
- if [ $? -ne 0 ]
- then
- die "Failed to load $url_http"
- fi
- # accept terms of service of letsencrypt
- ./dehydrated --register --accept-terms
- # run script dehydrated
- #
- ./dehydrated --cron --config $le_dir/config.sh
-}
-
-function configure_apache_for_https {
- print_info "configuring apache to use httpS ..."
- # letsencrypt.sh
- #
- # "${BASEDIR}/certs/${domain}/privkey.pem"
- # "${BASEDIR}/certs/${domain}/cert.pem"
- # "${BASEDIR}/certs/${domain}/fullchain.pem"
- #
- SSLCertificateFile=${le_dir}/certs/${le_domain}/cert.pem
- SSLCertificateKeyFile=${le_dir}/certs/${le_domain}/privkey.pem
- SSLCertificateChainFile=${le_dir}/certs/${le_domain}/fullchain.pem
- if [ ! -f $SSLCertificateFile ]
+ # check if user gave mail address
+ if [ -z "$le_email" ]
then
- print_warn "Failed to configure apache for httpS: Missing certificate file $SSLCertificateFile"
- return 0
+ die "Failed to install let's encrypt: 'le_domain' is empty in $configfile"
fi
- # make sure that the ssl mode is enabled
- print_info "...configuring apache to use httpS - a2enmod ssl ..."
- a2enmod ssl
- # modify apach' ssl conf file
- if grep -i "ServerName" $sslconf
+ nocheck_install "apt-transport-https"
+ # add backports to your sources.list
+ backports_list=/etc/apt/sources.list.d/backports.list
+ if [ -f $backports_list ]
then
- print_info "seems that apache was already configered to use httpS with $sslconf"
+ print_info "$backports_list exist already"
else
- sed -i "s/ServerAdmin.*$/ServerAdmin webmaster@localhost\\n ServerName ${le_domain}/" $sslconf
- fi
- sed -i s#/etc/ssl/certs/ssl-cert-snakeoil.pem#$SSLCertificateFile# $sslconf
- sed -i s#/etc/ssl/private/ssl-cert-snakeoil.key#$SSLCertificateKeyFile# $sslconf
- sed -i s#/etc/apache2/ssl.crt/server-ca.crt#$SSLCertificateChainFile# $sslconf
- sed -i s/#SSLCertificateChainFile/SSLCertificateChainFile/ $sslconf
- # apply changes
- a2ensite default-ssl.conf
+ echo "deb https://deb.debian.org/debian stretch-backports main" > $backports_list
+ fi
+ apt-get -y update
+ DEBIAN_FRONTEND=noninteractive apt-get -q -y -t stretch-backports install certbot python-certbot-apache
+ print_info "run certbot ..."
+ certbot --apache -w /var/www/html -d $le_domain -m $le_email --agree-tos --non-interactive --redirect --hsts --uir
service apache2 restart
}
@@ -572,7 +485,10 @@ function check_https {
function install_hubzilla {
print_info "installing hubzilla addons..."
cd /var/www/html/
- util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons
+ # if you install Hubzilla
+ util/add_addon_repo https://framagit.org/hubzilla/addons hzaddons
+ # if you install ZAP
+ #util/add_addon_repo https://framagit.org/zot/zap-addons.git zaddons
mkdir -p "store/[data]/smarty3"
chmod -R 777 store
touch .htconfig.php
@@ -582,7 +498,7 @@ function install_hubzilla {
chown root:www-data /var/www/html/
chown root:www-data /var/www/html/.htaccess
chmod 0644 /var/www/html/.htaccess
- # try to switch off email registration
+ print_info "try to switch off email registration..."
sed -i "s/verify_email.*1/verify_email'] = 0/" /var/www/html/view/*/ht*
if [ -n "`grep -r 'verify_email.*1' /var/www/html/view/`" ]
then
@@ -591,49 +507,9 @@ function install_hubzilla {
print_info "installed hubzilla"
}
-function rewrite_to_https {
- print_info "configuring apache to redirect http to httpS ..."
- htaccessfile=/var/www/html/.htaccess
- if grep -i "https" $htaccessfile
- then
- print_info "...configuring apache to redirect http to httpS was already done in $htaccessfile"
- else
- sed -i "s#QSA]#QSA]\\n RewriteCond %{SERVER_PORT} !^443$\\n RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]#" $htaccessfile
- fi
- service apache2 restart
-}
-
-# This will allways overwrite both config files
-# - internal disk
-# - external disk (LUKS + ext4)
-# of rsnapshot for hubzilla
-function install_rsnapshot {
- print_info "installing rsnapshot..."
- nocheck_install "rsnapshot"
- # internal disk
- cp -f /etc/rsnapshot.conf $snapshotconfig
- sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig
- sed -i "s/^backup/#backup/" $snapshotconfig
- echo "backup /var/lib/mysql/ localhost/" >> $snapshotconfig
- echo "backup /var/www/html/ localhost/" >> $snapshotconfig
- echo "backup /var/www/letsencrypt/ localhost/" >> $snapshotconfig
- # external disk
- if [ -n "$backup_device_name" ]
- then
- cp -f /etc/rsnapshot.conf $snapshotconfig_external_device
- sed -i "s#snapshot_root.*#snapshot_root $backup_mount_point#" $snapshotconfig_external_device
- sed -i "/alpha/s/6/30/" $snapshotconfig_external_device
- sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig_external_device
- sed -i "s/^backup/#backup/" $snapshotconfig_external_device
- if [ -z "`grep 'letsencrypt' $snapshotconfig_external_device`" ]
- then
- echo "backup /var/lib/mysql/ localhost/" >> $snapshotconfig_external_device
- echo "backup /var/www/html/ localhost/" >> $snapshotconfig_external_device
- echo "backup /var/www/letsencrypt/ localhost/" >> $snapshotconfig_external_device
- fi
- else
- print_info "No backup configuration (rsnapshot) for external device configured. Reason: backup_device_name and/or backup_device_pass not given in $configfile"
- fi
+function install_rsync {
+ print_info "installing rsync..."
+ nocheck_install "rsync"
}
function install_cryptosetup {
@@ -644,28 +520,28 @@ function install_cryptosetup {
function configure_cron_daily {
print_info "configuring cron..."
# every 10 min for poller.php
- if [ -z "`grep 'poller.php' /etc/crontab`" ]
+ if [ -z "`grep 'Master.php' /etc/crontab`" ]
then
echo "*/10 * * * * www-data cd /var/www/html; php Zotlabs/Daemon/Master.php Cron >> /dev/null 2>&1" >> /etc/crontab
fi
# Run external script daily at 05:30
# - stop apache and mysql-server
- # - backup hubzilla
+ # - renew the certificate of letsencrypt
+ # - backup db, files (/var/www/html), certificates if letsencrypt
# - update hubzilla core and addon
# - update and upgrade linux
- # - reboot
+ # - reboot is done by "shutdown -h now" because "reboot" hangs sometimes depending on the system
echo "#!/bin/sh" > /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "echo \" \"" >> /var/www/$hubzilladaily
echo "echo \"+++ \$(date) +++\"" >> /var/www/$hubzilladaily
echo "echo \" \"" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - renew certificate...\"" >> /var/www/$hubzilladaily
-echo "bash $le_dir/dehydrated --cron --config $le_dir/config.sh" >> /var/www/$hubzilladaily
+echo "certbot renew --noninteractive" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
-echo "# stop hubzilla" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - stoping apache and mysql...\"" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - stopping apache and mysql...\"" >> /var/www/$hubzilladaily
echo "service apache2 stop" >> /var/www/$hubzilladaily
-echo "/etc/init.d/mysql stop # to avoid inconsistancies" >> /var/www/$hubzilladaily
+echo "/etc/init.d/mysql stop # to avoid inconsistencies" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "# backup" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - try to mount external device for backup...\"" >> /var/www/$hubzilladaily
@@ -696,11 +572,13 @@ echo " if mount $backup_device_name $backup_mount_point" >> /var/www/$hub
echo " then" >> /var/www/$hubzilladaily
echo " device_mounted=1" >> /var/www/$hubzilladaily
echo " echo \"device $backup_device_name is now mounted. Starting backup...\"" >> /var/www/$hubzilladaily
-echo " rsnapshot -c $snapshotconfig_external_device alpha" >> /var/www/$hubzilladaily
-echo " echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily
-echo " df -h" >> /var/www/$hubzilladaily
-echo " echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
-echo " du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily
+echo " rsync -a --delete /var/lib/mysql/ /media/hubzilla_backup/mysql" >> /var/www/$hubzilladaily
+echo " rsync -a --delete /var/www/ /media/hubzilla_backup/www" >> /var/www/$hubzilladaily
+echo " rsync -a --delete /etc/letsencrypt/ /media/hubzilla_backup/letsencrypt" >> /var/www/$hubzilladaily
+echo " echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily
+echo " df -h" >> /var/www/$hubzilladaily
+echo " echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
+echo " du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily
echo " echo \"unmounting backup device...\"" >> /var/www/$hubzilladaily
echo " umount $backup_mount_point" >> /var/www/$hubzilladaily
echo " else" >> /var/www/$hubzilladaily
@@ -722,18 +600,16 @@ echo "echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
echo "du -h /var/lib/mysql/ | grep mysql/hubzilla" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "# update" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - updating dehydrated...\"" >> /var/www/$hubzilladaily
-echo "git -C /var/www/letsencrypt/ pull" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - updating core and addons...\"" >> /var/www/$hubzilladaily
echo "(cd /var/www/html/ ; util/udall)" >> /var/www/$hubzilladaily
echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily
echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily
echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating linux...\"" >> /var/www/$hubzilladaily
echo "apt-get -q -y update && apt-get -q -y dist-upgrade && apt-get -q -y autoremove # update linux and upgrade" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - Backup hubzilla and update linux finished. Rebooting...\"" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - Backup and update finished. Rebooting...\"" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
-echo "reboot" >> /var/www/$hubzilladaily
+echo "shutdown -r now" >> /var/www/$hubzilladaily
if [ -z "`grep 'hubzilla-daily.sh' /etc/crontab`" ]
then
@@ -745,38 +621,6 @@ echo "reboot" >> /var/www/$hubzilladaily
print_info "configured cron for updates/upgrades"
}
-function write_uninstall_script {
- print_info "writing uninstall script..."
-
- cat > /var/www/hubzilla-remove.sh <<END
-#!/bin/sh
-#
-# This script removes Hubzilla.
-# You might do this for a fresh start using the script.
-# The script will remove (almost everything) what was installed by the script,
-# all applications including hubzilla and its database.
-#
-# Backup the certificates of letsencrypt (you never know)
-cp -a /var/www/letsencrypt/ ~/backup_le_certificats
-#
-# Removal
-apt-get remove apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
-apt-get purge apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
-apt-get autoremove
-apt-get clean
-rm /etc/rsnapshot_hubzilla.conf
-rm /etc/rsnapshot_hubzilla_external_device.conf
-rm -R /etc/apache2/
-rm -R /var/lib/mysql/
-rm -R /var/www
-rm -R /etc/selfhost/
-# uncomment the next line if you want to remove the backups
-# rm -R /var/cache/rsnapshot
-nano /etc/crontab # remove entries there manually
-END
- chmod -x /var/www/hubzilla-remove.sh
-}
-
########################################################################
# START OF PROGRAM
########################################################################
@@ -792,11 +636,7 @@ selfhostdir=/etc/selfhost
selfhostscript=selfhost-updater.sh
hubzilladaily=hubzilla-daily.sh
plugins_update=.homeinstall/plugins_update.sh
-snapshotconfig=/etc/rsnapshot_hubzilla.conf
-snapshotconfig_external_device=/etc/rsnapshot_hubzilla_external_device.conf
backup_mount_point=/media/hubzilla_backup
-le_dir=/var/www/letsencrypt
-sslconf=/etc/apache2/sites-available/default-ssl.conf
#set -x # activate debugging from here
@@ -820,7 +660,6 @@ configure_cron_selfhost
if [ "$le_domain" != "localhost" ]
then
install_letsencrypt
- configure_apache_for_https
check_https
else
print_info "is localhost - skipped installation of letsencrypt and configuration of apache for https"
@@ -828,20 +667,12 @@ fi
install_hubzilla
-if [ "$le_domain" != "localhost" ]
-then
- rewrite_to_https
- install_rsnapshot
-else
- print_info "is localhost - skipped rewrite to https and installation of rsnapshot"
-fi
-
configure_cron_daily
if [ "$le_domain" != "localhost" ]
then
+ install_rsync
install_cryptosetup
- write_uninstall_script
else
print_info "is localhost - skipped installation of cryptosetup"
fi
diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php
index 6912322aa..7e25e08b2 100644
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -40,7 +40,7 @@ class Photo extends \Zotlabs\Web\Controller {
call_hooks('cache_mode_hook', $cache_mode);
$observer_xchan = get_observer_hash();
- $ismodified = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
+ $cachecontrol = '';
if(isset($type)) {
@@ -68,8 +68,6 @@ class Photo extends \Zotlabs\Web\Controller {
}
}
- $modified = filemtime($default);
- $default = z_root() . '/' . $default;
$uid = $person;
$data = '';
@@ -83,7 +81,7 @@ class Photo extends \Zotlabs\Web\Controller {
$modified = strtotime($r[0]['edited'] . "Z");
$mimetype = $r[0]['mimetype'];
if(intval($r[0]['os_storage']))
- $data = file_get_contents($data);
+ $data = file_get_contents(dbunescbin($r[0]['content']));
else
$data = dbunescbin($r[0]['content']);
}
@@ -97,13 +95,17 @@ class Photo extends \Zotlabs\Web\Controller {
$default = $d['default'];
$data = $d['data'];
$mimetype = $d['mimetype'];
+ $modified = time();
}
if(! $data) {
- $x = z_fetch_url($default,true,0,[ 'novalidate' => true ]);
+ $x = z_fetch_url(z_root() . '/' . $default, true, 0, [ 'novalidate' => true ]);
$data = ($x['success'] ? $x['body'] : EMPTY_STR);
$mimetype = 'image/png';
+ $modified = filemtime($default);
}
+
+ $cachecontrol = ', must-revalidate';
}
else {
@@ -216,38 +218,18 @@ class Photo extends \Zotlabs\Web\Controller {
http_status_exit(404,'not found');
}
+ if(! $data)
+ killme();
+
header_remove('Pragma');
- if($ismodified === gmdate("D, d M Y H:i:s", $modified) . " GMT") {
+ if($_SERVER['HTTP_IF_NONE_MATCH'] === md5($data) || $_SERVER['HTTP_IF_MODIFIED_SINCE'] === gmdate("D, d M Y H:i:s", $modified) . " GMT") {
header_remove('Expires');
header_remove('Cache-Control');
header_remove('Set-Cookie');
http_status_exit(304,'not modified');
- }
-
- if(! isset($data)) {
- if(isset($resolution)) {
- switch($resolution) {
- case 4:
- $default = get_default_profile_photo();
- break;
- case 5:
- $default = get_default_profile_photo(80);
- break;
- case 6:
- $default = get_default_profile_photo(48);
- break;
- default:
- killme();
- // NOTREACHED
- break;
- }
- $x = z_fetch_url(z_root() . '/' . $default,true,0,[ 'novalidate' => true ]);
- $data = ($x['success'] ? $x['body'] : EMPTY_STR);
- $mimetype = 'image/png';
- }
}
-
+
if(isset($res) && intval($res) && $res < 500) {
$ph = photo_factory($data, $mimetype);
if($ph->is_valid()) {
@@ -284,12 +266,13 @@ class Photo extends \Zotlabs\Web\Controller {
$maxage = $expires - time();
header("Expires: " . gmdate("D, d M Y H:i:s", $expires) . " GMT");
- header("Cache-Control: max-age=" . $maxage);
+ header("Cache-Control: max-age=" . $maxage . $cachecontrol);
}
header("Content-type: " . $mimetype);
header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified) . " GMT");
+ header("ETag: " . md5($data));
header("Content-Length: " . (isset($filesize) ? $filesize : strlen($data)));
// If it's a file resource, stream it.
diff --git a/util/storageconv b/util/storageconv
index 594ec14fb..9c49787d1 100755
--- a/util/storageconv
+++ b/util/storageconv
@@ -29,7 +29,7 @@ if($argc == 2) {
echo 'Current storage set to: ' . ($storage ? 'filesystem' : 'SQL database') . PHP_EOL;
switch($argv[1]) {
case 'stats':
- $x = q("SELECT COUNT(resource_id) AS qty FROM photo WHERE photo_usage = 0 and os_storage = 1");
+ $x = q("SELECT COUNT(resource_id) AS qty FROM photo WHERE photo_usage = 0 AND os_storage = 1 AND imgscale = 0");
echo 'Local images: ' . $x[0]['qty'] . PHP_EOL;
$x = q("SELECT COUNT(id) AS qty FROM photo WHERE resource_id IN (SELECT DISTINCT resource_id FROM photo WHERE photo_usage = 0 and os_storage = 1) AND imgscale > 0");
echo 'Thumbnails total: ' . $x[0]['qty'] . PHP_EOL;
@@ -45,26 +45,21 @@ if($argc == 2) {
break;
}
- $x = q("SELECT DISTINCT uid, resource_id FROM photo WHERE photo_usage = 0 and os_storage = 1");
+ $x = q("SELECT DISTINCT resource_id, content FROM photo WHERE photo_usage = 0 AND os_storage = 1 AND imgscale = 0");
if($x) {
foreach($x as $xx) {
- $r = q("SELECT channel_address FROM channel WHERE channel_id = %d",
- intval($xx['uid'])
- );
-
- $n = q("SELECT id, imgscale, content, os_path FROM photo WHERE resource_id = '%s' AND os_storage != %d AND imgscale > 0",
+ $n = q("SELECT id, imgscale, content FROM photo WHERE resource_id = '%s' AND os_storage != %d AND imgscale > 0",
dbesc($xx['resource_id']),
$storage
);
- echo count($n) . PHP_EOL;
foreach($n as $nn) {
echo '.';
- $filename = 'store/' . $r[0]['channel_address'] . '/' . $nn['os_path'] . '-' . $nn['imgscale'];
+ $filename = dbunescbin($xx['content']) . '-' . $nn['imgscale'];
if(! file_put_contents($filename, dbunescbin($nn['content']))) {
echo 'Failed to save file ' . $filename . PHP_EOL;
continue;
@@ -90,7 +85,7 @@ if($argc == 2) {
break;
}
- $x = q("SELECT DISTINCT resource_id FROM photo WHERE photo_usage = 0 and os_storage = 1");
+ $x = q("SELECT DISTINCT resource_id FROM photo WHERE photo_usage = 0 AND os_storage = 1 AND imgscale = 0");
if($x) {
foreach($x as $xx) {
@@ -134,4 +129,3 @@ if($argc == 2) {
echo PHP_EOL;
}
-