Initial pixelfed app

src/freedombone-app-pixelfed

@@ -0,0 +1,426 @@
+#!/bin/bash
+#
+#  _____               _           _
+# |   __|___ ___ ___ _| |___ _____| |_ ___ ___ ___
+# |   __|  _| -_| -_| . | . |     | . | . |   | -_|
+# |__|  |_| |___|___|___|___|_|_|_|___|___|_|_|___|
+#
+#                              Freedom in the Cloud
+#
+# License
+# =======
+#
+# Copyright (C) 2018 Bob Mottram <bob@freedombone.net>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+VARIANTS='full full-vim'
+
+IN_DEFAULT_INSTALL=0
+SHOW_ON_ABOUT=1
+
+PIXELFED_DOMAIN_NAME=
+PIXELFED_CODE=
+PIXELFED_ONION_PORT=9324
+PIXELFED_REPO="https://github.com/dansup/pixelfed"
+PIXELFED_COMMIT='9fbc5d0902fbc2042a6d2bb698cc3802e7b25508'
+
+# These parameters are used by the FreedomBox mobile app
+PIXELFED_SHORT_DESCRIPTION='Federated image sharing'
+PIXELFED_DESCRIPTION='Federated image sharing'
+PIXELFED_MOBILE_APP_URL=
+
+pixelfed_variables=(ONION_ONLY
+                    PIXELFED_DOMAIN_NAME
+                    PIXELFED_CODE
+                    DDNS_PROVIDER
+                    MY_USERNAME)
+
+function logging_on_pixelfed {
+    echo -n ''
+}
+
+function logging_off_pixelfed {
+    echo -n ''
+}
+
+function remove_user_pixelfed {
+    remove_username="$1"
+
+    "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp pixelfed
+}
+
+function add_user_pixelfed {
+    new_username="$1"
+    new_user_password="$2"
+
+    "${PROJECT_NAME}-pass" -u "$new_username" -a pixelfed -p "$new_user_password"
+    echo '0'
+}
+
+function install_interactive_pixelfed {
+    if [ ! "$ONION_ONLY" ]; then
+        ONION_ONLY='no'
+    fi
+
+    if [[ "$ONION_ONLY" != "no" ]]; then
+        PIXELFED_DOMAIN_NAME='pixelfed.local'
+        write_config_param "PIXELFED_DOMAIN_NAME" "$PIXELFED_DOMAIN_NAME"
+    else
+        interactive_site_details "pixelfed" "PIXELFED_DOMAIN_NAME" "PIXELFED_CODE"
+    fi
+    APP_INSTALLED=1
+}
+
+function change_password_pixelfed {
+    curr_username="$1"
+    new_user_password="$2"
+
+    read_config_param 'PIXELFED_DOMAIN_NAME'
+
+    "${PROJECT_NAME}-pass" -u "$curr_username" -a pixelfed -p "$new_user_password"
+}
+
+function pixelfed_create_database {
+    if [ -f "$IMAGE_PASSWORD_FILE" ]; then
+        PIXELFED_ADMIN_PASSWORD="$(printf "%d" "$(cat "")")"
+    else
+        if [ ! "$PIXELFED_ADMIN_PASSWORD" ]; then
+            PIXELFED_ADMIN_PASSWORD=$(create_password "${MINIMUM_PASSWORD_LENGTH}")
+        fi
+    fi
+    if [ ! "$PIXELFED_ADMIN_PASSWORD" ]; then
+        return
+    fi
+
+    create_database pixelfed "$PIXELFED_ADMIN_PASSWORD" "$MY_USERNAME"
+}
+
+function reconfigure_pixelfed {
+    # This is used if you need to switch identity. Dump old keys and generate new ones
+    echo -n ''
+}
+
+function configure_interactive_pixelfed {
+    W=(1 $"Option 1"
+       2 $"Option 2")
+
+    while true
+    do
+        # shellcheck disable=SC2068
+        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"pixelfed" --menu $"Choose an operation, or ESC for main menu:" 14 70 3 "${W[@]}" 3>&2 2>&1 1>&3)
+
+        if [ ! "$selection" ]; then
+           break
+        fi
+        case $selection in
+            1) # call some function for option 1
+               ;;
+            2) # call some function for option 2
+               ;;
+        esac
+    done
+}
+
+function upgrade_pixelfed {
+    CURR_PIXELFED_COMMIT=$(get_completion_param "pixelfed commit")
+    if [[ "$CURR_PIXELFED_COMMIT" == "$PIXELFED_COMMIT" ]]; then
+        return
+    fi
+
+    if grep -q "pixelfed domain" "$COMPLETION_FILE"; then
+        PIXELFED_DOMAIN_NAME=$(get_completion_param "pixelfed domain")
+    fi
+
+    # update to the next commit
+    set_repo_commit "/var/www/$PIXELFED_DOMAIN_NAME/htdocs" "pixelfed commit" "$PIXELFED_COMMIT" "$PIXELFED_REPO"
+
+    cd "/var/www/${PIXELFED_DOMAIN_NAME}/htdocs" || exit 634873561
+    install_composer
+
+    chown -R www-data:www-data "/var/www/${PIXELFED_DOMAIN_NAME}/htdocs"
+}
+
+function backup_local_pixelfed {
+    PIXELFED_DOMAIN_NAME='pixelfed'
+    if grep -q "pixelfed domain" "$COMPLETION_FILE"; then
+        PIXELFED_DOMAIN_NAME=$(get_completion_param "pixelfed domain")
+    fi
+
+    source_directory=/var/www/${PIXELFED_DOMAIN_NAME}/htdocs
+
+    suspend_site "${PIXELFED_DOMAIN_NAME}"
+
+    dest_directory=pixelfed
+    backup_directory_to_usb "$source_directory" $dest_directory
+
+    backup_database_to_usb pixelfed
+
+    restart_site
+}
+
+function restore_local_pixelfed {
+    if ! grep -q "pixelfed domain" "$COMPLETION_FILE"; then
+        return
+    fi
+    PIXELFED_DOMAIN_NAME=$(get_completion_param "pixelfed domain")
+    if [ ! "$PIXELFED_DOMAIN_NAME" ]; then
+        return
+    fi
+    suspend_site "${PIXELFED_DOMAIN_NAME}"
+    temp_restore_dir=/root/temppixelfed
+    pixelfed_dir=/var/www/${PIXELFED_DOMAIN_NAME}/htdocs
+
+    pixelfed_create_database
+
+    restore_database pixelfed
+    if [ -d $temp_restore_dir ]; then
+        rm -rf $temp_restore_dir
+    fi
+
+    restore_directory_from_usb $temp_restore_dir pixelfed
+    if [ -d $temp_restore_dir ]; then
+        if [ -d "$temp_restore_dir$pixelfed_dir" ]; then
+            cp -rp "$temp_restore_dir$pixelfed_dir"/* "$pixelfed_dir"/
+        else
+            if [ ! -d "$pixelfed_dir" ]; then
+                mkdir "$pixelfed_dir"
+            fi
+            cp -rp "$temp_restore_dir"/* "$pixelfed_dir"/
+        fi
+        chown -R www-data:www-data "$pixelfed_dir"
+        rm -rf $temp_restore_dir
+    fi
+    restart_site
+}
+
+function backup_remote_pixelfed {
+    PIXELFED_DOMAIN_NAME='pixelfed'
+    if grep -q "pixelfed domain" "$COMPLETION_FILE"; then
+        PIXELFED_DOMAIN_NAME=$(get_completion_param "pixelfed domain")
+    fi
+
+    source_directory=/var/www/${PIXELFED_DOMAIN_NAME}/htdocs
+
+    suspend_site "${PIXELFED_DOMAIN_NAME}"
+
+    dest_directory=pixelfed
+    backup_directory_to_friend "$source_directory" $dest_directory
+    backup_database_to_friend pixelfed
+
+
+    restart_site
+}
+
+function restore_remote_pixelfed {
+    if ! grep -q "pixelfed domain" "$COMPLETION_FILE"; then
+        return
+    fi
+    PIXELFED_DOMAIN_NAME=$(get_completion_param "pixelfed domain")
+    if [ ! "$PIXELFED_DOMAIN_NAME" ]; then
+        return
+    fi
+    suspend_site "${PIXELFED_DOMAIN_NAME}"
+    temp_restore_dir=/root/temppixelfed
+    pixelfed_dir=/var/www/${PIXELFED_DOMAIN_NAME}/htdocs
+
+    pixelfed_create_database
+
+    restore_database_from_friend pixelfed
+    if [ -d "$temp_restore_dir" ]; then
+        rm -rf $temp_restore_dir
+    fi
+
+    restore_directory_from_friend $temp_restore_dir pixelfed
+    if [ -d $temp_restore_dir ]; then
+        if [ -d "$temp_restore_dir$pixelfed_dir" ]; then
+            cp -rp "$temp_restore_dir$pixelfed_dir"/* "$pixelfed_dir"/
+        else
+            if [ ! -d "$pixelfed_dir" ]; then
+                mkdir "$pixelfed_dir"
+            fi
+            cp -rp $temp_restore_dir/* "$pixelfed_dir"/
+        fi
+        chown -R www-data:www-data "$pixelfed_dir"
+        rm -rf $temp_restore_dir
+    fi
+    restart_site
+}
+
+function remove_pixelfed {
+    nginx_dissite "$PIXELFED_DOMAIN_NAME"
+    remove_certs "$PIXELFED_DOMAIN_NAME"
+
+
+    if [ -d "/var/www/$PIXELFED_DOMAIN_NAME" ]; then
+        rm -rf "/var/www/$PIXELFED_DOMAIN_NAME"
+    fi
+    if [ -f "/etc/nginx/sites-available/$PIXELFED_DOMAIN_NAME" ]; then
+        rm "/etc/nginx/sites-available/$PIXELFED_DOMAIN_NAME"
+    fi
+    drop_database pixelfed
+    remove_onion_service pixelfed "${PIXELFED_ONION_PORT}"
+    if grep -q "pixelfed" /etc/crontab; then
+        sed -i "/pixelfed/d" /etc/crontab
+    fi
+    remove_app pixelfed
+    remove_completion_param install_pixelfed
+    sed -i '/pixelfed/d' "$COMPLETION_FILE"
+
+    remove_ddns_domain "$PIXELFED_DOMAIN_NAME"
+}
+
+function install_pixelfed {
+    install_mariadb
+
+    get_mariadb_password
+
+    apt-get -yq install php-gettext php-curl php-gd php-mysql git curl
+    apt-get -yq install memcached php-memcached php-intl exiftool libfcgi0ldbl
+    apt-get -yq install redis-server php-redis autoconf imagemagick imagemagick-dev libtool
+
+    if [ ! "$PIXELFED_DOMAIN_NAME" ]; then
+        echo $'No domain name was given'
+        exit 3568356
+    fi
+
+    if [ -d "/var/www/$PIXELFED_DOMAIN_NAME/htdocs" ]; then
+        rm -rf "/var/www/$PIXELFED_DOMAIN_NAME/htdocs"
+    fi
+    if [ -d /repos/pixelfed ]; then
+        mkdir "/var/www/$PIXELFED_DOMAIN_NAME/htdocs"
+        cp -r -p /repos/pixelfed/. "/var/www/$PIXELFED_DOMAIN_NAME/htdocs"
+        cd "/var/www/$PIXELFED_DOMAIN_NAME/htdocs" || exit 324687356
+        git pull
+    else
+        git_clone "$PIXELFED_REPO" "/var/www/$PIXELFED_DOMAIN_NAME/htdocs"
+    fi
+
+    if [ ! -d "/var/www/$PIXELFED_DOMAIN_NAME/htdocs" ]; then
+        echo $'Unable to clone pixelfed repo'
+        exit 87525
+    fi
+
+    cd "/var/www/$PIXELFED_DOMAIN_NAME/htdocs" || exit 36587356
+    git checkout "$PIXELFED_COMMIT" -b "$PIXELFED_COMMIT"
+    set_completion_param "pixelfed commit" "$PIXELFED_COMMIT"
+
+    chmod g+w "/var/www/$PIXELFED_DOMAIN_NAME/htdocs"
+    chown -R www-data:www-data "/var/www/$PIXELFED_DOMAIN_NAME/htdocs"
+
+    pixelfed_create_database
+
+    add_ddns_domain "$PIXELFED_DOMAIN_NAME"
+
+    PIXELFED_ONION_HOSTNAME=$(add_onion_service pixelfed 80 "${PIXELFED_ONION_PORT}")
+
+    pixelfed_nginx_site=/etc/nginx/sites-available/$PIXELFED_DOMAIN_NAME
+    if [[ "$ONION_ONLY" == "no" ]]; then
+        nginx_http_redirect "$PIXELFED_DOMAIN_NAME" "index index.php"
+        { echo 'server {';
+          echo '  listen 443 ssl;';
+          echo '  #listen [::]:443 ssl;';
+          echo "  server_name $PIXELFED_DOMAIN_NAME;";
+          echo ''; } >> "$pixelfed_nginx_site"
+        nginx_compress "$PIXELFED_DOMAIN_NAME"
+        echo '' >> "$pixelfed_nginx_site"
+        echo '  # Security' >> "$pixelfed_nginx_site"
+        nginx_ssl "$PIXELFED_DOMAIN_NAME"
+
+        nginx_security_options "$PIXELFED_DOMAIN_NAME"
+
+        { echo '  add_header Strict-Transport-Security max-age=15768000;';
+          echo '';
+          echo '    access_log /dev/null;';
+          echo '    error_log /dev/null;';
+          echo '';
+          echo "    root /var/www/$PIXELFED_DOMAIN_NAME/htdocs;";
+          echo '';
+          echo '  index index.php;';
+          echo '  location ~ \.php {';
+          echo '    include snippets/fastcgi-php.conf;';
+          echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
+          echo '    fastcgi_read_timeout 30;';
+          echo '    fastcgi_param HTTPS on;';
+          echo '  }';
+          echo '';
+          echo '  # Location';
+          echo '  location / {'; } >> "$pixelfed_nginx_site"
+        nginx_limits "$PIXELFED_DOMAIN_NAME" '15m'
+        { echo "    try_files \$uri \$uri/ /index.php?\$args;";
+          echo '  }';
+          echo '}'; } >> "$pixelfed_nginx_site"
+    else
+        echo -n '' > "$pixelfed_nginx_site"
+    fi
+    { echo 'server {';
+      echo "    listen 127.0.0.1:$PIXELFED_ONION_PORT default_server;";
+      echo "    server_name $PIXELFED_ONION_HOSTNAME;";
+      echo ''; } >> "$pixelfed_nginx_site"
+    nginx_compress "$PIXELFED_DOMAIN_NAME"
+    echo '' >> "$pixelfed_nginx_site"
+    nginx_security_options "$PIXELFED_DOMAIN_NAME"
+    { echo '';
+      echo '    access_log /dev/null;';
+      echo '    error_log /dev/null;';
+      echo '';
+      echo "    root /var/www/$PIXELFED_DOMAIN_NAME/htdocs;";
+      echo '';
+      echo '  index index.php;';
+      echo '  location ~ \.php {';
+      echo '    include snippets/fastcgi-php.conf;';
+      echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
+      echo '    fastcgi_read_timeout 30;';
+      echo '    fastcgi_param HTTPS off;';
+      echo '  }';
+      echo '';
+      echo '  # Location';
+      echo '  location / {'; } >> "$pixelfed_nginx_site"
+    nginx_limits "$PIXELFED_DOMAIN_NAME" '15m'
+    { echo "    try_files \$uri \$uri/ index.php?\$args;";
+      echo '  }';
+      echo '}'; } >> "$pixelfed_nginx_site"
+
+    configure_php
+
+    cd "/var/www/$PIXELFED_DOMAIN_NAME/htdocs" || exit 36587357
+
+    cp "/var/www/$PIXELFED_DOMAIN_NAME/htdocs/.env.example" "/var/www/$PIXELFED_DOMAIN_NAME/htdocs/.env"
+    sed -i "s|APP_URL=http://.*|APP_URL=https://\$PIXELFED_DOMAIN_NAME|g" "/var/www/$PIXELFED_DOMAIN_NAME/htdocs/.env"
+    sed -i "s|DB_DATABASE=.*|DB_DATABASE=pixelfed|g" "/var/www/$PIXELFED_DOMAIN_NAME/htdocs/.env"
+    sed -i "s|DB_USERNAME=.*|DB_USERNAME=root|g" "/var/www/$PIXELFED_DOMAIN_NAME/htdocs/.env"
+    sed -i "s|DB_PASSWORD=.*|DB_PASSWORD=$MARIADB_PASSWORD|g" "/var/www/$PIXELFED_DOMAIN_NAME/htdocs/.env"
+    sed -i "s|MAIL_HOST=.*|MAIL_HOST=localhost|g" "/var/www/$PIXELFED_DOMAIN_NAME/htdocs/.env"
+    sed -i "s|MAIL_PORT=.*|MAIL_PORT=25|g" "/var/www/$PIXELFED_DOMAIN_NAME/htdocs/.env"
+
+    install_composer
+    chown -R www-data:www-data "/var/www/$PIXELFED_DOMAIN_NAME/htdocs"
+
+    create_site_certificate "$PIXELFED_DOMAIN_NAME" 'yes'
+
+    nginx_ensite "$PIXELFED_DOMAIN_NAME"
+
+    systemctl restart mariadb
+
+    systemctl restart php7.0-fpm
+
+    systemctl restart nginx
+
+    "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a pixelfed -p "$PIXELFED_ADMIN_PASSWORD"
+    set_completion_param "pixelfed domain" "$PIXELFED_DOMAIN_NAME"
+
+    APP_INSTALLED=1
+}
+
+# NOTE: deliberately there is no "exit 0"