#!/bin/bash #================================================= # GENERIC START #================================================= # Source YunoHost helpers source /usr/share/yunohost/helpers # Stop script if errors ynh_abort_if_errors # Import common cmd source ./experimental_helper.sh source ./_common.sh ynh_script_progression --message="Validating installation parameters..." # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN path_url=$(ynh_normalize_url_path --path_url $YNH_APP_ARG_PATH) server_name="$YNH_APP_ARG_SERVER_NAME" admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC seafile_data=/home/yunohost.app/seafile-data final_path=/opt/yunohost/$app seafile_user=$app admin_password=$YNH_APP_ARG_ADMIN_PASSWORD # Create special path with / at the end if [[ $path_url == '/' ]] then path_url2=$path_url else path_url2=$path_url"/" fi # Register (book) web path ynh_webpath_register --app $app --domain $domain --path_url $path_url # Check Final Path availability test ! -e "$final_path" || ynh_die --message "This path already contains a folder" # Find available ports ynh_script_progression --message="Finding available ports..." seahub_port=$(ynh_find_port --port 8000) fileserver_port=$(ynh_find_port --port 8082) webdav_port=$(ynh_find_port --port 8080) if [ $fileserver_port -eq $webdav_port ]; then webdav_port=$(ynh_find_port --port $((fileserver_port + 1))) fi # store config in yunohost ynh_script_progression --message="Storing installation settings..." ynh_app_setting_set --app $app --key server_name --value "$server_name" ynh_app_setting_set --app $app --key final_path --value $final_path ynh_app_setting_set --app $app --key seafile_user --value $seafile_user ynh_app_setting_set --app $app --key admin --value $admin ynh_app_setting_set --app $app --key seahub_port --value $seahub_port ynh_app_setting_set --app $app --key fileserver_port --value $fileserver_port ynh_app_setting_set --app $app --key webdav_port --value $webdav_port ynh_app_setting_set --app $app --key is_public --value $is_public ynh_app_setting_set --app $app --key installed_version --value $seafile_version #================================================= # STANDARD MODIFICATIONS #================================================= # Create User ynh_script_progression --message="Configuring system user..." ynh_system_user_create --username $seafile_user --home_dir $final_path # Check dependencies ynh_script_progression --message="Installing dependencies..." --weight=7 install_dependance # Copy files to the right place ynh_script_progression --message="Cleaning data directory..." test -e $seafile_data && ynh_secure_remove --file="$seafile_data" ynh_script_progression --message="Creating base directory..." mkdir -p $final_path mkdir -p $final_path/installed mkdir -p $final_path/logs mkdir -p $final_path/seafile-data # Download new version from sources ynh_script_progression --message="Installing sources files..." --weight=7 install_source # init databases ynh_script_progression --message="Configuring MySQL database..." db_user=seafile ynh_mysql_setup_db --db_user $db_user --db_name ccnetdb ynh_mysql_setup_db --db_user $db_user --db_name seafiledb --db_pwd "$db_pwd" ynh_mysql_setup_db --db_user $db_user --db_name seahubdb --db_pwd "$db_pwd" ynh_script_progression --message="Configuring application..." --weight=3 # Run install script chmod +x expect_scripts/install.exp chmod +x $final_path/seafile-server-$seafile_version/setup-seafile-mysql.sh expect_scripts/install.exp "$final_path/seafile-server-$seafile_version" "$server_name" "$domain" "$seafile_data" "$fileserver_port" "$db_pwd" # Update seafile config ynh_replace_string --match_string http:// --replace_string https:// --target_file $final_path/conf/ccnet.conf ynh_replace_string --match_string :8000 --replace_string $path_url --target_file $final_path/conf/ccnet.conf echo 'FILE_SERVER_ROOT = "https://'$domain'/seafhttp"' | tee -a $final_path/conf/seahub_settings.py echo 'SITE_ROOT = "'$path_url2'"' | tee -a $final_path/conf/seahub_settings.py echo 'SERVE_STATIC = False' | tee -a $final_path/conf/seahub_settings.py echo 'MEDIA_URL = "'$path_url2'media/"' | tee -a $final_path/conf/seahub_settings.py echo 'COMPRESS_URL = MEDIA_URL' | tee -a $final_path/conf/seahub_settings.py echo "STATIC_URL = MEDIA_URL + 'assets/'" | tee -a $final_path/conf/seahub_settings.py echo "LOGIN_URL = '"$path_url2"accounts/login/'" | tee -a $final_path/conf/seahub_settings.py echo "ALLOWED_HOSTS = ['"$domain"']" | tee -a $final_path/conf/seahub_settings.py # Email configuration echo 'EMAIL_USE_TLS = False' | tee -a $final_path/conf/seahub_settings.py echo 'EMAIL_HOST = "localhost"' | tee -a $final_path/conf/seahub_settings.py echo 'EMAIL_HOST_USER = "seafile@'$domain'"' | tee -a $final_path/conf/seahub_settings.py echo 'EMAIL_PORT = "25"' | tee -a $final_path/conf/seahub_settings.py echo 'DEFAULT_FROM_EMAIL = "seafile@'$domain'"' | tee -a $final_path/conf/seahub_settings.py echo 'SERVER_EMAIL = "seafile@'$domain'"' | tee -a $final_path/conf/seahub_settings.py echo 'EMAIL_HOST_PASSWORD = ""' | tee -a $final_path/conf/seahub_settings.py echo "TIME_ZONE = \"$(cat /etc/timezone)\"" | tee -a $final_path/conf/seahub_settings.py # SSO authentication echo 'ENABLE_REMOTE_USER_AUTHENTICATION = True' | tee -a $final_path/conf/seahub_settings.py echo "REMOTE_USER_HEADER = 'HTTP_EMAIL'" | tee -a $final_path/conf/seahub_settings.py echo 'REMOTE_USER_CREATE_UNKNOWN_USER = False' | tee -a $final_path/conf/seahub_settings.py echo "REMOTE_USER_PROTECTED_PATH = ['$path_url', '$path_url/accounts/login']" | tee -a $final_path/conf/seahub_settings.py # LDAP configuration echo '[LDAP]' | tee -a $final_path/conf/ccnet.conf echo 'HOST = ldap://localhost:389' | tee -a $final_path/conf/ccnet.conf echo 'BASE = ou=users,dc=yunohost,dc=org' | tee -a $final_path/conf/ccnet.conf echo 'LOGIN_ATTR = mail' | tee -a $final_path/conf/ccnet.conf # Enable manually wiki echo 'ENABLE_WIKI = True' | tee -a $final_path/conf/seahub_settings.py # Fix local warning ynh_replace_string --match_string en_US.UTF-8 --replace_string ${LANG:-'en_US.UTF-8'} --target_file $final_path/seafile-server-$seafile_version/seahub.sh # Update gunicorn config sed --in-place -r "s@bind = \"127\.0\.0\.1:[[:digit:]]+\"@bind = \"127.0.0.1:$seahub_port\"@g" $final_path/conf/gunicorn.conf # Add webdav cp ../conf/seafdav.conf $final_path/conf/seafdav.conf ynh_replace_string --match_string __WEBDAV_PORT__ --replace_string $webdav_port --target_file $final_path/conf/seafdav.conf # Add Seafile Server to startup ynh_script_progression --message="Configuring a systemd service..." --weight=2 ynh_add_systemd_config --service seafile --template seafile.service ynh_add_systemd_config --service seahub --template seahub.service # Config nginx ynh_script_progression --message="Configuring nginx..." --weight=1 ynh_add_nginx_config 'seahub_port fileserver_port webdav_port' # Copy first launch script cp expect_scripts/first_launch.exp $final_path chmod +x $final_path/first_launch.exp # Set permissions to seafile directory chown -R $seafile_user:$seafile_user $final_path chown -R $seafile_user:$seafile_user $seafile_data # Sometime we have a current effect. We try to lunch seafile when not all permissions are already set. # So wait untils all permissions are cleanly set sleep 5 ynh_debug_exec ls /opt/yunohost/seafile/ccnet # Start seafile, seahub and populate admin account su - $seafile_user -s /bin/bash -c "$final_path/seafile-server-$seafile_version/seafile.sh start" # We escape all char witch needed. ynh_replace_special_string --match_string __ADMIN_PASSWORD__ --replace_string "$admin_password" --target_file $final_path/first_launch.exp admin_email=$(ynh_user_get_info --username $admin --key 'mail') su - $seafile_user -s /bin/bash -c "$final_path/first_launch.exp $final_path/seafile-server-$seafile_version $admin_email" ynh_secure_remove --file="$final_path/first_launch.exp" #================================================= # GENERIC FINALIZATION #================================================= # Set all permissions ynh_script_progression --message="Protecting directory..." set_permission ynh_script_progression --message="Configuring permissions..." # Add sso config to unprotect domain.tld/seafhttp + domain.tld/seafdav do in /etc/ssowat/conf.json.persistent python3 ../conf/add_sso_conf.py || ynh_die --message="Your file /etc/ssowat/conf.json.persistent doesn't respect the json syntax. Please fix the syntax to install this app." # unprotect media ynh_app_setting_set --app $app --key unprotected_uris --value "/media" if [ "$is_public" = "0" ] then ynh_app_setting_delete --app seafile --key unprotected_uris else ynh_app_setting_set --app $app --key unprotected_uris --value "/" fi # Add logrotate ynh_script_progression --message="Configuring log rotation..." ynh_use_logrotate --logfile $final_path/logs ln -s $final_path/logs /var/log/seafile # Add fail2ban ynh_script_progression --message="Configuring fail2ban..." --weight=10 ynh_add_fail2ban_config --use_template --others_var 'final_path' # register yunohost service yunohost service add seafile yunohost service add seahub ynh_script_progression --message="Stoping services..." --weight=3 # Kill all services launched for initialisation su - $seafile_user -s /bin/bash -c "$final_path/seafile-server-latest/seafile.sh stop" su - $seafile_user -s /bin/bash -c "$final_path/seafile-server-latest/seahub.sh stop" sleep 2 # We kill all process lunched by the script pkill -f seafile-controller || true pkill -f seaf-server || true # Start service ynh_script_progression --message="Starting seafile services..." --weight=3 ynh_systemd_action --service_name seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log ynh_systemd_action --service_name seahub -l "Started Seafile hub." -p "systemd" sleep 2 ynh_script_progression --message="Installation of $app completed" --last