pufferpanel_ynh/scripts/install

#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# MANAGE SCRIPT FAILURE
#=================================================

ynh_clean_setup () {
	### Remove this function if there's nothing to clean before calling the remove script.
	true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================

# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC

### If it's a multi-instance app, meaning it can be installed several times independently
### The id of the app as stated in the manifest is available as $YNH_APP_ID
### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
### The app instance name is available as $YNH_APP_INSTANCE_NAME
###    - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
###    - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
###    - ynhexample__{N} for the subsequent installations, with N=3,4, ...
### The app instance name is probably what interests you most, since this is
### guaranteed to be unique. This is a good unique identifier to define installation path,
### db names, ...
app=$YNH_APP_INSTANCE_NAME

#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================

### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app"
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"

# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)

# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url

#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================

ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app is_public $is_public

#=================================================
# FIND AND OPEN A PORT
#=================================================

### Use these lines if you have to open a port for the application
### `ynh_find_port` will find the first available port starting from the given port.
### If you're not using these lines:
###		- Remove the section "CLOSE A PORT" in the remove script

# Find a free port
port=$(ynh_find_port 8096)
# Open this port
yunohost firewall allow --no-upnp TCP $port 2>&1
ynh_app_setting_set $app port $port

#==============================================
# INSTALL DEPS
#==============================================
dpkg --add-architecture i386
apt-get update
ynh_package_install debian-archive-keyring apt-transport-https openssl curl mysql-client mysql-server php-fpm php-cli php-curl php-mysql openjdk-8-jdk-headless git tar lib32gcc1 lib32tinfo5 lib32z1 lib32stdc++6 libcurl3-gnutls:i386

# Install Other Dependencies
#sudo echo "deb http://http.debian.net/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list
#dpkg --add-architecture i386
#apt-get update
#apt-get install -y -t stretch-backports 
#apt-get install -y openssl curl git tar lib32gcc1 lib32tinfo5 lib32z1 lib32stdc++6 libcurl3-gnutls:i386
#dpkg --add-architecture i386
#apt-get update
#apt-get install -y openssl curl git openjdk-8-jdk-headless tar lib32gcc1 lib32tinfo5 lib32z1 lib32stdc++6 libcurl3-gnutls:i386
    
 #curl -s https://packagecloud.io/install/repositories/pufferpanel/${pufferdRepo}/script.deb.sh | bash

#Adding repo of pufferd
#curl -s https://packagecloud.io/install/repositories/pufferpanel/pufferd/script.deb.sh

unknown_os ()
{
  echo "Unfortunately, your operating system distribution and version are not supported by this script."
  echo
  echo "You can override the OS detection by setting os= and dist= prior to running this script."
  echo "You can find a list of supported OSes and distributions on our website: https://packagecloud.io/docs#os_distro_version"
  echo
  echo "For example, to force Ubuntu Trusty: os=ubuntu dist=trusty ./script.sh"
  echo
  echo "Please email support@packagecloud.io and let us know if you run into any issues."
  exit 1
}

gpg_check ()
{
  echo "Checking for gpg..."
  if command -v gpg > /dev/null; then
    echo "Detected gpg..."
  else
    echo "Installing gnupg for GPG verification..."
    apt-get install -y gnupg
    if [ "$?" -ne "0" ]; then
      echo "Unable to install GPG! Your base system has a problem; please check your default OS's package repositories because GPG should work."
      echo "Repository installation aborted."
      exit 1
    fi
  fi
}

curl_check ()
{
  echo "Checking for curl..."
  if command -v curl > /dev/null; then
    echo "Detected curl..."
  else
    echo "Installing curl..."
    apt-get install -q -y curl
    if [ "$?" -ne "0" ]; then
      echo "Unable to install curl! Your base system has a problem; please check your default OS's package repositories because curl should work."
      echo "Repository installation aborted."
      exit 1
    fi
  fi
}

install_debian_keyring ()
{
  if [ "${os}" = "debian" ]; then
    echo "Installing debian-archive-keyring which is needed for installing "
    echo "apt-transport-https on many Debian systems."
    apt-get install -y debian-archive-keyring &> /dev/null
  fi
}


detect_os ()
{
  if [[ ( -z "${os}" ) && ( -z "${dist}" ) ]]; then
    # some systems dont have lsb-release yet have the lsb_release binary and
    # vice-versa
    if [ -e /etc/lsb-release ]; then
      . /etc/lsb-release

      if [ "${ID}" = "raspbian" ]; then
        os=${ID}
        dist=`cut --delimiter='.' -f1 /etc/debian_version`
      else
        os=${DISTRIB_ID}
        dist=${DISTRIB_CODENAME}

        if [ -z "$dist" ]; then
          dist=${DISTRIB_RELEASE}
        fi
      fi

    elif [ `which lsb_release 2>/dev/null` ]; then
      dist=`lsb_release -c | cut -f2`
      os=`lsb_release -i | cut -f2 | awk '{ print tolower($1) }'`

    elif [ -e /etc/debian_version ]; then
      # some Debians have jessie/sid in their /etc/debian_version
      # while others have '6.0.7'
      os=`cat /etc/issue | head -1 | awk '{ print tolower($1) }'`
      if grep -q '/' /etc/debian_version; then
        dist=`cut --delimiter='/' -f1 /etc/debian_version`
      else
        dist=`cut --delimiter='.' -f1 /etc/debian_version`
      fi

    else
      unknown_os
    fi
  fi

  if [ -z "$dist" ]; then
    unknown_os
  fi

  # remove whitespace from OS and dist name
  os="${os// /}"
  dist="${dist// /}"

  echo "Detected operating system as $os/$dist."
}

main ()
{
  detect_os
  curl_check
  gpg_check

  # Need to first run apt-get update so that apt-transport-https can be
  # installed
  echo -n "Running apt-get update... "
  apt-get update &> /dev/null
  echo "done."

  # Install the debian-archive-keyring package on debian systems so that
  # apt-transport-https can be installed next
  install_debian_keyring

  echo -n "Installing apt-transport-https... "
  apt-get install -y apt-transport-https &> /dev/null
  echo "done."


  gpg_key_url="https://packagecloud.io/pufferpanel/pufferd/gpgkey"
  apt_config_url="https://packagecloud.io/install/repositories/pufferpanel/pufferd/config_file.list?os=debian&dist=stretch&source=script"

  apt_source_path="/etc/apt/sources.list.d/pufferpanel_pufferd.list"

  echo -n "Installing $apt_source_path..."

  # create an apt config file for this repository
  curl -sSf "${apt_config_url}" > $apt_source_path
  curl_exit_code=$?

  if [ "$curl_exit_code" = "22" ]; then
    echo
    echo
    echo -n "Unable to download repo config from: "
    echo "${apt_config_url}"
    echo
    echo "This usually happens if your operating system is not supported by "
    echo "packagecloud.io, or this script's OS detection failed."
    echo
    echo "You can override the OS detection by setting os= and dist= prior to running this script."
    echo "You can find a list of supported OSes and distributions on our website: https://packagecloud.io/docs#os_distro_version"
    echo
    echo "For example, to force Ubuntu Trusty: os=ubuntu dist=trusty ./script.sh"
    echo
    echo "If you are running a supported OS, please email support@packagecloud.io and report this."
    [ -e $apt_source_path ] && rm $apt_source_path
    exit 1
  elif [ "$curl_exit_code" = "35" -o "$curl_exit_code" = "60" ]; then
    echo "curl is unable to connect to packagecloud.io over TLS when running: "
    echo "    curl ${apt_config_url}"
    echo "This is usually due to one of two things:"
    echo
    echo " 1.) Missing CA root certificates (make sure the ca-certificates package is installed)"
    echo " 2.) An old version of libssl. Try upgrading libssl on your system to a more recent version"
    echo
    echo "Contact support@packagecloud.io with information about your system for help."
    [ -e $apt_source_path ] && rm $apt_source_path
    exit 1
  elif [ "$curl_exit_code" -gt "0" ]; then
    echo
    echo "Unable to run: "
    echo "    curl ${apt_config_url}"
    echo
    echo "Double check your curl installation and try again."
    [ -e $apt_source_path ] && rm $apt_source_path
    exit 1
  else
    echo "done."
  fi

  echo -n "Importing packagecloud gpg key... "
  # import the gpg key
  curl -L "${gpg_key_url}" 2> /dev/null | apt-key add - &>/dev/null
  echo "done."

  echo -n "Running apt-get update... "
  # update apt on this system
  apt-get update &> /dev/null
  echo "done."

  echo
  echo "The repository is setup! You can now install packages."
}

main

#apt-key add - https://packagecloud.io/pufferpanel/pufferd/gpgkey
#echo "https://packagecloud.io/install/repositories/pufferpanel/pufferd/config_file.list?os=debian&dist=stretch&source=script" > /etc/apt/sources.list.d/pufferpanel_pufferd.list


#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================

ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"

#==============================================
# INSTALL PufferPanel
#==============================================

#Install Panel
#mv $final_path/


#Install Daemon
mkdir -p /var/lib/pufferd /var/log/pufferd /etc/pufferd
wget https://packagecloud.io/pufferpanel/pufferd/packages/debian/stretch/pufferd_1.2.5_amd64.deb/download.deb
dpkg --install download.deb

echo -e "Installing pufferd using package manager"
pufferdLocation="/srv/pufferd"
installed=0
if [ $OS_INSTALL_CMD == 'apt' ]; then
    apt-get update
    apt-get install pufferd
    pufferdLocation="/usr/sbin/"
elif [ $OS_INSTALL_CMD == 'yum' ]; then
    yum install -y pufferd
    pufferdLocation="/usr/sbin/"
fi

if [ -f "${pufferdLocation}/pufferd" ]; then
    echo "Detected installation via package successful"
else
    echo -e "Failed to install using package manager, manually installing"
    echo -e "Downloading pufferd from $downloadUrl"
    pufferdLocation="/srv/pufferd/"
    mkdir -p /srv/pufferd
    curl -L -o /srv/pufferd/pufferd $downloadUrl
    checkResponseCode
    chmod +x /srv/pufferd/pufferd
    checkResponseCode
    writeServiceFile
    checkResponseCode
    useradd --system --home /var/lib/pufferd --user-group pufferd
fi

if type systemctl &> /dev/null; then
    echo "Stopping service to prepare for installation"
    systemctl stop pufferd
elif type service &> /dev/null; then
    echo "Stopping service to prepare for installation"
    service pufferd stop
fi

if [ -f "${pufferdLocation}/pufferd" ]; then
    echo "Detected installation via package successful"
else
    echo -e "Failed to install using package manager, manually installing"
    echo -e "Downloading pufferd from $downloadUrl"
    pufferdLocation="/srv/pufferd/"
    mkdir -p /srv/pufferd
    curl -L -o /srv/pufferd/pufferd $downloadUrl
    checkResponseCode
    chmod +x /srv/pufferd/pufferd
    checkResponseCode
    writeServiceFile
    checkResponseCode
    useradd --system --home /var/lib/pufferd --user-group pufferd
fi

if type systemctl &> /dev/null; then
    echo "Stopping service to prepare for installation"
    systemctl stop pufferd
elif type service &> /dev/null; then
    echo "Stopping service to prepare for installation"
    service pufferd stop
fi

cd $pufferdLocation
echo -e "Executing pufferd installation"
./pufferd --install --auth http://yuno2.probetech.be --token 64F263CF-F18C-4C11-A118-81E2435B2A86 --config /etc/pufferd/config.json
checkResponseCode

chown -R pufferd:pufferd /var/lib/pufferd /etc/pufferd /var/log/pufferd
if [ -f /srv/pufferd ]; then
  chown -R pufferd:pufferd /srv/pufferd
fi

if type systemctl &> /dev/null; then
    echo "Starting pufferd service"
    systemctl start pufferd
    systemctl enable pufferd
elif type service &> /dev/null; then
    echo "Starting pufferd service"
    service pufferd start
fi

echo "Successfully installed the daemon"


#=================================================
# NGINX CONFIGURATION
#=================================================

# Create a dedicated nginx config
ynh_add_nginx_config

#=================================================
# CREATE DEDICATED USER
#=================================================

# Create a system user
ynh_system_user_create $app

#=================================================
# MODIFY A CONFIG FILE
#=================================================
#cp -a ../conf/onlyoffice-documentserver.conf /etc/onlyoffice/documentserver/nginx/onlyoffice-documentserver.conf
#ynh_replace_string "__NEXTCLOUDDOMAIN__" "$nextcloud_domain" "/etc/loolwsd/loolwsd.xml"
#ynh_replace_string "__PASSWORD__" "$password" "/etc/loolwsd/loolwsd.xml"

#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================

### `ynh_store_file_checksum` is used to store the checksum of a file.
### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`,
### you can make a backup of this file before modifying it again if the admin had modified it.

# Calculate and store the config file checksum into the app settings
#ynh_store_file_checksum "/etc/onlyoffice/documentserver/nginx/onlyoffice-documentserver.conf"


#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================

### For security reason, any app should set the permissions to root: before anything else.
### Then, if write authorization is needed, any access should be given only to directories
### that really need such authorization.

# Set permissions to app files
#chown -R root: /etc/loolwsd


#=================================================
# SETUP SSOWAT
#=================================================

# If app is public, add url to SSOWat conf as skipped_uris
if [ $is_public -eq 1 ]; then
  # unprotected_uris allows SSO credentials to be passed anyway.
  ynh_app_setting_set "$app" unprotected_uris "/"
fi

# Reload services
systemctl reload nginx