#!/bin/bash # _____ _ _ # | __|___ ___ ___ _| |___ _____| |_ ___ ___ ___ # | __| _| -_| -_| . | . | | . | . | | -_| # |__| |_| |___|___|___|___|_|_|_|___|___|_|_|___| # # Freedom in the Cloud # # Command to create app templates # # License # ======= # # Copyright (C) 2018 Bob Mottram # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . PROJECT_NAME='freedombone' app_name='noapp' app_name_lower=$(echo "${app_name}" | tr '[:upper:]' '[:lower:]') app_name=$app_name_lower app_name_upper=$(echo "${app_name}" | tr '[:lower:]' '[:upper:]') app_repo="TODO" app_repo_commit='TODO' app_php= app_node= app_onion_only= app_port= app_port_internal= app_daemon= app_dir= app_webui=1 your_name='' your_email='' SHOW_ON_ABOUT=1 database_type='' function show_help { echo '' echo $"${PROJECT_NAME}-template --app [myappname] --php yes -n \"My Name\" -e \"myname@mydomain\" > src/${PROJECT_NAME}-app-myappname" echo '' echo $'Creates a new app script which can then be filled in' echo '' echo '' echo $' -h --help Show help' echo $' -a --app [name] Name of the application' echo $' -n --name [name] Your name' echo $' -e --email [address] Your email address' echo $' -r --repo [url] Git repo url for the app' echo $' -c --commit [hash] Git commit' echo $' --port [number] Port number for the app' echo $' --portinternal [number] Internal port between a daemon and the web server' echo $' --node [yes|no] Is this a nodejs app?' echo $' -o --onion [yes|no] Is this app only available on an onion address?' echo $' -p --php [yes|no] Is this a PHP app?' echo $' -s --daemon [yes|no] Add a daemon' echo $' -d --database [mariadb|postgresql] Type of database' echo $' -w --web [yes|no] Whether there is a web user interface (default is yes)' echo $' --dir [directory] Where to install to' echo '' exit 0 } while [ $# -gt 1 ] do key="$1" case $key in -h|--help) show_help ;; -a|--app|--appname) shift app_name="$1" app_name_lower=$(echo "${app_name}" | tr '[:upper:]' '[:lower:]') app_name=$app_name_lower app_name_upper=$(echo "${app_name}" | tr '[:lower:]' '[:upper:]') ;; -r|--repo) shift app_repo="$1" ;; -c|--commit) shift app_repo_commit="$1" ;; -n|--name) shift your_name="$1" ;; -e|--email) shift your_email="$1" ;; -d|--database) shift database_type="$1" ;; -p|--php) shift app_php="$1" ;; --node|--nodejs) shift app_node="$1" ;; -s|--daemon|--systemd) shift if [[ "$1" == 'yes' ]]; then app_daemon=1 fi ;; -o|--onion) shift if [[ "$1" == 'yes' ]]; then app_onion_only=1 fi ;; -w|--web) shift if [[ "$1" == $'n'* || "$1" == $'N'* ]]; then app_webui= fi ;; --port) shift app_port="$1" ;; --portinternal|--portint) shift app_port_internal="$1" ;; --dir) shift app_dir="$1" ;; *) # unknown option ;; esac shift done if [[ "$app_name" == 'noapp' ]]; then show_help exit 1 fi if [[ "$app_name" == *' '* ]]; then echo $'app name should not contain any spaces' exit 2 fi if [[ "$app_name" == *'_'* ]]; then echo $'app name should not contain any underscore characters' exit 3 fi if [[ "$app_name" == *'-'* ]]; then echo $'app name should not contain any hyphen characters' exit 4 fi if [ ${#app_name} -lt 3 ]; then echo $'app name should be at least three characters' exit 5 fi if [ ${#your_name} -lt 2 ]; then echo $'Specify your name with --name' exit 6 fi if [ ${#your_email} -lt 3 ]; then echo $'Specify your email address with --email' exit 7 fi if [[ "$your_email" != *'@'* ]]; then echo $"That doesn't look like an email address" exit 8 fi if [ ! $app_webui ]; then if [ ! "$app_dir" ]; then app_dir=/etc/${app_name} fi app_php= fi echo '#!/bin/bash' echo '#' echo '# _____ _ _' echo '# | __|___ ___ ___ _| |___ _____| |_ ___ ___ ___' echo '# | __| _| -_| -_| . | . | | . | . | | -_|' echo '# |__| |_| |___|___|___|___|_|_|_|___|___|_|_|___|' echo '#' echo '# Freedom in the Cloud' echo '#' echo '# License' echo '# =======' echo '#' echo "# Copyright (C) $(date +%Y) ${your_name} <${your_email}>" echo '#' echo '# This program is free software: you can redistribute it and/or modify' echo '# it under the terms of the GNU Affero General Public License as published by' echo '# the Free Software Foundation, either version 3 of the License, or' echo '# (at your option) any later version.' echo '#' echo '# This program is distributed in the hope that it will be useful,' echo '# but WITHOUT ANY WARRANTY; without even the implied warranty of' echo '# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the' echo '# GNU Affero General Public License for more details.' echo '#' echo '# You should have received a copy of the GNU Affero General Public License' echo '# along with this program. If not, see .' echo '' echo "VARIANTS='full full-vim'" echo '' echo 'IN_DEFAULT_INSTALL=0' echo "SHOW_ON_ABOUT=${SHOW_ON_ABOUT}" if [ $app_onion_only ]; then echo 'SHOW_ICANN_ADDRESS_ON_ABOUT=0' fi echo '' echo "${app_name_upper}_DOMAIN_NAME=" echo "${app_name_upper}_CODE=" if [ "$app_port" ]; then echo "${app_name_upper}_PORT=$app_port" fi echo "${app_name_upper}_ONION_PORT=$(( ( RANDOM % 1000 ) + 9010 ))" echo "${app_name_upper}_REPO=\"${app_repo}\"" echo "${app_name_upper}_COMMIT='${app_repo_commit}'" if [ $app_daemon ]; then if [ ! "$app_port_internal" ]; then echo "${app_name_upper}_PORT_INTERNAL=TODO" else echo "${app_name_upper}_PORT_INTERNAL=$app_port_internal" fi fi echo '' echo "${app_name}_variables=(ONION_ONLY" echo " ${app_name_upper}_DOMAIN_NAME" echo " ${app_name_upper}_CODE" echo ' DDNS_PROVIDER' echo " MY_USERNAME)" echo '' echo "function logging_on_${app_name} {" echo " echo -n ''" echo "}" echo '' echo "function logging_off_${app_name} {" echo " echo -n ''" echo '}' echo '' echo "function remove_user_${app_name} {" echo " remove_username=\"\$1\"" echo '' echo " \"\${PROJECT_NAME}-pass\" -u \"\$remove_username\" --rmapp ${app_name}" echo '}' echo '' echo "function add_user_${app_name} {" echo " new_username=\"\$1\"" echo " new_user_password=\"\$2\"" echo '' echo " \"\${PROJECT_NAME}-pass\" -u \"\$new_username\" -a ${app_name} -p \"\$new_user_password\"" echo " echo '0'" echo '}' echo '' echo "function install_interactive_${app_name} {" if [ ! $app_onion_only ]; then echo " if [ ! \"\$ONION_ONLY\" ]; then" echo " ONION_ONLY='no'" echo ' fi' echo '' echo " if [[ \"\$ONION_ONLY\" != \"no\" ]]; then" echo " ${app_name_upper}_DOMAIN_NAME='${app_name}.local'" echo " write_config_param \"${app_name_upper}_DOMAIN_NAME\" \"\$${app_name_upper}_DOMAIN_NAME\"" echo ' else' echo " interactive_site_details \"${app_name}\" \"${app_name_upper}_DOMAIN_NAME\" \"${app_name_upper}_CODE\"" echo ' fi' else echo " echo -n ''" fi echo ' APP_INSTALLED=1' echo '}' echo '' echo "function change_password_${app_name} {" echo " curr_username=\"\$1\"" echo " new_user_password=\"\$2\"" echo '' echo " read_config_param '${app_name_upper}_DOMAIN_NAME'" echo '' echo " \"\${PROJECT_NAME}-pass\" -u \"\$curr_username\" -a ${app_name} -p \"\$new_user_password\"" echo '}' if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" || "$database_type" == "postgres"* ]]; then echo '' echo "function ${app_name}_create_database {" echo " if [ -f \$IMAGE_PASSWORD_FILE ]; then" echo " ${app_name_upper}_ADMIN_PASSWORD=\"\$(printf \"%d\" \"\$(cat \"$IMAGE_PASSWORD_FILE\")\")\"" echo ' else' echo " if [ ! \$${app_name_upper}_ADMIN_PASSWORD ]; then" echo " ${app_name_upper}_ADMIN_PASSWORD=\"\$(create_password \${MINIMUM_PASSWORD_LENGTH})\"" echo ' fi' echo ' fi' echo " if [ ! \$${app_name_upper}_ADMIN_PASSWORD ]; then" echo ' return' echo ' fi' echo '' if [[ "$database_type" != "postgres"* ]]; then echo " create_database ${app_name} \"\$${app_name_upper}_ADMIN_PASSWORD\" \$MY_USERNAME" else echo ' systemctl restart postgresql' echo " run_system_query_postgresql \"CREATE USER peertube WITH PASSWORD '\$${app_name_upper}_ADMIN_PASSWORD';\"" echo " run_system_query_postgresql \"CREATE DATABASE ${app_name} OWNER ${app_name};\"" echo " run_system_query_postgresql \"GRANT ALL PRIVILEGES ON DATABASE ${app_name} to ${app_name};\"" echo " run_system_query_postgresql \"set statement_timeout to 40000;\"" fi echo '}' fi echo '' echo "function reconfigure_${app_name} {" echo ' # This is used if you need to switch identity. Dump old keys and generate new ones' echo " echo -n ''" echo '}' echo '' echo "function configure_interactive_${app_name} {" echo ' while true' echo ' do' echo " data=\$(mktemp 2>/dev/null)" echo " dialog --backtitle \$\"Freedombone Control Panel\" \\" echo " --title \$\"${app_name}\" \\" echo " --radiolist \$\"Choose an operation:\" 16 70 3 \\" echo " 1 \$\"Option 1\" off \\" echo " 2 \$\"Option 2\" off \\" echo " 3 \$\"Exit\" on 2> \"\$data\"" echo ' sel=$?' echo " case \$sel in" echo " 1) rm -f \"\$data\"" echo ' return;;' echo " 255) rm -f \"\$data\"" echo ' return;;' echo ' esac' echo " case \$(cat \"\$data\") in" echo ' 1) # call some function for option 1' echo ' ;;' echo ' 2) # call some function for option 2' echo ' ;;' echo " 3) rm -f \"\$data\"" echo ' break;;' echo ' esac' echo " rm -f \"\$data\"" echo ' done' echo '}' echo '' echo "function upgrade_${app_name} {" echo " CURR_${app_name_upper}_COMMIT=\$(get_completion_param \"${app_name} commit\")" echo " if [[ \"\$CURR_${app_name_upper}_COMMIT\" == \"\$${app_name_upper}_COMMIT\" ]]; then" echo ' return' echo ' fi' echo '' echo " if grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" echo ' fi' echo '' echo ' # update to the next commit' if [ ! "$app_dir" ]; then echo " set_repo_commit \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \$${app_name_upper}_REPO" echo " chown -R www-data:www-data \"/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs\"" else echo " set_repo_commit \"${app_dir}\" \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \$${app_name_upper}_REPO" echo " chown -R ${app_name}:${app_name} \"${app_dir}\"" fi echo '}' echo '' echo "function backup_local_${app_name} {" echo " ${app_name_upper}_DOMAIN_NAME='${app_name}'" echo " if grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" echo ' fi' echo '' if [ ! "$app_dir" ]; then echo " source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" else echo " source_directory=${app_dir}" fi echo '' echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" echo '' echo " dest_directory=${app_name}" echo " backup_directory_to_usb \"\$source_directory\" \$dest_directory" echo '' if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then echo " backup_database_to_usb ${app_name}" echo '' fi if [[ "$database_type" == "postgres"* ]]; then echo ' USE_POSTGRESQL=1' echo " backup_database_to_usb ${app_name}" echo '' fi echo ' restart_site' echo '}' echo '' echo "function restore_local_${app_name} {" echo " if ! grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" echo ' return' echo ' fi' echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" echo " if [ \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" echo " temp_restore_dir=/root/temp${app_name}" if [ ! "$app_dir" ]; then echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" else echo " ${app_name}_dir=${app_dir}" fi echo '' if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then echo " ${app_name}_create_database" echo '' echo " restore_database ${app_name}" echo " if [ -d \$temp_restore_dir ]; then" echo " rm -rf \$temp_restore_dir" echo ' fi' echo '' fi if [[ "$database_type" == "postgres"* ]]; then echo " ${app_name}_create_database" echo '' echo ' USE_POSTGRESQL=1' echo " restore_database ${app_name}" echo " if [ -d \$temp_restore_dir ]; then" echo " rm -rf \$temp_restore_dir" echo ' fi' echo '' fi echo " restore_directory_from_usb \$temp_restore_dir ${app_name}" echo " if [ -d \$temp_restore_dir ]; then" echo " if [ -d \"\$temp_restore_dir\$${app_name}_dir\" ]; then" echo " cp -rp \"\$temp_restore_dir\$${app_name}_dir\"/* \"\$${app_name}_dir\"/" echo ' else' echo " if [ ! -d \"\$${app_name}_dir\" ]; then" echo " mkdir \"\$${app_name}_dir\"" echo ' fi' echo " cp -rp \"\$temp_restore_dir\"/* \"\$${app_name}_dir\"/" echo ' fi' echo " chown -R www-data:www-data \"\$${app_name}_dir\"" echo " rm -rf \$temp_restore_dir" echo ' fi' echo '' echo ' fi' echo '}' echo '' echo "function backup_remote_${app_name} {" echo " ${app_name_upper}_DOMAIN_NAME='${app_name}'" echo " if grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" echo ' fi' echo '' if [ ! "$app_dir" ]; then echo " source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" else echo " source_directory=${app_dir}" fi echo '' echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" echo '' echo " dest_directory=${app_name}" echo " backup_directory_to_friend \"\$source_directory\" \$dest_directory" if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then echo " backup_database_to_friend ${app_name}" echo '' fi if [[ "$database_type" == "postgres"* ]]; then echo ' USE_POSTGRESQL=1' echo " backup_database_to_friend ${app_name}" echo '' fi echo '' echo ' restart_site' echo '}' echo '' echo "function restore_remote_${app_name} {" echo " if ! grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" echo ' return' echo ' fi' echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" echo " if [ \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" echo " temp_restore_dir=/root/temp${app_name}" if [ ! "$app_dir" ]; then echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" else echo " ${app_name}_dir=${app_dir}" fi echo '' if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then echo " ${app_name}_create_database" echo '' echo " restore_database_from_friend ${app_name}" echo " if [ -d \"\$temp_restore_dir\" ]; then" echo " rm -rf \$temp_restore_dir" echo ' fi' echo '' fi if [[ "$database_type" == "postgres"* ]]; then echo " ${app_name}_create_database" echo '' echo ' USE_POSTGRESQL=1' echo " restore_database_from_friend ${app_name}" echo " if [ -d \"\$temp_restore_dir\" ]; then" echo " rm -rf \$temp_restore_dir" echo ' fi' echo '' fi echo " restore_directory_from_friend \$temp_restore_dir ${app_name}" echo " if [ -d \$temp_restore_dir ]; then" echo " if [ -d \"\$temp_restore_dir\$${app_name}_dir\" ]; then" echo " cp -rp \"\$temp_restore_dir\$${app_name}_dir\"/* \"\$${app_name}_dir\"/" echo ' else' echo " if [ ! -d \"\$${app_name}_dir\" ]; then" echo " mkdir \"\$${app_name}_dir\"" echo ' fi' echo " cp -rp \$temp_restore_dir/* \"\$${app_name}_dir\"/" echo ' fi' echo " chown -R www-data:www-data \"\$${app_name}_dir\"" echo " rm -rf \$temp_restore_dir" echo ' fi' echo '' echo ' fi' echo '}' echo '' echo "function remove_${app_name} {" if [[ "$app_node" == 'yes' ]]; then echo " remove_nodejs ${app_name}" echo '' fi echo " nginx_dissite \"\$${app_name_upper}_DOMAIN_NAME\"" echo " remove_certs \"\$${app_name_upper}_DOMAIN_NAME\"" echo '' if [ $app_daemon ]; then echo " if [ -f /etc/systemd/system/${app_name}.service ]; then" echo " systemctl stop ${app_name}" echo " systemctl disable ${app_name}" echo " rm /etc/systemd/system/${app_name}.service" echo ' fi' echo " userdel -r ${app_name}" fi echo '' echo " if [ -d \"/var/www/\$${app_name_upper}_DOMAIN_NAME\" ]; then" echo " rm -rf \"/var/www/\$${app_name_upper}_DOMAIN_NAME\"" echo ' fi' echo " if [ -f \"/etc/nginx/sites-available/\$${app_name_upper}_DOMAIN_NAME\" ]; then" echo " rm \"/etc/nginx/sites-available/\$${app_name_upper}_DOMAIN_NAME\"" echo ' fi' if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then echo " drop_database ${app_name}" fi if [[ "$database_type" == "postgres"* ]]; then echo " drop_database_postgresql ${app_name}" fi echo " remove_onion_service ${app_name} \${${app_name_upper}_ONION_PORT}" echo " if grep -q \"${app_name}\" /etc/crontab; then" echo " sed -i \"/${app_name}/d\" /etc/crontab" echo ' fi' echo " remove_app ${app_name}" echo " remove_completion_param install_${app_name}" echo " sed -i '/${app_name}/d' \"\$COMPLETION_FILE\"" if [ "$app_port" ]; then echo '' echo " firewall_remove ${app_port} tcp" fi echo '' echo " remove_ddns_domain \"\$${app_name_upper}_DOMAIN_NAME\"" echo '}' echo '' echo "function install_${app_name} {" if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then echo ' install_mariadb' echo '' echo ' get_mariadb_password' echo '' fi if [[ "$database_type" == "postgres"* ]]; then echo ' install_postgresql' echo '' fi if [[ "$app_node" == 'yes' ]]; then echo "install_nodejs ${app_name}" fi if [[ "$app_php" == 'yes' ]]; then echo ' apt-get -yq install php-gettext php-curl php-gd php-mysql git curl' echo ' apt-get -yq install memcached php-memcached php-intl exiftool libfcgi0ldbl' echo '' fi echo " if [ ! \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" echo " echo \$'No domain name was given'" echo ' exit 3568356' echo ' fi' if [ $app_webui ]; then echo '' echo " if [ -d \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" ]; then" echo " rm -rf \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" echo ' fi' fi echo " if [ -d /repos/${app_name} ]; then" echo " mkdir \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" if [ ! "$app_dir" ]; then echo " cp -r -p /repos/${app_name}/. \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" echo " cd \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" || exit 324687356" else echo " cp -r -p /repos/${app_name}/. \"${app_dir}\"" echo " cd \"${app_dir}\" || exit 36487365" fi echo ' git pull' echo ' else' if [ ! "$app_dir" ]; then echo " git_clone \$${app_name_upper}_REPO \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" else echo " git_clone \$${app_name_upper}_REPO \"${app_dir}\"" fi echo ' fi' echo '' if [ ! "$app_dir" ]; then echo " if [ ! -d \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" ]; then" else echo " if [ ! -d \"${app_dir}\" ]; then" fi echo " echo \$'Unable to clone ${app_name} repo'" echo ' exit 87525' echo ' fi' echo '' if [ ! "$app_dir" ]; then echo " cd \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" || exit 36587356" else echo " cd \"${app_dir}\" || exit 3463754637" fi echo " git checkout \$${app_name_upper}_COMMIT -b \$${app_name_upper}_COMMIT" echo " set_completion_param \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\"" echo '' echo " chmod g+w \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" echo " chown -R www-data:www-data \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" || "$database_type" == "postgres"* ]]; then echo '' echo " ${app_name}_create_database" fi echo '' echo " add_ddns_domain \"\$${app_name_upper}_DOMAIN_NAME\"" echo '' echo " ${app_name_upper}_ONION_HOSTNAME=\$(add_onion_service ${app_name} 80 \${${app_name_upper}_ONION_PORT})" if [ $app_webui ]; then echo '' echo " ${app_name}_nginx_site=/etc/nginx/sites-available/\$${app_name_upper}_DOMAIN_NAME" if [ ! $app_onion_only ]; then echo " if [[ \"\$ONION_ONLY\" == \"no\" ]]; then" if [[ "$app_php" == 'yes' ]]; then echo " nginx_http_redirect \"\$${app_name_upper}_DOMAIN_NAME\" \"index index.php\"" else echo " nginx_http_redirect \"\$${app_name_upper}_DOMAIN_NAME\" \"index index.html\"" fi echo " { echo 'server {';" echo " echo ' listen 443 ssl;';" echo " echo ' #listen [::]:443 ssl;';" echo " echo \" server_name \$${app_name_upper}_DOMAIN_NAME;\";" echo " echo ''; } >> \"\$${app_name}_nginx_site\"" echo " nginx_compress \"\$${app_name_upper}_DOMAIN_NAME\"" echo " echo '' >> \"\$${app_name}_nginx_site\"" echo " echo ' # Security' >> \"\$${app_name}_nginx_site\"" echo " nginx_ssl \"\$${app_name_upper}_DOMAIN_NAME\"" echo '' echo " nginx_security_options \"\$${app_name_upper}_DOMAIN_NAME\"" echo '' echo " { echo ' add_header Strict-Transport-Security max-age=15768000;';" echo " echo '';" echo " echo ' # Logs';" echo " echo ' access_log /dev/null;';" echo " echo ' error_log /dev/null;';" echo " echo '';" echo " echo ' # Root';" echo " echo \" root /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs;\";" echo " echo '';" if [[ "$app_php" == 'yes' ]]; then echo " echo ' index index.php;';" echo " echo ' location ~ \\.php {';" echo " echo ' include snippets/fastcgi-php.conf;';" echo " echo ' fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';" echo " echo ' fastcgi_read_timeout 30;';" echo " echo ' fastcgi_param HTTPS on;';" echo " echo ' }';" echo " echo '';" else echo " echo ' index index.html;';" fi echo " echo ' # Location';" echo " echo ' location / {'; } >> \"\$${app_name}_nginx_site\"" echo " nginx_limits \"\$${app_name_upper}_DOMAIN_NAME\" '15m'" if [ ! $app_daemon ]; then if [[ "$app_php" != 'yes' ]]; then echo " { echo \" try_files \\\$uri \\\$uri/ /index.html;\";" else echo " { echo \" try_files \\\$uri \\\$uri/ /index.php?\\\$args;\";" fi else echo " { echo \" proxy_pass http://localhost:\$${app_name_upper}_PORT_INTERNAL;\";" fi echo " echo ' }';" echo " echo '}'; } >> \"\$${app_name}_nginx_site\"" echo ' else' echo " echo -n '' > \"\$${app_name}_nginx_site\"" echo ' fi' else echo " echo -n '' > \"\$${app_name}_nginx_site\"" fi echo " { echo 'server {';" echo " echo \" listen 127.0.0.1:\$${app_name_upper}_ONION_PORT default_server;\";" echo " echo \" server_name \$${app_name_upper}_ONION_HOSTNAME;\";" echo " echo ''; } >> \"\$${app_name}_nginx_site\"" echo " nginx_compress \"\$${app_name_upper}_DOMAIN_NAME\"" echo " echo '' >> \"\$${app_name}_nginx_site\"" echo " nginx_security_options \"\$${app_name_upper}_DOMAIN_NAME\"" echo " { echo '';" echo " echo ' # Logs';" echo " echo ' access_log /dev/null;';" echo " echo ' error_log /dev/null;';" echo " echo '';" echo " echo ' # Root';" echo " echo \" root /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs;\";" echo " echo '';" if [[ "$app_php" == 'yes' ]]; then echo " echo ' index index.php;';" echo " echo ' location ~ \\.php {';" echo " echo ' include snippets/fastcgi-php.conf;';" echo " echo ' fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';" echo " echo ' fastcgi_read_timeout 30;';" echo " echo ' fastcgi_param HTTPS off;';" echo " echo ' }';" echo " echo '';" else echo " echo ' index index.html;';" fi echo " echo ' # Location';" echo " echo ' location / {'; } >> \"\$${app_name}_nginx_site\"" echo " nginx_limits \"\$${app_name_upper}_DOMAIN_NAME\" '15m'" if [ ! $app_daemon ]; then if [[ "$app_php" != 'yes' ]]; then echo " { echo \" try_files \\\$uri \\\$uri/ index.html;\";" else echo " { echo \" try_files \\\$uri \\\$uri/ index.php?\\\$args;\";" fi else echo " echo \" proxy_pass http://localhost:\$${app_name_upper}_PORT_INTERNAL;\";" fi echo " echo ' }';" echo " echo '}'; } >> \"\$${app_name}_nginx_site\"" if [[ "$app_php" == 'yes' ]]; then echo '' echo ' configure_php' fi fi if [ $app_daemon ]; then echo '' echo " useradd -d \"TODO_PATH_TO_INSTALL\" -s /bin/false ${app_name}" echo '' echo " { echo '[Unit]';" echo " echo 'Description=${app_name}';" echo " echo 'After=syslog.target';" echo " echo 'After=network.target';" echo " echo '';" echo " echo '[Service]';" echo " echo 'Type=simple';" echo " echo 'User=${app_name}';" echo " echo 'Group=${app_name}'; } > \"/etc/systemd/system/${app_name}.service\"" if [ ! "$app_dir" ]; then echo " echo 'WorkingDirectory=TODO' >> \"/etc/systemd/system/${app_name}.service\"" else echo " echo 'WorkingDirectory=${app_dir}' >> \"/etc/systemd/system/${app_name}.service\"" fi echo " { echo 'ExecStart=TODO';" echo " echo 'Restart=always';" echo " echo 'Environment=\"USER=${app_name}\"';" echo " echo '';" echo " echo '[Install]';" echo " echo 'WantedBy=multi-user.target'; } >> \"/etc/systemd/system/${app_name}.service\"" echo " systemctl enable ${app_name}" if [ "$app_dir" ]; then echo " chown -R ${app_name}:${app_name} \"${app_dir}\"" fi echo " systemctl start ${app_name}" fi echo '' echo " create_site_certificate \"\$${app_name_upper}_DOMAIN_NAME\" 'yes'" echo '' echo " nginx_ensite \"\$${app_name_upper}_DOMAIN_NAME\"" echo '' if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then echo ' systemctl restart mariadb' fi if [[ "$app_php" == 'yes' ]]; then echo ' systemctl restart php7.0-fpm' fi echo ' systemctl restart nginx' echo '' echo " \"\${PROJECT_NAME}-pass\" -u \"\$MY_USERNAME\" -a ${app_name} -p \"\$${app_name_upper}_ADMIN_PASSWORD\"" echo " set_completion_param \"${app_name} domain\" \"\$${app_name_upper}_DOMAIN_NAME\"" if [ "$app_port" ]; then echo '' echo " firewall_add ${app_name} ${app_port} tcp" fi echo '' echo ' APP_INSTALLED=1' echo '}' echo '' echo '# NOTE: deliberately there is no "exit 0"'