1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/discourse_ynh.git synced 2024-09-03 18:26:18 +02:00
discourse_ynh/scripts/install

339 lines
14 KiB
Text
Raw Normal View History

2018-04-02 16:36:02 +02:00
#!/bin/bash
shopt -s extglob # sets extended pattern matching options in the bash shell
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source /usr/share/yunohost/helpers
source _common.sh
2018-04-02 16:36:02 +02:00
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
2018-05-02 20:00:27 +02:00
# Clean remainings not handled by remove script
ynh_clean_check_starting
2018-04-02 16:36:02 +02:00
}
ynh_abort_if_errors # Stop script if an error is detected
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve app id
app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
path_url=$(ynh_normalize_url_path $path_url) # Check and normalize path
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
# Check memory requirements
check_memory_requirements
2018-04-02 16:36:02 +02:00
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set $app domain "$domain"
ynh_app_setting_set $app path_url "$path_url"
ynh_app_setting_set $app admin "$admin"
ynh_app_setting_set $app is_public "$is_public"
ynh_app_setting_set $app final_path $final_path
2018-04-02 16:36:02 +02:00
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_install_app_dependencies "$pkg_dependencies"
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a system user allowing login
ynh_system_user_create $app $final_path 1
2018-04-02 16:36:02 +02:00
#=================================================
# CREATE A POSTGRES DATABASE
#=================================================
db_name=$(ynh_sanitize_dbid $app)
db_pwd=$(ynh_string_random)
ynh_app_setting_set $app db_name $db_name
2018-04-07 11:56:54 +02:00
ynh_app_setting_set $app db_pwd $db_pwd
2018-04-02 16:36:02 +02:00
ynh_psql_test_if_first_run
ynh_psql_create_db $db_name $db_name $db_pwd
# Set extensions
ynh_psql_execute_as_root "\connect $db_name
CREATE EXTENSION IF NOT EXISTS hstore; CREATE EXTENSION IF NOT EXISTS pg_trgm;"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
# Install LDAP plugin
mkdir -p "$final_path/plugins/discourse-ldap-auth"
ynh_setup_source "$final_path/plugins/discourse-ldap-auth" ldap-auth
#=================================================
# INSTALL RUBY
#=================================================
ynh_install_ruby $RUBY_VERSION
2018-04-02 16:36:02 +02:00
#=================================================
# NGINX CONFIGURATION
#=================================================
2018-06-03 17:56:14 +02:00
# Create a dedicated nginx config
ynh_add_nginx_config
2018-04-02 16:36:02 +02:00
# Reference: https://meta.discourse.org/t/subfolder-support-with-docker/30507?u=falco&source_topic_id=54191
if [ "$path_url" != "/" ] ; then
2018-06-03 17:56:14 +02:00
ynh_replace_string '$proxy_add_x_forwarded_for' '$http_your_original_ip_header' "/etc/nginx/conf.d/$domain.d/$app.conf"
2018-04-02 16:36:02 +02:00
fi
2018-06-03 17:56:14 +02:00
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
2018-04-02 16:36:02 +02:00
#=================================================
# SPECIFIC SETUP
#=================================================
#=================================================
# CONFIGURE DISCOURSE
#=================================================
# Configure database
2018-04-07 11:56:54 +02:00
discourse_config_file="$final_path/config/discourse.conf"
cp $final_path/config/discourse_defaults.conf $discourse_config_file
ynh_replace_string "db_name = discourse" "db_name = $db_name" "$discourse_config_file"
ynh_replace_string "db_username = discourse" "db_username = $db_name" "$discourse_config_file"
ynh_replace_string "db_password =" "db_password = $db_pwd" "$discourse_config_file"
2018-04-02 16:36:02 +02:00
# Configure hostname
2018-04-07 11:56:54 +02:00
ynh_replace_string "hostname = \"www.example.com\"" "hostname = \"$domain\"" "$discourse_config_file"
ynh_replace_string "relative_url_root =" "relative_url_root = ${path_url%/}" "$discourse_config_file"
2018-04-02 16:36:02 +02:00
# Serve static assets (i.e. images, js, etc.)
2018-04-07 11:56:54 +02:00
ynh_replace_string "serve_static_assets = false" "serve_static_assets = true" "$discourse_config_file"
2018-04-07 11:58:39 +02:00
# Don't show miniprofiler
ynh_replace_string "load_mini_profiler = true" "load_mini_profiler = false" "$discourse_config_file"
2018-04-02 16:36:02 +02:00
# Configure e-mail server
admin_mail=$(ynh_user_get_info "$admin" mail)
2018-04-07 11:56:54 +02:00
ynh_replace_string "developer_emails =" "developer_emails = $admin_mail" "$discourse_config_file"
ynh_replace_string "smtp_address =" "smtp_address = localhost" "$discourse_config_file"
ynh_replace_string "smtp_domain =" "smtp_domain = $domain" "$discourse_config_file"
ynh_replace_string "smtp_enable_start_tls = true" "smtp_enable_start_tls = false" "$discourse_config_file"
2018-04-02 16:36:02 +02:00
# Configure redis
redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set "$app" redis_db "$redis_db"
ynh_replace_string "redis_db = 0" "redis_db = $redis_db" "$discourse_config_file"
2018-04-02 16:36:02 +02:00
# Calculate and store the config file checksum
2018-04-07 11:56:54 +02:00
ynh_store_file_checksum "$discourse_config_file"
2018-04-02 16:36:02 +02:00
2018-04-07 11:56:54 +02:00
# Configure LDAP plugin
ldap_config_file="$final_path/plugins/discourse-ldap-auth/config/settings.yml"
ynh_replace_string "adfs.example.com" "localhost" "$ldap_config_file"
ynh_replace_string "dc=example,dc=com" "ou=users,dc=yunohost,dc=org" "$ldap_config_file"
ynh_replace_string "sAMAccountName" "uid" "$ldap_config_file"
ynh_store_file_checksum "$ldap_config_file"
2018-04-02 16:36:02 +02:00
# Disable svgo worker
echo "svgo: false" > $final_path/.image_optim.yml
2018-04-02 16:36:02 +02:00
#=================================================
# SETUP UNICORN, A RUBY SERVER
#=================================================
unicorn_config_file="$final_path/config/unicorn.conf.rb"
# Use socket connection
ynh_replace_string 'listen (ENV\["UNICORN_PORT"\] || 3000).to_i' '# listen (ENV["UNICORN_PORT"] || 3000).to_i' "$unicorn_config_file"
ynh_replace_string '# listen "#{discourse_path}/tmp/sockets/unicorn.sock"' 'listen "#{discourse_path}/tmp/sockets/unicorn.sock"' "$unicorn_config_file"
2018-04-02 16:36:02 +02:00
# Calculate and store the config file checksum
ynh_store_file_checksum "$unicorn_config_file"
2018-04-02 16:36:02 +02:00
# Set a secret value
cp ../conf/secrets.yml "$final_path/config/secrets.yml"
ynh_replace_string "__SECRET__" "$(ynh_string_random)" "$final_path/config/secrets.yml"
# Calculate and store the config file checksum
ynh_store_file_checksum "$final_path/config/secrets.yml"
# Set permissions to app files
chown -R $app: $final_path
(cd "$final_path"
2018-04-07 11:56:54 +02:00
# Install bundler, a gems installer
2018-04-02 16:36:02 +02:00
gem install bundler
2018-04-07 11:56:54 +02:00
# Install without documentation
exec_as $app echo "gem: --no-ri --no-rdoc" >> "$final_path/.gemrc")
2018-04-29 11:25:32 +02:00
# If on ARM architecture, define the platform specificly to retrieve binaries
# for libv8 because it currently doesn't compile on ARM devices
if [ -n "$(uname -m | grep arm)" ] ; then
exec_login_as $app bundle config specific_platform arm-linux
fi
2018-04-07 11:56:54 +02:00
# Install dependencies
exec_login_as $app MAKEFLAGS=-j2 bundle install --jobs 2 --path vendor/bundle --with development
2018-04-02 16:36:02 +02:00
2018-04-29 11:25:32 +02:00
# On ARM architecture, replace bundled libpsl by system native libpsl
# because the provided binary isn't compatible
if [ -n "$(uname -m | grep arm)" ] ; then
(cd $final_path/vendor/bundle/ruby/*/gems/mini_suffix-*/vendor
rm libpsl.so
ln -s $(ldconfig -p | grep libpsl | awk 'END {print $NF}') libpsl.so)
fi
2018-04-02 16:36:02 +02:00
#=================================================
# PREPARE THE DATABASE
#=================================================
rake_exec="exec_login_as $app RAILS_ENV=production bin/rake"
2018-04-02 16:36:02 +02:00
$rake_exec db:migrate
$rake_exec assets:precompile
2018-04-02 16:36:02 +02:00
#=================================================
# POPULATE THE DATABASE
#=================================================
#Set default data (especially to have correct image URLs for subfolder install)
ynh_psql_connect_as $db_name $db_pwd $db_name <<< "INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('title', 1, 'YunoHost Forum', 'NOW()', 'NOW()');
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('site_description', 1, 'YunoHost Forum', 'NOW()', 'NOW()');
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('contact_email', 14, '$admin_mail', 'NOW()', 'NOW()');
2018-04-08 17:23:18 +02:00
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('contact_url', 1, '$domain$path_url', 'NOW()', 'NOW()');
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('site_contact_username', 15, '$admin', 'NOW()', 'NOW()');
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('logo_url', 1, '${path_url%/}/images/d-logo-sketch.png', 'NOW()', 'NOW()');
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('long_polling_base_url', 1, '${path_url%/}/', 'NOW()', 'NOW()');
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('logo_small_url', 1, '${path_url%/}/images/d-logo-sketch-small.png', 'NOW()', 'NOW()');
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('favicon_url', 1, '${path_url%/}/images/default-favicon.ico', 'NOW()', 'NOW()');
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('apple_touch_icon_url', 1, '${path_url%/}/images/default-apple-touch-icon.png', 'NOW()', 'NOW()');
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('wizard_enabled', 5, 'f', 'NOW()', 'NOW()');
2018-06-03 17:24:21 +02:00
INSERT INTO site_settings (name, data_type, value, created_at, updated_at) VALUES ('force_https', 5, 't', 'NOW()', 'NOW()');
"
#=================================================
# FIX INITIAL POSTS LINKS FOR SUBFOLDER INSTALL
#=================================================
2018-04-08 17:23:18 +02:00
if [ "$path_url" != "/" ] ; then
exec_login_as $app RAILS_ENV=production bundle exec script/discourse remap /images/welcome/ $path_url/images/welcome/ <<< "YES
"
fi
2018-04-02 16:36:02 +02:00
#=================================================
2018-04-03 18:28:04 +02:00
# CREATE ADMIN USER
2018-04-02 16:36:02 +02:00
#=================================================
2018-04-03 18:28:04 +02:00
# Create a random password
admin_pwd=$(ynh_string_random)
2018-04-08 17:23:18 +02:00
$rake_exec admin:create <<< "$admin_mail
2018-04-03 18:28:04 +02:00
$admin_pwd
$admin_pwd
y
"
2018-04-02 16:36:02 +02:00
#=================================================
# CONFIGURE PLUGINS
#=================================================
# Patch ldap-auth plugin dependency (omniauth-ldap) to fix it when using domain subfolder
# (Can only do that now because we are patching dependencies which have just been downloaded)
# Patch applied: https://github.com/omniauth/omniauth-ldap/pull/16
(cd $final_path/plugins/discourse-ldap-auth/gems/*/gems/omniauth-ldap*/
patch -p1 < $YNH_CWD/../conf/ldap-auth-fix-subfolder.patch)
2018-04-02 16:36:02 +02:00
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_replace_string "__RBENVROOT__" "$RBENV_ROOT" "../conf/systemd.service"
2018-04-29 11:25:32 +02:00
# We assume for the moment that ARM devices are only dual core, so
# we restrict the number of workers to 2 (the default is 3)
2018-04-29 11:25:32 +02:00
if [ -n "$(uname -m | grep arm)" ] ; then
additional_env="UNICORN_WORKERS=2"
unicorn_workers=2
2018-04-29 11:25:32 +02:00
else
additional_env=""
unicorn_workers=3
2018-04-29 11:25:32 +02:00
fi
ynh_replace_string "__ADDITIONAL_ENV__" "$additional_env" "../conf/systemd.service"
ynh_replace_string "__LIBJEMALLOC__" "$(ldconfig -p | grep libjemalloc | awk 'END {print $NF}')" "../conf/systemd.service"
ynh_add_systemd_config
2018-04-02 16:36:02 +02:00
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Add a pids and socket directory for the systemd script.
mkdir -p "$final_path/tmp/pids"
mkdir "$final_path/tmp/sockets"
# Set permissions to app files
chown -R $app: $final_path
# Restrict rights to log directory (needed by logrotate)
chmod g-w $final_path/log
2018-04-02 16:36:02 +02:00
#=================================================
# SETUP LOGROTATE
#=================================================
# Use logrotate to manage application logfile(s)
ynh_use_logrotate "$final_path/log/unicorn.stderr.log"
ynh_use_logrotate "$final_path/log/unicorn.stdout.log"
ynh_use_logrotate "$final_path/log/production.log"
2018-04-02 16:36:02 +02:00
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
yunohost service add $app --log "$final_path/log/unicorn.stderr.log" "$final_path/log/unicorn.stdout.log" "$final_path/log/production.log"
2018-04-02 16:36:02 +02:00
#=================================================
# SETUP SSOWAT
#=================================================
# If app is public, add url to SSOWat conf as skipped_uris
if [ $is_public -eq 1 ]; then
# unprotected_uris allows SSO credentials to be passed anyway.
2018-04-08 17:23:18 +02:00
ynh_app_setting_set "$app" skipped_uris "/"
2018-04-02 16:36:02 +02:00
fi
#=================================================
# RELOAD NGINX
#=================================================
systemctl reload nginx
#=================================================
# START UNICORN
2018-04-02 16:36:02 +02:00
#=================================================
# Wait for discourse to be fully started
2018-07-01 10:05:00 +02:00
ynh_check_starting "INFO -- : worker=$((unicorn_workers-1)) ready" "$final_path/log/unicorn.stderr.log" "240" "$app"