2017-02-18 16:45:43 +01:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
# Exit on command errors and treat unset variables as an error
|
|
|
|
set -eu
|
|
|
|
|
|
|
|
shopt -s extglob # sets extended pattern matching options in the bash shell
|
|
|
|
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
|
|
|
|
# Source local helpers
|
|
|
|
source ./_common.sh
|
|
|
|
|
|
|
|
# Retrieve arguments
|
|
|
|
domain=$YNH_APP_ARG_DOMAIN
|
|
|
|
path=$YNH_APP_ARG_PATH
|
2017-05-14 18:26:27 +02:00
|
|
|
port=$(ynh_find_port $YNH_APP_ARG_PORT)
|
2017-03-05 14:41:56 +01:00
|
|
|
admin=$YNH_APP_ARG_ADMIN
|
2017-02-18 16:45:43 +01:00
|
|
|
is_public=$YNH_APP_ARG_IS_PUBLIC
|
|
|
|
|
|
|
|
# Source YunoHost helpers
|
|
|
|
source /usr/share/yunohost/helpers
|
|
|
|
|
|
|
|
# Fix path if needed
|
|
|
|
path=$(fix_path $path)
|
|
|
|
|
|
|
|
# Check domain/path availability
|
|
|
|
sudo yunohost app checkurl "${domain}${path}" -a "$app" \
|
|
|
|
|| ynh_die "Path not available: ${domain}${path}"
|
|
|
|
|
|
|
|
# Save app settings
|
2017-03-05 14:41:56 +01:00
|
|
|
ynh_app_setting_set "$app" admin "$admin"
|
2017-02-18 16:45:43 +01:00
|
|
|
ynh_app_setting_set "$app" is_public "$is_public"
|
2017-05-18 20:45:58 +02:00
|
|
|
ynh_app_setting_set "$app" port "$port"
|
2017-02-18 16:45:43 +01:00
|
|
|
|
2017-03-12 12:40:26 +01:00
|
|
|
# Install dependencies
|
|
|
|
install_dependencies
|
2017-02-18 16:45:43 +01:00
|
|
|
|
|
|
|
# If NetData is installed, configure it to feed InfluxDB
|
|
|
|
netdata_conf="/opt/netdata/etc/netdata/netdata.conf"
|
|
|
|
if [[ -f "$netdata_conf" ]] ; then
|
|
|
|
# If there is already a [backend] section
|
|
|
|
if [ -n "$(sudo cat $netdata_conf | grep '\[backend\]')" ] ; then
|
|
|
|
# These regexps replaces patterns inside ini [sections] ([backend] section, here)
|
|
|
|
sudo sed -i '/^\[backend\]$/,/^\[/ {
|
|
|
|
s/# enabled = no/enabled = yes/
|
|
|
|
s/# type = graphite/type = opentsdb/
|
|
|
|
s/# destination = localhost/destination = localhost:4242/
|
|
|
|
s/# update every = 10/update every = 60/
|
|
|
|
}' $netdata_conf
|
|
|
|
else
|
|
|
|
# Otherwise create the section
|
|
|
|
echo "[backend]
|
|
|
|
enabled = yes
|
|
|
|
type = opentsdb
|
|
|
|
destination = localhost:4242" | sudo tee -a $netdata_conf
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Restart NetData
|
|
|
|
sudo systemctl restart netdata
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Generate MySQL password and create database
|
|
|
|
dbuser=$app
|
|
|
|
dbname=$app
|
|
|
|
dbpass=$(ynh_string_random 12)
|
|
|
|
ynh_app_setting_set "$app" mysqlpwd "$dbpass"
|
|
|
|
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
|
|
|
|
|
|
|
|
# Configure InfluxDB
|
|
|
|
if [ -f /etc/influxdb/influxdb.conf ] ; then
|
|
|
|
sudo sed -i '/^\[\[opentsdb\]\]$/,/^\[/ s/# enabled = false/enabled = true/' /etc/influxdb/influxdb.conf
|
|
|
|
else
|
|
|
|
[ -d /etc/influxdb ] || sudo mkdir /etc/influxdb
|
|
|
|
sudo cp ../conf/influxdb.conf /etc/influxdb
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Start InfluxDB server
|
|
|
|
sudo systemctl start influxdb
|
|
|
|
|
|
|
|
# Configure Grafana
|
|
|
|
sudo cp ../conf/ldap.toml /etc/grafana
|
|
|
|
|
|
|
|
grafana_conf="/etc/grafana/grafana.ini"
|
2017-05-14 18:26:27 +02:00
|
|
|
# Set final port
|
|
|
|
sudo sed -i "/^\[server\]$/,/^\[/ s@;http_port = .*@http_port = $port@" $grafana_conf
|
2017-02-18 16:45:43 +01:00
|
|
|
# Set final URL
|
|
|
|
sudo sed -i "/^\[server\]$/,/^\[/ s@;root_url = .*@root_url = https://$domain$path@" $grafana_conf
|
|
|
|
# Disable check for updates
|
|
|
|
sudo sed -i '/^\[analytics\]$/,/^\[/ s/;check_for_updates = .*/check_for_updates = false/' $grafana_conf
|
2017-03-05 15:25:18 +01:00
|
|
|
# Disable organization creation
|
|
|
|
sudo sed -i '/^\[users\]$/,/^\[/ s/;allow_org_create = .*/allow_org_create = false/' $grafana_conf
|
2017-02-18 16:45:43 +01:00
|
|
|
# Enable HTTP and LDAP authentication
|
|
|
|
sudo sed -i '/^\[auth.basic\]$/,/^\[/ s/;enabled = .*/enabled = false/' $grafana_conf
|
|
|
|
sudo sed -i '/^\[auth.proxy\]$/,/^\[/ s/;enabled = .*/enabled = true/' $grafana_conf
|
|
|
|
sudo sed -i '/^\[auth.ldap\]$/,/^\[/ {
|
|
|
|
s/;enabled = .*/enabled = true/
|
|
|
|
s/;allow_sign_up = .*/allow_sign_up = true/
|
|
|
|
}' $grafana_conf
|
|
|
|
# Set log level to debug
|
|
|
|
sudo sed -i '/^\[log\]$/,/^\[/ s/;level = .*/level = debug/' $grafana_conf
|
|
|
|
|
|
|
|
# Change URL and database credentials
|
|
|
|
sudo sed -i "/^\[database\]$/,/^\[/ {
|
|
|
|
s/;type = .*/type = mysql/
|
|
|
|
s/;name = .*/name = $dbname/
|
|
|
|
s/;user = .*/user = $dbuser/
|
|
|
|
s/;password =.*/password = $dbpass/
|
|
|
|
}" $grafana_conf
|
|
|
|
|
|
|
|
# Restart grafana server
|
|
|
|
sudo systemctl restart grafana-server
|
|
|
|
|
|
|
|
# Wait for Grafana to start and initialize database
|
|
|
|
while [ -z "$(sudo netstat -lnput|grep grafana)" ] ; do
|
|
|
|
sleep 5s
|
|
|
|
done
|
|
|
|
|
2017-03-05 14:41:56 +01:00
|
|
|
# Change admin name to the specified one
|
|
|
|
mail=$(ynh_user_get_info "$admin" 'mail')
|
|
|
|
ynh_mysql_connect_as $dbuser $dbpass $dbname <<< "UPDATE user SET login=\"$admin\", email=\"$mail\" WHERE login=\"admin\";"
|
|
|
|
|
2017-02-18 16:45:43 +01:00
|
|
|
# Import default dashboard for NetData
|
|
|
|
hostname=$(hostname)
|
|
|
|
sed -i "s@yunohost.yunohost.org@$hostname@g" ../conf/grafana_init_data.sql
|
2017-03-05 14:41:56 +01:00
|
|
|
ynh_mysql_connect_as $dbuser $dbpass $dbname < ../conf/grafana_init_data.sql
|
|
|
|
|
2017-02-18 16:45:43 +01:00
|
|
|
# Restart grafana server to take db change into account
|
|
|
|
sudo systemctl restart grafana-server
|
|
|
|
|
|
|
|
# Enable the systemd service so that InfluxDB and Grafana start at boot
|
|
|
|
sudo systemctl enable influxdb.service
|
|
|
|
sudo systemctl enable grafana-server.service
|
|
|
|
|
|
|
|
# Store useful files for backup/restore scripts
|
|
|
|
sudo cp _common.sh /etc/grafana
|
|
|
|
|
|
|
|
# Modify Nginx configuration file and copy it to Nginx conf directory
|
|
|
|
if [[ "$path" == "/" ]] ; then
|
|
|
|
nginx_conf=../conf/nginx_root.conf
|
|
|
|
else
|
|
|
|
nginx_conf=../conf/nginx_sub_dir.conf
|
|
|
|
fi
|
|
|
|
|
|
|
|
sed -i "s@YNH_WWW_PATH@$path@g" $nginx_conf
|
2017-05-14 18:26:27 +02:00
|
|
|
sed -i "s@YNH_WWW_PORT@$port@g" $nginx_conf
|
2017-02-18 16:45:43 +01:00
|
|
|
sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf
|
|
|
|
|
|
|
|
# If app is public, add url to SSOWat conf as skipped_uris
|
|
|
|
if [[ $is_public -eq 1 ]]; then
|
|
|
|
# unprotected_uris allows SSO credentials to be passed anyway.
|
|
|
|
ynh_app_setting_set "$app" unprotected_uris "/"
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Reload services
|
2017-03-12 12:40:26 +01:00
|
|
|
sudo systemctl reload nginx
|