freedomboneeee/src/freedombone-app-radicale

388 lines
14 KiB
Plaintext
Raw Normal View History

2016-11-08 23:13:50 +01:00
#!/bin/bash
#
# .---. . .
# | | |
# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
# | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
# ' ' --' --' -' - -' ' ' -' -' -' ' - --'
#
# Freedom in the Cloud
#
# Radicale calendar system
#
# Configuration based upon:
# https://gigacog.com/blog/2016/01/radicale-and-uwsgi-on-nginx-with-systemd
#
# License
# =======
#
# Copyright (C) 2016 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
VARIANTS='full full-vim'
IN_DEFAULT_INSTALL=1
SHOW_ON_ABOUT=1
2016-11-16 17:07:49 +01:00
RADICALE_VERSION='1.1.1'
RADICALE_HASH='e2c9812913c464ab88ae1f66b29e81f87a4cc6ee1c94d167b33508c530dab4b0'
2016-11-08 23:13:50 +01:00
RADICALE_PASSWORD=
RADICALE_ONION_PORT=8106
RADICALE_PORT=5232
RADICALE_DIRECTORY='/etc/radicale'
2016-11-16 19:56:37 +01:00
RADICALE_USERS=/var/www/radicale/users
2016-11-08 23:13:50 +01:00
radicale_variables=(ONION_ONLY
MY_USERNAME
RADICALE_PASSWORD
DEFAULT_DOMAIN_NAME)
function remove_user_radicale {
remove_username="$1"
2016-11-16 19:56:37 +01:00
if grep "$remove_username:" ${RADICALE_USERS}; then
sed -i "/$remove_username:/d" ${RADICALE_USERS}
2016-11-08 23:13:50 +01:00
systemctl reload radicale
fi
}
function add_user_radicale {
new_username="$1"
new_user_password="$2"
2016-11-16 19:56:37 +01:00
if [ ! -f ${RADICALE_USERS} ]; then
touch ${RADICALE_USERS}
2016-11-16 12:39:26 +01:00
fi
2016-11-16 19:56:37 +01:00
if ! grep "$new_username:" ${RADICALE_USERS}; then
htpasswd -bd ${RADICALE_USERS} "$new_username" "$new_user_password"
2016-11-16 20:03:34 +01:00
chown www-data:www-data ${RADICALE_USERS}
2016-11-08 23:13:50 +01:00
systemctl reload radicale
fi
echo '0'
}
function install_interactive_radicale {
echo -n ''
APP_INSTALLED=1
}
function change_password_radicale {
echo -n ''
}
function reconfigure_radicale {
echo -n ''
}
function upgrade_radicale {
2016-11-16 17:07:49 +01:00
echo -n ''
2016-11-08 23:13:50 +01:00
}
function backup_local_radicale {
source_directory=${RADICALE_DIRECTORY}
if [ -d $source_directory ]; then
dest_directory=radicale
function_check backup_directory_to_usb
backup_directory_to_usb $source_directory $dest_directory
fi
2016-11-16 17:07:49 +01:00
source_directory=/var/www/radicale/collections
if [ -d $source_directory ]; then
dest_directory=radicalecollections
function_check backup_directory_to_usb
backup_directory_to_usb $source_directory $dest_directory
fi
2016-11-08 23:13:50 +01:00
}
function restore_local_radicale {
if [ -d ${RADICALE_DIRECTORY} ]; then
temp_restore_dir=/root/tempradicale
function_check restore_directory_from_usb
restore_directory_from_usb $temp_restore_dir radicale
cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}
if [ ! "$?" = "0" ]; then
function_check backup_unmount_drive
backup_unmount_drive
exit 46872
fi
rm -rf $temp_restore_dir
2016-11-16 17:07:49 +01:00
temp_restore_dir=/root/tempradicalecollections
restore_directory_from_usb $temp_restore_dir radicalecollections
cp -r $temp_restore_dir/var/www/radicale/collections/* /var/www/radicale/collections
if [ ! "$?" = "0" ]; then
function_check backup_unmount_drive
backup_unmount_drive
exit 367363
fi
rm -rf $temp_restore_dir
chown -R www-data:www-data /var/www/radicale
2016-11-08 23:13:50 +01:00
systemctl restart radicale
fi
}
function backup_remote_radicale {
if [ -d ${RADICALE_DIRECTORY} ]; then
echo $"Backing up the radicale settings"
backup_directory_to_friend ${RADICALE_DIRECTORY} radicale
2016-11-16 17:07:49 +01:00
backup_directory_to_friend /var/www/radicale/collections radicalecollections
2016-11-08 23:13:50 +01:00
echo $"Backup of radicale settings complete"
fi
}
function restore_remote_radicale {
if [ -d ${RADICALE_DIRECTORY} ]; then
temp_restore_dir=/root/tempradicale
function_check restore_directory_from_friend
restore_directory_from_friend $temp_restore_dir radicale
cp -r $temp_restore_dir${RADICALE_DIRECTORY}/* ${RADICALE_DIRECTORY}
if [ ! "$?" = "0" ]; then
2016-11-16 17:07:49 +01:00
exit 236746
2016-11-08 23:13:50 +01:00
fi
rm -rf $temp_restore_dir
2016-11-16 17:07:49 +01:00
temp_restore_dir=/root/tempradicalecollections
restore_directory_from_friend $temp_restore_dir radicalecollections
cp -r $temp_restore_dir/var/www/radicale/collections/* /var/www/radicale/collections
if [ ! "$?" = "0" ]; then
exit 3674284
fi
rm -rf $temp_restore_dir
chown -R www-data:www-data /var/www/radicale
systemctl restart radicale
2016-11-08 23:13:50 +01:00
fi
}
function remove_radicale {
nginx_dissite radicale
systemctl stop radicale
systemctl stop uwsgi_rundir
systemctl disable radicale
systemctl disable uwsgi_rundir
if [ -f /etc/systemd/system/uwsgi_rundir.service ]; then
rm /etc/systemd/system/uwsgi_rundir.service
fi
if [ -f /etc/systemd/system/radicale.service ]; then
rm /etc/systemd/system/radicale.service
fi
if [ -f /etc/nginx/sites-available/radicale ]; then
rm /etc/nginx/sites-available/radicale
fi
2016-11-08 23:15:32 +01:00
if [ -f /usr/local/bin/uwsgi_rundir.sh ]; then
rm /usr/local/bin/uwsgi_rundir.sh
fi
2016-11-08 23:13:50 +01:00
firewall_remove ${RADICALE_PORT} tcp
function_check remove_onion_service
remove_onion_service radicale ${RADICALE_ONION_PORT}
apt-get -yq remove --purge radicale python-radicale
if [ -d ${RADICALE_DIRECTORY} ]; then
rm -rf ${RADICALE_DIRECTORY}
fi
if [ -d /var/www/radicale ]; then
rm -rf /var/www/radicale
fi
2016-11-15 21:02:39 +01:00
if [ -f touch /var/log/radicale/radicale.log ]; then
rm -rf /var/log/radicale
fi
2016-11-16 14:06:24 +01:00
if [ -d /var/log/radicale ]; then
rm -rf /var/log/radicale
fi
2016-11-08 23:13:50 +01:00
remove_completion_param install_radicale
sed -i '/radicale/d' $COMPLETION_FILE
sed -i '/Radicale/d' /home/$MY_USERNAME/README
}
function install_radicale {
if [[ $ONION_ONLY == 'no' ]]; then
# obtain a cert for the default domain
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
echo $'Obtaining certificate for the main domain'
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
fi
fi
2016-11-16 17:07:49 +01:00
apt-get -yq remove --purge radicale python-radicale
# create directories
2016-11-15 21:02:39 +01:00
if [ ! -d /var/log/radicale ]; then
mkdir /var/log/radicale
fi
if [ ! -f /var/log/radicale/radicale.log ]; then
touch /var/log/radicale/radicale.log
fi
2016-11-15 21:08:19 +01:00
chown -R www-data:www-data /var/log/radicale
2016-11-15 21:02:39 +01:00
2016-11-16 19:56:37 +01:00
apt-get -yq install python-setuptools apache2-utils
2016-11-08 23:13:50 +01:00
2016-11-16 17:07:49 +01:00
if [ ! -d /var/www/radicale ]; then
mkdir -p /var/www/radicale
2016-11-08 23:13:50 +01:00
fi
2016-11-16 17:07:49 +01:00
# get the source
cd /var/www/radicale
wget http://pypi.python.org/packages/source/R/Radicale/Radicale-${RADICALE_VERSION}.tar.gz
# check the hash
hash=$(sha256sum Radicale-${RADICALE_VERSION}.tar.gz | awk -F ' ' '{print $1}')
if [[ "$hash" != "$RADICALE_HASH" ]]; then
echo $'radicale hash does not match'
exit 638532
fi
tar -xzf Radicale-${RADICALE_VERSION}.tar.gz
if [ ! -d Radicale-${RADICALE_VERSION} ]; then
exit 623252
fi
rm Radicale-${RADICALE_VERSION}.tar.gz
cd Radicale-${RADICALE_VERSION}
python setup.py install
if [ ! -f /usr/local/bin/radicale ]; then
echo $'Radicale did not install'
exit 7283554
2016-11-08 23:13:50 +01:00
fi
2016-11-16 17:07:49 +01:00
if [ ! -d ${RADICALE_DIRECTORY} ]; then
mkdir ${RADICALE_DIRECTORY}
fi
if [ ! -d /var/www/radicale/collections ]; then
mkdir -p /var/www/radicale/collections
2016-11-08 23:13:50 +01:00
fi
2016-11-16 17:07:49 +01:00
chown -R www-data:www-data /var/www/radicale
2016-11-08 23:13:50 +01:00
2016-11-16 17:07:49 +01:00
# create the configuration
2016-11-16 13:32:50 +01:00
echo '[server]' > ${RADICALE_DIRECTORY}/config
echo 'hosts=127.0.0.1:52322' >> ${RADICALE_DIRECTORY}/config
echo 'ssl = False' >> ${RADICALE_DIRECTORY}/config
2016-11-16 13:59:34 +01:00
echo 'daemon = False' >> ${RADICALE_DIRECTORY}/config
2016-11-16 13:32:50 +01:00
echo '' >> ${RADICALE_DIRECTORY}/config
2016-11-08 23:13:50 +01:00
echo '[storage]' >> ${RADICALE_DIRECTORY}/config
echo 'type = filesystem' >> ${RADICALE_DIRECTORY}/config
2016-11-16 17:07:49 +01:00
echo "filesystem_folder = /var/www/radicale/collections" >> ${RADICALE_DIRECTORY}/config
2016-11-16 19:56:37 +01:00
echo '' >> ${RADICALE_DIRECTORY}/config
echo '[logging]' >> ${RADICALE_DIRECTORY}/config
echo 'debug = False' >> ${RADICALE_DIRECTORY}/config
2016-11-08 23:13:50 +01:00
2016-11-16 17:07:49 +01:00
# create an admin password
2016-11-08 23:13:50 +01:00
if [ ${#RADICALE_PASSWORD} -lt 8 ]; then
if [ -f $IMAGE_PASSWORD_FILE ]; then
RADICALE_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
else
RADICALE_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
fi
fi
add_user_radicale "$MY_USERNAME" "$RADICALE_PASSWORD"
echo '[Unit]' > /etc/systemd/system/radicale.service
2016-11-16 13:32:50 +01:00
echo 'Description=Radicale CalDAV Server' >> /etc/systemd/system/radicale.service
2016-11-08 23:13:50 +01:00
echo 'After=network.target' >> /etc/systemd/system/radicale.service
echo '' >> /etc/systemd/system/radicale.service
echo '[Service]' >> /etc/systemd/system/radicale.service
echo 'Type=simple' >> /etc/systemd/system/radicale.service
echo 'User=www-data' >> /etc/systemd/system/radicale.service
echo 'Group=www-data' >> /etc/systemd/system/radicale.service
2016-11-16 17:07:49 +01:00
echo "ExecStart=/usr/local/bin/radicale --config ${RADICALE_DIRECTORY}/config" >> /etc/systemd/system/radicale.service
2016-11-08 23:13:50 +01:00
echo '' >> /etc/systemd/system/radicale.service
echo '[Install]' >> /etc/systemd/system/radicale.service
echo 'WantedBy=multi-user.target' >> /etc/systemd/system/radicale.service
systemctl enable radicale
systemctl start radicale
RADICALE_ONION_HOSTNAME=$(add_onion_service radicale 80 ${RADICALE_ONION_PORT})
if [[ $ONION_ONLY == 'no' ]]; then
echo 'server {' > /etc/nginx/sites-available/radicale
echo " listen ${RADICALE_PORT} ssl;" >> /etc/nginx/sites-available/radicale
echo " listen [::]:${RADICALE_PORT} ssl;" >> /etc/nginx/sites-available/radicale
echo '' >> /etc/nginx/sites-available/radicale
function_check nginx_ssl
2016-11-15 21:28:34 +01:00
nginx_ssl radicale
2016-11-08 23:13:50 +01:00
function_check nginx_disable_sniffing
2016-11-15 21:28:34 +01:00
nginx_disable_sniffing radicale
2016-11-08 23:13:50 +01:00
echo '' >> /etc/nginx/sites-available/radicale
echo " server_name $DEFAULT_DOMAIN_NAME;" >> /etc/nginx/sites-available/radicale
2016-11-15 21:06:02 +01:00
echo '' >> /etc/nginx/sites-available/radicale
echo ' access_log /dev/null;' >> /etc/nginx/sites-available/radicale
echo ' error_log /var/log/radicale/radicale.log warn;' >> /etc/nginx/sites-available/radicale
2016-11-08 23:13:50 +01:00
echo '' >> /etc/nginx/sites-available/radicale
echo ' location / {' >> /etc/nginx/sites-available/radicale
2016-11-16 17:21:27 +01:00
echo ' auth_basic "Radicale";' >> /etc/nginx/sites-available/radicale
2016-11-16 19:56:37 +01:00
echo " auth_basic_user_file ${RADICALE_USERS};" >> /etc/nginx/sites-available/radicale
2016-11-16 13:59:34 +01:00
echo ' proxy_pass http://localhost:52322;' >> /etc/nginx/sites-available/radicale
2016-11-08 23:13:50 +01:00
echo ' }' >> /etc/nginx/sites-available/radicale
echo '}' >> /etc/nginx/sites-available/radicale
echo '' >> /etc/nginx/sites-available/radicale
else
echo -n '' > /etc/nginx/sites-available/radicale
fi
echo 'server {' >> /etc/nginx/sites-available/radicale
echo " listen 127.0.0.1:${RADICALE_ONION_PORT} default_server;" >> /etc/nginx/sites-available/radicale
echo '' >> /etc/nginx/sites-available/radicale
echo " server_name ${RADICALE_ONION_HOSTNAME};" >> /etc/nginx/sites-available/radicale
echo '' >> /etc/nginx/sites-available/radicale
2016-11-15 21:06:02 +01:00
echo ' access_log /dev/null;' >> /etc/nginx/sites-available/radicale
echo ' error_log /var/log/radicale/radicale.log warn;' >> /etc/nginx/sites-available/radicale
echo '' >> /etc/nginx/sites-available/radicale
2016-11-08 23:13:50 +01:00
echo ' location / {' >> /etc/nginx/sites-available/radicale
2016-11-16 17:21:27 +01:00
echo ' auth_basic "Radicale";' >> /etc/nginx/sites-available/radicale
2016-11-16 19:56:37 +01:00
echo " auth_basic_user_file ${RADICALE_USERS};" >> /etc/nginx/sites-available/radicale
2016-11-16 13:32:50 +01:00
echo ' proxy_pass http://localhost:52322;' >> /etc/nginx/sites-available/radicale
2016-11-08 23:13:50 +01:00
echo ' }' >> /etc/nginx/sites-available/radicale
echo '}' >> /etc/nginx/sites-available/radicale
2016-11-16 17:07:49 +01:00
# create a certificate
if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then
${PROJECT_NAME}-addcert -h $DEFAULT_DOMAIN_NAME --dhkey ${DH_KEYLENGTH}
check_certificates $DEFAULT_DOMAIN_NAME
fi
fi
2016-11-15 21:33:00 +01:00
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
sed -i "s|radicale.crt|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale
sed -i "s|radicale.pem|${DEFAULT_DOMAIN_NAME}.pem|g" /etc/nginx/sites-available/radicale
fi
sed -i "s|radicale.key|${DEFAULT_DOMAIN_NAME}.key|g" /etc/nginx/sites-available/radicale
2016-11-15 21:28:34 +01:00
sed -i "s|radicale.dhparam|${DEFAULT_DOMAIN_NAME}.dhparam|g" /etc/nginx/sites-available/radicale
2016-11-08 23:13:50 +01:00
update_default_domain
nginx_ensite radicale
systemctl reload nginx
set_completion_param "radicale onion domain" "${RADICALE_ONION_HOSTNAME}"
2016-11-16 11:51:04 +01:00
if ! grep -q "# Radicale" /home/$MY_USERNAME/README; then
2016-11-08 23:13:50 +01:00
echo '' >> /home/$MY_USERNAME/README
2016-11-16 11:51:04 +01:00
echo $'# Radicale' >> /home/$MY_USERNAME/README
echo $"Radicale onion domain: ${RADICALE_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
echo $"Your Radicale password is: ${RADICALE_PASSWORD}" >> /home/$MY_USERNAME/README
2016-11-08 23:13:50 +01:00
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
chmod 600 /home/$MY_USERNAME/README
2016-11-16 11:51:04 +01:00
else
sed -i "s|Radicale onion domain.*|Radicale onion domain: ${RADICALE_ONION_HOSTNAME}|g" /home/$MY_USERNAME/README
sed -i "s|Your Radicale password is.*|Your Radicale password is: ${RADICALE_PASSWORD}|g" /home/$MY_USERNAME/README
2016-11-08 23:13:50 +01:00
fi
APP_INSTALLED=1
}
# NOTE: deliberately no exit 0