196 lines
7 KiB
Bash
Executable file
196 lines
7 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# DISABLE METRONOME
|
|
#=================================================
|
|
ynh_script_progression --message="Disabling Metronome..."
|
|
|
|
if systemctl list-unit-files metronome.service &>/dev/null
|
|
then
|
|
ynh_systemd_action --service_name="metronome" --action="stop"
|
|
systemctl disable metronome.service --quiet
|
|
fi
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
ynh_script_progression --message="Setting up source files..."
|
|
|
|
builddir="$(mktemp -d)"
|
|
ynh_setup_source --dest_dir="$builddir" --source_id=prosody
|
|
|
|
snikketdir="$(mktemp -d)"
|
|
ynh_setup_source --dest_dir="$snikketdir"
|
|
|
|
moddir="$(mktemp -d)"
|
|
ynh_setup_source --dest_dir="$moddir" --source_id=prosody-modules
|
|
|
|
portaldir="$(mktemp -d)"
|
|
ynh_setup_source --dest_dir="$portaldir" --source_id=snikket-portal
|
|
|
|
#=================================================
|
|
# SPECIFIC SETUP
|
|
#=================================================
|
|
# BUILD PROSODY
|
|
#=================================================
|
|
ynh_script_progression --message="Building Prosody..."
|
|
|
|
update-alternatives --set lua-interpreter /usr/bin/lua${luaversion}
|
|
|
|
pushd "$builddir"
|
|
./configure --sysconfdir="/etc/$app" --datadir="/var/lib/$app"
|
|
make
|
|
make install
|
|
# Install Prosody-Migrator
|
|
pushd "tools/migration"
|
|
make install
|
|
popd
|
|
popd
|
|
|
|
#=================================================
|
|
# ADD A CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Adding Prosody configuration..."
|
|
|
|
config_path=/etc/$app
|
|
ynh_app_setting_set --app=$app --key=config_path --value="$config_path"
|
|
mkdir -p "$config_path"
|
|
mkdir -p "$config_path"/{certs,conf.avail,conf.d}
|
|
mkdir -p "$config_path"/firewall
|
|
|
|
prosody_config="$snikketdir/ansible/files/prosody.cfg.lua"
|
|
ynh_replace_string --match_string="/snikket/prosody" --replace_string="/var/lib/snikket" --target_file="$prosody_config"
|
|
ynh_replace_string --match_string="/var/run/prosody/prosody.pid" --replace_string="/var/run/snikket/prosody.pid" --target_file="$prosody_config"
|
|
ynh_replace_string --match_string="/etc/prosody/" --replace_string="/etc/snikket/" --target_file="$prosody_config"
|
|
|
|
ynh_add_config --template="$snikketdir/ansible/files/prosody.cfg.lua" --destination="$config_path/prosody.cfg.lua"
|
|
ynh_add_config --template="$snikketdir/ansible/files/restricted_users.pfw" --destination="$config_path/restricted_users.pfw"
|
|
# Add Prosody-Migrator config
|
|
ynh_add_config --template="$snikketdir/ansible/files/migrator.cfg.lua" --destination="$config_path/migrator.cfg.lua"
|
|
|
|
chown root:root "$config_path"
|
|
chmod 755 "$config_path"
|
|
|
|
chown root:$app "$config_path/conf.d"
|
|
chmod 754 "$config_path/conf.d"
|
|
|
|
chown root:$app "$config_path/conf.avail"
|
|
chmod 754 "$config_path/conf.avail"
|
|
|
|
chown root:$app "$config_path/certs"
|
|
chmod 750 "$config_path/certs"
|
|
|
|
#=================================================
|
|
# SETUP MODULES
|
|
#=================================================
|
|
ynh_script_progression --message="Intalling modules..."
|
|
mkdir -p "/etc/$app/modules"
|
|
while read module
|
|
do
|
|
cp -r "$moddir/$module" "/etc/$app/modules/$module"
|
|
done < "../sources/prosody-modules.txt"
|
|
while read module
|
|
do
|
|
cp -r "$snikketdir/snikket-modules/$module" "/etc/$app/modules/$module"
|
|
done < "../sources/snikket-modules.txt"
|
|
|
|
#=================================================
|
|
# SETUP SNIKKET ADMIN PORTAL
|
|
#=================================================
|
|
ynh_script_progression --message="Installing admin portal..."
|
|
cp -r "${portaldir}/opt/snikket-web-portal/snikket_web/" "$install_dir/"
|
|
pushd "$install_dir/snikket_web"
|
|
python -m venv .venv
|
|
cp -r "$portaldir"/usr/lib/python3/dist-packages/* .venv/lib/python*/site-packages/
|
|
cp -r "$portaldir"/usr/local/lib/python3.11/dist-packages/* .venv/lib/python*/site-packages/
|
|
.venv/bin/pip3 install --force babel # TODO: This is not ideal
|
|
popd
|
|
|
|
# TODO: Install the create-invite script (with env setting)
|
|
#=================================================
|
|
# CLEAN TEMPORARY FILES
|
|
#=================================================
|
|
ynh_script_progression --message="Cleaning temporary files..."
|
|
ynh_secure_remove --file="$builddir"
|
|
ynh_secure_remove --file="$snikketdir"
|
|
ynh_secure_remove --file="$moddir"
|
|
ynh_secure_remove --file="$portaldir"
|
|
|
|
#=================================================
|
|
# SETUP SNIKKET CONFIG
|
|
#=================================================
|
|
ynh_script_progression --message="Updating Snikket configuration..."
|
|
|
|
# TODO: The TURN server should be set up as well
|
|
cat >/etc/snikket/environment <<EOF
|
|
SNIKKET_DOMAIN=${domain}
|
|
SNIKKET_ADMIN_EMAIL=${admin}
|
|
SNIKKET_TWEAK_TURNSERVER=0
|
|
ENV_SNIKKET_TWEAK_INTERNAL_HTTP_PORT=${port}
|
|
ENV_SNIKKET_PROXY65_PORT=${port_file}
|
|
|
|
SNIKKET_WEB_DOMAIN=${domain}
|
|
SNIKKET_WEB_PROSODY_ENDPOINT=http://localhost:$port_http
|
|
SNIKKET_WEB_SECRET_KEY=TODO
|
|
EOF
|
|
|
|
#=================================================
|
|
# SETUP CERTIFICATES
|
|
#=================================================
|
|
ynh_script_progression --message="Installing certificates..."
|
|
|
|
# Install certificates for Prosody to use (taken from the web certs)
|
|
install_certificates
|
|
|
|
#=================================================
|
|
# SYSTEM CONFIGURATIONS
|
|
#=================================================
|
|
ynh_script_progression --message="Adding system configurations..."
|
|
|
|
# Create a dedicated systemd config
|
|
ynh_add_systemd_config
|
|
yunohost service add "$app" --description="Chat that is simple, secure, and private" --log="/var/log/$app/$app.log"
|
|
ynh_add_systemd_config --service="$app-web" --template="web.service"
|
|
yunohost service add "$app-web" --description="Chat that is simple, secure, and private" --log="/var/log/$app-web/$app-web.log"
|
|
# Create a dedicated NGINX config using the conf/nginx.conf template
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# SETUP LOGROTATE
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring log rotation..."
|
|
|
|
mkdir -p "/var/log/$app"
|
|
chmod 750 "/var/log/$app"
|
|
chmod -R o-rwx "/var/log/$app"
|
|
chown -R $app:adm "/var/log/$app"
|
|
chown -R $app:$app "/var/lib/$app"
|
|
|
|
# Use logrotate to manage application logfile(s)
|
|
ynh_use_logrotate
|
|
|
|
#=================================================
|
|
# START SYSTEMD SERVICE
|
|
#=================================================
|
|
ynh_script_progression --message="Starting a systemd service..."
|
|
|
|
# Start a systemd service
|
|
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
|
|
ynh_systemd_action --service_name="$app-web" --action="start" --log_path="/var/log/$app/$app-web.log"
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression --message="Installation of $app completed"
|