diff --git a/src/freedombone-app-pelican b/src/freedombone-app-pelican index eee6dd5a..3d58702f 100755 --- a/src/freedombone-app-pelican +++ b/src/freedombone-app-pelican @@ -33,7 +33,7 @@ VARIANTS='' IN_DEFAULT_INSTALL=0 SHOW_ON_ABOUT=0 -PELICAN_BLOG_DOMAIN= +PELICAN_DOMAIN_NAME= PELICAN_BLOG_CODE= PELICAN_THEMES_REPO="https://github.com/getpelican/pelican-themes" @@ -45,9 +45,101 @@ PELICAN_CURRENT_BLOG_INDEX=$PELICAN_BLOG_INSTALL_DIR/.blog-index pelican_variables=(MY_USERNAME ONION_ONLY - PELICAN_BLOG_DOMAIN + PELICAN_DOMAIN_NAME PELICAN_BLOG_CODE) + +function install_pelican_website { + if [[ $ONION_ONLY == 'no' ]]; then + echo -n '' > /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + return + fi + function_check nginx_http_redirect + nginx_http_redirect $PELICAN_DOMAIN_NAME + echo 'server {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' listen [::]:443 ssl;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo " root /var/www/${PELICAN_DOMAIN_NAME}/htdocs;" >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo " server_name ${PELICAN_DOMAIN_NAME};" >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' access_log /dev/null;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo " error_log /dev/null;" >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' index index.html;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' charset utf-8;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + function_check nginx_ssl + nginx_ssl $PELICAN_DOMAIN_NAME + function_check nginx_disable_sniffing + nginx_disable_sniffing $PELICAN_DOMAIN_NAME + echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location / {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + function_check nginx_limits + nginx_limits $PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + nginx_keybase ${PELICAN_DOMAIN_NAME} + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' # block these file types' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' deny all;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location ~ /\. {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' deny all;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' deny all;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' deny all;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '}' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + + function_check create_site_certificate + create_site_certificate $PELICAN_DOMAIN_NAME 'yes' +} + +function install_pelican_website_onion { + echo 'server {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo " listen 127.0.0.1:${HTMLY_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo " root /var/www/${PELICAN_DOMAIN_NAME}/htdocs;" >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo " server_name ${PELICAN_DOMAIN_NAME};" >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' access_log /dev/null;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo " error_log /dev/null;" >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' index index.html;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' charset utf-8;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + function_check nginx_disable_sniffing + nginx_disable_sniffing $PELICAN_DOMAIN_NAME + echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location / {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + function_check nginx_limits + nginx_limits $PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + nginx_keybase ${PELICAN_DOMAIN_NAME} + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' # block these file types' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' deny all;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location ~ /\. {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' deny all;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' deny all;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' deny all;' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo ' }' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME + echo '}' >> /etc/nginx/sites-available/$PELICAN_DOMAIN_NAME +} + function pelican_editor_config { if [ ! -f $PELICAN_BLOG_INSTALL_DIR/.emacs-pelican ]; then echo "(add-hook 'before-save-hook 'delete-trailing-whitespace)" > $PELICAN_BLOG_INSTALL_DIR/.emacs-pelican @@ -76,8 +168,8 @@ function pelican_regenerate_blog { cd $PELICAN_BLOG_INSTALL_DIR make html - cp -r $PELICAN_BLOG_INSTALL_DIR/output/* /var/www/$PELICAN_BLOG_DOMAIN/htdocs/ - chown -R www-data:www-data /var/www/$PELICAN_BLOG_DOMAIN/htdocs + cp -r $PELICAN_BLOG_INSTALL_DIR/output/* /var/www/$PELICAN_DOMAIN_NAME/htdocs/ + chown -R www-data:www-data /var/www/$PELICAN_DOMAIN_NAME/htdocs } function pelican_new_blog { @@ -263,7 +355,7 @@ function install_interactive_pelican { fi if [[ $ONION_ONLY != "no" ]]; then - PELICAN_BLOG_DOMAIN='pelican.local' + PELICAN_DOMAIN_NAME='pelican.local' else PELICAN_DETAILS_COMPLETE= while [ ! $PELICAN_DETAILS_COMPLETE ] @@ -274,14 +366,14 @@ function install_interactive_pelican { dialog --backtitle $"Freedombone Configuration" \ --title $"Pelican Blog Configuration" \ --form $"\nPlease enter your blog details.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 14 65 2 \ - $"Domain:" 1 1 "$(grep 'PELICAN_BLOG_DOMAIN' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \ + $"Domain:" 1 1 "$(grep 'PELICAN_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \ $"Code:" 2 1 "$(grep 'PELICAN_BLOG_CODE' temp.cfg | awk -F '=' '{print $2}')" 2 25 33 255 \ 2> $data else dialog --backtitle $"Freedombone Configuration" \ --title $"Pelican Blog Configuration" \ --form $"\nPlease enter your GNU Social details. The background image URL can be left blank.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 14 65 2 \ - $"Domain:" 1 1 "$(grep 'PELICAN_BLOG_DOMAIN' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \ + $"Domain:" 1 1 "$(grep 'PELICAN_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \ 2> $data fi sel=$? @@ -289,27 +381,27 @@ function install_interactive_pelican { 1) exit 1;; 255) exit 1;; esac - PELICAN_BLOG_DOMAIN=$(cat $data | sed -n 1p) - if [ $PELICAN_BLOG_DOMAIN ]; then - if [[ $PELICAN_BLOG_DOMAIN == "$HUBZILLA_DOMAIN_NAME" ]]; then - PELICAN_BLOG_DOMAIN="" + PELICAN_DOMAIN_NAME=$(cat $data | sed -n 1p) + if [ $PELICAN_DOMAIN_NAME ]; then + if [[ $PELICAN_DOMAIN_NAME == "$HUBZILLA_DOMAIN_NAME" ]]; then + PELICAN_DOMAIN_NAME="" fi - TEST_DOMAIN_NAME=$PELICAN_BLOG_DOMAIN + TEST_DOMAIN_NAME=$PELICAN_DOMAIN_NAME validate_domain_name - if [[ $TEST_DOMAIN_NAME != $PELICAN_BLOG_DOMAIN ]]; then - PELICAN_BLOG_DOMAIN= + if [[ $TEST_DOMAIN_NAME != $PELICAN_DOMAIN_NAME ]]; then + PELICAN_DOMAIN_NAME= dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50 else if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then PELICAN_BLOG_CODE=$(cat $data | sed -n 2p) validate_freedns_code "$PELICAN_BLOG_CODE" if [ ! $VALID_CODE ]; then - PELICAN_BLOG_DOMAIN= + PELICAN_DOMAIN_NAME= fi fi fi fi - if [ $PELICAN_BLOG_DOMAIN ]; then + if [ $PELICAN_DOMAIN_NAME ]; then PELICAN_DETAILS_COMPLETE="yes" fi done @@ -317,7 +409,7 @@ function install_interactive_pelican { # save the results in the config file write_config_param "PELICAN_BLOG_CODE" "$PELICAN_BLOG_CODE" fi - write_config_param "PELICAN_BLOG_DOMAIN" "$PELICAN_BLOG_DOMAIN" + write_config_param "PELICAN_DOMAIN_NAME" "$PELICAN_DOMAIN_NAME" APP_INSTALLED=1 } @@ -336,7 +428,7 @@ function backup_local_pelican { function_check backup_directory_to_usb backup_directory_to_usb $source_directory $dest_directory fi - source_directory=/var/www/$PELICAN_BLOG_DOMAIN/htdocs + source_directory=/var/www/$PELICAN_DOMAIN_NAME/htdocs if [ -d $source_directory ]; then dest_directory=pelican-site function_check backup_directory_to_usb @@ -362,12 +454,12 @@ function restore_local_pelican { rm -rf $temp_restore_dir fi fi - if [ -d /var/www/$PELICAN_BLOG_DOMAIN/htdocs ]; then + if [ -d /var/www/$PELICAN_DOMAIN_NAME/htdocs ]; then if [ -d $USB_MOUNT_DLNA/backup/pelican-site ]; then temp_restore_dir=/root/temppelican-site function_check restore_directory_from_usb restore_directory_from_usb $temp_restore_dir pelican-site - cp -r $temp_restore_dir/var/www/$PELICAN_BLOG_DOMAIN/htdocs/* /var/www/$PELICAN_BLOG_DOMAIN/htdocs/ + cp -r $temp_restore_dir/var/www/$PELICAN_DOMAIN_NAME/htdocs/* /var/www/$PELICAN_DOMAIN_NAME/htdocs/ if [ ! "$?" = "0" ]; then rm -rf $temp_restore_dir function_check set_user_permissions @@ -385,8 +477,8 @@ function backup_remote_pelican { if [ -d /etc/blog ]; then backup_directory_to_friend /etc/blog pelican fi - if [ -d /var/www/$PELICAN_BLOG_DOMAIN/htdocs ]; then - backup_directory_to_friend /var/www/$PELICAN_BLOG_DOMAIN/htdocs pelican-site + if [ -d /var/www/$PELICAN_DOMAIN_NAME/htdocs ]; then + backup_directory_to_friend /var/www/$PELICAN_DOMAIN_NAME/htdocs pelican-site fi } @@ -403,12 +495,12 @@ function restore_remote_pelican { rm -rf $temp_restore_dir fi fi - if [ -d /var/www/$PELICAN_BLOG_DOMAIN/htdocs ]; then + if [ -d /var/www/$PELICAN_DOMAIN_NAME/htdocs ]; then if [ -d $SERVER_DIRECTORY/backup/pelican-site ]; then temp_restore_dir=/root/temppelican-site function_check restore_directory_from_friend restore_directory_from_friend $temp_restore_dir pelican-site - cp -r $temp_restore_dir/var/www/$PELICAN_BLOG_DOMAIN/htdocs/* /var/www/$PELICAN_BLOG_DOMAIN/htdocs/ + cp -r $temp_restore_dir/var/www/$PELICAN_DOMAIN_NAME/htdocs/* /var/www/$PELICAN_DOMAIN_NAME/htdocs/ if [ ! "$?" = "0" ]; then exit 76382562 fi @@ -418,11 +510,11 @@ function restore_remote_pelican { } function remove_pelican { - if [ -d /var/www/$PELICAN_BLOG_DOMAIN/htdocs ]; then - rm -rf /var/www/$PELICAN_BLOG_DOMAIN/htdocs + if [ -d /var/www/$PELICAN_DOMAIN_NAME/htdocs ]; then + rm -rf /var/www/$PELICAN_DOMAIN_NAME/htdocs fi pip uninstall pelican - remove_certs $PELICAN_BLOG_DOMAIN + remove_certs $PELICAN_DOMAIN_NAME } function create_pelican_conf { @@ -661,7 +753,7 @@ function install_pelican { pip install typogrify pip install pelican - PELICAN_BLOG_PATH=/var/www/$PELICAN_BLOG_DOMAIN/htdocs + PELICAN_BLOG_PATH=/var/www/$PELICAN_DOMAIN_NAME/htdocs if [ ! -d $PELICAN_BLOG_INSTALL_DIR ]; then mkdir -p $PELICAN_BLOG_INSTALL_DIR @@ -690,6 +782,13 @@ function install_pelican { pelican_editor_config + install_pelican_website + install_pelican_website_onion + + function_check nginx_ensite + nginx_ensite $PELICAN_DOMAIN_NAME + systemctl restart nginx + APP_INSTALLED=1 }