YunoHost-Apps/hubzilla_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/hubzilla_ynh.git synced 2024-09-03 19:26:21 +02:00
Code Issues Activity Actions

Cleaning

Browse source
This commit is contained in:
polytan02 2017-02-15 17:29:47 +00:00
parent 8f9631a7e5
commit 15e0a3729e
19 changed files with 0 additions and 1669 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

164
sources/.homeinstall/README.md
View file

@ -1,164 +0,0 @@
# Hubzilla at Home next to your Router
Run hubzilla-setup.sh for an unattended installation of hubzilla.
The script is known to work with Debian 8.3 stable (Jessie)
+ Home-PC (Debian-8.3.0-amd64)
+ DigitalOcean droplet (Debian 8.3 x64 / 512 MB Memory / 20 GB Disk / NYC3)
# Step-by-Step Overwiew
## Preconditions
Hardware
+ Internet connection and router at home
+ Mini-pc connected to your router
+ USB drive for backups
Software
+ Fresh installation of Debian on your mini-pc
+ Router with open ports 80 and 443 for your Debian
## The basic steps (quick overview)
+ Register your own domain (for example at selfHOST) or a free subdomain (for example at freeDNS)
+ Log on to your new debian (server)
- apt-get install git
- mkdir -p /var/www
- cd /var/www
- git clone https://github.com/redmatrix/hubzilla.git html
- cp .homeinstall/hubzilla-config.txt.template .homeinstall/hubzilla-config.txt
- nano .homeinstall/hubzilla-config.txt
- Enter your values there: db pass, domain, values for dyn DNS
- hubzilla-setup.sh as root
- ... wait, wait, wait until the script is finised
- reboot
+ Open your domain with a browser and step throught the initial configuration of hubzilla.
# Step-by-Step in Detail
## Preparations Hardware
### Mini-PC
### Recommended: USB Drive for Backups
The installation will create a daily backup.
If the backup process does not find an external device than the backup goes to
the internal disk.
The USB drive must be compatible with an encrpyted filesystem LUKS + ext4.
## Preparations Software
### Install Debian Linux on the Mini-PC
Download the stable Debian at https://www.debian.org/
Create bootable USB drive with Debian on it. You could use the programm
unetbootin, https://en.wikipedia.org/wiki/UNetbootin
Switch of your mini pc, plug in your USB drive and start the mini pc from the
stick. Install Debian. Follow the instructions of the installation.
### Configure your Router
Open the ports 80 and 443 on your router for your Debian
## Preparations Dynamic IP Address
Your Hubzilla must be reachable by a domain that you can type in your browser
cooldomain.org
You can use subdomains as well
my.cooldomain.org
There are two way to get a domain
- buy a domain (recommended) or
- register a free subdomain
### Method 1: Get yourself an own Domain (recommended)
...for example at selfHOST.de
### Method 2 Register a (free) Subdomain
Register a free subdomain for example at
- freeDNS
- selfHOST
WATCH THIS: A free subdomain is not the prefered way to get a domain name. Why?
Let's encrpyt issues a limited number of certificates each
day. Possibly other users of this domain will try to issue a certificate
at the same day as you do. So make sure you choose a domain with as less subdomains as
possible.
## Install Hubzilla on your Debian
Login to your debian
(Provided your username is "you" and the name of the mini pc is "debian". You
could take the IP address instead of "debian")
ssh -X you@debian
Change to root user
su -l
Install git
apt-get install git
Make the directory for apache and change diretory to it
mkdir /var/www
cd /var/www/
Clone hubzilla from git ("git pull" will update it later)
git clone https://github.com/redmatrix/hubzilla html
Change to the install script
cd html/.homeinstall/
Copy the template file
cp hubzilla-config.txt.template hubzilla-config.txt
Change the file "hubzilla-config.txt". Read the instructions there and enter your values.
nano hubzilla-config.txt
Run the script
./hubzilla-setup.sh
Wait... The script should not finish with an error message.
In a webbrowser open your domain.
Expected: A test page of hubzilla is shown. All checks there shoulg be
successfull. Go on...
Expected: A page for the Hubzilla server configuration shows up.
Leave db server name "127.0.0.1" and port "0" untouched.
Enter
- DB user name = hubzilla
- DB pass word = This is the password you entered in "hubzilla-config.txt"
- DB name = hubzilla
Leave db type "MySQL" untouched.
Follow the instructions in the next pages.

177
sources/.homeinstall/hubzilla-config.txt.template
View file

@ -1,177 +0,0 @@
###############################################
### MANDATORY - database password #############
#
# Please give your database password
# Example: db_pass=pass_word_with_no_blanks_in_it
# Example: db_pass="this password has blanks in it"
db_pass=
###############################################
### MANDATORY - let's encrypt #################
#
# Hubilla requires encrypted communication via secure HTTP (HTTPS).
# This script automates installation of an SSL certificate from
# Let's Encrypt (https://letsencrypt.org)
#
# Please give the domain name of your hub
#
# Example: my.cooldomain.org
# Example: cooldomain.org
#
# Email is optional
#
#
le_domain=
le_email=
###############################################
### OPTIONAL - selfHOST - dynamic IP address ##
#
# 1. Register a domain at selfhost.de
# - choose offer "DOMAIN dynamisch" 1,50€/mon at 08.01.2016
# 2. Get your configuration for dynamic IP update
# - Log in at selfhost.de
# - go to "DynDNS Accounte"
# - klick "Details" of your (freshly) registered domain
# - You will find the configuration there
# - Benutzername (user name) > use this for "selfhost_user="
# - Passwort (pass word) > use this for "selfhost_pass="
#
#
selfhost_user=
selfhost_pass=
###############################################
### OPTIONAL - FreeDNS - dynamic IP address ###
#
# Please give the alpha-numeric-key of freedns
#
# Get a free subdomain from freedns and use it for your dynamic ip address
# Documentation under http://www.techjawab.com/2013/06/setup-dynamic-dns-dyndns-for-free-on.html
#
# - Register for a Free domain at http://freedns.afraid.org/signup/
# - WATCH THIS: Make sure you choose a domain with as less subdomains as
# possible. Why? Let's encrpyt issues a limited count of certificates each
# day. Possible other users of this domain will try to issue a certificate
# at the same day.
# - Logon to FreeDNS (where you just registered)
# - Goto http://freedns.afraid.org/dynamic/
# - Right click on "Direct Link" and copy the URL and paste it somewhere.
# - You should notice a large and unique alpha-numeric key in the URL
#
# http://freedns.afraid.org/dynamic/update.php?alpha-numeric-key
#
# Provided your url from freedns is
#
# http://freedns.afraid.org/dynamic/update.php?U1Z6aGt2R0NzMFNPNWRjbWxxZGpsd093OjE1Mzg5NDE5
#
# Then you have to provide
#
# freedns_key=U1Z6aGt2R0NzMFNPNWRjbWxxZGpsd093OjE1Mzg5NDE5
#
#
#freedns_key=
###############################################
### OPTIONAL - Backup to external device ######
#
# The script can use an external device for the daily backup.
# The file system of the device (USB stick for example) must be compatible
# with encrypted LUKS + ext4
#
# You should test to mount the device befor you run the script
# (hubzilla-setup.sh).
# How to find your (pluged-in) devices?
#
# fdisk -l
#
# Provided your device was listed as is /dev/sdb1. You could check with:
#
# blkid | grep /dev/sdb1
#
# Try to decrypt
# (You might install cryptsetup befor using apt-get install.
#
# apt-get install cryptsetup
# cryptsetup luksOpen /dev/sdb1 cryptobackup
#
# Try to mount
# You might create the directory /media/hubzilla_backup it it does not exist
# using mkdir.
#
# mkdir /media/hubzilla_backup
# mount /dev/mapper/cryptobackup /media/hubzilla_backup
#
# Unmounting device goes like this
#
# umount /media/hubzilla_backup
# cryptsetup luksClose cryptobackup
#
# To check if still mounted
#
# lsof /media/hubzilla_backup
#
# If you leave the following parameters
# - "backup_device_name" and
# - "backup_device_pass"
# empty the script will create daily backups on the internal disk (which could
# save you as well).
#
# Example: backup_device_name=/dev/sdc1
#
backup_device_name=
backup_device_pass=
###############################################
### OPTIONAL - Owncloud - deprecated ##########
#
# To install owncloud: owncloud=y
# Leave empty if you don't want to install owncloud
#
#owncloud=
###############################################
### OPTIONAL - do not mess with things below ##
# (...if you are not certain)
#
# Usually you are done here
# Everything below is OPTIONAL
#
###############################################
#
# Database for hubzilla
hubzilla_db_name=hubzilla
hubzilla_db_user=hubzilla
hubzilla_db_pass=$db_pass
#
#
# Password for package mysql-server
# Example: mysqlpass=aberhallo
# Example: mysqlpass="aber hallo has blanks in it"
#
mysqlpass=$db_pass
# Password for package phpmyadmin
# Example: phpmyadminpass=aberhallo
# Example: phpmyadminpass="aber hallo has blanks in it"
phpmyadminpass=$db_pass
# TODO Prepare hubzilla for programmers
# - install eclipse and plugins
# - install xdebug to debug the php with eclipse
# - weaken permissions on /var/www/html
# - manual steps after this script
# * in eclipse: install plugins for php git hub
# * in eclipse: configure firefox (chrome,...) as browser to run with the php debuger
# * in eclipse: switch php debugger from zend to xdebug
# * in eclipse: add local hubzilla github repository
#
# Which user will use eclipse?
# Leave this empty if you do not want to prepare hubzilla for debugging
#
#developer_name=

909
sources/.homeinstall/hubzilla-setup.sh
View file

@ -1,909 +0,0 @@
#!/bin/bash
#
# How to use
# ----------
#
# This file automates the installation of hubzilla under Debian Linux
#
# 1) Copy the file "hubzilla-config.txt.template" to "hubzilla-config.txt"
# Follow the instuctions there
#
# 2) Switch to user "root" by typing "su -"
#
# 3) Run with "./hubzilla-setup.sh"
# If this fails check if you can execute the script.
# - To make it executable type "chmod +x hubzilla-setup.sh"
# - or run "bash hubzilla-setup.sh"
#
#
# What does this script do basically?
# -----------------------------------
#
# This file automates the installation of hubzilla under Debian Linux
# - install
# * apache webserer,
# * php,
# * mysql - the database for hubzilla,
# * phpmyadmin,
# * git to download and update hubzilla itself
# - download hubzilla core and addons
# - configure cron
# * "poller.php" for regular background prozesses of hubzilla
# * to_do "apt-get update" and "apt-get dist-upgrade" to keep linux
# up-to-date
# * to_do backup hubzillas database and files (rsnapshot)
# - configure dynamic ip with cron
# - to_do letsencrypt
# - to_do redirection to https
#
#
# Discussion
# ----------
#
# Security - password is the same for mysql-server, phpmyadmin and hubzilla db
# - The script runs into installation errors for phpmyadmin if it uses
# different passwords. For the sake of simplicity one singel password.
#
# Security - suhosin for PHP
# - The script does not install suhosin.
# - Is the security package suhosin usefull or not usefull?
#
# Hubzilla - email verification
# - The script switches off email verification off in all htconfig.tpl.
# Example: /var/www/html/view/en/htconfig.tpl
# - Is this a silly idea or not?
#
#
# Remove Hubzilla (for a fresh start using the script)
# ----------------------------------------------------
#
# You could use /var/www/hubzilla-remove.sh
# that is created by hubzilla-setup.sh.
#
# The script will remove (almost everything) what was installed by the script.
# After the removal you could run the script again to have a fresh install
# of all applications including hubzilla and its database.
#
# How to restore from backup
# --------------------------
#
# Daily backup
# - - - - - -
#
# The installation
# - writes a script /var/www/hubzilla-daily.sh
# - creates a daily cron that runs the hubzilla-daily.sh
#
# hubzilla-daily.sh makes a (daily) backup of all relevant files
# - /var/lib/mysql/ > hubzilla database
# - /var/www/html/ > hubzilla from github
# - /var/www/letsencrypt/ > certificates
#
# hubzilla-daily.sh writes the backup
# - either to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt)
# - or to /var/cache/rsnapshot in case the external disk is not plugged in
#
# Restore backup
# - - - - - - -
#
# This was not tested yet.
# Bacically you can copy the files from the backup to the server.
#
# Credits
# -------
#
# The script is based on Thomas Willinghams script "debian-setup.sh"
# which he used to install the red#matrix.
#
# The script uses another script from https://github.com/lukas2511/letsencrypt.sh
#
# The documentation for bash is here
# https://www.gnu.org/software/bash/manual/bash.html
#
function check_sanity {
# Do some sanity checking.
print_info "Sanity check..."
if [ $(/usr/bin/id -u) != "0" ]
then
die 'Must be run by root user'
fi
if [ -f /etc/lsb-release ]
then
die "Distribution is not supported"
fi
if [ ! -f /etc/debian_version ]
then
die "Ubuntu is not supported"
fi
}
function check_config {
print_info "config check..."
# Check for required parameters
if [ -z "$db_pass" ]
then
die "db_pass not set in $configfile"
fi
if [ -z "$le_domain" ]
then
die "le_domain not set in $configfile"
fi
# backup is important and should be checked
if [ -n "$backup_device_name" ]
then
device_mounted=0
if fdisk -l | grep -i "$backup_device_name.*linux"
then
print_info "ok - filesystem of external device is linux"
if [ -n "$backup_device_pass" ]
then
echo "$backup_device_pass" | cryptsetup luksOpen $backup_device_name cryptobackup
if [ ! -d /media/hubzilla_backup ]
then
mkdir /media/hubzilla_backup
fi
if mount /dev/mapper/cryptobackup /media/hubzilla_backup
then
device_mounted=1
print_info "ok - could encrypt and mount external backup device"
umount /media/hubzilla_backup
else
print_warn "backup to external device will fail because encryption failed"
fi
cryptsetup luksClose cryptobackup
else
if mount $backup_device_name /media/hubzilla_backup
then
device_mounted=1
print_info "ok - could mount external backup device"
umount /media/hubzilla_backup
else
print_warn "backup to external device will fail because mount failed"
fi
fi
else
print_warn "backup to external device will fail because filesystem is either not linux or 'backup_device_name' is not correct in $configfile"
fi
if [ $device_mounted == 0 ]
then
die "backup device not ready"
fi
fi
}
function die {
echo "ERROR: $1" > /dev/null 1>&2
exit 1
}
function update_upgrade {
print_info "updated and upgrade..."
# Run through the apt-get update/upgrade first. This should be done before
# we try to install any package
apt-get -q -y update && apt-get -q -y dist-upgrade
print_info "updated and upgraded linux"
}
function check_install {
if [ -z "`which "$1" 2>/dev/null`" ]
then
# export DEBIAN_FRONTEND=noninteractive ... answers from the package
# configuration database
# - q ... without progress information
# - y ... answer interactive questions with "yes"
# DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends -q -y install $2
DEBIAN_FRONTEND=noninteractive apt-get -q -y install $2
print_info "installed $2 installed for $1"
else
print_warn "$2 already installed"
fi
}
function nocheck_install {
# export DEBIAN_FRONTEND=noninteractive ... answers from the package configuration database
# - q ... without progress information
# - y ... answer interactive questions with "yes"
# DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends -q -y install $2
# DEBIAN_FRONTEND=noninteractive apt-get --install-suggests -q -y install $1
DEBIAN_FRONTEND=noninteractive apt-get -q -y install $1
print_info "installed $1"
}
function print_info {
echo -n -e '\e[1;34m'
echo -n $1
echo -e '\e[0m'
}
function print_warn {
echo -n -e '\e[1;31m'
echo -n $1
echo -e '\e[0m'
}
function stop_hubzilla {
if [ -d /etc/apache2 ]
then
print_info "stopping apache webserver..."
service apache2 stop
fi
if [ -f /etc/init.d/mysql ]
then
print_info "stopping mysql db..."
/etc/init.d/mysql stop
fi
}
function install_apache {
print_info "installing apache..."
nocheck_install "apache2 apache2-utils"
}
function install_curl {
print_info "installing curl..."
nocheck_install "curl"
}
function install_sendmail {
print_info "installing sendmail..."
nocheck_install "sendmail sendmail-bin"
}
function install_php {
# openssl and mbstring are included in libapache2-mod-php5
# to_to: php5-suhosin
print_info "installing php..."
nocheck_install "libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd"
php5enmod mcrypt
}
function install_mysql {
# http://www.microhowto.info/howto/perform_an_unattended_installation_of_a_debian_package.html
#
# To determine the required package name, key and type you can perform
# a trial installation then search the configuration database.
#
# debconf-get-selections | grep mysql-server
#
# The command debconf-get-selections is provided by the package
# debconf-utils, which you may need to install.
#
# apt-get install debconf-utils
#
# If you want to supply an answer to a configuration question but do not
# want to be prompted for it then this can be arranged by preseeding the
# DebConf database with the required information.
#
# echo mysql-server-5.5 mysql-server/root_password password xyzzy | debconf-set-selections
# echo mysql-server-5.5 mysql-server/root_password_again password xyzzy | debconf-set-selections
#
print_info "installing mysql..."
if [ -z "$mysqlpass" ]
then
die "mysqlpass not set in $configfile"
fi
echo mysql-server-5.5 mysql-server/root_password password $mysqlpass | debconf-set-selections
echo mysql-server-5.5 mysql-server/root_password_again password $mysqlpass | debconf-set-selections
nocheck_install "php5-mysql mysql-server mysql-client"
php5enmod mcrypt
}
function install_phpmyadmin {
print_info "installing phpmyadmin..."
if [ -z "$phpmyadminpass" ]
then
die "phpmyadminpass not set in $configfile"
fi
echo phpmyadmin phpmyadmin/setup-password password $phpmyadminpass | debconf-set-selections
echo phpmyadmin phpmyadmin/mysql/app-pass password $phpmyadminpass | debconf-set-selections
echo phpmyadmin phpmyadmin/app-password-confirm password $phpmyadminpass | debconf-set-selections
echo phpmyadmin phpmyadmin/mysql/admin-pass password $phpmyadminpass | debconf-set-selections
echo phpmyadmin phpmyadmin/password-confirm password $phpmyadminpass | debconf-set-selections
echo phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2 | debconf-set-selections
nocheck_install "phpmyadmin"
# It seems to be not neccessary to check rewrite.load because it comes
# with the installation. To be sure you could check this manually by:
#
# nano /etc/apache2/mods-available/rewrite.load
#
# You should find the content:
#
# LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
a2enmod rewrite
if [ ! -f /etc/apache2/apache2.conf ]
then
die "could not find file /etc/apache2/apache2.conf"
fi
sed -i \
"s/AllowOverride None/AllowOverride all/" \
/etc/apache2/apache2.conf
if [ -z "`grep 'Include /etc/phpmyadmin/apache.conf' /etc/apache2/apache2.conf`" ]
then
echo "Include /etc/phpmyadmin/apache.conf" >> /etc/apache2/apache2.conf
fi
service apache2 restart
}
function create_hubzilla_db {
print_info "creating hubzilla database..."
if [ -z "$hubzilla_db_name" ]
then
die "hubzilla_db_name not set in $configfile"
fi
if [ -z "$hubzilla_db_user" ]
then
die "hubzilla_db_user not set in $configfile"
fi
if [ -z "$hubzilla_db_pass" ]
then
die "hubzilla_db_pass not set in $configfile"
fi
Q1="CREATE DATABASE IF NOT EXISTS $hubzilla_db_name;"
Q2="GRANT USAGE ON *.* TO $hubzilla_db_user@localhost IDENTIFIED BY '$hubzilla_db_pass';"
Q3="GRANT ALL PRIVILEGES ON $hubzilla_db_name.* to $hubzilla_db_user@localhost identified by '$hubzilla_db_pass';"
Q4="FLUSH PRIVILEGES;"
SQL="${Q1}${Q2}${Q3}${Q4}"
mysql -uroot -p$phpmyadminpass -e "$SQL"
}
function run_freedns {
print_info "run freedns (dynamic IP)..."
if [ -z "$freedns_key" ]
then
print_info "freedns was not started because 'freedns_key' is empty in $configfile"
else
if [ -n "$selfhost_user" ]
then
die "You can not use freeDNS AND selfHOST for dynamic IP updates ('freedns_key' AND 'selfhost_user' set in $configfile)"
fi
wget --no-check-certificate -O - https://freedns.afraid.org/dynamic/update.php?$freedns_key
fi
}
function install_run_selfhost {
print_info "install and start selfhost (dynamic IP)..."
if [ -z "$selfhost_user" ]
then
print_info "selfHOST was not started because 'selfhost_user' is empty in $configfile"
else
if [ -n "$freedns_key" ]
then
die "You can not use freeDNS AND selfHOST for dynamic IP updates ('freedns_key' AND 'selfhost_user' set in $configfile)"
fi
if [ -z "$selfhost_pass" ]
then
die "selfHOST was not started because 'selfhost_pass' is empty in $configfile"
fi
if [ ! -d $selfhostdir ]
then
mkdir $selfhostdir
fi
# the old way
# https://carol.selfhost.de/update?username=123456&password=supersafe
#
# the prefered way
wget --output-document=$selfhostdir/$selfhostscript http://jonaspasche.de/selfhost-updater
echo "router" > $selfhostdir/device
echo "$selfhost_user" > $selfhostdir/user
echo "$selfhost_pass" > $selfhostdir/pass
bash $selfhostdir/$selfhostscript update
fi
}
function ping_domain {
print_info "ping domain $domain..."
# Is the domain resolved? Try to ping 6 times à 10 seconds
COUNTER=0
for i in {1..6}
do
print_info "loop $i for ping -c 1 $domain ..."
if ping -c 4 -W 1 $le_domain
then
print_info "$le_domain resolved"
break
else
if [ $i -gt 5 ]
then
die "Failed to: ping -c 1 $domain not resolved"
fi
fi
sleep 10
done
sleep 5
}
function configure_cron_freedns {
print_info "configure cron for freedns..."
if [ -z "$freedns_key" ]
then
print_info "freedns is not configured because freedns_key is empty in $configfile"
else
# Use cron for dynamich ip update
# - at reboot
# - every 30 minutes
if [ -z "`grep 'freedns.afraid.org' /etc/crontab`" ]
then
echo "@reboot root https://freedns.afraid.org/dynamic/update.php?$freedns_key > /dev/null 2>&1" >> /etc/crontab
echo "*/30 * * * * root wget --no-check-certificate -O - https://freedns.afraid.org/dynamic/update.php?$freedns_key > /dev/null 2>&1" >> /etc/crontab
else
print_info "cron for freedns was configured already"
fi
fi
}
function configure_cron_selfhost {
print_info "configure cron for selfhost..."
if [ -z "$selfhost_user" ]
then
print_info "freedns is not configured because freedns_key is empty in $configfile"
else
# Use cron for dynamich ip update
# - at reboot
# - every 30 minutes
if [ -z "`grep 'selfhost-updater.sh' /etc/crontab`" ]
then
echo "@reboot root bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab
echo "*/5 * * * * root /bin/bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab
else
print_info "cron for selfhost was configured already"
fi
fi
}
function install_git {
print_info "installing git..."
nocheck_install "git"
}
function install_letsencrypt {
print_info "installing let's encrypt ..."
# check if user gave domain
if [ -z "$le_domain" ]
then
die "Failed to install let's encrypt: 'le_domain' is empty in $configfile"
fi
# configure apache
apache_le_conf=/etc/apache2/sites-available/le-default.conf
if [ -f $apache_le_conf ]
then
print_info "$apache_le_conf exist already"
else
cat > $apache_le_conf <<END
# letsencrypt default Apache configuration
Alias /.well-known/acme-challenge /var/www/letsencrypt
<Directory /var/www/letsencrypt>
Options FollowSymLinks
Allow from all
</Directory>
END
a2ensite le-default.conf
service apache2 restart
fi
# download the shell script
if [ -d $le_dir ]
then
print_info "letsenrypt exists already (nothing downloaded > no certificate created and registered)"
return 0
fi
git clone https://github.com/lukas2511/letsencrypt.sh $le_dir
cd $le_dir
# create config file for letsencrypt.sh
echo "WELLKNOWN=$le_dir" > $le_dir/config.sh
if [ -n "$le_email" ]
then
echo "CONTACT_EMAIL=$le_email" >> $le_dir/config.sh
fi
# create domain file for letsencrypt.sh
# WATCH THIS:
# - It did not work wit "sub.domain.org www.sub.domain.org".
# - So just use "sub.domain.org" only!
echo "$le_domain" > $le_dir/domains.txt
# test apache config for letsencrpyt
url_http=http://$le_domain/.well-known/acme-challenge/domains.txt
wget_output=$(wget -nv --spider --max-redirect 0 $url_http)
if [ $? -ne 0 ]
then
die "Failed to load $url_http"
fi
# run letsencrypt.sh
#
./letsencrypt.sh --cron --config $le_dir/config.sh
}
function configure_apache_for_https {
print_info "configuring apache to use httpS ..."
# letsencrypt.sh
#
# "${BASEDIR}/certs/${domain}/privkey.pem"
# "${BASEDIR}/certs/${domain}/cert.pem"
# "${BASEDIR}/certs/${domain}/fullchain.pem"
#
SSLCertificateFile=${le_dir}/certs/${le_domain}/cert.pem
SSLCertificateKeyFile=${le_dir}/certs/${le_domain}/privkey.pem
SSLCertificateChainFile=${le_dir}/certs/${le_domain}/fullchain.pem
if [ ! -f $SSLCertificateFile ]
then
print_warn "Failed to configure apache for httpS: Missing certificate file $SSLCertificateFile"
return 0
fi
# make sure that the ssl mode is enabled
print_info "...configuring apache to use httpS - a2enmod ssl ..."
a2enmod ssl
# modify apach' ssl conf file
if grep -i "ServerName" $sslconf
then
print_info "seems that apache was already configered to use httpS with $sslconf"
else
sed -i "s/ServerAdmin.*$/ServerAdmin webmaster@localhost\\n ServerName ${le_domain}/" $sslconf
fi
sed -i s#/etc/ssl/certs/ssl-cert-snakeoil.pem#$SSLCertificateFile# $sslconf
sed -i s#/etc/ssl/private/ssl-cert-snakeoil.key#$SSLCertificateKeyFile# $sslconf
sed -i s#/etc/apache2/ssl.crt/server-ca.crt#$SSLCertificateChainFile# $sslconf
sed -i s/#SSLCertificateChainFile/SSLCertificateChainFile/ $sslconf
# apply changes
a2ensite default-ssl.conf
service apache2 restart
}
function check_https {
print_info "checking httpS > testing ..."
url_https=https://$le_domain
wget_output=$(wget -nv --spider --max-redirect 0 $url_https)
if [ $? -ne 0 ]
then
print_warn "check not ok"
else
print_info "check ok"
fi
}
function install_hubzilla {
print_info "installing hubzilla..."
# rm -R /var/www/html/ # for "stand alone" usage
cd /var/www/
# git clone https://github.com/redmatrix/hubzilla html # for "stand alone" usage
cd html/
git clone https://github.com/redmatrix/hubzilla-addons addon
mkdir -p "store/[data]/smarty3"
chmod -R 777 store
touch .htconfig.php
chmod ou+w .htconfig.php
install_hubzilla_plugins
cd /var/www/
chown -R www-data:www-data html
chown root:www-data /var/www/html/
chown root:www-data /var/www/html/.htaccess
chmod 0644 /var/www/html/.htaccess
# try to switch off email registration
sed -i "s/verify_email.*1/verify_email'] = 0/" /var/www/html/view/*/ht*
if [ -n "`grep -r 'verify_email.*1' /var/www/html/view/`" ]
then
print_warn "Hubzillas registration prozess might have email verification switched on."
fi
print_info "installed hubzilla"
}
function install_hubzilla_plugins {
print_info "installing hubzilla plugins..."
cd /var/www/html
plugin_install=.homeinstall/plugin_install.txt
theme_install=.homeinstall/theme_install.txt
# overwrite script to update the plugin and themes
rm -f $plugins_update
echo "cd /var/www/html" >> $plugins_update
###################
# write plugin file
if [ ! -f "$plugin_install" ]
then
echo "# To install a plugin" >> $plugin_install
echo "# 1. add the plugin in a new line and run" >> $plugin_install
echo "# 2. run" >> $plugin_install
echo "# cd /var/www/html/.homeinstall" >> $plugin_install
echo "# ./hubzilla-setup.sh" >> $plugin_install
echo "https://gitlab.com/zot/ownmapp.git ownMapp" >> $plugin_install
echo "https://gitlab.com/zot/hubzilla-chess.git chess" >> $plugin_install
fi
# install plugins
while read -r line; do
[[ "$line" =~ ^#.*$ ]] && continue
p_url=$(echo $line | awk -F' ' '{print $1}')
p_name=$(echo $line | awk -F' ' '{print $2}')
# basic check of format
if [ ${#p_url} -ge 1 ] && [ ${#p_name} -ge 1 ]
then
# install addon
util/add_addon_repo $line
util/update_addon_repo $p_name # not sure if this line is neccessary
echo "util/update_addon_repo $p_name" >> $plugins_update
else
print_info "skipping installation of a plugin from file $plugin_install - something wrong with format in line: $line"
fi
done < "$plugin_install"
###################
# write theme file
if [ ! -f "$theme_install" ]
then
echo "# To install a theme" >> $theme_install
echo "# 1. add the theme in a new line and run" >> $theme_install
echo "# 2. run" >> $theme_install
echo "# cd /var/www/html/.homeinstall" >> $theme_install
echo "# ./hubzilla-setup.sh" >> $theme_install
echo "https://github.com/DeadSuperHero/hubzilla-themes.git DeadSuperHeroThemes" >> $theme_install
fi
# install plugins
while read -r line; do
[[ "$line" =~ ^#.*$ ]] && continue
p_url=$(echo $line | awk -F' ' '{print $1}')
p_name=$(echo $line | awk -F' ' '{print $2}')
# basic check of format
if [ ${#p_url} -ge 1 ] && [ ${#p_name} -ge 1 ]
then
# install addon
util/add_theme_repo $line
util/update_theme_repo $p_name # not sure if this line is neccessary
echo "util/update_theme_repo $p_name" >> $plugins_update
else
print_info "skipping installation of a theme from file $theme_install - something wrong with format in line: $line"
fi
done < "$theme_install"
print_info "installed hubzilla plugins and themes"
}
function rewrite_to_https {
print_info "configuring apache to redirect http to httpS ..."
htaccessfile=/var/www/html/.htaccess
if grep -i "https" $htaccessfile
then
print_info "...configuring apache to redirect http to httpS was already done in $htaccessfile"
else
sed -i "s#QSA]#QSA]\\n RewriteCond %{SERVER_PORT} !^443$\\n RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]#" $htaccessfile
fi
service apache2 restart
}
# This will allways overwrite both config files
# - internal disk
# - external disk (LUKS + ext4)
# of rsnapshot for hubzilla
function install_rsnapshot {
print_info "installing rsnapshot..."
nocheck_install "rsnapshot"
# internal disk
cp -f /etc/rsnapshot.conf $snapshotconfig
sed -i "/hourly/s/retain/#retain/" $snapshotconfig
sed -i "/monthly/s/#retain/retain/" $snapshotconfig
sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig
sed -i "s/^backup/#backup/" $snapshotconfig
if [ -z "`grep 'letsencrypt' $snapshotconfig`" ]
then
echo "backup /var/lib/mysql/ localhost/" >> $snapshotconfig
echo "backup /var/www/html/ localhost/" >> $snapshotconfig
echo "backup /var/www/letsencrypt/ localhost/" >> $snapshotconfig
fi
# external disk
if [ -n "$backup_device_name" ] && [ -n "$backup_device_pass" ]
then
cp -f /etc/rsnapshot.conf $snapshotconfig_external_device
sed -i "s#snapshot_root.*#snapshot_root $backup_mount_point#" $snapshotconfig_external_device
sed -i "/hourly/s/retain/#retain/" $snapshotconfig_external_device
sed -i "/monthly/s/#retain/retain/" $snapshotconfig_external_device
sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig_external_device
sed -i "s/^backup/#backup/" $snapshotconfig_external_device
if [ -z "`grep 'letsencrypt' $snapshotconfig_external_device`" ]
then
echo "backup /var/lib/mysql/ localhost/" >> $snapshotconfig_external_device
echo "backup /var/www/html/ localhost/" >> $snapshotconfig_external_device
echo "backup /var/www/letsencrypt/ localhost/" >> $snapshotconfig_external_device
fi
else
print_info "No backup configuration (rsnapshot) for external device configured. Reason: backup_device_name and/or backup_device_pass not given in $configfile"
fi
}
function install_cryptosetup {
print_info "installing cryptsetup..."
nocheck_install "cryptsetup"
}
function configure_cron_daily {
print_info "configuring cron..."
# every 10 min for poller.php
if [ -z "`grep 'poller.php' /etc/crontab`" ]
then
echo "*/10 * * * * www-data cd /var/www/html; php include/poller.php >> /dev/null 2>&1" >> /etc/crontab
fi
# Run external script daily at 05:30
# - stop apache and mysql-server
# - backup hubzilla
# - update hubzilla core and addon
# - update and upgrade linux
# - reboot
echo "#!/bin/sh" > /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "echo \" \"" >> /var/www/$hubzilladaily
echo "echo \"+++ \$(date) +++\"" >> /var/www/$hubzilladaily
echo "echo \" \"" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - renew certificat...\"" >> /var/www/$hubzilladaily
echo "bash $le_dir/letsencrypt.sh --cron --config $le_dir/config.sh" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "# stop hubzilla" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - stoping apache and mysql...\"" >> /var/www/$hubzilladaily
echo "service apache2 stop" >> /var/www/$hubzilladaily
echo "/etc/init.d/mysql stop # to avoid inconsistancies" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "# backup" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - try to mount external device for backup...\"" >> /var/www/$hubzilladaily
echo "backup_device_name=$backup_device_name" >> /var/www/$hubzilladaily
echo "backup_device_pass=$backup_device_pass" >> /var/www/$hubzilladaily
echo "backup_mount_point=$backup_mount_point" >> /var/www/$hubzilladaily
echo "device_mounted=0" >> /var/www/$hubzilladaily
echo "if [ -n \"$backup_device_name\" ]" >> /var/www/$hubzilladaily
echo "then" >> /var/www/$hubzilladaily
echo " if blkid | grep $backup_device_name" >> /var/www/$hubzilladaily
echo " then" >> /var/www/$hubzilladaily
if [ -n "$backup_device_pass" ]
then
echo " echo \"decrypting backup device...\"" >> /var/www/$hubzilladaily
echo " echo "\"$backup_device_pass\"" | cryptsetup luksOpen $backup_device_name cryptobackup" >> /var/www/$hubzilladaily
fi
echo " if [ ! -d $backup_mount_point ]" >> /var/www/$hubzilladaily
echo " then" >> /var/www/$hubzilladaily
echo " mkdir $backup_mount_point" >> /var/www/$hubzilladaily
echo " fi" >> /var/www/$hubzilladaily
echo " echo \"mounting backup device...\"" >> /var/www/$hubzilladaily
if [ -n "$backup_device_pass" ]
then
echo " if mount /dev/mapper/cryptobackup $backup_mount_point" >> /var/www/$hubzilladaily
else
echo " if mount $backup_device_name $backup_mount_point" >> /var/www/$hubzilladaily
fi
echo " then" >> /var/www/$hubzilladaily
echo " device_mounted=1" >> /var/www/$hubzilladaily
echo " echo \"device $backup_device_name is now mounted. Starting backup...\"" >> /var/www/$hubzilladaily
echo " rsnapshot -c $snapshotconfig_external_device daily" >> /var/www/$hubzilladaily
echo " rsnapshot -c $snapshotconfig_external_device weekly" >> /var/www/$hubzilladaily
echo " rsnapshot -c $snapshotconfig_external_device monthly" >> /var/www/$hubzilladaily
echo " echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily
echo " df -h" >> /var/www/$hubzilladaily
echo " echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
echo " du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily
echo " echo \"unmounting backup device...\"" >> /var/www/$hubzilladaily
echo " umount $backup_mount_point" >> /var/www/$hubzilladaily
echo " else" >> /var/www/$hubzilladaily
echo " echo \"failed to mount device $backup_device_name\"" >> /var/www/$hubzilladaily
echo " fi" >> /var/www/$hubzilladaily
if [ -n "$backup_device_pass" ]
then
echo " echo \"closing decrypted backup device...\"" >> /var/www/$hubzilladaily
echo " cryptsetup luksClose cryptobackup" >> /var/www/$hubzilladaily
fi
echo " fi" >> /var/www/$hubzilladaily
echo "fi" >> /var/www/$hubzilladaily
echo "if [ \$device_mounted == 0 ]" >> /var/www/$hubzilladaily
echo "then" >> /var/www/$hubzilladaily
echo " echo \"device could not be mounted $backup_device_name. Using internal disk for backup...\"" >> /var/www/$hubzilladaily
echo " rsnapshot -c $snapshotconfig daily" >> /var/www/$hubzilladaily
echo " rsnapshot -c $snapshotconfig weekly" >> /var/www/$hubzilladaily
echo " rsnapshot -c $snapshotconfig monthly" >> /var/www/$hubzilladaily
echo "fi" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
echo "du -h /var/cache/rsnapshot/ | grep mysql/hubzilla" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "# update" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating letsencrypt.sh...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/letsencrypt/ pull" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/html/ pull" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating hubhilla addons...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/html/addon/ pull" >> /var/www/$hubzilladaily
echo "bash /var/www/html/$plugins_update" >> /var/www/$hubzilladaily
echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily
echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily
echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating linux...\"" >> /var/www/$hubzilladaily
echo "apt-get -q -y update && apt-get -q -y dist-upgrade # update linux and upgrade" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - Backup hubzilla and update linux finished. Rebooting...\"" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "reboot" >> /var/www/$hubzilladaily
if [ -z "`grep 'hubzilla-daily.sh' /etc/crontab`" ]
then
echo "30 05 * * * root /bin/bash /var/www/$hubzilladaily >> /var/www/html/hubzilla-daily.log 2>&1" >> /etc/crontab
echo "0 0 1 * * root rm /var/www/html/hubzilla-daily.log" >> /etc/crontab
fi
# This is active after either "reboot" or "/etc/init.d/cron reload"
print_info "configured cron for updates/upgrades"
}
function write_uninstall_script {
print_info "writing uninstall script..."
cat > /var/www/hubzilla-remove.sh <<END
#!/bin/sh
#
# This script removes Hubzilla.
# You might do this for a fresh start using the script.
# The script will remove (almost everything) what was installed by the script,
# all applications including hubzilla and its database.
#
# Backup the certificates of letsencrypt (you never know)
cp -a /var/www/letsencrypt/ ~/backup_le_certificats
#
# Removal
apt-get remove apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
apt-get purge apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
apt-get autoremove
apt-get clean
rm /etc/rsnapshot_hubzilla.conf
rm /etc/rsnapshot_hubzilla_external_device.conf
rm -R /etc/apache2/
rm -R /var/lib/mysql/
rm -R /var/www
rm -R /etc/selfhost/
# uncomment the next line if you want to remove the backups
# rm -R /var/cache/rsnapshot
nano /etc/crontab # remove entries there manually
END
chmod -x /var/www/hubzilla-remove.sh
}
########################################################################
# START OF PROGRAM
########################################################################
export PATH=/bin:/usr/bin:/sbin:/usr/sbin
check_sanity
# Read config file edited by user
configfile=hubzilla-config.txt
source $configfile
selfhostdir=/etc/selfhost
selfhostscript=selfhost-updater.sh
hubzilladaily=hubzilla-daily.sh
plugins_update=.homeinstall/plugins_update.sh
snapshotconfig=/etc/rsnapshot_hubzilla.conf
snapshotconfig_external_device=/etc/rsnapshot_hubzilla_external_device.conf
backup_mount_point=/media/hubzilla_backup
le_dir=/var/www/letsencrypt
sslconf=/etc/apache2/sites-available/default-ssl.conf
#set -x # activate debugging from here
check_config
stop_hubzilla
update_upgrade
install_curl
install_sendmail
install_apache
install_php
install_mysql
install_phpmyadmin
create_hubzilla_db
run_freedns
install_run_selfhost
ping_domain
configure_cron_freedns
configure_cron_selfhost
install_git
install_letsencrypt
configure_apache_for_https
check_https
install_hubzilla
rewrite_to_https
install_rsnapshot
configure_cron_daily
install_cryptosetup
write_uninstall_script
#set +x # stop debugging from here

34
sources/.htaccess
View file

@ -1,34 +0,0 @@
Options -Indexes
AddType application/x-java-archive .jar
AddType audio/ogg .oga
#SSLCipherSuite HIGH:AES256-SHA:AES128-SHA:RC4:!aNULL:!eNULL:!EDH
# don't allow any web access to logfiles, even after rotation/compression
<FilesMatch "\.(out|log|gz)$">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</FilesMatch>
<IfModule mod_rewrite.c>
RewriteEngine on
# Protect repository directory from browsing
RewriteRule "(^|/)\.git" - [F]
RewriteRule "(^|/)store" - [F]
# Rewrite current-style URLs of the form 'index.php?q=x'.
# Also place auth information into REMOTE_USER for sites running
# in CGI mode.
RewriteCond %{REQUEST_URI} ^/\.well\-known/.*
RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA]
</IfModule>

94
sources/.openshift/README.md
View file

@ -1,94 +0,0 @@
#Hubzilla on OpenShift
You will notice a new .openshift folder when you fetch from upstream, i.e. from https://github.com/redmatrix/hubzilla.git , which contains a deploy script to set up Hubzilla on OpenShift.
Create an account on OpenShift, then use the registration e-mail and password to create your first Hubzilla instance. Install git and RedHat's command line tools - rhc - if you have not already done so.
```
rhc app-create your_app_name php-5.4 mysql-5.5 cron phpmyadmin --namespace your_domain --from-code https://github.com/redmatrix/hubzilla.git -l your@email.address -p your_account_password
```
Make a note of the database username and password OpenShift creates for your instance, and use these at https://your_app_name-your_domain.rhcloud.com/ to complete the setup.
NOTE: PostgreSQL is NOT supported by the deploy script yet.
Update
To update, consider your own workflow first. I have forked Hubzilla code into my GitHub account to be able to try things out, this remote repo is called origin. Here is how I fetch new code from upstream, merge into my local repo, then push the updated code both into origin and the remote repo called openshift.
```
git fetch upstream;git checkout master;git merge upstream/master;git push origin;git push openshift HEAD
```
##Administration
Symptoms of need for MySQL database administration are:
- you can visit your domain and see the Hubzilla frontpage, but trying to login throws you back to login. This can mean your session table is marked as crashed.
- you can login, but your channel posts are not visible. This can mean your item table is marked as crashed.
- you can login and you can see your channel posts, but apparently nobody is getting your posts, comments, likes and so on. This can mean your outq table is marked as crashed.
You can check your OpenShift logs by doing
```
rhc tail -a your_app_name -n your_domain -l your@email.address -p your_account_password
```
and you might be able to confirm the above suspicions about crashed tables, or other problems you need to fix.
###How to fix crashed tables in MySQL
Using MySQL and the MyISAM database engine can result in table indexes coming out of sync, and you have at least two options for fixing tables marked as crashed.
- Use the database username and password OpenShift creates for your instance at https://your_app_name-your_domain.rhcloud.com/phpmyadmin/ to login via the web into your phpMyAdmin web interface, click your database in the left column, in the right column scroll down to the bottom of the list of tables and click the checkbox for marking all tables, then select Check tables from the drop down menu. This will check the tables for problems, and you can then checkmark only those tables with problems, and select Repair table from the same drop down menu at the bottom.
- You can login to your instance with SSH - see OpenShift for details - then
```
cd mysql/data/your_database
myisamchk -r *.MYI
```
or if you get
```
Can't create new tempfile
```
check your OpenShift's gear quota with
```
quota -gus
```
and if you are short on space, then locally (not SSH) do
```
rhc app-tidy your_app_name -l your_login -p your_password
```
to have rhc delete temporary files and OpenShift logs to free space first, then check the size of your local repo dir and execute
```
git gc
```
against it and check the size again, and then to minimize your remote repo connect via SSH to your application gear and execute the same command against it by changing to the remote repo directory - your repo should be in
```
~/git/your_app_name.git
```
(if not, do find -size +1M to find it), then do
```
cd ~/mysql/data/yourdatabase
myisamchk -r -v -f*.MYI
```
and hopefully your database tables are now okay.
##NOTES
Note 1: definitely DO turn off feeds and discovery by default if you are on the Free or Bronze plan on OpenShift with a single 1Gb gear by visiting https://your-app-name.rhcloud.com/admin/site when logged in as administrator of your Hubzilla site.
Note 2: DO add the above defaults into the deploy script.
Note 3: DO add git gc to the deploy script to clean up git.
Note 4: MAYBE DO add myisamchk - only checking? to the end of the deploy script.
The OpenShift `php` cartridge documentation can be found at:
http://openshift.github.io/documentation/oo_cartridge_guide.html#php
For information about .openshift directory, consult the documentation:
http://openshift.github.io/documentation/oo_user_guide.html#the-openshift-directory

3
sources/.openshift/action_hooks/README.md
View file

@ -1,3 +0,0 @@
For information about action hooks, consult the documentation:
http://openshift.github.io/documentation/oo_user_guide.html#action-hooks

218
sources/.openshift/action_hooks/deploy
View file

@ -1,218 +0,0 @@
#!/bin/bash
# This deploy hook gets executed after dependencies are resolved and the
# build hook has been run but before the application has been started back
# up again. This script gets executed directly, so it could be python, php,
# ruby, etc.
# Bash help: http://www.panix.com/~elflord/unix/bash-tute.html
# For information about action hooks supported by OpenShift, consult the documentation:
# http://openshift.github.io/documentation/oo_user_guide.html#the-openshift-directory
####
# Hubzilla specific deploy script
# Place this file in /.openshift/action_hooks/ (The .openshift folder will be in the root of your repo)
# The file name should be "deploy" such that you have:
# .openshift/action_hooks/deploy
# Conventions: Vars in curley braces have the slash after implied so no need to add it.
# e.g. ${OPENSHIFT_REPO_DIR}php/foobar = /repo/php/foobar
# See all OpenShift vars here:
# https://www.openshift.com/developers/openshift-environment-variables
# HME - NOTE - leftover from original openshift-drupal-deploy
# In config.php you can leverage the enviroment variables like this:
# // Define env vars.
# if (array_key_exists('OPENSHIFT_APP_NAME', $_SERVER)) {
# $src = $_SERVER;
# } else {
# $src = $_ENV;
# }
#
# $conf["file_private_path"] = $src['OPENSHIFT_DATA_DIR'] . "private";
# $conf["file_temporary_path"] = $src['OPENSHIFT_DATA_DIR'] . "tmp";
####
# Start Deploy
echo "Starting Deploy..."
# Let's create the Hubzilla files directory in the Openshift data folder ($OPENSHIFT_DATA_DIR).
echo "Check for the files directory called store, if not created - create it"
if [ ! -d ${OPENSHIFT_DATA_DIR}store ]; then
mkdir -p ${OPENSHIFT_DATA_DIR}"store/[data]/smarty3"
echo "Done creating files directory"
else
echo "The files directory called store already exists"
fi
####
# Set permissions on the files directory.
echo "Now chmod 777 -R files"
chmod -R 777 ${OPENSHIFT_DATA_DIR}store
echo "chmod done, permissions set to 777"
####
# Symlink our files folder to the repo.
# Note the "php" directory below seems to be the best way to serve OpenShift files.
# This is good as that allows us for directories one level above such as tmp and private
echo "Create sym links for writeable directories"
ln -sf ${OPENSHIFT_DATA_DIR}store ${OPENSHIFT_REPO_DIR}store
echo "Files sym links created"
####
# Copy .htconfig.php from the repo, rename it and place it in the data directory.
# if it's there already, skip it.
if [ ! -f ${OPENSHIFT_DATA_DIR}.htconfig.php ];
then
cp ${OPENSHIFT_REPO_DIR}.htconfig.php ${OPENSHIFT_DATA_DIR}.htconfig.php
echo ".htconfig.php copied."
else
echo "Looks like the .htconfig.php file is already there, we won't overwrite it."
fi
####
# symlink the .htconfig.php file.
echo "Create sym link for .htconfig.php"
ln -sf ${OPENSHIFT_DATA_DIR}.htconfig.php ${OPENSHIFT_REPO_DIR}.htconfig.php
echo ".htconfig.php symlink created"
####
# Copy .htaccess from the repo, rename it and place it in the data directory.
# if it's there already, skip it.
if [ ! -f ${OPENSHIFT_DATA_DIR}.htaccess ];
then
cp ${OPENSHIFT_REPO_DIR}.htaccess ${OPENSHIFT_DATA_DIR}.htaccess
echo ".htaccess copied."
else
echo "Looks like the .htaccess file is already there, we won't overwrite it."
fi
####
# symlink the .htaccess file.
echo "Create sym link for .htaccess"
ln -sf ${OPENSHIFT_DATA_DIR}.htaccess ${OPENSHIFT_REPO_DIR}.htaccess
echo ".htaccess symlink created"
####
echo "Check for the poller at .openshift/cron/minutely/poller , if not created - create it"
if [ ! -f ${OPENSHIFT_REPO_DIR}.openshift/cron/minutely/poller ]; then
printf '%s\n' '#!/bin/bash' 'if [ ! -f $OPENSHIFT_DATA_DIR/last_run ]; then' ' touch $OPENSHIFT_DATA_DIR/last_run' 'fi' 'if [[ $(find $OPENSHIFT_DATA_DIR/last_run -mmin +9) ]]; then #run every 10 mins' ' rm -f $OPENSHIFT_DATA_DIR/last_run' ' touch $OPENSHIFT_DATA_DIR/last_run' ' # The command(s) that you want to run every 10 minutes' 'cd /var/lib/openshift/${OPENSHIFT_APP_UUID}/app-root/repo; /opt/rh/php54/root/usr/bin/php include/poller.php' 'fi' >${OPENSHIFT_REPO_DIR}.openshift/cron/minutely/poller
echo "Done creating file .openshift/cron/minutely/poller"
else
echo "The poller already exists"
fi
####
# Set permissions on the poller script to make it executable.
echo "Now chmod 777 -R poller"
chmod -R 777 ${OPENSHIFT_REPO_DIR}.openshift/cron/minutely/poller
echo "chmod done, permissions set to 777 on poller script."
####
### echo "Check for the hot deploy marker at .openshift/markers/hot_deploy , if not created - create it"
### if [ ! -f ${OPENSHIFT_REPO_DIR}.openshift/markers/hot_deploy ]; then
### touch ${OPENSHIFT_REPO_DIR}.openshift/markers/hot_deploy
### echo "Done creating file .openshift/markers/hot_deploy"
### else
### echo "The hot deploy marker already exists"
### fi
####
# Hubzilla configuration - changes to default settings
# to make Hubzilla on OpenShift a more pleasant experience
echo "Changing default configuration to conserve space and autocreate a social private channel upon account registration"
cd ${OPENSHIFT_REPO_DIR}
util/config system auto_channel_create
util/config system default_permissions_role social_private
util/config system workflow_channel_next channel
util/config system expire_delivery_reports 3
util/config system feed_contacts 0
util/config system diaspora_enabled 0
util/config system disable_discover_tab 1
util/config directory safemode 0
util/config directory globaldir 1
util/config directory pubforums 0
# Hubzill addons
echo "Try to add or update Hubzilla addons"
cd ${OPENSHIFT_REPO_DIR}
util/add_addon_repo https://github.com/redmatrix/hubzilla-addons.git HubzillaAddons
# Hubzilla themes - unofficial repo
echo "Try to add or update Hubzilla themes - unofficial repo"
cd ${OPENSHIFT_REPO_DIR}
util/add_theme_repo https://github.com/DeadSuperHero/hubzilla-themes.git DeadSuperHeroThemes insecure
# Hubzilla ownMapp - unofficial repo
echo "Try to add or update Hubzilla ownMapp - unofficial repo"
cd ${OPENSHIFT_REPO_DIR}
util/add_addon_repo https://gitlab.com/zot/ownmapp.git ownMapp insecure
# Hubzilla Chess - unofficial repo
echo "Try to add or update Hubzilla chess - unofficial repo"
cd ${OPENSHIFT_REPO_DIR}
util/add_addon_repo https://gitlab.com/zot/hubzilla-chess.git Chess insecure
# Hubzilla Hubsites - unofficial repo
echo "Try to add or update Hubzilla Hubsites - unofficial repo"
cd ${OPENSHIFT_REPO_DIR}
util/add_addon_repo https://gitlab.com/zot/hubsites.git Hubsites insecure

27
sources/.openshift/cron/README.cron
View file

@ -1,27 +0,0 @@
Run scripts or jobs on a periodic basis
=======================================
Any scripts or jobs added to the minutely, hourly, daily, weekly or monthly
directories will be run on a scheduled basis (frequency is as indicated by the
name of the directory) using run-parts.
run-parts ignores any files that are hidden or dotfiles (.*) or backup
files (*~ or *,) or named *.{rpmsave,rpmorig,rpmnew,swp,cfsaved}
The presence of two specially named files jobs.deny and jobs.allow controls
how run-parts executes your scripts/jobs.
jobs.deny ===> Prevents specific scripts or jobs from being executed.
jobs.allow ===> Only execute the named scripts or jobs (all other/non-named
scripts that exist in this directory are ignored).
The principles of jobs.deny and jobs.allow are the same as those of cron.deny
and cron.allow and are described in detail at:
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/ch-Automating_System_Tasks.html#s2-autotasks-cron-access
See: man crontab or above link for more details and see the the weekly/
directory for an example.
PLEASE NOTE: The Cron cartridge must be installed in order to run the configured jobs.
For more information about cron, consult the documentation:
http://openshift.github.io/documentation/oo_cartridge_guide.html#cron
http://openshift.github.io/documentation/oo_user_guide.html#cron

0
sources/.openshift/cron/daily/.gitignore vendored
View file

0
sources/.openshift/cron/hourly/.gitignore vendored
View file

0
sources/.openshift/cron/minutely/.gitignore vendored
View file

0
sources/.openshift/cron/monthly/.gitignore vendored
View file

16
sources/.openshift/cron/weekly/README
View file

@ -1,16 +0,0 @@
Run scripts or jobs on a weekly basis
=====================================
Any scripts or jobs added to this directory will be run on a scheduled basis
(weekly) using run-parts.
run-parts ignores any files that are hidden or dotfiles (.*) or backup
files (*~ or *,) or named *.{rpmsave,rpmorig,rpmnew,swp,cfsaved} and handles
the files named jobs.deny and jobs.allow specially.
In this specific example, the chronograph script is the only script or job file
executed on a weekly basis (due to white-listing it in jobs.allow). And the
README and chrono.dat file are ignored either as a result of being black-listed
in jobs.deny or because they are NOT white-listed in the jobs.allow file.
For more details, please see ../README.cron file.

1
sources/.openshift/cron/weekly/chrono.dat
View file

@ -1 +0,0 @@
Time And Relative D...n In Execution (Open)Shift!

3
sources/.openshift/cron/weekly/chronograph
View file

@ -1,3 +0,0 @@
#!/bin/bash
echo "`date`: `cat $(dirname \"$0\")/chrono.dat`"

12
sources/.openshift/cron/weekly/jobs.allow
View file

@ -1,12 +0,0 @@
#
# Script or job files listed in here (one entry per line) will be
# executed on a weekly-basis.
#
# Example: The chronograph script will be executed weekly but the README
# and chrono.dat files in this directory will be ignored.
#
# The README file is actually ignored due to the entry in the
# jobs.deny which is checked before jobs.allow (this file).
#
chronograph

7
sources/.openshift/cron/weekly/jobs.deny
View file

@ -1,7 +0,0 @@
#
# Any script or job files listed in here (one entry per line) will NOT be
# executed (read as ignored by run-parts).
#
README

4
sources/.openshift/markers/README.md
View file

@ -1,4 +0,0 @@
For information about markers, consult the documentation:
http://openshift.github.io/documentation/oo_user_guide.html#markers
http://openshift.github.io/documentation/oo_cartridge_guide.html#php-markers

0
sources/.openshift/pear.txt
View file