ghost app

This commit is contained in:
Bob Mottram 2016-11-08 11:25:52 +00:00
parent 42cd8e7b94
commit 60114b020e
2 changed files with 437 additions and 2 deletions

435
src/freedombone-app-ghost Executable file
View File

@ -0,0 +1,435 @@
#!/bin/bash
#
# .---. . .
# | | |
# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
# | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
# ' ' --' --' -' - -' ' ' -' -' -' ' - --'
#
# Freedom in the Cloud
#
# Ghost blog
#
# License
# =======
#
# Copyright (C) 2016 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
VARIANTS="full full-vim writer"
IN_DEFAULT_INSTALL=0
SHOW_ON_ABOUT=1
GHOST_DOMAIN_NAME=
GHOST_CODE=
GHOST_ONION_PORT=8104
GHOST_VERSION='0.11.3'
GHOST_PORT=2368
ghost_variables=(GHOST_VERSION
GHOST_DOMAIN_NAME
GHOST_CODE
GHOST_ADMIN_PASSWORD
ONION_ONLY
DDNS_PROVIDER
MY_USERNAME)
function remove_user_ghost {
remove_username="$1"
}
function add_user_ghost {
if [[ $(app_is_installed ghost) == "0" ]]; then
echo '0'
return
fi
new_username="$1"
new_user_password="$2"
echo '0'
}
function install_interactive_ghost {
if [ ! $ONION_ONLY ]; then
ONION_ONLY='no'
fi
if [[ $ONION_ONLY != "no" ]]; then
GHOST_DOMAIN_NAME='ghost.local'
write_config_param "GHOST_DOMAIN_NAME" "$GHOST_DOMAIN_NAME"
else
function_check interactive_site_details
interactive_site_details "ghost" "GHOST_DOMAIN_NAME" "GHOST_CODE"
fi
APP_INSTALLED=1
}
function change_password_ghost {
set_completion_param "ghost domain" "$GHOST_DOMAIN_NAME"
GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
GHOST_USERNAME="$1"
GHOST_PASSWORD="$2"
if [ ${#GHOST_PASSWORD} -lt 8 ]; then
echo $'Ghost password is too short'
return
fi
}
function reconfigure_ghost {
echo -n ''
}
function upgrade_ghost {
read_config_param "GHOST_DOMAIN_NAME"
}
function backup_local_ghost {
GHOST_DOMAIN_NAME='ghost.local'
if grep -q "ghost domain" $COMPLETION_FILE; then
GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
fi
ghost_path=/var/www/${GHOST_DOMAIN_NAME}/htdocs
if [ -d $ghost_path ]; then
function_check backup_database_to_usb
backup_database_to_usb ghost
backup_directory_to_usb $ghost_path ghost
restart_site
fi
}
function restore_local_ghost {
GHOST_DOMAIN_NAME='ghost.local'
if grep -q "ghost domain" $COMPLETION_FILE; then
GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
fi
if [ $GHOST_DOMAIN_NAME ]; then
function_check ghost_create_database
ghost_create_database
function_check restore_database
restore_database ghost ${GHOST_DOMAIN_NAME}
fi
}
function backup_remote_ghost {
GHOST_DOMAIN_NAME='ghost.local'
if grep -q "ghost domain" $COMPLETION_FILE; then
GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
fi
temp_backup_dir=/var/www/${GHOST_DOMAIN_NAME}/htdocs
if [ -d $temp_backup_dir ]; then
suspend_site ${GHOST_DOMAIN_NAME}
backup_database_to_friend ghost
backup_directory_to_friend $temp_backup_dir ghost
restart_site
else
echo $"Ghost domain specified but not found in /var/www/${GHOST_DOMAIN_NAME}"
exit 2578
fi
}
function restore_remote_ghost {
GHOST_DOMAIN_NAME='ghost.local'
if grep -q "ghost domain" $COMPLETION_FILE; then
GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
fi
function_check restore_database_from_friend
function_check ghost_create_database
ghost_create_database
restore_database_from_friend ghost ${GHOST_DOMAIN_NAME}
restart_site
chown -R ghost: /var/www/$GHOST_DOMAIN_NAME/htdocs/
}
function remove_ghost {
if [ ${#GHOST_DOMAIN_NAME} -eq 0 ]; then
return
fi
systemctl stop ghost
systemctl disable ghost
rm /etc/systemd/system/ghost.service
function_check remove_nodejs
remove_nodejs ghost
drop_database ghost
remove_backup_database_local ghost
read_config_param "GHOST_DOMAIN_NAME"
nginx_dissite $GHOST_DOMAIN_NAME
remove_certs ${GHOST_DOMAIN_NAME}
deluser -r ghost
if [ -f /etc/nginx/sites-available/$GHOST_DOMAIN_NAME ]; then
rm -f /etc/nginx/sites-available/$GHOST_DOMAIN_NAME
fi
if [ -d /var/www/$GHOST_DOMAIN_NAME ]; then
rm -rf /var/www/$GHOST_DOMAIN_NAME
fi
remove_config_param GHOST_DOMAIN_NAME
remove_config_param GHOST_CODE
function_check remove_onion_service
remove_onion_service ghost ${GHOST_ONION_PORT}
remove_completion_param "install_ghost"
sed -i '/Ghost/d' $COMPLETION_FILE
sed -i '/ghost/d' $COMPLETION_FILE
sed -i '/ghost/d' /home/$MY_USERNAME/README
sed -i '/Ghost/d' /home/$MY_USERNAME/README
function_check remove_ddns_domain
remove_ddns_domain $GHOST_DOMAIN_NAME
}
function get_ghost_admin_password {
if [ -f /home/$MY_USERNAME/README ]; then
if grep -q "Your ghost password is" /home/$MY_USERNAME/README; then
GHOST_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Your ghost password is" | awk -F ':' '{print $2}' | sed 's/^ *//')
fi
fi
}
function ghost_create_config {
ghost_config=/var/www/${GHOST_DOMAIN_NAME}/htdocs/config.js
echo "var path = require('path')," > $ghost_config
echo ' config;' >> $ghost_config
echo '' >> $ghost_config
echo 'config = {' >> $ghost_config
echo ' production: {' >> $ghost_config
if [[ $ONION_ONLY == 'no' ]]; then
echo " url: 'https://${GHOST_DOMAIN_NAME}'," >> $ghost_config
else
echo " url: 'http://${GHOST_DOMAIN_NAME}'," >> $ghost_config
fi
echo ' mail: {' >> $ghost_config
echo " transport: 'SMTP'," >> $ghost_config
echo ' options: {' >> $ghost_config
echo " service: 'Sendmail'," >> $ghost_config
echo ' }' >> $ghost_config
echo ' },' >> $ghost_config
echo ' database: {' >> $ghost_config
echo " client: 'mysql'," >> $ghost_config
echo ' connection: {' >> $ghost_config
echo " host : '127.0.0.1'," >> $ghost_config
echo " user : 'root'," >> $ghost_config
echo " password : '${MARIADB_PASSWORD}'," >> $ghost_config
echo " database : 'ghost'," >> $ghost_config
echo " charset : 'utf8'" >> $ghost_config
echo ' }' >> $ghost_config
echo ' },' >> $ghost_config
echo '' >> $ghost_config
echo ' server: {' >> $ghost_config
echo " host: '127.0.0.1'," >> $ghost_config
echo " port: '${GHOST_PORT}'" >> $ghost_config
echo ' },' >> $ghost_config
echo ' logging: false' >> $ghost_config
echo ' }' >> $ghost_config
echo '};' >> $ghost_config
echo '' >> $ghost_config
echo 'module.exports = config;' >> $ghost_config
chmod 700 $ghost_config
}
function ghost_create_database {
function_check get_mariadb_git_admin_password
get_mariadb_git_admin_password
if [ ! ${GIT_ADMIN_PASSWORD} ]; then
if [ -f ${IMAGE_PASSWORD_FILE} ]; then
GIT_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
else
GIT_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
fi
fi
if [ ! $GIT_ADMIN_PASSWORD ]; then
return
fi
function_check create_database
create_database ghost "$GHOST_ADMIN_PASSWORD"
}
function install_ghost {
if [ ! $ONION_ONLY ]; then
ONION_ONLY='no'
fi
if [ ! $GHOST_DOMAIN_NAME ]; then
echo $'The ghost domain name was not specified'
exit 5062
fi
# for the avatar changing command
apt-get -yq install unzip wget
function_check install_nodejs
install_nodejs ghost
if [ ! -d /var/www/$GHOST_DOMAIN_NAME/htdocs ]; then
mkdir -p /var/www/$GHOST_DOMAIN_NAME/htdocs
fi
cd /var/www/$GHOST_DOMAIN_NAME/htdocs
wget https://ghost.org/zip/ghost-${GHOST_VERSION}.zip
if [ ! -f ghost-${GHOST_VERSION}.zip ]; then
echo $'Unable to download ghost'
exit 63892
fi
unzip ghost-${GHOST_VERSION}.zip
if [ ! -f /var/www/${GHOST_DOMAIN_NAME}/htdocs/index.js ]; then
echo $'ghost failed to unzip'
exit 63835
fi
npm install --production
function_check install_mariadb
install_mariadb
function_check get_mariadb_password
get_mariadb_password
function_check ghost_create_database
ghost_create_database
ghost_create_config
adduser --system --home=/var/www/$GHOST_DOMAIN_NAME/htdocs/ --group ghost
chown -R ghost: /var/www/$GHOST_DOMAIN_NAME/htdocs/
echo '[Unit]' > /etc/systemd/system/ghost.service
echo 'Description=Ghost Blog' >> /etc/systemd/system/ghost.service
echo 'After=syslog.target' >> /etc/systemd/system/ghost.service
echo 'After=network.target' >> /etc/systemd/system/ghost.service
echo 'After=mysqld.service' >> /etc/systemd/system/ghost.service
echo '' >> /etc/systemd/system/ghost.service
echo '[Service]' >> /etc/systemd/system/ghost.service
echo 'Type=simple' >> /etc/systemd/system/ghost.service
echo 'User=ghost' >> /etc/systemd/system/ghost.service
echo 'Group=ghost' >> /etc/systemd/system/ghost.service
echo "WorkingDirectory=/var/www/${GHOST_DOMAIN_NAME}/htdocs" >> /etc/systemd/system/ghost.service
echo "ExecStart=/usr/bin/node /var/www/${GHOST_DOMAIN_NAME}/htdocs/index.js" >> /etc/systemd/system/ghost.service
echo 'Restart=always' >> /etc/systemd/system/ghost.service
echo 'RestartSec=60' >> /etc/systemd/system/ghost.service
echo "Environment=NODE_ENV=production PORT=${GHOST_PORT}" >> /etc/systemd/system/ghost.service
echo '' >> /etc/systemd/system/ghost.service
echo '[Install]' >> /etc/systemd/system/ghost.service
echo 'WantedBy=multi-user.target' >> /etc/systemd/system/ghost.service
systemctl enable ghost
systemctl daemon-reload
systemctl start ghost
if [[ ${ONION_ONLY} == "no" ]]; then
function_check nginx_http_redirect
nginx_http_redirect ${GHOST_DOMAIN_NAME}
echo 'server {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' listen 443 ssl;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo " root /var/www/${GHOST_DOMAIN_NAME}/htdocs;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo " server_name ${GHOST_DOMAIN_NAME};" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' access_log off;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo " error_log /var/log/nginx/${GHOST_DOMAIN_NAME}_error.log ${WEBSERVER_LOG_LEVEL};" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
function_check nginx_ssl
nginx_ssl ${GHOST_DOMAIN_NAME}
function_check nginx_disable_sniffing
nginx_disable_sniffing ${GHOST_DOMAIN_NAME}
echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' location / {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
function_check nginx_limits
nginx_limits ${GHOST_DOMAIN_NAME} '10G'
echo " proxy_pass http://localhost:${GHOST_PORT};" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' location = /robots.txt {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' allow all;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' log_not_found off;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' access_log off;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '}' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
else
echo -n '' > /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
fi
echo 'server {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo " listen 127.0.0.1:${GHOST_ONION_PORT} default_server;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo " root /var/www/$GHOST_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo " server_name $GHOST_DOMAIN_NAME;" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' access_log off;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo " error_log /var/log/nginx/${GHOST_DOMAIN_NAME}_error.log ${WEBSERVER_LOG_LEVEL};" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
function_check nginx_disable_sniffing
nginx_disable_sniffing ${GHOST_DOMAIN_NAME}
echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' location / {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
function_check nginx_limits
nginx_limits ${GHOST_DOMAIN_NAME} '10G'
echo " proxy_pass http://localhost:${GHOST_PORT};" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' location = /robots.txt {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' allow all;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' log_not_found off;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' access_log off;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
echo '}' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME}
function_check create_site_certificate
create_site_certificate $GHOST_DOMAIN_NAME 'yes'
function_check configure_php
configure_php
GHOST_ONION_HOSTNAME=$(add_onion_service ghost 80 ${GHOST_ONION_PORT})
function_check nginx_ensite
nginx_ensite $GHOST_DOMAIN_NAME
systemctl restart nginx
if ! grep -q "Ghost onion domain" /home/$MY_USERNAME/README; then
echo $"Ghost onion domain: ${GHOST_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
echo '' >> /home/$MY_USERNAME/README
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
chmod 600 /home/$MY_USERNAME/README
fi
function_check add_ddns_domain
add_ddns_domain $GHOST_DOMAIN_NAME
set_completion_param "ghost domain" "$GHOST_DOMAIN_NAME"
APP_INSTALLED=1
}
# NOTE: deliberately no exit 0

View File

@ -195,7 +195,7 @@ function upgrade_htmly {
} }
function backup_local_htmly { function backup_local_htmly {
HTMLY_DOMAIN_NAME='htmly' HTMLY_DOMAIN_NAME='htmly.local'
if grep -q "htmly domain" $COMPLETION_FILE; then if grep -q "htmly domain" $COMPLETION_FILE; then
HTMLY_DOMAIN_NAME=$(get_completion_param "htmly domain") HTMLY_DOMAIN_NAME=$(get_completion_param "htmly domain")
fi fi
@ -215,7 +215,7 @@ function backup_local_htmly {
} }
function restore_local_htmly { function restore_local_htmly {
HTMLY_DOMAIN_NAME='htmly' HTMLY_DOMAIN_NAME='htmly.local'
if grep -q "htmly domain" $COMPLETION_FILE; then if grep -q "htmly domain" $COMPLETION_FILE; then
HTMLY_DOMAIN_NAME=$(get_completion_param "htmly domain") HTMLY_DOMAIN_NAME=$(get_completion_param "htmly domain")
fi fi