From ea971e56822abaf49eef01e24fa63d8a8a2dbdd4 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 13 May 2018 19:36:56 +0100 Subject: [PATCH 01/18] Change permission on privatebin data directory Avoids server error --- src/freedombone-app-privatebin | 1 + 1 file changed, 1 insertion(+) diff --git a/src/freedombone-app-privatebin b/src/freedombone-app-privatebin index 651542d3..b7697554 100755 --- a/src/freedombone-app-privatebin +++ b/src/freedombone-app-privatebin @@ -55,6 +55,7 @@ function secure_privatebin { chown -R ${rootuser}:${htgroup} "${pbpath}/" chown -R www-data:www-data "${pbdata}" + chmod 755 "${pbdata}" } function logging_on_privatebin { From a14781337fa66025564a6ed5dd382771bf7e0091 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 13 May 2018 19:42:03 +0100 Subject: [PATCH 02/18] Ensure correct permissions on data directory during upgrades --- src/freedombone-app-privatebin | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/freedombone-app-privatebin b/src/freedombone-app-privatebin index b7697554..c579266b 100755 --- a/src/freedombone-app-privatebin +++ b/src/freedombone-app-privatebin @@ -154,15 +154,16 @@ function reconfigure_privatebin { } function upgrade_privatebin { + if grep -q "privatebin domain" "$COMPLETION_FILE"; then + PRIVATEBIN_DOMAIN_NAME=$(get_completion_param "privatebin domain") + fi + chmod 755 "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/data" + CURR_PRIVATEBIN_COMMIT=$(get_completion_param "privatebin commit") if [[ "$CURR_PRIVATEBIN_COMMIT" == "$PRIVATEBIN_COMMIT" ]]; then return fi - if grep -q "privatebin domain" "$COMPLETION_FILE"; then - PRIVATEBIN_DOMAIN_NAME=$(get_completion_param "privatebin domain") - fi - # update to the next commit function_check set_repo_commit set_repo_commit "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs" "privatebin commit" "$PRIVATEBIN_COMMIT" "$PRIVATEBIN_REPO" From a9ff261133879d1bc758258209b3f048f2527edc Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 13 May 2018 21:38:56 +0100 Subject: [PATCH 03/18] inadyn doesn't need openssl library --- src/freedombone-image-customise | 4 ++-- src/freedombone-utils-web | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/freedombone-image-customise b/src/freedombone-image-customise index dc9e1a5a..1adaa05e 100755 --- a/src/freedombone-image-customise +++ b/src/freedombone-image-customise @@ -1657,7 +1657,7 @@ image_install_inadyn() { mkdir -p "$rootdir/root/build" fi chroot "$rootdir" apt-get -yq install build-essential curl libgnutls28-dev automake1.11 libconfuse-dev - chroot "$rootdir" apt-get -yq install gnutls-dev libconfuse-dev pkg-config libssl-dev + chroot "$rootdir" apt-get -yq install gnutls-dev libconfuse-dev pkg-config if [ -d /repos/inadyn ]; then mkdir "$rootdir/root/build/inadyn" @@ -1679,7 +1679,7 @@ image_install_inadyn() { { echo '#!/bin/bash'; echo 'cd ~/build/inadyn'; echo './autogen.sh'; - echo './configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-openssl'; + echo './configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var'; echo 'make -j5'; echo 'make install-strip'; } > "$rootdir/root/build/build_inadyn.sh" chmod +x "$rootdir/root/build/build_inadyn.sh" diff --git a/src/freedombone-utils-web b/src/freedombone-utils-web index 66edd235..c4625832 100755 --- a/src/freedombone-utils-web +++ b/src/freedombone-utils-web @@ -525,7 +525,7 @@ function install_dynamicdns { # https version 1.99.8 apt-get -yq install build-essential curl libgnutls28-dev automake1.11 - apt-get -yq install gnutls-dev libconfuse-dev pkg-config libssl-dev + apt-get -yq install gnutls-dev libconfuse-dev pkg-config if [ ! -d "$INSTALL_DIR/inadyn" ]; then if [ -d /repos/inadyn ]; then @@ -548,7 +548,7 @@ function install_dynamicdns { ./autogen.sh - if ! ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-openssl; then + if ! ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var; then exit 74890 fi if ! make -j5; then From 9d7e1c526302d896ca3171c0af8f7c35ac9687e1 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 13 May 2018 21:41:23 +0100 Subject: [PATCH 04/18] Tidying --- src/freedombone-utils-web | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/src/freedombone-utils-web b/src/freedombone-utils-web index c4625832..76080651 100755 --- a/src/freedombone-utils-web +++ b/src/freedombone-utils-web @@ -449,18 +449,6 @@ function upgrade_inadyn_config { read_config_param DEFAULT_DOMAIN_NAME grep "alias " "${INADYN_CONFIG_FILE}" | sed 's| alias ||g' > ~/.inadyn_existing_sites - DDNS_HOSTNAMES= - while read -r host; do - if [ "$DDNS_HOSTNAMES" ]; then - DDNS_HOSTNAMES="$DDNS_HOSTNAMES, $host" - else - DDNS_HOSTNAMES="$host" - fi - done <~/.inadyn_existing_sites - - if [ ! "$DDNS_HOSTNAMES" ]; then - return - fi if [[ "$DDNS_PROVIDER" == "default@freedns.afraid.org" ]]; then DDNS_PROVIDER='freedns' From 32403cbd1c0dc1debd745353800bc64f039a3970 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 13 May 2018 21:42:53 +0100 Subject: [PATCH 05/18] Tidying --- src/freedombone-utils-dns | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/freedombone-utils-dns b/src/freedombone-utils-dns index 33260b86..1c466a19 100755 --- a/src/freedombone-utils-dns +++ b/src/freedombone-utils-dns @@ -230,8 +230,7 @@ function add_ddns_domain { fi if ! grep -q "$CURRENT_DDNS_DOMAIN" "${INADYN_CONFIG_FILE}"; then - DDNS_HOSTNAMES=$(grep 'hostname ' "${INADYN_CONFIG_FILE}"| awk -F '{' '{print $2}' | sed 's| }||g') - sed -i "s|hostname .*|hostname = {${DDNS_HOSTNAMES}, ${CURRENT_DDNS_DOMAIN} }|g" "${INADYN_CONFIG_FILE}" + sed -i "s|hostname .*|hostname = $DEFAULT_DOMAIN_NAME" fi chmod 600 "${INADYN_CONFIG_FILE}" From e75e9333fe1fe655aeae5fcdd227cc0703a3e828 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 13 May 2018 21:44:41 +0100 Subject: [PATCH 06/18] Tidying --- src/freedombone-utils-dns | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/freedombone-utils-dns b/src/freedombone-utils-dns index 1c466a19..abe11317 100755 --- a/src/freedombone-utils-dns +++ b/src/freedombone-utils-dns @@ -229,9 +229,7 @@ function add_ddns_domain { echo '}'; } > "${INADYN_CONFIG_FILE}" fi - if ! grep -q "$CURRENT_DDNS_DOMAIN" "${INADYN_CONFIG_FILE}"; then - sed -i "s|hostname .*|hostname = $DEFAULT_DOMAIN_NAME" - fi + sed -i "s|hostname .*|hostname = $DEFAULT_DOMAIN_NAME" chmod 600 "${INADYN_CONFIG_FILE}" systemctl daemon-reload From e1574b49c11ef7df5a0602ace29f7538ed9b21e2 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 14 May 2018 19:42:30 +0100 Subject: [PATCH 07/18] Option to install extra packages --- man/freedombone-template.1.gz | Bin 1377 -> 1428 bytes src/freedombone-template | 10 ++++++++++ 2 files changed, 10 insertions(+) diff --git a/man/freedombone-template.1.gz b/man/freedombone-template.1.gz index 7fb4025c645a7caac26fed350c0d7f4fc8a6e938..511a41b7c31736ee157dec496527c306110bab46 100644 GIT binary patch literal 1428 zcmV;F1#9{riwFRB*!fxj1Kn8LZrer>eb-kE^pclIveOhOf+DEwII)4+5hNRJ;RME# zJEXQIcbVO#RTla9&g_zuToBZ7VqSJ`XU<%t@#QIG7EziqF&al6%c>9_;Sh$0 z&*5A&@a*95mmv)4_x1W9TsgE)939ZLD29WtIb;} zu-rNz;kp!737LGXjPtog_o4VmXL2KxAfd>8rJWZ=0d#|@H@4w7D@^vP9<{zXxR#hG zp`m>M?5%s>!TRcCaXdepU7o$Y7!EF%%7JSfp$fGlSpg0`n5<2YgVj={OOVL-2?7eb zV<=Y2(*q^Nf(xJ5SisEY^Zy6!UxY9Xzc8AkN z3W5LmC2Gi2QP2@n`_`&%$c&|T7Fwu8Fe%X!1>ATLRuwtc8Ji^UW7~6FU5v6A>|Db%65WNDVbdSh;iL^t&L&x z{Jf2!70IkA?+JBih58i)dv(pVJhr#iwEUDO>CqKyivC-a|0%k&E5y{_HB*hZx9)hNL zEtw+Agn#DmR~a>jE)x)(=}VrjO~qHD7{gf>N=q6p!M>il$e3|d?ZllO7DCmtFuNDY z5nDrVX_F7@Vr1;KAd3@-Cm=s>bXrgpfyzK-d;CDpyfEPNloalMC z!O-Z)wyFm``9w!-b0>dJ&u71%P;(m`cRjW3Zf#{S=T!=`(-~AnP3u9k_)tvFdE~u1 z0v=%-vm-TiRUo^M{}4sHdByDz=;t%0{wP%Tuxvt!58>UrAi48rV?Yj5vvPu)ed1g( zl6d!s=tJAZUZL&HgBAlC)w}_;3jn;_EADJM*+hWC9+eIK&yfxWuLIr}w3qzt)|hU? z%^6LE!*7J=mxB`4tb3^JPa&^I6ZGk%hhn`7v7)bl>5Tf4(Q8a+{hs#211e#?RJLI4 zll{Ix^7_V2xC8NNSoCU59XPC133}?lac;Gav>RaP8?hDfU<*t9;j^Ef|EOu$#nMM; zy$1f?hZ2tSD&=+?Ux=46LaxFmov`L#a75KLrlHX*~?MFO@6`RhZKjw~B!5EwOl@YuP&`R0%(t20P7B3EUsB#teXRlzL6A&d?W z;es{r?%?p}5sc{j<8TnJ4eB?B4#=7nqbQmz&tP;pyEq+1JN4a;;S);KbZtQ58cd=^ zWuZG@AXOSzRhg(&w*2$*YQ8*QKA~_tro(U}S&4ta7~uv>CJMULaHFwOP-}OWz)hmc zQdqhkS4vwFsmmC3cQ2$xEm^VoTq;fq8#G^}>h8U@iY50f!`A3nNulKC!78sdZ#lzq z>i~zFl4-$s{H0RHW*W`s;tQS06py`xAoqndmK6oi4JKCU#=Ti%yhn8h+R5qicyT^o zonKv!qE#*on8pxhP#c1nfk6u@ZNWFN&P9>~M|U41Afr1M=vr91fYjy5GRc|d;veLY z)-tg!W`}^8z$(XHSHdKa4k3jVE2*i51j7guQH8w-g>M+XMg>{aGh$cM|SF^y&Ya=320*2b`Te$mFzilkbVkAyn3e04Gc zazJ5b?nASnmf&D>PkpYH=gdG8rzgpo%FDc?{y2>=; zJz8_rgnSto-o7(FbVuZ-5{Yj_x|Xm;yf3;G#MH*?>aI}q{%c+B>kTMea15@ON5C~D zt0xAv4@%>fnnieMyclPeg=m6wP`vGgL%{Bc=m{@mU^&tAVS}N;k!@8^dh(Ty(B@A6 zm|e_&JEi6p9d|vo?QU&lIL?a%=4W%LikgOhv;164FWf*oIRZDJ$P~3ZpsyFq?6I%h zQQ7zs9>MLcm)!aF1)0q1o zrviRDI5_xkDVV)*dbPQ5yN)FE*#m{n;sSjhXgl&B_-Os50ynP~@g0+HKjI;*&~%;! zQih3Fy{m=}EtLn*Z}YxzQkHy&9^HR1cYilNo4<5~?d-ezWnGvQ?Xx)fmFnpF6RlGV z^dye!jP?Xe8yn=-R_6V5nh|z&JfX}@sS)Jc8mGdT8vB2T%&u2wSBp_}q++;GmbU&9 jeu-85>xRfgqWus}VjcaC@%!G)qZ84;cF6GV^$`F7HsGrf diff --git a/src/freedombone-template b/src/freedombone-template index 1f023834..d3673196 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -47,6 +47,7 @@ your_name='' your_email='' SHOW_ON_ABOUT=1 database_type='' +debian_packages= function show_help { echo '' @@ -67,6 +68,7 @@ function show_help { echo $' --nodeapp [package] Specify a nodejs package to install' echo $' -o --onion [yes|no] Is this app only available on an onion address?' echo $' -p --php [yes|no] Is this a PHP app?' + echo $' --packages [list of deb package names] Debian packages to be installed' echo $' -s --daemon [yes|no] Add a daemon' echo $' -d --database [mariadb|postgresql|mongodb] Type of database' echo $' -w --web [yes|no] Whether there is a web user interface (default is yes)' @@ -152,6 +154,10 @@ do shift app_dir="$1" ;; + --packages|--package) + shift + debian_packages="$1" + ;; *) # unknown option ;; @@ -713,6 +719,10 @@ fi echo '}' echo '' echo "function install_${app_name} {" +if [ "$debian_packages" ]; then + echo " apt-get -qy install ${debian_packages}" + echo '' +fi if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then echo ' install_mariadb' echo '' From 40f6ed2c2615a4d712cf0e62aeb2dc7300345124 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 14 May 2018 19:45:13 +0100 Subject: [PATCH 08/18] Extra packages example --- doc/EN/devguide.org | 3 +- website/EN/devguide.html | 214 +++++++++++++++++++++++++++------------ 2 files changed, 151 insertions(+), 66 deletions(-) diff --git a/doc/EN/devguide.org b/doc/EN/devguide.org index b78e3f1d..3b95ffda 100644 --- a/doc/EN/devguide.org +++ b/doc/EN/devguide.org @@ -18,10 +18,11 @@ Suppose you have some internet application which you want to add to the system. There's a command which you can use to generate scripts for new apps. Some examples are as follows: -To create a script for a generic PHP plus MySql/MariaDB web app: +To create a script for a generic PHP plus MySql/MariaDB web app with a couple of extra packages: #+begin_src bash freedombone-template --app [name] -e [email] -r [repo url] \ + --packages "cowsay libssl-dev" \ -c [commit] --php yes -d mariadb > \ src/freedombone-app-myappname #+end_src diff --git a/website/EN/devguide.html b/website/EN/devguide.html index bcd440ff..37a8d262 100644 --- a/website/EN/devguide.html +++ b/website/EN/devguide.html @@ -3,26 +3,33 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + + + - + @@ -97,7 +189,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2013 Free Software Foundation, Inc. +Copyright (C) 2012-2017 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -144,28 +236,27 @@ for the JavaScript code in this tag.
-

logo.png

-
-

Developers Guide

+
+

Developers Guide

-
-

Introduction

-
+
+

Introduction

+

Freedombone consists of a set of bash scripts. There are a lot of them, but they're not very complicated. If you're familiar with the GNU/Linux commandline and can hack a bash script then you can probably add a new app or fix a bug in the system. There are no trendy development frameworks to learn or to get in your way. You might also want to consult the Code of Conduct, and there is a Matrix room at #fbone:matrix.freedombone.net

-
-

Adding extra apps

-
+
+

Adding extra apps

+

Suppose you have some internet application which you want to add to the system. To do this you need to create an app script which tells the system how to install/remove and also backup/restore. The script should be designed to work with the current stable version of Debian.

@@ -175,13 +266,13 @@ There's a command which you can use to generate scripts for new apps. Some examp

-To create a script for a generic PHP plus MySql/MariaDB web app: +To create a script for a generic PHP plus MySql/MariaDB web app with a couple of extra packages:

- -
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --php yes -d mariadb > \
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     --packages "cowsay libssl-dev" \
+                     -c [commit] --php yes -d mariadb > \
                      src/freedombone-app-myappname
@@ -191,10 +282,9 @@ For a Nodejs app with MySql/MariaDB database:

- -
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --node yes -d mariadb \
-                     --dir /etc/myappname --daemon yes > \
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --node yes -d mariadb \
+                     --dir /etc/myappname --daemon yes > \
                      src/freedombone-app-myappname
@@ -204,10 +294,9 @@ For a Python app with Postgresql database:

- -
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] -d postgresql \
-                     --dir /etc/myappname --daemon yes > \
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] -d postgresql \
+                     --dir /etc/myappname --daemon yes > \
                      src/freedombone-app-myappname
@@ -217,10 +306,9 @@ For a Python app without any database, communicating between the daemon and the

- -
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --dir /etc/myappname \
-                     --daemon yes --portinternal 1234 > \
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --dir /etc/myappname \
+                     --daemon yes --portinternal 1234 > \
                      src/freedombone-app-myappname
@@ -230,10 +318,9 @@ For an app without any database which communicates directly on a particular port

- -
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --dir /etc/myappname \
-                     --daemon yes --port 5000 > \
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --dir /etc/myappname \
+                     --daemon yes --port 5000 > \
                      src/freedombone-app-myappname
@@ -243,10 +330,9 @@ A generic PHP plus MySql/MariaDB web app which is only available on an onion add

- -
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --php yes -d mariadb \
-                     --onion yes > \
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --php yes -d mariadb \
+                     --onion yes > \
                      src/freedombone-app-myappname
@@ -256,7 +342,6 @@ For more details see the manpage:

- 
man freedombone-template
@@ -270,7 +355,6 @@ When your new script is ready for testing you can install it with:

- 
make install
@@ -285,9 +369,9 @@ Submit your working app to -

Customising mesh images

-
+
+

Customising mesh images

+

If you want to make your own specially branded version of the mesh images, such as for a particular event, then to change the default desktop backgrounds edit the images within img/backgrounds and to change the available avatars and desktop icons edit the images within img/avatars. Re-create disk images using the instructions shown previously.

From 855816f05b6cbd66072c5d904640d75005c96aa0 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 14 May 2018 19:52:04 +0100 Subject: [PATCH 09/18] Template option to install snap packages --- man/freedombone-template.1.gz | Bin 1428 -> 1437 bytes src/freedombone-template | 15 +++++++++++++++ 2 files changed, 15 insertions(+) diff --git a/man/freedombone-template.1.gz b/man/freedombone-template.1.gz index 511a41b7c31736ee157dec496527c306110bab46..6413e39b1d730741c67dad3e8a2b49babf5f761a 100644 GIT binary patch delta 1390 zcmV-!1(Euc3!MvpABzY82io~s00Z4vZExE)5dQ98aqyRZsqLiefT0+QIceGiSW?4I zunp-DP~u7EB9SUd#nsRszdKTr?bLA!^aaHXCzdGQ+jGwy&mLc%LS_-ADHEe{F$HIN~E_U$JXe`Xl3-~ z#%ft@-b#Ug<<Eh>7gl2 zOxEVk!D^|}B}nA^1OWxzF-|Mx=>jrNvlm(lE7iY$C?TtL>KU?NbqtqF>~*E&G3iiR zc}2lDkhgS^WL)VSJiEiWB!$3#eu)|~RTQ+v)V{T<8!}_*nS~Zd5ll+-#1A(f#JHqE zr=NI8Ei#(~(5Gxh-i&g?F+2?>8dH;6O2r-81`2hH#K`nMwS?T(jnDW!BP;?roaCt$;727Mh>(a3zO&M`i;?Bn|*Dy3y`)OpjX{XWZ4c8TJ1%+uKiMMSQAp- z5TR@*IF*vg#Y>Fqwrgz+oBQW&46R6JO?gj$s6#6hw;&+bC`{dL>^0O;7&cxFxi*0_ zYnrg0bSZR>H4xA2kiTSo#R9*TCQV#=>!ag=9ROhIYVT=Yo8QUrOj$Iqs@bkgJ!I!0A`q>9#$OVs4n$Q<_6uLbx3}b zlWsraF|62h9tBdz6R&z!tvj?f0l@G@Arwv~((llt`=1Q>bK_To&ppC+_TBxm941Bk zC{AHoJGy#9liC~uiIX~~Il)fTFbGTUEB9hD$qBnU8B^va)CiW_8YjxR8v7q=rdOAz wZ|B3okxAg(c$(Hq_%$)fZyO?GjsE3eoY=u1n7ruC+}knu4_yMf4UZB40G5rcy#N3J delta 1381 zcmV-r1)BPu3zQ3gABzY8ci8z_00Z4v+iu%N5PjEI4D^zhNV3xuD1suW>^QN3+7Toh zZQ%sQk~^ffCU=?LrBxRB_|EK-l;p^AfLsvNaAIC|ZfDM1r19k`WEN4HGBFxQ9?Pl_ z9^nv%htJ_$H1O=;@RuPB>G$>eAY3`LPaGZ4wJ3&z!FX|h3d4)(`N?pwQ{TH0yg`kY zt{rGxflIBbJah*fWX6K1DmQ4AE&jTAJ6oJB9#A+M(P6mOqQv(wLb%3KsDdsnTwAOR z)Rym3xK2%3Do@v=%2-b#b(x^;?v?gvwJ0{9Ya>ZvgYKg?-F>iDiS$JR_oL=D#7Z17%rFC>q^Nf(xJ5SisEY^Zy6!U zxY9Xzc8AkN3W5LmC2Gi2QP2@n`_`&%$c&|T7Fwu8Fe%X!1>ATLAR5_`CMsN4%ub2RT_xrv-!#}I52x%F1G<0xc_26wn6 z6CXt}a-cm}m^>%fZ;akL>}#uCfV4dTz3N^f%XWy+(_Vy2*Du9}H6i5<5z2OgQz@BT z{D^VgcCC$J^ZdMxp%uxjDenn&XodO}1mqfjg{ixZ?Sz^J!^TfTu1(;~nkK9#T?(D! zO(mRL87n&-$Ki1Vv3nO=6y#(|2fup%Q=>DL*B00Q=Y6-k#is3UI?|2+U>%@5Y2#j~ zBxiUVTE{G zbSX%vch=QSVd(v*y4u$pP;hVpt`KAd3=+P14Do7L9_T!OwM`a zy*dIOVH>j}HFZ@WyN~}6MZ0;$?GWhaGp7D1RQ9lJLWvLI-Mb*U^Jil~4pXyof}4Hf zTrrY(_lW32+r?g??ahN00~*!50kjJMyxc49Y&zLQfWjV?4gJrN4hF9S-WRl&{O#75 zZo|zPO@za5gy)xo64rmLd#LPBA+JXh^y#FBV!aBnqOXAIjQWz%YfNYTp7z57Dq+1; zwqWg({k}l*`o>MT1Mz8C^lD8VIIL6&dg{P&ZnciI8(`=gu@&)P3rqarv!9;-sA<^6 z(nn~$2L9fM5{~mLB;(;Uv&=+?Ux=46LaxFmov`L#a75KLrlHX*~?MFO@6`RhZ zK Date: Mon, 14 May 2018 22:11:31 +0100 Subject: [PATCH 10/18] Specify internal port within template command --- man/freedombone-template.1.gz | Bin 1437 -> 1451 bytes src/freedombone-template | 126 ++++++++++++++++++++-------------- 2 files changed, 73 insertions(+), 53 deletions(-) diff --git a/man/freedombone-template.1.gz b/man/freedombone-template.1.gz index 6413e39b1d730741c67dad3e8a2b49babf5f761a..59219066d36b3ac5f535c10d4d8847c62d1a2765 100644 GIT binary patch literal 1451 zcmV;c1yuSUiwFRy`uSP_1Kn6{Z`(Ey{_bCK@Rxq6?Ii7hp%{ueY1#x>62nfg4e1b2 z;z{Nrkt#{W)6gHkJ5rMEG;xZx9f}!FB$2$g=U(OUst_JwABOuc z;Y>7eu($u?5Qg-9yFLh44(&5X2Xrlp;b1UcoWSsWdUiYM zRUWzn4l-jwRFxaF%oe|&U(6P#i$@raMsygiwJ7lq7$IC^DO5qX7OpK;25QSsDO{(f zES0DGQDv+rlDbULcF#(Cv|1FK>)J?S*r5BUP4^t6RU*9=IkrMaMk}K?4_3=+^HB;c zw+=|SE`?P>CLb%~d~VTwC_d7e+{h$QC{kZ(=S5KfJz(mMZFpye$xhazRyPON5)&mf zv+6q(o0~B~B(-fuP4Wza6rX<5y6QXx@;aSmW(YTNA z%jx_Lec|oZ`4J;ak$&7E)n><15Ync^9^bNMtE? z?r@7HE=4j@pgmZaJSWv}jNUrzYpY#=v^@Yl>z*RZ9w4FBo`mz=FU5v5A>|DPl9m;%94`JdD4T#9~tefDPSfv z7BTqSj3irPxCf)jUQ41#GU1>3`&mZCq4NX;W%`t-dsFe9D8_J_h18OUQ?Spc&N7ZT z%65vK2PA~7XJS?_21hIny`;@}SSKT6S68_evPWx%mXI%FgtvPxn9hORR4NUH$krNG zh_^-Of`n>nUELIh_CMv-Zf`)r#tFDu9D=mutUfTPe2^Qr*v#Xi3uIDw5v_^Tk@2CTH9y-y8z>y^Y?Hnz|~G)yKamM7uu5#hFT2sXiBUpl-Dt7F1 zts?Ej80t(cUEBzRxAzZTy!>9>@K97gkp^qv@4fl3onOHjkGr9LAz1r@bcioE)JE9{ zJUw`o)`hSUdcU-$&X>V68J%2F$Ne9>0)E)r+xs#XOh3Dk24C>lr3rm;N2ZH}TPo)Q z#8+CH#3{kQRa5;YopCqf(X3c>o&-|I4p|*k>k6$+05H5*gv7~2`XAKj{-+1NZv6W2 zxh?NsG(0wwtbG!vFx?$qy`#x)jv{@V(y(7`~zrnX5!Zp F007e;#4rE= literal 1437 zcmV;O1!DRiiwFP*+WA@l1Kn6{Z`(Ey{_bCK@Rxq6?WF5~p%{ueY1#x>Qo~NL4e1b2 z;z{Nrkt#{W)zBZmJ5rME)Nu;*1;q>}mMGrabI%>m9$%h9W)Y<+6QgnDv8)Q=5e{K^ z_#Dnf1J4c)e;LA%-mlji;mV*Tvh};%xDN!qJE}!?hMA{tY99Yb=E-=+eTq#mYc!`7VX) z)Rd+2bUmt!^(0c43EJ*nX^&QmVsl*^NeUZuAGPW3gSASew<5>Z=*Vbg^ybEDS#91* zf#uc)3D>2tO3376Wt`6~y7$FL+LIfZ1PMj%EA6}}3ZNTIy|E2HSz)qQ^{DmD!L`Ih z2@UN6u(ytPI4vrA%pdn2c9_39Ssc&LW|wDgFNTB5rE=gJN03A9NU;Ei9!%Ee&cSM_ z(j`db`vd_6-7!up<>>-4PO}$U3MKU?NbqtqF>~*E&G3iiRc}2lDkhgS^ zWL)VSJiEiWB!$3#eu)|~RTQ+v)V{T<8!}_*nS~Zd5ll+-#1A(f#JHqEr=NI8Ei#(~ z(5Gxh-i&g?F+2?>8dH;6O2r-81`2hH8}ZX)5=F$CMhe7zOzI0{+f$Q^FU z#HA=k4zwE!ljr36jnP}1eQmW1khUA3SKUiw*$xp}?M1k*{ZedL6H?v~p=>8Om6FND zON{HbYi$gh`{!*8tw?4~c~7WAD-^dNAlE2N-EHhO)KM5VUJbc6fir8Gu%2`&bdEQb zaBgL+>~tK5bXrgpfyzK-d;CDpy zfEPNloalMC!O-Z)wyFm``9w!-b0>dJ&u71%P;(m`cRjW3Zf#{S=T!=`(-~AnO|wI@ zcwbD;`8<4e1bn`2oE@pDs{+}5{6G}#&MR(*K(Egj2}Yr^hh-B=d=WmTk;J=4L?0SG_6lu}B{VhAInLujI~~Bwz2eTMlT8FD>`~d!e~xr8cpdP* zprPd-x5jiEZq8^T9DXA_zZ{e>gWW@Ae+qeanxIc7JrwIXi4}bXOlQ=Wj9z0p>xZ}> z9#9GEiL(W3pX~PqlE*i0!X1cD!=P7d>cC;7O3+gWj^|eENILIqs@bkgJ!I!0A`q>9#$OVs4n$Q<_6uLbx3}blWsra zF|62h9tBdz6R&z!tvj?f0l@G@Arwv~((llt`=1Q>bK_To&ppC+_TBxm941BkC{AHo zJGy#9liC~uiIX~~Il`odj}ia?P2 Date: Mon, 14 May 2018 22:31:44 +0100 Subject: [PATCH 11/18] Another attempt at rocketchat using snap --- src/freedombone-app-rocketchat | 357 +++++++++++++++++++++++++++++++++ 1 file changed, 357 insertions(+) create mode 100755 src/freedombone-app-rocketchat diff --git a/src/freedombone-app-rocketchat b/src/freedombone-app-rocketchat new file mode 100755 index 00000000..b4877336 --- /dev/null +++ b/src/freedombone-app-rocketchat @@ -0,0 +1,357 @@ +#!/bin/bash +# +# _____ _ _ +# | __|___ ___ ___ _| |___ _____| |_ ___ ___ ___ +# | __| _| -_| -_| . | . | | . | . | | -_| +# |__| |_| |___|___|___|___|_|_|_|___|___|_|_|___| +# +# Freedom in the Cloud +# +# License +# ======= +# +# Copyright (C) 2018 Bob Mottram +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +VARIANTS='full full-vim' + +IN_DEFAULT_INSTALL=0 +SHOW_ON_ABOUT=1 + +ROCKETCHAT_DOMAIN_NAME= +ROCKETCHAT_CODE= +ROCKETCHAT_ONION_PORT=9722 +ROCKETCHAT_PORT_INTERNAL=1233 + +rocketchat_variables=(ONION_ONLY + ROCKETCHAT_DOMAIN_NAME + ROCKETCHAT_CODE + DDNS_PROVIDER + MY_USERNAME) + +function logging_on_rocketchat { + echo -n '' +} + +function logging_off_rocketchat { + echo -n '' +} + +function remove_user_rocketchat { + remove_username="$1" + + "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp rocketchat +} + +function add_user_rocketchat { + new_username="$1" + new_user_password="$2" + + "${PROJECT_NAME}-pass" -u "$new_username" -a rocketchat -p "$new_user_password" + echo '0' +} + +function install_interactive_rocketchat { + if [ ! "$ONION_ONLY" ]; then + ONION_ONLY='no' + fi + + if [[ "$ONION_ONLY" != "no" ]]; then + ROCKETCHAT_DOMAIN_NAME='rocketchat.local' + write_config_param "ROCKETCHAT_DOMAIN_NAME" "$ROCKETCHAT_DOMAIN_NAME" + else + interactive_site_details "rocketchat" "ROCKETCHAT_DOMAIN_NAME" "ROCKETCHAT_CODE" + fi + APP_INSTALLED=1 +} + +function change_password_rocketchat { + curr_username="$1" + new_user_password="$2" + + read_config_param 'ROCKETCHAT_DOMAIN_NAME' + + "${PROJECT_NAME}-pass" -u "$curr_username" -a rocketchat -p "$new_user_password" +} + +function reconfigure_rocketchat { + # This is used if you need to switch identity. Dump old keys and generate new ones + echo -n '' +} + +function configure_interactive_rocketchat { + W=(1 $"Option 1" + 2 $"Option 2") + + while true + do + # shellcheck disable=SC2068 + selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"rocketchat" --menu $"Choose an operation, or ESC for main menu:" 14 70 3 "${W[@]}" 3>&2 2>&1 1>&3) + + if [ ! "$selection" ]; then + break + fi + case $selection in + 1) # call some function for option 1 + ;; + 2) # call some function for option 2 + ;; + esac + done +} + +function upgrade_rocketchat { + echo -n '' +} + +function backup_local_rocketchat { + ROCKETCHAT_DOMAIN_NAME='rocketchat' + if grep -q "rocketchat domain" "$COMPLETION_FILE"; then + ROCKETCHAT_DOMAIN_NAME=$(get_completion_param "rocketchat domain") + fi + + source_directory=/var/snap/rocketchat-server + + suspend_site "${ROCKETCHAT_DOMAIN_NAME}" + + systemctl stop rocketchat + + dest_directory=rocketchat + backup_directory_to_usb "$source_directory" $dest_directory + + restart_site + systemctl start rocketchat +} + +function restore_local_rocketchat { + if ! grep -q "rocketchat domain" "$COMPLETION_FILE"; then + return + fi + ROCKETCHAT_DOMAIN_NAME=$(get_completion_param "rocketchat domain") + if [ ! "$ROCKETCHAT_DOMAIN_NAME" ]; then + return + fi + suspend_site "${ROCKETCHAT_DOMAIN_NAME}" + systemctl stop rocketchat + + temp_restore_dir=/root/temprocketchat + rocketchat_dir=/var/snap/rocketchat-server + + restore_directory_from_usb $temp_restore_dir rocketchat + if [ -d $temp_restore_dir ]; then + if [ -d "$temp_restore_dir$rocketchat_dir" ]; then + cp -rp "$temp_restore_dir$rocketchat_dir"/* "$rocketchat_dir"/ + else + if [ ! -d "$rocketchat_dir" ]; then + mkdir "$rocketchat_dir" + fi + cp -rp "$temp_restore_dir"/* "$rocketchat_dir"/ + fi + rm -rf $temp_restore_dir + fi + systemctl start rocketchat + + restart_site +} + +function backup_remote_rocketchat { + ROCKETCHAT_DOMAIN_NAME='rocketchat' + if grep -q "rocketchat domain" "$COMPLETION_FILE"; then + ROCKETCHAT_DOMAIN_NAME=$(get_completion_param "rocketchat domain") + fi + + source_directory=/var/snap/rocketchat-server + + suspend_site "${ROCKETCHAT_DOMAIN_NAME}" + systemctl stop rocketchat + + dest_directory=rocketchat + backup_directory_to_friend "$source_directory" $dest_directory + + systemctl start rocketchat + + restart_site +} + +function restore_remote_rocketchat { + if ! grep -q "rocketchat domain" "$COMPLETION_FILE"; then + return + fi + ROCKETCHAT_DOMAIN_NAME=$(get_completion_param "rocketchat domain") + if [ ! "$ROCKETCHAT_DOMAIN_NAME" ]; then + return + fi + suspend_site "${ROCKETCHAT_DOMAIN_NAME}" + systemctl stop rocketchat + + temp_restore_dir=/root/temprocketchat + rocketchat_dir=/var/snap/rocketchat-server + + restore_directory_from_friend $temp_restore_dir rocketchat + if [ -d $temp_restore_dir ]; then + if [ -d "$temp_restore_dir$rocketchat_dir" ]; then + cp -rp "$temp_restore_dir$rocketchat_dir"/* "$rocketchat_dir"/ + else + if [ ! -d "$rocketchat_dir" ]; then + mkdir "$rocketchat_dir" + fi + cp -rp $temp_restore_dir/* "$rocketchat_dir"/ + fi + rm -rf $temp_restore_dir + fi + systemctl start rocketchat + + restart_site +} + +function remove_rocketchat { + nginx_dissite "$ROCKETCHAT_DOMAIN_NAME" + remove_certs "$ROCKETCHAT_DOMAIN_NAME" + + remove_nodejs rocketchat + + if [ -d "/var/www/$ROCKETCHAT_DOMAIN_NAME" ]; then + rm -rf "/var/www/$ROCKETCHAT_DOMAIN_NAME" + fi + if [ -f "/etc/nginx/sites-available/$ROCKETCHAT_DOMAIN_NAME" ]; then + rm "/etc/nginx/sites-available/$ROCKETCHAT_DOMAIN_NAME" + fi + remove_onion_service rocketchat "${ROCKETCHAT_ONION_PORT}" + if grep -q "rocketchat" /etc/crontab; then + sed -i "/rocketchat/d" /etc/crontab + fi + remove_app rocketchat + remove_completion_param install_rocketchat + sed -i '/rocketchat/d' "$COMPLETION_FILE" + + remove_ddns_domain "$ROCKETCHAT_DOMAIN_NAME" + + snap remove rocketchat-server +} + +function install_rocketchat { + apt-get -qy install snapd + snap install rocketchat-server + + install_nodejs rocketchat + if [ ! "$ROCKETCHAT_DOMAIN_NAME" ]; then + echo $'No domain name was given' + exit 3568356 + fi + + if [ -d "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs" ]; then + rm -rf "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs" + fi + mkdir -p "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs" + + chmod g+w "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs" + chown -R www-data:www-data "/var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs" + + add_ddns_domain "$ROCKETCHAT_DOMAIN_NAME" + + ROCKETCHAT_ONION_HOSTNAME=$(add_onion_service rocketchat 80 "${ROCKETCHAT_ONION_PORT}") + + rocketchat_nginx_site=/etc/nginx/sites-available/$ROCKETCHAT_DOMAIN_NAME + if [[ "$ONION_ONLY" == "no" ]]; then + nginx_http_redirect "$ROCKETCHAT_DOMAIN_NAME" "index index.html" + { echo 'server {'; + echo ' listen 443 ssl;'; + echo ' #listen [::]:443 ssl;'; + echo " server_name $ROCKETCHAT_DOMAIN_NAME;"; + echo ''; } >> "$rocketchat_nginx_site" + nginx_compress "$ROCKETCHAT_DOMAIN_NAME" + echo '' >> "$rocketchat_nginx_site" + echo ' # Security' >> "$rocketchat_nginx_site" + nginx_ssl "$ROCKETCHAT_DOMAIN_NAME" + + nginx_security_options "$ROCKETCHAT_DOMAIN_NAME" + + { echo ' add_header Strict-Transport-Security max-age=15768000;'; + echo ''; + echo ' # Logs'; + echo ' access_log /dev/null;'; + echo ' error_log /dev/null;'; + echo ''; + echo ' # Root'; + echo " root /var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs;"; + echo ''; + echo ' index index.html;'; + echo ' # Location'; + echo ' location / {'; } >> "$rocketchat_nginx_site" + nginx_limits "$ROCKETCHAT_DOMAIN_NAME" '15m' + { echo " proxy_pass http://localhost:$ROCKETCHAT_PORT_INTERNAL;"; + echo ' proxy_http_version 1.1;'; + echo " proxy_set_header Upgrade \$http_upgrade;"; + echo " proxy_set_header Connection \"upgrade\";" + echo " proxy_set_header Host \$http_host;" + echo ''; + echo " proxy_set_header X-Real-IP \$remote_addr;"; + echo " proxy_set_header X-Forward-For \$proxy_add_x_forwarded_for;"; + echo ' proxy_set_header X-Forward-Proto http;'; + echo ' proxy_set_header X-Nginx-Proxy true;'; + echo ''; + echo ' proxy_redirect off;'; + echo ' }'; + echo '}'; } >> "$rocketchat_nginx_site" + else + echo -n '' > "$rocketchat_nginx_site" + fi + { echo 'server {'; + echo " listen 127.0.0.1:$ROCKETCHAT_ONION_PORT default_server;"; + echo " server_name $ROCKETCHAT_ONION_HOSTNAME;"; + echo ''; } >> "$rocketchat_nginx_site" + nginx_compress "$ROCKETCHAT_DOMAIN_NAME" + echo '' >> "$rocketchat_nginx_site" + nginx_security_options "$ROCKETCHAT_DOMAIN_NAME" + { echo ''; + echo ' # Logs'; + echo ' access_log /dev/null;'; + echo ' error_log /dev/null;'; + echo ''; + echo ' # Root'; + echo " root /var/www/$ROCKETCHAT_DOMAIN_NAME/htdocs;"; + echo ''; + echo ' index index.html;'; + echo ' # Location'; + echo ' location / {'; } >> "$rocketchat_nginx_site" + nginx_limits "$ROCKETCHAT_DOMAIN_NAME" '15m' + { echo " proxy_pass http://localhost:$ROCKETCHAT_PORT_INTERNAL;"; + echo ' proxy_http_version 1.1;'; + echo " proxy_set_header Upgrade \$http_upgrade;"; + echo " proxy_set_header Connection \"upgrade\";" + echo " proxy_set_header Host \$http_host;" + echo ''; + echo " proxy_set_header X-Real-IP \$remote_addr;"; + echo " proxy_set_header X-Forward-For \$proxy_add_x_forwarded_for;"; + echo ' proxy_set_header X-Forward-Proto http;'; + echo ' proxy_set_header X-Nginx-Proxy true;'; + echo ''; + echo ' proxy_redirect off;'; + echo ' }'; + echo '}'; } >> "$rocketchat_nginx_site" + + create_site_certificate "$ROCKETCHAT_DOMAIN_NAME" 'yes' + + nginx_ensite "$ROCKETCHAT_DOMAIN_NAME" + + systemctl restart nginx + + "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a rocketchat -p "$ROCKETCHAT_ADMIN_PASSWORD" + set_completion_param "rocketchat domain" "$ROCKETCHAT_DOMAIN_NAME" + + APP_INSTALLED=1 +} + +# NOTE: deliberately there is no "exit 0" From 179521763c721f584718fb0f5c0aeaf8ee056a66 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 14 May 2018 23:06:41 +0100 Subject: [PATCH 12/18] Change gogs port --- src/freedombone-app-gogs | 7 ++++--- src/freedombone-app-rocketchat | 2 +- src/freedombone-template | 16 ++++++---------- 3 files changed, 11 insertions(+), 14 deletions(-) diff --git a/src/freedombone-app-gogs b/src/freedombone-app-gogs index 6e87b424..8a2e4c0a 100755 --- a/src/freedombone-app-gogs +++ b/src/freedombone-app-gogs @@ -39,6 +39,7 @@ GIT_CODE= GIT_ONION_PORT=8090 GIT_ADMIN_PASSWORD= GOGS_BIN= +GOGS_PORT=3145 gogs_variables=(ONION_ONLY GIT_ADMIN_PASSWORD @@ -596,7 +597,7 @@ function install_gogs { echo ' location / {'; } >> "/etc/nginx/sites-available/${GIT_DOMAIN_NAME}" function_check nginx_limits nginx_limits "${GIT_DOMAIN_NAME}" '10G' - { echo ' proxy_pass http://localhost:3000;'; + { echo " proxy_pass http://localhost:${GOGS_PORT};"; echo ' }'; echo ''; echo ' fastcgi_buffers 64 4K;'; @@ -628,7 +629,7 @@ function install_gogs { echo ' location / {'; } >> "/etc/nginx/sites-available/${GIT_DOMAIN_NAME}" function_check nginx_limits nginx_limits "${GIT_DOMAIN_NAME}" '10G' - { echo ' proxy_pass http://localhost:3000;'; + { echo " proxy_pass http://localhost:${GOGS_PORT};"; echo ' }'; echo ''; echo ' fastcgi_buffers 64 4K;'; @@ -713,7 +714,7 @@ function install_gogs { echo "DOMAIN = ${GIT_ONION_HOSTNAME}" >> ${GOGS_CONFIG_FILE} echo "ROOT_URL = http://$GIT_DOMAIN_NAME/" >> ${GOGS_CONFIG_FILE} fi - { echo 'HTTP_PORT = 3000'; + { echo "HTTP_PORT = ${GOGS_PORT}"; echo "SSH_PORT = $SSH_PORT"; echo 'SSH_DOMAIN = %(DOMAIN)s'; echo "CERT_FILE = /etc/ssl/certs/${GIT_DOMAIN_NAME}.pem"; diff --git a/src/freedombone-app-rocketchat b/src/freedombone-app-rocketchat index b4877336..3aaad292 100755 --- a/src/freedombone-app-rocketchat +++ b/src/freedombone-app-rocketchat @@ -33,7 +33,7 @@ SHOW_ON_ABOUT=1 ROCKETCHAT_DOMAIN_NAME= ROCKETCHAT_CODE= ROCKETCHAT_ONION_PORT=9722 -ROCKETCHAT_PORT_INTERNAL=1233 +ROCKETCHAT_PORT_INTERNAL=3000 rocketchat_variables=(ONION_ONLY ROCKETCHAT_DOMAIN_NAME diff --git a/src/freedombone-template b/src/freedombone-template index c80e4c90..00946298 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -873,12 +873,10 @@ if [ $app_webui ]; then echo '' echo " { echo ' add_header Strict-Transport-Security max-age=15768000;';" echo " echo '';" - echo " echo ' # Logs';" - echo " echo ' access_log /dev/null;';" - echo " echo ' error_log /dev/null;';" + echo " echo ' access_log /dev/null;';" + echo " echo ' error_log /dev/null;';" echo " echo '';" - echo " echo ' # Root';" - echo " echo \" root /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs;\";" + echo " echo \" root /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs;\";" echo " echo '';" if [[ "$app_php" == 'yes' ]]; then echo " echo ' index index.php;';" @@ -920,12 +918,10 @@ if [ $app_webui ]; then echo " echo '' >> \"\$${app_name}_nginx_site\"" echo " nginx_security_options \"\$${app_name_upper}_DOMAIN_NAME\"" echo " { echo '';" - echo " echo ' # Logs';" - echo " echo ' access_log /dev/null;';" - echo " echo ' error_log /dev/null;';" + echo " echo ' access_log /dev/null;';" + echo " echo ' error_log /dev/null;';" echo " echo '';" - echo " echo ' # Root';" - echo " echo \" root /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs;\";" + echo " echo \" root /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs;\";" echo " echo '';" if [[ "$app_php" == 'yes' ]]; then echo " echo ' index index.php;';" From b1ef90bef94ca5e6a82eca071e54fca31de2b397 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 15 May 2018 10:09:47 +0100 Subject: [PATCH 13/18] Allow weekly and monthly pastes --- src/freedombone-app-privatebin | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/freedombone-app-privatebin b/src/freedombone-app-privatebin index c579266b..e081bf89 100755 --- a/src/freedombone-app-privatebin +++ b/src/freedombone-app-privatebin @@ -438,8 +438,6 @@ function install_privatebin { sed -i 's|; qrcode|qrcode|g' "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php" sed -i 's|default =.*|default = "1day"|g' "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php" sed -i 's|languagedefault =.*|languagedefault = "en"|g' "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php" - sed -i 's|1week =|; 1week =|g' "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php" - sed -i 's|1month =|; 1month =|g' "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php" sed -i 's|1year =|; 1year =|g' "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php" sed -i 's|never =|; never =|g' "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php" sed -i 's|limit = 10|limit = 30|g' "/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php" From c5ce8cfcabb4f95efebc09c2d7e8b9b0c0e137c4 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 15 May 2018 10:30:55 +0100 Subject: [PATCH 14/18] Bump nextcloud commit --- src/freedombone-app-nextcloud | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/freedombone-app-nextcloud b/src/freedombone-app-nextcloud index 85845e06..66802c9d 100755 --- a/src/freedombone-app-nextcloud +++ b/src/freedombone-app-nextcloud @@ -38,7 +38,7 @@ NEXTCLOUD_CODE= NEXTCLOUD_ONION_PORT=8112 NEXTCLOUD_REPO="https://github.com/nextcloud/server" # Stable 13 branch -NEXTCLOUD_COMMIT='b16824db31cd00e26e72216bf995d52389b9c93c' +NEXTCLOUD_COMMIT='edd5712c6ead5b09fa4f996cfda66fc4e18ba597' NEXTCLOUD_ADMIN_PASSWORD= nextcloud_variables=(ONION_ONLY From 9a72c76e234cce6d35264b932cab1097645db8d6 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 15 May 2018 10:50:54 +0100 Subject: [PATCH 15/18] Make nextcloud server side encryption optional --- src/freedombone-app-nextcloud | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/src/freedombone-app-nextcloud b/src/freedombone-app-nextcloud index 66802c9d..c17e2ef5 100755 --- a/src/freedombone-app-nextcloud +++ b/src/freedombone-app-nextcloud @@ -40,6 +40,7 @@ NEXTCLOUD_REPO="https://github.com/nextcloud/server" # Stable 13 branch NEXTCLOUD_COMMIT='edd5712c6ead5b09fa4f996cfda66fc4e18ba597' NEXTCLOUD_ADMIN_PASSWORD= +NEXTCLOUD_SERVER_SIDE_ENCRYPTION=1 nextcloud_variables=(ONION_ONLY NEXTCLOUD_DOMAIN_NAME @@ -83,6 +84,16 @@ function install_interactive_nextcloud { ONION_ONLY='no' fi + dialog --title $"Enable NextCloud server side encryption" \ + --backtitle $"Freedombone Configuration" \ + --yesno $"\\nDo you want to enable server side encryption. On ARM or older x86 systems, especially without HRNG, this may make performance excessively slow?" 10 60 + sel=$? + case $sel in + 1) NEXTCLOUD_SERVER_SIDE_ENCRYPTION= + ;; + 255) return;; + esac + if [[ $ONION_ONLY != "no" ]]; then NEXTCLOUD_DOMAIN_NAME='nextcloud.local' else @@ -668,12 +679,14 @@ function install_nextcloud_main { sudo -u www-data ./occ check sudo -u www-data ./occ status sudo -u www-data ./occ app:list - sudo -u www-data ./occ app:enable encryption - if ! sudo -u www-data ./occ encryption:enable; then - echo $'Encryption not enabled' - exit 73527 + if [ $NEXTCLOUD_SERVER_SIDE_ENCRYPTION ]; then + sudo -u www-data ./occ app:enable encryption + if ! sudo -u www-data ./occ encryption:enable; then + echo $'Encryption not enabled' + exit 73527 + fi + sudo -u www-data ./occ encryption:status fi - sudo -u www-data ./occ encryption:status sudo -u www-data ./occ config:system:set appstoreenabled --value=false chmod g+w "/var/www/${NEXTCLOUD_DOMAIN_NAME}/htdocs/config/config.php" chown -R www-data:www-data "/var/www/${NEXTCLOUD_DOMAIN_NAME}/htdocs" From e6e24f3a3b0931c03ba1e66c332e94e90bf171c4 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 15 May 2018 12:06:07 +0100 Subject: [PATCH 16/18] Bump mailpile commit --- src/freedombone-app-mailpile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/freedombone-app-mailpile b/src/freedombone-app-mailpile index f066e921..d4c7c386 100755 --- a/src/freedombone-app-mailpile +++ b/src/freedombone-app-mailpile @@ -35,7 +35,7 @@ MAILPILE_DOMAIN_NAME= MAILPILE_CODE= MAILPILE_ONION_PORT=8103 MAILPILE_REPO="https://github.com/mailpile/Mailpile" -MAILPILE_COMMIT='f82074d2ab5ccd65d14a6b3c6cd65aeb132831d7' +MAILPILE_COMMIT='3f6ab53de90f85bca8c52e5511e78cd7aca5ef1f' MAILPILE_PORT=33411 mailpile_variables=(MAILPILE_REPO From 0243866ac91fd00b154e74604c9dc75138bc0f4f Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 15 May 2018 12:23:11 +0100 Subject: [PATCH 17/18] Extra mailpile debian packages --- src/freedombone-app-mailpile | 1 + 1 file changed, 1 insertion(+) diff --git a/src/freedombone-app-mailpile b/src/freedombone-app-mailpile index d4c7c386..8b9a5da8 100755 --- a/src/freedombone-app-mailpile +++ b/src/freedombone-app-mailpile @@ -171,6 +171,7 @@ function install_mailpile { fi apt-get -yq install python-pip python-lxml python-dev libjpeg-dev + apt-get -yq install openssl python-pgpdump python-cryptography libssl-dev if [ ! -d /var/www/$MAILPILE_DOMAIN_NAME ]; then mkdir /var/www/$MAILPILE_DOMAIN_NAME From a4b1a7903d6c520c37f1dfea267383f067d1021c Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 15 May 2018 12:25:48 +0100 Subject: [PATCH 18/18] Restart the mailpile daemon after upgrades --- src/freedombone-app-mailpile | 1 + 1 file changed, 1 insertion(+) diff --git a/src/freedombone-app-mailpile b/src/freedombone-app-mailpile index 8b9a5da8..a82bea25 100755 --- a/src/freedombone-app-mailpile +++ b/src/freedombone-app-mailpile @@ -105,6 +105,7 @@ function upgrade_mailpile { pip install -r requirements.txt chown -R mailpile:mailpile "/var/www/$MAILPILE_DOMAIN_NAME/mail" + systemctl restart mailpile } function backup_local_mailpile {