8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-27 07:02:26 +00:00

Comments, cleanup, reorder and echo in install_re2o.sh

This commit is contained in:
Maël Kervella 2018-05-15 23:28:45 +00:00
parent 0fe734e097
commit 4963ec3c1b

View file

@ -1,90 +1,182 @@
#!/bin/bash #!/bin/bash
setup_ldap() { setup_ldap() {
### Usage: setup_ldap <ldap_password> <local_domain>
#
# This function is used to setup the LDAP structure based on the ldiff files
# located in 'install_utils/'. It will delete the previous structure and data
# and recreate a new empty one.
#
# Parameters:
# * ldap_password: the clear password for the admin user of the LDAP
# * local_domain: the domain extension to use for the LDAP structure in LDAP notation
###
apt-get -y install slapd apt-get -y install slapd
echo "Hashing the LDAP password ..." echo "Hashing the LDAP password ..."
hashed_ldap_passwd=$(slappasswd -s $1) hashed_ldap_passwd=$(slappasswd -s $1)
echo "Hash of the password: $hashed_ldap_passwd"
echo $hashed_ldap_passwd echo "Building the LDAP config files ..."
echo "Building the LDAP config files"
sed 's|dc=example,dc=org|'"$2"'|g' install_utils/db.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db sed 's|dc=example,dc=org|'"$2"'|g' install_utils/db.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db
sed 's|dc=example,dc=org|'"$2"'|g' install_utils/schema.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema sed 's|dc=example,dc=org|'"$2"'|g' install_utils/schema.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema
echo "Building the LDAP config files: Done"
echo "Deleting exisitng LDAP configuration" echo "Stopping slapd service ..."
service slapd stop service slapd stop
echo "Stopping slapd service: Done"
echo "Deleting exisitng LDAP configuration ..."
rm -rf /etc/ldap/slapd.d/* rm -rf /etc/ldap/slapd.d/*
rm -rf /var/lib/ldap/* rm -rf /var/lib/ldap/*
echo "Deleting existing LDAP configuration: Done"
echo "Setting up the new LDAP configuration" echo "Setting up the new LDAP configuration ..."
slapadd -n 0 -l /tmp/schema -F /etc/ldap/slapd.d/ slapadd -n 0 -l /tmp/schema -F /etc/ldap/slapd.d/
slapadd -n 1 -l /tmp/db slapadd -n 1 -l /tmp/db
echo "Setting up the new LDAP configuration: Done"
echo "Fixing the LDAP files permissions and restarting slapd" echo "Fixing the LDAP files permissions ..."
chown -R openldap:openldap /etc/ldap/slapd.d chown -R openldap:openldap /etc/ldap/slapd.d
chown -R openldap:openldap /var/lib/ldap chown -R openldap:openldap /var/lib/ldap
echo "Fixing the LDAP files permissions: Done"
echo "Starting slapd service ..."
service slapd start service slapd start
echo "Starting slapd service: Done"
} }
install_re2o_server() { install_re2o_server() {
echo "Re2o setup ! ### Usage: install_re2o_server
This tool will help you setup re2o. It is highly recommended to use a Debian clean server for this operation. #
Installing sudo and dialog packages..." # This function will guide through the automated setup of Re2o by asking
# the user for some informations and some installation choices. It will
# then proceed to setup and configuration of the required tools according
# to the user choices.
###
export DEBIAN_FRONTEND=noninteractive echo "Re2o setup !"
echo "This tool will help you setup re2o. It is highly recommended to use a Debian clean server for this operation."
echo "Installing basic packages required for this script to work ..."
apt-get -y install sudo dialog apt-get -y install sudo dialog
echo "Installing basic packages required for this script to work: Done"
# Common setup for the dialog prompts
export DEBIAN_FRONTEND=noninteractive
HEIGHT=15 HEIGHT=15
WIDTH=40 WIDTH=40
CHOICE_HEIGHT=4 CHOICE_HEIGHT=4
TITLE="Re2o setup !"
#############
## Welcome ##
#############
BACKTITLE="Re2o setup"
# Welcome prompt
TITLE="Welcome"
MSGBOX="This tool will help you setup re2o. It is highly recommended to use a Debian clean server for this operation." MSGBOX="This tool will help you setup re2o. It is highly recommended to use a Debian clean server for this operation."
init=$(dialog --clear \ init=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" \ --title "$TITLE" --msgbox "$MSGBOX" \
--msgbox "$MSGBOX" \ $HEIGHT $WIDTH 2>&1 >/dev/tty)
$HEIGHT $WIDTH \
2>&1 >/dev/tty)
######################
## Database options ##
######################
BACKTITLE="Re2o setup - configuration of the database"
# Prompt for choosing the database engine
BACKTITLE="Re2o preconfiguration of the database"
TITLE="Database engine" TITLE="Database engine"
MENU="Which engine should be used as the database ?" MENU="Which engine should be used as the database ?"
OPTIONS=(1 "mysql" OPTIONS=(1 "mysql"
2 "postgresql") 2 "postgresql")
sql_bdd_type=$(dialog --clear \ sql_bdd_type=$(dialog --clear --backtitle "$BACKTITLE" \
--backtitle "$BACKTITLE" \ --title "$TITLE" --menu "$MENU" \
--title "$TITLE" \ $HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
# Prompt for choosing the database location
TITLE="SQL location"
MENU="Where to install the SQL database ?
* 'Local' will setup everything automatically but is not recommended for production
* 'Remote' will ask you to manually perform some setup commands on the remote server)"
OPTIONS=(1 "Local"
2 "Remote")
sql_is_local=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
if [ $sql_is_local == 2 ]; then
# Prompt to enter the remote database hostname
TITLE="SQL hostname"
INPUTBOX="The hostname of the remote SQL database"
sql_host=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --inputbox "$INPUTBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
# Prompt to enter the remote database name
TITLE="SQL database name"
INPUTBOX="The name of the remote SQL database"
sql_name=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --inputbox "$INPUTBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
# Prompt to enter the remote database username
TITLE="SQL username"
INPUTBOX="The username to access the remote SQL database"
sql_login=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --inputbox "$INPUTBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
clear clear
else
# Use of default values for local setup
sql_name="re2o"
sql_login="re2o"
sql_host="localhost"
fi
# Prompt to enter the database password
TITLE="SQL password"
INPUTBOX="The password to access the SQL database"
sql_password=$(dialog --clear --bakctitle "$BACKTITLE"
--title "$TITLE" --inputbox "$INPUTBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
##############################
## Active directory options ##
##############################
BACKTITLE="Re2o setup - configuration of the active directory"
TITLE="Local extension" # Prompt to choose the LDAP location
INPUTBOX="The local extension to use (e.g. 'example.net'). This is used in the LDAP configuration." TITLE="LDAP location"
extension_locale=$(dialog --title "$TITLE" \ MENU="Where would you like to install the LDAP ?
--backtitle "$BACKTITLE" \ * 'Local' will setup everything automatically but is not recommended for production
--inputbox "$INPUTBOX" \ * 'Remote' will ask you to manually perform some setup commands on the remote server)"
$HEIGHT $WIDTH \ OPTIONS=(1 "Local"
2>&1 >/dev/tty) 2 "Remote")
clear ldap_is_local=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
# Prompt to enter the LDAP domain extension
TITLE="Domain extension"
INPUTBOX="The local domain extension to use (e.g. 'example.net'). This is used in the LDAP configuration."
extension_locale=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --inputbox "$INPUTBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
# Building the DN of the LDAP from the extension
IFS='.' read -a extension_locale_array <<< $extension_locale IFS='.' read -a extension_locale_array <<< $extension_locale
for i in "${extension_locale_array[@]}" for i in "${extension_locale_array[@]}"
do do
ldap_dn+="dc=$i," ldap_dn+="dc=$i,"
@ -92,118 +184,29 @@ done
ldap_dn=${ldap_dn::-1} ldap_dn=${ldap_dn::-1}
echo $ldap_dn echo $ldap_dn
if [ $ldap_is_local == 2 ]; then
# Prompt to enter the remote LDAP hostname
TITLE="LDAP hostname"
INPUTBOX="The hostname of the remote LDAP"
ldap_host=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --inputbox "$INPUTBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
# Prompt to choose if TLS should be activated or not for the LDAP
TITLE="TLS on LDAP"
MENU="Would you like to activate TLS for communicating with the remote LDAP ?"
TITLE="SQL location"
MENU="Where to install the SQL database ?
* 'Local' will setup everything automatically but is not recommended for production
* 'Remote' will ask you to manually perform some setup commands on the remote server)"
OPTIONS=(1 "Local"
2 "Remote")
sql_is_local=$(dialog --clear \
--backtitle "$BACKTITLE" \
--title "$TITLE" \
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
clear
TITLE="SQL password"
INPUTBOX="The password to access the SQL database"
sql_password=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$INPUTBOX" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
if [ $sql_is_local == 2 ]
then
TITLE="SQL username"
INPUTBOX="The username to access the remote SQL database"
sql_login=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$INPUTBOX" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
TITLE="SQL database name"
INPUTBOX="The name of the remote SQL database"
sql_name=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$INPUTBOX" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
TITLE="SQL host"
INPUTBOX="The host of the remote SQL database"
sql_host=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$INPUTBOX" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
else
sql_name="re2o"
sql_login="re2o"
sql_host="localhost"
fi
BACKTITLE="Re2o preconfiguration of the active directory"
TITLE="LDAP location"
MENU="Where to install the LDAP ?
* 'Local' will setup everything automatically but is not recommended for production
* 'Remote' will ask you to manually perform some setup commands on the remote server)"
OPTIONS=(1 "Local"
2 "Remote")
ldap_is_local=$(dialog --clear \
--backtitle "$BACKTITLE" \
--title "$TITLE" \
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
TITLE="LDAP password"
INPUTBOX="The password to access the LDAP"
ldap_password=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$INPUTBOX" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
if [ $ldap_is_local == 2 ]
then
TITLE="CN of amdin user"
INPUTBOX="The CN entry for the admin user of the remote LDAP"
ldap_cn=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$INPUTBOX" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
TITLE="LDAP host"
INPUTBOX="The host of the remote LDAP"
ldap_host=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$INPUTBOX" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
TITLE="Activate TLS for remote LDAP ?"
OPTIONS=(1 "Yes" OPTIONS=(1 "Yes"
2 "No") 2 "No")
ldap_tls=$(dialog --title "$TITLE" \ ldap_tls=$(dialog --clear --backtitle "$BACKTITLE" \
--backtitle "$BACKTITLE" \ --title "$TITLE" --MENU "$MENU" \
--MENU "$MENU"\ $HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \ # Prompt to enter the admin's CN of the remote LDAP
2>&1 >/dev/tty) TITLE="CN of amdin user"
clear INPUTBOX="The CN entry for the admin user of the remote LDAP"
ldap_cn=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --inputbox "$INPUTBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
else else
ldap_cn="cn=admin," ldap_cn="cn=admin,"
ldap_cn+=$ldap_dn ldap_cn+=$ldap_dn
@ -211,70 +214,149 @@ else
ldap_tls=2 ldap_tls=2
fi fi
# Prompt to enter the LDAP password
TITLE="LDAP password"
INPUTBOX="The password to access the LDAP"
ldap_password=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --inputbox "$INPUTBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
#########################
## Mail server options ##
#########################
BACKTITLE="Re2o preconfiguration of the mail server" BACKTITLE="Re2o setup - configuration of the mail server"
TITLE="Mail server host" # Prompt to enter the hostname of the mail server
INPUTBOX="The host of the mail server to use" TITLE="Mail server hostname"
email_host=$(dialog --title "$TITLE" \ INPUTBOX="The hostname of the mail server to use"
--backtitle "$BACKTITLE" \ email_host=$(dialog --clear --backtitle "$BACKTITLE" \
--inputbox "$TITLE" \ --title "$TITLE" --inputbox "$TITLE" \
$HEIGHT $WIDTH \ $HEIGHT $WIDTH 2>&1 >/dev/tty)
2>&1 >/dev/tty)
TITLE="Mail server Port" # Prompt to choose the port of the mail server
TITLE="Mail server port"
MENU="Which port (thus which protocol) to use to contact the mail server" MENU="Which port (thus which protocol) to use to contact the mail server"
OPTIONS=(25 "SMTP" OPTIONS=(25 "SMTP"
465 "SMTPS" 465 "SMTPS"
587 "Submission") 587 "Submission")
email_port=$(dialog --clear \ email_port=$(dialog --clear --backtitle "$BACKTITLE" \
--backtitle "$BACKTITLE" \ --title "$TITLE" --menu "$MENU" \
--title "$TITLE" \ $HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty) ########################
## Web server options ##
########################
BACKTITLE="Re2o setup - configuration of the web server"
# Prompt to choose the web server
TITLE="Web server to use"
MENU="Which web server to install for accessing Re2o web frontend (automatic setup of nginx is not supported) ?"
OPTIONS=(1 "apache2"
2 "nginx")
web_serveur=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
# Prompt to enter the requested URL for the web frontend
TITLE="Web URL"
INPUTBOX="URL for accessing the web server (e.g. re2o.example.net). Be sure that this URL is accessible and correspond to a DNS entry (if applicable)."
url_server=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --inputbox "$INPUTBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
# Prompt to choose if the TLS should be setup or not for the web server
TITLE="TLS on web server"
MENU="Would you like to activate the TLS (with Let'Encrypt) on the web server ?"
OPTIONS=(1 "Yes"
2 "No")
is_tls=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
###############################
## End of configuration step ##
###############################
BACKTITLE="Re2o setup"
# Prompt to inform the config setup is over
TITLE="End of configuration step"
MSGBOX="The configuration step is now finished. The script will now perform the following actions:
* Install the required packages
* Install and setup the requested database if 'local' has been selected
* Install and setup the ldap if 'local' has been selected
* Write a local version of 'settings_local.py' file with the previously given informations
* Apply the Django migrations for the project
* Collect the statics for the web interface
* Install and setup the requested web server
* Install and setup a TLS certificate for the web server if requested"
end_config=$(dialog --clear --backtitle "$BACKTITLE" \
--title "$TITLE" --msgbox "$MSGBOX" \
$HEIGHT $WIDTH 2>&1 >/dev/tty)
clear clear
###############################
## Install required packages ##
###############################
echo "Setting up the required packages ..."
TITLE="Re2o setup !" apt-get -y install \
MSGBOX="Setup of the required packages" python3-django \
install_base=$(dialog --clear \ python3-dateutil \
--title "$TITLE" \ texlive-latex-base \
--msgbox "$MSGBOX" \ texlive-fonts-recommended \
$HEIGHT $WIDTH \ python3-djangorestframework \
2>&1 >/dev/tty) python3-django-reversion \
python3-pip \
echo "Setup of the required packages" libsasl2-dev libldap2-dev \
apt-get -y install python3-django python3-dateutil texlive-latex-base texlive-fonts-recommended python3-djangorestframework python3-django-reversion python3-pip libsasl2-dev libldap2-dev libssl-dev python3-crypto python3-git libjs-jquery libjs-jquery-uil libjs-jquery-timepicker libjs-bootstrap libssl-dev \
python3-crypto \
python3-git \
libjs-jquery \
libjs-jquery-uil \
libjs-jquery-timepicker \
libjs-bootstrap
pip3 install django-bootstrap3 django-ldapdb==0.9.0 django-macaddress pip3 install django-bootstrap3 django-ldapdb==0.9.0 django-macaddress
echo "Setting up the required packages: Done"
####################
## Setup database ##
####################
echo "Setting up the database ..."
echo "SQL Database setup" if [ $sql_bdd_type == 1 ]; then
if [ $sql_bdd_type == 1 ]
then echo "Installing MySQL client ..."
apt-get -y install python3-mysqldb mysql-client apt-get -y install python3-mysqldb mysql-client
echo "Installing MySQL client: Done"
mysql_command="CREATE DATABASE $sql_name collate='utf8_general_ci'; mysql_command="CREATE DATABASE $sql_name collate='utf8_general_ci';
CREATE USER '$sql_login'@'localhost' IDENTIFIED BY '$sql_password'; CREATE USER '$sql_login'@'localhost' IDENTIFIED BY '$sql_password';
GRANT ALL PRIVILEGES ON $sql_name.* TO '$sql_login'@'localhost'; GRANT ALL PRIVILEGES ON $sql_name.* TO '$sql_login'@'localhost';
FLUSH PRIVILEGES;" FLUSH PRIVILEGES;"
if [ $sql_is_local == 1 ]
then if [ $sql_is_local == 1 ]; then
echo "Setting up local MySQL server ..."
apt-get -y install mysql-server apt-get -y install mysql-server
mysql -u root --execute="$mysql_command" mysql -u root --execute="$mysql_command"
echo "Setting up local MySQL server: Done"
else else
echo "Please execute the following command on the remote SQL server and then continue" echo "Please execute the following command on the remote SQL server and then continue"
echo "$mysql_command" echo "$mysql_command"
while true while true; do
do
read -p "Continue (y/n)?" choice read -p "Continue (y/n)?" choice
case "$choice" in case "$choice" in
y|Y ) break;; y|Y ) break;;
@ -283,24 +365,30 @@ then
esac esac
done done
fi fi
else else
echo "Installing PostgreSQL client ..."
apt-get -y install postgresql-client python3-psycopg2 apt-get -y install postgresql-client python3-psycopg2
echo "Installing PostgreSQL client: Done"
pgsql_command1="CREATE DATABASE $sql_name ENCODING 'UTF8' LC_COLLATE='fr_FR.UTF-8' LC_CTYPE='fr_FR.UTF-8';" pgsql_command1="CREATE DATABASE $sql_name ENCODING 'UTF8' LC_COLLATE='fr_FR.UTF-8' LC_CTYPE='fr_FR.UTF-8';"
pgsql_command2="CREATE USER $sql_login with password '$sql_password';" pgsql_command2="CREATE USER $sql_login with password '$sql_password';"
pgsql_command3="ALTER DATABASE $sql_name owner to $sql_login;" pgsql_command3="ALTER DATABASE $sql_name owner to $sql_login;"
if [ $sql_is_local == 1 ]
then if [ $sql_is_local == 1 ]; then
echo "Setting up local PostgreSQL server ..."
apt-get -y install postgresql apt-get -y install postgresql
sudo -u postgres psql --command="$pgsql_command1" sudo -u postgres psql --command="$pgsql_command1"
sudo -u postgres psql --command="$pgsql_command2" sudo -u postgres psql --command="$pgsql_command2"
sudo -u postgres psql --command="$pgsql_command3" sudo -u postgres psql --command="$pgsql_command3"
echo "Setting up local PostgreSQL server: Done"
else else
echo "Please execute the following commands on the remote SQL server and then continue" echo "Please execute the following commands on the remote SQL server and then continue"
echo "sudo -u postgres psql $pgsql_command1" echo "sudo -u postgres psql $pgsql_command1"
echo "sudo -u postgres psql $pgsql_command2" echo "sudo -u postgres psql $pgsql_command2"
echo "sudo -u postgres psql $pgsql_command3" echo "sudo -u postgres psql $pgsql_command3"
while true while true; do
do
read -p "Continue (y/n)?" choice read -p "Continue (y/n)?" choice
case "$choice" in case "$choice" in
y|Y ) break;; y|Y ) break;;
@ -309,38 +397,56 @@ else
esac esac
done done
fi fi
fi fi
echo "Setting up the database: Done"
############################
## Setup active directory ##
############################
echo "LDAP setup" echo "Setting up the active direcory ..."
if [ $ldap_is_local == 1 ]
then if [ $ldap_is_local == 1 ]; then
echo "Setting up local active directory ..."
setup_ldap $ldap_password $ldap_dn setup_ldap $ldap_password $ldap_dn
echo "Setting up local active directory: Done"
else else
TITLE="LDAP server setup"
MSGBOX="Please manually setup the remote LDAP server by launching the following commands: ./install_re2o.sh ldap $ldap_password $ldap_dn" echo "Please execute the following command on the remote LDAP server and then continue"
ldap_setup=$(dialog --clear \ echo "./install_re2o.sh ldap $ldap_password $ldap_dn"
--title "$TITLE" \ while true; do
--msgbox "$MSGBOX" \ read -p "Continue (y/n)?" choice
$HEIGHT $WIDTH \ case "$choice" in
2>&1 >/dev/tty) y|Y ) break;;
n|N ) exit;;
* ) echo "Invalid";;
esac
done
fi fi
echo "Setting up the active directory: Done"
###################################
## Setup settings_locale.py file ##
###################################
echo "Writing of the settings_local.py file" echo "Writing of the settings_local.py file ..."
django_secret_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(50)]))") django_secret_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(50)]))")
aes_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(32)]))") aes_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(32)]))")
cp re2o/settings_local.example.py re2o/settings_local.py cp re2o/settings_local.example.py re2o/settings_local.py
if [ $sql_bdd_type == 1 ]
then if [ $sql_bdd_type == 1 ]; then
sed -i 's/db_engine/django.db.backends.mysql/g' re2o/settings_local.py sed -i 's/db_engine/django.db.backends.mysql/g' re2o/settings_local.py
else else
sed -i 's/db_engine/django.db.backends.postgresql_psycopg2/g' re2o/settings_local.py sed -i 's/db_engine/django.db.backends.postgresql_psycopg2/g' re2o/settings_local.py
@ -352,8 +458,7 @@ sed -i 's/db_name_value/'"$sql_name"'/g' re2o/settings_local.py
sed -i 's/db_user_value/'"$sql_login"'/g' re2o/settings_local.py sed -i 's/db_user_value/'"$sql_login"'/g' re2o/settings_local.py
sed -i 's/db_host_value/'"$sql_host"'/g' re2o/settings_local.py sed -i 's/db_host_value/'"$sql_host"'/g' re2o/settings_local.py
sed -i 's/ldap_dn/'"$ldap_cn"'/g' re2o/settings_local.py sed -i 's/ldap_dn/'"$ldap_cn"'/g' re2o/settings_local.py
if [ $ldap_tls == 2 ] if [ $ldap_tls == 2 ]; then
then
sed -i "s/'TLS': True,/# 'TLS': True,#/g" re2o/settings_local.py sed -i "s/'TLS': True,/# 'TLS': True,#/g" re2o/settings_local.py
fi fi
sed -i 's/SUPER_SECRET_LDAP/'"$ldap_password"'/g' re2o/settings_local.py sed -i 's/SUPER_SECRET_LDAP/'"$ldap_password"'/g' re2o/settings_local.py
@ -362,137 +467,132 @@ sed -i 's/dc=example,dc=org/'"$ldap_dn"'/g' re2o/settings_local.py
sed -i 's/example.org/'"$extension_locale"'/g' re2o/settings_local.py sed -i 's/example.org/'"$extension_locale"'/g' re2o/settings_local.py
sed -i 's/MY_EMAIL_HOST/'"$email_host"'/g' re2o/settings_local.py sed -i 's/MY_EMAIL_HOST/'"$email_host"'/g' re2o/settings_local.py
sed -i 's/MY_EMAIL_PORT/'"$email_port"'/g' re2o/settings_local.py sed -i 's/MY_EMAIL_PORT/'"$email_port"'/g' re2o/settings_local.py
TITLE="Django setup"
MSGBOX="Applying the Django database migrations"
migrations=$(dialog --clear \
--title "$TITLE" \
--msgbox "$MSGBOX" \
$HEIGHT $WIDTH \
2>&1 >/dev/tty)
python3 manage.py migrate
TITLE="Django setup"
MSGBOX="Collecting statics"
static=$(dialog --clear \
--title "$TITLE" \
--msgbox "$MSGBOX" \
$HEIGHT $WIDTH \
2>&1 >/dev/tty)
python3 manage.py collectstatic
BACKTITLE="Web server"
TITLE="Web server to use"
MENU="Which web server to install for accessing Re2o web frontend (automatic setup of nginx is not supported) ?"
OPTIONS=(1 "apache2"
2 "nginx")
web_serveur=$(dialog --clear \
--backtitle "$BACKTITLE" \
--title "$TITLE" \
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
clear
TITLE="Web URL"
INPUTBOX="URL for accessing the web server (e.g. re2o.example.net). Be sure that this URL is accessible and correspond to a DNS entry if applicable."
url_server=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$INPUTBOX" \
$HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
TITLE="TLS on web server"
MENU="Would you like to activate the TLS (with Let'Encrypt) on the web server ?"
OPTIONS=(1 "Yes"
2 "No")
is_tls=$(dialog --clear \
--backtitle "$BACKTITLE" \
--title "$TITLE" \
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
clear
sed -i 's/URL_SERVER/'"$url_server"'/g' re2o/settings_local.py sed -i 's/URL_SERVER/'"$url_server"'/g' re2o/settings_local.py
if [ $web_serveur == 1 ] echo "Writing of the settings_local.py file: Done"
then
#############################
## Apply Django migrations ##
#############################
echo "Applying Django migrations ..."
python3 manage.py migrate
echo "Applying Django migrations: Done"
######################
## Create superuser ##
######################
echo "Creating a superuser ..."
python3 manage.py createsuperuser
echo "Creating a superuser: Done"
##################################
## Collect web frontend statics ##
##################################
echo "Collecting web frontend statics ..."
python3 manage.py collectstatic
echo "Collecting web frontend statics: Done"
#######################
## Set up web server ##
#######################
echo "Setting up web server ..."
if [ $web_serveur == 1 ]; then
echo "Setting up Apache2 web server ..."
apt-get -y install apache2 libapache2-mod-wsgi-py3 apt-get -y install apache2 libapache2-mod-wsgi-py3
a2enmod ssl a2enmod ssl
a2enmod wsgi a2enmod wsgi
if [ $is_tls == 1 ]
then if [ $is_tls == 1 ]; then
echo "Setting up TLS with LE for Apache2 web server ..."
cp install_utils/apache2/re2o-tls.conf /etc/apache2/sites-available/re2o.conf cp install_utils/apache2/re2o-tls.conf /etc/apache2/sites-available/re2o.conf
apt-get -y install certbot apt-get -y install certbot
apt-get -y install python-certbot-apache apt-get -y install python-certbot-apache
certbot certonly --rsa-key-size 4096 --apache -d $url_server certbot certonly --rsa-key-size 4096 --apache -d $url_server
sed -i 's/LE_PATH/'"$url_server"'/g' /etc/apache2/sites-available/re2o.conf sed -i 's/LE_PATH/'"$url_server"'/g' /etc/apache2/sites-available/re2o.conf
echo "Setting up TLS with LE for Apache2 web server: Done"
else else
cp install_utils/apache2/re2o.conf /etc/apache2/sites-available/re2o.conf cp install_utils/apache2/re2o.conf /etc/apache2/sites-available/re2o.conf
fi fi
rm /etc/apache2/sites-enabled/000-default.conf rm /etc/apache2/sites-enabled/000-default.conf
sed -i 's|URL_SERVER|'"$url_server"'|g' /etc/apache2/sites-available/re2o.conf sed -i 's|URL_SERVER|'"$url_server"'|g' /etc/apache2/sites-available/re2o.conf
current_path=$(pwd) current_path=$(pwd)
sed -i 's|PATH|'"$current_path"'|g' /etc/apache2/sites-available/re2o.conf sed -i 's|PATH|'"$current_path"'|g' /etc/apache2/sites-available/re2o.conf
a2ensite re2o a2ensite re2o
echo "Setting up Apache2 web server: Done"
echo "Reloading Apache2 service ..."
service apache2 reload service apache2 reload
echo "Reloading Apache2 service: Done"
else else
TITLE="Web server setup"
MSGBOX="Nginx automatic setup is not supported. Please configure it manually." echo "Nginx automatic setup is not supported. Please configure it manually."
web_server=$(dialog --clear \ echo "Please onfirm you have acknowledged this message."
--title "$TITLE" \ while true; do
--msgbox "$MSGBOX" \ read -p "Acknowledged (y/n)?" choice
$HEIGHT $WIDTH \ case "$choice" in
2>&1 >/dev/tty) y|Y ) break;;
n|N ) exit;;
* ) echo "Invalid";;
esac
done
fi fi
python3 manage.py createsuperuser
###########################
## End of the setup step ##
###########################
BACKTITLE="Re2o setup"
# Prompt to inform the installation process is over
TITLE="End of the setup" TITLE="End of the setup"
MSGBOX="You can now visit $url_server and connect with the credentials you just entered. This user hhas the superuser rights, meaning he can access and do everything." MSGBOX="You can now visit $url_server and connect with the credentials you just entered. This user hhas the superuser rights, meaning he can access and do everything."
end=$(dialog --clear \ end=$(dialog --clear --BACKTITLE "$BACKTITLE"\
--title "$TITLE" \ --title "$TITLE" --msgbox "$MSGBOX" \
--msgbox "Vous pouvez à présent vous rendre sur $url_server, et vous connecter. Votre utilisateur dispose des privilèges superuser" \ $HEIGHT $WIDTH 2>&1 >/dev/tty)
$HEIGHT $WIDTH \
2>&1 >/dev/tty)
} }
main_function() { main_function() {
if [ ! -z "$1" ] ### Usage: main_function [ldap <ldap_password> [<local_domain>]]
then #
if [ $1 == ldap ] # This function will parse the arguments to determine which part of the tool to start.
then # If launched with no arguments, the full setup guide will be started.
if [ ! -z "$2" ] # If launched with the 'ldap' argument, only the ldap setup will performed.
then #
echo "Installation du ldap" # Parameters:
# * ldap_password: the clear password for the admin user of the LDAP
# * local_domain: the domain extension to use for the LDAP structure in LDAP notation
###
if [ ! -z "$1" ]; then
if [ $1 == ldap ]; then
if [ ! -z "$2" ]; then
echo "Setting up local active directory ..."
setup_ldap $2 $3 setup_ldap $2 $3
echo "Setting up local active directory: Done"
else else
echo "Arguments invalides !" echo "Arguments invalides !"
echo "Usage: ./install_re2o.sh [ldap <ldap_password> [<local_domain>]]"
exit exit
fi fi
fi fi