You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
210 lines
8.6 KiB
210 lines
8.6 KiB
#! /bin/bash |
|
|
|
script_dir="$(dirname $(readlink -f $0))" |
|
|
|
install_dir_parent="/opt" |
|
default_app_name='biscd' |
|
flask_module_name='biscd' |
|
start_script='run.sh' |
|
|
|
# exit when any command fails |
|
set -e |
|
|
|
# Make sure running as root |
|
if [ `id -u` -ne 0 ]; then |
|
echo 'Please run as root' |
|
exit 1 |
|
fi |
|
|
|
function help () { |
|
echo "Usage: $0 [OPTIONS] <application name>" |
|
echo ' -w install this application as WSGI application. Overrules -d' |
|
echo ' -d install this application to be run using the flask development webserver.' |
|
echo ' -u update: ignore existing app/user/group warning (to update/overwrite already installed app).' |
|
echo ' -p port: On which port the internal webserver runs. Default = 5000. Ignored in WSGI mode' |
|
echo ' -h display this output.' |
|
echo '' |
|
echo "This script installs $default_app_name, by downloading dependancies when not present," |
|
echo 'creating a python virtualenv, unpacking any necessary files and creates a systemd integration if the user wishes so.' |
|
echo '' |
|
echo 'For more info visit https://git.sciuro.org/Burathar/biscd' |
|
exit 1 |
|
} |
|
|
|
function echo_header () { |
|
echo -e "\e[33m== $1 ==\e[0;m" |
|
} |
|
|
|
unset use_wsgi |
|
while getopts ':uhdwp:' opt ; do |
|
case "$opt" in |
|
u) ignore_name='true';; |
|
d) use_wsgi='false';; |
|
w) use_wsgi='true';; |
|
p) internal_port="${OPTARG}";; |
|
h) help ;; |
|
:) |
|
echo "$0: Must supply an argument to -$OPTARG." >&2 |
|
exit 1 |
|
;; |
|
?) |
|
echo "Invalid option: -${OPTARG}." |
|
exit 2 |
|
;; |
|
esac |
|
done |
|
arg_name=${@:$OPTIND:1} |
|
|
|
if [ -n "$arg_name" ]; then |
|
[[ $arg_name =~ ^[a-zA-Z0-9][a-zA-Z0-9_-]*$ ]] || { echo "'$arg_name' is not allowed as an app name. Please only use letters, numbers, underscores(_) and dashes(-). The first character must be a letter or number." && exit 1; } |
|
if [ "$ignore_name" != 'true' ]; then |
|
compgen -G "/etc/systemd/system/$arg_name.*" >/dev/null && echo "An app called '$arg_name' already exists. Please choose another name, or run with -u to update existing app with this name." && exit 1 |
|
id -u "$arg_name" >/dev/null 2>&1 && echo "A user called '$arg_name' already exists. Please choose another name." && exit 1 |
|
egrep "^$arg_name" /etc/group >/dev/null && echo "A group called '$arg_name' already exists. Please choose another name." && exit 1 |
|
fi |
|
app_name="$arg_name" |
|
else |
|
app_name="$default_app_name" |
|
fi |
|
|
|
install_dir="$install_dir_parent/$app_name" |
|
logging_dir="/var/log/$app_name" |
|
|
|
if [ -z "$use_wsgi" ]; then |
|
echo "Should this application be installed as WSGI app (recommended), or as local daemon using flask's built-in webserver, with apache as a proxy?" |
|
read -p "Use WSGI? (Y/n) " use_wsgi |
|
[ -z "$use_wsgi" ] && use_wsgi='y' # if no input, assume yes |
|
case ${use_wsgi:0:1} in |
|
y|Y|1 ) |
|
use_wsgi='true';; |
|
* ) |
|
use_wsgi='false';; |
|
esac |
|
fi |
|
|
|
if [ "$use_wsgi" != 'true' ]; then |
|
echo "Do you want to daemonize this application using systemd? (you'll have to start it manually every login session if you choose no)" |
|
read -p "Use Systemd? (Y/n) " use_systemd |
|
[ -z "$use_systemd" ] && use_systemd='y' # if no input, assume yes |
|
case ${use_systemd:0:1} in |
|
y|Y|1 ) |
|
use_systemd='true';; |
|
* ) |
|
use_systemd='false';; |
|
esac |
|
|
|
if [ -z "$internal_port" ]; then |
|
echo "Please specify an internal port for the built-in webserver. This port will only be used locally." |
|
read -p "Port [5000]" internal_port |
|
[ -z "$internal_port" ] && internal_port=5000 |
|
fi |
|
fi |
|
|
|
echo_header "Check if Apache2 is installed" |
|
which apache2 >/dev/null 2>&1 && echo "Apache OK" || { echo "Apache2 doesn't seem te be installed. Please fix this before installing this application." && exit 1; } |
|
|
|
if [ "$use_wsgi" = 'true' ]; then |
|
echo_header "Make sure mod-wsgi-py3 is installed" |
|
apt-get install -y libapache2-mod-wsgi-py3 |
|
fi |
|
|
|
echo_header "Copy over application files" |
|
mkdir -vp "$install_dir" |
|
cp -rv "$script_dir/$default_app_name/." "$install_dir" |
|
sed -i "s+^app_name=.*+app_name='${flask_module_name}'+g" "$install_dir/run.sh" |
|
sed -i "s+confuse.Configuration(*, __name__)+confuse.Configuration('$app_name', __name__)'+g" "$install_dir/$flask_module_name/__init__.py" |
|
|
|
cp -v "$script_dir/installation-files/uninstall.sh" "$install_dir" |
|
sed -i "s+^app_name=.*+app_name='${app_name}'+g" "$install_dir/uninstall.sh" |
|
sed -i "s+^install_dir=.*+install_dir='${install_dir}'+g" "$install_dir/uninstall.sh" |
|
|
|
cp -v "$script_dir/version" "$install_dir" |
|
cp -v "$script_dir/README.md" "$install_dir" |
|
|
|
mkdir -vp "/etc/$app_name" |
|
cp -v "$script_dir/installation-files/config_example.yaml" "/etc/$app_name/config.yaml" |
|
sed -i "s/^port =.*/port = $internal_port/g" "$install_dir/$flask_module_name/config_default.yaml" |
|
sed -i "s+^logfile :.*+logfile : $logging_dir/reports.log+g" "$install_dir/$flask_module_name/config_default.yaml" |
|
sed -i "s+^errorfile :.*+errorfile : $logging_dir/error.log+g" "$install_dir/$flask_module_name/config_default.yaml" |
|
|
|
cp -v "$script_dir/installation-files/projects_example.yaml" "/etc/$app_name/projects.yaml" |
|
|
|
|
|
echo_header "Copy over and enable apache vhost" |
|
if [ "$use_wsgi" = 'true' ]; then |
|
cp -v "$script_dir/installation-files/$default_app_name-wsgi.conf" "/etc/apache2/sites-available/$app_name.conf" |
|
sed -i "s/APPNAME/$app_name/g" "/etc/apache2/sites-available/$app_name.conf" |
|
sed -i "s/USER/$app_name/g" "/etc/apache2/sites-available/$app_name.conf" |
|
sed -i "s/GROUP/$app_name/g" "/etc/apache2/sites-available/$app_name.conf" |
|
|
|
ln -sfv "/etc/apache2/sites-available/$app_name.conf" "/etc/apache2/sites-enabled/$app_name.conf" |
|
|
|
echo_header "Installing wsgi-script" |
|
mkdir -vp "/var/www/wsgi-scripts" |
|
cp -v "$script_dir/installation-files/$default_app_name.wsgi" "/var/www/wsgi-scripts/$app_name.wsgi" |
|
sed -i "s+INSTALLDIR+$install_dir+g" "/var/www/wsgi-scripts/$app_name.wsgi" |
|
sed -i "s/APPNAME/$flask_module_name/g" "/var/www/wsgi-scripts/$app_name.wsgi" |
|
else |
|
cp -v "$script_dir/installation-files/$default_app_name-proxy.conf" "/etc/apache2/sites-available/$app_name.conf" |
|
sed -i "s/PORT/$internal_port/g" "/etc/apache2/sites-available/$app_name.conf" |
|
|
|
ln -sfv "/etc/apache2/sites-available/$app_name.conf" "/etc/apache2/sites-enabled/$app_name.conf" |
|
fi |
|
|
|
|
|
echo_header "Create $app_name user" |
|
adduser --debug --system --home "$install_dir" --shell "/usr/sbin/nologin" --group --gecos "CSP violation report application" -q "$app_name" |
|
usermod -a -G "$app_name" root # Add root to group to prevent warnings when editing config file |
|
|
|
|
|
echo_header "Create logging directory" |
|
mkdir -p "$logging_dir" |
|
chown -v --from=root:root root:"$app_name" "$logging_dir" |
|
chmod -v 770 "$logging_dir" |
|
touch "$logging_dir/reports.log" |
|
chown -v --from=root:root "$app_name":"$app_name" "$logging_dir/reports.log" |
|
|
|
|
|
echo_header "Make sure python3 and virtualenv are installed" |
|
python3 --version || apt-get install -y python3 |
|
|
|
# Testing to check if venv is installed does not work, venv command can respond to a versioncheck, and still not have neccesary libraries present. |
|
apt-get install -y python3-venv |
|
|
|
|
|
echo_header "Create virualenv" |
|
[ -f "$install_dir/venv/bin/activate" ] || python3 -m venv "$install_dir/venv" |
|
source "$install_dir/venv/bin/activate" |
|
pip install setuptools wheel |
|
pip install -r "$script_dir/$default_app_name/requirements.txt" |
|
|
|
python_version=`ls "$install_dir/venv/lib" | grep python3 | head -1` |
|
echo "$install_dir/" > "$install_dir/venv/lib/$python_version/site-packages/$flask_module_name.pth" |
|
[ "$use_wsgi" = 'true' ] && sed -i "s/PYTHON_VERSION/$python_version/g" "/var/www/wsgi-scripts/$default_app_name.wsgi" |
|
|
|
|
|
echo_header "Give $app_name user ownership of application dir" |
|
chown --recursive "$app_name":"$app_name" "$install_dir" |
|
chown -v root:"$app_name" "$install_dir" |
|
chmod -v 775 "$install_dir" |
|
chmod -v 754 "$install_dir/run.sh" "$install_dir/runserver.py" |
|
chmod -v 744 "$install_dir/uninstall.sh" |
|
|
|
|
|
if [ "$use_wsgi" != 'true' ] && [ "$use_systemd" = 'true' ]; then |
|
echo_header "Enable as systemd service" |
|
cp "$script_dir/installation-files/$default_app_name.service" "/etc/systemd/system/$app_name.service" |
|
sed -i "s+^ExecStart=.*+ExecStart=${install_dir}/${start_script}+g" "/etc/systemd/system/$app_name.service" |
|
sed -i "s+^User=.*+User=${app_name}+g" "/etc/systemd/system/$app_name.service" |
|
systemctl daemon-reload |
|
systemctl enable "$app_name.service" |
|
systemctl restart "$app_name.service" |
|
systemctl status "$app_name.service" |
|
fi |
|
|
|
|
|
echo_header "$app_name is installed!" |
|
|
|
echo "If everything works, it is safe to remove this installation directory" |
|
echo -e "\e[1;35mNow please review/edit /etc/apache2/sites-enabled/$app_name.conf, and then run 'systemctl restart apache2.service'\e[0m" |
|
exit 0
|
|
|